// --- BEGIN COPYRIGHT BLOCK ---
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; version 2 of the License.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License along
// with this program; if not, write to the Free Software Foundation, Inc.,
// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
//
// (C) 2007 Red Hat, Inc.
// All rights reserved.
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.authentication;
// ldap java sdk
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Locale;
import java.util.Vector;
import com.netscape.certsrv.apps.CMS;
import com.netscape.certsrv.authentication.AuthToken;
import com.netscape.certsrv.authentication.EAuthException;
import com.netscape.certsrv.authentication.EInvalidCredentials;
import com.netscape.certsrv.authentication.IAuthCredentials;
import com.netscape.certsrv.authentication.IAuthManager;
import com.netscape.certsrv.authentication.IAuthToken;
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.base.IExtendedPluginInfo;
import com.netscape.certsrv.logging.ILogger;
import com.netscape.cmsutil.util.Utils;
/**
* Hash uid/pwd directory based authentication manager
*
*
* @version $Revision$, $Date$
*/
public class HashAuthentication implements IAuthManager, IExtendedPluginInfo {
public static final String SALT = "lala123";
public static final String CRED_UID = "uid";
public static final String CRED_FINGERPRINT = "fingerprint";
public static final String CRED_PAGEID = "pageID";
public static final String CRED_HOST = "hostname";
protected static String[] mRequiredCreds = { CRED_UID,
CRED_PAGEID, CRED_FINGERPRINT, CRED_HOST };
public static final long DEFAULT_TIMEOUT = 600000;
private MessageDigest mSHADigest = null;
private Hashtable mData = null;
private IConfigStore mConfig;
private String mName = null;
private String mImplName = null;
private ILogger mLogger = CMS.getLogger();
private static Vector mExtendedPluginInfo = null;
private HashAuthData mHosts = null;
static String[] mConfigParams =
new String[] {};
static {
mExtendedPluginInfo = new Vector();
mExtendedPluginInfo.add(IExtendedPluginInfo.HELP_TEXT +
";Authenticate the username and password provided " +
"by the user against an LDAP directory. Works with the " +
"Dir Based Enrollment HTML form");
mExtendedPluginInfo.add(IExtendedPluginInfo.HELP_TOKEN +
";configuration-authrules-uidpwddirauth");
};
/**
* Default constructor, initialization must follow.
*/
public HashAuthentication() {
}
public void init(String name, String implName, IConfigStore config)
throws EBaseException {
mName = name;
mImplName = implName;
mConfig = config;
mData = new Hashtable();
mHosts = new HashAuthData();
try {
mSHADigest = MessageDigest.getInstance("SHA1");
} catch (NoSuchAlgorithmException e) {
throw new EAuthException(CMS.getUserMessage("CMS_AUTHENTICATION_INTERNAL_ERROR", e.getMessage()));
}
}
public IAuthToken getAuthToken(String key) {
return mData.remove(key);
}
public void addAuthToken(String pageID, IAuthToken token) {
mData.put(pageID, token);
}
public void deleteToken(String pageID) {
mData.remove(pageID);
}
public HashAuthData getData() {
return mHosts;
}
public void createEntry(String host, String dn, long timeout,
String secret, long lastLogin) {
Vector