Module jakarta.security.auth.message

Package jakarta.security.auth.message.callback

Class PasswordValidationCallback

java.lang.Object

jakarta.security.auth.message.callback.PasswordValidationCallback

All Implemented Interfaces:

Callback

public class PasswordValidationCallback
extends Object
implements Callback

Callback for PasswordValidation.

This callback may be used by an authentication module to employ the password validation facilities of its containing runtime. This Callback would typically be called by a ServerAuthModule during validateRequest processing.

This callback causes the following actions to be done:

1. Validate the credentials
2. If validated set caller principal (conceptually just like CallerPrincipalCallback does)
3. If validated and groups available set groups (conceptually just like GroupPrincipalCallback does)

The code below shows a hypothetical example of how a PasswordValidationCallback could be implemented by a Jakarta Authentication implementation provided CallbackHandler:

 
 protected void processPasswordValidation(PasswordValidationCallback pwdCallback) {

    // 1. Validate the credentials
    Caller caller = ContainerSpecificStore.validate(pwdCallback.getUsername(), getPassword(pwdCallback));

    if (caller != null) {
        // 2. If validated set caller principal, just like CallerPrincipalCallback does
        processCallerPrincipal(new CallerPrincipalCallback(pwdCallback.getSubject(), caller.getCallerPrincipal()));

        if (!caller.getGroups().isEmpty()) {
            // 3. If validated and groups available set groups, just like GroupPrincipalCallback does
            processGroupPrincipal(new GroupPrincipalCallback(pwdCallback.getSubject(), caller.getGroupsAsArray()));
        }

        pwdCallback.setResult(true);
    }
 }
 
 

Note that in this example:

• processCallerPrincipal represents how the CallbackHandler would handle the CallerPrincipalCallback.
• processGroupPrincipal represents how the CallbackHandler would handle the GroupPrincipalCallback.
• Caller and ContainerSpecificStore are hypothetical implementation specific types.

Constructor Summary

Constructors

Constructor	Description
PasswordValidationCallback(Subject subject, String username, char[] password)	Create a PasswordValidationCallback.

Method Summary

Modifier and Type	Method	Description
void	clearPassword()	Clear the password.
char[]	getPassword()	Get the password.
boolean	getResult()	Get the authentication result.
Subject	getSubject()	Get the subject.
String	getUsername()	Get the username.
void	setResult(boolean result)	Set the authentication result.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

PasswordValidationCallback

public PasswordValidationCallback(Subject subject,
 String username,
 char[] password)

Create a PasswordValidationCallback.

Parameters:

subject - The subject for authentication

username - The username to authenticate

password - The user's password, which may be null.

Method Details

getSubject

public Subject getSubject()

Get the subject.

Returns:

The subject.

getUsername

public String getUsername()

Get the username.

Returns:

The username.

getPassword

public char[] getPassword()

Get the password.

Note that this method returns a reference to the password. If a clone of the array is created it is the caller's responsibility to zero out the password information after it is no longer needed.

Returns:

The password, which may be null.

clearPassword

public void clearPassword()

Clear the password.

setResult

public void setResult(boolean result)

Set the authentication result.

Parameters:

result - True if authentication succeeded, false otherwise

getResult

public boolean getResult()

Get the authentication result.

Returns:

True if authentication succeeded, false otherwise