Seam SVN: r7549 - trunk/src/main/org/jboss/seam/security/management.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2008-03-12 21:11:48 -0400 (Wed, 12 Mar 2008)
New Revision: 7549
Modified:
trunk/src/main/org/jboss/seam/security/management/IdentityStore.java
trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java
trunk/src/main/org/jboss/seam/security/management/LdapIdentityStore.java
Log:
deterministic feature sets for identity stores
Modified: trunk/src/main/org/jboss/seam/security/management/IdentityStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/IdentityStore.java 2008-03-12 22:19:25 UTC (rev 7548)
+++ trunk/src/main/org/jboss/seam/security/management/IdentityStore.java 2008-03-13 01:11:48 UTC (rev 7549)
@@ -10,6 +10,58 @@
*/
public interface IdentityStore
{
+ public class FeatureSet
+ {
+ public static final int FEATURE_CREATE_USER = 1;
+ public static final int FEATURE_DELETE_USER = 2;
+ public static final int FEATURE_ENABLE_USER = 4;
+ public static final int FEATURE_DISABLE_USER = 8;
+ public static final int FEATURE_CHANGE_PASSWORD = 16;
+
+ public static final int FEATURE_CREATE_ROLE = 32;
+ public static final int FEATURE_DELETE_ROLE = 64;
+ public static final int FEATURE_GRANT_ROLE = 128;
+ public static final int FEATURE_REVOKE_ROLE = 256;
+
+ public static final int FEATURE_ALL_USER = FEATURE_CREATE_USER |
+ FEATURE_DELETE_USER |
+ FEATURE_ENABLE_USER |
+ FEATURE_DISABLE_USER |
+ FEATURE_CHANGE_PASSWORD;
+
+ public static final int FEATURE_ALL_ROLE = FEATURE_CREATE_ROLE |
+ FEATURE_DELETE_ROLE |
+ FEATURE_GRANT_ROLE |
+ FEATURE_REVOKE_ROLE;
+
+ public static final int FEATURE_ALL = FEATURE_ALL_USER | FEATURE_ALL_ROLE;
+
+ private int features;
+
+ public FeatureSet(int features)
+ {
+ this.features = features;
+ }
+
+ public FeatureSet addFeature(int feature)
+ {
+ features |= feature;
+ return this;
+ }
+
+ public int getFeatures()
+ {
+ return features;
+ }
+
+ public boolean supports(int feature)
+ {
+ return (features & feature) == feature;
+ }
+ }
+
+ boolean supportsFeature(int feature);
+
boolean createUser(String username, String password);
boolean deleteUser(String name);
boolean enableUser(String name);
Modified: trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java 2008-03-12 22:19:25 UTC (rev 7548)
+++ trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java 2008-03-13 01:11:48 UTC (rev 7549)
@@ -36,12 +36,29 @@
public static final String EVENT_ACCOUNT_CREATED = "org.jboss.seam.security.management.accountCreated";
public static final String EVENT_ACCOUNT_AUTHENTICATED = "org.jboss.seam.security.management.accountAuthenticated";
+ protected FeatureSet featureSet = new FeatureSet(FeatureSet.FEATURE_ALL);
+
private String entityManagerName = "entityManager";
private Class<? extends UserAccount> accountClass;
private Map<String,Set<String>> roleCache;
+ public int getFeatures()
+ {
+ return featureSet.getFeatures();
+ }
+
+ public void setFeatures(int features)
+ {
+ featureSet = new FeatureSet(features);
+ }
+
+ public boolean supportsFeature(int feature)
+ {
+ return featureSet.supports(feature);
+ }
+
@Create
public void init()
{
Modified: trunk/src/main/org/jboss/seam/security/management/LdapIdentityStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/LdapIdentityStore.java 2008-03-12 22:19:25 UTC (rev 7548)
+++ trunk/src/main/org/jboss/seam/security/management/LdapIdentityStore.java 2008-03-13 01:11:48 UTC (rev 7549)
@@ -31,6 +31,8 @@
@BypassInterceptors
public class LdapIdentityStore implements IdentityStore
{
