ServletCallbackHandler xref

View Javadoc

1   // ========================================================================
2   // Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // All rights reserved. This program and the accompanying materials
5   // are made available under the terms of the Eclipse Public License v1.0
6   // and Apache License v2.0 which accompanies this distribution.
7   // The Eclipse Public License is available at 
8   // http://www.eclipse.org/legal/epl-v10.html
9   // The Apache License v2.0 is available at
10  // http://www.opensource.org/licenses/apache2.0.php
11  // You may elect to redistribute this code under either of these licenses. 
12  // ========================================================================
13  
14  package org.eclipse.jetty.security.jaspi;
15  
16  import java.io.IOException;
17  
18  import javax.security.auth.Subject;
19  import javax.security.auth.callback.Callback;
20  import javax.security.auth.callback.CallbackHandler;
21  import javax.security.auth.callback.UnsupportedCallbackException;
22  import javax.security.auth.message.callback.CallerPrincipalCallback;
23  import javax.security.auth.message.callback.CertStoreCallback;
24  import javax.security.auth.message.callback.GroupPrincipalCallback;
25  import javax.security.auth.message.callback.PasswordValidationCallback;
26  import javax.security.auth.message.callback.PrivateKeyCallback;
27  import javax.security.auth.message.callback.SecretKeyCallback;
28  import javax.security.auth.message.callback.TrustStoreCallback;
29  
30  import org.eclipse.jetty.security.LoginService;
31  import org.eclipse.jetty.security.authentication.LoginCallback;
32  import org.eclipse.jetty.security.authentication.LoginCallbackImpl;
33  import org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback;
34  import org.eclipse.jetty.server.UserIdentity;
35  
36  /**
37   * 
38   * Idiot class required by jaspi stupidity
39   * 
40   * @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $
41   */
42  public class ServletCallbackHandler implements CallbackHandler
43  {
44      private final LoginService _loginService;
45  
46      private final ThreadLocal<CallerPrincipalCallback> _callerPrincipals = new ThreadLocal<CallerPrincipalCallback>();
47      private final ThreadLocal<GroupPrincipalCallback> _groupPrincipals = new ThreadLocal<GroupPrincipalCallback>();
48  
49      public ServletCallbackHandler(LoginService loginService)
50      {
51          _loginService = loginService;
52      }
53  
54      public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
55      {
56          for (Callback callback : callbacks)
57          {
58              // jaspi to server communication
59              if (callback instanceof CallerPrincipalCallback)
60              {
61                  _callerPrincipals.set((CallerPrincipalCallback) callback);
62              }
63              else if (callback instanceof GroupPrincipalCallback)
64              {
65                  _groupPrincipals.set((GroupPrincipalCallback) callback);
66              }
67              else if (callback instanceof PasswordValidationCallback)
68              {
69                  PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
70                  Subject subject = passwordValidationCallback.getSubject();
71  
72                  UserIdentity user = _loginService.login(passwordValidationCallback.getUsername(),passwordValidationCallback.getPassword());
73                  
74                  if (user!=null)
75                  {
76                      passwordValidationCallback.setResult(true);
77                      passwordValidationCallback.getSubject().getPrincipals().addAll(user.getSubject().getPrincipals());
78                      passwordValidationCallback.getSubject().getPrivateCredentials().add(user);
79                  }
80              }
81              else if (callback instanceof CredentialValidationCallback)
82              {
83                  CredentialValidationCallback credentialValidationCallback = (CredentialValidationCallback) callback;
84                  Subject subject = credentialValidationCallback.getSubject();
85                  LoginCallback loginCallback = new LoginCallbackImpl(subject,
86                          credentialValidationCallback.getUsername(),
87                          credentialValidationCallback.getCredential());
88  
89                  UserIdentity user = _loginService.login(credentialValidationCallback.getUsername(),credentialValidationCallback.getCredential());
90  
91                  if (user!=null)
92                  {
93                      credentialValidationCallback.setResult(true);
94  
95                      credentialValidationCallback.getSubject().getPrincipals().addAll(user.getSubject().getPrincipals());
96                      credentialValidationCallback.getSubject().getPrivateCredentials().add(user);
97                  }
98              }
99              // server to jaspi communication
100             // TODO implement these
101             else if (callback instanceof CertStoreCallback)
102             {
103             }
104             else if (callback instanceof PrivateKeyCallback)
105             {
106             }
107             else if (callback instanceof SecretKeyCallback)
108             {
109             }
110             else if (callback instanceof TrustStoreCallback)
111             {
112             }
113             else
114             {
115                 throw new UnsupportedCallbackException(callback);
116             }
117         }
118     }
119 
120     public CallerPrincipalCallback getThreadCallerPrincipalCallback()
121     {
122         CallerPrincipalCallback callerPrincipalCallback = _callerPrincipals.get();
123         _callerPrincipals.remove();
124         return callerPrincipalCallback;
125     }
126 
127     public GroupPrincipalCallback getThreadGroupPrincipalCallback()
128     {
129         GroupPrincipalCallback groupPrincipalCallback = _groupPrincipals.get();
130         _groupPrincipals.remove();
131         return groupPrincipalCallback;
132     }
133 }