cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject git commit: Add support for specifying a Kerberos CallbackHandler + isUsernameInServiceForm boolean
Date Tue, 02 Sep 2014 14:50:27 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/1.1.x-fixes 5dedd1823 -> 89b8f99ea


Add support for specifying a Kerberos CallbackHandler + isUsernameInServiceForm boolean


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/89b8f99e
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/89b8f99e
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/89b8f99e

Branch: refs/heads/1.1.x-fixes
Commit: 89b8f99ea95455d04d82507e2823d7da19e40bf2
Parents: 5dedd18
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Sep 2 15:48:57 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Sep 2 15:50:20 2014 +0100

----------------------------------------------------------------------
 .../service/idp/STSAuthenticationProvider.java  | 27 ++++++++++++++++++++
 1 file changed, 27 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/89b8f99e/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/STSAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/STSAuthenticationProvider.java
b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/STSAuthenticationProvider.java
index c77126b..d189cf5 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/STSAuthenticationProvider.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/STSAuthenticationProvider.java
@@ -27,6 +27,7 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
+import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.LoginException;
 import javax.xml.namespace.QName;
 
@@ -93,6 +94,10 @@ public class STSAuthenticationProvider implements AuthenticationProvider
{
     
     private KerberosTokenValidator kerberosTokenValidator;
     
+    private CallbackHandler kerberosCallbackHandler;
+    
+    private boolean kerberosUsernameServiceNameForm;
+    
     
     @Override
     public Authentication authenticate(Authentication authentication) throws AuthenticationException
{
@@ -146,6 +151,12 @@ public class STSAuthenticationProvider implements AuthenticationProvider
{
                                     kerberosTokenValidator.getContextName());
             sts.getProperties().put(SecurityConstants.KERBEROS_SPN,
                                     kerberosTokenValidator.getServiceName());
+            sts.getProperties().put(SecurityConstants.CALLBACK_HANDLER, 
+                                    kerberosCallbackHandler);
+            if (kerberosUsernameServiceNameForm) {
+                sts.getProperties().put(SecurityConstants.KERBEROS_IS_USERNAME_IN_SERVICENAME_FORM,

+                                        "true");
+            }
         } else {
             sts.getProperties().put(SecurityConstants.USERNAME, authentication.getName());
             sts.getProperties().put(SecurityConstants.PASSWORD, (String)authentication.getCredentials());
@@ -411,6 +422,22 @@ public class STSAuthenticationProvider implements AuthenticationProvider
{
         this.kerberosTokenValidator = kerberosTokenValidator;
     }
 
+    public CallbackHandler getKerberosCallbackHandler() {
+        return kerberosCallbackHandler;
+    }
+
+    public void setKerberosCallbackHandler(CallbackHandler kerberosCallbackHandler) {
+        this.kerberosCallbackHandler = kerberosCallbackHandler;
+    }
+
+    public boolean isKerberosUsernameServiceNameForm() {
+        return kerberosUsernameServiceNameForm;
+    }
+
+    public void setKerberosUsernameServiceNameForm(boolean kerberosUsernameServiceNameForm)
{
+        this.kerberosUsernameServiceNameForm = kerberosUsernameServiceNameForm;
+    }
+
 //May be uncommented for debugging    
 //    private void setTimeout(Client client, Long timeout) {
 //        HTTPConduit conduit = (HTTPConduit) client.getConduit();


Mime
View raw message