01: /*
02: * Licensed to the Apache Software Foundation (ASF) under one or more
03: * contributor license agreements. See the NOTICE file distributed with
04: * this work for additional information regarding copyright ownership.
05: * The ASF licenses this file to You under the Apache License, Version 2.0
06: * (the "License"); you may not use this file except in compliance with
07: * the License. You may obtain a copy of the License at
08: *
09: * http://www.apache.org/licenses/LICENSE-2.0
10: *
11: * Unless required by applicable law or agreed to in writing, software
12: * distributed under the License is distributed on an "AS IS" BASIS,
13: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14: * See the License for the specific language governing permissions and
15: * limitations under the License.
16: */
17: package org.apache.jetspeed.security.spi.impl;
18:
19: import java.security.MessageDigest;
20: import java.security.NoSuchAlgorithmException;
21:
22: import org.apache.commons.codec.binary.Base64;
23: import org.apache.jetspeed.security.SecurityException;
24: import org.apache.jetspeed.security.spi.CredentialPasswordEncoder;
25:
26: /**
27: * <p>
28: * MessageDigestCredentialPasswordEncoder
29: * </p>
30: *
31: * @author <a href="mailto:ate@apache.org">Ate Douma</a>
32: * @version $Id: MessageDigestCredentialPasswordEncoder.java 516448 2007-03-09 16:25:47Z ate $
33: */
34: public class MessageDigestCredentialPasswordEncoder implements
35: CredentialPasswordEncoder {
36: // Allow copying of encoded passwords or salt the digest with the userName preventing that
37: boolean simpleEncryption = false;
38: MessageDigest digester;
39:
40: public MessageDigestCredentialPasswordEncoder()
41: throws NoSuchAlgorithmException {
42: this ("SHA-1", false);
43: }
44:
45: public MessageDigestCredentialPasswordEncoder(
46: boolean simpleEncryption) throws NoSuchAlgorithmException {
47: this ("SHA-1", simpleEncryption);
48: }
49:
50: public MessageDigestCredentialPasswordEncoder(String algorithm)
51: throws NoSuchAlgorithmException {
52: this (algorithm, false);
53: }
54:
55: public MessageDigestCredentialPasswordEncoder(String algorithm,
56: boolean simpleEncryption) throws NoSuchAlgorithmException {
57: this .digester = MessageDigest.getInstance(algorithm);
58: this .simpleEncryption = simpleEncryption;
59: }
60:
61: public String getAlgorithm() {
62: return digester.getAlgorithm();
63: }
64:
65: /**
66: * @see org.apache.jetspeed.security.spi.CredentialPasswordEncoder#encode(java.lang.String, java.lang.String)
67: */
68: public String encode(String userName, String clearTextPassword)
69: throws SecurityException {
70: byte[] value;
71: synchronized (digester) {
72: digester.reset();
73: value = digester.digest(clearTextPassword.getBytes());
74: if (!simpleEncryption) {
75: // don't allow copying of encoded passwords
76: digester.update(userName.getBytes());
77: }
78: value = digester.digest(value);
79: }
80: return new String(Base64.encodeBase64(value));
81: }
82: }
|