/**
* Calculate a password hash using a MessageDigest.
*
* @param hashAlgorithm - the MessageDigest algorithm name
* @param hashEncoding - either base64 or hex to specify the type of encoding the MessageDigest as
* a string.
* @param hashCharset - the charset used to create the byte[] passed to the MessageDigestfrom the
* password String. If null the platform default is used.
* @param username - ignored in default version
* @param password - the password string to be hashed
* @param callback - the callback used to allow customization of the hash to occur. The preDigest
* method is called before the password is added and the postDigest method is called after the
* password has been added.
* @return the hashed string if successful, null if there is a digest exception
*/
public static String createPasswordHash(
String hashAlgorithm,
String hashEncoding,
String hashCharset,
String username,
String password,
DigestCallback callback) {
byte[] passBytes;
String passwordHash = null;
// convert password to byte data
try {
if (hashCharset == null) passBytes = password.getBytes();
else passBytes = password.getBytes(hashCharset);
} catch (UnsupportedEncodingException uee) {
PicketBoxLogger.LOGGER.errorFindingCharset(hashCharset, uee);
passBytes = password.getBytes();
}
// calculate the hash and apply the encoding.
try {
MessageDigest md = MessageDigest.getInstance(hashAlgorithm);
if (callback != null) callback.preDigest(md);
md.update(passBytes);
if (callback != null) callback.postDigest(md);
byte[] hash = md.digest();
if (hashEncoding.equalsIgnoreCase(BASE64_ENCODING)) {
passwordHash = Util.encodeBase64(hash);
} else if (hashEncoding.equalsIgnoreCase(BASE16_ENCODING)) {
passwordHash = Util.encodeBase16(hash);
} else if (hashEncoding.equalsIgnoreCase(RFC2617_ENCODING)) {
passwordHash = Util.encodeRFC2617(hash);
} else {
PicketBoxLogger.LOGGER.unsupportedHashEncodingFormat(hashEncoding);
}
} catch (Exception e) {
PicketBoxLogger.LOGGER.errorCalculatingPasswordHash(e);
}
return passwordHash;
}
@Override
public void actionSave() {
List<User> editItems = new ArrayList<User>();
for (int index = 0; index < dataList.size(); index++) {
if (isEditModeRow(index)) {
editItems.add(dataList.get(index));
}
}
Collection<User> foundUserList = new ArrayList<User>();
User existedUser = new User();
for (User editItem : editItems) {
String hash =
Util.createPasswordHash("MD5", Util.BASE64_ENCODING, null, null, editItem.getPassword());
editItem.setPassword(hash);
if (editItem.getId() == null) {
existedUser.setUsername(editItem.getUsername());
foundUserList = userDAO.get(existedUser);
if (foundUserList.isEmpty()) {
try {
// id=null stand for new added entry
userDAO.persist(editItem);
} catch (Exception e) {
ToolSet.setErrorMessage(e.getMessage() + " Cause: " + e.getCause());
e.printStackTrace();
return;
}
} else {
String message =
"Input user name "
+ editItem.getUsername()
+ " exists in database, duplicated is not allowed";
ToolSet.setErrorMessage(message);
return;
}
} else {
try {
// otherwise, it is existing entry, update it.
userDAO.update(editItem);
} catch (Exception e) {
ToolSet.setErrorMessage(e.getMessage() + " Cause: " + e.getCause());
e.printStackTrace();
return;
}
}
}
// reload data.
super.actionSave();
usersAssociatedRoleGroupEditable = false;
}
