Menu
▾
▴
[Neuclear-develop] neuclear-commons/src/java/org/neuclear/commons/crypto/passphraseagents ServletPassPhraseAgent.java,NONE,1.1 GuiDialogAgent.java,1.2,1.3
|
From: <pe...@us...> - 2003-12-14 20:52:57
|
Update of /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/passphraseagents
In directory sc8-pr-cvs1:/tmp/cvs-serv18566/src/java/org/neuclear/commons/crypto/passphraseagents
Modified Files:
GuiDialogAgent.java
Added Files:
ServletPassPhraseAgent.java
Log Message:
Added ServletPassPhraseAgent which uses ThreadLocal to transfer the passphrase to the signer.
Added ServletSignerFactory, which builds Signers for use within servlets based on parameters in the Servlets
Init parameters in web.xml
Updated SQLContext to use ThreadLocal
Added jakarta cactus unit tests to neuclear-commons to test the 2 new features above.
Added use of the new features in neuclear-commons to the servilets within neuclear-id and added
configuration parameters in web.xml
--- NEW FILE: ServletPassPhraseAgent.java ---
package org.neuclear.commons.crypto.passphraseagents;
import javax.servlet.http.HttpServletRequest;
/**
* PassPhraseAgent for use in server environments.
* You set the passphrase first by passing it a servlet request. It fetches the passphrase from the paramater "passphrase"<p>
* <b>WARNING</b> The sequence of events is very important for the safe usage of this. The following is an example within a
* standard <tt>doPost()</tt> method.
* <ol>
* <li><tt>agent.setRequest(request); // Set the request</tt>
* <li><tt>signer.sign(data);// Sign some data</tt>
* <li><tt>agent.clear();// The moment we have used the passphrase we have to clear it</tt>
* </ol>
* Note, the above assumes that a <tt>Signer</tt> with the name signer was initialised in <tt>init()</tt> with a
* <tt>ServletPassPhraseAgent</tt> called <tt>agent</tt>.
* @see org.neuclear.commons.crypto.signers.Signer
*/
public class ServletPassPhraseAgent extends ThreadLocal implements InteractiveAgent {
/**
* Set the passphrase from the request object.
* @param request
*/
public void setRequest(HttpServletRequest request){
set(request.getParameter("passphrase"));
}
/**
* Gets the passphrase if set or null
* @param name
* @return
*/
public char[] getPassPhrase(String name) {
return (get()==null?null:((String)get()).toCharArray());
}
/**
* Clears the passphrase. (Important, you have to manually call this at the end of the request code, or better yet
* immediately after using your Signer).
*/
public void clear(){
set(null);
}
}
Index: GuiDialogAgent.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/passphraseagents/GuiDialogAgent.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** GuiDialogAgent.java 21 Nov 2003 04:43:41 -0000 1.2
--- GuiDialogAgent.java 14 Dec 2003 20:52:54 -0000 1.3
***************
*** 25,28 ****
--- 25,37 ----
$Id$
$Log$
+ Revision 1.3 2003/12/14 20:52:54 pelle
+ Added ServletPassPhraseAgent which uses ThreadLocal to transfer the passphrase to the signer.
+ Added ServletSignerFactory, which builds Signers for use within servlets based on parameters in the Servlets
+ Init parameters in web.xml
+ Updated SQLContext to use ThreadLocal
+ Added jakarta cactus unit tests to neuclear-commons to test the 2 new features above.
+ Added use of the new features in neuclear-commons to the servilets within neuclear-id and added
+ configuration parameters in web.xml
+
Revision 1.2 2003/11/21 04:43:41 pelle
EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
***************
*** 130,134 ****
public char[] getPassPhrase(final String name) {
! synchronized (passphrase) {
passphrase.setText("");
nameLabel.setText(name);
--- 139,143 ----
public char[] getPassPhrase(final String name) {
! synchronized (passphrase) {//We dont want multiple agents popping up at the same time
passphrase.setText("");
nameLabel.setText(name);
|
