1 /**
2 * Copyright 2005-2014 The Kuali Foundation
3 *
4 * Licensed under the Educational Community License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.opensource.org/licenses/ecl2.php
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 package org.kuali.rice.ksb.messaging.servicehandlers;
17
18 import java.io.IOException;
19
20 import javax.security.auth.callback.Callback;
21 import javax.security.auth.callback.CallbackHandler;
22 import javax.security.auth.callback.UnsupportedCallbackException;
23 import javax.xml.namespace.QName;
24
25 import org.apache.ws.security.WSPasswordCallback;
26 import org.kuali.rice.core.api.exception.RiceRuntimeException;
27 import org.kuali.rice.ksb.service.KSBServiceLocator;
28
29 /**
30 * CallbackHandler that verifies the password and username is correct for a service
31 * secured with basic authentication.
32 *
33 * @author Kuali Rice Team (rice.collab@kuali.org)
34 */
35 public class BasicAuthenticationHandler implements CallbackHandler {
36
37 private String serviceNameSpaceURI;
38 private QName localServiceName;
39
40 /**
41 * Initialize the BasicAuthenticationHandler with the serviceNameSpaceURI and localServiceName
42 *
43 * @param serviceNameSpaceURI the serviceNameSpaceURI to use
44 * @param serviceName the serviceName to use
45 */
46 public BasicAuthenticationHandler(String serviceNameSpaceURI, QName serviceName) {
47 this.serviceNameSpaceURI = serviceNameSpaceURI;
48 this.localServiceName = serviceName;
49 }
50
51 /**
52 * @param callbacks an array of Callback objects
53 * @throws RiceRuntimeException if the username or password is invalid
54 * @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
55 */
56 public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
57 if (callbacks[0] != null && callbacks[0] instanceof WSPasswordCallback) {
58 WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
59 if (!KSBServiceLocator.getBasicAuthenticationService().checkServiceAuthentication(this.serviceNameSpaceURI,
60 this.localServiceName, pc.getIdentifier(), pc.getPassword())) {
61 throw new RiceRuntimeException("Invalid username or password");
62 }
63 }
64 }
65 }