Пример #1
0
 @Override
 public void userNotFound(String name, UaaAuthenticationDetails details) {
   try {
     // Store hash of name, to conceal accidental entry of sensitive info (e.g. password)
     name =
         Utf8.decode(Base64.encode(MessageDigest.getInstance("SHA-1").digest(Utf8.encode(name))));
   } catch (NoSuchAlgorithmException shouldNeverHappen) {
     name = "NOSHA";
   }
   createAuditRecord(name, AuditEventType.UserNotFound, getOrigin(details), "");
 }
Пример #2
0
 private String encode(CharSequence rawPassword, String salt) {
   byte[] input = Utf8.encode(salt + rawPassword);
   byte[] digest = messageDigest.digest(input);
   return messageDigest.getAlgorithm().toLowerCase()
       + "$"
       + salt
       + "$"
       + new String(Hex.encode(digest));
 }
 @Test
 public void compareOfWrongByteValueFails() {
   assertFalse(template.compare("uid=bob,ou=people", "userPassword", Utf8.encode("wrongvalue")));
 }
 @Test
 public void compareOfCorrectByteValueSucceeds() {
   assertTrue(template.compare("uid=bob,ou=people", "userPassword", Utf8.encode("bobspassword")));
 }