Anpassung an geaenderten Authentifizierungs-Mechanismus von Tomcat.
1 files added
4 files modified
| | |
| | | |
| | | package de.uhilger.um; |
| | | |
| | | import org.apache.catalina.realm.RealmBase; |
| | | |
| | | /** |
| | | * Ein Digester für die Nutzerverwaltung, der die Klasse |
| | | * RealmBase von Tomcat zum Verschlüsseln nutzt |
| | |
| | | |
| | | @Override |
| | | public String digest(String text, String algorithm, String encoding) { |
| | | return RealmBase.Digest(text, algorithm, encoding); |
| | | //return RealmBase.Digest(text, algorithm, encoding); |
| | | return text; |
| | | } |
| | | |
| | | } |
New file |
| | |
| | | /* |
| | | * To change this license header, choose License Headers in Project Properties. |
| | | * To change this template file, choose Tools | Templates |
| | | * and open the template in the editor. |
| | | */ |
| | | package de.uhilger.um; |
| | | |
| | | /** |
| | | * |
| | | * @author ulrich |
| | | */ |
| | | public class UmDigester implements Digester { |
| | | |
| | | @Override |
| | | public String digest(String text, String algorithm, String encoding) { |
| | | /* |
| | | hier muss ein Verschluesselungsalgorithmus implementiert werden |
| | | der mit einem eigenen Credentialhandler von Tomcat funktioniert |
| | | Bis das erfolgt ist, wird in server.xml ohne CredentialHandler |
| | | gearbeitet, also das Kennwort ohne verschluesselung gelesen |
| | | */ |
| | | return text; |
| | | } |
| | | |
| | | } |
| | |
| | | /* ----------- Benutzer -------------- */ |
| | | |
| | | public User createUser(User user) throws ClassNotFoundException, InstantiationException, IllegalAccessException { |
| | | |
| | | /* |
| | | Irgendetwas wurde am Tomcat-Mechanismus fuer verschluesslete Kennworte |
| | | geaendert. Es muss ein eigener Mechanismus implementiert werden. |
| | | Bis da hin wird das Kennwort im Klartext in der Datenbank gespeichert. |
| | | */ |
| | | |
| | | |
| | | |
| | | String kw = user.getPw(); |
| | | String digesterClassName = getServletContext().getInitParameter(P_DIGESTER); |
| | | Digester digester = (Digester) Class.forName(digesterClassName).newInstance(); |
| | | |
| | | /* |
| | | MD5 geht nicht mehr, |
| | | vgl. http://stackoverflow.com/questions/39967289/how-to-use-digest-authentication-in-tomcat-8-5 |
| | | */ |
| | | |
| | | String digestedPw = digester.digest(kw, Digester.SHA256, null); |
| | | user.setPw(digestedPw); |
| | | |
| | | getDb().insert(user, getMapper(MP_USER)); |
| | | return user; |
| | | } |
| | |
| | | username="dbadmin" |
| | | password="changeit" |
| | | driverClassName="org.apache.derby.jdbc.ClientDriver" |
| | | url="jdbc:derby://dbsrv:1527/udb;create=true" |
| | | url="jdbc:derby://localhost:1527/udb;create=true" |
| | | maxActive="60" |
| | | maxIdle="30" |
| | | maxWait="5000" |
| | |
| | | </context-param> |
| | | <context-param> |
| | | <param-name>digester</param-name> |
| | | <param-value>de.uhilger.um.TomcatDigester</param-value> |
| | | <param-value>de.uhilger.um.UmDigester</param-value> |
| | | </context-param> |
| | | <filter> |
| | | <filter-name>NiceFilter</filter-name> |
| | |
| | | <web-resource-name>nutzerAdmin</web-resource-name> |
| | | <description>Nutzer-Administration</description> |
| | | <url-pattern>/ui/*</url-pattern> |
| | | <url-pattern>/ui*</url-pattern> |
| | | <url-pattern>/svc/*</url-pattern> |
| | | <url-pattern>/svc*</url-pattern> |
| | | <url-pattern>/api/*</url-pattern> |
| | | <url-pattern>/api*</url-pattern> |
| | | </web-resource-collection> |
| | | <auth-constraint> |
| | | <description>nutzerAdminAuthContraint</description> |
| | |
| | | <web-resource-collection> |
| | | <web-resource-name>nutzerProfil</web-resource-name> |
| | | <description>Nutzerprofil</description> |
| | | <url-pattern>/prf*</url-pattern> |
| | | <url-pattern>/prf/*</url-pattern> |
| | | <url-pattern>/profil/*</url-pattern> |
| | | </web-resource-collection> |