All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.jgroups.auth.MD5Token Maven / Gradle / Ivy

Go to download

This artifact provides a single jar that contains all classes required to use remote Jakarta Enterprise Beans and Jakarta Messaging, including all dependencies. It is intended for use by those not using maven, maven users should just import the Jakarta Enterprise Beans and Jakarta Messaging BOM's instead (shaded JAR's cause lots of problems with maven, as it is very easy to inadvertently end up with different versions on classes on the class path).

There is a newer version: 35.0.0.Final
Show newest version
package org.jgroups.auth;

import org.jgroups.Message;
import org.jgroups.annotations.Property;
import org.jgroups.util.Bits;
import org.jgroups.util.Util;

import java.io.DataInput;
import java.io.DataOutput;
import java.io.IOException;

/**
 * 

* This is an example of using a preshared token that is encrypted using an MD5/SHA hash for * authentication purposes. All members of the group have to have the same string value in the * JGroups config. *

*

* Configuration parameters for this example are shown below: *

*
    *
  • token_hash (required) = MD5(default)/SHA
  • *
  • auth_value (required) = the string to encrypt
  • *
* * @see org.jgroups.auth.AuthToken * @author Chris Mills * @deprecated Consult the manual for a description of why this token was deprecated */ @Deprecated() public class MD5Token extends AuthToken { @Property(exposeAsManagedAttribute=false) private String auth_value="password"; @Property(name = "token_hash") private String hash_type = "MD5"; private boolean hashed; public MD5Token() { // need an empty constructor } public MD5Token(String authvalue) { this.auth_value = hash(authvalue); } public MD5Token(String authvalue, String hash_type) { this.hash_type = hash_type; this.auth_value = hash(authvalue); } public String getHashType() { return hash_type; } public void setHashType(String hash_type) { this.hash_type = hash_type; } public String getAuthValue() { return auth_value; } public void setAuthValue(String auth_value) { this.auth_value = auth_value; } public void hashAndSetAuthValue(String authvalue) { this.auth_value = hash(authvalue); } public String getName() { return "org.jgroups.auth.MD5Token"; } public void init() throws Exception { super.init(); if(!hashed) { auth_value=hash(auth_value); hashed=true; } } /** * Called during setup to hash the auth_value string in to an MD5/SHA hash * * @param token * the string to hash * @return the hashed version of the string */ private String hash(String token) { // perform the hashing of the token key String hashedToken = null; if (hash_type.equalsIgnoreCase("SHA")) { hashedToken = Util.sha(token); } else { hashedToken = Util.md5(token); } if (hashedToken == null) { // failed to hash - sending the token in clear text // Note that this may be considered a security vulnerabiltiy if clear text passwords are forbidden. log.warn("Failed to hash token - sending in clear text"); return token; } return hashedToken; } public boolean authenticate(AuthToken token, Message msg) { if ((token instanceof MD5Token)) { // Found a valid Token to authenticate against MD5Token serverToken = (MD5Token) token; // Compare the hash values return (this.auth_value != null) && (serverToken.auth_value != null) && (this.auth_value.equalsIgnoreCase(serverToken.auth_value)); } log.warn("Invalid AuthToken instance - wrong type or null"); return false; } @Override public void writeTo(DataOutput out) throws IOException { Bits.writeString(this.auth_value,out); } @Override public void readFrom(DataInput in) throws IOException { this.auth_value = Bits.readString(in); } public int size() { return Util.size(this.auth_value); } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy