Menu
▾
▴
[Jetty-cvslog] CVS update: Jetty/src/org/mortbay/util Credential.java JarResource.java Password.java Credentials.java
|
From: Greg W. <gre...@us...> - 2002-07-31 19:07:05
|
User: gregwilkins
Date: 02/07/31 12:07:04
Modified: src/org/mortbay/util JarResource.java Password.java
Added: src/org/mortbay/util Credential.java
Removed: src/org/mortbay/util Credentials.java
Log:
Renamed Credentials
Fixed getRealPath
added some accessors for webAppHandler
Revision Changes Path
1.6 +1 -3 Jetty/src/org/mortbay/util/JarResource.java
Index: JarResource.java
===================================================================
RCS file: /cvsroot/jetty/Jetty/src/org/mortbay/util/JarResource.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- JarResource.java 1 Jun 2002 10:50:36 -0000 1.5
+++ JarResource.java 31 Jul 2002 19:07:04 -0000 1.6
@@ -73,8 +73,6 @@
public File getFile()
throws IOException
{
- if (_urlString.endsWith("!/"))
- return super.getFile();
return null;
}
1.6 +16 -16 Jetty/src/org/mortbay/util/Password.java
Index: Password.java
===================================================================
RCS file: /cvsroot/jetty/Jetty/src/org/mortbay/util/Password.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- Password.java 26 Jul 2002 16:35:49 -0000 1.5
+++ Password.java 31 Jul 2002 19:07:04 -0000 1.6
@@ -39,7 +39,7 @@
* @version $Id$
* @author Greg Wilkins (gregw)
*/
-public class Password extends Credentials
+public class Password extends Credential
{
private String _pw;
@@ -81,8 +81,8 @@
if (credentials instanceof String)
return credentials.equals(_pw);
- if (credentials instanceof Credentials)
- return ((Credentials)credentials).check(_pw);
+ if (credentials instanceof Credential)
+ return ((Credential)credentials).check(_pw);
return false;
}
@@ -153,10 +153,15 @@
}
/* ------------------------------------------------------------ */
- /** XXXX
- * @param realm
- * @param dft
- * @param promptDft
+ /** Get a password.
+ * A password is obtained by trying <UL>
+ * <LI>Calling <Code>System.getProperty(realm,dft)</Code>
+ * <LI>Prompting for a password
+ * <LI>Using promptDft if nothing was entered.
+ * </UL>
+ * @param realm The realm name for the password, used as a SystemProperty name.
+ * @param dft The default password.
+ * @param promptDft The default to use if prompting for the password.
* @return
*/
public static Password getPassword(String realm,String dft, String promptDft)
@@ -185,11 +190,6 @@
return new Password(passwd);
}
- /* ------------------------------------------------------------ */
- public static String crypt(String user, String pw)
- {
- return "CRYPT:"+UnixCrypt.crypt(pw,user);
- }
/* ------------------------------------------------------------ */
/**
@@ -207,9 +207,9 @@
Password pw = "?".equals(p)?new Password(p):new Password(p);
System.err.println(pw.toString());
System.err.println(obfuscate(pw.toString()));
- System.err.println(Credentials.MD5.digest(p));
+ System.err.println(Credential.MD5.digest(p));
if (arg.length==2)
- System.err.println(crypt(arg[0],pw.toString()));
+ System.err.println(Credential.Crypt.crypt(arg[0],pw.toString()));
}
}
1.1 Jetty/src/org/mortbay/util/Credential.java
Index: Credential.java
===================================================================
// ========================================================================
// Copyright (c) 1998 Mort Bay Consulting (Australia) Pty. Ltd.
// $Id: Credential.java,v 1.1 2002/07/31 19:07:04 gregwilkins Exp $
// ========================================================================
package org.mortbay.util;
import java.security.MessageDigest;
/* ------------------------------------------------------------ */
/** Credentials.
