Package org.apache.ws.security

Class WSPasswordCallback

  • All Implemented Interfaces:
    javax.security.auth.callback.Callback
    public class WSPasswordCallback
extends java.lang.Object
implements javax.security.auth.callback.Callback
    Simple class to provide a password callback mechanism.

    It uses the JAAS authentication mechanisms and callback methods. In addition to the identifier (user name) this class also provides information what type of information the callback handle method shall provide.

    The WSPasswordCallback class defines the following usage codes:

    • UNKNOWN - an unknown usage. Never used by the WSS4J implementation and shall be treated as an error by the handle method.
    • DECRYPT - need a password to get the private key of this identifier (username) from the keystore. WSS4J uses this private key to decrypt the session (symmetric) key. Because the encryption method uses the public key to encrypt the session key it needs no password (a public key is usually not protected by a password).
    • USERNAME_TOKEN - need the password to fill in or to verify a UsernameToken.
    • SIGNATURE - need the password to get the private key of this identifier (username) from the keystore. WSS4J uses this private key to produce a signature. The signature verfication uses the public key to verfiy the signature.
    • KEY_NAME - need the key, not the password, associated with the identifier. WSS4J uses this key to encrypt or decrypt parts of the SOAP request. Note, the key must match the symmetric encryption/decryption algorithm specified (refer to WSHandlerConstants.ENC_SYM_ALGO).
    • USERNAME_TOKEN_UNKNOWN - either an not specified password type or a password type passwordText. In these both cases only the password variable is set. The callback class now may check if the username and password match. If they don't match the callback class must throw an exception. The exception can be a UnsupportedCallbackException or an IOException.
    • SECURITY_CONTEXT_TOKEN - need the key to to be associated with a wsc:SecurityContextToken.
    Author:
    Werner Dittmann (Werner.Dittmann@siemens.com).

    • Constructor Detail

      • WSPasswordCallback

        public WSPasswordCallback​(java.lang.String id,
                          int usage)
        Constructor.
        Parameters:
        id - The application called back must supply the password for this identifier.

      • WSPasswordCallback

        public WSPasswordCallback​(java.lang.String id,
                          java.lang.String pw,
                          java.lang.String type,
                          int usage)
        Constructor.
        Parameters:
        id - The application called back must supply the password for this identifier.

    • Method Detail

      • getIdentifer

        public java.lang.String getIdentifer()
        Get the identifier.

        Returns:
        The identifier

      • setPassword

        public void setPassword​(java.lang.String passwd)
        Set the password.

        Parameters:
        passwd - is the password associated to the identifier

      • getPassword

        public java.lang.String getPassword()
        Get the password.

        Returns:
        The password

      • setKey

        public void setKey​(byte[] key)
        Set the Key.

        Parameters:
        key - is the key associated to the identifier

      • getKey

        public byte[] getKey()
        Get the key.

        Returns:
        The key

      • getUsage

        public int getUsage()
        Get the usage.

        Returns:
        The usage for this callback

      • getPasswordType

        public java.lang.String getPasswordType()
        The password type is only relevant for usage USERNAME_TOKEN and USERNAME_TOKEN_UNKNOWN.
        Returns:
        Returns the passwordType.