+ protected FeatureSet featureSet = new FeatureSet(FeatureSet.FEATURE_ALL);
+
private String serverAddress = "localhost";
private int serverPort = 389;
@@ -52,7 +54,7 @@
private boolean roleAttributeIsDN = true;
private String roleNameAttribute = "cn";
-
+
public String getServerAddress()
{
return serverAddress;
@@ -163,6 +165,21 @@
this.roleNameAttribute = roleNameAttribute;
}
+ public int getFeatures()
+ {
+ return featureSet.getFeatures();
+ }
+
+ public void setFeatures(int features)
+ {
+ featureSet = new FeatureSet(features);
+ }
+
+ public boolean supportsFeature(int feature)
+ {
+ return featureSet.supports(feature);
+ }
+
protected final InitialLdapContext initialiseContext()
throws NamingException
{
@@ -251,8 +268,19 @@
public boolean deleteRole(String role)
{
- // TODO Auto-generated method stub
- return false;
+ InitialLdapContext ctx = null;
+ try
+ {
+ ctx = initialiseContext();
+
+ String roleDN = String.format("%s=%s,%s", getRoleNameAttribute(), role, roleContextDN);
+ ctx.destroySubcontext(roleDN);
+ return true;
+ }
+ catch (NamingException ex)
+ {
+ throw new IdentityManagementException("Failed to create role", ex);
+ }
}
public boolean deleteUser(String name)
18 years, 1 month
Seam SVN: r7548 - trunk/src/main/org/jboss/seam/security.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2008-03-12 18:19:25 -0400 (Wed, 12 Mar 2008)
New Revision: 7548
Modified:
trunk/src/main/org/jboss/seam/security/Identity.java
Log:
JBSEAM-2230 don't throw exception for unsupported callback
Modified: trunk/src/main/org/jboss/seam/security/Identity.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/Identity.java 2008-03-12 12:15:45 UTC (rev 7547)
+++ trunk/src/main/org/jboss/seam/security/Identity.java 2008-03-12 22:19:25 UTC (rev 7548)
@@ -572,7 +572,7 @@
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException
{
- for (int i=0; i<callbacks.length; i++)
+ for (int i=0; i < callbacks.length; i++)
{
if (callbacks[i] instanceof NameCallback)
{
@@ -585,10 +585,9 @@
}
else
{
- throw new UnsupportedCallbackException(callbacks[i], "Unsupported callback");
+ log.warn("Unsupported callback " + callbacks[i]);
}
}
-
}
};
}
18 years, 1 month
Seam SVN: r7547 - branches/Seam_2_0/doc/Seam_Reference_Guide.
by seam-commits@lists.jboss.org
Author: pete.muir(a)jboss.org
Date: 2008-03-12 08:15:45 -0400 (Wed, 12 Mar 2008)
New Revision: 7547
Modified:
branches/Seam_2_0/doc/Seam_Reference_Guide/
Log:
ignores
Property changes on: branches/Seam_2_0/doc/Seam_Reference_Guide
___________________________________________________________________
Name: svn:ignore
+ target
18 years, 1 month
Seam SVN: r7546 - branches/Seam_2_0/doc.
by seam-commits@lists.jboss.org
Author: pete.muir(a)jboss.org
Date: 2008-03-12 08:14:45 -0400 (Wed, 12 Mar 2008)
New Revision: 7546
Removed:
branches/Seam_2_0/doc/reference/
Log:
Remove old ref doc
18 years, 1 month
Seam SVN: r7544 - branches/Seam_2_0/doc/reference/en/modules.
by seam-commits@lists.jboss.org
Author: pete.muir(a)jboss.org
Date: 2008-03-12 08:05:03 -0400 (Wed, 12 Mar 2008)
New Revision: 7544
Modified:
branches/Seam_2_0/doc/reference/en/modules/testing.xml
Log:
JBSEAM-2234
Modified: branches/Seam_2_0/doc/reference/en/modules/testing.xml
===================================================================
--- branches/Seam_2_0/doc/reference/en/modules/testing.xml 2008-03-12 11:51:38 UTC (rev 7543)
+++ branches/Seam_2_0/doc/reference/en/modules/testing.xml 2008-03-12 12:05:03 UTC (rev 7544)
@@ -456,6 +456,14 @@
must put a <literal>seam.properties</literal> in each resource.
