GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SEC-1031: Ported change from trunk.

2.0.x
Luke Taylor 17 years ago
parent
ad4b5c487f
commit
4c3867718e
1 changed files with 19 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 38
      core/src/main/java/org/springframework/security/providers/ldap/authenticator/LdapShaPasswordEncoder.java

38
core/src/main/java/org/springframework/security/providers/ldap/authenticator/LdapShaPasswordEncoder.java
Unescape View File

@ -86,9 +86,9 @@ public class LdapShaPasswordEncoder implements PasswordEncoder { @@ -86,9 +86,9 @@ public class LdapShaPasswordEncoder implements PasswordEncoder {
sha.update(rawPass.getBytes("UTF-8"));
} catch (java.security.NoSuchAlgorithmException e) {
throw new IllegalStateException("No SHA implementation available!");
} catch (UnsupportedEncodingException ue) {
throw new IllegalStateException("UTF-8 not supported!");
}
} catch (UnsupportedEncodingException ue) {
throw new IllegalStateException("UTF-8 not supported!");
}
if (salt != null) {
Assert.isInstanceOf(byte[].class, salt, "Salt value must be a byte array");
@ -131,7 +131,7 @@ public class LdapShaPasswordEncoder implements PasswordEncoder { @@ -131,7 +131,7 @@ public class LdapShaPasswordEncoder implements PasswordEncoder {
*/
public boolean isPasswordValid(final String encPass, final String rawPass, Object salt) {
String prefix = extractPrefix(encPass);
if (prefix == null) {
return encPass.equals(rawPass);
}
@ -141,32 +141,32 @@ public class LdapShaPasswordEncoder implements PasswordEncoder { @@ -141,32 +141,32 @@ public class LdapShaPasswordEncoder implements PasswordEncoder {
} else if (!prefix.equals(SHA_PREFIX) && !prefix.equals(SHA_PREFIX_LC)) {
throw new IllegalArgumentException("Unsupported password prefix '" + prefix + "'");
} else {
// Standard SHA
salt = null;
// Standard SHA
salt = null;
}
int startOfHash = prefix.length() + 1;
int startOfHash = prefix.length();
String encodedRawPass = encodePassword(rawPass, salt).substring(startOfHash);
return encodedRawPass.equals(encPass.substring(startOfHash));
}
/**
* Returns the hash prefix or null if there isn't one.
* Returns the hash prefix or null if there isn't one.
*/
private String extractPrefix(String encPass) {
if (!encPass.startsWith("{")) {
return null;
return null;
}
int secondBrace = encPass.lastIndexOf('}');
if (secondBrace < 0) {
throw new IllegalArgumentException("Couldn't find closing brace for SHA prefix");
}
int secondBrace = encPass.lastIndexOf('}');
if (secondBrace < 0) {
throw new IllegalArgumentException("Couldn't find closing brace for SHA prefix");
}
return encPass.substring(0, secondBrace + 1);
return encPass.substring(0, secondBrace + 1);
}
public void setForceLowerCasePrefix(boolean forceLowerCasePrefix) {

Write Preview
Loading…
Cancel
Save