From e0ec318eaf4c6f6129f57174bcb5873763541c13 Mon Sep 17 00:00:00 2001
From: ulrich <not disclosed>
Date: Fri, 06 Jan 2017 18:28:37 +0000
Subject: [PATCH] Digester auf SHA-256 umgestellt

---
 src/java/de/uhilger/um/api/UserMgr.java |   24 +++++++++++-------------
 1 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/src/java/de/uhilger/um/api/UserMgr.java b/src/java/de/uhilger/um/api/UserMgr.java
index cf6982a..dcffb9c 100644
--- a/src/java/de/uhilger/um/api/UserMgr.java
+++ b/src/java/de/uhilger/um/api/UserMgr.java
@@ -94,7 +94,11 @@
     String kw = user.getPw();
     String digesterClassName = ctx.getInitParameter(P_DIGESTER);
     Digester digester = (Digester) Class.forName(digesterClassName).newInstance();
-    String digestedPw = digester.digest(kw, Digester.MD5, null);
+    /*
+      MD5 geht nicht mehr,
+      vgl. http://stackoverflow.com/questions/39967289/how-to-use-digest-authentication-in-tomcat-8-5
+    */
+    String digestedPw = digester.digest(kw, Digester.SHA256, null);
     user.setPw(digestedPw);
     getDb().insert(user, UserMapper);
     return user;
@@ -116,20 +120,14 @@
     
   /* ------------ Rollen ------------------ */
   
-  public UserRole grantRole(String userId, String roleName) {
-    UserRole ur = new UserRole();
-    ur.setRole(roleName);
-    ur.setUser(userId);
-    getDb().insert(ur, UserRoleMapper);
-    return ur;
+  public UserRole grantRole(UserRole role) {
+    getDb().insert(role, UserRoleMapper);
+    return role;
   }
   
-  public UserRole revokeRole(String userId, String roleName) {
-    UserRole ur = new UserRole();
-    ur.setRole(roleName);
-    ur.setUser(userId);
-    getDb().delete(ur, UserRoleMapper);
-    return ur;
+  public UserRole revokeRole(UserRole role) {
+    getDb().delete(role, UserRoleMapper);
+    return role;
   }
   
   public List getRoleNamesGranted() {

--
Gitblit v1.9.3