</para>
+ <para>
+ By default, a generated project will use the
+ <literal>java:/DefaultDS</literal> (a built in HSQL datasource in
+ Embedded JBoss) for testing. If you want to use another datasource
+ place the <literal>foo-ds.xml</literal> into
+ <literal>bootstrap/deploy</literal> directory.
+ </para>
+
</section>
<section>
@@ -517,6 +525,13 @@
<![CDATA[<parameter name="datasourceJndiName" value="java:/seamdiscsDatasource"/>]]>
</programlisting>
+ <para>
+ DBUnitSeamTest only works out of the box with HSQL as a datasource.
+ If you want to use another database, then you'll need to implement
+ some extra methods. Read the javadoc on
+ <literal>DBUnitSeamTest</literal> for more.
+ </para>
+
</section>
<section id="testing.mail">
18 years, 1 month
Seam SVN: r7543 - trunk/doc/reference/en/modules.
by seam-commits@lists.jboss.org
Author: pete.muir(a)jboss.org
Date: 2008-03-12 07:51:38 -0400 (Wed, 12 Mar 2008)
New Revision: 7543
Modified:
trunk/doc/reference/en/modules/testing.xml
Log:
JBSEAM-2234
Modified: trunk/doc/reference/en/modules/testing.xml
===================================================================
--- trunk/doc/reference/en/modules/testing.xml 2008-03-12 11:16:15 UTC (rev 7542)
+++ trunk/doc/reference/en/modules/testing.xml 2008-03-12 11:51:38 UTC (rev 7543)
@@ -456,6 +456,14 @@
must put a <literal>seam.properties</literal> in each resource.
</para>
+ <para>
+ By default, a generated project will use the
+ <literal>java:/DefaultDS</literal> (a built in HSQL datasource in
+ Embedded JBoss) for testing. If you want to use another datasource
+ place the <literal>foo-ds.xml</literal> into
+ <literal>bootstrap/deploy</literal> directory.
+ </para>
+
</section>
<section>
@@ -567,10 +575,34 @@
setting a TestNG test parameter named <literal>datasourceJndiName</literal>:
</para>
- <programlisting>
- <![CDATA[<parameter name="datasourceJndiName" value="java:/seamdiscsDatasource"/>]]>
- </programlisting>
+ <programlisting><![CDATA[<parameter name="datasourceJndiName" value="java:/seamdiscsDatasource"/>]]></programlisting>
+
+ <para>
+ DBUnitSeamTest has support for MySQL and HSQL - you need to tell it
+ which database is being used:
+ </para>
+
+ <programlisting><![CDATA[<parameter name="database" value="HSQL" />]]></programlisting>
+
+ <para>
+ It also allows you to insert binary data into the test data set (n.b.
+ this is untested on Windows). You need to tell it where to locate
+ these resources:
+ </para>
+
+ <programlisting><![CDATA[<parameter name="binaryDir" value="images/" />]]></programlisting>
+ <para>
+ You <emphasis>must</emphasis> specify these three parameters in your
+ <literal>testng.xml</literal>.
+ </para>
+
+ <para>
+ If you want to use DBUnitSeamTest with another database, you'll need
+ to implement some methods. Read the javadoc of
+ <literal>AbstractDBUnitSeamTest</literal> for more.
