001: /* ====================================================================
002: * The Jcorporate Apache Style Software License, Version 1.2 05-07-2002
003: *
004: * Copyright (c) 1995-2002 Jcorporate Ltd. All rights reserved.
005: *
006: * Redistribution and use in source and binary forms, with or without
007: * modification, are permitted provided that the following conditions
008: * are met:
009: *
010: * 1. Redistributions of source code must retain the above copyright
011: * notice, this list of conditions and the following disclaimer.
012: *
013: * 2. Redistributions in binary form must reproduce the above copyright
014: * notice, this list of conditions and the following disclaimer in
015: * the documentation and/or other materials provided with the
016: * distribution.
017: *
018: * 3. The end-user documentation included with the redistribution,
019: * if any, must include the following acknowledgment:
020: * "This product includes software developed by Jcorporate Ltd.
021: * (http://www.jcorporate.com/)."
022: * Alternately, this acknowledgment may appear in the software itself,
023: * if and wherever such third-party acknowledgments normally appear.
024: *
025: * 4. "Jcorporate" and product names such as "Expresso" must
026: * not be used to endorse or promote products derived from this
027: * software without prior written permission. For written permission,
028: * please contact info@jcorporate.com.
029: *
030: * 5. Products derived from this software may not be called "Expresso",
031: * or other Jcorporate product names; nor may "Expresso" or other
032: * Jcorporate product names appear in their name, without prior
033: * written permission of Jcorporate Ltd.
034: *
035: * 6. No product derived from this software may compete in the same
036: * market space, i.e. framework, without prior written permission
037: * of Jcorporate Ltd. For written permission, please contact
038: * partners@jcorporate.com.
039: *
040: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
041: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
042: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
043: * DISCLAIMED. IN NO EVENT SHALL JCORPORATE LTD OR ITS CONTRIBUTORS
044: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
045: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
046: * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
047: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
048: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
049: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
050: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
051: * SUCH DAMAGE.
052: * ====================================================================
053: *
054: * This software consists of voluntary contributions made by many
055: * individuals on behalf of the Jcorporate Ltd. Contributions back
056: * to the project(s) are encouraged when you make modifications.
057: * Please send them to support@jcorporate.com. For more information
058: * on Jcorporate Ltd. and its products, please see
059: * <http://www.jcorporate.com/>.
060: *
061: * Portions of this software are based upon other open source
062: * products and are subject to their respective licenses.
063: */
064:
065: package com.jcorporate.expresso.core.misc;
066:
067: /**
068: * CookieUtil.java
069: *
070: * Copyright 2000, 2001 Jcorporate Ltd.
071: */
072:
073: import com.jcorporate.expresso.core.security.CryptoManager;
074: import com.jcorporate.expresso.kernel.exception.ChainedException;
075:
076: /**
077: * A utility class for encoding and decoding cookies before sending them
078: * to the browser
079: *
080: * @author Michael Rimov
081: * @since Expresso 3.0
082: */
083: public class CookieUtil {
084:
085: public CookieUtil() {
086: }
087:
088: /**
089: * cookieDecode - given a string, encrypt it to block plaintext snooping
090: * traffic to catch user ids and passwords.
091: *
092: * @param data The data to decrypt.
093: * @return String the decoded string or "" if it doesn't decode.
094: * @throws Exception if there are problems with loading the crypto routines
095: */
096: static public String cookieDecode(String data) throws Exception {
097: try {
098: if (data == null || data.length() == 0
099: || data.equals("NONE")) {
100: return ("");
101: }
102:
103: return CryptoManager.getInstance().getStringEncryption()
104: .decryptString(
105: CookieBase64.decodeNoPadding(URLUTF8Encoder
106: .decode(data)));
107:
108: } catch (com.jcorporate.expresso.kernel.exception.ChainedException ex) {
109: return "";
110: } catch (IllegalArgumentException ex) {
111:
112: //Cookie was bad
113: return ("");
114: } catch (IllegalStateException ise) {
115: return ("");
116: }
117: } /* cookieDecode(String) */
118:
119: /**
120: * cookieEncode - given a string, encrypt it to block plaintext snooping
121: * traffic to catch user ids and passwords. Also Base64 Encodes the
122: * ciphertext so that the result is standard Ascii string handling.
123: *
124: * @param data The data to encrypt.
125: * @return String the encode string or "" if it doesn't encode.
126: * @throws ChainedException if there are problems with loading the crypto routines
127: */
128: static public String cookieEncode(String data)
129: throws ChainedException {
130: if (data == null || data.length() == 0) {
131: return ("");
132: }
133: try {
134: return URLUTF8Encoder
135: .encode(CookieBase64.encodeNoPadding(CryptoManager
136: .getInstance().getStringEncryption()
137: .encryptString(data)));
138: } catch (IllegalArgumentException ex) {
139: return ("");
140: } catch (IllegalStateException ise) {
141: return ("");
142: }
143: } /* cookieEncode(String) */
144:
145: public static void test() {
146: try {
147: String original = "testPassword";
148: String encoded = CookieUtil.cookieEncode(original);
149: System.out.println("Encoded:" + encoded);
150:
151: String decoded = CookieUtil.cookieDecode(encoded);
152:
153: if (original.equals(decoded)) {
154: System.out.println("Decoded correctly");
155: } else {
156: System.out.println("Decode failed: '" + decoded + "'");
157: }
158:
159: original = "yes";
160: encoded = CookieUtil.cookieEncode(original);
161: System.out.println("Encoded:" + encoded);
162: decoded = CookieUtil.cookieDecode(encoded);
163:
164: if (original.equals(decoded)) {
165: System.out.println("Decoded correctly");
166: } else {
167: System.out.println("Decode failed: '" + decoded + "'");
168: }
169:
170: System.out.println("Decoded:'"
171: + CookieUtil.cookieDecode("ZkRLGAfiT7e") + "'");
172: } catch (Exception e) {
173: e.printStackTrace(System.out);
174: }
175: }
176: } /* CookieUtil */
|