| <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../jacoco-resources/report.gif" type="image/gif"/><title>CryptedXMLDocAuthenticator.java</title><link rel="stylesheet" href="../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">jUDDI Core Services</a> > <a href="index.source.html" class="el_package">org.apache.juddi.v3.auth</a> > <span class="el_source">CryptedXMLDocAuthenticator.java</span></div><h1>CryptedXMLDocAuthenticator.java</h1><pre class="source lang-java linenums">/* |
| * Copyright 2001-2008 The Apache Software Foundation. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| * |
| */ |
| |
| package org.apache.juddi.v3.auth; |
| |
| import java.io.IOException; |
| import java.security.InvalidAlgorithmParameterException; |
| import java.security.InvalidKeyException; |
| import java.security.NoSuchAlgorithmException; |
| |
| import javax.crypto.BadPaddingException; |
| import javax.crypto.IllegalBlockSizeException; |
| import javax.crypto.NoSuchPaddingException; |
| import javax.persistence.EntityManager; |
| import javax.persistence.EntityTransaction; |
| import javax.xml.bind.JAXBException; |
| |
| import org.apache.commons.configuration.ConfigurationException; |
| import org.apache.commons.logging.Log; |
| import org.apache.commons.logging.LogFactory; |
| import org.apache.juddi.config.AppConfig; |
| import org.apache.juddi.config.PersistenceManager; |
| import org.apache.juddi.config.Property; |
| import org.apache.juddi.v3.client.cryptor.Cryptor; |
| import org.apache.juddi.cryptor.CryptorFactory; |
| import org.apache.juddi.model.Publisher; |
| import static org.apache.juddi.v3.auth.XMLDocAuthenticator.log; |
| import org.apache.juddi.v3.error.AuthenticationException; |
| import org.apache.juddi.v3.error.ErrorMessage; |
| import org.apache.juddi.v3.error.FatalErrorException; |
| import org.apache.juddi.v3.error.RegistryException; |
| import org.apache.juddi.v3.error.UnknownUserException; |
| |
| /** |
| * @author Anou Manavalan |
| */ |
| public class CryptedXMLDocAuthenticator extends XMLDocAuthenticator { |
| |
| <span class="pc" id="L53"> private Log logger = LogFactory.getLog(this.getClass());</span> |
| /** |
| * @throws IOException |
| * @throws JAXBException |
| * @throws ConfigurationException |
| * |
| */ |
| public CryptedXMLDocAuthenticator() throws JAXBException, IOException, ConfigurationException { |
| <span class="fc" id="L61"> super();</span> |
| <span class="fc" id="L62"> }</span> |
| |
| private CryptedXMLDocAuthenticator(boolean b) { |
| <span class="nc" id="L65"> super(b);</span> |
| <span class="nc" id="L66"> }</span> |
| @Override |
| protected String getFilename() throws ConfigurationException { |
| <span class="fc" id="L69"> return AppConfig.getConfiguration().getString(Property.JUDDI_USERSFILE, Property.DEFAULT_ENCRYPTED_XML_USERSFILE);</span> |
| } |
| /** |
| * |
| * @return user id |
| * @throws org.apache.juddi.v3.error.AuthenticationException |
| * @throws org.apache.juddi.v3.error.FatalErrorException |
| */ |
| public String authenticate(String userID, String credential) |
| throws AuthenticationException, FatalErrorException { |
| <span class="fc" id="L79"> preProcess(userID, credential);</span> |
| <span class="fc" id="L80"> String encryptedCredential = encrypt(credential);</span> |
| <span class="fc" id="L81"> return postProcess(userID, encryptedCredential);</span> |
| } |
| /** |
| * |
| */ |
| private String encrypt(String str) throws FatalErrorException { |
| try { |
| <span class="fc" id="L88"> Cryptor cryptor = (Cryptor) CryptorFactory.getCryptor();</span> |
| <span class="fc" id="L89"> return cryptor.encrypt(str);</span> |
| <span class="nc" id="L90"> } catch (InvalidKeyException e) {</span> |
