📄 realmbase.java
字号:
destroy();
}
public void destroy() {
// unregister this realm
if ( oname!=null ) {
try {
Registry.getRegistry(null, null).unregisterComponent(oname);
if(log.isDebugEnabled())
log.debug( "unregistering realm " + oname );
} catch( Exception ex ) {
log.error( "Can't unregister realm " + oname, ex);
}
}
}
// ------------------------------------------------------ Protected Methods
/**
* Digest the password using the specified algorithm and
* convert the result to a corresponding hexadecimal string.
* If exception, the plain credentials string is returned.
*
* @param credentials Password or other credentials to use in
* authenticating this username
*/
protected String digest(String credentials) {
// If no MessageDigest instance is specified, return unchanged
if (hasMessageDigest() == false)
return (credentials);
// Digest the user credentials and return as hexadecimal
synchronized (this) {
try {
md.reset();
byte[] bytes = null;
if(getDigestEncoding() == null) {
bytes = credentials.getBytes();
} else {
try {
bytes = credentials.getBytes(getDigestEncoding());
} catch (UnsupportedEncodingException uee) {
log.error("Illegal digestEncoding: " + getDigestEncoding(), uee);
throw new IllegalArgumentException(uee.getMessage());
}
}
md.update(bytes);
return (HexUtils.convert(md.digest()));
} catch (Exception e) {
log.error(sm.getString("realmBase.digest"), e);
return (credentials);
}
}
}
protected boolean hasMessageDigest() {
return !(md == null);
}
/**
* Return the digest associated with given principal's user name.
*/
protected String getDigest(String username, String realmName) {
if (md5Helper == null) {
try {
md5Helper = MessageDigest.getInstance("MD5");
} catch (NoSuchAlgorithmException e) {
log.error("Couldn't get MD5 digest: ", e);
throw new IllegalStateException(e.getMessage());
}
}
if (hasMessageDigest()) {
// Use pre-generated digest
return getPassword(username);
}
String digestValue = username + ":" + realmName + ":"
+ getPassword(username);
byte[] valueBytes = null;
if(getDigestEncoding() == null) {
valueBytes = digestValue.getBytes();
} else {
try {
valueBytes = digestValue.getBytes(getDigestEncoding());
} catch (UnsupportedEncodingException uee) {
log.error("Illegal digestEncoding: " + getDigestEncoding(), uee);
throw new IllegalArgumentException(uee.getMessage());
}
}
byte[] digest = null;
// Bugzilla 32137
synchronized(md5Helper) {
digest = md5Helper.digest(valueBytes);
}
return md5Encoder.encode(digest);
}
/**
* Return a short name for this Realm implementation, for use in
* log messages.
*/
protected abstract String getName();
/**
* Return the password associated with the given principal's user name.
*/
protected abstract String getPassword(String username);
/**
* Return the Principal associated with the given certificate.
*/
protected Principal getPrincipal(X509Certificate usercert) {
return(getPrincipal(usercert.getSubjectDN().getName()));
}
/**
* Return the Principal associated with the given user name.
*/
protected abstract Principal getPrincipal(String username);
// --------------------------------------------------------- Static Methods
/**
* Digest password using the algorithm especificied and
* convert the result to a corresponding hex string.
* If exception, the plain credentials string is returned
*
* @param credentials Password or other credentials to use in
* authenticating this username
* @param algorithm Algorithm used to do the digest
* @param encoding Character encoding of the string to digest
*/
public final static String Digest(String credentials, String algorithm,
String encoding) {
try {
// Obtain a new message digest with "digest" encryption
MessageDigest md =
(MessageDigest) MessageDigest.getInstance(algorithm).clone();
// encode the credentials
// Should use the digestEncoding, but that's not a static field
if (encoding == null) {
md.update(credentials.getBytes());
} else {
md.update(credentials.getBytes(encoding));
}
// Digest the credentials and return as hexadecimal
return (HexUtils.convert(md.digest()));
} catch(Exception ex) {
log.error(ex);
return credentials;
}
}
/**
* Digest password using the algorithm especificied and
* convert the result to a corresponding hex string.
