Revision 8424
Added by Jing Tao over 10 years ago
| AuthFile.java | ||
|---|---|---|
| 24 | 24 |
import java.io.FileOutputStream; |
| 25 | 25 |
import java.io.IOException; |
| 26 | 26 |
import java.io.OutputStreamWriter; |
| 27 |
import java.io.UnsupportedEncodingException; |
|
| 27 | 28 |
import java.net.ConnectException; |
| 29 |
import java.security.GeneralSecurityException; |
|
| 28 | 30 |
import java.util.HashMap; |
| 29 | 31 |
import java.util.List; |
| 30 | 32 |
import java.util.Properties; |
| 31 | 33 |
import java.util.Vector; |
| 32 | 34 |
|
| 35 |
import javax.crypto.Cipher; |
|
| 36 |
import javax.crypto.SecretKey; |
|
| 37 |
import javax.crypto.SecretKeyFactory; |
|
| 38 |
import javax.crypto.spec.PBEKeySpec; |
|
| 39 |
import javax.crypto.spec.PBEParameterSpec; |
|
| 40 |
|
|
| 41 |
import org.apache.commons.codec.binary.Base64; |
|
| 33 | 42 |
import org.apache.commons.configuration.ConfigurationException; |
| 34 | 43 |
import org.apache.commons.configuration.XMLConfiguration; |
| 35 | 44 |
import org.apache.commons.configuration.tree.xpath.XPathExpressionEngine; |
| 36 | 45 |
|
| 46 |
|
|
| 37 | 47 |
import edu.ucsb.nceas.metacat.AuthInterface; |
| 38 | 48 |
import edu.ucsb.nceas.metacat.properties.PropertyService; |
| 39 | 49 |
import edu.ucsb.nceas.utilities.PropertyNotFoundException; |
| ... | ... | |
| 70 | 80 |
private static final String GROUP = "group"; |
| 71 | 81 |
private static final String INITCONTENT = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n"+ |
| 72 | 82 |
"<"+SUBJECTS+">\n"+"<"+USERS+">\n"+"</"+USERS+">\n"+"<"+GROUPS+">\n"+"</"+GROUPS+">\n"+"</"+SUBJECTS+">\n"; |
| 83 |
private static final char[] MASTER = "enfldsgbnlsngdlksdsgm".toCharArray(); |
|
| 84 |
private static final byte[] SALT = {
|
|
| 85 |
(byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, |
|
| 86 |
(byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, |
|
| 87 |
}; |
|
| 73 | 88 |
|
| 74 | 89 |
private static AuthFile authFile = null; |
| 75 | 90 |
private XMLConfiguration userpassword = null; |
| ... | ... | |
| 145 | 160 |
throws AuthenticationException {
|
| 146 | 161 |
String passwordRecord = userpassword.getString(USERS+SLASH+USER+"["+AT+NAME+"='"+user+"']"+SLASH+PASSWORD); |
| 147 | 162 |
if(passwordRecord != null) {
|
| 163 |
try {
|
|
| 164 |
passwordRecord = decrypt(passwordRecord); |
|
| 165 |
} catch (Exception e) {
|
|
| 166 |
throw new AuthenticationException("AuthFile.authenticate - can't decrypt the password for the user "+user+" since "+e.getMessage());
|
|
| 167 |
} |
|
| 148 | 168 |
if(passwordRecord.equals(password)) {
|
| 149 | 169 |
return true; |
| 150 | 170 |
} |
| ... | ... | |
| 221 | 241 |
if(password == null || password.trim().equals("")) {
|
| 222 | 242 |
throw new AuthenticationException("AuthFile.addUser - can't add a user whose password is null or blank.");
|
| 223 | 243 |
} |
| 244 |
try {
|
|
| 245 |
password = encrypt(password); |
|
| 246 |
} catch (Exception e) {
|
|
| 247 |
throw new AuthenticationException("AuthFile.addUser - can't encript the password since "+e.getMessage());
|
|
| 248 |
} |
|
| 249 |
|
|
| 224 | 250 |
if(!userExists(userName)) {
|
| 225 | 251 |
if(userpassword != null) {
|
| 226 | 252 |
userpassword.addProperty(USERS+" "+USER+AT+NAME, userName); |
| ... | ... | |
| 321 | 347 |
return false; |
| 322 | 348 |
} |
| 323 | 349 |
} |
| 350 |
|
|
| 351 |
/* |
|
| 352 |
* Encrypt a string |
|
| 353 |
*/ |
|
| 354 |
private static String encrypt(String property) throws GeneralSecurityException, UnsupportedEncodingException {
|
|
| 355 |
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
|
|
| 356 |
SecretKey key = keyFactory.generateSecret(new PBEKeySpec(MASTER)); |
|
| 357 |
Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES");
|
|
| 358 |
pbeCipher.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); |
|
| 359 |
return base64Encode(pbeCipher.doFinal(property.getBytes("UTF-8")));
|
|
| 360 |
} |
|
| 361 |
|
|
| 362 |
/* |
|
| 363 |
* Transform a byte array to a string |
|
| 364 |
*/ |
|
| 365 |
private static String base64Encode(byte[] bytes) {
|
|
| 366 |
return Base64.encodeBase64String(bytes); |
|
| 367 |
} |
|
| 368 |
|
|
| 369 |
/* |
|
| 370 |
* Decrypt a string |
|
| 371 |
*/ |
|
| 372 |
private static String decrypt(String property) throws GeneralSecurityException, IOException {
|
|
| 373 |
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
|
|
| 374 |
SecretKey key = keyFactory.generateSecret(new PBEKeySpec(MASTER)); |
|
| 375 |
Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES");
|
|
| 376 |
pbeCipher.init(Cipher.DECRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); |
|
| 377 |
return new String(pbeCipher.doFinal(base64Decode(property)), "UTF-8"); |
|
| 378 |
} |
|
| 379 |
|
|
| 380 |
/* |
|
| 381 |
* Transform a string to a byte array |
|
| 382 |
*/ |
|
| 383 |
private static byte[] base64Decode(String property) throws IOException {
|
|
| 384 |
return Base64.decodeBase64(property); |
|
| 385 |
} |
|
| 386 |
|
|
| 324 | 387 |
} |
Also available in: Unified diff
Encrypt the password.