Class PasswordValidationCallback

  • All Implemented Interfaces:
    Callback

    public class PasswordValidationCallback
    extends Object
    implements Callback
    Callback for PasswordValidation.

    This callback may be used by an authentication module to employ the password validation facilities of its containing runtime. This Callback would typically be called by a ServerAuthModule during validateRequest processing.

    This callback causes the following actions to be done:

    1. Validate the credentials
    2. If validated set caller principal (conceptually just like CallerPrincipalCallback does)
    3. If validated and groups available set groups (conceptually just like GroupPrincipalCallback does)
    The code below shows a hypothetical example of how a PasswordValidationCallback could be implemented by a Jakarta Authentication implementation provided CallbackHandler:
     
     protected void processPasswordValidation(PasswordValidationCallback pwdCallback) {
    
        // 1. Validate the credentials
        Caller caller = ContainerSpecificStore.validate(pwdCallback.getUsername(), getPassword(pwdCallback));
    
        if (caller != null) {
            // 2. If validated set caller principal, just like CallerPrincipalCallback does
            processCallerPrincipal(new CallerPrincipalCallback(pwdCallback.getSubject(), caller.getCallerPrincipal()));
    
            if (!caller.getGroups().isEmpty()) {
                // 3. If validated and groups available set groups, just like GroupPrincipalCallback does
                processGroupPrincipal(new GroupPrincipalCallback(pwdCallback.getSubject(), caller.getGroupsAsArray()));
            }
    
            pwdCallback.setResult(true);
        }
     }
     
     
    Note that in this example:
    • processCallerPrincipal represents how the CallbackHandler would handle the CallerPrincipalCallback.
    • processGroupPrincipal represents how the CallbackHandler would handle the GroupPrincipalCallback.
    • Caller and ContainerSpecificStore are hypothetical implementation specific types.
    • Constructor Detail

      • PasswordValidationCallback

        public PasswordValidationCallback​(Subject subject,
                                          String username,
                                          char[] password)
        Create a PasswordValidationCallback.
        Parameters:
        subject - The subject for authentication
        username - The username to authenticate
        password - The user's password, which may be null.
    • Method Detail

      • getSubject

        public Subject getSubject()
        Get the subject.
        Returns:
        The subject.
      • getUsername

        public String getUsername()
        Get the username.
        Returns:
        The username.
      • getPassword

        public char[] getPassword()
        Get the password.

        Note that this method returns a reference to the password. If a clone of the array is created it is the caller's responsibility to zero out the password information after it is no longer needed.

        Returns:
        The password, which may be null.
      • clearPassword

        public void clearPassword()
        Clear the password.
      • setResult

        public void setResult​(boolean result)
        Set the authentication result.
        Parameters:
        result - True if authentication succeeded, false otherwise
      • getResult

        public boolean getResult()
        Get the authentication result.
        Returns:
        True if authentication succeeded, false otherwise