Class PasswordValidationCallback

java.lang.Object
jakarta.security.auth.message.callback.PasswordValidationCallback
All Implemented Interfaces:
Callback

public class PasswordValidationCallback extends Object implements Callback
Callback for PasswordValidation.

This callback may be used by an authentication module to employ the password validation facilities of its containing runtime. This Callback would typically be called by a ServerAuthModule during validateRequest processing.

This callback causes the following actions to be done:

  1. Validate the credentials
  2. If validated set caller principal (conceptually just like CallerPrincipalCallback does)
  3. If validated and groups available set groups (conceptually just like GroupPrincipalCallback does)
The code below shows a hypothetical example of how a PasswordValidationCallback could be implemented by a Jakarta Authentication implementation provided CallbackHandler:
 
 protected void processPasswordValidation(PasswordValidationCallback pwdCallback) {

    // 1. Validate the credentials
    Caller caller = ContainerSpecificStore.validate(pwdCallback.getUsername(), getPassword(pwdCallback));

    if (caller != null) {
        // 2. If validated set caller principal, just like CallerPrincipalCallback does
        processCallerPrincipal(new CallerPrincipalCallback(pwdCallback.getSubject(), caller.getCallerPrincipal()));

        if (!caller.getGroups().isEmpty()) {
            // 3. If validated and groups available set groups, just like GroupPrincipalCallback does
            processGroupPrincipal(new GroupPrincipalCallback(pwdCallback.getSubject(), caller.getGroupsAsArray()));
        }

        pwdCallback.setResult(true);
    }
 }
 
 
Note that in this example:
  • processCallerPrincipal represents how the CallbackHandler would handle the CallerPrincipalCallback.
  • processGroupPrincipal represents how the CallbackHandler would handle the GroupPrincipalCallback.
  • Caller and ContainerSpecificStore are hypothetical implementation specific types.
  • Constructor Details

    • PasswordValidationCallback

      public PasswordValidationCallback(Subject subject, String username, char[] password)
      Create a PasswordValidationCallback.
      Parameters:
      subject - The subject for authentication
      username - The username to authenticate
      password - The user's password, which may be null.
  • Method Details

    • getSubject

      public Subject getSubject()
      Get the subject.
      Returns:
      The subject.
    • getUsername

      public String getUsername()
      Get the username.
      Returns:
      The username.
    • getPassword

      public char[] getPassword()
      Get the password.

      Note that this method returns a reference to the password. If a clone of the array is created it is the caller's responsibility to zero out the password information after it is no longer needed.

      Returns:
      The password, which may be null.
    • clearPassword

      public void clearPassword()
      Clear the password.
    • setResult

      public void setResult(boolean result)
      Set the authentication result.
      Parameters:
      result - True if authentication succeeded, false otherwise
    • getResult

      public boolean getResult()
      Get the authentication result.
      Returns:
      True if authentication succeeded, false otherwise