[jboss-cvs] Picketbox SVN: r278 - in trunk: security-spi/spi/src/main/java/org/jboss/security/vault and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Nov 1 11:40:25 EDT 2011
Author: anil.saldhana at jboss.com
Date: 2011-11-01 11:40:24 -0400 (Tue, 01 Nov 2011)
New Revision: 278
Added:
trunk/security-spi/spi/src/main/java/org/jboss/security/vault/SecurityVaultUtil.java
Modified:
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/callback/DatabaseCallbackHandler.java
Log:
SECURITY-467: cbh using DB
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/callback/DatabaseCallbackHandler.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/callback/DatabaseCallbackHandler.java 2011-11-01 01:46:57 UTC (rev 277)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/callback/DatabaseCallbackHandler.java 2011-11-01 15:40:24 UTC (rev 278)
@@ -40,6 +40,8 @@
import org.jboss.logging.Logger;
import org.jboss.security.ErrorCodes;
+import org.jboss.security.vault.SecurityVaultException;
+import org.jboss.security.vault.SecurityVaultUtil;
/**
* <p>
@@ -216,6 +218,20 @@
}
dsUserName = config.get(DB_USERNAME);
dsUserPass = config.get(DB_USERPASS);
+ if(dsUserPass != null)
+ {
+ if(SecurityVaultUtil.isVaultFormat(dsUserPass))
+ {
+ try
+ {
+ dsUserPass = SecurityVaultUtil.getValueAsString(dsUserPass);
+ }
+ catch (SecurityVaultException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+ }
tmp = config.get(PRINCIPALS_QUERY);
if(tmp != null)
Added: trunk/security-spi/spi/src/main/java/org/jboss/security/vault/SecurityVaultUtil.java
===================================================================
--- trunk/security-spi/spi/src/main/java/org/jboss/security/vault/SecurityVaultUtil.java (rev 0)
+++ trunk/security-spi/spi/src/main/java/org/jboss/security/vault/SecurityVaultUtil.java 2011-11-01 15:40:24 UTC (rev 278)
@@ -0,0 +1,113 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.vault;
+
+import java.util.StringTokenizer;
+
+import org.jboss.security.vault.SecurityVault;
+import org.jboss.security.vault.SecurityVaultException;
+import org.jboss.security.vault.SecurityVaultFactory;
+
+/**
+ * Common utility methods associated with the {@link SecurityVault}
+ *
+ * @author anil saldhana
+ */
+public class SecurityVaultUtil
+{
+ public static final String VAULT_PREFIX = "VAULT";
+
+ /**
+ * Check whether the string has the format of the vault
+ *
+ * @param str
+ * @return
+ */
+ public static boolean isVaultFormat(String str)
+ {
+ return str.startsWith(VAULT_PREFIX);
+ }
+
+ /**
+ * <p>
+ * Given the vault formatted string, retrieve the attribute value from the
+ * vault
+ * </p>
+ * <p>
+ * Note: the vault formatted string will be of the form
+ * VAULT::vault_block::attribute_name::sharedKey
+ * </p>
+ *
+ * <p>
+ * Vault Block acts as the unique id of a block such as "messaging",
+ * "security" etc Attribute Name is the name of the attribute whose value we
+ * are preserving Shared Key is the key generated by the off line vault
+ * during storage of the attribute value
+ * </p>
+ *
+ * @param vaultString
+ * @return
+ * @throws SecurityVaultException
+ */
+ public static char[] getValue(String vaultString)
+ throws SecurityVaultException
+ {
+ if (!isVaultFormat(vaultString))
+ throw new IllegalArgumentException(
+ "vaultString is of the wrong format:" + vaultString);
+ String[] tokens = tokens(vaultString);
+
+ SecurityVault vault = SecurityVaultFactory.get();
+ if (!vault.isInitialized())
+ throw new SecurityVaultException("Vault is not initialized");
+ return vault.retrieve(tokens[1], tokens[2], tokens[3].getBytes());
+ }
+
+ /**
+ * @see #getValue(String)
+ * @param vaultString
+ * @return
+ * @throws SecurityVaultException
+ */
+ public static String getValueAsString(String vaultString)
+ throws SecurityVaultException
+ {
+ char[] val = getValue(vaultString);
+ if (val != null)
+ return new String(val);
+ return null;
+ }
+
+ private static String[] tokens(String vaultString)
+ {
+ StringTokenizer tokenizer = new StringTokenizer(vaultString, "::");
+ int length = tokenizer.countTokens();
+ String[] tokens = new String[length];
+
+ int index = 0;
+ while (tokenizer != null && tokenizer.hasMoreTokens())
+ {
+ tokens[index++] = tokenizer.nextToken();
+ }
+ return tokens;
+ }
+}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list