+ </para>
+
</section>
<section id="testing.mail">
18 years, 1 month
Seam SVN: r7542 - trunk/src/main/org/jboss/seam/core.
by seam-commits@lists.jboss.org
Author: pete.muir(a)jboss.org
Date: 2008-03-12 07:16:15 -0400 (Wed, 12 Mar 2008)
New Revision: 7542
Modified:
trunk/src/main/org/jboss/seam/core/ConversationList.java
Log:
minor
Modified: trunk/src/main/org/jboss/seam/core/ConversationList.java
===================================================================
--- trunk/src/main/org/jboss/seam/core/ConversationList.java 2008-03-12 05:43:30 UTC (rev 7541)
+++ trunk/src/main/org/jboss/seam/core/ConversationList.java 2008-03-12 11:16:15 UTC (rev 7542)
@@ -1,6 +1,7 @@
package org.jboss.seam.core;
import static org.jboss.seam.ScopeType.PAGE;
+import static org.jboss.seam.ScopeType.STATELESS;
import static org.jboss.seam.annotations.Install.BUILT_IN;
import java.util.ArrayList;
@@ -9,7 +10,6 @@
import java.util.Set;
import java.util.TreeSet;
-import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.Factory;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
@@ -22,7 +22,7 @@
*
* @author Gavin King
*/
-(a)Scope(ScopeType.STATELESS)
+@Scope(STATELESS)
@Name("org.jboss.seam.core.conversationListFactory")
@Install(precedence=BUILT_IN)
@BypassInterceptors
18 years, 1 month
Seam SVN: r7541 - trunk/src/main/org/jboss/seam/security/management.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2008-03-12 01:43:30 -0400 (Wed, 12 Mar 2008)
New Revision: 7541
Modified:
trunk/src/main/org/jboss/seam/security/management/LdapIdentityStore.java
trunk/src/main/org/jboss/seam/security/management/PasswordHash.java
Log:
support creating new roles, improved configuration
Modified: trunk/src/main/org/jboss/seam/security/management/LdapIdentityStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/LdapIdentityStore.java 2008-03-12 04:33:30 UTC (rev 7540)
+++ trunk/src/main/org/jboss/seam/security/management/LdapIdentityStore.java 2008-03-12 05:43:30 UTC (rev 7541)
@@ -13,6 +13,8 @@
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
@@ -29,26 +31,28 @@
@BypassInterceptors
public class LdapIdentityStore implements IdentityStore
{
-
private String serverAddress = "localhost";
private int serverPort = 389;
- private String userCtxDN = "ou=Person,dc=acme,dc=com";
+ private String userContextDN = "ou=Person,dc=acme,dc=com";
- private String roleCtxDN = "ou=Role,dc=acme,dc=com";
+ private String roleContextDN = "ou=Role,dc=acme,dc=com";
private String principalDNPrefix = "uid=";
private String principalDNSuffix = ",ou=Person,dc=acme,dc=com";
- private String bindDN;
+ private String bindDN = "cn=Manager,dc=acme,dc=com";
- private String bindCredentials;
-
- // TODO make configurable
- private boolean roleAttributeIsDN = true;
+ private String bindCredentials = "secret";
+ private String userRoleAttribute = "roles";
+
+ private boolean roleAttributeIsDN = true;
+
+ private String roleNameAttribute = "cn";
+
public String getServerAddress()
{
return serverAddress;
@@ -69,24 +73,24 @@
this.serverPort = serverPort;
}
- public String getUserCtxDN()
+ public String getUserContextDN()
{
- return userCtxDN;
+ return userContextDN;
}
- public void setUserCtxDN(String userCtxDN)
+ public void setUserContextDN(String userContextDN)
{
- this.userCtxDN = userCtxDN;
+ this.userContextDN = userContextDN;
}
- public String getRoleCtxDN()
+ public String getRoleContextDN()
{
- return roleCtxDN;
+ return roleContextDN;
}
- public void setRoleCtxDN(String roleCtxDN)
+ public void setRoleContextDN(String roleContextDN)
{
- this.roleCtxDN = roleCtxDN;
