werner 2005/05/06 08:30:02
Modified: wss4j/src/org/apache/ws/security
WSUsernameTokenPrincipal.java WSSecurityEngine.java
WSPasswordCallback.java
Log:
Modify handling of usernametoken in case of password
type text or an unknown password type. Delegate password
check to callback handler. See Javadoc for further
explanations.
Revision Changes Path
1.5 +216 -205
ws-fx/wss4j/src/org/apache/ws/security/WSUsernameTokenPrincipal.java
Index: WSUsernameTokenPrincipal.java
===================================================================
RCS file:
/home/cvs/ws-fx/wss4j/src/org/apache/ws/security/WSUsernameTokenPrincipal.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- WSUsernameTokenPrincipal.java 27 Sep 2004 03:48:08 -0000 1.4
+++ WSUsernameTokenPrincipal.java 6 May 2005 15:30:02 -0000 1.5
@@ -1,205 +1,216 @@
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-package org.apache.ws.security;
-
-import java.security.Principal;
-
-/**
- * <p/>
- * This class implements the <code>Principal</code> interface
- * and represents a UsernameToken user.
- * <p/>
- * In addition to the principal's name this principal object
- * also conatins the nonce and created time of the UsernameToken
- * (refer to the OASIS WS Security specification, UsernameToken profile).
- * These values are set only if the password of UsernameToken was
- * of type <code>PasswordDigest</code>.
- * <p/>
- * The <code>equals()</code> method use the prinicipal's nameonly and
- * does not compare nonce or created time.
- * <p/>
- * Modeled according to the example provided by JAAS documentation
- * <p/>
- *
- * @author Davanum Srinivas ([EMAIL PROTECTED]).
- * @author Werner Dittmann ([EMAIL PROTECTED]).
- * @see java.security.Principal
- * @see javax.security.auth.Subject
- */
-public class WSUsernameTokenPrincipal implements Principal,
java.io.Serializable {
-
- /**
- * @serial
- */
- private String name = null;
- private String nonce = null;
- private String password = null;
- private String createdTime = null;
- private boolean digest = false;
-
- /**
- * Create a WSUsernameTokenPrincipal with a WSUsernameToken username.
- * <p/>
- *
- * @param name the WSUsernameToken username for this user.
- * @throws NullPointerException if the <code>name</code>
- * is <code>null</code>.
- */
- public WSUsernameTokenPrincipal(String name, boolean digest) {
- if (name == null)
- throw new NullPointerException("illegal null input");
- this.name = name;
- this.digest = digest;
- }
-
- /**
- * Return the WSUsernameToken username for this
<code>WSUsernameTokenPrincipal</code>.
- * <p/>
- * <p/>
- *
- * @return the WSUsernameToken username for this
<code>WSUsernameTokenPrincipal</code>
- */
- public String getName() {
- return name;
- }
-
- /**
- * Return the WSUsernameToken password type for this
<code>WSUsernameTokenPrincipal</code>.
- * <p/>
- * <p/>
- *
- * @return true if the password type was <code>PassowrdDigest</code>
- */
- public boolean isPasswordDigest() {
- return digest;
- }
-
- /**
- * Set the WSUsernameToken password for this
<code>WSUsernameTokenPrincipal</code>.
- * <p/>
- * <p/>
- *
- * @param password
- */
- public void setPassword(String password) {
- this.password = password;
- }
-
- /**
- * Return the WSUsernameToken password for this
<code>WSUsernameTokenPrincipal</code>.
- * <p/>
- * <p/>
- *
- * @return the WSUsernameToken password for this
<code>WSUsernameTokenPrincipal</code>
- */
- public String getPassword() {
- return password;
- }
-
- /**
- * Set the WSUsernameToken nonce for this
<code>WSUsernameTokenPrincipal</code>.
- * <p/>
- * <p/>
- *
- * @param nonce
- */
- public void setNonce(String nonce) {
- this.nonce = nonce;
- }
-
- /**
- * Return the WSUsernameToken nonce for this
<code>WSUsernameTokenPrincipal</code>.
