View Javadoc

1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.ws.security;
21  
22  import org.w3c.dom.Element;
23  
24  import org.apache.ws.security.handler.RequestData;
25  
26  import javax.security.auth.callback.Callback;
27  
28  /**
29   * Simple class to provide a password callback mechanism.
30   *
31   * It uses the JAAS authentication mechanisms and callback methods.
32   * In addition to the identifier (user name) this class also provides
33   * information what type of information the callback <code>handle</code>
34   * method shall provide.
35   *
36   * @author Werner Dittmann (Werner.Dittmann@siemens.com).
37   */
38  public class WSPasswordCallback implements Callback {
39  
40      /**
41       * An unknown usage. Never used by the WSS4J implementation and should be treated 
42       * as an error.
43       */
44      public static final int UNKNOWN = 0;
45      
46      /**
47       * DECRYPT usage is used when the calling code needs a password to get the private key of
48       * this identifier (alias) from a keystore. This is only used for the inbound case of
49       * decrypting a session (symmetric) key, and not for the case of getting a private key to
50       * sign the message. The CallbackHandler must set the password via the setPassword(String) 
51       * method.
52       */
53      public static final int DECRYPT = 1;
54      
55      /**
56       * USERNAME_TOKEN usage is used to obtain a password for either creating a Username Token,
57       * or for validating it. It is also used for the case of deriving a key from a Username Token.
58       * The CallbackHandler must set the password via the setPassword(String) method.
59       */
60      public static final int USERNAME_TOKEN = 2;
61      
62      /**
63       * SIGNATURE usage is used on the outbound side only, to get a password to get the private
64       * key of this identifier (alias) from a keystore. The CallbackHandler must set the password 
65       * via the setPassword(String) method.
66       */
67      public static final int SIGNATURE = 3;
68      
69      /**
70       * This identifier is deprecated and not used any more.
71       */
72      @Deprecated
73      public static final int KEY_NAME = 4;
74      
75      /**
76       * This identifier is deprecated and not used any more.
77       */
78      @Deprecated
79      public static final int USERNAME_TOKEN_UNKNOWN = 5;
80      
81      /**
82       * SECURITY_CONTEXT_TOKEN usage is for the case of when we want the CallbackHandler to 
83       * supply the key associated with a SecurityContextToken. The CallbackHandler must set 
84       * the key via the setKey(byte[]) method.
85       */
86      public static final int SECURITY_CONTEXT_TOKEN = 6;
87      
88      /**
89       * CUSTOM_TOKEN usage is used for the case that we want the CallbackHandler to supply a
90       * token as a DOM Element. For example, this is used for the case of a reference to a 
91       * SAML Assertion or Security Context Token that is not in the message. The CallbackHandler 
92       * must set the token via the setCustomToken(Element) method.
93       */
94      public static final int CUSTOM_TOKEN = 7;
95      
96      /**
97       * This identifier is deprecated and not used any more.
98       */
99      @Deprecated
100     public static final int ENCRYPTED_KEY_TOKEN = 8;
101     
102     /**
103      * SECRET_KEY usage is used for the case that we want to obtain a secret key for encryption
104      * or signature on the outbound side, or for decryption or verification on the inbound side.
105      * The CallbackHandler must set the key via the setKey(byte[]) method.
106      */
107     public static final int SECRET_KEY = 9;
108     
109     private String identifier;
110     private String password;
111     private byte[] key;
112     private int usage;
113     private String type;
114     private Element customToken;
115     private RequestData data;
116     
117     /**
118      * Constructor.
119      *
120      * @param id The application called back must supply the password for
121      *           this identifier.
122      */
123     public WSPasswordCallback(String id, int usage) {
124         this(id, null, null, usage, null);
125     }
126     /**
127      * Constructor.
128      *
129      * @param id The application called back must supply the password for
130      *           this identifier.
131      */
132     public WSPasswordCallback(String id, String pw, String type, int usage) {
133         identifier = id;
134         password = pw;
135         this.type = type;
136         this.usage = usage;
137     }
138     /**
139      * Constructor.
140      *
141      * @param id The application called back must supply the password for
142      *           this identifier.
143      */
144     public WSPasswordCallback(String id, String pw, String type, int usage, RequestData data) {
145         identifier = id;
146         password = pw;
147         this.type = type;
148         this.usage = usage;
149         this.data = data;
150     }
151     
152     /**
153      * Get the identifier.
154      * <p/>
155      *
156      * @return The identifier
157      */
158     public String getIdentifier() {
159         return identifier;
160     }
161     
162     /**
163      * Set the identifier
164      * @param ident The identity.
165      */
166     public void setIdentifier(String ident) {
167         this.identifier = ident;
168     }
169 
170     /**
171      * Set the password.
172      * <p/>
173      *
174      * @param passwd is the password associated to the identifier
175      */
176     public void setPassword(String passwd) {
177         password = passwd;
178     }
179 
180     /**
181      * Get the password.
182      * <p/>
183      *
184      * @return The password
185      */
186     public String getPassword() {
187         return password;
188     }
189 
190     /**
191      * Set the Key.
192      * <p/>
193      *
194      * @param key is the key associated to the identifier
195      */
196     public void setKey(byte[] key) {
197         this.key = key;
198     }
199 
200     /**
201      * Get the key.
202      * <p/>
203      *
204      * @return The key
205      */
206     public byte[] getKey() {
207         return this.key;
208     }
209 
210     /**
211      * Get the usage.
212      * <p/>
213      *
214      * @return The usage for this callback
215      */
216     public int getUsage() {
217         return usage;
218     }
219     
220     /**
221      * @return Returns the type.
222      */
223     public String getType() {
224         return type;
225     }
226 
227     /**
228      * 
229      * @return the custom token
230      */
231     public Element getCustomToken() {
232         return customToken;
233     }
234 
235     /**
236      * Set the custom token
237      * @param customToken
238      */
239     public void setCustomToken(Element customToken) {
240         this.customToken = customToken;
241     }
242     
243     
244     /**
245      * Returns the RequestData associated with the request
246      * @return the RequestData associated with the request
247      */
248     public RequestData getRequestData() {
249         return data;
250     }
251 }
252 
253