VerifyPasswordCallback.java 2.73 KB
Newer Older
1 2 3 4 5
/**
 * $RCSfile$
 * $Revision: $
 * $Date: $
 *
6
 * Copyright (C) 2004-2008 Jive Software. All rights reserved.
7
 *
8 9 10 11 12 13 14 15 16 17 18
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95
 */

package org.jivesoftware.openfire.sasl;

import javax.security.auth.callback.Callback;

import java.io.Serializable;


/**
 * This callback isused by SaslServer to determine if a password supplied by a 
 * client is verified.
 * Under most circumstances the PasswordCallback should be used instead, but its
 * use requires the underlying sercurity services have access to the stored password
 * to perform a comparison.
 * The security service provider instantiate and pass a VerifyPasswordCallback to the
 * handle method of a CallbackHandler to verify password information.
 *
 * @see javax.security.auth.callback.PasswordCallback
 * @see javax.security.auth.callback.CallbackHandler
 * @author Jay Kline
 */

public class VerifyPasswordCallback implements Callback, Serializable {

    private static final long serialVersionUID = -6393402725550707836L;

    private char[] password;

    private boolean verified;

    /**
     * Construct a <code>VerifyPasswordCallback</code>.
     * @param password the password to verify.
     */
    public VerifyPasswordCallback(char[] password) {
        this.password = (password == null ? null : (char[])password.clone());
        this.verified = false;
    }

    /**
     * Get the retrieved password.
     * @return the retrieved password, which may be null.
     */
    public char[] getPassword() {
        return (password == null ? null : (char[])password.clone());
    }

    /**
     * Clear the retrieved password.
     */
    public void clearPassword() {
        if (password != null) {
            for (int i = 0; i < password.length; i++) {
                password[i] = ' ';
            }
            password = null;
        }
    }

    /**
     * Indicate if this password is verified.
     * @param verified true if the password is verified; false otherwise
     */
    public void setVerified(boolean verified) {
        this.verified = verified;
    }

    /**
     * Determines wether the password is verified.
     * @return true if the password is verified; false otherwise
     */
    public boolean getVerified() {
        return verified;
    }

}