Ejemplo n.º 1
0
  /**
   * Calculate a password hash using a MessageDigest.
   *
   * @param hashAlgorithm - the MessageDigest algorithm name
   * @param hashEncoding - either base64 or hex to specify the type of encoding the MessageDigest as
   *     a string.
   * @param hashCharset - the charset used to create the byte[] passed to the MessageDigestfrom the
   *     password String. If null the platform default is used.
   * @param username - ignored in default version
   * @param password - the password string to be hashed
   * @param callback - the callback used to allow customization of the hash to occur. The preDigest
   *     method is called before the password is added and the postDigest method is called after the
   *     password has been added.
   * @return the hashed string if successful, null if there is a digest exception
   */
  public static String createPasswordHash(
      String hashAlgorithm,
      String hashEncoding,
      String hashCharset,
      String username,
      String password,
      DigestCallback callback) {
    byte[] passBytes;
    String passwordHash = null;

    // convert password to byte data
    try {
      if (hashCharset == null) passBytes = password.getBytes();
      else passBytes = password.getBytes(hashCharset);
    } catch (UnsupportedEncodingException uee) {
      PicketBoxLogger.LOGGER.errorFindingCharset(hashCharset, uee);
      passBytes = password.getBytes();
    }

    // calculate the hash and apply the encoding.
    try {
      MessageDigest md = MessageDigest.getInstance(hashAlgorithm);
      if (callback != null) callback.preDigest(md);
      md.update(passBytes);
      if (callback != null) callback.postDigest(md);
      byte[] hash = md.digest();
      if (hashEncoding.equalsIgnoreCase(BASE64_ENCODING)) {
        passwordHash = Util.encodeBase64(hash);
      } else if (hashEncoding.equalsIgnoreCase(BASE16_ENCODING)) {
        passwordHash = Util.encodeBase16(hash);
      } else if (hashEncoding.equalsIgnoreCase(RFC2617_ENCODING)) {
        passwordHash = Util.encodeRFC2617(hash);
      } else {
        PicketBoxLogger.LOGGER.unsupportedHashEncodingFormat(hashEncoding);
      }
    } catch (Exception e) {
      PicketBoxLogger.LOGGER.errorCalculatingPasswordHash(e);
    }
    return passwordHash;
  }
  @Override
  public void actionSave() {
    List<User> editItems = new ArrayList<User>();
    for (int index = 0; index < dataList.size(); index++) {
      if (isEditModeRow(index)) {
        editItems.add(dataList.get(index));
      }
    }
    Collection<User> foundUserList = new ArrayList<User>();
    User existedUser = new User();

    for (User editItem : editItems) {
      String hash =
          Util.createPasswordHash("MD5", Util.BASE64_ENCODING, null, null, editItem.getPassword());
      editItem.setPassword(hash);
      if (editItem.getId() == null) {
        existedUser.setUsername(editItem.getUsername());
        foundUserList = userDAO.get(existedUser);
        if (foundUserList.isEmpty()) {
          try {
            // id=null stand for new added entry
            userDAO.persist(editItem);
          } catch (Exception e) {
            ToolSet.setErrorMessage(e.getMessage() + " Cause: " + e.getCause());
            e.printStackTrace();
            return;
          }
        } else {
          String message =
              "Input user name "
                  + editItem.getUsername()
                  + " exists in database, duplicated is not allowed";
          ToolSet.setErrorMessage(message);
          return;
        }
      } else {
        try {
          // otherwise, it is existing entry, update it.
          userDAO.update(editItem);
        } catch (Exception e) {
          ToolSet.setErrorMessage(e.getMessage() + " Cause: " + e.getCause());
          e.printStackTrace();
          return;
        }
      }
    }
    // reload data.
    super.actionSave();
    usersAssociatedRoleGroupEditable = false;
  }