You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by jb...@apache.org on 2010/09/14 16:40:42 UTC
svn commit: r996922 - in /karaf/trunk:
assembly/src/main/distribution/text/etc/
jaas/jasypt/src/main/java/org/apache/karaf/jaas/jasypt/impl/
jaas/jasypt/src/main/resources/OSGI-INF/blueprint/
jaas/jasypt/src/test/java/org/apache/karaf/jaas/jasypt/impl/...
Author: jbonofre
Date: Tue Sep 14 14:40:42 2010
New Revision: 996922
URL: http://svn.apache.org/viewvc?rev=996922&view=rev
Log:
[KARAF-34] Create an encryption service per encryption algorithm to provide thread safe implementation.
Modified:
karaf/trunk/assembly/src/main/distribution/text/etc/org.apache.karaf.jaas.cfg
karaf/trunk/jaas/jasypt/src/main/java/org/apache/karaf/jaas/jasypt/impl/JasyptEncryption.java
karaf/trunk/jaas/jasypt/src/main/resources/OSGI-INF/blueprint/karaf-jaas-jasypt.xml
karaf/trunk/jaas/jasypt/src/test/java/org/apache/karaf/jaas/jasypt/impl/JasyptEncryptionTest.java
karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/AbstractKarafLoginModule.java
karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java
Modified: karaf/trunk/assembly/src/main/distribution/text/etc/org.apache.karaf.jaas.cfg
URL: http://svn.apache.org/viewvc/karaf/trunk/assembly/src/main/distribution/text/etc/org.apache.karaf.jaas.cfg?rev=996922&r1=996921&r2=996922&view=diff
==============================================================================
--- karaf/trunk/assembly/src/main/distribution/text/etc/org.apache.karaf.jaas.cfg (original)
+++ karaf/trunk/assembly/src/main/distribution/text/etc/org.apache.karaf.jaas.cfg Tue Sep 14 14:40:42 2010
@@ -19,5 +19,12 @@
#
# Set the encryption algorithm to use in Karaf JAAS login module
-#
+# Supported encryption algorithms follow:
+# MD2
+# MD5
+# SHA-1
+# SHA-256
+# SHA-384
+# SHA-512
+#
#encryption=MD5
\ No newline at end of file
Modified: karaf/trunk/jaas/jasypt/src/main/java/org/apache/karaf/jaas/jasypt/impl/JasyptEncryption.java
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/jasypt/src/main/java/org/apache/karaf/jaas/jasypt/impl/JasyptEncryption.java?rev=996922&r1=996921&r2=996922&view=diff
==============================================================================
--- karaf/trunk/jaas/jasypt/src/main/java/org/apache/karaf/jaas/jasypt/impl/JasyptEncryption.java (original)
+++ karaf/trunk/jaas/jasypt/src/main/java/org/apache/karaf/jaas/jasypt/impl/JasyptEncryption.java Tue Sep 14 14:40:42 2010
@@ -30,20 +30,13 @@ public class JasyptEncryption implements
/**
* <p>
- * Default constructor.
+ * Default constructor with the encryption algorithm.
* </p>
+ *
+ * @algorithm the encryption algorithm to use.