- * <p/>
- * <p/>
- *
- * @return the WSUsernameToken nonce for this
<code>WSUsernameTokenPrincipal</code>
- */
- public String getNonce() {
- return nonce;
- }
-
- /**
- * Set the WSUsernameToken created time for this
<code>WSUsernameTokenPrincipal</code>.
- * <p/>
- * <p/>
- *
- * @param createdTime
- */
- public void setCreatedTime(String createdTime) {
- this.createdTime = createdTime;
- }
-
- /**
- * Return the WSUsernameToken created time for this
<code>WSUsernameTokenPrincipal</code>.
- * <p/>
- * <p/>
- *
- * @return the WSUsernameToken created time for this
<code>WSUsernameTokenPrincipal</code>
- */
- public String getCreatedTime() {
- return createdTime;
- }
-
- /**
- * Return a string representation of this
<code>WSUsernameTokenPrincipal</code>.
- * <p/>
- * <p/>
- *
- * @return a string representation of this
<code>WSUsernameTokenPrincipal</code>.
- */
- public String toString() {
- return ("WSUsernameTokenPrincipal: " + name);
- }
-
- /**
- * Compares the specified Object with this
<code>WSUsernameTokenPrincipal</code>
- * for equality. Returns true if the given object is also a
- * <code>WSUsernameTokenPrincipal</code> and the two
WSUsernameTokenPrincipals
- * have the same username.
- * <p/>
- * <p/>
- *
- * @param o Object to be compared for equality with this
- * <code>WSUsernameTokenPrincipal</code>.
- * @return true if the specified Object is equal equal to this
- * <code>WSUsernameTokenPrincipal</code>.
- */
- public boolean equals(Object o) {
- if (o == null)
- return false;
- if (this == o)
- return true;
- if (!(o instanceof WSUsernameTokenPrincipal))
- return false;
- WSUsernameTokenPrincipal that = (WSUsernameTokenPrincipal) o;
- if (this.getName().equals(that.getName()))
- return true;
- return false;
- }
-
- /**
- * Return a hash code for this <code>WSUsernameTokenPrincipal</code>.
- * <p/>
- * <p/>
- *
- * @return a hash code for this <code>WSUsernameTokenPrincipal</code>.
- */
- public int hashCode() {
- return name.hashCode();
- }
-}
+/*
+ * Copyright 2003-2004 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.ws.security;
+
+import java.security.Principal;
+
+/**
+ * This class implements the <code>Principal</code> interface and
+ * represents a UsernameToken user.
+ * <p/>In addition to the principal's name
+ * this principal object also conatins the nonce and created time of the
+ * UsernameToken (refer to the OASIS WS Security specification, UsernameToken
+ * profile). These values are set only if the password of UsernameToken was
of
+ * type <code>PasswordDigest</code>.
+ * <p/>Furthermore the password type is
+ * provided to the application. The password type is the string of the type
+ * attribute of the password element inside the username token. Refer to the
+ * OASIS WSS specification for predefined password types. <p/>The
+ * <code>equals()</code> method use the prinicipal's name only and does not
+ * compare nonce or created time.
+ * <p/>Modeled according to the example provided
+ * by JAAS documentation
+ * <p/>
+ *
+ * @author Davanum Srinivas ([EMAIL PROTECTED]).
+ * @author Werner Dittmann ([EMAIL PROTECTED]).
+ * @see java.security.Principal
+ * @see javax.security.auth.Subject
+ */
+public class WSUsernameTokenPrincipal implements Principal,
java.io.Serializable {
+
+ /**
+ * @serial
+ */
+ private String name = null;
+ private String nonce = null;
+ private String password = null;
+ private String createdTime = null;
+ private String passwordType = null;
+ private boolean digest = false;
+
+ /**
+ * Create a WSUsernameTokenPrincipal with a WSUsernameToken username.
+ * <p/>
+ *
+ * @param name the WSUsernameToken username for this user.
+ * @throws NullPointerException if the <code>name</code>
+ * is <code>null</code>.
+ */
+ public WSUsernameTokenPrincipal(String name, boolean digest) {
+ if (name == null)
+ throw new NullPointerException("illegal null input");
+ this.name = name;
+ this.digest = digest;
+ }
+
+ /**
+ * Return the WSUsernameToken username for this
<code>WSUsernameTokenPrincipal</code>.
