org.apache.wss4j.common.ext
Class WSPasswordCallback

java.lang.Object
  org.apache.wss4j.common.ext.WSPasswordCallback

All Implemented Interfaces:

Callback

public class WSPasswordCallback
extends Object
implements Callback

Simple class to provide a password callback mechanism.

It uses the JAAS authentication mechanisms and callback methods. In addition to the identifier (user name) this class also provides information what type of information the callback handle method shall provide.

The WSPasswordCallback class defines the following usage codes:

• UNKNOWN - an unknown usage. Never used by the WSS4J implementation and shall be treated as an error by the handle method.
• DECRYPT - need a password to get the private key of this identifier (username) from the keystore. WSS4J uses this private key to decrypt the session (symmetric) key. Because the encryption method uses the public key to encrypt the session key it needs no password (a public key is usually not protected by a password).
• USERNAME_TOKEN - need the password to fill in or to verify a UsernameToken.
• SIGNATURE - need the password to get the private key of this identifier (username) from the keystore. WSS4J uses this private key to produce a signature. The signature verification uses the public key to verify the signature.
• SECURITY_CONTEXT_TOKEN - need the key to to be associated with a wsc:SecurityContextToken.
• PASSWORD_ENCRYPTOR_PASSWORD - return the password used with a PasswordEncryptor implementation to decrypt encrypted passwords stored in Crypto properties files

Field Summary

static int	CUSTOM_TOKEN CUSTOM_TOKEN usage is used for the case that we want the CallbackHandler to supply a token as a DOM Element.
static int	DECRYPT DECRYPT usage is used when the calling code needs a password to get the private key of this identifier (alias) from a keystore.
static int	ENCRYPTED_KEY_TOKEN Deprecated.
static int	KEY_NAME Deprecated.
static int	PASSWORD_ENCRYPTOR_PASSWORD PASSWORD_ENCRYPTOR_PASSWORD usage is used to return the password used with a PasswordEncryptor implementation to decrypt encrypted passwords stored in Crypto properties files
static int	SECRET_KEY SECRET_KEY usage is used for the case that we want to obtain a secret key for encryption or signature on the outbound side, or for decryption or verification on the inbound side.
static int	SECURITY_CONTEXT_TOKEN SECURITY_CONTEXT_TOKEN usage is for the case of when we want the CallbackHandler to supply the key associated with a SecurityContextToken.
static int	SIGNATURE SIGNATURE usage is used on the outbound side only, to get a password to get the private key of this identifier (alias) from a keystore.
static int	UNKNOWN An unknown usage.
static int	USERNAME_TOKEN USERNAME_TOKEN usage is used to obtain a password for either creating a Username Token, or for validating it.
static int	USERNAME_TOKEN_UNKNOWN Deprecated.

Constructor Summary

WSPasswordCallback(String id, int usage)
Constructor.

WSPasswordCallback(String id, String pw, String type, int usage)
Constructor.

Method Summary

Element	getCustomToken()
String	getIdentifier() Get the identifier.
byte[]	getKey() Get the key.
Key	getKeyObject()
String	getPassword() Get the password.
String	getType()
int	getUsage() Get the usage.
void	setCustomToken(Element customToken) Set the custom token
void	setIdentifier(String ident) Set the identifier
void	setKey(byte[] secret) Set the Key.
void	setKey(Key key)
void	setPassword(String passwd) Set the password.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

UNKNOWN

public static final int UNKNOWN

An unknown usage. Never used by the WSS4J implementation and should be treated as an error.

See Also:

Constant Field Values

DECRYPT

public static final int DECRYPT

DECRYPT usage is used when the calling code needs a password to get the private key of this identifier (alias) from a keystore. This is only used for the inbound case of decrypting a session (symmetric) key, and not for the case of getting a private key to sign the message. The CallbackHandler must set the password via the setPassword(String) method.

See Also:

Constant Field Values

USERNAME_TOKEN

public static final int USERNAME_TOKEN

USERNAME_TOKEN usage is used to obtain a password for either creating a Username Token, or for validating it. It is also used for the case of deriving a key from a Username Token. The CallbackHandler must set the password via the setPassword(String) method.

See Also:

Constant Field Values

SIGNATURE

public static final int SIGNATURE

SIGNATURE usage is used on the outbound side only, to get a password to get the private key of this identifier (alias) from a keystore. The CallbackHandler must set the password via the setPassword(String) method.

See Also:

Constant Field Values

KEY_NAME

@Deprecated
public static final int KEY_NAME

Deprecated.

This identifier is deprecated and not used any more.

See Also:

Constant Field Values

USERNAME_TOKEN_UNKNOWN

@Deprecated
public static final int USERNAME_TOKEN_UNKNOWN

Deprecated.

This identifier is deprecated and not used any more.

See Also:

Constant Field Values

SECURITY_CONTEXT_TOKEN

public static final int SECURITY_CONTEXT_TOKEN

SECURITY_CONTEXT_TOKEN usage is for the case of when we want the CallbackHandler to supply the key associated with a SecurityContextToken. The CallbackHandler must set the key via the setKey(byte[]) method.

See Also:

Constant Field Values

CUSTOM_TOKEN

public static final int CUSTOM_TOKEN

CUSTOM_TOKEN usage is used for the case that we want the CallbackHandler to supply a token as a DOM Element. For example, this is used for the case of a reference to a SAML Assertion or Security Context Token that is not in the message. The CallbackHandler must set the token via the setCustomToken(Element) method.

See Also:

Constant Field Values

ENCRYPTED_KEY_TOKEN

@Deprecated
public static final int ENCRYPTED_KEY_TOKEN

Deprecated.

This identifier is deprecated and not used any more.

See Also:

Constant Field Values

SECRET_KEY

public static final int SECRET_KEY

SECRET_KEY usage is used for the case that we want to obtain a secret key for encryption or signature on the outbound side, or for decryption or verification on the inbound side. The CallbackHandler must set the key via the setKey(byte[]) method.

See Also:

Constant Field Values

PASSWORD_ENCRYPTOR_PASSWORD

public static final int PASSWORD_ENCRYPTOR_PASSWORD

PASSWORD_ENCRYPTOR_PASSWORD usage is used to return the password used with a PasswordEncryptor implementation to decrypt encrypted passwords stored in Crypto properties files

See Also:

Constant Field Values

Constructor Detail

WSPasswordCallback

public WSPasswordCallback(String id,
                          int usage)

Constructor.

Parameters:

id - The application called back must supply the password for this identifier.

WSPasswordCallback

public WSPasswordCallback(String id,
                          String pw,
                          String type,
                          int usage)

Constructor.

Parameters:

id - The application called back must supply the password for this identifier.

Method Detail

getIdentifier

public String getIdentifier()

Get the identifier.

Returns:

The identifier

setIdentifier

public void setIdentifier(String ident)

Set the identifier

Parameters:

ident - The identity.

setPassword

public void setPassword(String passwd)

Set the password.

Parameters:

passwd - is the password associated to the identifier

getPassword

public String getPassword()

Get the password.

Returns:

The password

setKey

public void setKey(byte[] secret)

Set the Key.

Parameters:

secret -

setKey

public void setKey(Key key)

getKey

public byte[] getKey()

Get the key.

Returns:

The key

getKeyObject

public Key getKeyObject()

getUsage

public int getUsage()

Get the usage.

Returns:

The usage for this callback

getType

public String getType()

Returns:

Returns the type.

getCustomToken

public Element getCustomToken()

Returns:

the custom token

setCustomToken

public void setCustomToken(Element customToken)

Set the custom token

Parameters:

customToken -