View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.wss4j.dom.action;
21  
22  import javax.security.auth.callback.CallbackHandler;
23  
24  import org.apache.wss4j.common.SecurityActionToken;
25  import org.apache.wss4j.common.ext.WSPasswordCallback;
26  import org.apache.wss4j.common.ext.WSSecurityException;
27  import org.apache.wss4j.dom.WSConstants;
28  import org.apache.wss4j.dom.handler.RequestData;
29  import org.apache.wss4j.dom.handler.WSHandler;
30  import org.apache.wss4j.dom.message.WSSecUsernameToken;
31  
32  public class UsernameTokenAction implements Action {
33  
34      public void execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
35          throws WSSecurityException {
36          String username = reqData.getUsername();
37          String password = null;
38          if (reqData.getPwType() != null) {
39              CallbackHandler callbackHandler =
40                  handler.getPasswordCallbackHandler(reqData);
41              WSPasswordCallback passwordCallback =
42                  handler.getPasswordCB(reqData.getUsername(), WSConstants.UT, callbackHandler, reqData);
43              username = passwordCallback.getIdentifier();
44              password = passwordCallback.getPassword();
45          }
46  
47          if (username == null) {
48              throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noUser");
49          }
50  
51          WSSecUsernameToken builder = new WSSecUsernameToken(reqData.getSecHeader());
52          builder.setIdAllocator(reqData.getWssConfig().getIdAllocator());
53          builder.setPrecisionInMilliSeconds(reqData.isPrecisionInMilliSeconds());
54          builder.setWsTimeSource(reqData.getWssConfig().getCurrentTime());
55          builder.setPasswordType(reqData.getPwType());
56          builder.setPasswordsAreEncoded(reqData.isEncodePasswords());
57          builder.setUserInfo(username, password);
58          builder.setWsDocInfo(reqData.getWsDocInfo());
59          builder.setExpandXopInclude(reqData.isExpandXopInclude());
60  
61          if (reqData.isAddUsernameTokenNonce()) {
62              builder.addNonce();
63          }
64  
65          if (reqData.isAddUsernameTokenCreated()) {
66              builder.addCreated();
67          }
68  
69          builder.build();
70      }
71  }