*/
- public JasyptEncryption() {
+ public JasyptEncryption(String algorithm) {
this.passwordEncryptor = new ConfigurablePasswordEncryptor();
- // set MD5 encryption algorithm by default
- this.passwordEncryptor.setAlgorithm("MD5");
- }
-
- /*
- * (non-Javadoc)
- * @see org.apache.karaf.jaas.modules.Encryption#setAlgorithm(java.lang.String)
- */
- public void setAlgorithm(String algorithm) {
this.passwordEncryptor.setAlgorithm(algorithm);
}
Modified: karaf/trunk/jaas/jasypt/src/main/resources/OSGI-INF/blueprint/karaf-jaas-jasypt.xml
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/jasypt/src/main/resources/OSGI-INF/blueprint/karaf-jaas-jasypt.xml?rev=996922&r1=996921&r2=996922&view=diff
==============================================================================
--- karaf/trunk/jaas/jasypt/src/main/resources/OSGI-INF/blueprint/karaf-jaas-jasypt.xml (original)
+++ karaf/trunk/jaas/jasypt/src/main/resources/OSGI-INF/blueprint/karaf-jaas-jasypt.xml Tue Sep 14 14:40:42 2010
@@ -19,8 +19,58 @@
-->
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0">
- <bean id="encryption" class="org.apache.karaf.jaas.jasypt.impl.JasyptEncryption" />
+ <service interface="org.apache.karaf.jaas.modules.Encryption">
+ <service-properties>
+ <entry key="algorithm" value="MD2" />
+ </service-properties>
+ <bean class="org.apache.karaf.jaas.jasypt.impl.JasyptEncryption">
+ <argument value="MD2" />
+ </bean>
+ </service>
+
+ <service interface="org.apache.karaf.jaas.modules.Encryption">
+ <service-properties>
+ <entry key="algorithm" value="MD5" />
+ </service-properties>
+ <bean class="org.apache.karaf.jaas.jasypt.impl.JasyptEncryption">
+ <argument value="MD5" />
+ </bean>
+ </service>
+
+ <service interface="org.apache.karaf.jaas.modules.Encryption">
+ <service-properties>
+ <entry key="algorithm" value="SHA-1" />
+ </service-properties>
+ <bean class="org.apache.karaf.jaas.jasypt.impl.JasyptEncryption">
+ <argument value="SHA-1" />
+ </bean>
+ </service>
+
+ <service interface="org.apache.karaf.jaas.modules.Encryption">
+ <service-properties>
+ <entry key="algorithm" value="SHA-256" />
+ </service-properties>
+ <bean class="org.apache.karaf.jaas.jasypt.impl.JasyptEncryption">
+ <argument value="SHA-256" />
+ </bean>
+ </service>
+
+ <service interface="org.apache.karaf.jaas.modules.Encryption">
+ <service-properties>
+ <entry key="algorithm" value="SHA-384" />
+ </service-properties>
+ <bean class="org.apache.karaf.jaas.jasypt.impl.JasyptEncryption">
+ <argument value="SHA-384" />
+ </bean>
+ </service>
- <service ref="encryption" interface="org.apache.karaf.jaas.modules.Encryption" />
+ <service interface="org.apache.karaf.jaas.modules.Encryption">
+ <service-properties>
+ <entry key="algorithm" value="SHA-512" />
+ </service-properties>
+ <bean class="org.apache.karaf.jaas.jasypt.impl.JasyptEncryption">
+ <argument value="SHA-512" />
+ </bean>
+ </service>
</blueprint>
\ No newline at end of file
Modified: karaf/trunk/jaas/jasypt/src/test/java/org/apache/karaf/jaas/jasypt/impl/JasyptEncryptionTest.java
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/jasypt/src/test/java/org/apache/karaf/jaas/jasypt/impl/JasyptEncryptionTest.java?rev=996922&r1=996921&r2=996922&view=diff
==============================================================================
--- karaf/trunk/jaas/jasypt/src/test/java/org/apache/karaf/jaas/jasypt/impl/JasyptEncryptionTest.java (original)
+++ karaf/trunk/jaas/jasypt/src/test/java/org/apache/karaf/jaas/jasypt/impl/JasyptEncryptionTest.java Tue Sep 14 14:40:42 2010
@@ -32,8 +32,7 @@ public class JasyptEncryptionTest extend
* @see junit.framework.TestCase#setUp()
*/
public void setUp() {
- this.encryption = new JasyptEncryption();
- this.encryption.setAlgorithm("MD5");
+ this.encryption = new JasyptEncryption("MD5");
}
/**
Modified: karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/AbstractKarafLoginModule.java
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/AbstractKarafLoginModule.java?rev=996922&r1=996921&r2=996922&view=diff
==============================================================================
--- karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/AbstractKarafLoginModule.java (original)
+++ karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/AbstractKarafLoginModule.java Tue Sep 14 14:40:42 2010
@@ -27,6 +27,7 @@ import javax.security.auth.spi.LoginModu
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.framework.BundleContext;
+import org.osgi.framework.InvalidSyntaxException;
import org.osgi.framework.ServiceReference;
@@ -101,21 +102,24 @@ public abstract class AbstractKarafLogin
