Java Code Examples for org.apache.tomcat.util.security.MD5Encoder#encode()
The following examples show how to use
org.apache.tomcat.util.security.MD5Encoder#encode() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: RealmBase.java From Tomcat8-Source-Read with MIT License | 6 votes |
/** * Return the digest associated with given principal's user name. * @param username the user name * @param realmName the realm name * @return the digest for the specified user */ protected String getDigest(String username, String realmName) { if (hasMessageDigest()) { // Use pre-generated digest return getPassword(username); } String digestValue = username + ":" + realmName + ":" + getPassword(username); byte[] valueBytes = null; try { valueBytes = digestValue.getBytes(getDigestCharset()); } catch (UnsupportedEncodingException uee) { log.error("Illegal digestEncoding: " + getDigestEncoding(), uee); throw new IllegalArgumentException(uee.getMessage()); } return MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(valueBytes)); }
Example 2
Source File: TestJNDIRealm.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
@Test public void testAuthenticateWithUserPasswordAndDigest() throws Exception { // GIVEN JNDIRealm realm = buildRealm(ha1(), "MD5"); realm.setUserPassword(USER_PASSWORD_ATTR); // WHEN String expectedResponse = MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" + HA2).getBytes())); Principal principal = realm.authenticate(USER, expectedResponse, NONCE, null, null, null, REALM, HA2); // THEN Assert.assertTrue(principal instanceof GenericPrincipal); Assert.assertEquals(ha1(), ((GenericPrincipal)principal).getPassword()); }
Example 3
Source File: TestJNDIRealm.java From tomcatsrc with Apache License 2.0 | 6 votes |
@Test public void testAuthenticateWithUserPasswordAndDigest() throws Exception { // GIVEN JNDIRealm realm = buildRealm(ha1(), "MD5"); realm.setUserPassword(USER_PASSWORD_ATTR); // WHEN String expectedResponse = MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" + HA2).getBytes())); Principal principal = realm.authenticate(USER, expectedResponse, NONCE, null, null, null, REALM, HA2); // THEN Assert.assertTrue(principal instanceof GenericPrincipal); Assert.assertEquals(ha1(), ((GenericPrincipal)principal).getPassword()); }
Example 4
Source File: TestJNDIRealm.java From Tomcat8-Source-Read with MIT License | 6 votes |
@Test public void testAuthenticateWithUserPasswordAndCredentialHandler() throws Exception { // GIVEN JNDIRealm realm = buildRealm(ha1()); realm.setCredentialHandler(buildCredentialHandler()); realm.setUserPassword(USER_PASSWORD_ATTR); // WHEN String expectedResponse = MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" + HA2).getBytes())); Principal principal = realm.authenticate(USER, expectedResponse, NONCE, null, null, null, REALM, HA2); // THEN Assert.assertTrue(principal instanceof GenericPrincipal); Assert.assertEquals(ha1(), ((GenericPrincipal)principal).getPassword()); }
Example 5
Source File: TestJNDIRealm.java From Tomcat8-Source-Read with MIT License | 6 votes |
@Test public void testAuthenticateWithUserPassword() throws Exception { // GIVEN JNDIRealm realm = buildRealm(PASSWORD); realm.setUserPassword(USER_PASSWORD_ATTR); // WHEN String expectedResponse = MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" + HA2).getBytes())); Principal principal = realm.authenticate(USER, expectedResponse, NONCE, null, null, null, REALM, HA2); // THEN Assert.assertTrue(principal instanceof GenericPrincipal); Assert.assertEquals(PASSWORD, ((GenericPrincipal)principal).getPassword()); }
Example 6
Source File: TestJNDIRealm.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
@Test public void testAuthenticateWithoutUserPassword() throws Exception { // GIVEN JNDIRealm realm = buildRealm(PASSWORD, null); // WHEN String expectedResponse = MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" + HA2).getBytes())); Principal principal = realm.authenticate(USER, expectedResponse, NONCE, null, null, null, REALM, HA2); // THEN Assert.assertNull(principal); }
Example 7
Source File: DigestAuthenticator.java From tomcatsrc with Apache License 2.0 | 5 votes |
/** * Generate a unique token. The token is generated according to the * following pattern. NOnceToken = Base64 ( MD5 ( client-IP ":" * time-stamp ":" private-key ) ). * * @param request HTTP Servlet request */ protected String generateNonce(Request request) { long currentTime = System.currentTimeMillis(); synchronized (lastTimestampLock) { if (currentTime > lastTimestamp) { lastTimestamp = currentTime; } else { currentTime = ++lastTimestamp; } } String ipTimeKey = request.getRemoteAddr() + ":" + currentTime + ":" + getKey(); byte[] buffer = ConcurrentMessageDigest.digestMD5( ipTimeKey.getBytes(B2CConverter.ISO_8859_1)); String nonce = currentTime + ":" + MD5Encoder.encode(buffer); NonceInfo info = new NonceInfo(currentTime, getNonceCountWindowSize()); synchronized (nonces) { nonces.put(nonce, info); } return nonce; }
