Revision 8424
Added by Jing Tao about 11 years ago
src/edu/ucsb/nceas/metacat/authentication/AuthFile.java | ||
---|---|---|
24 | 24 |
import java.io.FileOutputStream; |
25 | 25 |
import java.io.IOException; |
26 | 26 |
import java.io.OutputStreamWriter; |
27 |
import java.io.UnsupportedEncodingException; |
|
27 | 28 |
import java.net.ConnectException; |
29 |
import java.security.GeneralSecurityException; |
|
28 | 30 |
import java.util.HashMap; |
29 | 31 |
import java.util.List; |
30 | 32 |
import java.util.Properties; |
31 | 33 |
import java.util.Vector; |
32 | 34 |
|
35 |
import javax.crypto.Cipher; |
|
36 |
import javax.crypto.SecretKey; |
|
37 |
import javax.crypto.SecretKeyFactory; |
|
38 |
import javax.crypto.spec.PBEKeySpec; |
|
39 |
import javax.crypto.spec.PBEParameterSpec; |
|
40 |
|
|
41 |
import org.apache.commons.codec.binary.Base64; |
|
33 | 42 |
import org.apache.commons.configuration.ConfigurationException; |
34 | 43 |
import org.apache.commons.configuration.XMLConfiguration; |
35 | 44 |
import org.apache.commons.configuration.tree.xpath.XPathExpressionEngine; |
36 | 45 |
|
46 |
|
|
37 | 47 |
import edu.ucsb.nceas.metacat.AuthInterface; |
38 | 48 |
import edu.ucsb.nceas.metacat.properties.PropertyService; |
39 | 49 |
import edu.ucsb.nceas.utilities.PropertyNotFoundException; |
... | ... | |
70 | 80 |
private static final String GROUP = "group"; |
71 | 81 |
private static final String INITCONTENT = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n"+ |
72 | 82 |
"<"+SUBJECTS+">\n"+"<"+USERS+">\n"+"</"+USERS+">\n"+"<"+GROUPS+">\n"+"</"+GROUPS+">\n"+"</"+SUBJECTS+">\n"; |
83 |
private static final char[] MASTER = "enfldsgbnlsngdlksdsgm".toCharArray(); |
|
84 |
private static final byte[] SALT = { |
|
85 |
(byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, |
|
86 |
(byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, |
|
87 |
}; |
|
73 | 88 |
|
74 | 89 |
private static AuthFile authFile = null; |
75 | 90 |
private XMLConfiguration userpassword = null; |
... | ... | |
145 | 160 |
throws AuthenticationException { |
146 | 161 |
String passwordRecord = userpassword.getString(USERS+SLASH+USER+"["+AT+NAME+"='"+user+"']"+SLASH+PASSWORD); |
147 | 162 |
if(passwordRecord != null) { |
163 |
try { |
|
164 |
passwordRecord = decrypt(passwordRecord); |
|
165 |
} catch (Exception e) { |
|
166 |
throw new AuthenticationException("AuthFile.authenticate - can't decrypt the password for the user "+user+" since "+e.getMessage()); |
|
167 |
} |
|
148 | 168 |
if(passwordRecord.equals(password)) { |
149 | 169 |
return true; |
150 | 170 |
} |
... | ... | |
221 | 241 |
if(password == null || password.trim().equals("")) { |
222 | 242 |
throw new AuthenticationException("AuthFile.addUser - can't add a user whose password is null or blank."); |
223 | 243 |
} |
244 |
try { |
|
245 |
password = encrypt(password); |
|
246 |
} catch (Exception e) { |
|
247 |
throw new AuthenticationException("AuthFile.addUser - can't encript the password since "+e.getMessage()); |
|
248 |
} |
|
249 |
|
|
224 | 250 |
if(!userExists(userName)) { |
225 | 251 |
if(userpassword != null) { |
226 | 252 |
userpassword.addProperty(USERS+" "+USER+AT+NAME, userName); |
... | ... | |
321 | 347 |
return false; |
322 | 348 |
} |
323 | 349 |
} |
350 |
|
|
351 |
/* |
|
352 |
* Encrypt a string |
|
353 |
*/ |
|
354 |
private static String encrypt(String property) throws GeneralSecurityException, UnsupportedEncodingException { |
|
355 |
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); |
|
356 |
SecretKey key = keyFactory.generateSecret(new PBEKeySpec(MASTER)); |
|
357 |
Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); |
|
358 |
pbeCipher.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); |
|
359 |
return base64Encode(pbeCipher.doFinal(property.getBytes("UTF-8"))); |
|
360 |
} |
|
361 |
|
|
362 |
/* |
|
363 |
* Transform a byte array to a string |
|
364 |
*/ |
|
365 |
private static String base64Encode(byte[] bytes) { |
|
366 |
return Base64.encodeBase64String(bytes); |
|
367 |
} |
|
368 |
|
|
369 |
/* |
|
370 |
* Decrypt a string |
|
371 |
*/ |
|
372 |
private static String decrypt(String property) throws GeneralSecurityException, IOException { |
|
373 |
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); |
|
374 |
SecretKey key = keyFactory.generateSecret(new PBEKeySpec(MASTER)); |
|
375 |
Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); |
|
376 |
pbeCipher.init(Cipher.DECRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); |
|
377 |
return new String(pbeCipher.doFinal(base64Decode(property)), "UTF-8"); |
|
378 |
} |
|
379 |
|
|
380 |
/* |
|
381 |
* Transform a string to a byte array |
|
382 |
*/ |
|
383 |
private static byte[] base64Decode(String property) throws IOException { |
|
384 |
return Base64.decodeBase64(property); |
|
385 |
} |
|
386 |
|
|
324 | 387 |
} |
Also available in: Unified diff
Encrypt the password.