📄 passwdmembershipservice.java
字号:
/** the peergroup to which this service is associated.
*/
private PeerGroup peergroup = null;
/** The current set of principals associated with this peer within this peegroup.
*/
private Vector principals = null;
/** The set of AuthenticationCredentials which were used to establish the principals.
*/
private Vector authCredentials = null;
/** The ModuleImplAdvertisement which was used to instantiate this service.
*/
private ModuleImplAdvertisement implAdvertisement = null;
/** An internal table containing the identity and password pairs as parsed from the
* the PeerGroupAdvertisement.
*/
private Hashtable logins = null;
/**
* Initialize the application
*
* @param group PeerGroup this service is started from
* @param assigneID The unqiue ID of this service in this group.
* @param impl The Advertisement for this service from the PeerGroupAdvertisement.
* @param config The configuration of this peer.
* @throws PeerGroupException in the event of errors. this exception spec needs to be narrowed.
*/
public void init(PeerGroup group, ID assignedID, Advertisement impl)
throws PeerGroupException {
peergroup = group;
implAdvertisement = (ModuleImplAdvertisement) impl;
PeerGroupAdvertisement configAdv = (PeerGroupAdvertisement)
group.getPeerGroupAdvertisement();
TextElement myParam =
(TextElement) configAdv.getServiceParam(assignedID);
logins = new Hashtable();
if( null == myParam )
throw new PeerGroupException( "parameters for group passwords missing" );
for( Enumeration allLogins = myParam.getChildren(); allLogins.hasMoreElements(); ) {
TextElement aLogin = (TextElement) allLogins.nextElement();
if( aLogin.getName().equals( "login" ) ) {
String etcPasswd = (String) aLogin.getTextValue( );
int nextDelim = etcPasswd.indexOf( ':' );
if( -1 == nextDelim )
continue;
String login = etcPasswd.substring( 0, nextDelim ).trim();
int lastDelim = etcPasswd.indexOf( ':', nextDelim + 1 );
String passwd = etcPasswd.substring( nextDelim + 1, lastDelim );
LOG.info( "Adding login : '" + login + "' with encoded password : '" + passwd + "'" );
logins.put( login, passwd );
}
}
// We initialise our set of principals to the resigned state.
resign();
}
/** Returns the interface for this service. Some services return proxy versions of
* themselves to impose security upon the service object or to count references
* to the service.
* @return the interface version of this service.
*/
public Service getInterface() {
return this;
}
/** Returns the ModuleImplAdvertisement assocaiated with this Service.
* @return the ModuleImplAdvertisement assocaiated with this Service.
*/
public Advertisement getImplAdvertisement() {
return implAdvertisement;
}
/**
* Supply arguments and starts this service if it hadn't started by itself.
*
* Currently this service starts by itself and does not expect
* arguments.
*
* @param arg A table of strings arguments.
* @return int status indication.
*/
public int startApp(String[] arg) {
return 0;
}
/**
* Ask this service to stop.
*
* This request is currently ignored.
*/
public void stopApp() {
}
/** Returns the peer group assocaited with this MembershipService service.
* @return the peer group assocaited with this MembershipService service.
*/
public PeerGroup getPeerGroup() {
return peergroup;
}
/**
* Request the necessary credentials to join the group with which this
* policy is associated.
*
* @return Authenticator which must be completed before this peergroup may be joined.
* @param application The AuthenticationCredential containing the authentication method being
* requested and any identity information which is required to initialize the
* specified authentication method.
* @throws PeerGroupException in the event of errors. this exception spec needs to be narrowed.
* @throws ProtocolNotSupportedException if the authentication method requested
* in the application is not supported by this policy.
*/
public Authenticator apply(AuthenticationCredential application) throws PeerGroupException, ProtocolNotSupportedException {
String method = application.getMethod();
if( (null != method) && !"PasswdAuthentication".equals( method ) )
throw new ProtocolNotSupportedException(
"Authentication method not recognized" );
return new PasswdAuthenticator( this, application );
}
/**
* Returns an enumeration of the current credentials associated with this peer
* within in this peergroup.
* @throws PeerGroupException in the event of errors. this exception spec needs to be narrowed.
* @return Enumeration of the current credentials associated with this peer
* within in this peergroup.
*/
public synchronized Enumeration getCurrentCredentials() throws PeerGroupException {
return principals.elements();
}
/**
* Returns an enumeration of the AuthencticationCredentials which were used as the
* basis for the current set of credentials.
*
* @throws PeerGroupException in the event of errors. this exception spec needs to be narrowed.
* @return enumeration of the AuthencticationCredentials which were used as the
* basis for the current set of credentials.
*
*/
public synchronized Enumeration getAuthCredentials() throws PeerGroupException {
return authCredentials.elements();
}
/**
* Join the group by virtue of the completed authentication provided.
*
* @param authenticated the completed authentication object.
* @throws PeerGroupException in the event of errors. this exception spec needs to be narrowed.
* @return The credential created by this join operation.
