cvs commit: jakarta-james/proposals/v1.3/java/org/apache/james/userrepository DefaultUser.java

Wed, 23 May 2001 02:00:31 -0700 

charlesb    01/05/23 02:21:35

  Modified:    proposals/v1.3/java/org/apache/james/userrepository
                        DefaultUser.java
  Log:
  Hash passwords
  
  Revision  Changes    Path
  1.2       +26 -6     
jakarta-james/proposals/v1.3/java/org/apache/james/userrepository/DefaultUser.java
  
  Index: DefaultUser.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-james/proposals/v1.3/java/org/apache/james/userrepository/DefaultUser.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- DefaultUser.java  2001/05/16 14:00:35     1.1
  +++ DefaultUser.java  2001/05/23 09:21:32     1.2
  @@ -8,6 +8,9 @@
   package org.apache.james.userrepository;
   
   import java.io.Serializable;
  +import java.security.MessageDigest;
  +import java.security.NoSuchAlgorithmException;
  +import java.util.Arrays;
   import org.apache.james.services.User;
   
   /**
  @@ -16,18 +19,18 @@
    *
    * @author Charles Benett <[EMAIL PROTECTED]>
    *
  - * Last changed by: $Author: charlesb $ on $Date: 2001/05/16 14:00:35 $
  - * $Revision: 1.1 $
  + * Last changed by: $Author: charlesb $ on $Date: 2001/05/23 09:21:32 $
  + * $Revision: 1.2 $
    */
   
   public class DefaultUser implements User, Serializable {
   
       private String userName;
  -    private String password;
  +    private byte[] hashedPassword;
   
       public DefaultUser(String name, String pass) {
        userName = name;
  -     password = pass;
  +     hashedPassword = hashString(pass);
       }
   
       public String getUserName() {
  @@ -35,7 +38,8 @@
       }
   
       public boolean verifyPassword(String pass) {
  -     return pass.equals(password);
  +     byte[] hashGuess = hashString(pass);
  +     return Arrays.equals(hashedPassword, hashGuess);
       }
   
       protected boolean setPass(String newPass) {
  @@ -44,9 +48,25 @@
        if (rtClass.equals("org.apache.james.userrepository.DefaultUser")) {
            throw new RuntimeException("Attempt to call setPassword in DefaultUSer");
        } else {
  -         password = newPass;
  +         hashedPassword = hashString(newPass);
            return true;
        }
       }
  +
  +    protected byte[] getHashedPassword() {
  +     return hashedPassword;
  +    }
  +
  +    private static byte[] hashString(String pass) {
  +     MessageDigest sha;
  +        try {
  +             sha = MessageDigest.getInstance("SHA");
  +     } catch (NoSuchAlgorithmException e) {
  +         throw new RuntimeException("Can't hash passwords!" + e);
  +     }
  +     sha.update(pass.getBytes());
  +     return sha.digest();
  +    }
  +
   
   }
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to