001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: EncodeAction.java,v 1.4 2008/08/19 19:14:56 veiming Exp $
026 *
027 */
028/**
029 * Portions Copyrighted 2011 ForgeRock AS
030 */
031package com.sun.identity.security;
032
033import java.security.PrivilegedAction;
034
035import com.iplanet.services.util.AMEncryption;
036import com.iplanet.services.util.Crypt;
037
038/**
039 * 
040 * The class is used to perform privileged operation with
041 * <code>AccessController.doPrivileged()
042 * </code> when using
043 * <code> com.iplanet.services.util.Crypt</code> to encode passwords. Ths class
044 * implements the interface <code>
045 * PrivilegedAction </code> with a non-default
046 * constructor. This class should be used in order to perform the privileged
047 * operation of
048 * <code> com.iplanet.services.util.Crypt.encode/encrypt(str)</code>.
049 * 
050 * <PRE>
051 * 
052 * This line of code: String encStr =
053 * com.iplanet.services.util.Crypt.encode(str) should be replaced with: String
054 * encStr = (String) AccessController.doPrivileged( new EncodeAction(str)); If
055 * this is not done and Java security permissions check is enabled, then the
056 * operation will fail and return a null everytime.
057 * 
058 * Note: Java security permissions check for OpenSSO can be enabled by
059 * setting the property <code>com.sun.identity.security.checkcaller</code> to
060 * true in AMConfig properties file.
061 * 
062 * </PRE>
063 *
064 * @supported.all.api
065 */
066public class EncodeAction implements PrivilegedAction<String> {
067    protected String value;
068
069    protected boolean useSpecifiedKey = false;
070
071    protected AMEncryption encr;
072
073    /**
074     * Non default constructor to be used when a <code>doPrivileged()</code>
075     * is performed for the encryption operations.
076     * 
077     * @param svalue
078     *            Value of string to be encoded/decoded
079     * 
080     */
081    public EncodeAction(String svalue) {
082        super();
083        value = svalue;
084    }
085
086    /**
087     * Non default constructor to be used when a <code>doPrivileged()</code>
088     * is performed.
089     * 
090     * @param svalue
091     *            Value to be encoded
092     * @param encrKey
093     *            <code>AMEncryption</code> Object to be used
094     */
095    public EncodeAction(String svalue, AMEncryption encrKey) {
096        super();
097        value = svalue;
098        useSpecifiedKey = true;
099        encr = encrKey;
100    }
101
102    /*
103     * (non-Javadoc)
104     * 
105     * @see java.security.PrivilegedAction#run()
106     */
107    public String run() {
108        if (useSpecifiedKey) {
109            return Crypt.encode(value, encr);
110        } else {
111            return Crypt.encode(value);
112        }
113    }
114
115}