This is an automated email from the ASF dual-hosted git repository. radcortez pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomee.git
commit fe8e59ed47688268cb90373cfca9f79be393c842 Author: Roberto Cortez <radcor...@yahoo.com> AuthorDate: Thu Jan 17 12:29:48 2019 +0000 TOMEE-2365 - Added API for DatabaseIdentityStore. --- .../DatabaseIdentityStoreDefinition.java | 51 ++++++++++++++++++++++ .../enterprise/identitystore/PasswordHash.java | 27 ++++++++++++ .../identitystore/Pbkdf2PasswordHash.java | 19 ++++++++ 3 files changed, 97 insertions(+) diff --git a/tomee/tomee-security/src/main/java/javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.java b/tomee/tomee-security/src/main/java/javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.java new file mode 100644 index 0000000..2f3faa6 --- /dev/null +++ b/tomee/tomee-security/src/main/java/javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.java @@ -0,0 +1,51 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package javax.security.enterprise.identitystore; + +import javax.security.enterprise.identitystore.IdentityStore.ValidationType; +import java.lang.annotation.Retention; +import java.lang.annotation.Target; + +import static java.lang.annotation.ElementType.TYPE; +import static java.lang.annotation.RetentionPolicy.RUNTIME; +import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.PROVIDE_GROUPS; +import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.VALIDATE; + +@Retention(RUNTIME) +@Target(TYPE) +public @interface DatabaseIdentityStoreDefinition { + String dataSourceLookup() default "java:comp/DefaultDataSource"; + + String callerQuery() default ""; + + String groupsQuery() default ""; + + Class<? extends PasswordHash> hashAlgorithm() default Pbkdf2PasswordHash.class; + + String[] hashAlgorithmParameters() default {}; + + int priority() default 70; + + String priorityExpression() default ""; + + ValidationType[] useFor() default { + VALIDATE, + PROVIDE_GROUPS + }; + + String useForExpression() default ""; +} diff --git a/tomee/tomee-security/src/main/java/javax/security/enterprise/identitystore/PasswordHash.java b/tomee/tomee-security/src/main/java/javax/security/enterprise/identitystore/PasswordHash.java new file mode 100644 index 0000000..8bd5bdf --- /dev/null +++ b/tomee/tomee-security/src/main/java/javax/security/enterprise/identitystore/PasswordHash.java @@ -0,0 +1,27 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package javax.security.enterprise.identitystore; + +import java.util.Map; + +public interface PasswordHash { + default void initialize(Map<String, String> parameters) {} + + String generate(char[] password); + + boolean verify(char[] password, String hashedPassword); +} diff --git a/tomee/tomee-security/src/main/java/javax/security/enterprise/identitystore/Pbkdf2PasswordHash.java b/tomee/tomee-security/src/main/java/javax/security/enterprise/identitystore/Pbkdf2PasswordHash.java new file mode 100644 index 0000000..9ed286f --- /dev/null +++ b/tomee/tomee-security/src/main/java/javax/security/enterprise/identitystore/Pbkdf2PasswordHash.java @@ -0,0 +1,19 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package javax.security.enterprise.identitystore; + +public interface Pbkdf2PasswordHash extends PasswordHash {}