org.apache.ws.security.processor
Class UsernameTokenProcessor

java.lang.Object
  extended byorg.apache.ws.security.processor.UsernameTokenProcessor
All Implemented Interfaces:
Processor

public class UsernameTokenProcessor
extends java.lang.Object
implements Processor


Constructor Summary
UsernameTokenProcessor()
           
 
Method Summary
 java.lang.String getId()
          Get the Id of the processor.
 UsernameToken getUt()
          Get the processed UsernameToken.
 void handleToken(org.w3c.dom.Element elem, Crypto crypto, Crypto decCrypto, javax.security.auth.callback.CallbackHandler cb, WSDocInfo wsDocInfo, java.util.Vector returnResults, WSSConfig wsc)
           
 WSUsernameTokenPrincipal handleUsernameToken(org.w3c.dom.Element token, javax.security.auth.callback.CallbackHandler cb)
          Check the UsernameToken element.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

UsernameTokenProcessor

public UsernameTokenProcessor()
Method Detail

handleToken

public void handleToken(org.w3c.dom.Element elem,
                        Crypto crypto,
                        Crypto decCrypto,
                        javax.security.auth.callback.CallbackHandler cb,
                        WSDocInfo wsDocInfo,
                        java.util.Vector returnResults,
                        WSSConfig wsc)
                 throws WSSecurityException
Specified by:
handleToken in interface Processor
Throws:
WSSecurityException

handleUsernameToken

public WSUsernameTokenPrincipal handleUsernameToken(org.w3c.dom.Element token,
                                                    javax.security.auth.callback.CallbackHandler cb)
                                             throws WSSecurityException
Check the UsernameToken element. Depending on the password type contained in the element the processing differs. If the password type is digested, then retrieve a password from the callback handler and authenticate the UsernameToken here.

If the password is in plaintext or any other yet unknown password type then delegate the password validation to the callback class. Note that for unknown password types an exception is thrown if WSSConfig.getHandleCustomPasswordTypes() is set to false (as it is by default). The security engine hands over all necessary data to the callback class via the WSPasswordCallback object. The usage parameter of WSPasswordCallback is set to USERNAME_TOKEN_UNKNOWN.

Parameters:
token - the DOM element that contains the UsernameToken
cb - the reference to the callback object
Returns:
WSUsernameTokenPrincipal that contain data that an application may use to further validate the password/user combination.
Throws:
WSSecurityException

getId

public java.lang.String getId()
Description copied from interface: Processor
Get the Id of the processor.

Specified by:
getId in interface Processor
Returns:
The Id string

getUt

public UsernameToken getUt()
Get the processed UsernameToken.

Returns:
the ut


Copyright © 2004-2008 The Apache Software Foundation. All Rights Reserved.