IBM WebSphere Application ServerTM
Release 8

com.ibm.wsspi.wssecurity.auth.callback
Class TokenPropagationCallbackHandler

java.lang.Object
  extended by com.ibm.wsspi.wssecurity.auth.callback.TokenPropagationCallbackHandler
All Implemented Interfaces:
javax.security.auth.callback.CallbackHandler

public class TokenPropagationCallbackHandler
extends java.lang.Object
implements javax.security.auth.callback.CallbackHandler

The TokenPropagationCallbackHandler allows gathering the Web services security context and token list and passes them to the login module.

Supported Callbacks:

Since:
1.0
Version:
1.0
See Also:
CallbackHandler

Constructor Summary
TokenPropagationCallbackHandler(byte[] credToken)
           Push Credential Token to login module.
TokenPropagationCallbackHandler(byte[] credToken, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, java.util.Map appContext)
           Push Credential Token to login module.
TokenPropagationCallbackHandler(byte[] credToken, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, java.util.Map appContext, java.util.List tokenHolderList)
           Push Credential Token to login module.
TokenPropagationCallbackHandler(byte[] credToken, java.util.List tokenHolderList)
           Received a set of TokenHolder objects, plus a byte array from the authentication layer.
TokenPropagationCallbackHandler(java.util.Map context, java.util.List tokenHolderList)
           Push the Web services security context and token holder list to the login module.
TokenPropagationCallbackHandler(java.util.Map context, java.util.List tokenHolderList, byte[] credBytes)
           Push the Web services security context and token holder list to the login module.
TokenPropagationCallbackHandler(java.util.Map context, java.lang.Object policy)
           Push the Web services security context to the login module.
TokenPropagationCallbackHandler(java.lang.Object policy)
           Received a protocol policy object, for an outbound request.
TokenPropagationCallbackHandler(java.lang.String userName, java.lang.String password)
           Push the username and password to login module.
TokenPropagationCallbackHandler(java.lang.String userName, java.lang.String realmName, java.util.List tokenHolderList)
           Received a set of TokenHolder objects, plus a user name from identity assertion.
TokenPropagationCallbackHandler(java.lang.String userName, java.lang.String realmName, java.lang.String password)
           Push the username and password to login module.
TokenPropagationCallbackHandler(java.lang.String userName, java.lang.String realmName, java.lang.String password, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, java.util.Map appContext)
           Push the username and password to login module.
TokenPropagationCallbackHandler(java.lang.String userName, java.lang.String realmName, java.lang.String password, java.util.List tokenHolderList)
           Push the username and password to login module.
TokenPropagationCallbackHandler(java.lang.String realmName, java.security.cert.X509Certificate[] chain)
           Push the X509Certificate chain to login module.
TokenPropagationCallbackHandler(java.lang.String realmName, java.security.cert.X509Certificate[] chain, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, java.util.Map appContext)
           Push the X509CertificateChain to login module.
TokenPropagationCallbackHandler(java.lang.String realmName, java.security.cert.X509Certificate[] chain, java.util.List tokenHolderList)
           Push the X509CertificateChain to login module.
 
Method Summary
 void handle(javax.security.auth.callback.Callback[] callbacks)
           This implementation of CallbackHandler pushes the data specified in the constructor to the login module.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.util.Map context,
                                       java.lang.Object policy)

Push the Web services security context to the login module.

Parameters:
context - The Web services security context Map.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.util.Map context,
                                       java.util.List tokenHolderList)

Push the Web services security context and token holder list to the login module.

Parameters:
context - The Web services security context Map.
tokenHolderList - The list of TokenHolders

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.util.Map context,
                                       java.util.List tokenHolderList,
                                       byte[] credBytes)

Push the Web services security context and token holder list to the login module.

Parameters:
context - The Web services security context Map.
tokenHolderList - The list of TokenHolders
credBytes - The credential token.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.lang.String userName,
                                       java.lang.String password)

Push the username and password to login module.

Parameters:
userName - The user name of the principal.
password - The password in clear text.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.lang.String userName,
                                       java.lang.String realmName,
                                       java.lang.String password)

Push the username and password to login module. The realmName is not used.

If the realm name is IBM reserved for future, and it is not used in this release. The realm name is determined by the runtime, this constructor is same as TokenPropagationCallbackHandler(String userName, String password). The realm name is ignored in this release, please use TokenPropagationCallbackHandler(String userName, String password) instead.

Parameters:
userName - The user name of the principal.
realmName - The realm name (IBM reserved for future, not used in this release).
password - The password in clear text.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.lang.String userName,
                                       java.lang.String realmName,
                                       java.lang.String password,
                                       java.util.List tokenHolderList)

Push the username and password to login module. The realmName is not used.

If the realm name is IBM reserved for future, and it is not used in this release. The realm name is determined by the runtime, this constructor is same as TokenPropagationCallbackHandler(String userName, String password). The realm name is ignored in this release, please use TokenPropagationCallbackHandler(String userName, String password) instead.