Example 8
Source File: TesterDigestAuthenticatorPerformance.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
private String buildDigestResponse(String nonce) { String ncString = String.format("%1$08x", Integer.valueOf(nonceCount.incrementAndGet())); String cnonce = "cnonce"; String response = MD5A1 + ":" + nonce + ":" + ncString + ":" + cnonce + ":" + QOP + ":" + MD5A2; String md5response = MD5Encoder.encode( ConcurrentMessageDigest.digest("MD5", response.getBytes())); StringBuilder auth = new StringBuilder(); auth.append("Digest username=\""); auth.append(USER); auth.append("\", realm=\""); auth.append(REALM); auth.append("\", nonce=\""); auth.append(nonce); auth.append("\", uri=\""); auth.append(CONTEXT_PATH + URI); auth.append("\", opaque=\""); auth.append(authenticator.getOpaque()); auth.append("\", response=\""); auth.append(md5response); auth.append("\""); auth.append(", qop="); auth.append(QOP); auth.append(", nc="); auth.append(ncString); auth.append(", cnonce=\""); auth.append(cnonce); auth.append("\""); return auth.toString(); }
Example 9
Source File: TestJNDIRealm.java From tomcatsrc with Apache License 2.0 | 5 votes |
@Test public void testAuthenticateWithoutUserPassword() throws Exception { // GIVEN JNDIRealm realm = buildRealm(PASSWORD, null); // WHEN String expectedResponse = MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" + HA2).getBytes())); Principal principal = realm.authenticate(USER, expectedResponse, NONCE, null, null, null, REALM, HA2); // THEN Assert.assertNull(principal); }
Example 10
Source File: DigestAuthenticator.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
public Principal authenticate(Realm realm) { // Second MD5 digest used to calculate the digest : // MD5(Method + ":" + uri) String a2 = method + ":" + uri; byte[] buffer = ConcurrentMessageDigest.digestMD5( a2.getBytes(B2CConverter.ISO_8859_1)); String md5a2 = MD5Encoder.encode(buffer); return realm.authenticate(userName, response, nonce, nc, cnonce, qop, realmName, md5a2); }
Example 11
Source File: TestJNDIRealm.java From Tomcat8-Source-Read with MIT License | 5 votes |
@Test public void testAuthenticateWithoutUserPassword() throws Exception { // GIVEN JNDIRealm realm = buildRealm(PASSWORD); // WHEN String expectedResponse = MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" + HA2).getBytes())); Principal principal = realm.authenticate(USER, expectedResponse, NONCE, null, null, null, REALM, HA2); // THEN Assert.assertNull(principal); }
Example 12
Source File: DigestAuthenticator.java From tomcatsrc with Apache License 2.0 | 5 votes |
public Principal authenticate(Realm realm) { // Second MD5 digest used to calculate the digest : // MD5(Method + ":" + uri) String a2 = method + ":" + uri; byte[] buffer = ConcurrentMessageDigest.digestMD5( a2.getBytes(B2CConverter.ISO_8859_1)); String md5a2 = MD5Encoder.encode(buffer); return realm.authenticate(userName, response, nonce, nc, cnonce, qop, realmName, md5a2); }
Example 13
Source File: DigestAuthenticator.java From Tomcat8-Source-Read with MIT License | 5 votes |
private String encodeMD5(String value) throws NoSuchAlgorithmException { byte[] bytesOfMessage = value.getBytes(StandardCharsets.ISO_8859_1); MessageDigest md = MessageDigest.getInstance("MD5"); byte[] thedigest = md.digest(bytesOfMessage); return MD5Encoder.encode(thedigest); }
Example 14
Source File: DigestAuthenticator.java From Tomcat8-Source-Read with MIT License | 5 votes |
public Principal authenticate(Realm realm) { // Second MD5 digest used to calculate the digest : // MD5(Method + ":" + uri) String a2 = method + ":" + uri; byte[] buffer = ConcurrentMessageDigest.digestMD5( a2.getBytes(StandardCharsets.ISO_8859_1)); String md5a2 = MD5Encoder.encode(buffer); return realm.authenticate(userName, response, nonce, nc, cnonce, qop, realmName, md5a2); }
Example 15
Source File: TestDigestAuthenticator.java From Tomcat8-Source-Read with MIT License | 4 votes |
private static String digest(String input) { return MD5Encoder.encode( ConcurrentMessageDigest.digestMD5(input.getBytes())); }
Example 16
Source File: TestJNDIRealm.java From tomcatsrc with Apache License 2.0 | 4 votes |
private String ha1() { String a1 = USER + ":" + REALM + ":" + PASSWORD; return MD5Encoder.encode(md5Helper.digest(a1.getBytes())); }
Example 17
Source File: RealmBase.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
/** * Return the Principal associated with the specified username, which * matches the digest calculated using the given parameters using the * method described in RFC 2069; otherwise return <code>null</code>. * * @param username Username of the Principal to look up * @param clientDigest Digest which has been submitted by the client * @param nonce Unique (or supposedly unique) token which has been used * for this request * @param realm Realm name * @param md5a2 Second MD5 digest used to calculate the digest : * MD5(Method + ":" + uri) */ @Override public Principal authenticate(String username, String clientDigest, String nonce, String nc, String cnonce, String qop, String realm, String md5a2) { // In digest auth, digests are always lower case String md5a1 = getDigest(username, realm); if (md5a1 == null) return null; md5a1 = md5a1.toLowerCase(Locale.ENGLISH); String serverDigestValue; if (qop == null) { serverDigestValue = md5a1 + ":" + nonce + ":" + md5a2; } else { serverDigestValue = md5a1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + md5a2; } byte[] valueBytes = null; try { valueBytes = serverDigestValue.getBytes(getDigestCharset()); } catch (UnsupportedEncodingException uee) { log.error("Illegal digestEncoding: " + getDigestEncoding(), uee); throw new IllegalArgumentException(uee.getMessage()); } String serverDigest = null; // Bugzilla 32137 synchronized(md5Helper) { serverDigest = MD5Encoder.encode(md5Helper.digest(valueBytes)); } if (log.isDebugEnabled()) { log.debug("Digest : " + clientDigest + " Username:" + username + " ClientSigest:" + clientDigest + " nonce:" + nonce + " nc:" + nc + " cnonce:" + cnonce + " qop:" + qop + " realm:" + realm + "md5a2:" + md5a2 + " Server digest:" + serverDigest); } if (serverDigest.equals(clientDigest)) { return getPrincipal(username); } return null; }
Example 18
Source File: TestSSOnonLoginAndDigestAuthenticator.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
private static String digest(String input) { return MD5Encoder.encode( ConcurrentMessageDigest.digestMD5(input.getBytes())); }
Example 19
Source File: RealmBase.java From Tomcat8-Source-Read with MIT License | 4 votes |
/** * Try to authenticate with the specified username, which * matches the digest calculated using the given parameters using the * method described in RFC 2617 (which is a superset of RFC 2069). * * @param username Username of the Principal to look up * @param clientDigest Digest which has been submitted by the client * @param nonce Unique (or supposedly unique) token which has been used * for this request * @param nc the nonce counter * @param cnonce the client chosen nonce * @param qop the "quality of protection" (<code>nc</code> and <code>cnonce</code> * will only be used, if <code>qop</code> is not <code>null</code>). * @param realm Realm name * @param md5a2 Second MD5 digest used to calculate the digest : * MD5(Method + ":" + uri) * @return the associated principal, or <code>null</code> if there is none. */ @Override public Principal authenticate(String username, String clientDigest, String nonce, String nc, String cnonce, String qop, String realm, String md5a2) { // In digest auth, digests are always lower case String md5a1 = getDigest(username, realm); if (md5a1 == null) return null; md5a1 = md5a1.toLowerCase(Locale.ENGLISH); String serverDigestValue; if (qop == null) { serverDigestValue = md5a1 + ":" + nonce + ":" + md5a2; } else { serverDigestValue = md5a1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + md5a2; } byte[] valueBytes = null; try { valueBytes = serverDigestValue.getBytes(getDigestCharset()); } catch (UnsupportedEncodingException uee) { log.error("Illegal digestEncoding: " + getDigestEncoding(), uee); throw new IllegalArgumentException(uee.getMessage()); } String serverDigest = MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(valueBytes)); if (log.isDebugEnabled()) { log.debug("Digest : " + clientDigest + " Username:" + username + " ClientDigest:" + clientDigest + " nonce:" + nonce + " nc:" + nc + " cnonce:" + cnonce + " qop:" + qop + " realm:" + realm + "md5a2:" + md5a2 + " Server digest:" + serverDigest); } if (serverDigest.equals(clientDigest)) { return getPrincipal(username); } return null; }
Example 20
Source File: TestDigestAuthenticator.java From tomcatsrc with Apache License 2.0 | 4 votes |
private static String digest(String input) { return MD5Encoder.encode( ConcurrentMessageDigest.digestMD5(input.getBytes())); }