Changeset 26425 for main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/Authentication.java
- Timestamp:
- 2012-10-31T10:43:48+13:00 (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/Authentication.java
r26272 r26425 3 3 import java.io.File; 4 4 import java.io.Serializable; 5 import java.io.UnsupportedEncodingException;6 5 import java.math.BigInteger; 7 import java.security.MessageDigest;8 6 import java.sql.SQLException; 9 7 import java.util.ArrayList; … … 13 11 import java.util.regex.Pattern; 14 12 15 import java.util.Properties;16 import javax.mail.Message;17 import javax.mail.MessagingException;18 import javax.mail.Session;19 import javax.mail.Transport;20 import javax.mail.PasswordAuthentication;21 import javax.mail.internet.AddressException;22 import javax.mail.internet.InternetAddress;23 import javax.mail.internet.MimeMessage;24 25 13 import net.tanesha.recaptcha.ReCaptchaImpl; 26 14 import net.tanesha.recaptcha.ReCaptchaResponse; 27 15 16 import org.apache.commons.codec.digest.DigestUtils; 28 17 import org.greenstone.gsdl3.util.DerbyWrapper; 29 18 import org.greenstone.gsdl3.util.GSXML; … … 40 29 protected static final int PASSWORD_MIN_LENGTH = 3; 41 30 protected static final int PASSWORD_MAX_LENGTH = 64; 42 31 43 32 //Error codes 44 33 protected static final int NO_ERROR = 0; … … 628 617 else if (op.equals(PERFORM_RETRIEVE_PASSWORD)) 629 618 { 630 619 631 620 } 632 621 else if (op.equals(PERFORM_CHANGE_PASSWORD)) … … 636 625 String oldPassword = (String) paramMap.get("oldPassword"); 637 626 String newPassword = (String) paramMap.get("newPassword"); 638 if (user_name ==null || oldPassword==null || newPassword==null)627 if (user_name == null || oldPassword == null || newPassword == null) 639 628 { 640 629 GSXML.addError(this.doc, result, _errorMessageMap.get("missing compulsory parameters: username, oldPassword, or newPassword")); 641 630 return result; 642 631 } 643 644 String prevPassword = retrieveDataForUser(user_name, "password"); 632 633 String prevPassword = retrieveDataForUser(user_name, "password"); 645 634 if (!hashPassword(oldPassword).equals(prevPassword)) 646 635 { … … 649 638 return result; 650 639 } 651 640 652 641 //Check the given password 653 642 int error; … … 657 646 return result; 658 647 } 659 648 660 649 String chpa_groups = retrieveDataForUser(user_name, "groups"); 661 650 String chpa_comment = "password_changed_by_user"; 662 651 String info = this._derbyWrapper.modifyUserInfo(user_name, hashPassword(newPassword), chpa_groups, null, chpa_comment, null); 663 if(info != "succeed"){//see DerbyWrapper.modifyUserInfo 652 if (info != "succeed") 653 {//see DerbyWrapper.modifyUserInfo 664 654 GSXML.addError(this.doc, result, _errorMessageMap.get(info)); 665 655 return result; … … 792 782 public static String hashPassword(String password) 793 783 { 794 String hashedPassword = null; 795 try 796 { 797 MessageDigest digest = MessageDigest.getInstance("SHA-1"); 798 digest.reset(); 799 hashedPassword = new String(digest.digest(password.getBytes("US-ASCII"))); // toHex after using ASCII charset will result in acceptable length of hex string 800 hashedPassword = toHex(hashedPassword); // this conversion is required to avoid the strange error of login failure on some legal password strings 801 } 802 catch (Exception ex) 803 { 804 ex.printStackTrace(); 805 } 806 return hashedPassword; 784 return DigestUtils.sha1Hex(password); 807 785 } 808 786 … … 1091 1069 } 1092 1070 1093 // main() method - calls hashPassword() on any String argument, printing this to stdout 1094 // This main() is invoked by gliserver.pl perl code to encrypt passwords identically to Java code. 1095 public static void main(String[] args) { 1096 if(args.length < 1) { 1097 System.err.println("Usage: Authentication <string to encrypt>"); 1098 System.exit(-1); 1099 } 1100 // just hash the first argument 1101 String hash = Authentication.hashPassword(args[0]); 1102 System.out.println(hash); 1103 } 1071 // main() method - calls hashPassword() on any String argument, printing this to stdout 1072 // This main() is invoked by gliserver.pl perl code to encrypt passwords identically to Java code. 1073 public static void main(String[] args) 1074 { 1075 if (args.length < 1) 1076 { 1077 System.err.println("Usage: Authentication <string to encrypt>"); 1078 System.exit(-1); 1079 } 1080 // just hash the first argument 1081 String hash = Authentication.hashPassword(args[0]); 1082 System.out.println(hash); 1083 } 1104 1084 }
Note:
See TracChangeset
for help on using the changeset viewer.