Save This Page
Home » JBoss-5.1.0 » org » jboss » security » auth » spi » [javadoc | source]
    1   /*
    2   * JBoss, Home of Professional Open Source
    3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
    4   * by the @authors tag. See the copyright.txt in the distribution for a
    5   * full listing of individual contributors.
    6   *
    7   * This is free software; you can redistribute it and/or modify it
    8   * under the terms of the GNU Lesser General Public License as
    9   * published by the Free Software Foundation; either version 2.1 of
   10   * the License, or (at your option) any later version.
   11   *
   12   * This software is distributed in the hope that it will be useful,
   13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
   14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
   15   * Lesser General Public License for more details.
   16   *
   17   * You should have received a copy of the GNU Lesser General Public
   18   * License along with this software; if not, write to the Free
   19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
   20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
   21   */
   22   package org.jboss.security.auth.spi;
   23   
   24   import java.security.AccessController;
   25   import java.security.PrivilegedActionException;
   26   import java.security.PrivilegedExceptionAction;
   27   
   28   import javax.crypto.Cipher;
   29   import javax.management.ObjectName;
   30   
   31   import org.jboss.security.config.SecurityConfiguration;
   32   
   33   /**
   34    * PriviledgedActions used by login modules for decoding passwords
   35    * 
   36    * @author Scott.Stark@jboss.org
   37    * @version $Revision: 86122 $
   38    */
   39   class DecodeAction implements PrivilegedExceptionAction<Object>
   40   {
   41      /** The permission required to access decode, decode64 */
   42      private static final RuntimePermission decodePermission =
   43         new RuntimePermission("org.jboss.security.auth.spi.DecodeAction.decode"); 
   44      
   45      String password;
   46      ObjectName serviceName;
   47   
   48      DecodeAction(String password, ObjectName serviceName)
   49      {
   50         this.password = password;
   51         this.serviceName = serviceName;
   52      }
   53   
   54      /**
   55       * 
   56       * @return
   57       * @throws Exception
   58       */
   59      public Object run() throws Exception
   60      {  
   61         // Invoke the decodeb64 op
   62         byte[] secret = decode64(password);
   63         // Convert to UTF-8 base char array
   64         String secretPassword = new String(secret, "UTF-8");
   65         return secretPassword.toCharArray();
   66      }
   67      
   68      private byte[] decode64(String secret)
   69      throws Exception
   70      {
   71        byte[] encoding = Util.fromb64(secret);
   72        byte[] decode = decode(encoding);
   73        return decode;
   74      }
   75      
   76      /** Decrypt the secret using the cipherKey.
   77      *
   78      * @param secret - the encrypted secret to decrypt.
   79      * @return the decrypted secret
   80      * @throws Exception
   81      */
   82     private byte[] decode(byte[] secret)
   83        throws Exception
   84     {
   85        SecurityManager sm = System.getSecurityManager();
   86        if( sm != null )
   87           sm.checkPermission(decodePermission);
   88   
   89        Cipher cipher = Cipher.getInstance(SecurityConfiguration.getCipherAlgorithm());
   90        cipher.init(Cipher.DECRYPT_MODE, SecurityConfiguration.getCipherKey(), 
   91              SecurityConfiguration.getCipherSpec());
   92        byte[] decode = cipher.doFinal(secret);
   93        return decode;
   94     }
   95     
   96      static char[] decode(String password, ObjectName serviceName)
   97         throws Exception
   98      {
   99         DecodeAction action = new DecodeAction(password, serviceName);
  100         try
  101         {
  102            char[] decode = (char[]) AccessController.doPrivileged(action);
  103            return decode;
  104         }
  105         catch(PrivilegedActionException e)
  106         {
  107            throw e.getException();
  108         }
  109      }
  110   }

Save This Page
Home » JBoss-5.1.0 » org » jboss » security » auth » spi » [javadoc | source]