+ * <p/>
+ * <p/>
+ *
+ * @return the WSUsernameToken username for this
<code>WSUsernameTokenPrincipal</code>
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Return the WSUsernameToken password type for this
<code>WSUsernameTokenPrincipal</code>.
+ * <p/>
+ * <p/>
+ *
+ * @return true if the password type was <code>PassowrdDigest</code>
+ */
+ public boolean isPasswordDigest() {
+ return digest;
+ }
+
+ /**
+ * Set the WSUsernameToken password for this
<code>WSUsernameTokenPrincipal</code>.
+ * <p/>
+ * <p/>
+ *
+ * @param password
+ */
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ /**
+ * Return the WSUsernameToken password for this
<code>WSUsernameTokenPrincipal</code>.
+ * <p/>
+ * <p/>
+ *
+ * @return the WSUsernameToken password for this
<code>WSUsernameTokenPrincipal</code>
+ */
+ public String getPassword() {
+ return password;
+ }
+
+ /**
+ * Set the WSUsernameToken nonce for this
<code>WSUsernameTokenPrincipal</code>.
+ * <p/>
+ * <p/>
+ *
+ * @param nonce
+ */
+ public void setNonce(String nonce) {
+ this.nonce = nonce;
+ }
+
+ /**
+ * Return the WSUsernameToken nonce for this
<code>WSUsernameTokenPrincipal</code>.
+ * <p/>
+ * <p/>
+ *
+ * @return the WSUsernameToken nonce for this
<code>WSUsernameTokenPrincipal</code>
+ */
+ public String getNonce() {
+ return nonce;
+ }
+
+ /**
+ * Set the WSUsernameToken created time for this
<code>WSUsernameTokenPrincipal</code>.
+ * <p/>
+ *
+ * @param createdTime
+ */
+ public void setCreatedTime(String createdTime) {
+ this.createdTime = createdTime;
+ }
+
+ /**
+ * Return the WSUsernameToken created time for this
<code>WSUsernameTokenPrincipal</code>.
+ * <p/>
+ *
+ * @return the WSUsernameToken created time for this
<code>WSUsernameTokenPrincipal</code>
+ */
+ public String getCreatedTime() {
+ return createdTime;
+ }
+
+ /**
+ * Return a string representation of this
<code>WSUsernameTokenPrincipal</code>.
+ * <p/>
+ *
+ * @return a string representation of this
<code>WSUsernameTokenPrincipal</code>.
+ */
+ public String toString() {
+ return ("WSUsernameTokenPrincipal: " + name);
+ }
+
+ /**
+ * @return Returns the passwordType.
+ */
+ public String getPasswordType() {
+ return passwordType;
+ }
+ /**
+ * @param passwordType The passwordType to set.
+ */
+ public void setPasswordType(String passwordType) {
+ this.passwordType = passwordType;
+ }
+ /**
+ * Compares the specified Object with this
<code>WSUsernameTokenPrincipal</code>
+ * for equality. Returns true if the given object is also a
+ * <code>WSUsernameTokenPrincipal</code> and the two
WSUsernameTokenPrincipals
+ * have the same username.
+ * <p/>
+ * <p/>
+ *
+ * @param o Object to be compared for equality with this
+ * <code>WSUsernameTokenPrincipal</code>.
+ * @return true if the specified Object is equal equal to this
+ * <code>WSUsernameTokenPrincipal</code>.
+ */
+ public boolean equals(Object o) {
+ if (o == null)
+ return false;
+ if (this == o)
+ return true;
+ if (!(o instanceof WSUsernameTokenPrincipal))
+ return false;
+ WSUsernameTokenPrincipal that = (WSUsernameTokenPrincipal) o;
+ if (this.getName().equals(that.getName()))
+ return true;
+ return false;
+ }
+
+ /**
+ * Return a hash code for this <code>WSUsernameTokenPrincipal</code>.
+ * <p/>
+ * <p/>
+ *
+ * @return a hash code for this <code>WSUsernameTokenPrincipal</code>.
