nacho 00/08/31 21:46:15
Modified: src/share/org/apache/tomcat/request JDBCRealm.java
Log:
Added a new Digest attributte to use a digest algorithm specified for
user passwords, and a Main function to be able to use JDBCRealm
as standalone password encoder.
Revision Changes Path
1.19 +62 -15 jakarta-tomcat/src/share/org/apache/tomcat/request/JDBCRealm.java
Index: JDBCRealm.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/JDBCRealm.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- JDBCRealm.java 2000/09/01 00:48:11 1.18
+++ JDBCRealm.java 2000/09/01 04:46:14 1.19
@@ -64,7 +64,7 @@
import org.apache.tomcat.util.*;
import org.apache.tomcat.util.xml.*;
import org.apache.tomcat.logging.*;
-
+import java.security.*;
import java.beans.PropertyChangeListener;
import java.beans.PropertyChangeSupport;
import java.security.Principal;
@@ -179,12 +179,13 @@
/**
*
- * Encode used in passwords that sane values acceepted by MessageDigest
+ * Digest algorithm used in passwords thit is same values
+ * accepted by MessageDigest for algorithm
* plus "No" ( no encode ) that is the default
*
*/
- private String encode="No";
+ private String digest="No";
// ------------------------------------------------------------- Properties
@@ -271,26 +272,26 @@
this.roleNameCol = roleNameCol;
}
/**
- * Gets the encode used for credentials in the database
- * could be the same that MessageDigest accepts
+ * Gets the digest algorithm used for credentials in the database
+ * could be the same that MessageDigest accepts vor algorithm
* and "No" that is the Default
*
*/
- public String getEncode() {
- return encode;
+ public String getDigest() {
+ return digest;
}
/**
- * Sets the ncode used for credentials in the database
- * could be the same that MessageDigest accepts
+ * Gets the digest algorithm used for credentials in the database
+ * could be the same that MessageDigest accepts vor algorithm
* and "No" that is the Default
*
- * @param newEncode the Encode type
+ * @param algorithm the Encode type
*/
- public void setEncode(String newEncode) {
- encode = newEncode;
+ public void setEncode(String algorithm) {
+ digest = algorithm;
}
/**
@@ -326,7 +327,7 @@
ResultSet rs1 = preparedAuthenticate.executeQuery();
boolean found = false;
if (rs1.next()) {
- if (encode.equals("No")) {
+ if (digest.equalsIgnoreCase("No")) {
if (credentials.equals(rs1.getString(1))) {
if (debug >= 2)
log(sm.getString("jdbcRealm.authenticateSuccess",
@@ -334,8 +335,12 @@
return true;
}
} else {
- // FixMe: Test if the password is expected encoded
- // for now only the place marked
+ if (credentials.equals(Digest(rs1.getString(1),digest))) {
+ if (debug >= 2)
+ log(sm.getString("jdbcRealm.authenticateSuccess",
+ username));
+ return true;
+ }
}
}
rs1.close();
@@ -572,6 +577,48 @@
return 401; //HttpServletResponse.SC_UNAUTHORIZED
// XXX check transport
}
+ /**
+ * Digestedentials (password) using MD5 and
+ * convert the result to a corresponding hex string.
+ * If exception, the plain credentials string is returned
+ *
+ * @param credentials Password or other credentials to use in
+ * authenticating this username
+ *
+ * @param algorithm Algorithm used to do th digest
+ *
+ */
+ final private static String Digest(String credentials,String algorithm) {
+ try {
+ // Obtain a new message digest with MD5 encryption
+ MessageDigest md = (MessageDigest)MessageDigest.getInstance(algorithm).clone();
+ // encode the credentials
+ md.update( credentials.getBytes() );
+ // obtain the byte array from the digest
+ byte[] dig = md.digest();
+ // convert the byte array to hex string
+// Base64 enc=new Base64();
+// return new String(enc.encode(HexUtils.convert(dig).getBytes()));
+ return HexUtils.convert(dig);
+
+ } catch( Exception ex ) {
+ ex.printStackTrace();
+ return credentials;
+ }
+ }
+
+ public static void main(String args[] ) {
+ if (args.length >= 2) {
+ if( args[0].equalsIgnoreCase("-a")){
+ for( int i=2; i < args.length ; i++){
+ System.out.print(args[i]+":");
+ System.out.println(Digest(args[i],args[1]));
+ }
+ }
+ }
+
+ }
+
}
|