KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > mvnsoft > auth > realm > MVNTomcatJDBCRealm


1 /*
2  * Copyright (c) 2005 Kurt Miller <truk@optonline.net>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16
17 /* This file rewritten from a sample implementation of JDBCRealm written by Kurt Miller.
18  *
19  * We configure realm with no digest, then encode it when authenticating
20  * instead of decoding database credentials. Because We don't know why
21  * MVNTomcatJDBCRealm is never called
22  *
23  * View Thread: http://www.mvnforum.com/mvnforum/mvnforum/viewthread?thread=2782
24  */
25 package com.mvnsoft.auth.realm;
26
27 import java.security.MessageDigest JavaDoc;
28 import java.security.Principal JavaDoc;
29 import java.security.cert.X509Certificate JavaDoc;
30
31 import org.apache.catalina.realm.JDBCRealm;
32 import org.apache.commons.logging.Log;
33 import org.apache.commons.logging.LogFactory;
34
35 import sun.misc.BASE64Encoder;
36
37 public class MVNTomcatJDBCRealm extends JDBCRealm {
38     
39     private static Log log = LogFactory.getLog(MVNTomcatJDBCRealm.class);
40
41     protected String JavaDoc getPassword(String JavaDoc username) {
42         // I don't know why this method is never called
43 return super.getPassword(username);
44     }
45
46     public String JavaDoc getMD5_Base64(String JavaDoc input) {
47         // please note that we dont use digest, because if we
48 // cannot get digest, then the second time we have to call it
49 // again, which will fail again
50 MessageDigest JavaDoc digest = null;
51         try {
52             digest = MessageDigest.getInstance("MD5");
53         } catch (Exception JavaDoc ex) {
54             log.fatal("Cannot get MessageDigest. Application may fail to run correctly.", ex);
55         }
56         if (digest == null) return input;
57
58         // now everything is ok, go ahead
59 try {
60             digest.update(input.getBytes("UTF-8"));
61         } catch (java.io.UnsupportedEncodingException JavaDoc ex) {
62             log.error("Assertion: This should never occur.");
63         }
64         byte[] rawData = digest.digest();
65         BASE64Encoder encoder = new BASE64Encoder();
66
67         return encoder.encode(rawData);
68     }
69     
70     protected String JavaDoc digest(String JavaDoc credentials) {
71         System.out.println("MVNTomcatJDBCRealm.digest()");
72         //return super.digest(credentials);
73 return getMD5_Base64(credentials);
74     }
75     /**
76      * This is a sample implementation of JDBCRealm using password
77      */
78     
79     public Principal JavaDoc authenticate(String JavaDoc username, String JavaDoc password) {
80         String JavaDoc md5_base64 = getMD5_Base64(password);
81         System.out.println("Authenticate 2 params " + username + " and " + md5_base64);
82         //return super.authenticate(username, md5_base64);
83 return super.authenticate(username, password);
84     }
85     
86     public Principal JavaDoc authenticate(String JavaDoc username, byte[] credentials) {
87         System.out.println("Authenticate byte");
88         return super.authenticate(username, credentials);
89     }
90         
91     public Principal JavaDoc authenticate(String JavaDoc username, String JavaDoc clientDigest,
92                       String JavaDoc nOnce, String JavaDoc nc, String JavaDoc cnonce,
93                       String JavaDoc qop, String JavaDoc realm, String JavaDoc md5a2) {
94         //System.out.println("Authenticate username, clientDigest, nOnce, nc, cnonce, qop, realm, md5a2");
95 return super.authenticate(username, clientDigest, nOnce, nc, cnonce,
96                 qop, realm, md5a2);
97     }
98         
99     public Principal JavaDoc authenticate(X509Certificate JavaDoc[] certs) {
100         //System.out.println("Authenticate X509Certificate");
101 return super.authenticate(certs);
102     }
103 }
Popular Tags