1
2
3
4
5
6
7
8
9
10
11
12
13
14 package org.eclipse.jetty.security.jaspi;
15
16 import java.io.IOException;
17
18 import javax.security.auth.Subject;
19 import javax.security.auth.callback.Callback;
20 import javax.security.auth.callback.CallbackHandler;
21 import javax.security.auth.callback.UnsupportedCallbackException;
22 import javax.security.auth.message.callback.CallerPrincipalCallback;
23 import javax.security.auth.message.callback.CertStoreCallback;
24 import javax.security.auth.message.callback.GroupPrincipalCallback;
25 import javax.security.auth.message.callback.PasswordValidationCallback;
26 import javax.security.auth.message.callback.PrivateKeyCallback;
27 import javax.security.auth.message.callback.SecretKeyCallback;
28 import javax.security.auth.message.callback.TrustStoreCallback;
29
30 import org.eclipse.jetty.security.LoginService;
31 import org.eclipse.jetty.security.authentication.LoginCallback;
32 import org.eclipse.jetty.security.authentication.LoginCallbackImpl;
33 import org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback;
34 import org.eclipse.jetty.server.UserIdentity;
35
36
37
38
39
40
41
42
43 public class ServletCallbackHandler implements CallbackHandler
44 {
45 private final LoginService _loginService;
46
47 private final ThreadLocal<CallerPrincipalCallback> _callerPrincipals = new ThreadLocal<CallerPrincipalCallback>();
48 private final ThreadLocal<GroupPrincipalCallback> _groupPrincipals = new ThreadLocal<GroupPrincipalCallback>();
49
50 public ServletCallbackHandler(LoginService loginService)
51 {
52 _loginService = loginService;
53 }
54
55 public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
56 {
57 for (Callback callback : callbacks)
58 {
59
60 if (callback instanceof CallerPrincipalCallback)
61 {
62 _callerPrincipals.set((CallerPrincipalCallback) callback);
63 }
64 else if (callback instanceof GroupPrincipalCallback)
65 {
66 _groupPrincipals.set((GroupPrincipalCallback) callback);
67 }
68 else if (callback instanceof PasswordValidationCallback)
69 {
70 PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
71 Subject subject = passwordValidationCallback.getSubject();
72
73 UserIdentity user = _loginService.login(passwordValidationCallback.getUsername(),passwordValidationCallback.getPassword());
74
75 if (user!=null)
76 {
77 passwordValidationCallback.setResult(true);
78 passwordValidationCallback.getSubject().getPrincipals().addAll(user.getSubject().getPrincipals());
79 passwordValidationCallback.getSubject().getPrivateCredentials().add(user);
80 }
81 }
82 else if (callback instanceof CredentialValidationCallback)
83 {
84 CredentialValidationCallback credentialValidationCallback = (CredentialValidationCallback) callback;
85 Subject subject = credentialValidationCallback.getSubject();
86 LoginCallback loginCallback = new LoginCallbackImpl(subject,
87 credentialValidationCallback.getUsername(),
88 credentialValidationCallback.getCredential());
89
90 UserIdentity user = _loginService.login(credentialValidationCallback.getUsername(),credentialValidationCallback.getCredential());
91
92 if (user!=null)
93 {
94 credentialValidationCallback.setResult(true);
95
96 credentialValidationCallback.getSubject().getPrincipals().addAll(user.getSubject().getPrincipals());
97 credentialValidationCallback.getSubject().getPrivateCredentials().add(user);
98 }
99 }
100
101
102 else if (callback instanceof CertStoreCallback)
103 {
104 }
105 else if (callback instanceof PrivateKeyCallback)
106 {
107 }
108 else if (callback instanceof SecretKeyCallback)
109 {
110 }
111 else if (callback instanceof TrustStoreCallback)
112 {
113 }
114 else
115 {
116 throw new UnsupportedCallbackException(callback);
117 }
118 }
119 }
120
121 public CallerPrincipalCallback getThreadCallerPrincipalCallback()
122 {
123 CallerPrincipalCallback callerPrincipalCallback = _callerPrincipals.get();
124 _callerPrincipals.remove();
125 return callerPrincipalCallback;
126 }
127
128 public GroupPrincipalCallback getThreadGroupPrincipalCallback()
129 {
130 GroupPrincipalCallback groupPrincipalCallback = _groupPrincipals.get();
131 _groupPrincipals.remove();
132 return groupPrincipalCallback;
133 }
134 }