LOG.debug("Encryption is enabled and use " + encryption + " encryption algorithm.");
}
// lookup the encryption service reference
- ServiceReference encryptionServiceReference = bundleContext.getServiceReference(Encryption.class.getName());
- if (encryptionServiceReference == null) {
- throw new IllegalStateException("Encryption service not found. Please install the Karaf encryption feature.");
+ ServiceReference[] encryptionServiceReferences = new ServiceReference[0];
+ try {
+ encryptionServiceReferences = bundleContext.getServiceReferences(Encryption.class.getName(), "(algorithm=" + encryption + ")");
+ } catch (InvalidSyntaxException e) {
+ throw new IllegalStateException("The encryption service filter is not well formed.", e);
+ }
+ if (encryptionServiceReferences.length == 0) {
+ throw new IllegalStateException("Encryption service not found for encryption algorithm " + encryption + ". Please install the Karaf encryption feature and check that the encryption algorithm is supported..");
}
// get the encryption service implementation
- Encryption encryptionService = (Encryption) bundleContext.getService(encryptionServiceReference);
+ Encryption encryptionService = (Encryption) bundleContext.getService(encryptionServiceReferences[0]);
if (encryptionService == null) {
throw new IllegalStateException("Encryption service not found. Please install the Karaf encryption feature.");
}
- // set the encryption algorithm
- encryptionService.setAlgorithm(encryption);
// encrypt the password
String encryptedPassword = encryptionService.encryptPassword(password);
// release the encryption service reference
- bundleContext.ungetService(encryptionServiceReference);
+ bundleContext.ungetService(encryptionServiceReferences[0]);
return encryptedPassword;
}
@@ -134,28 +138,30 @@ public abstract class AbstractKarafLogin
LOG.debug("Encryption is disabled.");
}
return input.equals(password);
- }
+ }
if (debug) {
LOG.debug("Encryption is enabled and use " + encryption + " encryption algorithm.");
}
// lookup the encryption service reference
- ServiceReference encryptionServiceReference = bundleContext.getServiceReference(Encryption.class.getName());
- if (encryptionServiceReference == null) {
- LOG.error("Encryption service not found.");
- throw new IllegalStateException("Encryption service not found. Please install the Karaf encryption feature.");
+ ServiceReference[] encryptionServiceReferences = new ServiceReference[0];
+ try {
+ encryptionServiceReferences = bundleContext.getServiceReferences(Encryption.class.getName(), "(algorithm=" + encryption + ")");
+ } catch (InvalidSyntaxException e) {
+ throw new IllegalStateException("The encryption service filter is not well formed.", e);
+ }
+ if (encryptionServiceReferences.length == 0) {
+ throw new IllegalStateException("Encryption service not found for encryption algorithm " + encryption + ". Please install the Karaf encryption feature and check that the encryption algorithm is supported..");
}
// get the encryption service implementation
- Encryption encryptionService = (Encryption) bundleContext.getService(encryptionServiceReference);
+ Encryption encryptionService = (Encryption) bundleContext.getService(encryptionServiceReferences[0]);
if (encryptionService == null) {
- LOG.error("Encryption service not found.");
throw new IllegalStateException("Encryption service not found. Please install the Karaf encryption feature.");
}
- // set the encryption algorithm
- encryptionService.setAlgorithm(encryption);
- // checks passwords
+ // check password
boolean equals = encryptionService.checkPassword(input, password);
+ String encryptedPassword = encryptionService.encryptPassword(password);
// release the encryption service reference
- bundleContext.ungetService(encryptionServiceReference);
+ bundleContext.ungetService(encryptionServiceReferences[0]);
return equals;
}
Modified: karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java?rev=996922&r1=996921&r2=996922&view=diff
==============================================================================
--- karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java (original)
+++ karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/Encryption.java Tue Sep 14 14:40:42 2010
@@ -43,14 +43,5 @@ public interface Encryption {
* @return true if the password match, false else.
*/
public boolean checkPassword(String input, String password);
-
- /**
- * <p>
- * Set the encryption algorithm to use.
- * </p>
- *
- * @param algorithm the encryption algorithm.
- */
- public void setAlgorithm(String algorithm);
}