/*
|
* Nutzerverwaltung - User and role management in your browser
|
* Copyright (C) 2011-2016 Ulrich Hilger, http://uhilger.de
|
*
|
* This program is free software: you can redistribute it and/or modify
|
* it under the terms of the GNU General Public License as published by
|
* the Free Software Foundation, either version 3 of the License, or
|
* (at your option) any later version.
|
*
|
* This program is distributed in the hope that it will be useful,
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
* GNU General Public License for more details.
|
*
|
* You should have received a copy of the GNU General Public License
|
* along with this program. If not, see http://www.gnu.org/licenses/
|
*/
|
|
package de.uhilger.um;
|
|
import java.security.NoSuchAlgorithmException;
|
import java.util.logging.Level;
|
import java.util.logging.Logger;
|
import org.apache.catalina.realm.MessageDigestCredentialHandler;
|
|
/**
|
* Ein Digester für die Nutzerverwaltung, der die Klasse
|
* RealmBase von Tomcat zum Verschlüsseln nutzt
|
*
|
* @author Copyright (c) Ulrich Hilger, http://uhilger.de
|
* @author Published under the terms and conditions of the
|
* <a href="http://www.gnu.org/licenses/agpl-3.0" target="_blank">GNU Affero
|
* General Public License</a>
|
*
|
* @version 2, December 27, 2016
|
*/
|
public class TomcatDigester implements Digester {
|
|
@Override
|
public String digest(String text, String algorithm, String encoding) {
|
/*
|
Die Methode RealmBase.Digest ist mit dem Hinweis 'unused' ab
|
Tomcat 9 entfernt worden. Das, obwohl die Tomcat-eigene Dokumentation
|
diese Methode ausdruecklich nennt, vgl. "Digested Passwords"
|
auf http://tomcat.apache.org/tomcat-10.0-doc/realm-howto.html
|
|
Als Ersatz wird der MessageDigestCredentialHandler verwendet
|
*/
|
//return RealmBase.Digest(text, algorithm, encoding);
|
//return text;
|
MessageDigestCredentialHandler mh = new MessageDigestCredentialHandler();
|
try {
|
mh.setAlgorithm(algorithm);
|
} catch (NoSuchAlgorithmException ex) {
|
Logger.getLogger(TomcatDigester.class.getName()).log(Level.SEVERE, null, ex);
|
}
|
mh.setEncoding(encoding);
|
return mh.mutate(text);
|
}
|
|
@Override
|
public boolean matches(String inputCredentials, String storedCredentials, String algorithm, String encoding) {
|
MessageDigestCredentialHandler mh = new MessageDigestCredentialHandler();
|
try {
|
mh.setAlgorithm(algorithm);
|
} catch (NoSuchAlgorithmException ex) {
|
Logger.getLogger(TomcatDigester.class.getName()).log(Level.SEVERE, null, ex);
|
}
|
mh.setEncoding(encoding);
|
return mh.matches(inputCredentials, storedCredentials);
|
}
|
|
}
|