1 /* 2 * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.net.www.protocol.http.spnego; 27 28 import java.io.IOException; 29 import java.net.Authenticator; 30 import java.net.PasswordAuthentication; 31 import java.util.Arrays; 32 import javax.security.auth.callback.Callback; 33 import javax.security.auth.callback.CallbackHandler; 34 import javax.security.auth.callback.NameCallback; 35 import javax.security.auth.callback.PasswordCallback; 36 import javax.security.auth.callback.UnsupportedCallbackException; 37 import sun.net.www.protocol.http.HttpCallerInfo; 38 import sun.security.jgss.LoginConfigImpl; 39 40 /** 41 * @since 1.6 42 * Special callback handler used in JGSS for the HttpCaller. 43 */ 44 public class NegotiateCallbackHandler implements CallbackHandler { 45 46 private String username; 47 private char[] password; 48 49 /** 50 * Authenticator asks for username and password in a single prompt, 51 * but CallbackHandler checks one by one. So, no matter which callback 52 * gets handled first, make sure Authenticator is only called once. 53 */ 54 private boolean answered; 55 56 private final HttpCallerInfo hci; 57 NegotiateCallbackHandler(HttpCallerInfo hci)58 public NegotiateCallbackHandler(HttpCallerInfo hci) { 59 this.hci = hci; 60 } 61 getAnswer()62 private void getAnswer() { 63 if (!answered) { 64 answered = true; 65 Authenticator auth; 66 if (hci.authenticator != null) { 67 auth = hci.authenticator; 68 } else { 69 auth = LoginConfigImpl.HTTP_USE_GLOBAL_CREDS ? 70 Authenticator.getDefault() : null; 71 } 72 73 if (auth != null) { 74 PasswordAuthentication passAuth = 75 auth.requestPasswordAuthenticationInstance( 76 hci.host, hci.addr, hci.port, hci.protocol, 77 hci.prompt, hci.scheme, hci.url, hci.authType); 78 /** 79 * To be compatible with existing callback handler implementations, 80 * when the underlying Authenticator is canceled, username and 81 * password are assigned null. No exception is thrown. 82 */ 83 if (passAuth != null) { 84 username = passAuth.getUserName(); 85 password = passAuth.getPassword(); 86 } 87 } 88 } 89 } 90 handle(Callback[] callbacks)91 public void handle(Callback[] callbacks) throws 92 UnsupportedCallbackException, IOException { 93 for (int i=0; i<callbacks.length; i++) { 94 Callback callBack = callbacks[i]; 95 96 if (callBack instanceof NameCallback) { 97 getAnswer(); 98 ((NameCallback)callBack).setName(username); 99 } else if (callBack instanceof PasswordCallback) { 100 getAnswer(); 101 ((PasswordCallback)callBack).setPassword(password); 102 if (password != null) Arrays.fill(password, ' '); 103 } else { 104 throw new UnsupportedCallbackException(callBack, 105 "Call back not supported"); 106 } 107 } 108 } 109 } 110