001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: EncodeAction.java,v 1.4 2008/08/19 19:14:56 veiming Exp $ 026 * 027 */ 028/** 029 * Portions Copyrighted 2011 ForgeRock AS 030 */ 031package com.sun.identity.security; 032 033import java.security.PrivilegedAction; 034 035import com.iplanet.services.util.AMEncryption; 036import com.iplanet.services.util.Crypt; 037 038/** 039 * 040 * The class is used to perform privileged operation with 041 * <code>AccessController.doPrivileged() 042 * </code> when using 043 * <code> com.iplanet.services.util.Crypt</code> to encode passwords. Ths class 044 * implements the interface <code> 045 * PrivilegedAction </code> with a non-default 046 * constructor. This class should be used in order to perform the privileged 047 * operation of 048 * <code> com.iplanet.services.util.Crypt.encode/encrypt(str)</code>. 049 * 050 * <PRE> 051 * 052 * This line of code: String encStr = 053 * com.iplanet.services.util.Crypt.encode(str) should be replaced with: String 054 * encStr = (String) AccessController.doPrivileged( new EncodeAction(str)); If 055 * this is not done and Java security permissions check is enabled, then the 056 * operation will fail and return a null everytime. 057 * 058 * Note: Java security permissions check for OpenSSO can be enabled by 059 * setting the property <code>com.sun.identity.security.checkcaller</code> to 060 * true in AMConfig properties file. 061 * 062 * </PRE> 063 * 064 * @supported.all.api 065 */ 066public class EncodeAction implements PrivilegedAction<String> { 067 protected String value; 068 069 protected boolean useSpecifiedKey = false; 070 071 protected AMEncryption encr; 072 073 /** 074 * Non default constructor to be used when a <code>doPrivileged()</code> 075 * is performed for the encryption operations. 076 * 077 * @param svalue 078 * Value of string to be encoded/decoded 079 * 080 */ 081 public EncodeAction(String svalue) { 082 super(); 083 value = svalue; 084 } 085 086 /** 087 * Non default constructor to be used when a <code>doPrivileged()</code> 088 * is performed. 089 * 090 * @param svalue 091 * Value to be encoded 092 * @param encrKey 093 * <code>AMEncryption</code> Object to be used 094 */ 095 public EncodeAction(String svalue, AMEncryption encrKey) { 096 super(); 097 value = svalue; 098 useSpecifiedKey = true; 099 encr = encrKey; 100 } 101 102 /* 103 * (non-Javadoc) 104 * 105 * @see java.security.PrivilegedAction#run() 106 */ 107 public String run() { 108 if (useSpecifiedKey) { 109 return Crypt.encode(value, encr); 110 } else { 111 return Crypt.encode(value); 112 } 113 } 114 115}
Copyright © 2010-2017, ForgeRock All Rights Reserved.