001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: DecodeAction.java,v 1.4 2008/08/19 19:14:55 veiming Exp $
026 *
027 */
028
029/*
030 * Portions Copyrighted 2011 ForgeRock AS
031 */
032package com.sun.identity.security;
033
034import java.security.PrivilegedAction;
035
036import com.iplanet.services.util.AMEncryption;
037import com.iplanet.services.util.Crypt;
038
039/**
040 * 
041 * The class is used to perform privileged operations with
042 * <code>AccessController.doPrivileged()
043 * </code> when using
044 * <code> com.iplanet.services.util.Crypt</code> to decode passwords. Ths class
045 * implements the interface <code>
046 * PrivilegedAction </code> with a non-default
047 * constructor. This class should be used in order to perform the privileged
048 * operation of <code> com.iplanet.services.util.Crypt.decode/decrypt()</code>.
049 * 
050 * <PRE>
051 * 
052 * This line of code: String decStr =
053 * com.iplanet.services.util.Crypt.decode(str) should be replaced with: String
054 * decStr = (String) AccessController.doPrivileged( new DecodeAction(str)); If
055 * this is not done and Java security permissions check is enabled, then the
056 * operation will fail and return a null everytime.
057 * 
058 * Note: Java security permissions check for OpenSSO can be enabled by
059 * setting the property <code>com.sun.identity.security.checkcaller</code> to
060 * true in AMConfig properties file.
061 * 
062 * </PRE>
063 *
064 * @supported.all.api
065 */
066public class DecodeAction implements PrivilegedAction<String> {
067
068    protected String value;
069    protected AMEncryption encr;
070
071    /**
072     * Non default constructor to be used when a <code>doPrivileged()</code>
073     * is performed for the decryption operations.
074     * 
075     * @param svalue
076     *            Value of string to be encoded/decoded
077     * 
078     */
079    public DecodeAction(String svalue) {
080        super();
081        value = svalue;
082    }
083
084    /**
085     * @param value
086     *            Value to be decoded
087     * @param encrKey
088     *            Encryption object to be used for decoding
089     */
090    public DecodeAction(String value, AMEncryption encrKey) {
091        super();
092        this.value = value;
093        this.encr = encrKey;
094    }
095
096    /*
097     * (non-Javadoc)
098     * 
099     * @see java.security.PrivilegedAction#run()
100     */
101    public String run() {
102        if (encr != null) {
103            return Crypt.decode(value, encr);
104        } else {
105            return Crypt.decode(value);
106        }
107    }
108
109}




























































Copyright © 2010-2017, ForgeRock All Rights Reserved.