| <span class="nc" id="L91"> logger.error("Invalid Key Exception in crypting the password", e);</span> |
| <span class="nc" id="L92"> throw new FatalErrorException(new ErrorMessage(</span> |
| <span class="nc" id="L93"> "errors.auth.cryptor.InvalidKey", e.getMessage()));</span> |
| <span class="nc" id="L94"> } catch (NoSuchPaddingException e) {</span> |
| <span class="nc" id="L95"> logger.error("Padding Exception in crypting the password", e);</span> |
| <span class="nc" id="L96"> throw new FatalErrorException(new ErrorMessage(</span> |
| <span class="nc" id="L97"> "errors.auth.cryptor.Padding", e.getMessage()));</span> |
| <span class="nc" id="L98"> } catch (NoSuchAlgorithmException e) {</span> |
| <span class="nc" id="L99"> logger.error("Algorithm Exception in crypting the password", e);</span> |
| <span class="nc" id="L100"> throw new FatalErrorException(new ErrorMessage(</span> |
| <span class="nc" id="L101"> "errors.auth.cryptor.Algorithm", e.getMessage()));</span> |
| <span class="nc" id="L102"> } catch (InvalidAlgorithmParameterException e) {</span> |
| <span class="nc" id="L103"> logger.error("Algorithm parameter Exception in crypting the password",</span> |
| e); |
| <span class="nc" id="L105"> throw new FatalErrorException(new ErrorMessage(</span> |
| <span class="nc" id="L106"> "errors.auth.cryptor.AlgorithmParam", e.getMessage()));</span> |
| <span class="nc" id="L107"> } catch (IllegalBlockSizeException e) {</span> |
| <span class="nc" id="L108"> logger.error("Block size Exception in crypting the password", e);</span> |
| <span class="nc" id="L109"> throw new FatalErrorException(new ErrorMessage(</span> |
| <span class="nc" id="L110"> "errors.auth.cryptor.BlockSize", e.getMessage()));</span> |
| <span class="nc" id="L111"> } catch (BadPaddingException e) {</span> |
| <span class="nc" id="L112"> logger.error("Bad Padding Exception in crypting the password", e);</span> |
| <span class="nc" id="L113"> throw new FatalErrorException(new ErrorMessage(</span> |
| <span class="nc" id="L114"> "errors.auth.cryptor.BadPadding", e.getMessage()));</span> |
| <span class="nc" id="L115"> } catch (Exception e) {</span> |
| <span class="nc" id="L116"> logger.error(e.getMessage(), e);</span> |
| <span class="nc" id="L117"> throw new FatalErrorException(new ErrorMessage(</span> |
| <span class="nc" id="L118"> "errors.auth.cryptor.BlockSize", e.getMessage()));</span> |
| } |
| } |
| /** |
| * @param userID |
| * @param credential |
| * @throws RegistryException |
| */ |
| private void preProcess(String userID, String credential) |
| throws AuthenticationException { |
| // a userID must be specified. |
| <span class="pc bpc" id="L129" title="1 of 2 branches missed."> if (userID == null) {</span> |
| <span class="nc" id="L130"> throw new UnknownUserException(new ErrorMessage(</span> |
| "errors.auth.InvalidUserId")); |
| } |
| // credential (password) must be specified. |
| <span class="pc bpc" id="L134" title="1 of 2 branches missed."> if (credential == null) {</span> |
| <span class="nc" id="L135"> throw new UnknownUserException(new ErrorMessage(</span> |
| "errors.auth.InvalidCredentials")); |
| } |
| <span class="fc" id="L138"> }</span> |
| /** |
| * @param userID |
| * @param encryptedCredential |
| * @return user id |
| * @throws AuthenticationException |
| */ |
| private String postProcess(String userID, String encryptedCredential) |
| throws AuthenticationException { |
| <span class="pc bpc" id="L147" title="1 of 2 branches missed."> if (userTable.containsKey(userID)) {</span> |
| <span class="fc" id="L148"> User user = (User) userTable.get(userID);</span> |
