You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by pm...@apache.org on 2007/09/18 22:27:06 UTC
svn commit: r577043 -
/geronimo/plugins/console/trunk/console-core/src/main/java/org/apache/geronimo/console/core/security/PropertiesLoginModuleManager.java
Author: pmcmahan
Date: Tue Sep 18 13:27:05 2007
New Revision: 577043
URL: http://svn.apache.org/viewvc?rev=577043&view=rev
Log:
GERONIMO-2925 pluggable obscuring of passwords. merging r576651 from trunk.
Modified:
geronimo/plugins/console/trunk/console-core/src/main/java/org/apache/geronimo/console/core/security/PropertiesLoginModuleManager.java
Modified: geronimo/plugins/console/trunk/console-core/src/main/java/org/apache/geronimo/console/core/security/PropertiesLoginModuleManager.java
URL: http://svn.apache.org/viewvc/geronimo/plugins/console/trunk/console-core/src/main/java/org/apache/geronimo/console/core/security/PropertiesLoginModuleManager.java?rev=577043&r1=577042&r2=577043&view=diff
==============================================================================
--- geronimo/plugins/console/trunk/console-core/src/main/java/org/apache/geronimo/console/core/security/PropertiesLoginModuleManager.java (original)
+++ geronimo/plugins/console/trunk/console-core/src/main/java/org/apache/geronimo/console/core/security/PropertiesLoginModuleManager.java Tue Sep 18 13:27:05 2007
@@ -47,6 +47,7 @@
import org.apache.geronimo.util.encoders.Base64;
import org.apache.geronimo.util.encoders.HexTranslator;
import org.apache.geronimo.util.SimpleEncryption;
+import org.apache.geronimo.util.EncryptionManager;
/**
* @version $Rev$ $Date$
@@ -149,10 +150,7 @@
if(digest != null && !digest.equals("")) {
realPassword = digestPassword(realPassword, digest, getEncoding());
}
- if (!(realPassword.startsWith("{Standard}"))) {
- // update the password
- realPassword = "{Standard}"+SimpleEncryption.encrypt(realPassword);
- }
+ realPassword = EncryptionManager.encrypt(realPassword);
}
users.setProperty(name, realPassword);
store(users, serverInfo.resolveServer(getUsersURI()).toURL());
@@ -189,10 +187,7 @@
if(digest != null && !digest.equals("")) {
realPassword = digestPassword(realPassword, digest, getEncoding());
}
- if (!(realPassword.startsWith("{Standard}"))) {
- // update the password
- realPassword = "{Standard}"+SimpleEncryption.encrypt(realPassword);
- }
+ realPassword = EncryptionManager.encrypt(realPassword);
}
users.setProperty(name, realPassword);
store(users, serverInfo.resolveServer(getUsersURI()).toURL());
@@ -270,10 +265,7 @@
}
String realPassword = users.getProperty(userPrincipal);
if (realPassword != null) {
- if (realPassword.startsWith("{Standard}")) {
- // decrypt the password
- realPassword = (String) SimpleEncryption.decrypt(realPassword.substring(10));
- }
+ realPassword = (String) EncryptionManager.decrypt(realPassword);
}
return realPassword;
}
@@ -328,10 +320,9 @@
String realPassword = users.getProperty(name);
// Encrypt the password if needed, so we can compare it with the supplied one
if (realPassword != null) {
- if (!(realPassword.startsWith("{Standard}"))) {
- // update the password in Properties to be encrypted
- users.setProperty(name, "{Standard}"+SimpleEncryption.encrypt(realPassword));
- // we have an updated password to save back to the file
+ String pw = EncryptionManager.encrypt(realPassword);
+ if (!realPassword.equals(pw)) {
+ users.setProperty(name, pw);
bUpdates = true;
}
}