activemq-jaas/src/main/java/org/apache/activemq/jaas/EncryptableLDAPLoginModule.java - activemq - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.activemq.jaas;

 import java.util.Map;

 import javax.security.auth.Subject;
 import javax.security.auth.callback.CallbackHandler;

 import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
 import org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig;
 import org.jasypt.properties.EncryptableProperties;

 /**
  * LDAPLoginModule that supports encryption
  */
 public class EncryptableLDAPLoginModule extends LDAPLoginModule {

     private static final String ENCRYPTION_PASSWORD = "encryptionPassword";
     private static final String PASSWORD_ENV_NAME = "passwordEnvName";
     private static final String PASSWORD_ALGORITHM = "encryptionAlgorithm";
     private static final String DEFAULT_PASSWORD_ENV_NAME = "ACTIVEMQ_ENCRYPTION_PASSWORD";
     private static final String DEFAULT_PASSWORD_ALGORITHM = "PBEWithMD5AndDES";
     private final StandardPBEStringEncryptor configurationEncryptor = new StandardPBEStringEncryptor();

     @SuppressWarnings({ "rawtypes", "unchecked" })
     @Override
     public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {

         String encryptionPassword = (String)options.get(ENCRYPTION_PASSWORD);
         String passwordEnvName = options.get(PASSWORD_ENV_NAME) != null ?
                 (String)options.get(PASSWORD_ENV_NAME) : DEFAULT_PASSWORD_ENV_NAME;
         String passwordAlgorithm = options.get(PASSWORD_ALGORITHM) != null ?
                 (String)options.get(PASSWORD_ALGORITHM) : DEFAULT_PASSWORD_ALGORITHM;

         EnvironmentStringPBEConfig envConfig = new EnvironmentStringPBEConfig();
         envConfig.setAlgorithm(passwordAlgorithm);

         //If the password was set, use it
         //else look up the password from the environment
         if (encryptionPassword == null) {
             envConfig.setPasswordEnvName(passwordEnvName);
         } else {
             envConfig.setPassword(encryptionPassword);
         }

         configurationEncryptor.setConfig(envConfig);
         EncryptableProperties encryptableOptions
             = new EncryptableProperties(configurationEncryptor);
         encryptableOptions.putAll(options);

         super.initialize(subject, callbackHandler, sharedState, encryptableOptions);

     }

 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.activemq.jaas;

	import java.util.Map;

	import javax.security.auth.Subject;
	import javax.security.auth.callback.CallbackHandler;

	import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
	import org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig;
	import org.jasypt.properties.EncryptableProperties;

	/**
	* LDAPLoginModule that supports encryption
	*/
	public class EncryptableLDAPLoginModule extends LDAPLoginModule {

	private static final String ENCRYPTION_PASSWORD = "encryptionPassword";
	private static final String PASSWORD_ENV_NAME = "passwordEnvName";
	private static final String PASSWORD_ALGORITHM = "encryptionAlgorithm";
	private static final String DEFAULT_PASSWORD_ENV_NAME = "ACTIVEMQ_ENCRYPTION_PASSWORD";
	private static final String DEFAULT_PASSWORD_ALGORITHM = "PBEWithMD5AndDES";
	private final StandardPBEStringEncryptor configurationEncryptor = new StandardPBEStringEncryptor();

	@SuppressWarnings({ "rawtypes", "unchecked" })
	@Override
	public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {

	String encryptionPassword = (String)options.get(ENCRYPTION_PASSWORD);
	String passwordEnvName = options.get(PASSWORD_ENV_NAME) != null ?
	(String)options.get(PASSWORD_ENV_NAME) : DEFAULT_PASSWORD_ENV_NAME;
	String passwordAlgorithm = options.get(PASSWORD_ALGORITHM) != null ?
	(String)options.get(PASSWORD_ALGORITHM) : DEFAULT_PASSWORD_ALGORITHM;

	EnvironmentStringPBEConfig envConfig = new EnvironmentStringPBEConfig();
	envConfig.setAlgorithm(passwordAlgorithm);

	//If the password was set, use it
	//else look up the password from the environment
	if (encryptionPassword == null) {
	envConfig.setPasswordEnvName(passwordEnvName);
	} else {
	envConfig.setPassword(encryptionPassword);
	}

	configurationEncryptor.setConfig(envConfig);
	EncryptableProperties encryptableOptions
	= new EncryptableProperties(configurationEncryptor);
	encryptableOptions.putAll(options);

	super.initialize(subject, callbackHandler, sharedState, encryptableOptions);

	}

	}