1:41 a.m.
Author: shane.bryzak(a)jboss.com
Date: 2009-04-15 02:41:39 -0400 (Wed, 15 Apr 2009)
New Revision: 10420
Modified:
trunk/examples/seamspace/resources/import.sql
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/CommentAction.java
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/HashGenerator.java
trunk/examples/seamspace/view/hashgen.xhtml
Log:
use the new password hash stuff
Modified: trunk/examples/seamspace/resources/import.sql
===================================================================
--- trunk/examples/seamspace/resources/import.sql 2009-04-15 06:41:04 UTC (rev 10419)
+++ trunk/examples/seamspace/resources/import.sql 2009-04-15 06:41:39 UTC (rev 10420)
@@ -7,10 +7,10 @@
insert into MemberRole (roleid, name, conditional) values (2, 'admin', false);
insert into MemberRole (roleid, name, conditional) values (3, 'friends', true);
-insert into MemberAccount (accountid, username, passwordhash, passwordsalt, enabled,
member_id) values (1, 'demo',
'Lb9y5+2nJZ6M4dI9d1Fjy60G21jn9SCY3mpWu4AodsI=', 'dNrc6UsJxXo=', 1, 1);
-insert into MemberAccount (accountid, username, passwordhash, passwordsalt, enabled,
member_id) values (2, 'duke',
'Ci9yZp93B/Ig/ElmuBjbq7ldpLp5Dh0Qh4YTP7iquKY=', 'lyEG5QdmTME=', 1, 2);
-insert into MemberAccount (accountid, username, passwordhash, passwordsalt, enabled,
member_id) values (3, 'shadowman',
'vNY1tLpId6KQLeTXEB4yShDAyAlwV4BvfPq11HpBHzM=', 'kKBf7ZH3DDk=', 1, 3);
-insert into MemberAccount (accountid, username, passwordhash, passwordsalt, enabled,
member_id) values (4, 'mona',
'Vgt0PPvkzacu4qeLYF3USIpN79blPo5TR2JYm0Ak9xA=', 'BM0mitVT6Gg=', 1, 4);
+insert into MemberAccount (accountid, username, passwordhash, passwordsalt, enabled,
member_id) values (1, 'demo', '70D33A98C7E76C7365A7C58F88CA8A89373B6EB5',
'C0FA5E59FC18E1E1', 1, 1);
+insert into MemberAccount (accountid, username, passwordhash, passwordsalt, enabled,
member_id) values (2, 'duke', '8D18E5D7DB472FF8AA3E3984F16BFDDA2B265598',
'576EF3D383B00897', 1, 2);
+insert into MemberAccount (accountid, username, passwordhash, passwordsalt, enabled,
member_id) values (3, 'shadowman',
'1D70EA4F262D46525F38DA0C1A130FFF1CA02149', '727D5C9995088913', 1, 3);
+insert into MemberAccount (accountid, username, passwordhash, passwordsalt, enabled,
member_id) values (4, 'mona', 'CDF580AB2AFC6F7FBCF5A1F114E383DB0DF9E309',
'7D804DD05067750C', 1, 4);
insert into AccountMembership (accountid, memberof) values (1, 2);
insert into AccountMembership (accountid, memberof) values (2, 1);
Modified:
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/CommentAction.java
===================================================================
---
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/CommentAction.java 2009-04-15
06:41:04 UTC (rev 10419)
+++
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/CommentAction.java 2009-04-15
06:41:39 UTC (rev 10420)
@@ -10,11 +10,13 @@
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.Transactional;
import org.jboss.seam.annotations.security.Insert;
import org.jboss.seam.core.Conversation;
@Scope(CONVERSATION)
@Name("commentAction")
+@Transactional
public class CommentAction
{
@In
Modified:
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/HashGenerator.java
===================================================================
---
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/HashGenerator.java 2009-04-15
06:41:04 UTC (rev 10419)
+++
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/HashGenerator.java 2009-04-15
06:41:39 UTC (rev 10420)
@@ -4,9 +4,9 @@
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.security.crypto.BinTools;
import org.jboss.seam.security.management.JpaIdentityStore;
import org.jboss.seam.security.management.PasswordHash;
-import org.jboss.seam.util.Base64;
@Scope(ScopeType.EVENT)
@Name("hashgenerator")
@@ -50,8 +50,29 @@
public void generate()
{
- byte[] salt = PasswordHash.instance().generateRandomSalt();
- passwordSalt = Base64.encodeBytes(salt);
+ byte[] salt;
+
+ if (passwordSalt == null || "".equals(passwordSalt.trim()))
+ {
+ salt = PasswordHash.instance().generateRandomSalt();
+ passwordSalt = BinTools.bin2hex(salt);
+ }
+ else
+ {
+ salt = BinTools.hex2bin(passwordSalt);
+ }
+
passwordHash = identityStore.generatePasswordHash(password, salt);
}
+
+ public String getSql()
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.append("INSERT INTO USER_ACCOUNT (username, password_hash, password_salt)
values ('johnsmith', '");
+ sb.append(passwordHash);
+ sb.append("', '");
+ sb.append(passwordSalt);
+ sb.append("');");
+ return sb.toString();
+ }
}
Modified: trunk/examples/seamspace/view/hashgen.xhtml
===================================================================
--- trunk/examples/seamspace/view/hashgen.xhtml 2009-04-15 06:41:04 UTC (rev 10419)
+++ trunk/examples/seamspace/view/hashgen.xhtml 2009-04-15 06:41:39 UTC (rev 10420)
@@ -25,6 +25,13 @@
<h:inputText id="password"
value="#{hashgenerator.password}" required="true"
styleClass="wide"/>
<div class="validationError"><h:message
for="password"/></div>
</div>
+
+ <div class="formRow">
+ <h:outputLabel for="salt">Password salt</h:outputLabel>
+ <h:inputText id="salt"
value="#{hashgenerator.passwordSalt}" required="false"
styleClass="wide"/>
+ <span>(Leave blank to generate a random salt)</span>
+ <div class="validationError"><h:message
for="salt"/></div>
+ </div>
<h:commandButton action="#{hashgenerator.generate}"
value="Generate hash"/>
@@ -32,8 +39,9 @@
<h2>Results</h2>
- <div>Generated hash (base 64 encoded):
<pre>#{hashgenerator.passwordHash}</pre></div>
- <div>Randomly generated password salt (base 64 encoded):
<pre>#{hashgenerator.passwordSalt}</pre></div>
+ <div>Generated hash (hex encoded):
<pre>#{hashgenerator.passwordHash}</pre></div>
+
+ <div>Example SQL:<br/><textarea
style="width:640px;height:50px">#{hashgenerator.sql}</textarea></div>
</ui:define>