%line | %branch | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
org.apache.jetspeed.security.spi.impl.EncodePasswordOnFirstLoadInterceptor |
|
|
1 | /* |
|
2 | * Licensed to the Apache Software Foundation (ASF) under one or more |
|
3 | * contributor license agreements. See the NOTICE file distributed with |
|
4 | * this work for additional information regarding copyright ownership. |
|
5 | * The ASF licenses this file to You under the Apache License, Version 2.0 |
|
6 | * (the "License"); you may not use this file except in compliance with |
|
7 | * the License. You may obtain a copy of the License at |
|
8 | * |
|
9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
10 | * |
|
11 | * Unless required by applicable law or agreed to in writing, software |
|
12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
14 | * See the License for the specific language governing permissions and |
|
15 | * limitations under the License. |
|
16 | */ |
|
17 | package org.apache.jetspeed.security.spi.impl; |
|
18 | ||
19 | import java.sql.Timestamp; |
|
20 | import java.util.Date; |
|
21 | ||
22 | import org.apache.jetspeed.security.AlgorithmUpgradePasswordEncodingService; |
|
23 | import org.apache.jetspeed.security.SecurityException; |
|
24 | import org.apache.jetspeed.security.om.InternalCredential; |
|
25 | import org.apache.jetspeed.security.spi.PasswordCredentialProvider; |
|
26 | ||
27 | /** |
|
28 | * <p> |
|
29 | * Encodes (encrypts) an {@link InternalCredential} password using the configured {@link PasswordCredentialProvider#getEncoder() encoder} |
|
30 | * if it is loaded unencoded from the persistent store.</p> |
|
31 | * <p> |
|
32 | * This interceptor is useful when credentials need to be preset in the persistent store (like through scripts) or |
|
33 | * migrated unencoded from a different storage.</p> |
|
34 | * |
|
35 | * @author <a href="mailto:ate@douma.nu">Ate Douma</a> |
|
36 | * @version $Id$ |
|
37 | */ |
|
38 | 0 | public class EncodePasswordOnFirstLoadInterceptor extends AbstractInternalPasswordCredentialInterceptorImpl |
39 | { |
|
40 | /** |
|
41 | * @return true if now encoded |
|
42 | * @see org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor#afterLoad(org.apache.jetspeed.security.spi.PasswordCredentialProvider, java.lang.String, org.apache.jetspeed.security.om.InternalCredential) |
|
43 | */ |
|
44 | public boolean afterLoad(PasswordCredentialProvider pcProvider, String userName, InternalCredential credential) |
|
45 | throws SecurityException |
|
46 | { |
|
47 | 0 | boolean updated = false; |
48 | 0 | if (!credential.isEncoded() && pcProvider.getEncoder() != null ) |
49 | { |
|
50 | 0 | credential.setValue(pcProvider.getEncoder().encode(userName,credential.getValue())); |
51 | 0 | credential.setEncoded(true); |
52 | ||
53 | 0 | if ( pcProvider.getEncoder() instanceof AlgorithmUpgradePasswordEncodingService) |
54 | { |
|
55 | // For the AlgorithmUpgradePBEPasswordService to be able to distinguise between |
|
56 | // old and new encoded passwords, it evaluates the last and previous authentication timestamps. |
|
57 | // With an automatic encoding (using the new encoding schema) the last authentication must be |
|
58 | // set to null (as the user hasn't been authenticated yet again, which leaves the previous |
|
59 | // authentication timestamp for indicating when the (new) encoding took place. |
|
60 | 0 | credential.setPreviousAuthenticationDate(new Timestamp(class="keyword">new Date().getTime())); |
61 | 0 | credential.setLastAuthenticationDate(null); |
62 | } |
|
63 | 0 | updated = true; |
64 | } |
|
65 | 0 | return updated; |
66 | } |
|
67 | } |
This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |