Author: markt Date: Mon Sep 14 11:50:21 2015 New Revision: 1702913 URL: http://svn.apache.org/r1702913 Log: Remove some of the deprecated code
Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1702913&r1=1702912&r2=1702913&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original) +++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Mon Sep 14 11:50:21 2015 @@ -28,7 +28,6 @@ import java.security.NoSuchAlgorithmExce import java.security.Principal; import java.security.cert.X509Certificate; import java.util.ArrayList; -import java.util.Arrays; import java.util.List; import java.util.Locale; @@ -54,7 +53,6 @@ import org.apache.juli.logging.LogFactor import org.apache.tomcat.util.IntrospectionUtils; import org.apache.tomcat.util.buf.B2CConverter; import org.apache.tomcat.util.buf.HexUtils; -import org.apache.tomcat.util.codec.binary.Base64; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.apache.tomcat.util.res.StringManager; @@ -126,24 +124,6 @@ public abstract class RealmBase extends /** - * The MessageDigest object for digesting user credentials (passwords). - * - * @deprecated Unused. Will be removed in Tomcat 9.0.x onwards. - */ - @Deprecated - protected volatile MessageDigest md = null; - - - /** - * MD5 message digest provider. - * - * @deprecated Unused. Will be removed in Tomcat 9.0.x onwards. - */ - @Deprecated - protected static volatile MessageDigest md5Helper; - - - /** * The string manager for this package. */ protected static final StringManager sm = @@ -606,69 +586,6 @@ public abstract class RealmBase extends /** - * @deprecated Unused. Will be removed in Tomcat 9.0.x onwards. - */ - @Deprecated - protected boolean compareCredentials(String userCredentials, - String serverCredentials) { - - if (serverCredentials == null) { - return false; - } - - if (hasMessageDigest()) { - // Some directories and databases prefix the password with the hash - // type. The string is in a format compatible with Base64.encode not - // the normal hex encoding of the digest - if (serverCredentials.startsWith("{MD5}") || - serverCredentials.startsWith("{SHA}")) { - // Server is storing digested passwords with a prefix indicating - // the digest type - String serverDigest = serverCredentials.substring(5); - String userDigest = Base64.encodeBase64String(ConcurrentMessageDigest.digest( - getDigest(), userCredentials.getBytes(StandardCharsets.ISO_8859_1))); - return userDigest.equals(serverDigest); - - } else if (serverCredentials.startsWith("{SSHA}")) { - // Server is storing digested passwords with a prefix indicating - // the digest type and the salt used when creating that digest - - String serverDigestPlusSalt = serverCredentials.substring(6); - - // Need to convert the salt to bytes to apply it to the user's - // digested password. - byte[] serverDigestPlusSaltBytes = - Base64.decodeBase64(serverDigestPlusSalt); - final int saltPos = 20; - byte[] serverDigestBytes = new byte[saltPos]; - System.arraycopy(serverDigestPlusSaltBytes, 0, - serverDigestBytes, 0, saltPos); - final int saltLength = serverDigestPlusSaltBytes.length - saltPos; - byte[] serverSaltBytes = new byte[saltLength]; - System.arraycopy(serverDigestPlusSaltBytes, saltPos, - serverSaltBytes, 0, saltLength); - - // Generate the digested form of the user provided password - // using the salt - byte[] userDigestBytes = ConcurrentMessageDigest.digest(getDigest(), - userCredentials.getBytes(StandardCharsets.ISO_8859_1), - serverSaltBytes); - - return Arrays.equals(userDigestBytes, serverDigestBytes); - - } else { - // Hex hashes should be compared case-insensitively - String userDigest = digest(userCredentials); - return serverCredentials.equalsIgnoreCase(userDigest); - } - } else { - // No digests, compare directly - return serverCredentials.equals(userCredentials); - } - } - - - /** * Execute a periodic task, such as reloading, etc. This method will be * invoked inside the classloading context of this container. Unexpected * throwables will be caught and logged. @@ -1227,19 +1144,6 @@ public abstract class RealmBase extends */ @Override protected void startInternal() throws LifecycleException { - - // Create a MessageDigest instance for credentials, if desired - if (getDigest() != null) { - try { - md = MessageDigest.getInstance(getDigest()); - ConcurrentMessageDigest.init(getDigest()); - } catch (NoSuchAlgorithmException e) { - throw new LifecycleException - (sm.getString("realmBase.algorithm", getDigest()), e); - } - - } - if (credentialHandler == null) { credentialHandler = new MessageDigestCredentialHandler(); } @@ -1258,11 +1162,7 @@ public abstract class RealmBase extends */ @Override protected void stopInternal() throws LifecycleException { - setState(LifecycleState.STOPPING); - - // Clean up allocated resources - md = null; } --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org