org.apache.ws.security

Class WSPasswordCallback

java.lang.Object

org.apache.ws.security.WSPasswordCallback

All Implemented Interfaces:

Callback

public class WSPasswordCallback
extends Object
implements Callback

Simple class to provide a password callback mechanism. It uses the JAAS authentication mechanisms and callback methods. In addition to the identifier (user name) this class also provides information what type of information the callback handle method shall provide.

Author:

Werner Dittmann (Werner.Dittmann@siemens.com).

Field Summary

Fields

Modifier and Type	Field and Description
static int	CUSTOM_TOKEN CUSTOM_TOKEN usage is used for the case that we want the CallbackHandler to supply a token as a DOM Element.
static int	DECRYPT DECRYPT usage is used when the calling code needs a password to get the private key of this identifier (alias) from a keystore.
static int	ENCRYPTED_KEY_TOKEN Deprecated.
static int	KEY_NAME Deprecated.
static int	SECRET_KEY SECRET_KEY usage is used for the case that we want to obtain a secret key for encryption or signature on the outbound side, or for decryption or verification on the inbound side.
static int	SECURITY_CONTEXT_TOKEN SECURITY_CONTEXT_TOKEN usage is for the case of when we want the CallbackHandler to supply the key associated with a SecurityContextToken.
static int	SIGNATURE SIGNATURE usage is used on the outbound side only, to get a password to get the private key of this identifier (alias) from a keystore.
static int	UNKNOWN An unknown usage.
static int	USERNAME_TOKEN USERNAME_TOKEN usage is used to obtain a password for either creating a Username Token, or for validating it.
static int	USERNAME_TOKEN_UNKNOWN Deprecated.

Constructor Summary

Constructors

Constructor and Description
WSPasswordCallback(String id, int usage) Constructor.
WSPasswordCallback(String id, String pw, String type, int usage) Constructor.
WSPasswordCallback(String id, String pw, String type, int usage, RequestData data) Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
Element	getCustomToken()
String	getIdentifier() Get the identifier.
byte[]	getKey() Get the key.
String	getPassword() Get the password.
RequestData	getRequestData() Returns the RequestData associated with the request
String	getType()
int	getUsage() Get the usage.
void	setCustomToken(Element customToken) Set the custom token
void	setIdentifier(String ident) Set the identifier
void	setKey(byte[] key) Set the Key.
void	setPassword(String passwd) Set the password.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

UNKNOWN

public static final int UNKNOWN

An unknown usage. Never used by the WSS4J implementation and should be treated as an error.

See Also:

Constant Field Values

DECRYPT

public static final int DECRYPT

DECRYPT usage is used when the calling code needs a password to get the private key of this identifier (alias) from a keystore. This is only used for the inbound case of decrypting a session (symmetric) key, and not for the case of getting a private key to sign the message. The CallbackHandler must set the password via the setPassword(String) method.

See Also:

Constant Field Values

USERNAME_TOKEN

public static final int USERNAME_TOKEN

USERNAME_TOKEN usage is used to obtain a password for either creating a Username Token, or for validating it. It is also used for the case of deriving a key from a Username Token. The CallbackHandler must set the password via the setPassword(String) method.

See Also:

Constant Field Values

SIGNATURE

public static final int SIGNATURE

SIGNATURE usage is used on the outbound side only, to get a password to get the private key of this identifier (alias) from a keystore. The CallbackHandler must set the password via the setPassword(String) method.

See Also:

Constant Field Values

KEY_NAME

@Deprecated
public static final int KEY_NAME

Deprecated.

This identifier is deprecated and not used any more.

See Also:

Constant Field Values

USERNAME_TOKEN_UNKNOWN

@Deprecated
public static final int USERNAME_TOKEN_UNKNOWN

Deprecated.

This identifier is deprecated and not used any more.

See Also:

Constant Field Values

SECURITY_CONTEXT_TOKEN

public static final int SECURITY_CONTEXT_TOKEN

SECURITY_CONTEXT_TOKEN usage is for the case of when we want the CallbackHandler to supply the key associated with a SecurityContextToken. The CallbackHandler must set the key via the setKey(byte[]) method.

See Also:

Constant Field Values

CUSTOM_TOKEN

public static final int CUSTOM_TOKEN

CUSTOM_TOKEN usage is used for the case that we want the CallbackHandler to supply a token as a DOM Element. For example, this is used for the case of a reference to a SAML Assertion or Security Context Token that is not in the message. The CallbackHandler must set the token via the setCustomToken(Element) method.

See Also:

Constant Field Values

ENCRYPTED_KEY_TOKEN

@Deprecated
public static final int ENCRYPTED_KEY_TOKEN

Deprecated.

This identifier is deprecated and not used any more.

See Also:

Constant Field Values

SECRET_KEY

public static final int SECRET_KEY

SECRET_KEY usage is used for the case that we want to obtain a secret key for encryption or signature on the outbound side, or for decryption or verification on the inbound side. The CallbackHandler must set the key via the setKey(byte[]) method.

See Also:

Constant Field Values

Constructor Detail

WSPasswordCallback

public WSPasswordCallback(String id,
                  int usage)

Constructor.

Parameters:

id - The application called back must supply the password for this identifier.

WSPasswordCallback

public WSPasswordCallback(String id,
                  String pw,
                  String type,
                  int usage)

Constructor.

Parameters:

id - The application called back must supply the password for this identifier.

WSPasswordCallback

public WSPasswordCallback(String id,
                  String pw,
                  String type,
                  int usage,
                  RequestData data)

Constructor.

Parameters:

id - The application called back must supply the password for this identifier.

Method Detail

getIdentifier

public String getIdentifier()

Get the identifier.

Returns:

The identifier

setIdentifier

public void setIdentifier(String ident)

Set the identifier

Parameters:

ident - The identity.

setPassword

public void setPassword(String passwd)

Set the password.

Parameters:

passwd - is the password associated to the identifier

getPassword

public String getPassword()

Get the password.

Returns:

The password

setKey

public void setKey(byte[] key)

Set the Key.

Parameters:

key - is the key associated to the identifier

getKey

public byte[] getKey()

Get the key.

Returns:

The key

getUsage

public int getUsage()

Get the usage.

Returns:

The usage for this callback

getType

public String getType()

Returns:

Returns the type.

getCustomToken

public Element getCustomToken()

Returns:

the custom token

setCustomToken

public void setCustomToken(Element customToken)

Set the custom token

Parameters:

customToken -

getRequestData

public RequestData getRequestData()

Returns the RequestData associated with the request

Returns:

the RequestData associated with the request