KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > opencms > security > CmsDefaultPasswordHandler


1 /*
2  * File : $Source: /usr/local/cvs/opencms/src/org/opencms/security/CmsDefaultPasswordHandler.java,v $
3  * Date : $Date: 2006/03/27 14:52:48 $
4  * Version: $Revision: 1.20 $
5  *
6  * This library is part of OpenCms -
7  * the Open Source Content Mananagement System
8  *
9  * Copyright (c) 2005 Alkacon Software GmbH (http://www.alkacon.com)
10  *
11  * This library is free software; you can redistribute it and/or
12  * modify it under the terms of the GNU Lesser General Public
13  * License as published by the Free Software Foundation; either
14  * version 2.1 of the License, or (at your option) any later version.
15  *
16  * This library is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19  * Lesser General Public License for more details.
20  *
21  * For further information about Alkacon Software GmbH, please see the
22  * company website: http://www.alkacon.com
23  *
24  * For further information about OpenCms, please see the
25  * project website: http://www.opencms.org
26  *
27  * You should have received a copy of the GNU Lesser General Public
28  * License along with this library; if not, write to the Free Software
29  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
30  */
31
32 package org.opencms.security;
33
34 import org.opencms.configuration.CmsConfigurationException;
35 import org.opencms.i18n.CmsEncoder;
36 import org.opencms.i18n.CmsMessageContainer;
37 import org.opencms.main.CmsLog;
38
39 import java.io.UnsupportedEncodingException JavaDoc;
40 import java.security.MessageDigest JavaDoc;
41 import java.security.NoSuchAlgorithmException JavaDoc;
42 import java.security.SecureRandom JavaDoc;
43 import java.util.Collections JavaDoc;
44 import java.util.Map JavaDoc;
45 import java.util.SortedMap JavaDoc;
46 import java.util.TreeMap JavaDoc;
47
48 import org.apache.commons.codec.binary.Base64;
49 import org.apache.commons.logging.Log;
50
51 /**
52  * Default implementation for OpenCms password validation,
53  * just checks if a password is at last 4 characters long.<p>
54  *
55  * @author Alexander Kandzior
56  * @author Carsten Weinholz
57  *
58  * @version $Revision: 1.20 $
59  *
60  * @since 6.0.0
61  */
62 public class CmsDefaultPasswordHandler implements I_CmsPasswordHandler {
63
64     /** The minimum length of a password. */
65     public static final int PASSWORD_MIN_LENGTH = 4;
66
67     /** The log object for this class. */
68     private static final Log LOG = CmsLog.getLog(CmsDefaultPasswordHandler.class);
69
70     /** The secure random number generator. */
71     private static SecureRandom JavaDoc m_secureRandom;
72
73     /** The configuration of the password handler. */
74     private SortedMap JavaDoc m_configuration;
75
76     /** The digest type used. */
77     private String JavaDoc m_digestType = DIGEST_TYPE_MD5;
78
79     /** The encoding the encoding used for translating the input string to bytes. */
80     private String JavaDoc m_inputEncoding = CmsEncoder.ENCODING_UTF_8;
81
82     /**
83      * The constructor does not perform any operation.<p>
84      */
85     public CmsDefaultPasswordHandler() {
86
87         m_configuration = new TreeMap JavaDoc();
88     }
89
90     /**
91      * @see org.opencms.configuration.I_CmsConfigurationParameterHandler#addConfigurationParameter(java.lang.String, java.lang.String)
92      */
93     public void addConfigurationParameter(String JavaDoc paramName, String JavaDoc paramValue) {
94
95         m_configuration.put(paramName, paramValue);
96     }
97
98     /**
99      * @see org.opencms.security.I_CmsPasswordHandler#digest(java.lang.String)
100      */
101     public String JavaDoc digest(String JavaDoc password) throws CmsPasswordEncryptionException {
102
103         return digest(password, m_digestType, m_inputEncoding);
104     }
105
106     /**
107      * @see org.opencms.security.I_CmsPasswordHandler#digest(java.lang.String, java.lang.String, java.lang.String)
108      */
109     public String JavaDoc digest(String JavaDoc password, String JavaDoc digestType, String JavaDoc inputEncoding)
110     throws CmsPasswordEncryptionException {
111
112         MessageDigest JavaDoc md;
113         String JavaDoc result;
114
115         try {
116             if (DIGEST_TYPE_PLAIN.equals(digestType.toLowerCase())) {
117
118                 result = password;
119
120             } else if (DIGEST_TYPE_SSHA.equals(digestType.toLowerCase())) {
121