* The Credential class represents an abstract mechanism for checking
* authentication credentials. A credential instance either represents a
* secret, or some data that could only be derived from knowing the secret.
* <p>
* Often a Credential is related to a Password via a one way algorithm, so
* while a Password itself is a Credential, a UnixCrypt or MD5 digest of a
* a password is only a credential that can be checked against the password.
* <p>
* This class includes an implementation for unix Crypt an MD5 digest.
* @see Password
* @version $Id: Credential.java,v 1.1 2002/07/31 19:07:04 gregwilkins Exp $
* @author Greg Wilkins (gregw)
*/
public abstract class Credential
{
/* ------------------------------------------------------------ */
/** Check a credential
* @param credentials The credential to check against. This may either be
* another Credential object, a Password object or a String which is
* interpreted by this credential.
* @return True if the credentials indicated that the shared secret is
* known to both this Credential and the passed credential.
*/
public abstract boolean check(Object credentials);
/* ------------------------------------------------------------ */
/** Get a credential from a String.
* If the credential String starts with a known Credential type (eg
* "CRYPT:" or "MD5:" ) then a Credential of that type is returned. Else the
* credential is assumed to be a Password.
* @param credential String representation of the credential
* @return A Credential or Password instance.
*/
public static Credential getCredential(String credential)
{
if (credential.startsWith(Crypt.__TYPE))
return new Crypt(credential);
if (credential.startsWith(MD5.__TYPE))
return new MD5(credential);
return new Password(credential);
}
/* ------------------------------------------------------------ */
/** Unix Crypt Credentials
*/
public static class Crypt extends Credential
{
public static final String __TYPE="CRYPT:";
private String _cooked;
Crypt(String cooked)
{
_cooked=cooked.startsWith(Crypt.__TYPE)
?cooked.substring(__TYPE.length())
:cooked;
}
public boolean check(Object credentials)
{
if (!(credentials instanceof String) &&
!(credentials instanceof Password))
Code.warning("Can't check "+credentials.getClass()+" against CRYPT");
String passwd = credentials.toString();
return _cooked.equals(UnixCrypt.crypt(passwd,_cooked));
}
public static String crypt(String user,String pw)
{
return "CRYPT:"+UnixCrypt.crypt(pw,user);
}
}
/* ------------------------------------------------------------ */
/** Unix Crypt Credentials
*/
public static class MD5 extends Credential
{
public static final String __TYPE="MD5:";
private static MessageDigest __md;
private byte[] _digest;
/* ------------------------------------------------------------ */
MD5(String digest)
{
digest=digest.startsWith(__TYPE)
?digest.substring(__TYPE.length())
:digest;
_digest=TypeUtil.parseBytes(digest,16);
}
/* ------------------------------------------------------------ */
public boolean check(Object credentials)
{
try
{
byte[] digest=null;
if (credentials instanceof Password ||
credentials instanceof String)
{
synchronized(__TYPE)
{
if (__md==null)
__md = MessageDigest.getInstance("MD5");
__md.reset();
__md.update(credentials.toString().getBytes(StringUtil.__ISO_8859_1));
digest=__md.digest();
}
}
else
Code.warning("Can't check "+credentials.getClass()+" against MD5");
if (digest==null || digest.length!=_digest.length)
return false;
for (int i=0;i<digest.length;i++)
if (digest[i]!=_digest[i])
return false;
return true;
}
catch (Exception e)
{
Code.warning(e);
return false;
}
}
/* ------------------------------------------------------------ */
public static String digest(String password)
{
try
{
byte[] digest;
synchronized(__TYPE)
{
if (__md==null)
{
try{__md = MessageDigest.getInstance("MD5");}
catch (Exception e ) {Code.warning(e);return null;}
}
__md.reset();
__md.update(password.getBytes(StringUtil.__ISO_8859_1));
digest=__md.digest();
}
return __TYPE+TypeUtil.toString(digest,16);
}
catch (Exception e)
{
Code.warning(e);
return null;
}
}
}
}
|