You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by at...@apache.org on 2006/07/04 16:21:06 UTC
svn commit: r419015 - in
/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl:
DefaultCredentialHandler.java EncodePasswordOnFirstLoadInterceptor.java
Author: ate
Date: Tue Jul 4 07:21:06 2006
New Revision: 419015
URL: http://svn.apache.org/viewvc?rev=419015&view=rev
Log:
Further improvement and a small fix for JS2-550: A new Two-way password encoding service allowing decoding of encoded passwords
See: http://issues.apache.org/jira/browse/JS2-550#action_12418846
- make sure old non-encoded passwords which are encoded on first load, are recognized as using the new encoding scheme
Modified:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/EncodePasswordOnFirstLoadInterceptor.java
Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java?rev=419015&r1=419014&r2=419015&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java Tue Jul 4 07:21:06 2006
@@ -24,6 +24,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.jetspeed.security.AlgorithmUpgradePasswordEncodingService;
import org.apache.jetspeed.security.InvalidNewPasswordException;
import org.apache.jetspeed.security.InvalidPasswordException;
import org.apache.jetspeed.security.PasswordAlreadyUsedException;
@@ -241,11 +242,14 @@
{
// non-user (admin) modified the password
- // set current time in previous auth date, and clear last authentication date
- // !!! While this might be a bit strange logic, it is *required* for the AlgorithmUpgradePBEPasswordEncodingService
- // to be able to distinguise password changes from other changes
- credential.setPreviousAuthenticationDate(new Timestamp(new Date().getTime()));
- credential.setLastAuthenticationDate(null);
+ if ( encoded && pcProvider.getEncoder() instanceof AlgorithmUpgradePasswordEncodingService )
+ {
+ // set current time in previous auth date, and clear last authentication date
+ // !!! While this might be a bit strange logic, it is *required* for the AlgorithmUpgradePBEPasswordEncodingService
+ // to be able to distinguise password changes from other changes
+ credential.setPreviousAuthenticationDate(new Timestamp(new Date().getTime()));
+ credential.setLastAuthenticationDate(null);
+ }
}
else
{
Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/EncodePasswordOnFirstLoadInterceptor.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/EncodePasswordOnFirstLoadInterceptor.java?rev=419015&r1=419014&r2=419015&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/EncodePasswordOnFirstLoadInterceptor.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/EncodePasswordOnFirstLoadInterceptor.java Tue Jul 4 07:21:06 2006
@@ -14,6 +14,10 @@
*/
package org.apache.jetspeed.security.spi.impl;
+import java.sql.Timestamp;
+import java.util.Date;
+
+import org.apache.jetspeed.security.AlgorithmUpgradePasswordEncodingService;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.om.InternalCredential;
import org.apache.jetspeed.security.spi.PasswordCredentialProvider;
@@ -43,6 +47,17 @@
{
credential.setValue(pcProvider.getEncoder().encode(userName,credential.getValue()));
credential.setEncoded(true);
+
+ if ( pcProvider.getEncoder() instanceof AlgorithmUpgradePasswordEncodingService)
+ {
+ // For the AlgorithmUpgradePBEPasswordService to be able to distinguise between
+ // old and new encoded passwords, it evaluates the last and previous authentication timestamps.
+ // With an automatic encoding (using the new encoding schema) the last authentication must be
+ // set to null (as the user hasn't been authenticated yet again, which leaves the previous
+ // authentication timestamp for indicating when the (new) encoding took place.
+ credential.setPreviousAuthenticationDate(new Timestamp(new Date().getTime()));
+ credential.setLastAuthenticationDate(null);
+ }
updated = true;
}
return updated;
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org