Revision 8426
Added by Jing Tao about 11 years ago
src/edu/ucsb/nceas/metacat/authentication/AuthFile.java | ||
---|---|---|
29 | 29 |
import java.security.GeneralSecurityException; |
30 | 30 |
import java.util.HashMap; |
31 | 31 |
import java.util.List; |
32 |
import java.util.Properties; |
|
33 | 32 |
import java.util.Vector; |
34 | 33 |
|
35 | 34 |
import javax.crypto.Cipher; |
... | ... | |
42 | 41 |
import org.apache.commons.configuration.ConfigurationException; |
43 | 42 |
import org.apache.commons.configuration.XMLConfiguration; |
44 | 43 |
import org.apache.commons.configuration.tree.xpath.XPathExpressionEngine; |
44 |
import org.apache.commons.logging.Log; |
|
45 |
import org.apache.commons.logging.LogFactory; |
|
45 | 46 |
|
46 |
|
|
47 | 47 |
import edu.ucsb.nceas.metacat.AuthInterface; |
48 | 48 |
import edu.ucsb.nceas.metacat.properties.PropertyService; |
49 | 49 |
import edu.ucsb.nceas.utilities.PropertyNotFoundException; |
... | ... | |
80 | 80 |
private static final String GROUP = "group"; |
81 | 81 |
private static final String INITCONTENT = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n"+ |
82 | 82 |
"<"+SUBJECTS+">\n"+"<"+USERS+">\n"+"</"+USERS+">\n"+"<"+GROUPS+">\n"+"</"+GROUPS+">\n"+"</"+SUBJECTS+">\n"; |
83 |
private static final char[] MASTER = "enfldsgbnlsngdlksdsgm".toCharArray(); |
|
83 |
|
|
84 | 84 |
private static final byte[] SALT = { |
85 | 85 |
(byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, |
86 | 86 |
(byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, |
87 | 87 |
}; |
88 |
|
|
88 |
private static Log log = LogFactory.getLog(AuthFile.class); |
|
89 | 89 |
private static AuthFile authFile = null; |
90 | 90 |
private XMLConfiguration userpassword = null; |
91 | 91 |
private static String passwordFilePath = null; |
92 |
private static char[] masterPass = "enfldsgbnlsngdlksdsgm".toCharArray(); |
|
92 | 93 |
/** |
93 | 94 |
* Get the instance of the AuthFile |
94 | 95 |
* @return |
... | ... | |
134 | 135 |
passwordFilePath = PropertyService.getProperty("auth.file.path"); |
135 | 136 |
} |
136 | 137 |
File passwordFile = new File(passwordFilePath); |
138 |
try { |
|
139 |
String password = PropertyService.getProperty("auth.file.pass"); |
|
140 |
if(password != null && !password.trim().equals("")) { |
|
141 |
masterPass = password.toCharArray(); |
|
142 |
} |
|
143 |
}catch(PropertyNotFoundException e) { |
|
144 |
log.warn("AuthFile.init - can't find the auth.file.pass in the metacat.properties. Metacat will use the default one as password."); |
|
145 |
} |
|
146 |
|
|
137 | 147 |
//if the password file doesn't exist, create a new one and set the initial content |
138 | 148 |
if(!passwordFile.exists()) { |
139 | 149 |
passwordFile.createNewFile(); |
... | ... | |
353 | 363 |
*/ |
354 | 364 |
private static String encrypt(String property) throws GeneralSecurityException, UnsupportedEncodingException { |
355 | 365 |
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); |
356 |
SecretKey key = keyFactory.generateSecret(new PBEKeySpec(MASTER)); |
|
366 |
//System.out.println("===================== tha master password "+masterPass); |
|
367 |
SecretKey key = keyFactory.generateSecret(new PBEKeySpec(masterPass)); |
|
357 | 368 |
Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); |
358 | 369 |
pbeCipher.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); |
359 | 370 |
return base64Encode(pbeCipher.doFinal(property.getBytes("UTF-8"))); |
... | ... | |
371 | 382 |
*/ |
372 | 383 |
private static String decrypt(String property) throws GeneralSecurityException, IOException { |
373 | 384 |
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); |
374 |
SecretKey key = keyFactory.generateSecret(new PBEKeySpec(MASTER));
|
|
385 |
SecretKey key = keyFactory.generateSecret(new PBEKeySpec(masterPass));
|
|
375 | 386 |
Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES"); |
376 | 387 |
pbeCipher.init(Cipher.DECRYPT_MODE, key, new PBEParameterSpec(SALT, 20)); |
377 | 388 |
return new String(pbeCipher.doFinal(base64Decode(property)), "UTF-8"); |
Also available in: Unified diff
Read the password from property file.