org.apache.catalina.realm
Class JAASCallbackHandler

java.lang.Object
  extended by org.apache.catalina.realm.JAASCallbackHandler
All Implemented Interfaces:
javax.security.auth.callback.CallbackHandler

public class JAASCallbackHandler
extends java.lang.Object
implements javax.security.auth.callback.CallbackHandler

Implementation of the JAAS CallbackHandler interface, used to negotiate delivery of the username and credentials that were specified to our constructor. No interaction with the user is required (or possible).

This CallbackHandler will pre-digest the supplied password, if required by the <Realm> element in server.xml.

At present, JAASCallbackHandler knows how to handle callbacks of type javax.security.auth.callback.NameCallback and javax.security.auth.callback.PasswordCallback.

Version:
$Revision: 743 $ $Date: 2008-08-18 06:04:18 +0200 (Mon, 18 Aug 2008) $
Author:
Craig R. McClanahan, Andrew R. Jaquith

Field Summary
protected  java.lang.String authMethod
          The authentication methdod to be used.
protected  java.lang.String cnonce
          Client generated nonce.
protected  java.lang.String md5a2
          Second MD5 digest.
protected  java.lang.String nc
          Nonce count.
protected  java.lang.String nonce
          Server generated nonce.
protected  java.lang.String password
          The password to be authenticated with.
protected  java.lang.String qop
          Quality of protection aplied to the message.
protected  JAASRealm realm
          The associated JAASRealm instance.
protected  java.lang.String realmName
          Realm name.
protected static StringManager sm
          The string manager for this package.
protected  java.lang.String username
          The username to be authenticated with.
 
Constructor Summary
JAASCallbackHandler(JAASRealm realm, java.lang.String username, java.lang.String password)
          Construct a callback handler configured with the specified values.
JAASCallbackHandler(JAASRealm realm, java.lang.String username, java.lang.String password, java.lang.String nonce, java.lang.String nc, java.lang.String cnonce, java.lang.String qop, java.lang.String realmName, java.lang.String md5a2, java.lang.String authMethod)
          Construct a callback handler for DIGEST authentication.
 
Method Summary
 void handle(javax.security.auth.callback.Callback[] callbacks)
          Retrieve the information requested in the provided Callbacks.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

sm

protected static final StringManager sm
The string manager for this package.


password

protected java.lang.String password
The password to be authenticated with.


realm

protected JAASRealm realm
The associated JAASRealm instance.


username

protected java.lang.String username
The username to be authenticated with.


nonce

protected java.lang.String nonce
Server generated nonce.


nc

protected java.lang.String nc
Nonce count.


cnonce

protected java.lang.String cnonce
Client generated nonce.


qop

protected java.lang.String qop
Quality of protection aplied to the message.


realmName

protected java.lang.String realmName
Realm name.


md5a2

protected java.lang.String md5a2
Second MD5 digest.


authMethod

protected java.lang.String authMethod
The authentication methdod to be used. If null, assume BASIC/FORM.

Constructor Detail

JAASCallbackHandler

public JAASCallbackHandler(JAASRealm realm,
                           java.lang.String username,
                           java.lang.String password)
Construct a callback handler configured with the specified values. Note that if the JAASRealm instance specifies digested passwords, the password parameter will be pre-digested here.

Parameters:
realm - Our associated JAASRealm instance
username - Username to be authenticated with
password - Password to be authenticated with

JAASCallbackHandler

public JAASCallbackHandler(JAASRealm realm,
                           java.lang.String username,
                           java.lang.String password,
                           java.lang.String nonce,
                           java.lang.String nc,
                           java.lang.String cnonce,
                           java.lang.String qop,
                           java.lang.String realmName,
                           java.lang.String md5a2,
                           java.lang.String authMethod)
Construct a callback handler for DIGEST authentication.

Parameters:
realm - Our associated JAASRealm instance
username - Username to be authenticated with
password - Password to be authenticated with
nonce - Server generated nonce
nc - Nonce count
cnonce - Client generated nonce
qop - Quality of protection aplied to the message
realmName - Realm name
md5a2 - Second MD5 digest used to calculate the digest MD5(Method + ":" + uri)
authMethod - The authentication mehtod in use
Method Detail

handle

public void handle(javax.security.auth.callback.Callback[] callbacks)
            throws java.io.IOException,
                   javax.security.auth.callback.UnsupportedCallbackException
Retrieve the information requested in the provided Callbacks. This implementation only recognizes NameCallback, PasswordCallback and TextInputCallback. TextInputCallback is ued to pass the various additional parameters required for DIGEST authentication.

Specified by:
handle in interface javax.security.auth.callback.CallbackHandler
Parameters:
callbacks - The set of Callbacks to be processed
Throws:
java.io.IOException - if an input/output error occurs
javax.security.auth.callback.UnsupportedCallbackException - if the login method requests an unsupported callback type


Copyright © 2000-2009 Apache Software Foundation. All Rights Reserved.