moving out MD5 authenticator to plugins/user-authenticators
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/eb5e02e4 Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/eb5e02e4 Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/eb5e02e4 Branch: refs/heads/master Commit: eb5e02e4e1fde8f196dd0a27aa33def590df2dd8 Parents: 4e9a971 Author: Murali reddy <[email protected]> Authored: Tue Jun 26 14:18:42 2012 -0700 Committer: Murali reddy <[email protected]> Committed: Tue Jun 26 14:18:42 2012 -0700 ---------------------------------------------------------------------- build/build-cloud-plugins.xml | 8 +- plugins/user-authenticators/md5/.classpath | 10 + plugins/user-authenticators/md5/.project | 17 ++ plugins/user-authenticators/md5/build.xml | 128 +++++++++++++++ .../cloud/server/auth/MD5UserAuthenticator.java | 88 ++++++++++ .../cloud/server/auth/MD5UserAuthenticator.java | 88 ---------- 6 files changed, 249 insertions(+), 90 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/eb5e02e4/build/build-cloud-plugins.xml ---------------------------------------------------------------------- diff --git a/build/build-cloud-plugins.xml b/build/build-cloud-plugins.xml index a21a4c3..fad4090 100755 --- a/build/build-cloud-plugins.xml +++ b/build/build-cloud-plugins.xml @@ -236,14 +236,18 @@ <!-- ===================== User Authenticators ================== --> - <target name="compile-user-authenticators" depends="compile-user-authenticator-ldap" description="Compile all user authenicators"/> - <target name="build-user-authenticators" depends="build-user-authenticator-ldap" description="builds all user authenticators"/> + <target name="compile-user-authenticators" depends="compile-user-authenticator-ldap, compile-user-authenticator-md5" description="Compile all user authenicators"/> + <target name="build-user-authenticators" depends="build-user-authenticator-ldap, build-user-authenticator-md5" description="builds all user authenticators"/> <target name="compile-user-authenticator-ldap" depends="-init, compile-server" description="Compile "> <ant antfile="${base.dir}/plugins/user-authenticators/ldap/build.xml" target="build"/> </target> <target name="build-user-authenticator-ldap" depends="compile-user-authenticator-ldap" /> + <target name="compile-user-authenticator-md5" depends="-init, compile-server" description="Compile "> + <ant antfile="${base.dir}/plugins/user-authenticators/md5/build.xml" target="build"/> + </target> + <target name="build-user-authenticator-md5" depends="compile-user-authenticator-md5" /> <!-- ===================== Network Elements ===================== --> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/eb5e02e4/plugins/user-authenticators/md5/.classpath ---------------------------------------------------------------------- diff --git a/plugins/user-authenticators/md5/.classpath b/plugins/user-authenticators/md5/.classpath new file mode 100755 index 0000000..e39771a --- /dev/null +++ b/plugins/user-authenticators/md5/.classpath @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<classpath> + <classpathentry kind="src" path="src"/> + <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/> + <classpathentry combineaccessrules="false" kind="src" path="/api"/> + <classpathentry combineaccessrules="false" kind="src" path="/core"/> + <classpathentry combineaccessrules="false" kind="src" path="/server"/> + <classpathentry combineaccessrules="false" kind="src" path="/utils"/> + <classpathentry kind="output" path="bin"/> +</classpath> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/eb5e02e4/plugins/user-authenticators/md5/.project ---------------------------------------------------------------------- diff --git a/plugins/user-authenticators/md5/.project b/plugins/user-authenticators/md5/.project new file mode 100755 index 0000000..2565593 --- /dev/null +++ b/plugins/user-authenticators/md5/.project @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<projectDescription> + <name>md5-user-authenticator</name> + <comment></comment> + <projects> + </projects> + <buildSpec> + <buildCommand> + <name>org.eclipse.jdt.core.javabuilder</name> + <arguments> + </arguments> + </buildCommand> + </buildSpec> + <natures> + <nature>org.eclipse.jdt.core.javanature</nature> + </natures> +</projectDescription> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/eb5e02e4/plugins/user-authenticators/md5/build.xml ---------------------------------------------------------------------- diff --git a/plugins/user-authenticators/md5/build.xml b/plugins/user-authenticators/md5/build.xml new file mode 100755 index 0000000..eee2fc7 --- /dev/null +++ b/plugins/user-authenticators/md5/build.xml @@ -0,0 +1,128 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> + + +<project name="Cloud Stack LDAP User Authenticator" default="help" basedir="."> + <description> + Cloud Stack ant build file + </description> + + <dirname property="user-authenticator-md5.base.dir" file="${ant.file.Cloud Stack LDAP User Authenticator}/"/> + <!-- This directory must be set --> + <property name="top.dir" location="${user-authenticator-md5.base.dir}/../../.."/> + <property name="build.dir" location="${top.dir}/build"/> + + <echo message="build.dir=${build.dir}; top.dir=${top.dir}; user-authenticator-md5.base.dir=${user-authenticator-md5.base.dir}"/> + + <!