*/
public synchronized Credential join(Authenticator authenticated) throws PeerGroupException {
if( !(authenticated instanceof PasswdAuthenticator) )
throw new ClassCastException( "This is not my authenticator!" );
if( !authenticated.isReadyForJoin() )
throw new PeerGroupException( "Not Ready to join!" );
if( !checkPasswd(
((PasswdAuthenticator)authenticated).getAuth1Identity(),
((PasswdAuthenticator)authenticated).getAuth2_Password() ) )
throw new PeerGroupException( "Incorrect Password!" );
// FIXME 20010327 bondolo@jxta.org Make up the signed bit.
Credential newCred = new PasswdCredential( this,
((PasswdAuthenticator)authenticated).getAuth1Identity(), "blah" );
principals.addElement( newCred );
authCredentials.addElement( authenticated.getAuthenticationCredential() );
return newCred;
}
/**
* Leave the group to which this policy is attached.
* @throws PeerGroupException in the event of errors. this exception spec needs to be narrowed.
*/
public synchronized void resign() throws PeerGroupException {
principals = new Vector();
authCredentials = new Vector();
// FIXME 20010327 bondolo@jxta.org Make up the signed bit.
principals.addElement( new PasswdCredential( this, "nobody", "blah" ) );
}
/**
* Given a fragment of a StructuredDocument, reconstruct a Credential object
* from that fragment.
*
* @return Credential which was created from the document fragment.
* @param element The StructuredDocument fragment to use for building the
* credential.
* @throws PeerGroupException in the event of errors. this exception spec needs to be narrowed.
* @throws Exception in the event of errors. this exception spec needs to be narrowed.
*/
public Credential makeCredential(Element element) throws PeerGroupException, Exception {
Object rootIs = element.getKey();
// XXX 20010327 bondolo@jxta.org This should use a factory.
if( !"PasswdCredential".equals(rootIs) )
throw new PeerGroupException( "Element does not contain a recognized credential format" );
Enumeration children = element.getChildren( "PeerGroupID" );
if( !children.hasMoreElements() )
throw new RuntimeException( "Missing PeerGroupID Element" );
PeerGroupID peergroup = (PeerGroupID) IDFactory.fromURL( new URL( (String) ((Element) children.nextElement()).getValue() ) );
if( children.hasMoreElements() )
throw new RuntimeException( "Extra PeerGroupID Elements" );
children = element.getChildren( "PeerID" );
if( !children.hasMoreElements() )
throw new RuntimeException( "Missing PeerID Element" );
PeerID peer = (PeerID) IDFactory.fromURL( new URL( (String) ((Element) children.nextElement()).getValue() ) );
if( children.hasMoreElements() )
throw new RuntimeException( "Extra PeerID Elements" );
children = element.getChildren( "Identity" );
if( !children.hasMoreElements() )
throw new RuntimeException( "Missing PeerID Element" );
String whoami = (String) ((Element) children.nextElement()).getValue();
if( children.hasMoreElements() )
throw new RuntimeException( "Extra Identity Elements" );
children = element.getChildren( "ReallyInsecureSignature" );
if( !children.hasMoreElements() )
throw new RuntimeException( "Missing 'ReallyInsecureSignature' Element" );
String signedPeerID = (String) ((Element) children.nextElement()).getValue();
if( children.hasMoreElements() )
throw new RuntimeException( "Extra 'ReallyInsecureSignature' Elements" );
return new PasswdCredential( this, peergroup, peer, whoami, signedPeerID );
}
/**
* Given an identity and an encoded password
* @param identity the identity which the user is trying to claim
* @param passwd the password they used.
* @return true if the password was correct for the specified identity otherwise false.
*/
private boolean checkPasswd( String identity, String passwd ) {
boolean result;
if( !logins.containsKey( identity ) )
return false;
String encodedPW = makePsswd( passwd );
if (LOG.isEnabledFor(Priority.DEBUG)) LOG.debug("Password '" + passwd + "' encodes as: '" + encodedPW + "'");
String mustMatch = (String) logins.get( identity );
// if there is a null password for this identity then match everything.
if( mustMatch.equals( "" ) )
return true;
result = encodedPW.equals(mustMatch);
return result;
}
/**
* This is the method used to make the password strings. We only provide
* one way encoding since we can compare the encoded strings.
*
* FIXME bondolo@jxta.org 20010402 : switch to use the standard crypt(3) algorithm for
* encoding the passwords. The current algorithm has been breakable since
* ancient times, crypt(3) is also weak, but harder to break.
*
* @param source the string to encode
* @return String the encoded version of the password.
*
**/
public static String makePsswd( String source ) {
/**
*
* A->D B->Q C->K D->W E->H F->R G->T H->E I->N J->O K->G L->X M->C
* N->V O->Y P->S Q->F R->J S->P T->I U->L V->Z W->A X->B Y->M Z->U
*
**/
final String xlateTable = "DQKWHRTENOGXCVYSFJPILZABMU";
StringBuffer work = new StringBuffer( source );
for( int eachChar = work.length() - 1; eachChar >=0; eachChar-- ) {
char aChar = Character.toUpperCase( work.charAt(eachChar) );
int replaceIdx = xlateTable.indexOf( aChar );
if( -1 != replaceIdx )
work.setCharAt( eachChar, (char) ('A' + replaceIdx) );
}
return work.toString();
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -