%line | %branch | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
org.apache.jetspeed.security.impl.Jetspeed1CredentialPasswordEncoder |
|
|
1 | /* |
|
2 | * Licensed to the Apache Software Foundation (ASF) under one or more |
|
3 | * contributor license agreements. See the NOTICE file distributed with |
|
4 | * this work for additional information regarding copyright ownership. |
|
5 | * The ASF licenses this file to You under the Apache License, Version 2.0 |
|
6 | * (the "License"); you may not use this file except in compliance with |
|
7 | * the License. You may obtain a copy of the License at |
|
8 | * |
|
9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
10 | * |
|
11 | * Unless required by applicable law or agreed to in writing, software |
|
12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
14 | * See the License for the specific language governing permissions and |
|
15 | * limitations under the License. |
|
16 | */ |
|
17 | package org.apache.jetspeed.security.impl; |
|
18 | ||
19 | import java.io.ByteArrayOutputStream; |
|
20 | import java.io.OutputStream; |
|
21 | import java.security.MessageDigest; |
|
22 | ||
23 | import javax.mail.internet.MimeUtility; |
|
24 | ||
25 | import org.apache.jetspeed.security.SecurityException; |
|
26 | import org.apache.jetspeed.security.spi.CredentialPasswordEncoder; |
|
27 | ||
28 | public class Jetspeed1CredentialPasswordEncoder implements |
|
29 | CredentialPasswordEncoder { |
|
30 | ||
31 | 0 | protected String passwordsAlgorithm = "SHA"; |
32 | 0 | protected String encodingMethod = "base64"; |
33 | ||
34 | // We don't need the constructors to do anything, but it crashes if we |
|
35 | // don't provide them. |
|
36 | /* |
|
37 | public Jetspeed1CredentialPasswordEncoder() {} |
|
38 | public Jetspeed1CredentialPasswordEncoder(boolean dummy) {} |
|
39 | public Jetspeed1CredentialPasswordEncoder(String algorithm) |
|
40 | { |
|
41 | this.passwordsAlgorithm = algorithm; |
|
42 | } |
|
43 | |
|
44 | public Jetspeed1CredentialPasswordEncoder(boolean dummy1, String dummy2) {} |
|
45 | */ |
|
46 | ||
47 | public Jetspeed1CredentialPasswordEncoder() |
|
48 | { |
|
49 | 0 | this("SHA", "base64"); |
50 | 0 | } |
51 | ||
52 | public Jetspeed1CredentialPasswordEncoder( String algorithm ) |
|
53 | { |
|
54 | 0 | this(algorithm, "base64"); |
55 | 0 | } |
56 | ||
57 | public Jetspeed1CredentialPasswordEncoder( String algorithm, String encoding ) |
|
58 | 0 | { |
59 | 0 | this.passwordsAlgorithm = algorithm; |
60 | 0 | this.encodingMethod = encoding; |
61 | 0 | } |
62 | ||
63 | public String encode(String userName, String clearTextPassword) |
|
64 | throws SecurityException { |
|
65 | try |
|
66 | { |
|
67 | 0 | MessageDigest md = MessageDigest.getInstance(passwordsAlgorithm); |
68 | // We need to use unicode here, to be independent of platform's |
|
69 | // default encoding. Thanks to SGawin for spotting this. |
|
70 | 0 | byte[] digest = md.digest(clearTextPassword.getBytes("UTF-8")); |
71 | 0 | ByteArrayOutputStream bas = new ByteArrayOutputStream(digest.length + digest.length / 3 + 1); |
72 | 0 | OutputStream encodedStream = MimeUtility.encode(bas, "base64"); |
73 | 0 | encodedStream.write(digest); |
74 | 0 | encodedStream.flush(); |
75 | 0 | encodedStream.close(); |
76 | 0 | return bas.toString(); |
77 | } |
|
78 | 0 | catch( Exception e ) |
79 | { |
|
80 | //logger.error("Unable to encrypt password."+e.getMessage(), e); |
|
81 | 0 | return null; |
82 | } |
|
83 | } |
|
84 | ||
85 | } |
This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |