📄 rdbmsuser.java
字号:
//声明本接口所在的包
package examples.security.rdbmsrealm;
//声明本类引入的其他类
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import weblogic.security.acl.BasicRealm;
import weblogic.security.acl.User;
import weblogic.utils.encoders.BASE64Encoder;
/**
* 数据库的用户,包括用户名和密码。密码可能是单方式的。密码存在数据库中。
* The user has a name and password. The password may be one-way
* hashed. Hashed passwords are stored in the database in the form
* <tt>{HASH}gobbledygook</tt>, where <tt>HASH</tt> is the name of the
* hashing algorithm, and <tt>gobbledygook</tt> is the hashed
* password. <p>
*
* You can store passwords either in hashed or plaintext form.
* You can vary how passwords are stored on a per-user basis (for example, use
* MD5 for one user and SHA for another user).
* However, BEA recommends using a single hashing algorithm for all passwords and
* not storing any plain text passwords in the database. <p>
*
* This class has a <tt>main</tt> method, which you can use to
* generate hashed passwords from plain text passwords. The hashed
* passwords can then be stored in your database.
*
* @author Copyright (c) 1998-2000 by BEA Systems, Inc. All Rights Reserved.
*/
class RDBMSUser
extends User
{
/**
* 缺省的密码算法
*/
protected static final String ALGORITHM = "SHA";
/**
* 创建这个对象的域
*/
private transient RDBMSRealm realm;
/**
* 用户的密码
*/
private transient String passwd;
/**
* 摘要密码算法
*/
private transient MessageDigest md;
/**
* 指定名字和密码创建用户
*/
RDBMSUser(String name, String passwd, RDBMSRealm realm)
{
super(name);
this.realm = realm;
if (passwd != null)
{
int rightCurly = passwd.indexOf("}");
if (rightCurly > 0 && passwd.charAt(0) == '{')
{
this.passwd = passwd.substring(rightCurly + 1);
String algorithm = passwd.substring(1, rightCurly);
try
{
md = MessageDigest.getInstance(algorithm.toUpperCase());
}
catch (NoSuchAlgorithmException e)
{
if (realm.log != null)
{
realm.log.error("digest algorithm \"" + algorithm +
"\" not found - assuming plaintext password");
} else {
System.err.println("Error: digest algorithm \"" + algorithm +
"\" not found - assuming plaintext password");
}
}
} else {
this.passwd = passwd;
this.md = null;
}
}
}
/**
* 返回创建这个对象的域
*/
public BasicRealm getRealm()
{
return realm;
}
/**
* 用base64编码方法加密
*
* @参数 md message digest algorithm to hash with
* @参数 plaintext text to hash
* @返回 base64-encoded hashed text
*/
static protected String hash(MessageDigest md, String plaintext)
{
BASE64Encoder enc = new BASE64Encoder();
return enc.encodeBuffer(md.digest(plaintext.getBytes()));
}
/**
* 验证文本密码
*
* @参数 plaintext the plaintext password to check
* @返回 true if matched, false otherwise
*/
boolean authenticate(String plaintext)
{
String hashed = md != null ? hash(md, plaintext) : plaintext;
return hashed.equals(passwd);
}
/**
* 主方法
*
*/
public static void main(String[] args)
throws IOException
{
String algorithm = (args.length >= 1 ? args[0] : ALGORITHM).toUpperCase();
BufferedReader r = new BufferedReader(new InputStreamReader(System.in));
MessageDigest md = null;
String prefix = null;
String plaintext;
try
{
md = MessageDigest.getInstance(algorithm);
}
catch (NoSuchAlgorithmException e)
{
// ignore
}
if (md == null)
{
System.err.println("Error: unknown algorithm \"" + algorithm + "\"");
System.exit(1);
}
System.err.println("Enter plaintext passwords, separated by newlines.");
while ((plaintext = r.readLine()) != null)
{
String passwd = "{" + algorithm + "}" + hash(md, plaintext);
System.out.println(passwd);
if (System.out.checkError())
{
throw new IOException("output error");
}
}
r.close();
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -