You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by jb...@apache.org on 2010/09/11 07:59:50 UTC
svn commit: r996081 - in /karaf/trunk: features/encryption/
features/encryption/src/main/java/ features/encryption/src/main/java/org/
features/encryption/src/main/java/org/apache/
features/encryption/src/main/java/org/apache/karaf/ features/encryption/...
Author: jbonofre
Date: Sat Sep 11 05:59:49 2010
New Revision: 996081
URL: http://svn.apache.org/viewvc?rev=996081&view=rev
Log:
Add encryption interface in JAAS modules.
Add the encryption feature using Jasypt to implement encryption.
Reference encryption service in JAAS modules blueprint.
TODO: use the encryption service in the AbstractKarafLoginModule.
Added:
karaf/trunk/features/encryption/src/main/java/
karaf/trunk/features/encryption/src/main/java/org/
karaf/trunk/features/encryption/src/main/java/org/apache/
karaf/trunk/features/encryption/src/main/java/org/apache/karaf/
karaf/trunk/features/encryption/src/main/java/org/apache/karaf/features/
karaf/trunk/features/encryption/src/main/java/org/apache/karaf/features/encryption/
karaf/trunk/features/encryption/src/main/java/org/apache/karaf/features/encryption/internal/
karaf/trunk/features/encryption/src/main/java/org/apache/karaf/features/encryption/internal/JasyptEncryption.java (with props)
karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java (with props)
Modified:
karaf/trunk/features/encryption/pom.xml
karaf/trunk/features/encryption/src/main/resources/OSGI-INF/blueprint/features-encryption.xml
karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/AbstractKarafLoginModule.java
karaf/trunk/jaas/modules/src/main/resources/OSGI-INF/blueprint/karaf-jaas-module.xml
Modified: karaf/trunk/features/encryption/pom.xml
URL: http://svn.apache.org/viewvc/karaf/trunk/features/encryption/pom.xml?rev=996081&r1=996080&r2=996081&view=diff
==============================================================================
--- karaf/trunk/features/encryption/pom.xml (original)
+++ karaf/trunk/features/encryption/pom.xml Sat Sep 11 05:59:49 2010
@@ -32,5 +32,41 @@
<packaging>bundle</packaging>
<version>2.0.1-SNAPSHOT</version>
<name>Apache Karaf :: Features Encryption</name>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.karaf.jaas</groupId>
+ <artifactId>org.apache.karaf.jaas.modules</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.servicemix.bundles</groupId>
+ <artifactId>org.apache.servicemix.bundles.jasypt</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <configuration>
+ <instructions>
+ <Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
+ <Export-Package>
+ ${project.artifactId}*;version=${project.version}
+ </Export-Package>
+ <Import-Package>
+ !${project.artifactId}*,
+ *
+ </Import-Package>
+ <Private-Package>org.apache.karaf.features.encryption.internal</Private-Package>
+ <_versionpolicy>${bnd.version.policy}</_versionpolicy>
+ </instructions>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
</project>
\ No newline at end of file
Added: karaf/trunk/features/encryption/src/main/java/org/apache/karaf/features/encryption/internal/JasyptEncryption.java
URL: http://svn.apache.org/viewvc/karaf/trunk/features/encryption/src/main/java/org/apache/karaf/features/encryption/internal/JasyptEncryption.java?rev=996081&view=auto
==============================================================================
--- karaf/trunk/features/encryption/src/main/java/org/apache/karaf/features/encryption/internal/JasyptEncryption.java (added)
+++ karaf/trunk/features/encryption/src/main/java/org/apache/karaf/features/encryption/internal/JasyptEncryption.java Sat Sep 11 05:59:49 2010
@@ -0,0 +1,71 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.karaf.features.encryption.internal;
+
+import org.apache.karaf.jaas.modules.Encryption;
+import org.jasypt.util.password.ConfigurablePasswordEncryptor;
+
+public class JasyptEncryption implements Encryption {
+
+ private ConfigurablePasswordEncryptor passwordEncryptor;
+
+ /**
+ * <p>
+ * Default constructor.
+ * </p>
+ */
+ public JasyptEncryption() {
+ passwordEncryptor = new ConfigurablePasswordEncryptor();
+ }
+
+ /**
+ * <p>
+ * Constructor with encryption algorithm.
+ * </p>
+ *
+ * @param algorithm the encryption algorithm to use.