+ this.roleContextDN = roleContextDN;
}
public String getPrincipalDNPrefix()
@@ -129,6 +133,36 @@
this.bindCredentials = bindCredentials;
}
+ public String getUserRoleAttribute()
+ {
+ return userRoleAttribute;
+ }
+
+ public void setUserRoleAttribute(String userRoleAttribute)
+ {
+ this.userRoleAttribute = userRoleAttribute;
+ }
+
+ public boolean getRoleAttributeIsDN()
+ {
+ return roleAttributeIsDN;
+ }
+
+ public void setRoleAttributeIsDN(boolean value)
+ {
+ this.roleAttributeIsDN = value;
+ }
+
+ public String getRoleNameAttribute()
+ {
+ return roleNameAttribute;
+ }
+
+ public void setRoleNameAttribute(String roleNameAttribute)
+ {
+ this.roleNameAttribute = roleNameAttribute;
+ }
+
protected final InitialLdapContext initialiseContext()
throws NamingException
{
@@ -182,8 +216,31 @@
public boolean createRole(String role)
{
- // TODO Auto-generated method stub
- return false;
+ InitialLdapContext ctx = null;
+ try
+ {
+ ctx = initialiseContext();
+
+ Attributes roleAttribs = new BasicAttributes();
+
+ BasicAttribute roleClass = new BasicAttribute("objectClass");
+ roleClass.add("organizationalRole");
+
+ BasicAttribute roleName = new BasicAttribute(roleNameAttribute);
+ roleName.add(role);
+
+ roleAttribs.put(roleClass);
+ roleAttribs.put(roleName);
+
+ String roleDN = String.format("%s=%s,%s", getRoleNameAttribute(), role, roleContextDN);
+ ctx.createSubcontext(roleDN, roleAttribs);
+
+ return true;
+ }
+ catch (NamingException ex)
+ {
+ throw new IdentityManagementException("Failed to create role", ex);
+ }
}
public boolean createUser(String username, String password)
@@ -231,12 +288,7 @@
int searchScope = SearchControls.SUBTREE_SCOPE;
int searchTimeLimit = 10000;
- // TODO make configurable
- String roleAttrName = "roles";
- String[] roleAttr = {roleAttrName};
-
- // TODO make configurable
- String roleNameAttribute = "cn";
+ String[] roleAttr = { getUserRoleAttribute() };
SearchControls controls = new SearchControls();
controls.setSearchScope(searchScope);
@@ -244,12 +296,12 @@
controls.setTimeLimit(searchTimeLimit);
Object[] filterArgs = {name};
- NamingEnumeration answer = ctx.search(userCtxDN, roleFilter, filterArgs, controls);
+ NamingEnumeration answer = ctx.search(userContextDN, roleFilter, filterArgs, controls);
while (answer.hasMore())
{
SearchResult sr = (SearchResult) answer.next();
Attributes attrs = sr.getAttributes();
- Attribute roles = attrs.get(roleAttrName);
+ Attribute roles = attrs.get( getUserRoleAttribute() );
for (int r = 0; r < roles.size(); r++)
{
Object value = roles.get(r);
@@ -257,11 +309,11 @@
if (roleAttributeIsDN == true)
{
String roleDN = value.toString();
- String[] returnAttribute = {roleNameAttribute};
+ String[] returnAttribute = {getRoleNameAttribute()};
try
{
Attributes result2 = ctx.getAttributes(roleDN, returnAttribute);
- Attribute roles2 = result2.get(roleNameAttribute);
+ Attribute roles2 = result2.get(getRoleNameAttribute());
if( roles2 != null )
{
for(int m = 0; m < roles2.size(); m ++)
@@ -335,9 +387,7 @@
int searchScope = SearchControls.SUBTREE_SCOPE;
int searchTimeLimit = 10000;
- // TODO make configurable
- String roleAttrName = "cn";
- String[] roleAttr = {roleAttrName};
+ String[] roleAttr = { getRoleNameAttribute() };
SearchControls controls = new SearchControls();
controls.setSearchScope(searchScope);
@@ -348,12 +398,12 @@
String roleFilter = "(objectClass={0})";
Object[] filterArgs = {"organizationalRole"};
- NamingEnumeration answer = ctx.search(roleCtxDN, roleFilter, filterArgs, controls);
+ NamingEnumeration answer = ctx.search(roleContextDN, roleFilter, filterArgs, controls);