* If exception, the plain credentials string is returned
*/
public static void main(String args[]) {
String encoding = null;
int firstCredentialArg = 2;
if (args.length > 4 && args[2].equalsIgnoreCase("-e")) {
encoding = args[3];
firstCredentialArg = 4;
}
if(args.length > firstCredentialArg && args[0].equalsIgnoreCase("-a")) {
for(int i=firstCredentialArg; i < args.length ; i++){
System.out.print(args[i]+":");
System.out.println(Digest(args[i], args[1], encoding));
}
} else {
System.out.println
("Usage: RealmBase -a <algorithm> [-e <encoding>] <credentials>");
}
}
// -------------------- JMX and Registration --------------------
protected String type;
protected String domain;
protected String host;
protected String path;
protected ObjectName oname;
protected ObjectName controller;
protected MBeanServer mserver;
public ObjectName getController() {
return controller;
}
public void setController(ObjectName controller) {
this.controller = controller;
}
public ObjectName getObjectName() {
return oname;
}
public String getDomain() {
return domain;
}
public String getType() {
return type;
}
public ObjectName preRegister(MBeanServer server,
ObjectName name) throws Exception {
oname=name;
mserver=server;
domain=name.getDomain();
type=name.getKeyProperty("type");
host=name.getKeyProperty("host");
path=name.getKeyProperty("path");
return name;
}
public void postRegister(Boolean registrationDone) {
}
public void preDeregister() throws Exception {
}
public void postDeregister() {
}
protected boolean initialized=false;
public void init() {
this.containerLog = container.getLogger();
if( initialized && container != null ) return;
initialized=true;
if( container== null ) {
ObjectName parent=null;
// Register with the parent
try {
if( host == null ) {
// global
parent=new ObjectName(domain +":type=Engine");
} else if( path==null ) {
parent=new ObjectName(domain +
":type=Host,host=" + host);
} else {
parent=new ObjectName(domain +":j2eeType=WebModule,name=//" +
host + path);
}
if( mserver.isRegistered(parent )) {
if(log.isDebugEnabled())
log.debug("Register with " + parent);
mserver.setAttribute(parent, new Attribute("realm", this));
}
} catch (Exception e) {
log.error("Parent not available yet: " + parent);
}
}
if( oname==null ) {
// register
try {
ContainerBase cb=(ContainerBase)container;
oname=new ObjectName(cb.getDomain()+":type=Realm" + cb.getContainerSuffix());
Registry.getRegistry(null, null).registerComponent(this, oname, null );
if(log.isDebugEnabled())
log.debug("Register Realm "+oname);
} catch (Throwable e) {
log.error( "Can't register " + oname, e);
}
}
}
protected static class AllRolesMode {
private String name;
/** Use the strict servlet spec interpretation which requires that the user
* have one of the web-app/security-role/role-name
*/
public static final AllRolesMode STRICT_MODE = new AllRolesMode("strict");
/** Allow any authenticated user
*/
public static final AllRolesMode AUTH_ONLY_MODE = new AllRolesMode("authOnly");
/** Allow any authenticated user only if there are no web-app/security-roles
*/
public static final AllRolesMode STRICT_AUTH_ONLY_MODE = new AllRolesMode("strictAuthOnly");
static AllRolesMode toMode(String name)
{
AllRolesMode mode;
if( name.equalsIgnoreCase(STRICT_MODE.name) )
mode = STRICT_MODE;
else if( name.equalsIgnoreCase(AUTH_ONLY_MODE.name) )
mode = AUTH_ONLY_MODE;
else if( name.equalsIgnoreCase(STRICT_AUTH_ONLY_MODE.name) )
mode = STRICT_AUTH_ONLY_MODE;
else
throw new IllegalStateException("Unknown mode, must be one of: strict, authOnly, strictAuthOnly");
return mode;
}
private AllRolesMode(String name)
{
this.name = name;
}
public boolean equals(Object o)
{
boolean equals = false;
if( o instanceof AllRolesMode )
{
AllRolesMode mode = (AllRolesMode) o;
equals = name.equals(mode.name);
}
return equals;
}
public int hashCode()
{
return name.hashCode();
}
public String toString()
{
return name;
}
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -