cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a.@apache.org
Subject svn commit: r1148281 - in /cxf/trunk/rt/core/src: main/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandler.java test/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandlerTest.java
Date Tue, 19 Jul 2011 11:54:52 GMT
Author: ay
Date: Tue Jul 19 11:54:51 2011
New Revision: 1148281

URL: http://svn.apache.org/viewvc?rev=1148281&view=rev
Log:
[CXF-3658] Make NamePasswordCallback used for JAAS login more flexible...

Added:
    cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandlerTest.java
  (with props)
Modified:
    cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandler.java

Modified: cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandler.java?rev=1148281&r1=1148280&r2=1148281&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandler.java
(original)
+++ cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandler.java
Tue Jul 19 11:54:51 2011
@@ -19,6 +19,7 @@
 package org.apache.cxf.interceptor.security;
 
 import java.io.IOException;
+import java.lang.reflect.Method;
 import java.util.ResourceBundle;
 import java.util.logging.Logger;
 
@@ -35,15 +36,25 @@ public class NamePasswordCallbackHandler
     
     private static final ResourceBundle BUNDLE = BundleUtils.getBundle(NamePasswordCallbackHandler.class);
     private static final Logger LOG = LogUtils.getL7dLogger(NamePasswordCallbackHandler.class);
+    private static final String PASSWORD_CALLBACK_NAME = "setObject";
+    private static final Class[] PASSWORD_CALLBACK_TYPES = 
+        new Class[]{Object.class, char[].class, String.class};
     
     private String username;  
     private String password;  
-     
+    
+    private String passwordCallbackName;
+    
     public NamePasswordCallbackHandler(String username, String password) {  
-        this.username = username;  
-        this.password = password;  
+        this(username, password, null);  
     }  
      
+    public NamePasswordCallbackHandler(String username, String password, String passwordCallbackName)
{  
+        this.username = username;  
+        this.password = password;
+        this.passwordCallbackName = passwordCallbackName;
+    }  
+
     public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{  
         for (int i = 0; i < callbacks.length; i++) {  
             Callback callback = callbacks[i];
@@ -53,8 +64,8 @@ public class NamePasswordCallbackHandler
                 ((NameCallback) callback).setName(username);  
             } else if (callback instanceof PasswordCallback) {  
                 PasswordCallback pwCallback = (PasswordCallback) callback;  
-                pwCallback.setPassword(password.toCharArray());  
-            } else {
+                pwCallback.setPassword(password.toCharArray());
+            } else if (!invokePasswordCallback(callback)) {
                 org.apache.cxf.common.i18n.Message errorMsg = 
                     new org.apache.cxf.common.i18n.Message("UNSUPPORTED_CALLBACK_TYPE", 
                                                            BUNDLE, 
@@ -68,4 +79,28 @@ public class NamePasswordCallbackHandler
     protected boolean handleCallback(Callback callback) {
         return false;
     }
+    
+    /*
+     * This method is called from the handle(Callback[]) method when the specified callback

+     * did not match any of the known callback classes. It looks for the callback method

+     * having the specified method name with one of the suppported parameter types.
+     * If found, it invokes the callback method on the object and returns true. 
+     * If not, it returns false.
+     */
+    private boolean invokePasswordCallback(Callback callback) {
+        String cbname = passwordCallbackName == null
+                        ? PASSWORD_CALLBACK_NAME : passwordCallbackName;
+        for (Class<?> arg : PASSWORD_CALLBACK_TYPES) {
+            try {
+                Method method = callback.getClass().getMethod(cbname, arg);
+                method.invoke(callback, arg == String.class ? password : password.toCharArray());
+                return true;
+            } catch (Exception e) {
+                // ignore and continue
+                LOG.warning(e.toString());
+            }
+        }
+        return false;
+    }
+ 
 }

Added: cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandlerTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandlerTest.java?rev=1148281&view=auto
==============================================================================
--- cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandlerTest.java
(added)
+++ cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandlerTest.java
Tue Jul 19 11:54:51 2011
@@ -0,0 +1,112 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.interceptor.security;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+
+import junit.framework.Assert;
+
+import org.junit.Test;
+
+/**
+ * 
+ */
+public class NamePasswordCallbackHandlerTest extends Assert {
+
+    @Test
+    public void testHandleCallback() throws Exception {
+        NamePasswordCallbackHandler handler = new NamePasswordCallbackHandler("Barry", "dog");
+        Callback[] callbacks = 
+            new Callback[]{new NameCallback("name"), new PasswordCallback("password", false)};
+        handler.handle(callbacks);
+        assertEquals("Barry", ((NameCallback)callbacks[0]).getName());
+        assertEquals("dog", new String(((PasswordCallback)callbacks[1]).getPassword()));
+    }
+
+    @Test
+    public void testHandleCallback2() throws Exception {
+        NamePasswordCallbackHandler handler = new NamePasswordCallbackHandler("Barry", "dog");
+        Callback[] callbacks = 
+            new Callback[]{new NameCallback("name"), new ObjectCallback()};
+        handler.handle(callbacks);
+        assertEquals("Barry", ((NameCallback)callbacks[0]).getName());
+        Object pwobj = ((ObjectCallback)callbacks[1]).getObject();
+        assertTrue(pwobj instanceof char[]);
+        assertEquals("dog", new String((char[])pwobj));
+    }
+
+    @Test
+    public void testHandleCallback3() throws Exception {
+        NamePasswordCallbackHandler handler = new NamePasswordCallbackHandler("Barry", "dog");
+        Callback[] callbacks = 
+            new Callback[]{new NameCallback("name"), new StringObjectCallback()};
+        handler.handle(callbacks);
+        assertEquals("Barry", ((NameCallback)callbacks[0]).getName());
+        assertEquals("dog", ((StringObjectCallback)callbacks[1]).getObject());
+    }
+
+    @Test
+    public void testHandleCallback4() throws Exception {
+        NamePasswordCallbackHandler handler = new NamePasswordCallbackHandler("Barry", "dog",
"setValue");
+        Callback[] callbacks = 
+            new Callback[]{new NameCallback("name"), new CharArrayCallback()};
+        handler.handle(callbacks);
+        assertEquals("Barry", ((NameCallback)callbacks[0]).getName());
+        assertEquals("dog", new String(((CharArrayCallback)callbacks[1]).getValue()));
+    }
+
+    static class ObjectCallback implements Callback {
+        private Object obj;
+        
+        public Object getObject() {
+            return obj;
+        }
+
+        public void setObject(Object o) {
+            this.obj = o;
+        }
+    }
+
+    static class StringObjectCallback implements Callback {
+        private String obj;
+        
+        public String getObject() {
+            return obj;
+        }
+
+        public void setObject(String o) {
+            this.obj = o;
+        }
+    }
+
+    static class CharArrayCallback implements Callback {
+        private char[] obj;
+        
+        public char[] getValue() {
+            return obj;
+        }
+
+        public void setValue(char[] o) {
+            this.obj = o;
+        }
+    }
+}

Propchange: cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandlerTest.java
------------------------------------------------------------------------------
    svn:executable = *



Mime
View raw message