-- Import anything that the user wants to set--> + <!-- Import properties files and environment variables here --> + + <property environment="env" /> + + <condition property="build-cloud.properties.file" value="${build.dir}/override/build-cloud.properties" else="${build.dir}/build-cloud.properties"> + <available file="${build.dir}/override/build-cloud.properties" /> + </condition> + + <condition property="cloud.properties.file" value="${build.dir}/override/cloud.properties" else="${build.dir}/cloud.properties"> + <available file="${build.dir}/override/cloud.properties" /> + </condition> + + <condition property="override.file" value="${build.dir}/override/replace.properties" else="${build.dir}/replace.properties"> + <available file="${build.dir}/override/replace.properties" /> + </condition> + + <echo message="Using build parameters from ${build-cloud.properties.file}" /> + <property file="${build-cloud.properties.file}" /> + + <echo message="Using company info from ${cloud.properties.file}" /> + <property file="${cloud.properties.file}" /> + + <echo message="Using override file from ${override.file}" /> + <property file="${override.file}" /> + + <property file="${build.dir}/build.number" /> + + <!-- In case these didn't get defined in the build-cloud.properties --> + <property name="branding.name" value="default" /> + <property name="deprecation" value="off" /> + <property name="target.compat.version" value="1.6" /> + <property name="source.compat.version" value="1.6" /> + <property name="debug" value="true" /> + <property name="debuglevel" value="lines,source"/> + + <echo message="target.dir=${target.dir}; top.dir=${top.dir}"/> + <!-- directories for build and distribution --> + <property name="target.dir" location="${top.dir}/target" /> + <property name="classes.dir" location="${target.dir}/classes" /> + <property name="jar.dir" location="${target.dir}/jar" /> + <property name="dep.cache.dir" location="${target.dir}/dep-cache" /> + <property name="build.log" location="${target.dir}/ant_verbose.txt" /> + + <property name="deps.dir" location="${top.dir}/deps" /> + + <property name="user-authenticator-md5.jar" value="cloud-user-authenticator-md5.jar" /> + <property name="user-authenticator-md5-scripts.dir" location="${user-authenticator-md5.base.dir}/scripts" /> + + <import file="${build.dir}/build-common.xml"/> + + <echo message="target.dir=${target.dir}; top.dir=${top.dir}"/> + + <!-- This section needs to be replaced by some kind of dependency library--> + <path id="deps.classpath"> + <!--filelist files="${deps.classpath}" /--> + <fileset dir="${deps.dir}" erroronmissingdir="false"> + <include name="*.jar" /> + </fileset> + </path> + + <path id="cloudstack.classpath"> + <fileset dir="${jar.dir}"> + <include name="*.jar"/> + </fileset> + </path> + + <path id="user-authenticator-md5.classpath"> + <path refid="deps.classpath"/> + <path refid="cloudstack.classpath"/> + </path> + + <!-- This section needs to be replaced by some kind of dependency library--> + + + <target name="init" description="Initialize binaries directory"> + <mkdir dir="${classes.dir}/${user-authenticator-md5.jar}"/> + <mkdir dir="${jar.dir}"/> + </target> + + <target name="compile-user-authenticator-md5" depends="init" description="Compile user-authenticator-md5"> + <compile-java jar.name="${user-authenticator-md5.jar}" top.dir="${user-authenticator-md5.base.dir}" classpath="user-authenticator-md5.classpath" /> + </target> + + <target name="help" description="help"> + <echo level="info" message="This is the build file for user-authenticator-md5"/> + <echo level="info" message="You can do a build by doing ant build or clean by ant clean" /> + </target> + + <target name="clean-user-authenticator-md5"> + <delete dir="${classes.dir}/${user-authenticator-md5.jar}"/> + </target> + + <target name="build" depends="compile-user-authenticator-md5"/> + <target name="clean" depends="clean-user-authenticator-md5"/> + +</project> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/eb5e02e4/plugins/user-authenticators/md5/src/com/cloud/server/auth/MD5UserAuthenticator.java ---------------------------------------------------------------------- diff --git a/plugins/user-authenticators/md5/src/com/cloud/server/auth/MD5UserAuthenticator.java b/plugins/user-authenticators/md5/src/com/cloud/server/auth/MD5UserAuthenticator.java new file mode 100644 index 0000000..2aec4a7 --- /dev/null +++ b/plugins/user-authenticators/md5/src/com/cloud/server/auth/MD5UserAuthenticator.java @@ -0,0 +1,88 @@ +// Copyright 2012 Citrix Systems, Inc. Licensed under the +// Apache License, Version 2.0 (the "License"); you may not use this +// file except in compliance with the License. Citrix Systems, Inc. +// reserves all rights not expressly granted by the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Automatically generated by addcopyright.py at 04/03/2012 +package com.cloud.server.auth; + +import java.util.Map; + +import javax.ejb.Local; +import javax.naming.ConfigurationException; + +import org.apache.log4j.Logger; + +import com.cloud.server.ManagementServer; +import com.cloud.user.UserAccount; +import com.cloud.user.dao.UserAccountDao; +import com.cloud.utils.component.ComponentLocator; + +/** + * Simple