Class JAASCallbackHandler

java.lang.Object
org.apache.catalina.realm.JAASCallbackHandler
All Implemented Interfaces:
CallbackHandler

public class JAASCallbackHandler extends Object implements CallbackHandler

Implementation of the JAAS CallbackHandler interface, used to negotiate delivery of the username and credentials that were specified to our constructor. No interaction with the user is required (or possible).

This CallbackHandler will pre-digest the supplied password, if required by the <Realm> element in server.xml.

At present, JAASCallbackHandler knows how to handle callbacks of type javax.security.auth.callback.NameCallback and javax.security.auth.callback.PasswordCallback.

Author:
Craig R. McClanahan, Andrew R. Jaquith
  • Field Details

    • sm

      protected static final StringManager sm
      The string manager for this package.
    • password

      protected final String password
      The password to be authenticated with.
    • realm

      protected final JAASRealm realm
      The associated JAASRealm instance.
    • username

      protected final String username
      The username to be authenticated with.
    • nonce

      protected final String nonce
      Server generated nonce.
    • nc

      protected final String nc
      Nonce count.
    • cnonce

      protected final String cnonce
      Client generated nonce.
    • qop

      protected final String qop
      Quality of protection applied to the message.
    • realmName

      protected final String realmName
      Realm name.
    • digestA2

      protected final String digestA2
      Second digest.
    • authMethod

      protected final String authMethod
      The authentication method to be used. If null, assume BASIC/FORM.
  • Constructor Details

    • JAASCallbackHandler

      public JAASCallbackHandler(JAASRealm realm, String username, String password)
      Construct a callback handler configured with the specified values. Note that if the JAASRealm instance specifies digested passwords, the password parameter will be pre-digested here.
      Parameters:
      realm - Our associated JAASRealm instance
      username - Username to be authenticated with
      password - Password to be authenticated with
    • JAASCallbackHandler

      public JAASCallbackHandler(JAASRealm realm, String username, String password, String nonce, String nc, String cnonce, String qop, String realmName, String digestA2, String algorithm, String authMethod)
      Construct a callback handler for DIGEST authentication.
      Parameters:
      realm - Our associated JAASRealm instance
      username - Username to be authenticated with
      password - Password to be authenticated with
      nonce - Server generated nonce
      nc - Nonce count
      cnonce - Client generated nonce
      qop - Quality of protection applied to the message
      realmName - Realm name
      digestA2 - Second digest calculated as digest(Method + ":" + uri)
      algorithm - The digest algorithm to use
      authMethod - The authentication method in use
  • Method Details