View Javadoc

1   /**
2    * Copyright 2005-2012 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.ksb.messaging.servicehandlers;
17  
18  import java.io.IOException;
19  
20  import javax.security.auth.callback.Callback;
21  import javax.security.auth.callback.CallbackHandler;
22  import javax.security.auth.callback.UnsupportedCallbackException;
23  import javax.xml.namespace.QName;
24  
25  import org.apache.ws.security.WSPasswordCallback;
26  import org.kuali.rice.core.api.exception.RiceRuntimeException;
27  import org.kuali.rice.ksb.service.KSBServiceLocator;
28  
29  /**
30   * CallbackHandler that verifies the password and username is correct for a service
31   * secured with basic authentication.
32   *
33   * @author Kuali Rice Team (rice.collab@kuali.org)
34   */
35  public class BasicAuthenticationHandler implements CallbackHandler {
36  
37      private String serviceNameSpaceURI;
38      private QName localServiceName;
39  
40      /**
41       * Initialize the BasicAuthenticationHandler with the serviceNameSpaceURI and localServiceName
42       *
43       * @param serviceNameSpaceURI the serviceNameSpaceURI to use
44       * @param serviceName the serviceName to use
45       */
46      public BasicAuthenticationHandler(String serviceNameSpaceURI, QName serviceName) {
47          this.serviceNameSpaceURI = serviceNameSpaceURI;
48          this.localServiceName = serviceName;
49      }
50  
51      /**
52       * @param callbacks an array of Callback objects
53       * @throws RiceRuntimeException if the username or password is invalid
54       * @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
55       */
56      public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
57          if (callbacks[0] != null && callbacks[0] instanceof WSPasswordCallback) {
58              WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
59              if (!KSBServiceLocator.getBasicAuthenticationService().checkServiceAuthentication(this.serviceNameSpaceURI,
60                      this.localServiceName, pc.getIdentifier(), pc.getPassword())) {
61                  throw new RiceRuntimeException("Invalid username or password");
62              }
63          }
64      }
65  }