1 /****************************************************************
2 * Licensed to the Apache Software Foundation (ASF) under one *
3 * or more contributor license agreements. See the NOTICE file *
4 * distributed with this work for additional information *
5 * regarding copyright ownership. The ASF licenses this file *
6 * to you under the Apache License, Version 2.0 (the *
7 * "License"); you may not use this file except in compliance *
8 * with the License. You may obtain a copy of the License at *
9 * *
10 * http://www.apache.org/licenses/LICENSE-2.0 *
11 * *
12 * Unless required by applicable law or agreed to in writing, *
13 * software distributed under the License is distributed on an *
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY *
15 * KIND, either express or implied. See the License for the *
16 * specific language governing permissions and limitations *
17 * under the License. *
18 ****************************************************************/
19
20
21
22 package org.apache.james.impl.user;
23
24 import org.apache.james.api.user.User;
25
26 import java.io.Serializable;
27 import java.security.NoSuchAlgorithmException;
28
29 /**
30 * Implementation of User Interface. Instances of this class do not allow
31 * the the user name to be reset.
32 *
33 *
34 * @version CVS $Revision: 521427 $
35 */
36
37 public class DefaultUser implements User, Serializable {
38
39 private static final long serialVersionUID = 5178048915868531270L;
40
41 private String userName;
42 private String hashedPassword;
43 private String algorithm ;
44
45 /**
46 * Standard constructor.
47 *
48 * @param name the String name of this user
49 * @param hashAlg the algorithm used to generate the hash of the password
50 */
51 public DefaultUser(String name, String hashAlg) {
52 userName = name;
53 algorithm = hashAlg;
54 }
55
56 /**
57 * Constructor for repositories that are construcing user objects from
58 * separate fields, e.g. databases.
59 *
60 * @param name the String name of this user
61 * @param passwordHash the String hash of this users current password
62 * @param hashAlg the String algorithm used to generate the hash of the
63 * password
64 */
65 public DefaultUser(String name, String passwordHash, String hashAlg) {
66 userName = name;
67 hashedPassword = passwordHash;
68 algorithm = hashAlg;
69 }
70
71 /**
72 * @see org.apache.james.api.user.User#getUserName()
73 */
74 public String getUserName() {
75 return userName;
76 }
77
78 /**
79 * @see org.apache.james.api.user.User#verifyPassword(java.lang.String)
80 */
81 public boolean verifyPassword(String pass) {
82 try {
83 String hashGuess = DigestUtil.digestString(pass, algorithm);
84 return hashedPassword.equals(hashGuess);
85 } catch (NoSuchAlgorithmException nsae) {
86 throw new RuntimeException("Security error: " + nsae);
87 }
88 }
89
90 /**
91 * @see org.apache.james.api.user.User#setPassword(java.lang.String)
92 */
93 public boolean setPassword(String newPass) {
94 try {
95 hashedPassword = DigestUtil.digestString(newPass, algorithm);
96 return true;
97 } catch (NoSuchAlgorithmException nsae) {
98 throw new RuntimeException("Security error: " + nsae);
99 }
100 }
101
102 /**
103 * Method to access hash of password
104 *
105 * @return the String of the hashed Password
106 */
107 public String getHashedPassword() {
108 return hashedPassword;
109 }
110
111 /**
112 * Method to access the hashing algorithm of the password.
113 *
114 * @return the name of the hashing algorithm used for this user's password
115 */
116 public String getHashAlgorithm() {
117 return algorithm;
118 }
119 }