+ */
+ public int hashCode() {
+ return name.hashCode();
+ }
+}
1.44 +39 -3
ws-fx/wss4j/src/org/apache/ws/security/WSSecurityEngine.java
Index: WSSecurityEngine.java
===================================================================
RCS file:
/home/cvs/ws-fx/wss4j/src/org/apache/ws/security/WSSecurityEngine.java,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- WSSecurityEngine.java 29 Dec 2004 02:04:54 -0000 1.43
+++ WSSecurityEngine.java 6 May 2005 15:30:02 -0000 1.44
@@ -645,8 +645,6 @@
}
} catch (XMLSignatureException e1) {
throw new
WSSecurityException(WSSecurityException.FAILED_CHECK);
- } catch (XMLSecurityException e1) {
- throw new
WSSecurityException(WSSecurityException.FAILED_CHECK);
}
}
@@ -809,16 +807,40 @@
}
}
+ /**
+ * Check the UsernameToken element. Depending on the password type
+ * contained in the element the processing differs. If the password type
+ * is password digest (a hashed password) then process the password
+ * commpletely here. Use the callback class to get a stored password
+ * perform hash algorithm and compare the result with the transmitted
+ * password.
+ * <p/>
+ * If the password is of type password text or any other yet unknown
+ * password type the delegate the password validation to the callback
+ * class. To do so the security engine hands over all necessary data to
+ * the callback class via the WSPasswordCallback object. To distinguish
+ * from digested usernam token the usage parameter of WSPasswordCallback
+ * is set to <code>USERNAME_TOKEN_UNKNOWN</code>
+ *
+ * @param token the DOM element that contains the UsernameToken
+ * @param cb the refernce to the callback object
+ * @return WSUsernameTokenPrincipal that contain data that an application
+ * may use to further validate the password/user combination.
+ * @throws WSSecurityException
+ */
public WSUsernameTokenPrincipal handleUsernameToken(Element token,
CallbackHandler cb) throws WSSecurityException {
UsernameToken ut = new UsernameToken(wssConfig, token);
String user = ut.getName();
String password = ut.getPassword();
String nonce = ut.getNonce();
String createdTime = ut.getCreated();
+ String pwType = ut.getPasswordType();
if (doDebug) {
log.debug("UsernameToken user " + user);
log.debug("UsernameToken password " + password);
}
+
+ Callback[] callbacks = new Callback[1];
if (ut.isHashed()) {
if (cb == null) {
throw new WSSecurityException(WSSecurityException.FAILURE,
@@ -826,7 +848,6 @@
}
WSPasswordCallback pwCb = new WSPasswordCallback(user,
WSPasswordCallback.USERNAME_TOKEN);
- Callback[] callbacks = new Callback[1];
callbacks[0] = pwCb;
try {
cb.handle(callbacks);
@@ -854,11 +875,26 @@
}
}
}
+ else if (cb != null) {
+ WSPasswordCallback pwCb = new WSPasswordCallback(user,
password,
+ pwType,
WSPasswordCallback.USERNAME_TOKEN_UNKNOWN);
+ callbacks[0] = pwCb;
+ try {
+ cb.handle(callbacks);
+ } catch (IOException e) {
+ throw new
WSSecurityException(WSSecurityException.FAILURE,
+ "noPassword", new Object[] {
user });
+ } catch (UnsupportedCallbackException e) {
+ throw new
WSSecurityException(WSSecurityException.FAILURE,
+ "noPassword", new Object[] {
user });
+ }
+ }
WSUsernameTokenPrincipal principal = new
WSUsernameTokenPrincipal(user, ut.isHashed());
principal.setNonce(nonce);
principal.setPassword(password);
principal.setCreatedTime(createdTime);
+ principal.setPasswordType(pwType);
return principal;
}
1.5 +169 -141
ws-fx/wss4j/src/org/apache/ws/security/WSPasswordCallback.java
Index: WSPasswordCallback.java
===================================================================
RCS file:
/home/cvs/ws-fx/wss4j/src/org/apache/ws/security/WSPasswordCallback.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- WSPasswordCallback.java 12 Aug 2004 17:42:09 -0000 1.4
+++ WSPasswordCallback.java 6 May 2005 15:30:02 -0000 1.5
@@ -1,141 +1,169 @@
-/*
- * Copyright 2003-2004 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-package org.apache.ws.security;
-
-import javax.security.auth.callback.Callback;
-
-/**
- * Simple class to provide a password callback mechanism.
