ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1043501 - in /webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common: KeystoreCallbackHandler.java PublicKeyCallbackHandler.java SecretKeyCallbackHandler.java UsernamePasswordCallbackHandler.java
Date Wed, 08 Dec 2010 16:32:42 GMT
Author: coheigea
Date: Wed Dec  8 16:32:42 2010
New Revision: 1043501

URL: http://svn.apache.org/viewvc?rev=1043501&view=rev
Log:
[WSS-250] - ...and the missing handlers from the last commit.

Added:
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/KeystoreCallbackHandler.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/PublicKeyCallbackHandler.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SecretKeyCallbackHandler.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/UsernamePasswordCallbackHandler.java

Added: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/KeystoreCallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/KeystoreCallbackHandler.java?rev=1043501&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/KeystoreCallbackHandler.java
(added)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/KeystoreCallbackHandler.java
Wed Dec  8 16:32:42 2010
@@ -0,0 +1,64 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.common;
+
+import org.apache.ws.security.WSPasswordCallback;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * A Callback Handler implementation for the case of finding a password to access a 
+ * cert/private key in a keystore.
+ */
+public class KeystoreCallbackHandler implements CallbackHandler {
+    
+    private Map<String, String> users = new HashMap<String, String>();
+    
+    public KeystoreCallbackHandler() {
+        users.put("wss86", "security");
+        users.put("wss40", "security");
+        users.put("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
+    }
+    
+    public void handle(Callback[] callbacks)
+        throws IOException, UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof WSPasswordCallback) {
+                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+                switch (pc.getUsage()) {
+                case WSPasswordCallback.CUSTOM_TOKEN:
+                case WSPasswordCallback.DECRYPT: {
+                    pc.setPassword(users.get(pc.getIdentifier()));
+                    break;
+                }
+                default:
+                    throw new IOException("Authentication failed");
+                }
+            } else {
+                throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
+            }
+        }
+    }
+}

Added: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/PublicKeyCallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/PublicKeyCallbackHandler.java?rev=1043501&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/PublicKeyCallbackHandler.java
(added)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/PublicKeyCallbackHandler.java
Wed Dec  8 16:32:42 2010
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.common;
+
+import org.apache.ws.security.PublicKeyCallback;
+
+import java.security.KeyStore;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.IOException;
+
+/**
+ * A Callback Handler implementation for the case of a PublicKeyCallback
+ */
+public class PublicKeyCallbackHandler implements CallbackHandler {
+    
+    private KeyStore keyStore;
+    
+    public void handle(Callback[] callbacks)
+        throws IOException, UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof PublicKeyCallback) {
+                PublicKeyCallback pc = (PublicKeyCallback) callbacks[i];
+                java.security.PublicKey publicKey = pc.getPublicKey();
+                if (publicKey == null || !pc.verifyTrust(keyStore)) {
+                    throw new IOException("Authentication of public key failed");
+                }
+            } else {
+                throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
+            }
+        }
+    }
+    
+    public void setKeyStore(KeyStore newKeyStore) {
+        keyStore = newKeyStore;
+    }
+}

Added: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SecretKeyCallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SecretKeyCallbackHandler.java?rev=1043501&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SecretKeyCallbackHandler.java
(added)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SecretKeyCallbackHandler.java
Wed Dec  8 16:32:42 2010
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.common;
+
+import org.apache.ws.security.WSPasswordCallback;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.util.Base64;
+import org.apache.ws.security.util.WSSecurityUtil;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * A Callback Handler implementation for the case of storing a secret key.
+ */
+public class SecretKeyCallbackHandler implements CallbackHandler {
+    
+    private Map<String, byte[]> secrets = new HashMap<String, byte[]>();
+    private byte[] outboundSecret = null;
+    
+    public void handle(Callback[] callbacks)
+        throws IOException, UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof WSPasswordCallback) {
+                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+                switch (pc.getUsage()) {
+                case WSPasswordCallback.ENCRYPTED_KEY_TOKEN:
+                case WSPasswordCallback.SECURITY_CONTEXT_TOKEN: {
+                    byte[] secret = (byte[]) this.secrets.get(pc.getIdentifier());
+                    pc.setKey(secret);
+                    break;
+                }
+                case WSPasswordCallback.KEY_NAME: {
+                    pc.setKey(outboundSecret);
+                    break;
+                }
+                default:
+                    throw new IOException("Authentication failed");
+                }
+            } else {
+                throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
+            }
+        }
+    }
+    
+    public void addSecretKey(String identifier, byte[] secretKey) {
+        secrets.put(identifier, secretKey);
+    }
+    
+    public void setOutboundSecret(byte[] secret) throws WSSecurityException {
+        outboundSecret = secret;
+        byte[] encodedBytes = WSSecurityUtil.generateDigest(outboundSecret);
+        String identifier = Base64.encode(encodedBytes);
+        addSecretKey(identifier, outboundSecret);
+    }
+}

Added: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/UsernamePasswordCallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/UsernamePasswordCallbackHandler.java?rev=1043501&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/UsernamePasswordCallbackHandler.java
(added)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/UsernamePasswordCallbackHandler.java
Wed Dec  8 16:32:42 2010
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.common;
+
+import org.apache.ws.security.WSPasswordCallback;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * A Callback Handler implementation for the case of processing a Username Token.
+ */
+public class UsernamePasswordCallbackHandler implements CallbackHandler {
+    
+    private Map<String, String> users = new HashMap<String, String>();
+    
+    public UsernamePasswordCallbackHandler() {
+        users.put("wernerd", "verySecret");
+        users.put("bob", "security");
+        users.put("alice", "securityPassword");
+    }
+    
+    public void handle(Callback[] callbacks)
+        throws IOException, UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof WSPasswordCallback) {
+                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+                switch (pc.getUsage()) {
+                case WSPasswordCallback.USERNAME_TOKEN: {
+                    pc.setPassword(users.get(pc.getIdentifier()));
+                    break;
+                }
+                case WSPasswordCallback.USERNAME_TOKEN_UNKNOWN: {
+                    String password = users.get(pc.getIdentifier());
+                    if (password != null) {
+                        pc.setPassword(password);
+                    } else {
+                        throw new IOException("Authentication failed");
+                    }
+                    break;
+                }
+                default:
+                    throw new IOException("Authentication failed");
+                }
+            } else {
+                throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
+            }
+        }
+    }
+}



Mime
View raw message