Overview  Package   Class  Use  Deprecated  Index
Home >> All >> org >> apache >> geronimo >> security >> [ jaas overview ]	PREV CLASS  NEXT CLASS
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD	DETAIL: FIELD | CONSTR | METHOD

---

org.apache.geronimo.security.jaas
Class DecouplingCallbackHandler  

java.lang.Object
  org.apache.geronimo.security.jaas.DecouplingCallbackHandler

All Implemented Interfaces:

javax.security.auth.callback.CallbackHandler

---

public class DecouplingCallbackHandler

extends java.lang.Object

implements javax.security.auth.callback.CallbackHandler

This callback handler separates the process of obtaining callbacks from the user from the process of providing the user's values to the login module. This means the JaasLoginService can figure out what callbacks the module wants and prompt the user in advance, and then turn around and pass those values to the login module, instead of actually prompting the user at the mercy of the login module.

Version:

$Rev: 46019 $ $Date: 2004-09-14 05:56:06 -0400 (Tue, 14 Sep 2004) $

---

Field Summary
private  boolean	exploring
private  javax.security.auth.callback.Callback[]	source

 

Constructor Summary

DecouplingCallbackHandler()

 

Method Summary
javax.security.auth.callback.Callback[]	finalizeCallbackList()           Indicates that the exploring phase is over.
void	handle(javax.security.auth.callback.Callback[] callbacks)           Retrieve or display the information requested in the provided javax.security.auth.callback.Callbacks.
void	setClientResponse(javax.security.auth.callback.Callback[] callbacks)           Within the same VM, the client just populates the callbacks directly into the array held by this object.
void	setExploring()           While we're exploring, we'll discover new callbacks that the server login module wants.

 

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Field Detail

source

private javax.security.auth.callback.Callback[] source

---

exploring

private boolean exploring

Constructor Detail

DecouplingCallbackHandler

public DecouplingCallbackHandler()

Method Detail

handle

public void handle(javax.security.auth.callback.Callback[] callbacks)
            throws java.lang.IllegalArgumentException,
                   javax.security.auth.callback.UnsupportedCallbackException

Description copied from interface: javax.security.auth.callback.CallbackHandler

Retrieve or display the information requested in the provided javax.security.auth.callback.Callbacks.

The handle() method implementation checks the instance(s) of the javax.security.auth.callback.Callback object(s) passed in to retrieve or display the requested information. The following example is provided to help demonstrate what an handle() method implementation might look like. This example code is for guidance only. Many details, including proper error handling, are left out for simplicity.

public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException {
   for (int i = 0; i < callbacks.length; i++) {
      if (callbacks[i] instanceof TextOutputCallback) {
         // display the message according to the specified type
         TextOutputCallback toc = (TextOutputCallback)callbacks[i];
         switch (toc.getMessageType()) {
         case TextOutputCallback.INFORMATION:
            System.out.println(toc.getMessage());
            break;
         case TextOutputCallback.ERROR:
            System.out.println("ERROR: " + toc.getMessage());
            break;
         case TextOutputCallback.WARNING:
            System.out.println("WARNING: " + toc.getMessage());
            break;
         default:
            throw new IOException("Unsupported message type: "
                  + toc.getMessageType());
         }
      } else if (callbacks[i] instanceof NameCallback) {
         // prompt the user for a username
         NameCallback nc = (NameCallback)callbacks[i];
         // ignore the provided defaultName
         System.err.print(nc.getPrompt());
         System.err.flush();
         nc.setName((new BufferedReader(
               new InputStreamReader(System.in))).readLine());
      } else if (callbacks[i] instanceof PasswordCallback) {
         // prompt the user for sensitive information
         PasswordCallback pc = (PasswordCallback)callbacks[i];
         System.err.print(pc.getPrompt());
         System.err.flush();
         pc.setPassword(readPassword(System.in));
      } else {
         throw new UnsupportedCallbackException(
               callbacks[i], "Unrecognized Callback");
      }
   }
}

 // Reads user password from given input stream.
private char[] readPassword(InputStream in) throws IOException {
   // insert code to read a user password from the input stream
}
 

Specified by:

handle in interface javax.security.auth.callback.CallbackHandler

---

setClientResponse

public void setClientResponse(javax.security.auth.callback.Callback[] callbacks)
                       throws java.lang.IllegalArgumentException

Within the same VM, the client just populates the callbacks directly into the array held by this object. However, remote clients will serialize their responses, so they need to be manually set back on this object to take effect.

---

setExploring

public void setExploring()

While we're exploring, we'll discover new callbacks that the server login module wants. While not exploring, we'll actually set values for the server callbacks.

---

finalizeCallbackList

public javax.security.auth.callback.Callback[] finalizeCallbackList()

Indicates that the exploring phase is over.

---

Overview  Package   Class  Use  Deprecated  Index
Home >> All >> org >> apache >> geronimo >> security >> [ jaas overview ]	PREV CLASS  NEXT CLASS
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD	DETAIL: FIELD | CONSTR | METHOD

---