+ */
+ public JasyptEncryption(String algorithm) {
+ passwordEncryptor = new ConfigurablePasswordEncryptor();
+ passwordEncryptor.setAlgorithm(algorithm);
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.apache.karaf.jaas.modules.Encryption#setAlgorithm(java.lang.String)
+ */
+ public void setAlgorithm(String algorithm) {
+ passwordEncryptor.setAlgorithm(algorithm);
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.apache.karaf.jaas.modules.Encryption#encryptPassword(java.lang.String)
+ */
+ public String encryptPassword(String plain) {
+ return passwordEncryptor.encryptPassword(plain);
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.apache.karaf.jaas.modules.Encryption#checkPassword(java.lang.String, java.lang.String)
+ */
+ public boolean checkPassword(String input, String password) {
+ return passwordEncryptor.checkPassword(input, password);
+ }
+
+}
Propchange: karaf/trunk/features/encryption/src/main/java/org/apache/karaf/features/encryption/internal/JasyptEncryption.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: karaf/trunk/features/encryption/src/main/resources/OSGI-INF/blueprint/features-encryption.xml
URL: http://svn.apache.org/viewvc/karaf/trunk/features/encryption/src/main/resources/OSGI-INF/blueprint/features-encryption.xml?rev=996081&r1=996080&r2=996081&view=diff
==============================================================================
--- karaf/trunk/features/encryption/src/main/resources/OSGI-INF/blueprint/features-encryption.xml (original)
+++ karaf/trunk/features/encryption/src/main/resources/OSGI-INF/blueprint/features-encryption.xml Sat Sep 11 05:59:49 2010
@@ -19,8 +19,8 @@
-->
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0">
- <bean id="encryption" class="org.apache.karaf.features.encryption.internal.Encryption" />
+ <bean id="encryption" class="org.apache.karaf.features.encryption.internal.JasyptEncryption" />
- <service ref="encryption" interface="org.apache.karaf.features.Encryption" />
+ <service ref="encryption" interface="org.apache.karaf.jaas.modules.Encryption" />
</blueprint>
\ No newline at end of file
Modified: karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/AbstractKarafLoginModule.java
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/AbstractKarafLoginModule.java?rev=996081&r1=996080&r2=996081&view=diff
==============================================================================
--- karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/AbstractKarafLoginModule.java (original)
+++ karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/AbstractKarafLoginModule.java Sat Sep 11 05:59:49 2010
@@ -44,9 +44,8 @@ public abstract class AbstractKarafLogin
protected String rolePolicy;
protected String roleDiscriminator;
- // TODO add an encryption attribute types to the Encryption interface
- // If null, no encryption is used, else the encryption and password
- // checking is delegated to the encryption service.
+ /** define the encryption algorithm to use to encrypt password */
+ protected String encryption;
public boolean commit() throws LoginException {
RolePolicy policy = RolePolicy.getPolicy(rolePolicy);
@@ -68,5 +67,40 @@ public abstract class AbstractKarafLogin
this.rolePolicy = (String) options.get("rolePolicy");
this.roleDiscriminator = (String) options.get("roleDiscriminator");
this.debug = Boolean.parseBoolean((String) options.get("debug"));
+ this.encryption = (String) options.get("encryption");
}
+
+ /**
+ * <p>
+ * Encrypt password.
+ * </p>
+ *
+ * @param password the password in plain format.
+ * @return the encrypted password format.
+ */
+ public String encryptPassword(String password) {
+ if (this.encryption == null) {
+ return password;
+ }
+ // TODO call the encryption service
+ return null;
+ }
+
+ /**
+ * <p>
+ * Check if the provided password match the reference one.
+ * </p>
+ *
+ * @param input the provided password (plain format).
+ * @param password the reference one (encrypted format).
+ * @return true if the passwords match, false else.
+ */
+ public boolean checkPassword(String input, String password) {
+ if (this.encryption == null) {
+ return input.equals(password);
+ }
+ // TODO call the encryption service
+ return true;
+ }
+
}
Added: karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java?rev=996081&view=auto
==============================================================================
--- karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java (added)
+++ karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java Sat Sep 11 05:59:49 2010
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * under the License.
+ */
+package org.apache.karaf.jaas.modules;
+
+/**
+ * <p>
+ * Interface describing the password encryption service.
+ * </>
+ *
+ * @author jbonofre
+ */
+public interface Encryption {
+
+ /**
+ * <p>
+ * Encrypt a password.
+ * </p>
+ *
+ * @param plain the password in plain format.
+ * @return the encrypted password format.
+ */
+ public String encryptPassword(String plain);
+
+ /**
+ * <p>
+ * Check password.
+ * </p>
+ *
+ * @param input password provided in plain format.
+ * @param password the encrypted format to compare with.
+ * @return true if the password match, false else.
+ */
+ public boolean checkPassword(String input, String password);
+
+ /**
+ * <p>
+ * Set the encryption algorithm to use.
+ * </p>
+ *
+ * @param algorithm the encryption algorithm.
+ */
+ public void setAlgorithm(String algorithm);
+
+}
Propchange: karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: karaf/trunk/jaas/modules/src/main/resources/OSGI-INF/blueprint/karaf-jaas-module.xml
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/modules/src/main/resources/OSGI-INF/blueprint/karaf-jaas-module.xml?rev=996081&r1=996080&r2=996081&view=diff
==============================================================================
--- karaf/trunk/jaas/modules/src/main/resources/OSGI-INF/blueprint/karaf-jaas-module.xml (original)
+++ karaf/trunk/jaas/modules/src/main/resources/OSGI-INF/blueprint/karaf-jaas-module.xml Sat Sep 11 05:59:49 2010
@@ -33,5 +33,8 @@
users = $[karaf.base]/etc/users.properties
</jaas:module>
</jaas:config>
+
+ <!-- Encryption Service provided by the encryption feature by default -->
+ <reference id="encryption" interface="org.apache.karaf.jaas.modules.Encryption" />
</blueprint>