| <span class="pc bpc" id="L149" title="1 of 2 branches missed."> if ((user.getPassword() == null)</span> |
| <span class="fc bfc" id="L150" title="All 2 branches covered."> || (!encryptedCredential.equals(user.getPassword()))) {</span> |
| <span class="fc" id="L151"> throw new UnknownUserException(new ErrorMessage(</span> |
| "errors.auth.InvalidCredentials", userID)); |
| } |
| <span class="fc" id="L154"> } else {</span> |
| <span class="nc" id="L155"> throw new UnknownUserException(new ErrorMessage(</span> |
| "errors.auth.InvalidUserId", userID)); |
| } |
| <span class="fc" id="L158"> int MaxBindingsPerService = -1;</span> |
| <span class="fc" id="L159"> int MaxServicesPerBusiness = -1;</span> |
| <span class="fc" id="L160"> int MaxTmodels = -1;</span> |
| <span class="fc" id="L161"> int MaxBusinesses = -1;</span> |
| try { |
| <span class="fc" id="L163"> MaxBindingsPerService = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_BINDINGS_PER_SERVICE, -1);</span> |
| <span class="fc" id="L164"> MaxServicesPerBusiness = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_SERVICES_PER_BUSINESS, -1);</span> |
| <span class="fc" id="L165"> MaxTmodels = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_TMODELS_PER_PUBLISHER, -1);</span> |
| <span class="fc" id="L166"> MaxBusinesses = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_BUSINESSES_PER_PUBLISHER, -1);</span> |
| <span class="nc" id="L167"> } catch (Exception ex) {</span> |
| <span class="nc" id="L168"> MaxBindingsPerService = -1;</span> |
| <span class="nc" id="L169"> MaxServicesPerBusiness = -1;</span> |
| <span class="nc" id="L170"> MaxTmodels = -1;</span> |
| <span class="nc" id="L171"> MaxBusinesses = -1;</span> |
| <span class="nc" id="L172"> log.error("config exception! " + userID, ex);</span> |
| <span class="fc" id="L173"> }</span> |
| <span class="fc" id="L174"> EntityManager em = PersistenceManager.getEntityManager();</span> |
| <span class="fc" id="L175"> EntityTransaction tx = em.getTransaction();</span> |
| try { |
| <span class="fc" id="L177"> tx.begin();</span> |
| <span class="fc" id="L178"> Publisher publisher = em.find(Publisher.class, userID);</span> |
| <span class="pc bpc" id="L179" title="1 of 2 branches missed."> if (publisher == null) {</span> |
| <span class="fc" id="L180"> log.warn("Publisher \"" + userID + "\" was not found in the database, adding the publisher in on the fly.");</span> |
| <span class="fc" id="L181"> publisher = new Publisher();</span> |
| <span class="fc" id="L182"> publisher.setAuthorizedName(userID);</span> |
| <span class="fc" id="L183"> publisher.setIsAdmin("false");</span> |
| <span class="fc" id="L184"> publisher.setIsEnabled("true");</span> |
| <span class="fc" id="L185"> publisher.setMaxBindingsPerService(MaxBindingsPerService);</span> |
| <span class="fc" id="L186"> publisher.setMaxBusinesses(MaxBusinesses);</span> |
| <span class="fc" id="L187"> publisher.setMaxServicesPerBusiness(MaxServicesPerBusiness);</span> |
| <span class="fc" id="L188"> publisher.setMaxTmodels(MaxTmodels);</span> |
| <span class="fc" id="L189"> publisher.setPublisherName("Unknown");</span> |
| <span class="fc" id="L190"> em.persist(publisher);</span> |
| <span class="fc" id="L191"> tx.commit();</span> |
| } |
| } finally { |
| <span class="pc bpc" id="L194" title="3 of 4 branches missed."> if (tx.isActive()) {</span> |
| <span class="nc" id="L195"> tx.rollback();</span> |
| } |
| <span class="pc" id="L197"> em.close();</span> |
| <span class="fc" id="L198"> }</span> |
| <span class="fc" id="L199"> return userID;</span> |
| } |
| } |
| </pre><div class="footer"><span class="right">Created with <a href="http://www.jacoco.org/jacoco">JaCoCo</a> 0.7.9.201702052155</span></div></body></html> |