while (answer.hasMore())
{
SearchResult sr = (SearchResult) answer.next();
Attributes attrs = sr.getAttributes();
- Attribute user = attrs.get(roleAttrName);
+ Attribute user = attrs.get( getRoleNameAttribute() );
for (int i = 0; i < user.size(); i++)
{
@@ -407,7 +457,7 @@
String userFilter = "(objectClass={0})";
Object[] filterArgs = {"person"};
- NamingEnumeration answer = ctx.search(userCtxDN, userFilter, filterArgs, controls);
+ NamingEnumeration answer = ctx.search(userContextDN, userFilter, filterArgs, controls);
while (answer.hasMore())
{
SearchResult sr = (SearchResult) answer.next();
@@ -454,7 +504,7 @@
public boolean roleExists(String name)
{
- return true;
+ return false;
}
public boolean userExists(String name)
Modified: trunk/src/main/org/jboss/seam/security/management/PasswordHash.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/PasswordHash.java 2008-03-12 04:33:30 UTC (rev 7540)
+++ trunk/src/main/org/jboss/seam/security/management/PasswordHash.java 2008-03-12 05:43:30 UTC (rev 7541)
@@ -4,6 +4,11 @@
import org.jboss.seam.util.Base64;
+/**
+ * Password hashing utility functions
+ *
+ * @author Shane Bryzak
+ */
public class PasswordHash
{
public enum Algorithm {SHA, MD5}
18 years, 1 month
Seam SVN: r7540 - in trunk/src: test/unit/org/jboss/seam/test/unit and 1 other directory.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2008-03-12 00:33:30 -0400 (Wed, 12 Mar 2008)
New Revision: 7540
Added:
trunk/src/main/org/jboss/seam/security/management/PasswordHash.java
trunk/src/test/unit/org/jboss/seam/test/unit/PasswordHashTest.java
Modified:
trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java
trunk/src/test/unit/org/jboss/seam/test/unit/testng.xml
Log:
refactored password hashing, base64 encode instead of hex encode
Modified: trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java 2008-03-12 02:23:43 UTC (rev 7539)
+++ trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java 2008-03-12 04:33:30 UTC (rev 7540)
@@ -2,7 +2,6 @@
import static org.jboss.seam.ScopeType.APPLICATION;
-import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
@@ -22,7 +21,6 @@
import org.jboss.seam.core.Events;
import org.jboss.seam.security.Identity;
import org.jboss.seam.security.management.UserAccount.AccountType;
-import org.jboss.seam.util.Hex;
/**
* The default identity store implementation, uses JPA as its persistence mechanism.
@@ -38,9 +36,6 @@
public static final String EVENT_ACCOUNT_CREATED = "org.jboss.seam.security.management.accountCreated";
public static final String EVENT_ACCOUNT_AUTHENTICATED = "org.jboss.seam.security.management.accountAuthenticated";
- private String hashFunction = "MD5";
- private String hashCharset = "UTF-8";
-
private String entityManagerName = "entityManager";
private Class<? extends UserAccount> accountClass;
@@ -97,7 +92,7 @@
}
else
{
- account.setPasswordHash(hashPassword(password, username));
+ account.setPasswordHash(PasswordHash.generateHash(password, username));
account.setEnabled(true);
}
@@ -275,7 +270,7 @@
throw new NoSuchUserException("Could not change password, user '" + name + "' does not exist");
}
- account.setPasswordHash(hashPassword(password, name));
+ account.setPasswordHash(PasswordHash.generateHash(password, name));
mergeAccount(account);
return true;
}
@@ -359,7 +354,8 @@
return false;
}
- boolean success = hashPassword(password, username).equals(account.getPasswordHash());
+ String passwordHash = PasswordHash.generateHash(password, username);
+ boolean success = passwordHash.equals(account.getPasswordHash());
