1 /**************************************************************** 2 * Licensed to the Apache Software Foundation (ASF) under one * 3 * or more contributor license agreements. See the NOTICE file * 4 * distributed with this work for additional information * 5 * regarding copyright ownership. The ASF licenses this file * 6 * to you under the Apache License, Version 2.0 (the * 7 * "License"); you may not use this file except in compliance * 8 * with the License. You may obtain a copy of the License at * 9 * * 10 * http://www.apache.org/licenses/LICENSE-2.0 * 11 * * 12 * Unless required by applicable law or agreed to in writing, * 13 * software distributed under the License is distributed on an * 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * 15 * KIND, either express or implied. See the License for the * 16 * specific language governing permissions and limitations * 17 * under the License. * 18 ****************************************************************/ 19 20 21 22 package org.apache.james.impl.user; 23 24 import org.apache.james.api.user.User; 25 26 import java.io.Serializable; 27 import java.security.NoSuchAlgorithmException; 28 29 /** 30 * Implementation of User Interface. Instances of this class do not allow 31 * the the user name to be reset. 32 * 33 * 34 * @version CVS $Revision: 521427 $ 35 */ 36 37 public class DefaultUser implements User, Serializable { 38 39 private static final long serialVersionUID = 5178048915868531270L; 40 41 private String userName; 42 private String hashedPassword; 43 private String algorithm ; 44 45 /** 46 * Standard constructor. 47 * 48 * @param name the String name of this user 49 * @param hashAlg the algorithm used to generate the hash of the password 50 */ 51 public DefaultUser(String name, String hashAlg) { 52 userName = name; 53 algorithm = hashAlg; 54 } 55 56 /** 57 * Constructor for repositories that are construcing user objects from 58 * separate fields, e.g. databases. 59 * 60 * @param name the String name of this user 61 * @param passwordHash the String hash of this users current password 62 * @param hashAlg the String algorithm used to generate the hash of the 63 * password 64 */ 65 public DefaultUser(String name, String passwordHash, String hashAlg) { 66 userName = name; 67 hashedPassword = passwordHash; 68 algorithm = hashAlg; 69 } 70 71 /** 72 * @see org.apache.james.api.user.User#getUserName() 73 */ 74 public String getUserName() { 75 return userName; 76 } 77 78 /** 79 * @see org.apache.james.api.user.User#verifyPassword(java.lang.String) 80 */ 81 public boolean verifyPassword(String pass) { 82 try { 83 String hashGuess = DigestUtil.digestString(pass, algorithm); 84 return hashedPassword.equals(hashGuess); 85 } catch (NoSuchAlgorithmException nsae) { 86 throw new RuntimeException("Security error: " + nsae); 87 } 88 } 89 90 /** 91 * @see org.apache.james.api.user.User#setPassword(java.lang.String) 92 */ 93 public boolean setPassword(String newPass) { 94 try { 95 hashedPassword = DigestUtil.digestString(newPass, algorithm); 96 return true; 97 } catch (NoSuchAlgorithmException nsae) { 98 throw new RuntimeException("Security error: " + nsae); 99 } 100 } 101 102 /** 103 * Method to access hash of password 104 * 105 * @return the String of the hashed Password 106 */ 107 public String getHashedPassword() { 108 return hashedPassword; 109 } 110 111 /** 112 * Method to access the hashing algorithm of the password. 113 * 114 * @return the name of the hashing algorithm used for this user's password 115 */ 116 public String getHashAlgorithm() { 117 return algorithm; 118 } 119 }