org.apache.ws.security.processor
Class UsernameTokenProcessor

java.lang.Object
  extended by org.apache.ws.security.processor.UsernameTokenProcessor
All Implemented Interfaces:
Processor

public class UsernameTokenProcessor
extends java.lang.Object
implements Processor


Constructor Summary
UsernameTokenProcessor()
           
 
Method Summary
 java.lang.String getId()
          Get the Id of the processoer.
 UsernameToken getUt()
          Get the processed USernameToken.
 void handleToken(org.w3c.dom.Element elem, Crypto crypto, Crypto decCrypto, javax.security.auth.callback.CallbackHandler cb, WSDocInfo wsDocInfo, java.util.Vector returnResults, WSSConfig wsc)
           
 WSUsernameTokenPrincipal handleUsernameToken(org.w3c.dom.Element token, javax.security.auth.callback.CallbackHandler cb)
          Check the UsernameToken element.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

UsernameTokenProcessor

public UsernameTokenProcessor()
Method Detail

handleToken

public void handleToken(org.w3c.dom.Element elem,
                        Crypto crypto,
                        Crypto decCrypto,
                        javax.security.auth.callback.CallbackHandler cb,
                        WSDocInfo wsDocInfo,
                        java.util.Vector returnResults,
                        WSSConfig wsc)
                 throws WSSecurityException
Specified by:
handleToken in interface Processor
Throws:
WSSecurityException

handleUsernameToken

public WSUsernameTokenPrincipal handleUsernameToken(org.w3c.dom.Element token,
                                                    javax.security.auth.callback.CallbackHandler cb)
                                             throws WSSecurityException
Check the UsernameToken element. Depending on the password type contained in the element the processing differs. If the password type is password digest (a hashed password) then process the password commpletely here. Use the callback class to get a stored password perform hash algorithm and compare the result with the transmitted password.

If the password is of type password text or any other yet unknown password type the delegate the password validation to the callback class. To do so the security engine hands over all necessary data to the callback class via the WSPasswordCallback object. To distinguish from digested usernam token the usage parameter of WSPasswordCallback is set to USERNAME_TOKEN_UNKNOWN

Parameters:
token - the DOM element that contains the UsernameToken
cb - the refernce to the callback object
Returns:
WSUsernameTokenPrincipal that contain data that an application may use to further validate the password/user combination.
Throws:
WSSecurityException

getId

public java.lang.String getId()
Description copied from interface: Processor
Get the Id of the processoer.

Specified by:
getId in interface Processor
Returns:
The Id string

getUt

public UsernameToken getUt()
Get the processed USernameToken.

Returns:
the ut


Copyright © 2004-2009 Apache Web Services. All Rights Reserved.