View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.wss4j.dom.action;
21  
22  import org.apache.wss4j.common.SecurityActionToken;
23  import org.apache.wss4j.common.ext.WSPasswordCallback;
24  import org.apache.wss4j.common.ext.WSSecurityException;
25  import org.apache.wss4j.dom.handler.RequestData;
26  import org.apache.wss4j.dom.handler.WSHandler;
27  import org.w3c.dom.Element;
28  
29  import javax.security.auth.callback.Callback;
30  import javax.security.auth.callback.CallbackHandler;
31  
32  public class CustomTokenAction implements Action {
33  
34      public void execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
35              throws WSSecurityException {
36          CallbackHandler callbackHandler = reqData.getCallbackHandler();
37          if (callbackHandler == null) {
38              callbackHandler = handler.getPasswordCallbackHandler(reqData);
39          }
40  
41          if (callbackHandler == null) {
42              throw new WSSecurityException(
43                      WSSecurityException.ErrorCode.FAILURE, "noCallback"
44              );
45          }
46  
47          WSPasswordCallback wsPasswordCallback =
48                  new WSPasswordCallback(reqData.getUsername(), WSPasswordCallback.CUSTOM_TOKEN);
49  
50          try {
51              callbackHandler.handle(new Callback[]{wsPasswordCallback});
52          } catch (Exception e) {
53              throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e,
54                      "empty", new Object[]{"WSHandler: password callback failed"});
55          }
56  
57          Element customToken = wsPasswordCallback.getCustomToken();
58          if (customToken == null) {
59              throw new WSSecurityException(
60                      WSSecurityException.ErrorCode.FAILURE, "resourceNotFound", new Object[]{"CustomToken"}
61              );
62          }
63  
64          try {
65              Element securityHeader = reqData.getSecHeader().getSecurityHeaderElement();
66              //Prepare custom token for appending step
67              customToken = (Element) securityHeader.getOwnerDocument().importNode(customToken, true);
68              //Append custom token to security header
69              securityHeader.appendChild(customToken);
70          } catch (Exception e) {
71              throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e,
72                      "empty", new Object[] {"Error appending custom token"});
73          }
74      }
75  }