001/* 
002    Licensed to the Apache Software Foundation (ASF) under one
003    or more contributor license agreements.  See the NOTICE file
004    distributed with this work for additional information
005    regarding copyright ownership.  The ASF licenses this file
006    to you under the Apache License, Version 2.0 (the
007    "License"); you may not use this file except in compliance
008    with the License.  You may obtain a copy of the License at
009
010       http://www.apache.org/licenses/LICENSE-2.0
011
012    Unless required by applicable law or agreed to in writing,
013    software distributed under the License is distributed on an
014    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015    KIND, either express or implied.  See the License for the
016    specific language governing permissions and limitations
017    under the License.  
018 */
019package org.apache.wiki.auth.login;
020
021import org.apache.wiki.api.core.Engine;
022import org.apache.wiki.auth.UserManager;
023
024import javax.security.auth.callback.Callback;
025import javax.security.auth.callback.CallbackHandler;
026import javax.security.auth.callback.NameCallback;
027import javax.security.auth.callback.PasswordCallback;
028import javax.security.auth.callback.UnsupportedCallbackException;
029import javax.servlet.http.HttpServletRequest;
030import java.io.IOException;
031
032
033/**
034 * Handles logins made from inside the wiki application, rather than via the web container. This handler is instantiated in
035 * {@link org.apache.wiki.auth.AuthenticationManager#login(org.apache.wiki.api.core.Session,HttpServletRequest, String, String)}.
036 * If container-managed authentication is used, the {@link WebContainerCallbackHandler}is used instead. This callback handler is
037 * designed to be used with {@link UserDatabaseLoginModule}.
038 *
039 * @since 2.3
040 */
041public class WikiCallbackHandler implements CallbackHandler {
042
043    private final HttpServletRequest m_request;
044    private final Engine m_engine;
045    private final String m_password;
046    private final String m_username;
047
048    /**
049     *  Create a new callback handler.
050     *
051     * @param engine the Engine
052     * @param request the user's HTTP request. If passed as <code>null</code>, later requests for {@link HttpRequestCallback} will return an UnsupportedCallbackException
053     * @param username the username
054     * @param password the password
055     */
056    public WikiCallbackHandler( final Engine engine, final HttpServletRequest request, final String username, final String password ) {
057        m_request = request;
058        m_engine = engine;
059        m_username = username;
060        m_password = password;
061    }
062
063    /**
064     * @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
065     * 
066     * {@inheritDoc}
067     */
068    @Override public void handle( final Callback[] callbacks ) throws IOException, UnsupportedCallbackException {
069        for( final Callback callback : callbacks ) {
070            if( callback instanceof HttpRequestCallback ) {
071                ( ( HttpRequestCallback )callback ).setRequest( m_request );
072            } else if( callback instanceof WikiEngineCallback ) {
073                ( ( WikiEngineCallback )callback ).setEngine( m_engine );
074            } else if( callback instanceof UserDatabaseCallback ) {
075                ( ( UserDatabaseCallback )callback ).setUserDatabase( m_engine.getManager( UserManager.class ).getUserDatabase() );
076            } else if( callback instanceof NameCallback ) {
077                ( ( NameCallback )callback ).setName( m_username );
078            } else if( callback instanceof PasswordCallback ) {
079                ( ( PasswordCallback )callback ).setPassword( m_password.toCharArray() );
080            } else {
081                throw new UnsupportedCallbackException( callback );
082            }
083        }
084    }
085}