| commit | author | age | ||
| 6240cd | 1 | /* |
| 51c9e3 | 2 | * Nutzerverwaltung - User and role management in your browser |
| U | 3 | * Copyright (C) 2011-2016 Ulrich Hilger, http://uhilger.de |
| 4 | * | |
| 5 | * This program is free software: you can redistribute it and/or modify | |
| 6 | * it under the terms of the GNU General Public License as published by | |
| 7 | * the Free Software Foundation, either version 3 of the License, or | |
| 8 | * (at your option) any later version. | |
| 9 | * | |
| 10 | * This program is distributed in the hope that it will be useful, | |
| 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 13 | * GNU General Public License for more details. | |
| 14 | * | |
| 15 | * You should have received a copy of the GNU General Public License | |
| 16 | * along with this program. If not, see http://www.gnu.org/licenses/ | |
| 6240cd | 17 | */ |
| 51c9e3 | 18 | |
| 6240cd | 19 | package de.uhilger.um; |
| U | 20 | |
| 8a5d57 | 21 | import java.security.NoSuchAlgorithmException; |
| U | 22 | import java.util.logging.Level; |
| 23 | import java.util.logging.Logger; | |
| 24 | import org.apache.catalina.realm.MessageDigestCredentialHandler; | |
| 25 | ||
| 6240cd | 26 | /** |
| 8a5d57 | 27 | * Ein Digester für die Nutzerverwaltung, der die Klasse |
| U | 28 | * RealmBase von Tomcat zum Verschlüsseln nutzt |
| 6240cd | 29 | * |
| 1fc020 | 30 | * @author Copyright (c) Ulrich Hilger, http://uhilger.de |
| U | 31 | * @author Published under the terms and conditions of the |
| 32 | * <a href="http://www.gnu.org/licenses/agpl-3.0" target="_blank">GNU Affero | |
| 33 | * General Public License</a> | |
| 34 | * | |
| 35 | * @version 2, December 27, 2016 | |
| 6240cd | 36 | */ |
| U | 37 | public class TomcatDigester implements Digester { |
| 38 | ||
| 39 | @Override | |
| 40 | public String digest(String text, String algorithm, String encoding) { | |
| 8a5d57 | 41 | /* |
| U | 42 | Die Methode RealmBase.Digest ist mit dem Hinweis 'unused' ab |
| 43 | Tomcat 9 entfernt worden. Das, obwohl die Tomcat-eigene Dokumentation | |
| 44 | diese Methode ausdruecklich nennt, vgl. "Digested Passwords" | |
| 45 | auf http://tomcat.apache.org/tomcat-10.0-doc/realm-howto.html | |
| 46 | ||
| 47 | Als Ersatz wird der MessageDigestCredentialHandler verwendet | |
| 48 | */ | |
| 8318da | 49 | //return RealmBase.Digest(text, algorithm, encoding); |
| 8a5d57 | 50 | //return text; |
| U | 51 | MessageDigestCredentialHandler mh = new MessageDigestCredentialHandler(); |
| 52 | try { | |
| 53 | mh.setAlgorithm(algorithm); | |
| 54 | } catch (NoSuchAlgorithmException ex) { | |
| 55 | Logger.getLogger(TomcatDigester.class.getName()).log(Level.SEVERE, null, ex); | |
| 56 | } | |
| 57 | mh.setEncoding(encoding); | |
| 58 | return mh.mutate(text); | |
| 6240cd | 59 | } |
| 3ae5ee | 60 | |
| U | 61 | @Override |
| 62 | public boolean matches(String inputCredentials, String storedCredentials, String algorithm, String encoding) { | |
| 63 | MessageDigestCredentialHandler mh = new MessageDigestCredentialHandler(); | |
| 64 | try { | |
| 65 | mh.setAlgorithm(algorithm); | |
| 66 | } catch (NoSuchAlgorithmException ex) { | |
| 67 | Logger.getLogger(TomcatDigester.class.getName()).log(Level.SEVERE, null, ex); | |
| 68 | } | |
| 69 | mh.setEncoding(encoding); | |
| 70 | return mh.matches(inputCredentials, storedCredentials); | |
| 71 | } | |
| 6240cd | 72 | |
| U | 73 | } |
