Package jakarta.security.auth.message.callback

Class PasswordValidationCallback

  • All Implemented Interfaces:
    javax.security.auth.callback.Callback
    public class PasswordValidationCallback
extends java.lang.Object
implements javax.security.auth.callback.Callback
    Callback for PasswordValidation.

    This callback may be used by an authentication module to employ the password validation facilities of its containing runtime. This Callback would typically be called by a ServerAuthModule during validateRequest processing.

    This callback causes the following actions to be done:

    1. Validate the credentials
    2. If validated set caller principal (conceptually just like CallerPrincipalCallback does)
    3. If validated and groups available set groups (conceptually just like GroupPrincipalCallback does)
    The code below shows a hypothetical example of how a PasswordValidationCallback could be implemented by a Jakarta Authentication implementation provided CallbackHandler: 
     
 protected void processPasswordValidation(PasswordValidationCallback pwdCallback) {

    // 1. Validate the credentials
    Caller caller = ContainerSpecificStore.validate(pwdCallback.getUsername(), getPassword(pwdCallback));

    if (caller != null) {
        // 2. If validated set caller principal, just like CallerPrincipalCallback does
        processCallerPrincipal(new CallerPrincipalCallback(pwdCallback.getSubject(), caller.getCallerPrincipal()));

        if (!caller.getGroups().isEmpty()) {
            // 3. If validated and groups available set groups, just like GroupPrincipalCallback does
            processGroupPrincipal(new GroupPrincipalCallback(pwdCallback.getSubject(), caller.getGroupsAsArray()));
        }

        pwdCallback.setResult(true);
    }
 }
    Note that in this example:
    • processCallerPrincipal represents how the CallbackHandler would handle the CallerPrincipalCallback.
    • processGroupPrincipal represents how the CallbackHandler would handle the GroupPrincipalCallback.
    • Caller and ContainerSpecificStore are hypothetical implementation specific types.

    • Constructor Summary

      Constructors 
      Constructor Description
      PasswordValidationCallback​(javax.security.auth.Subject subject, java.lang.String username, char[] password)
      Create a PasswordValidationCallback.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void clearPassword()
      Clear the password.
      char[] getPassword()
      Get the password.
      boolean getResult()
      Get the authentication result.
      javax.security.auth.Subject getSubject()
      Get the subject.
      java.lang.String getUsername()
      Get the username.
      void setResult​(boolean result)
      Set the authentication result.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • PasswordValidationCallback

        public PasswordValidationCallback​(javax.security.auth.Subject subject,
                                  java.lang.String username,
                                  char[] password)
        Create a PasswordValidationCallback.
        Parameters:
        subject - The subject for authentication
        username - The username to authenticate
        password - The user's password, which may be null.

    • Method Detail

      • getSubject

        public javax.security.auth.Subject getSubject()
        Get the subject.
        Returns:
        The subject.

      • getUsername

        public java.lang.String getUsername()
        Get the username.
        Returns:
        The username.

      • getPassword

        public char[] getPassword()
        Get the password.

        Note that this method returns a reference to the password. If a clone of the array is created it is the caller's responsibility to zero out the password information after it is no longer needed.

        Returns:
        The password, which may be null.

      • clearPassword

        public void clearPassword()
        Clear the password.

      • setResult

        public void setResult​(boolean result)
        Set the authentication result.
        Parameters:
        result - True if authentication succeeded, false otherwise

      • getResult

        public boolean getResult()
        Get the authentication result.
        Returns:
        True if authentication succeeded, false otherwise