122                 byte[] salt = new byte[4];
123                 byte[] digest;
124                 byte[] total;
125
126                 if (m_secureRandom == null) {
127                     m_secureRandom = SecureRandom.getInstance("SHA1PRNG");
128                 }
129                 m_secureRandom.nextBytes(salt);
130
131                 md = MessageDigest.getInstance(DIGEST_TYPE_SHA);
132                 md.reset();
133                 md.update(password.getBytes(inputEncoding));
134                 md.update(salt);
135
136                 digest = md.digest();
137                 total = new byte[digest.length + salt.length];
138                 System.arraycopy(digest, 0, total, 0, digest.length);
139                 System.arraycopy(salt, 0, total, digest.length, salt.length);
140
141                 result = new String JavaDoc(Base64.encodeBase64(total));
142
143             } else {
144
145                 md = MessageDigest.getInstance(digestType);
146                 md.reset();
147                 md.update(password.getBytes(inputEncoding));
148                 result = new String JavaDoc(Base64.encodeBase64(md.digest()));
149
150             }
151         } catch (NoSuchAlgorithmException JavaDoc e) {
152             CmsMessageContainer message = Messages.get().container(Messages.ERR_UNSUPPORTED_ALGORITHM_1, digestType);
153             if (LOG.isErrorEnabled()) {
154                 LOG.error(message.key(), e);
155             }
156             throw new CmsPasswordEncryptionException(message, e);
157         } catch (UnsupportedEncodingException JavaDoc e) {
158             CmsMessageContainer message = Messages.get().container(
159                 Messages.ERR_UNSUPPORTED_PASSWORD_ENCODING_1,
160                 inputEncoding);
161             if (LOG.isErrorEnabled()) {
162                 LOG.error(message.key(), e);
163             }
164             throw new CmsPasswordEncryptionException(message, e);
165         }
166
167         return result;
168     }
169
170     /**
171      * @see org.opencms.configuration.I_CmsConfigurationParameterHandler#getConfiguration()
172      */
173     public Map JavaDoc getConfiguration() {
174
175         return m_configuration;
176     }
177
178     /**
179      * Returns the digestType.<p>
180      *
181      * @return the digestType
182      */
183     public String JavaDoc getDigestType() {
184
185         return m_digestType;
186     }
187
188     /**
189      * Returns the input encoding.<p>
190      *
191      * @return the input encoding
192      */
193     public String JavaDoc getInputEncoding() {
194
195         return m_inputEncoding;
196     }
197
198     /**
199      * @see org.opencms.configuration.I_CmsConfigurationParameterHandler#initConfiguration()
200      */
201     public void initConfiguration() throws CmsConfigurationException {
202
203         // simple default configuration does not need to be initialized
204 if (LOG.isDebugEnabled()) {
205             CmsMessageContainer message = Messages.get().container(Messages.LOG_INIT_CONFIG_CALLED_1, this);
206             LOG.debug(message.key());
207             LOG.debug(Messages.get().getBundle().key(Messages.LOG_INIT_CONFIG_CALLED_1, this));
208             // supress compiler warning, this is never true
209 if (this == null) {
210                 throw new CmsConfigurationException(message);
211             }
212         }
213         m_configuration = Collections.unmodifiableSortedMap(m_configuration);
214     }
215
216     /**
217      * Sets the digestType.<p>
218      *
219      * @param digestType the digestType to set
220      */
221     public void setDigestType(String JavaDoc digestType) {
222
223         m_digestType = digestType;
224     }
225
226     /**
227      * Sets the input encoding.<p>
228      *
229      * @param inputEncoding the input encoding to set
230      */
231     public void setInputEncoding(String JavaDoc inputEncoding) {
232
233         m_inputEncoding = inputEncoding;
234     }
235
236     /**
237      * @see org.opencms.security.I_CmsPasswordHandler#validatePassword(java.lang.String)
238      */
239     public void validatePassword(String JavaDoc password) throws CmsSecurityException {
240
241         if (password == null || password.length() < PASSWORD_MIN_LENGTH) {
242             throw new CmsSecurityException(Messages.get().container(
243                 Messages.ERR_PASSWORD_TOO_SHORT_1,
244                 new Integer JavaDoc(PASSWORD_MIN_LENGTH)));
245         }
246     }
247 }
Popular Tags