Parameters:
userName - The user name of the principal.
realmName - The realm name (IBM reserved for future, not used in this release).
password - The password in clear text.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.lang.String userName,
                                       java.lang.String realmName,
                                       java.lang.String password,
                                       javax.servlet.http.HttpServletRequest req,
                                       javax.servlet.http.HttpServletResponse resp,
                                       java.util.Map appContext)

Push the username and password to login module. The realmName is not used. Added appContextand containerContext to siupport SSO.

If the realm name is IBM reserved for future, and it is not used in this release. The realm name is determined by the runtime, this constructor is same as TokenPropagationCallbackHandler(String userName, String password). The realm name is ignored in this release, please use TokenPropagationCallbackHandler(String userName, String password) instead.

Parameters:
userName - The user name of the principal.
realmName - The realm name (IBM reserved for future, not used in this release).
password - The password in clear text.
req - The HttpServletRequest object.
resp - The HttpServletResponse object.
appContext - The application context.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(byte[] credToken)

Push Credential Token to login module. The Credential Token should be treated as an opaque object. The credential token must be in the format recognized by WebSphere Secure Association Service.

Parameters:
credToken - The credential token.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(byte[] credToken,
                                       javax.servlet.http.HttpServletRequest req,
                                       javax.servlet.http.HttpServletResponse resp,
                                       java.util.Map appContext)

Push Credential Token to login module. The Credential Token should be treated as an opaque object. The credential token must be in the format recognized by WebSphere Secure Association Service. Passed in application Context and container context to support SSO.

Parameters:
credToken - The credential token.
req - The HttpServletRequest object.
resp - The HttpServletResponse object.
appContext - The application context.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(byte[] credToken,
                                       javax.servlet.http.HttpServletRequest req,
                                       javax.servlet.http.HttpServletResponse resp,
                                       java.util.Map appContext,
                                       java.util.List tokenHolderList)

Push Credential Token to login module. The Credential Token should be treated as an opaque object. The credential token must be in the format recognized by WebSphere Secure Association Service. Passed in application Context and container context to support SSO.

Parameters:
credToken - The credential token.
req - The HttpServletRequest object.
resp - The HttpServletResponse object.
appContext - The application context.
tokenHolderList - The propagation token holders

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(byte[] credToken,
                                       java.util.List tokenHolderList)

Received a set of TokenHolder objects, plus a byte array from the authentication layer. The TokenHolder objects are created from the opaque authorization token.

Parameters:
credToken - The credential token.
List - tokenHolderList The list of TokenHolders.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.lang.String userName,
                                       java.lang.String realmName,
                                       java.util.List tokenHolderList)

Received a set of TokenHolder objects, plus a user name from identity assertion. The TokenHolder objects are created from the opaque authorization token.

Parameters:
userName - The user's asserted identity
List - tokenHolderList The list of TokenHolders.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.lang.Object policy)

Received a protocol policy object, for an outbound request. This can be used for mapping and/or security attribute propagation.

Parameters:
policy - Object

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.lang.String realmName,
                                       java.security.cert.X509Certificate[] chain)

Push the X509Certificate chain to login module. The realmName is not used.

If the realm name is IBM reserved for future, and it is not used in this release.

Parameters:
realmName - The realm name (IBM reserved for future, not used in this release).
chain - The X509Certificate[] from the transport.

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.lang.String realmName,
                                       java.security.cert.X509Certificate[] chain,
                                       java.util.List tokenHolderList)

Push the X509CertificateChain to login module. The realmName is not used.

Parameters:
realmName - - The realm name (IBM reserved for future, not used in this release).
chain - - The X509CertificateChain provided by the transport.
tokenHolderList - - Additional information from propagation

TokenPropagationCallbackHandler

public TokenPropagationCallbackHandler(java.lang.String realmName,
                                       java.security.cert.X509Certificate[] chain,
                                       javax.servlet.http.HttpServletRequest req,
                                       javax.servlet.http.HttpServletResponse resp,
                                       java.util.Map appContext)

Push the X509CertificateChain to login module. The realmName is not used. Added appContext and containerContext to support SSO.

Parameters:
realmName - The realm name (IBM reserved for future, not used in this release).
chain - The X509CertificateChain
req - The HttpServletRequest object.
resp - The HttpServletResponse object.
appContext - The application context.
Method Detail

handle

public void handle(javax.security.auth.callback.Callback[] callbacks)
            throws java.io.IOException,
                   javax.security.auth.callback.UnsupportedCallbackException

This implementation of CallbackHandler pushes the data specified in the constructor to the login module.

Specified by:
handle in interface javax.security.auth.callback.CallbackHandler
Parameters:
callbacks - An array of Callback objects provided by the underlying security service which contains the information requested to be retrieved or displayed.
Throws:
java.io.IOException - If an input or output error occurs.
javax.security.auth.callback.UnsupportedCallbackException - If the implementation of this method does not support one or more of the Callbacks specified in the callbacks parameter.

IBM WebSphere Application ServerTM
Release 8