- * <p/>
- * It uses the JAAS authentication mechanisms and callback methods.
- * In addition to the identifier (user name) this class also provides
- * information what type of information the callback <code>handle</code>
- * method shall provide.
- * <p/>
- * The <code> WSPasswordCallback</code> class defines the following usage
- * codes:
- * <ul>
- * <li><code>UNKNOWN</code> - an unknown usage. Never used by the WSS4J
- * implementation and shall be treated as an error by the <code>handle
- * </code> method.</li>
- * <li><code>DECRYPT</code> - need a password to get the private key of
- * this identifier (username) from the keystore. WSS4J uses this private
- * key to decrypt the session (symmetric) key. Because the encryption
- * method uses the public key to encrypt the session key it needs no
- * password (a public key is usually not protected by a password).</li>
- * <li><code>USERNAME_TOKEN</code> - need the password to fill in or to
- * verify a <code>UsernameToken</code>.</li>
- * <li><code>SIGNATURE</code> - need the password to get the private key of
- * this identifier (username) from the keystore. WSS4J uses this private
- * key to produce a signature. The signature verfication uses the public
- * key to verfiy the signature.</li>
- * <li><code>KEY_NAME</code> - need the <i>key</i>, not the password,
- * associated with the identifier. WSS4J uses this key to encrypt or
- * decrypt parts of the SOAP request. Note, the key must match the
- * symmetric encryption/decryption algorithm specified (refer to
- * [EMAIL PROTECTED] org.apache.ws.security.handler.WSHandlerConstants#
ENC_SYM_ALGO}).</li>
- * </ul>
- *
- * @author Werner Dittmann ([EMAIL PROTECTED]).
- */
-
-public class WSPasswordCallback implements Callback {
-
- public static final int UNKNOWN = 0;
- public static final int DECRYPT = 1;
- public static final int USERNAME_TOKEN = 2;
- public static final int SIGNATURE = 3;
- public static final int KEY_NAME = 4;
-
- private String identifier;
- private String password;
- private byte[] key;
- private int usage;
-
- /**
- * Constructor.
- *
- * @param id The application called back must supply the password for
- * this identifier.
- */
- public WSPasswordCallback(String id, int usage) {
- identifier = id;
- this.usage = usage;
- }
-
- /**
- * Get the identifier.
- * <p/>
- *
- * @return The identifier
- */
- public String getIdentifer() {
- return identifier;
- }
-
- /**
- * Set the password.
- * <p/>
- *
- * @param passwd is the password associated to the identifier
- */
- public void setPassword(String passwd) {
- password = passwd;
- }
-
- /**
- * Get the password.
- * <p/>
- *
- * @return The password
- */
- public String getPassword() {
- return password;
- }
-
- /**
- * Set the Key.
- * <p/>
- *
- * @param key is the key associated to the identifier
- */
- public void setKey(byte[] key) {
- this.key = key;
- }
-
- /**
- * Get the key.
- * <p/>
- *
- * @return The key
- */
- public byte[] getKey() {
- return this.key;
- }
-
- /**
- * Get the usage.
- * <p/>
- *
- * @return The usage for this callback
- */
- public int getUsage() {
- return usage;
- }
-}
-
+/*
+ * Copyright 2003-2004 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.ws.security;
+
+import javax.security.auth.callback.Callback;
+
+/**
+ * Simple class to provide a password callback mechanism.
+ * <p/>
+ * It uses the JAAS authentication mechanisms and callback methods.
+ * In addition to the identifier (user name) this class also provides
+ * information what type of information the callback <code>handle</code>
+ * method shall provide.
