Example #1
0
 @Override
 public int update() {
   session.getUser().checkAdmin();
   session.commit(true);
   Database db = session.getDatabase();
   if (db.findRole(userName) != null) {
     throw DbException.get(ErrorCode.ROLE_ALREADY_EXISTS_1, userName);
   }
   if (db.findUser(userName) != null) {
     if (ifNotExists) {
       return 0;
     }
     throw DbException.get(ErrorCode.USER_ALREADY_EXISTS_1, userName);
   }
   int id = getObjectId();
   User user = new User(db, id, userName, false);
   user.setAdmin(admin);
   user.setComment(comment);
   if (hash != null && salt != null) {
     user.setSaltAndHash(getByteArray(salt), getByteArray(hash));
   } else if (password != null) {
     char[] passwordChars = getCharArray(password);
     byte[] userPasswordHash;
     if (userName.length() == 0 && passwordChars.length == 0) {
       userPasswordHash = new byte[0];
     } else {
       userPasswordHash = SHA256.getKeyPasswordHash(userName, passwordChars);
     }
     user.setUserPasswordHash(userPasswordHash);
   } else {
     throw DbException.throwInternalError();
   }
   db.addDatabaseObject(session, user);
   return 0;
 }
Example #2
0
 private static void testConnectWithHash() throws SQLException {
   Connection conn = DriverManager.getConnection("jdbc:h2:mem:test", "sa", "sa");
   String pwd = StringUtils.convertBytesToHex(SHA256.getKeyPasswordHash("SA", "sa".toCharArray()));
   Connection conn2 =
       DriverManager.getConnection("jdbc:h2:mem:test;PASSWORD_HASH=TRUE", "sa", pwd);
   conn.close();
   conn2.close();
 }
 private static byte[] hashPassword(boolean passwordHash, String userName, char[] password) {
   // 如果PASSWORD_HASH参数是true那么不再进行SHA256vn
   if (passwordHash) {
     return StringUtils.convertHexToBytes(new String(password));
   }
   if (userName.length() == 0 && password.length == 0) {
     return new byte[0];
   }
   // 会生成32个字节,32*8刚好是256 bit,刚好对应SHA256的名字
   return SHA256.getKeyPasswordHash(userName, password);
 }