📄 passwordmanager.java
字号:
/* * ==================================================================== * The Vovida Software License, Version 1.0 * * Copyright (c) 2000 Vovida Networks, Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The names "VOCAL", "Vovida Open Communication Application Library", * and "Vovida Open Communication Application Library (VOCAL)" must * not be used to endorse or promote products derived from this * software without prior written permission. For written * permission, please contact vocal@vovida.org. * * 4. Products derived from this software may not be called "VOCAL", nor * may "VOCAL" appear in their name, without prior written * permission of Vovida Networks, Inc. * * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND * NON-INFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL VOVIDA * NETWORKS, INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT DAMAGES * IN EXCESS OF $1,000, NOR FOR ANY INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH * DAMAGE. * * ==================================================================== * * This software consists of voluntary contributions made by Vovida * Networks, Inc. and many individuals on behalf of Vovida Networks, * Inc. For more information on Vovida Networks, Inc., please see * <http://www.vovida.org/>. * */package vocal.pw;import vocal.comm.VPPTransactionWrapper;import vocal.comm.VPPNoSuchFileException;import vocal.userEditor.PServerInterface;import java.io.FileNotFoundException;import java.io.StringReader;import java.io.IOException;import org.xml.sax.SAXException;import java.security.MessageDigest;import java.security.NoSuchAlgorithmException;import java.util.Hashtable;/** * Used by the main gui to determine whether access is allowed for a given * user id/password/access level combination. <p> * * There are three access levels: * <ul> * <li>user - all files in "Accounts" are automatically assumed to require * user access level. * <li>administrator - this access level applies only to account files in * "Admin_Accounts". * <li>technician - this applies only to account files in "Admin_Accounts" * </ul> * * Passwords are stored in account files as an md5 hash. * To verify the password: the entire account file is retrieved, the password is * parsed out of the file, the hash of the user-entered password is computed and * compared to the one in the file. <p> * * An account is determined to have user access if it can be retrieved from * "Accounts". An account is determined to have "admin" access if it can be * retrieved form "Admin_accounts" and contains the accessLevel=admin tag. An * account is determined to have technician access if it can be retrieved from * "Admin_accounts" and has the accessLevel=tech tag. <p> * */public class PasswordManager implements AccessLevels{ /** * Used to retrieve the account files for users/administrators/technicians. * The passwords are contained in these files and are retrieved to be compared * to the given password. */ private PServerInterface psInterface; private Hashtable passwords = new Hashtable(); private String loginName = null; public PasswordManager(VPPTransactionWrapper con) { psInterface = new PServerInterface(con); } public boolean isAccessAllowed(String loginId, String password, int accessLevel) throws UnknownLoginIdException, NoSuchAlgorithmException, IOException, SAXException { loginName = loginId; switch (accessLevel) { case USER: { return isUserAccessAllowed(loginId, password); } case TECHNICIAN: { return isAdminAccessAllowed(loginId, password, accessLevel); } case ADMINISTRATOR: { return isAdminAccessAllowed(loginId, password, accessLevel); } } return false; } public static String computeHash(String input) throws NoSuchAlgorithmException { // get a message disgest for the md5 algorithm MessageDigest algorithm = MessageDigest.getInstance("MD5"); algorithm.reset(); algorithm.update(input.getBytes()); // compute the hash of the input entered by the user byte[] digest = algorithm.digest(); // convert the hash to a hex string StringBuffer hex = new StringBuffer(); for (int i = 0; i < digest.length; i++) { hex.append(Integer.toHexString(0xFF & digest[i])); } return hex.toString(); } private boolean isAccessAllowedFrom(String loginId, String password, String group, String filename, int accessLevel) throws UnknownLoginIdException, NoSuchAlgorithmException, IOException, SAXException { String userPassword = null; try { String response = psInterface.get(group, filename); userPassword = psInterface.getPasswordFromXml(response); // if administrator or tech level access was requested, check wheter that // level of access is allowed in the xml file if (accessLevel == this.ADMINISTRATOR) { if (!psInterface.allowsAccessOfType(response, "administrator")) { return false; // admin access is not allowed in this file } } else if (accessLevel == this.TECHNICIAN) { if (!psInterface.allowsAccessOfType(response, "technician")) { return false; // tech access is not allowed in the file } } // now that we know the access level which was requested is available, // check whether the passwords match. if (userPassword == null) // no password defined in the file { return true; // allow access } passwords.put(loginId, userPassword); } catch (VPPNoSuchFileException e) { throw new UnknownLoginIdException(e.toString()); } String hash = computeHash(password); // check whether the hash of the entered password matches the hash stored // in the file if (hash.equals(userPassword)) { return true; } return false; } private boolean isAdminAccessAllowed(String loginId, String password, int accessLevel) throws UnknownLoginIdException, NoSuchAlgorithmException, IOException, SAXException { loginName = loginId; return isAccessAllowedFrom(loginId, password, "Admin_Accounts", loginId, accessLevel); } /** * Return the name which was actually used to login the account. <p> * This would be different from the supplied loginId if the account was * a user account and the user had tried to login using an alias. In that * case, this should return the user's master name */ public String getLoginName() { return loginName; } private boolean isUserAccessAllowed(String loginId, String password) throws UnknownLoginIdException, NoSuchAlgorithmException, IOException, SAXException { // find out if the user is trying to use an alias to log in try { String response = psInterface.get("Aliases", loginId); if (response != null) { // get the master name for the user from his alias file loginId = psInterface.getMasterUserNameFromXml(response); loginName = loginId; } } catch (VPPNoSuchFileException e) { // there is no such alias - loginId must be a master name } // now check whether access is allowed for the master name return isAccessAllowedFrom(loginId, password, "Accounts", loginId, this.USER); }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -