4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * The contents of this file are subject to the terms
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * of the Common Development and Distribution License
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * (the License). You may not use this file except in
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * compliance with the License.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * You can obtain a copy of the License at
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * See the License for the specific language governing
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * permission and limitations under the License.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * When distributing Covered Code, include this CDDL
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * Header Notice in each file and include the License file
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * If applicable, add the following below the CDDL Header,
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * with the fields enclosed by brackets [] replaced by
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * your own identifying information:
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * "Portions Copyrighted [year] [name of copyright owner]"
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * $Id: PlainMechanismHandler.java,v 1.6 2008/08/06 17:29:24 exu Exp $
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterpackage com.sun.identity.liberty.ws.authnsvc.mechanism;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport javax.security.auth.callback.NameCallback;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport javax.security.auth.callback.PasswordCallback;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.shared.configuration.SystemPropertiesManager;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.authentication.AuthContext;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.authentication.spi.AuthLoginException;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.liberty.ws.authnsvc.AuthnSvcConstants;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.liberty.ws.authnsvc.AuthnSvcService;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.liberty.ws.authnsvc.AuthnSvcUtils;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.liberty.ws.authnsvc.protocol.SASLRequest;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.liberty.ws.authnsvc.protocol.SASLResponse;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterimport com.sun.identity.liberty.ws.soapbinding.Message;
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * The <code>PlainMechanismHandler</code> is a handler for 'PLAIN'
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * mechanism.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Fosterpublic class PlainMechanismHandler implements MechanismHandler {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public static Debug debug = Debug.getInstance("libIDWSF");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * Generates a SASL response according to the SASL request.
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * @param saslReq a SASL request
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * @param message a SOAP Message containing the SASL request
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * @param respMessageID messageID of SOAP Message response that will
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * contain returned SASL response
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster * @return a SASL response
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster public SASLResponse processSASLRequest(SASLRequest saslReq,
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.message("PlainMechanismHandler.processSASLRequest: ");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String refToMessageID = saslReq.getRefToMessageID();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster boolean isFirstRequest = (refToMessageID == null ||
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.message("PlainMechanismHandler.processSASLRequest: " +
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster saslResp = new SASLResponse(SASLResponse.CONTINUE);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster saslResp.setServerMechanism(AuthnSvcConstants.MECHANISM_PLAIN);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster saslResp = new SASLResponse(SASLResponse.ABORT);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error("PlainMechanismHandler.processSASLRequest: ", ex);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster saslResp = new SASLResponse(SASLResponse.ABORT);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster saslResp.setServerMechanism(AuthnSvcConstants.MECHANISM_PLAIN);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private SASLResponse authenticate(String data, Message message) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster int indexNul2 = data.indexOf('\0', indexNul + 1);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String authnID = data.substring(indexNul + 1, indexNul2);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String password = data.substring(indexNul2 + 1);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.message("PlainMechanismHandler.authenticate: " +
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster "authzID = " + authzID + ", authnID = " + authnID);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster AuthnSvcService.getPlainMechanismAuthenticationModule();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.message("PlainMechanismHandler.authenticate: " +
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster authContext = new AuthContext(SMSEntry.getRootSuffix());
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster authContext.login(AuthContext.IndexType.MODULE_INSTANCE,
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error("PlainMechanismHandler.authenticate: ", le);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster Callback[] callbacks = authContext.getRequirements();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster AuthContext.Status loginStatus = authContext.getStatus();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster "PlainMechanismHandler.authenticate: login status = " +
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (loginStatus != AuthContext.Status.SUCCESS) {
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster String userDN = token.getPrincipal().getName();
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster SASLResponse saslResp = new SASLResponse(SASLResponse.OK);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster SSOTokenManager.getInstance().destroyToken(token);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster if (!AuthnSvcUtils.setResourceOfferingAndCredentials(
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.error("PlainMechanismHandler.authenticate: ", ex);
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster private static void fillInCallbacks(Callback[] callbacks,
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster debug.message("PlainMechanismHandler.fillInCallbacks:");
4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1cAllan Foster } else if (callback instanceof PasswordCallback) {