+ * <p/>
+ * The <code> WSPasswordCallback</code> class defines the following usage
+ * codes:
+ * <ul>
+ * <li><code>UNKNOWN</code> - an unknown usage. Never used by the WSS4J
+ * implementation and shall be treated as an error by the <code>handle
+ * </code> method.</li>
+ * <li><code>DECRYPT</code> - need a password to get the private key of
+ * this identifier (username) from the keystore. WSS4J uses this private
+ * key to decrypt the session (symmetric) key. Because the encryption
+ * method uses the public key to encrypt the session key it needs no
+ * password (a public key is usually not protected by a password).</li>
+ * <li><code>USERNAME_TOKEN</code> - need the password to fill in or to
+ * verify a <code>UsernameToken</code>.</li>
+ * <li><code>SIGNATURE</code> - need the password to get the private key of
+ * this identifier (username) from the keystore. WSS4J uses this private
+ * key to produce a signature. The signature verfication uses the public
+ * key to verfiy the signature.</li>
+ * <li><code>KEY_NAME</code> - need the <i>key</i>, not the password,
+ * associated with the identifier. WSS4J uses this key to encrypt or
+ * decrypt parts of the SOAP request. Note, the key must match the
+ * symmetric encryption/decryption algorithm specified (refer to
+ * [EMAIL PROTECTED] org.apache.ws.security.handler.WSHandlerConstants#
ENC_SYM_ALGO}).</li>
+ * * <li><code>USERNAME_TOKEN_UNKNOWN</code> - either an not specified
+ * password type or a password type passwordText. In these both cases
<b>only</b>
+ * the password variable is <b>set</>. The callback class now may check if
+ * the username and password match. If they don't match the callback class
must
+ * throw an exception. The exception can be a UnsupportedCallbackException or
+ * an IOException.</li>
+ * </ul>
+ *
+ * @author Werner Dittmann ([EMAIL PROTECTED]).
+ */
+
+public class WSPasswordCallback implements Callback {
+
+ public static final int UNKNOWN = 0;
+ public static final int DECRYPT = 1;
+ public static final int USERNAME_TOKEN = 2;
+ public static final int SIGNATURE = 3;
+ public static final int KEY_NAME = 4;
+ public static final int USERNAME_TOKEN_UNKNOWN = 5;
+
+ private String identifier;
+ private String password;
+ private byte[] key;
+ private int usage;
+ private String passwordType;
+
+ /**
+ * Constructor.
+ *
+ * @param id The application called back must supply the password for
+ * this identifier.
+ */
+ public WSPasswordCallback(String id, int usage) {
+ this(id, null, null, usage);
+ }
+
+ /**
+ * Constructor.
+ *
+ * @param id The application called back must supply the password for
+ * this identifier.
+ */
+ public WSPasswordCallback(String id, String pw, String type, int usage) {
+ identifier = id;
+ password = pw;
+ passwordType = type;
+ this.usage = usage;
+ }
+ /**
+ * Get the identifier.
+ * <p/>
+ *
+ * @return The identifier
+ */
+ public String getIdentifer() {
+ return identifier;
+ }
+
+ /**
+ * Set the password.
+ * <p/>
+ *
+ * @param passwd is the password associated to the identifier
+ */
+ public void setPassword(String passwd) {
+ password = passwd;
+ }
+
+ /**
+ * Get the password.
+ * <p/>
+ *
+ * @return The password
+ */
+ public String getPassword() {
+ return password;
+ }
+
+ /**
+ * Set the Key.
+ * <p/>
+ *
+ * @param key is the key associated to the identifier
+ */
+ public void setKey(byte[] key) {
+ this.key = key;
+ }
+
+ /**
+ * Get the key.
+ * <p/>
+ *
+ * @return The key
+ */
+ public byte[] getKey() {
+ return this.key;
+ }
+
+ /**
+ * Get the usage.
+ * <p/>
+ *
+ * @return The usage for this callback
+ */
+ public int getUsage() {
+ return usage;
+ }
+ /**
+ * The password type is only relevant for usage
<code>USERNAME_TOKEN</code>
+ * and <code>USERNAME_TOKEN_UNKNOWN</code>.
+ *
+ * @return Returns the passwordType.
+ */
+ public String getPasswordType() {
+ return passwordType;
+ }
+}
+
