bgooren wrote:
>
> So I had a quick look at the source code of WebRequestCodingStrategy, and
> I think it should be possible to create a solution for your problem quite
> easily:
>
Thanks to your idea, I played around with WebRequestCodingStrategy and below
is what I came up with.
It uses jasypt, but feel free to replace it with whatever you like more.
package crypt.wicket;
import java.util.Iterator;
import java.util.Map;
import java.util.Map.Entry;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.wicket.Request;
import org.apache.wicket.RequestCycle;
import org.apache.wicket.protocol.http.request.WebRequestCodingStrategy;
import org.apache.wicket.request.RequestParameters;
import
org.apache.wicket.request.target.resource.ISharedResourceRequestTarget;
import org.apache.wicket.util.string.AppendingStringBuffer;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import org.jasypt.salt.ZeroSaltGenerator;
/**
* Version of standard {...@link WebRequestCodingStrategy} that encrypts FQNs
* (full qualified names of classes) in resource references.
*
* @author Sergey Olefir
*/
public class CryptWebRequestCodingStrategy extends WebRequestCodingStrategy
{
/**
* Prefix for encrypted FQNs.
*/
public static final String ENCRYPTED_FQN_PREFIX = "---";
/**
* Map of unencrypted -> encrypted strings.
*/
protected static final Map<String, String> toEncryptedMap = new
ConcurrentHashMap<String, String>();
/**
* Map of encrypted -> unencrypted strings.
*/
protected static final Map<String, String> toUnencryptedMap = new
ConcurrentHashMap<String, String>();
/**
* Encrypted used to encrypt FQNs.
*/
private static final StandardPBEStringEncryptor encryptor;
static
{
encryptor = new StandardPBEStringEncryptor();
encryptor.setAlgorithm("PBEWithMD5AndDES");
encryptor.setSaltGenerator(new ZeroSaltGenerator()); // Need to use
zero salt so that URLs are stable.
encryptor.setStringOutputType("hexadecimal"); // To avoid slashes in
the result (base64 can produce slashes).
encryptor.setPassword("<your password here>");
}
/* (non-Javadoc)
* @see
org.apache.wicket.protocol.http.request.WebRequestCodingStrategy#addResourceParameters(org.apache.wicket.Request,
org.apache.wicket.request.RequestParameters)
*/
@Override
protected void addResourceParameters(Request request,
RequestParameters parameters)
{
String pathInfo = request.getPath();
if (pathInfo != null && pathInfo.startsWith(RESOURCES_PATH_PREFIX))
{
int ix = RESOURCES_PATH_PREFIX.length();
if (pathInfo.length() > ix)
{
StringBuffer path = new
StringBuffer(pathInfo.substring(ix));
int ixSemiColon = path.indexOf(";");
// strip off any jsession id
if (ixSemiColon != -1)
{
int ixEnd = path.indexOf("?");
if (ixEnd == -1)
{
ixEnd = path.length();
}
path.delete(ixSemiColon, ixEnd);
}
// Check if we need to decrypt FQN.
String pathString = path.toString();
if (pathString.startsWith(ENCRYPTED_FQN_PREFIX))
{
if (pathString.length() > ENCRYPTED_FQN_PREFIX.length())
{
// Need to decrypt.
pathString =
pathString.substring(ENCRYPTED_FQN_PREFIX.length());
String head;
String tail;
int slash = pathString.indexOf('/');
if (slash < 0)
{
head = pathString;
tail = "";
}
else if (slash == 0)
{
head = "";
tail = pathString;
}
else
{
head = pathString.substring(0, slash);
tail = pathString.substring(slash);
}
// Do decrypt.
pathString = decrypt(head) + tail;
}
}
parameters.setResourceKey(pathString);
}
}
}
/* (non-Javadoc)
* @see
org.apache.wicket.protocol.http.request.WebRequestCodingStrategy#encode(org.apache.wicket.RequestCycle,
org.apache.wicket.request.target.resource.ISharedResourceRequestTarget)
*/
@SuppressWarnings("unchecked")
@Override
protected CharSequence encode(RequestCycle requestCycle,
ISharedResourceRequestTarget requestTarget)
{
final String sharedResourceKey = requestTarget.getResourceKey();
if ((sharedResourceKey == null) ||
(sharedResourceKey.trim().length() == 0))
{
return "";
}
else
{
final AppendingStringBuffer buffer = new AppendingStringBuffer(
sharedResourceKey.length() * 3); // Guesstimate as to how
big encrypted string will be
buffer.append(RESOURCES_PATH_PREFIX);
// Split resource key and determine whether we need to encrypt
it (whether it has FQN).
String head;
String tail;
int slash = sharedResourceKey.indexOf('/');
if (slash < 0)
{
head = sharedResourceKey;
tail = "";
}
else if (slash == 0)
{
head = "";
tail = sharedResourceKey;
}
else
{
head = sharedResourceKey.substring(0, slash);
tail = sharedResourceKey.substring(slash);
}
// Check if head looks like FQN.
if (head.indexOf('.') >= 0)
{
// Think it's FQN...
buffer.append(ENCRYPTED_FQN_PREFIX);
buffer.append(encrypt(head));
}
else
{
// Non-FQN
buffer.append(head);
}
// Write out the tail.
buffer.append(tail);
Map map = requestTarget.getRequestParameters().getParameters();
if (map != null && map.size() > 0)
{
buffer.append('?');
Iterator<Entry<String, String[]>> it =
map.entrySet().iterator();
while (it.hasNext())
{
Map.Entry<String, String[]> entry = it.next();
buffer.append(entry.getKey());
buffer.append('=');
buffer.append(entry.getValue());
if (it.hasNext())
{
buffer.append('&');
}
}
}
return buffer;
}
}
/**
* Encrypts string.
*/
public static String encrypt(String str)
{
String encrypted = toEncryptedMap.get(str);
if (encrypted != null)
return encrypted;
encrypted = encryptor.encrypt(str);
toEncryptedMap.put(str, encrypted);
toUnencryptedMap.put(encrypted, str);
return encrypted;
}
/**
* Decrypts string.
*/
public static String decrypt(String encrypted)
{
String str = toUnencryptedMap.get(encrypted);
if (str != null)
return str;
str = encryptor.decrypt(encrypted);
toEncryptedMap.put(str, encrypted);
toUnencryptedMap.put(encrypted, str);
return str;
}
}
--
View this message in context:
http://old.nabble.com/How-to-encrypt-obfuscate-resource-reference--tp27744679p27757761.html
Sent from the Wicket - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
