[jboss-cvs] JBossAS SVN: r74926 - projects/security/security-negotiation/trunk/jboss-negotiation/src/main/java/org/jboss/security/negotiation/prototype.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jun 23 18:35:39 EDT 2008
Author: darran.lofthouse at jboss.com
Date: 2008-06-23 18:35:39 -0400 (Mon, 23 Jun 2008)
New Revision: 74926
Added:
projects/security/security-negotiation/trunk/jboss-negotiation/src/main/java/org/jboss/security/negotiation/prototype/DecodeAction.java
Log:
Borrow existing login module.
Copied: projects/security/security-negotiation/trunk/jboss-negotiation/src/main/java/org/jboss/security/negotiation/prototype/DecodeAction.java (from rev 74925, projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/auth/spi/DecodeAction.java)
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation/src/main/java/org/jboss/security/negotiation/prototype/DecodeAction.java (rev 0)
+++ projects/security/security-negotiation/trunk/jboss-negotiation/src/main/java/org/jboss/security/negotiation/prototype/DecodeAction.java 2008-06-23 22:35:39 UTC (rev 74926)
@@ -0,0 +1,110 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.auth.spi;
+
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+import javax.crypto.Cipher;
+import javax.management.ObjectName;
+
+import org.jboss.security.config.SecurityConfiguration;
+
+/**
+ * PriviledgedActions used by login modules for decoding passwords
+ *
+ * @author Scott.Stark at jboss.org
+ * @version $Revision$
+ */
+class DecodeAction implements PrivilegedExceptionAction<Object>
+{
+ /** The permission required to access decode, decode64 */
+ private static final RuntimePermission decodePermission =
+ new RuntimePermission("org.jboss.security.auth.spi.DecodeAction.decode");
+
+ String password;
+ ObjectName serviceName;
+
+ DecodeAction(String password, ObjectName serviceName)
+ {
+ this.password = password;
+ this.serviceName = serviceName;
+ }
+
+ /**
+ *
+ * @return
+ * @throws Exception
+ */
+ public Object run() throws Exception
+ {
+ // Invoke the decodeb64 op
+ byte[] secret = decode64(password);
+ // Convert to UTF-8 base char array
+ String secretPassword = new String(secret, "UTF-8");
+ return secretPassword.toCharArray();
+ }
+
+ private byte[] decode64(String secret)
+ throws Exception
+ {
+ byte[] encoding = Util.fromb64(secret);
+ byte[] decode = decode(encoding);
+ return decode;
+ }
+
+ /** Decrypt the secret using the cipherKey.
+ *
+ * @param secret - the encrypted secret to decrypt.
+ * @return the decrypted secret
+ * @throws Exception
+ */
+ private byte[] decode(byte[] secret)
+ throws Exception
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if( sm != null )
+ sm.checkPermission(decodePermission);
+
+ Cipher cipher = Cipher.getInstance(SecurityConfiguration.getCipherAlgorithm());
+ cipher.init(Cipher.DECRYPT_MODE, SecurityConfiguration.getCipherKey(),
+ SecurityConfiguration.getCipherSpec());
+ byte[] decode = cipher.doFinal(secret);
+ return decode;
+ }
+
+ static char[] decode(String password, ObjectName serviceName)
+ throws Exception
+ {
+ DecodeAction action = new DecodeAction(password, serviceName);
+ try
+ {
+ char[] decode = (char[]) AccessController.doPrivileged(action);
+ return decode;
+ }
+ catch(PrivilegedActionException e)
+ {
+ throw e.getException();
+ }
+ }
+}
More information about the jboss-cvs-commits
mailing list