CramMD5MechanismHandler.java revision 4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1c
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the Common Development and Distribution License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (the License). You may not use this file except in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compliance with the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * See the License for the specific language governing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Code, include this CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header Notice in each file and include the License file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If applicable, add the following below the CDDL Header,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the fields enclosed by brackets [] replaced by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * your own identifying information:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * $Id: CramMD5MechanismHandler.java,v 1.8 2008/12/16 20:54:03 hengming Exp $
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpackage com.sun.identity.liberty.ws.authnsvc.mechanism;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport javax.security.auth.callback.NameCallback;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport javax.security.auth.callback.PasswordCallback;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.common.PeriodicCleanUpMap;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.idm.AMIdentityRepository;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.security.AdminTokenAction;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.shared.configuration.SystemPropertiesManager;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.authentication.AuthContext;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.authentication.spi.AuthLoginException;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.liberty.ws.authnsvc.AuthnSvcConstants;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.liberty.ws.authnsvc.AuthnSvcService;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.liberty.ws.authnsvc.AuthnSvcUtils;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.liberty.ws.authnsvc.protocol.SASLRequest;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.liberty.ws.authnsvc.protocol.SASLResponse;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.liberty.ws.soapbinding.Message;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The <code>CramMD5MechanismHandler</code> is a handler for 'CRAM-MD5'
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * mechanism.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpublic class CramMD5MechanismHandler implements MechanismHandler {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static Debug debug = Debug.getInstance("libIDWSF");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static final String PROP_SERVER_HOST = "com.iplanet.am.server.host";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static final String serverHost = SystemPropertiesManager.get(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static final int MAX_RANDOM_NUM = 9999;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static final int NUM_RANDOM_DIGITS =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static final String ATTR_USER_PASSWORD = "userPassword";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static final String COMP_AUTHN_SVC = "authnsvc";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The block length in characters used in generating an HMAC-MD5 digest.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * table to convert a nibble to a hex char.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static char[] hexChar = { '0' , '1' , '2' , '3' ,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static SecureRandom secureRandom = new SecureRandom();
if (isFirstRequest) {
if (isFirstRequest) {
return saslResp;
return saslResp;
private static byte[] generateChallenge() {
return null;
return null;
return null;
return null;
return password;
return null;
byte[] challengeBytes)
throws NoSuchAlgorithmException