001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2006-2008 Sun Microsystems, Inc.
015 * Portions Copyright 2014-2016 ForgeRock AS.
016 */
017package org.opends.server.extensions;
018
019import org.forgerock.i18n.LocalizableMessage;
020import org.forgerock.opendj.server.config.server.ClearPasswordStorageSchemeCfg;
021import org.opends.server.api.PasswordStorageScheme;
022import org.forgerock.opendj.config.server.ConfigException;
023import org.opends.server.types.*;
024import org.forgerock.opendj.ldap.ResultCode;
025import org.forgerock.opendj.ldap.ByteString;
026import org.forgerock.opendj.ldap.ByteSequence;
027import static org.opends.messages.ExtensionMessages.*;
028import static org.opends.server.extensions.ExtensionsConstants.*;
029
030/**
031 * This class defines a Directory Server password storage scheme that will store
032 * the values in clear-text with no encoding at all.  This is not at all secure
033 * but may be required for backward-compatibility and support for certain legacy
034 * applications.
035 */
036public class ClearPasswordStorageScheme
037       extends PasswordStorageScheme<ClearPasswordStorageSchemeCfg>
038{
039  /**
040   * Creates a new instance of this password storage scheme.  Note that no
041   * initialization should be performed here, as all initialization should be
042   * done in the <CODE>initializePasswordStorageScheme</CODE> method.
043   */
044  public ClearPasswordStorageScheme()
045  {
046    super();
047  }
048
049  @Override
050  public void initializePasswordStorageScheme(
051                   ClearPasswordStorageSchemeCfg configuration)
052         throws ConfigException, InitializationException
053  {
054    // No initialization is required.
055  }
056
057  @Override
058  public String getStorageSchemeName()
059  {
060    return STORAGE_SCHEME_NAME_CLEAR;
061  }
062
063  @Override
064  public ByteString encodePassword(ByteSequence plaintext)
065         throws DirectoryException
066  {
067    return plaintext.toByteString();
068  }
069
070  @Override
071  public ByteString encodePasswordWithScheme(ByteSequence plaintext)
072         throws DirectoryException
073  {
074    StringBuilder buffer = new StringBuilder();
075    buffer.append('{');
076    buffer.append(STORAGE_SCHEME_NAME_CLEAR);
077    buffer.append('}');
078    buffer.append(plaintext.toString());
079
080    return ByteString.valueOfUtf8(buffer);
081  }
082
083  @Override
084  public boolean passwordMatches(ByteSequence plaintextPassword,
085                                 ByteSequence storedPassword)
086  {
087    return plaintextPassword.equals(storedPassword);
088  }
089
090  @Override
091  public boolean isReversible()
092  {
093    return true;
094  }
095
096  @Override
097  public ByteString getPlaintextValue(ByteSequence storedPassword)
098         throws DirectoryException
099  {
100    return storedPassword.toByteString();
101  }
102
103  @Override
104  public boolean supportsAuthPasswordSyntax()
105  {
106    // This storage scheme does not support the authentication password syntax.
107    return false;
108  }
109
110  @Override
111  public ByteString encodeAuthPassword(ByteSequence plaintext)
112         throws DirectoryException
113  {
114    LocalizableMessage message =
115        ERR_PWSCHEME_DOES_NOT_SUPPORT_AUTH_PASSWORD.get(getStorageSchemeName());
116    throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, message);
117  }
118
119  @Override
120  public boolean authPasswordMatches(ByteSequence plaintextPassword,
121                                     String authInfo, String authValue)
122  {
123    // This storage scheme does not support the authentication password syntax.
124    return false;
125  }
126
127  @Override
128  public ByteString getAuthPasswordPlaintextValue(String authInfo,
129                                                  String authValue)
130         throws DirectoryException
131  {
132    LocalizableMessage message =
133        ERR_PWSCHEME_DOES_NOT_SUPPORT_AUTH_PASSWORD.get(getStorageSchemeName());
134    throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, message);
135  }
136
137  @Override
138  public boolean isStorageSchemeSecure()
139  {
140    // Clear-text passwords are not obscured in any way.
141    return false;
142  }
143}