UserAuthenticator that performs a MD5 hash of the password before + * comparing it against the local database. + * + * @author Will Chan + */ +@Local(value={UserAuthenticator.class}) +public class MD5UserAuthenticator extends DefaultUserAuthenticator { + public static final Logger s_logger = Logger.getLogger(MD5UserAuthenticator.class); + + private UserAccountDao _userAccountDao; + + @Override + public boolean authenticate(String username, String password, Long domainId, Map<String, Object[]> requestParameters ) { + if (s_logger.isDebugEnabled()) { + s_logger.debug("Retrieving user: " + username); + } + UserAccount user = _userAccountDao.getUserAccount(username, domainId); + if (user == null) { + s_logger.debug("Unable to find user with " + username + " in domain " + domainId); + return false; + } + + /** + MessageDigest md5; + try { + md5 = MessageDigest.getInstance("MD5"); + } catch (NoSuchAlgorithmException e) { + throw new CloudRuntimeException("Error", e); + } + md5.reset(); + BigInteger pwInt = new BigInteger(1, md5.digest(password.getBytes())); + + // make sure our MD5 hash value is 32 digits long... + StringBuffer sb = new StringBuffer(); + String pwStr = pwInt.toString(16); + int padding = 32 - pwStr.length(); + for (int i = 0; i < padding; i++) { + sb.append('0'); + } + sb.append(pwStr); + **/ + + // Will: The MD5Authenticator is now a straight pass-through comparison of the + // the passwords because we will not assume that the password passed in has + // already been MD5 hashed. I am keeping the above code in case this requirement changes + // or people need examples of how to MD5 hash passwords in java. + if (!user.getPassword().equals(password)) { + s_logger.debug("Password does not match"); + return false; + } + return true; + } + + public boolean configure(String name, Map<String, Object> params) + throws ConfigurationException { + super.configure(name, params); + ComponentLocator locator = ComponentLocator.getLocator(ManagementServer.Name); + _userAccountDao = locator.getDao(UserAccountDao.class); + return true; + } +} http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/eb5e02e4/server/src/com/cloud/server/auth/MD5UserAuthenticator.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/server/auth/MD5UserAuthenticator.java b/server/src/com/cloud/server/auth/MD5UserAuthenticator.java deleted file mode 100644 index 2aec4a7..0000000 --- a/server/src/com/cloud/server/auth/MD5UserAuthenticator.java +++ /dev/null @@ -1,88 +0,0 @@ -// Copyright 2012 Citrix Systems, Inc. Licensed under the -// Apache License, Version 2.0 (the "License"); you may not use this -// file except in compliance with the License. Citrix Systems, Inc. -// reserves all rights not expressly granted by the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Automatically generated by addcopyright.py at 04/03/2012 -package com.cloud.server.auth; - -import java.util.Map; - -import javax.ejb.Local; -import javax.naming.ConfigurationException; - -import org.apache.log4j.Logger; - -import com.cloud.server.ManagementServer; -import com.cloud.user.UserAccount; -import com.cloud.user.dao.UserAccountDao; -import com.cloud.utils.component.ComponentLocator; - -/** - * Simple UserAuthenticator that performs a MD5 hash of the password before - * comparing it against the local database. - * - * @author Will Chan - */ -@Local(value={UserAuthenticator.class}) -public class MD5UserAuthenticator extends DefaultUserAuthenticator { - public static final Logger s_logger = Logger.getLogger(MD5UserAuthenticator.class); - - private UserAccountDao _userAccountDao; - - @Override - public boolean authenticate(String username, String password, Long domainId, Map<String, Object[]> requestParameters ) { - if (s_logger.isDebugEnabled()) { - s_logger.debug("Retrieving user: " + username); - } - UserAccount user = _userAccountDao.getUserAccount(username, domainId); - if (user == null) { - s_logger.debug("Unable to find user with " + username + " in domain " + domainId); - return false; - } - - /** - MessageDigest md5; - try { - md5 = MessageDigest.getInstance("MD5"); - } catch (NoSuchAlgorithmException e) { - throw new CloudRuntimeException("Error", e); - } - md5.reset(); - BigInteger pwInt = new BigInteger(1, md5.digest(password.getBytes())); - - // make sure our MD5 hash value is 32 digits long... - StringBuffer sb = new StringBuffer(); - String pwStr = pwInt.toString(16); - int padding = 32 - pwStr.length(); - for (int i = 0; i < padding; i++) { - sb.append('0'); - } - sb.append(pwStr); - **/ - - // Will: The MD5Authenticator is now a straight pass-through comparison of the - // the passwords because we will not assume that the password passed in has - // already been MD5 hashed. I am keeping the above code in case this requirement changes - // or people need examples of how to MD5 hash passwords in java. - if (!user.getPassword().equals(password)) { - s_logger.debug("Password does not match"); - return false; - } - return true; - } - - public boolean configure(String name, Map<String, Object> params) - throws ConfigurationException { - super.configure(name, params); - ComponentLocator locator = ComponentLocator.getLocator(ManagementServer.Name); - _userAccountDao = locator.getDao(UserAccountDao.class); - return true; - } -}
