| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package org.apache.kafka.common.security.plain.internals; |
| |
| import org.apache.kafka.common.security.JaasContext; |
| import org.apache.kafka.common.security.auth.AuthenticateCallbackHandler; |
| import org.apache.kafka.common.KafkaException; |
| import org.apache.kafka.common.security.plain.PlainAuthenticateCallback; |
| import org.apache.kafka.common.security.plain.PlainLoginModule; |
| import org.apache.kafka.common.utils.Utils; |
| |
| import java.io.IOException; |
| import java.util.List; |
| import java.util.Map; |
| |
| import javax.security.auth.callback.Callback; |
| import javax.security.auth.callback.NameCallback; |
| import javax.security.auth.callback.UnsupportedCallbackException; |
| import javax.security.auth.login.AppConfigurationEntry; |
| |
| public class PlainServerCallbackHandler implements AuthenticateCallbackHandler { |
| |
| private static final String JAAS_USER_PREFIX = "user_"; |
| private List<AppConfigurationEntry> jaasConfigEntries; |
| |
| @Override |
| public void configure(Map<String, ?> configs, String mechanism, List<AppConfigurationEntry> jaasConfigEntries) { |
| this.jaasConfigEntries = jaasConfigEntries; |
| } |
| |
| @Override |
| public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { |
| String username = null; |
| for (Callback callback: callbacks) { |
| if (callback instanceof NameCallback) |
| username = ((NameCallback) callback).getDefaultName(); |
| else if (callback instanceof PlainAuthenticateCallback) { |
| PlainAuthenticateCallback plainCallback = (PlainAuthenticateCallback) callback; |
| boolean authenticated = authenticate(username, plainCallback.password()); |
| plainCallback.authenticated(authenticated); |
| } else |
| throw new UnsupportedCallbackException(callback); |
| } |
| } |
| |
| protected boolean authenticate(String username, char[] password) throws IOException { |
| if (username == null) |
| return false; |
| else { |
| String expectedPassword = JaasContext.configEntryOption(jaasConfigEntries, |
| JAAS_USER_PREFIX + username, |
| PlainLoginModule.class.getName()); |
| return expectedPassword != null && Utils.isEqualConstantTime(password, expectedPassword.toCharArray()); |
| } |
| } |
| |
| @Override |
| public void close() throws KafkaException { |
| } |
| |
| } |