diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/authentication/HashAuthentication.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/authentication/HashAuthentication.java | 71 |
1 files changed, 36 insertions, 35 deletions
diff --git a/pki/base/common/src/com/netscape/cms/authentication/HashAuthentication.java b/pki/base/common/src/com/netscape/cms/authentication/HashAuthentication.java index 24a10e0a2..9875b2a38 100644 --- a/pki/base/common/src/com/netscape/cms/authentication/HashAuthentication.java +++ b/pki/base/common/src/com/netscape/cms/authentication/HashAuthentication.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.authentication; - // ldap java sdk import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; @@ -40,11 +39,10 @@ import com.netscape.certsrv.base.IExtendedPluginInfo; import com.netscape.certsrv.logging.ILogger; import com.netscape.cmsutil.util.Utils; - /** * Hash uid/pwd directory based authentication manager * <P> - * + * * @version $Revision$, $Date$ */ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { @@ -54,8 +52,8 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { public static final String CRED_FINGERPRINT = "fingerprint"; public static final String CRED_PAGEID = "pageID"; public static final String CRED_HOST = "hostname"; - protected static String[] mRequiredCreds = { CRED_UID, - CRED_PAGEID, CRED_FINGERPRINT, CRED_HOST }; + protected static String[] mRequiredCreds = { CRED_UID, CRED_PAGEID, + CRED_FINGERPRINT, CRED_HOST }; public static final long DEFAULT_TIMEOUT = 600000; private boolean mEnable = false; private long mTimeout = DEFAULT_TIMEOUT; // in milliseconds @@ -71,18 +69,17 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { private ILogger mLogger = CMS.getLogger(); private static Vector mExtendedPluginInfo = null; private HashAuthData mHosts = null; - - static String[] mConfigParams = - new String[] {}; + + static String[] mConfigParams = new String[] {}; static { mExtendedPluginInfo = new Vector(); - mExtendedPluginInfo.add(IExtendedPluginInfo.HELP_TEXT + - ";Authenticate the username and password provided " + - "by the user against an LDAP directory. Works with the " + - "Dir Based Enrollment HTML form"); - mExtendedPluginInfo.add(IExtendedPluginInfo.HELP_TOKEN + - ";configuration-authrules-uidpwddirauth"); + mExtendedPluginInfo.add(IExtendedPluginInfo.HELP_TEXT + + ";Authenticate the username and password provided " + + "by the user against an LDAP directory. Works with the " + + "Dir Based Enrollment HTML form"); + mExtendedPluginInfo.add(IExtendedPluginInfo.HELP_TOKEN + + ";configuration-authrules-uidpwddirauth"); }; /** @@ -91,8 +88,8 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { public HashAuthentication() { } - public void init(String name, String implName, IConfigStore config) - throws EBaseException { + public void init(String name, String implName, IConfigStore config) + throws EBaseException { mName = name; mImplName = implName; mConfig = config; @@ -102,7 +99,8 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { try { mSHADigest = MessageDigest.getInstance("SHA1"); } catch (NoSuchAlgorithmException e) { - throw new EAuthException(CMS.getUserMessage("CMS_AUTHENTICATION_INTERNAL_ERROR", e.getMessage())); + throw new EAuthException(CMS.getUserMessage( + "CMS_AUTHENTICATION_INTERNAL_ERROR", e.getMessage())); } } @@ -124,7 +122,7 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { } public void createEntry(String host, String dn, long timeout, - String secret, long lastLogin) { + String secret, long lastLogin) { Vector v = new Vector(); v.addElement(dn); @@ -141,7 +139,7 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { public String getAgentName(String hostname) { return mHosts.getAgentName(hostname); } - + public void setAgentName(String hostname, String agentName) { mHosts.setAgentName(hostname, agentName); } @@ -183,16 +181,17 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { public void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION, - level, msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION, level, + msg); } - public boolean validFingerprint(String host, String pageID, String uid, String fingerprint) { + public boolean validFingerprint(String host, String pageID, String uid, + String fingerprint) { String val = hashFingerprint(host, pageID, uid); if (val.equals(fingerprint)) return true; - return false; + return false; } public Enumeration getHosts() { @@ -200,8 +199,8 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { } public String hashFingerprint(String host, String pageID, String uid) { - byte[] hash = - mSHADigest.digest((SALT + pageID + getSecret(host) + uid).getBytes()); + byte[] hash = mSHADigest.digest((SALT + pageID + getSecret(host) + uid) + .getBytes()); String b64E = com.netscape.osutil.OSUtil.BtoA(hash); return "{SHA}" + b64E; @@ -216,19 +215,20 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { * @param authCreds The authentication credentials. * @return The user's ldap entry dn. * @exception EInvalidCredentials If the uid and password are not valid - * @exception EBaseException If an internal error occurs. + * @exception EBaseException If an internal error occurs. */ public IAuthToken authenticate(IAuthCredentials authCreds) - throws EBaseException { + throws EBaseException { AuthToken token = new AuthToken(this); String fingerprint = (String) authCreds.get(CRED_FINGERPRINT); String pageID = (String) authCreds.get(CRED_PAGEID); String uid = (String) authCreds.get(CRED_UID); String host = (String) authCreds.get(CRED_HOST); - if (fingerprint.equals("") || - !validFingerprint(host, pageID, uid, fingerprint)) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMS_AUTH_INVALID_FINGER_PRINT")); + if (fingerprint.equals("") + || !validFingerprint(host, pageID, uid, fingerprint)) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMS_AUTH_INVALID_FINGER_PRINT")); throw new EAuthException("Invalid Fingerprint"); } @@ -240,6 +240,7 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { /** * Returns array of required credentials for this authentication manager. + * * @return Array of required credentials. */ public String[] getRequiredCreds() { @@ -248,6 +249,7 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { /** * Gets the configuration substore used by this authentication manager + * * @return configuration store */ public IConfigStore getConfigStore() { @@ -276,14 +278,13 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo { } /** - * Returns a list of configuration parameter names. - * The list is passed to the configuration console so instances of - * this implementation can be configured through the console. - * + * Returns a list of configuration parameter names. The list is passed to + * the configuration console so instances of this implementation can be + * configured through the console. + * * @return String array of configuration parameter names. */ public String[] getConfigParams() { return (mConfigParams); } } - |