if (success && Events.exists())
{
@@ -475,26 +471,5 @@
public void setEntityManagerName(String name)
{
this.entityManagerName = name;
- }
-
- protected String hashPassword(String password, String saltPhrase)
- {
- try {
- MessageDigest md = MessageDigest.getInstance(hashFunction);
-
- md.update(saltPhrase.getBytes());
- byte[] salt = md.digest();
-
- md.reset();
- md.update(password.getBytes(hashCharset));
- md.update(salt);
-
- byte[] raw = md.digest();
-
- return new String(Hex.encodeHex(raw));
- }
- catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
+ }
}
Added: trunk/src/main/org/jboss/seam/security/management/PasswordHash.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/PasswordHash.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/management/PasswordHash.java 2008-03-12 04:33:30 UTC (rev 7540)
@@ -0,0 +1,54 @@
+package org.jboss.seam.security.management;
+
+import java.security.MessageDigest;
+
+import org.jboss.seam.util.Base64;
+
+public class PasswordHash
+{
+ public enum Algorithm {SHA, MD5}
+
+ private static final Algorithm DEFAULT_ALGORITHM = Algorithm.MD5;
+
+ public static String generateHash(String password)
+ {
+ return generateHash(password, DEFAULT_ALGORITHM);
+ }
+
+ public static String generateHash(String password, Algorithm algorithm)
+ {
+ return generateHash(password, algorithm, null);
+ }
+
+ public static String generateHash(String password, String saltPhrase)
+ {
+ return generateHash(password, DEFAULT_ALGORITHM, saltPhrase);
+ }
+
+ public static String generateHash(String password, Algorithm algorithm, String saltPhrase)
+ {
+ try {
+ MessageDigest md = MessageDigest.getInstance(algorithm.name());
+
+ if (saltPhrase != null)
+ {
+ md.update(saltPhrase.getBytes());
+ byte[] salt = md.digest();
+
+ md.reset();
+ md.update(password.getBytes());
+ md.update(salt);
+ }
+ else
+ {
+ md.update(password.getBytes());
+ }
+
+ byte[] raw = md.digest();
+ return Base64.encodeBytes(raw);
+ }
+ catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+}
Added: trunk/src/test/unit/org/jboss/seam/test/unit/PasswordHashTest.java
===================================================================
--- trunk/src/test/unit/org/jboss/seam/test/unit/PasswordHashTest.java (rev 0)
+++ trunk/src/test/unit/org/jboss/seam/test/unit/PasswordHashTest.java 2008-03-12 04:33:30 UTC (rev 7540)
@@ -0,0 +1,22 @@
+package org.jboss.seam.test.unit;
+
+import org.jboss.seam.security.management.PasswordHash;
+import org.jboss.seam.security.management.PasswordHash.Algorithm;
+import org.testng.annotations.Test;
+
+public class PasswordHashTest
+{
+ @Test
+ public void testMd5Hash()
+ {
+ String hash = PasswordHash.generateHash("secret", Algorithm.MD5);
+ assert hash.equals("Xr4ilOzQ4PCOq3aQ0qbuaQ==");
+ }
+
+ @Test
+ public void testShaHash()
+ {
+ String hash = PasswordHash.generateHash("secret", Algorithm.SHA);
+ assert hash.equals("5en6G6MezRroT3XKqkdPOmY/BfQ=");
+ }
+}
Modified: trunk/src/test/unit/org/jboss/seam/test/unit/testng.xml
===================================================================
--- trunk/src/test/unit/org/jboss/seam/test/unit/testng.xml 2008-03-12 02:23:43 UTC (rev 7539)
+++ trunk/src/test/unit/org/jboss/seam/test/unit/testng.xml 2008-03-12 04:33:30 UTC (rev 7540)
@@ -45,6 +45,12 @@
</classes>
</test>
+ <test name="Seam Unit Tests: Password Hash">
+ <classes>
+ <class name="org.jboss.seam.test.unit.PasswordHashTest"/>
+ </classes>
+ </test>
+
<test name="Seam Unit Tests: Framework">
<classes>
<class name="org.jboss.seam.test.unit.HomeTest" />
18 years, 1 month