001/*
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: EncodeAction.java,v 1.4 2008/08/19 19:14:56 veiming Exp $
026 *
027 * Portions Copyrighted 2011-2015 ForgeRock AS.
028 */
029
030package com.sun.identity.security;
031
032import java.security.PrivilegedAction;
033
034import com.iplanet.services.util.AMEncryption;
035import com.iplanet.services.util.Crypt;
036
037/**
038 * 
039 * The class is used to perform privileged operation with
040 * <code>AccessController.doPrivileged()
041 * </code> when using
042 * <code> com.iplanet.services.util.Crypt</code> to encode passwords. Ths class
043 * implements the interface <code>
044 * PrivilegedAction </code> with a non-default
045 * constructor. This class should be used in order to perform the privileged
046 * operation of
047 * <code> com.iplanet.services.util.Crypt.encode/encrypt(str)</code>.
048 * 
049 * <PRE>
050 * 
051 * This line of code: String encStr =
052 * com.iplanet.services.util.Crypt.encode(str) should be replaced with: String
053 * encStr = (String) AccessController.doPrivileged( new EncodeAction(str)); If
054 * this is not done and Java security permissions check is enabled, then the
055 * operation will fail and return a null every time.
056 * 
057 * Note: Java security permissions check for OpenAM can be enabled by
058 * setting the property <code>com.sun.identity.security.checkcaller</code> to
059 * true in AMConfig properties file.
060 * 
061 * </PRE>
062 *
063 * @supported.all.api
064 */
065public class EncodeAction implements PrivilegedAction<String> {
066    protected String value;
067
068    protected boolean useSpecifiedKey = false;
069
070    protected AMEncryption encr;
071
072    /**
073     * Non default constructor to be used when a <code>doPrivileged()</code>
074     * is performed for the encryption operations.
075     * 
076     * @param svalue
077     *            Value of string to be encoded/decoded
078     * 
079     */
080    public EncodeAction(String svalue) {
081        super();
082        value = svalue;
083    }
084
085    /**
086     * Non default constructor to be used when a <code>doPrivileged()</code>
087     * is performed.
088     * 
089     * @param svalue
090     *            Value to be encoded
091     * @param encrKey
092     *            <code>AMEncryption</code> Object to be used
093     */
094    public EncodeAction(String svalue, AMEncryption encrKey) {
095        super();
096        value = svalue;
097        useSpecifiedKey = true;
098        encr = encrKey;
099    }
100
101    /*
102     * (non-Javadoc)
103     * 
104     * @see java.security.PrivilegedAction#run()
105     */
106    public String run() {
107        if (useSpecifiedKey) {
108            return Crypt.encode(value, encr);
109        } else {
110            return Crypt.encode(value);
111        }
112    }
113
114}