| %line | %branch | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| org.apache.jetspeed.security.impl.Jetspeed1CredentialPasswordEncoder |
|
|
| 1 | /* |
|
| 2 | * Licensed to the Apache Software Foundation (ASF) under one or more |
|
| 3 | * contributor license agreements. See the NOTICE file distributed with |
|
| 4 | * this work for additional information regarding copyright ownership. |
|
| 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 |
|
| 6 | * (the "License"); you may not use this file except in compliance with |
|
| 7 | * the License. You may obtain a copy of the License at |
|
| 8 | * |
|
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
| 10 | * |
|
| 11 | * Unless required by applicable law or agreed to in writing, software |
|
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
| 14 | * See the License for the specific language governing permissions and |
|
| 15 | * limitations under the License. |
|
| 16 | */ |
|
| 17 | package org.apache.jetspeed.security.impl; |
|
| 18 | ||
| 19 | import java.io.ByteArrayOutputStream; |
|
| 20 | import java.io.OutputStream; |
|
| 21 | import java.security.MessageDigest; |
|
| 22 | ||
| 23 | import javax.mail.internet.MimeUtility; |
|
| 24 | ||
| 25 | import org.apache.jetspeed.security.SecurityException; |
|
| 26 | import org.apache.jetspeed.security.spi.CredentialPasswordEncoder; |
|
| 27 | ||
| 28 | public class Jetspeed1CredentialPasswordEncoder implements |
|
| 29 | CredentialPasswordEncoder { |
|
| 30 | ||
| 31 | 0 | protected String passwordsAlgorithm = "SHA"; |
| 32 | 0 | protected String encodingMethod = "base64"; |
| 33 | ||
| 34 | // We don't need the constructors to do anything, but it crashes if we |
|
| 35 | // don't provide them. |
|
| 36 | /* |
|
| 37 | public Jetspeed1CredentialPasswordEncoder() {} |
|
| 38 | public Jetspeed1CredentialPasswordEncoder(boolean dummy) {} |
|
| 39 | public Jetspeed1CredentialPasswordEncoder(String algorithm) |
|
| 40 | { |
|
| 41 | this.passwordsAlgorithm = algorithm; |
|
| 42 | } |
|
| 43 | |
|
| 44 | public Jetspeed1CredentialPasswordEncoder(boolean dummy1, String dummy2) {} |
|
| 45 | */ |
|
| 46 | ||
| 47 | public Jetspeed1CredentialPasswordEncoder() |
|
| 48 | { |
|
| 49 | 0 | this("SHA", "base64"); |
| 50 | 0 | } |
| 51 | ||
| 52 | public Jetspeed1CredentialPasswordEncoder( String algorithm ) |
|
| 53 | { |
|
| 54 | 0 | this(algorithm, "base64"); |
| 55 | 0 | } |
| 56 | ||
| 57 | public Jetspeed1CredentialPasswordEncoder( String algorithm, String encoding ) |
|
| 58 | 0 | { |
| 59 | 0 | this.passwordsAlgorithm = algorithm; |
| 60 | 0 | this.encodingMethod = encoding; |
| 61 | 0 | } |
| 62 | ||
| 63 | public String encode(String userName, String clearTextPassword) |
|
| 64 | throws SecurityException { |
|
| 65 | try |
|
| 66 | { |
|
| 67 | 0 | MessageDigest md = MessageDigest.getInstance(passwordsAlgorithm); |
| 68 | // We need to use unicode here, to be independent of platform's |
|
| 69 | // default encoding. Thanks to SGawin for spotting this. |
|
| 70 | 0 | byte[] digest = md.digest(clearTextPassword.getBytes("UTF-8")); |
| 71 | 0 | ByteArrayOutputStream bas = new ByteArrayOutputStream(digest.length + digest.length / 3 + 1); |
| 72 | 0 | OutputStream encodedStream = MimeUtility.encode(bas, "base64"); |
| 73 | 0 | encodedStream.write(digest); |
| 74 | 0 | encodedStream.flush(); |
| 75 | 0 | encodedStream.close(); |
| 76 | 0 | return bas.toString(); |
| 77 | } |
|
| 78 | 0 | catch( Exception e ) |
| 79 | { |
|
| 80 | //logger.error("Unable to encrypt password."+e.getMessage(), e); |
|
| 81 | 0 | return null; |
| 82 | } |
|
| 83 | } |
|
| 84 | ||
| 85 | } |
| This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |