james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From charl...@apache.org
Subject cvs commit: jakarta-james/proposals/v1.3/java/org/apache/james/userrepository DefaultJamesUser.java DefaultUser.java UsersFileRepository.java
Date Thu, 07 Jun 2001 10:39:55 GMT
charlesb    01/06/07 03:39:54

  Modified:    proposals/v1.3/java/org/apache/james James.java
               proposals/v1.3/java/org/apache/james/services User.java
               proposals/v1.3/java/org/apache/james/userrepository
                        DefaultJamesUser.java DefaultUser.java
                        UsersFileRepository.java
  Log:
  Adapt proposal to use security.Digest and make it db-able
  
  Revision  Changes    Path
  1.5       +2 -1      jakarta-james/proposals/v1.3/java/org/apache/james/James.java
  
  Index: James.java
  ===================================================================
  RCS file: /home/cvs/jakarta-james/proposals/v1.3/java/org/apache/james/James.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- James.java	2001/06/06 13:17:42	1.4
  +++ James.java	2001/06/07 10:39:34	1.5
  @@ -585,7 +585,8 @@
        */
       public boolean addUser(String userName, String password) {
   	boolean success;
  -	DefaultJamesUser user = new DefaultJamesUser(userName, password);
  +	DefaultJamesUser user = new DefaultJamesUser(userName, "SHA");
  +	user.setPassword(password);
   	user.initialize();
           success = localusers.addUser(user);
           if (useIMAPstorage && success) {
  
  
  
  1.2       +11 -2     jakarta-james/proposals/v1.3/java/org/apache/james/services/User.java
  
  Index: User.java
  ===================================================================
  RCS file: /home/cvs/jakarta-james/proposals/v1.3/java/org/apache/james/services/User.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- User.java	2001/05/16 14:00:30	1.1
  +++ User.java	2001/06/07 10:39:39	1.2
  @@ -12,8 +12,8 @@
    *
    * @author Charles Benett <charles@benett1.demon.co.uk>
    *
  - * Last changed by: $Author: charlesb $ on $Date: 2001/05/16 14:00:30 $
  - * $Revision: 1.1 $
  + * Last changed by: $Author: charlesb $ on $Date: 2001/06/07 10:39:39 $
  + * $Revision: 1.2 $
    */
   
   public interface User {
  @@ -27,5 +27,14 @@
        * Return true if pass matches password of this user.
        */
       boolean verifyPassword(String pass);
  +
  +    /**
  +     * Sets new password from String. No checks made on guessability of
  +     * password.
  +     *
  +     * @param newPass the String that is the new password.
  +     * @returns true if newPass successfully added
  +     */
  +    public boolean setPassword(String newPass);
   
   }
  
  
  
  1.3       +9 -8      jakarta-james/proposals/v1.3/java/org/apache/james/userrepository/DefaultJamesUser.java
  
  Index: DefaultJamesUser.java
  ===================================================================
  RCS file: /home/cvs/jakarta-james/proposals/v1.3/java/org/apache/james/userrepository/DefaultJamesUser.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- DefaultJamesUser.java	2001/05/22 12:03:32	1.2
  +++ DefaultJamesUser.java	2001/06/07 10:39:43	1.3
  @@ -18,8 +18,8 @@
    *
    * @author Charles Benett <charles@benett1.demon.co.uk>
    *
  - * Last changed by: $Author: charlesb $ on $Date: 2001/05/22 12:03:32 $
  - * $Revision: 1.2 $
  + * Last changed by: $Author: charlesb $ on $Date: 2001/06/07 10:39:43 $
  + * $Revision: 1.3 $
    */
   
   public class DefaultJamesUser 
  @@ -31,10 +31,15 @@
       private boolean aliasing;
       private String alias;
   
  -    public DefaultJamesUser(String name, String pass) {
  -	super(name, pass);
  +    public DefaultJamesUser(String name, String alg) {
  +	super(name, alg);
       }
   
  +    public DefaultJamesUser(String name, String passwordHash, String hashAlg) {
  +        super(name, passwordHash, hashAlg);
  +    }
  +
  +
       /**
        * Call initialize when creating a new instance.
        */
  @@ -43,10 +48,6 @@
   	forwardingDestination = null;
   	aliasing = false;
   	alias = "";
  -    }
  -
  -    public boolean setPassword(String pass) {
  -	return setPass(pass);
       }
   
       public void setForwarding(boolean forward) {
  
  
  
  1.3       +65 -27    jakarta-james/proposals/v1.3/java/org/apache/james/userrepository/DefaultUser.java
  
  Index: DefaultUser.java
  ===================================================================
  RCS file: /home/cvs/jakarta-james/proposals/v1.3/java/org/apache/james/userrepository/DefaultUser.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- DefaultUser.java	2001/05/23 09:21:32	1.2
  +++ DefaultUser.java	2001/06/07 10:39:46	1.3
  @@ -11,62 +11,100 @@
   import java.security.MessageDigest;
   import java.security.NoSuchAlgorithmException;
   import java.util.Arrays;
  +import org.apache.james.security.DigestUtil;
   import org.apache.james.services.User;
   
   /**
    * Implementation of User Interface. Instances of this class do not allow
  - * the password to be reset.
  + * the the user name to be reset.
    *
    * @author Charles Benett <charles@benett1.demon.co.uk>
    *
  - * Last changed by: $Author: charlesb $ on $Date: 2001/05/23 09:21:32 $
  - * $Revision: 1.2 $
  + * Last changed by: $Author: charlesb $ on $Date: 2001/06/07 10:39:46 $
  + * $Revision: 1.3 $
    */
   
   public class DefaultUser implements User, Serializable {
   
       private String userName;
  -    private byte[] hashedPassword;
  +    private String hashedPassword;
  +    private String algorithm ;
   
  -    public DefaultUser(String name, String pass) {
  +    /**
  +     * Standard constructor.
  +     *
  +     * @param name the String name of this user
  +     */
  +    public DefaultUser(String name, String hashAlg) {
  +        userName = name;
  +	algorithm = hashAlg;
  +    }
  +
  +    /**
  +     * Constructor for repositories that are construcing user objects from
  +     * separate fields, e.g. databases.
  +     *
  +     * @param name the String name of this user
  +     * @param passwordHash the String hash of this users current password
  +     * @param hashAlg the String algorithm used to generate the hash of the
  +     * password
  +     */
  +    public DefaultUser(String name, String passwordHash, String hashAlg) {
   	userName = name;
  -	hashedPassword = hashString(pass);
  +	hashedPassword = passwordHash;
  +        algorithm = hashAlg;
       }
   
  +    /**
  +     * Accessor for immutable name
  +     *
  +     * @returns the String of this users name
  +     */
       public String getUserName() {
   	return userName;
       }
   
  +    /**
  +     *  Method to verify passwords. 
  +     *
  +     * @param pass the String that is claimed to be the password for this user
  +     * @returns true if the hash of pass with the current algorithm matches
  +     * the stored hash.
  +     */
       public boolean verifyPassword(String pass) {
  -	byte[] hashGuess = hashString(pass);
  -	return Arrays.equals(hashedPassword, hashGuess);
  +        try {
  + 	    String hashGuess = DigestUtil.digestString(pass, algorithm);
  +	    return hashedPassword.equals(hashGuess);
  +        } catch (NoSuchAlgorithmException nsae) {
  +	    throw new RuntimeException("Security error: " + nsae);
  +	}
       }
   
  -    protected boolean setPass(String newPass) {
  -     // Check that this is being called by a subclass not from package
  -	String rtClass = getClass().getName();
  -	if (rtClass.equals("org.apache.james.userrepository.DefaultUser")) {
  -	    throw new RuntimeException("Attempt to call setPassword in DefaultUSer");
  -	} else {
  -	    hashedPassword = hashString(newPass);
  -	    return true;
  +    /**
  +     * Sets new password from String. No checks made on guessability of
  +     * password.
  +     *
  +     * @param newPass the String that is the new password.
  +     * @returns true if newPass successfuly hashed
  +     */
  +    public boolean setPassword(String newPass) {
  +        try {
  +            hashedPassword = DigestUtil.digestString(newPass, algorithm);
  +            return true;
  +        } catch (NoSuchAlgorithmException nsae) {
  +	    throw new RuntimeException("Security error: " + nsae);
   	}
       }
   
  -    protected byte[] getHashedPassword() {
  +    /**
  +     * Method to access hash of password
  +     *
  +     * @returns the String of the hashed Password
  +     */
  +    protected String getHashedPassword() {
   	return hashedPassword;
       }
   
  -    private static byte[] hashString(String pass) {
  -	MessageDigest sha;
  -        try {
  -             sha = MessageDigest.getInstance("SHA");
  -	} catch (NoSuchAlgorithmException e) {
  -	    throw new RuntimeException("Can't hash passwords!" + e);
  -	}
  -	sha.update(pass.getBytes());
  -	return sha.digest();
  -    }
   
   
   }
  
  
  
  1.5       +4 -3      jakarta-james/proposals/v1.3/java/org/apache/james/userrepository/UsersFileRepository.java
  
  Index: UsersFileRepository.java
  ===================================================================
  RCS file: /home/cvs/jakarta-james/proposals/v1.3/java/org/apache/james/userrepository/UsersFileRepository.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- UsersFileRepository.java	2001/06/06 13:17:48	1.4
  +++ UsersFileRepository.java	2001/06/07 10:39:48	1.5
  @@ -38,8 +38,8 @@
    * @author  Federico Barbieri <scoobie@pop.systemy.it>
    * @author  <a href="mailto:charles@benett1.demon.co.uk">Charles Benett</a>
    *
  - * Last changed by: $Author: charlesb $ on $Date: 2001/06/06 13:17:48 $
  - * $Revision: 1.4 $
  + * Last changed by: $Author: charlesb $ on $Date: 2001/06/07 10:39:48 $
  + * $Revision: 1.5 $
    */
   public class UsersFileRepository
       extends AbstractLoggable
  @@ -121,7 +121,8 @@
       public synchronized void addUser(String name, Object attributes) {
   	if (attributes instanceof String)
           {
  -	    User newbie = new DefaultUser(name, (String) attributes);
  +	    User newbie = new DefaultUser(name, "SHA");
  +            newbie.setPassword( (String) attributes);
   	    addUser(newbie);
   	}
           else
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: james-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-dev-help@jakarta.apache.org


Mime
View raw message