package com.liferay.util;
import com.liferay.portal.kernel.util.StringMaker;
/**
* <a href="PwdGenerator.java.html"><b><i>View Source</i></b></a>
*
* @author Brian Wing Shun Chan
*
*/
public class PwdGenerator {
public static String KEY1 = "0123456789";
public static String KEY2 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
public static String KEY3 = "abcdefghijklmnopqrstuvwxyz";
public static String getPinNumber() {
return _getPassword(KEY1, 4);
}
public static String getPassword() {
return getPassword(8);
}
public static String getPassword(int length) {
return _getPassword(KEY1 + KEY2 + KEY3, length);
}
public static String getPassword(String key, int length) {
return _getPassword(key, length);
}
private static String _getPassword(String key, int length) {
StringMaker sm = new StringMaker();
for (int i = 0; i < length; i++) {
sm.append(key.charAt((int)(Math.random() * key.length())));
}
return sm.toString();
}
}
package com.liferay.portal.security.pwd;
import com.liferay.portal.PwdEncryptorException;
import com.liferay.portal.kernel.util.Base64;
import com.liferay.portal.kernel.util.Digester;
import com.liferay.portal.kernel.util.DigesterUtil;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.StringMaker;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.util.PropsUtil;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Random;
import org.vps.crypt.Crypt;
/**
* <a href="PwdEncryptor.java.html"><b><i>View Source</i></b></a>
*
* @author Brian Wing Shun Chan
* @author Scott Lee
*
*/
public class PwdEncryptor {
public static final String PASSWORDS_ENCRYPTION_ALGORITHM =
GetterUtil.getString(PropsUtil.get(
PropsUtil.PASSWORDS_ENCRYPTION_ALGORITHM)).toUpperCase();
public static final String TYPE_CRYPT = "CRYPT";
public static final String TYPE_MD2 = "MD2";
public static final String TYPE_MD5 = "MD5";
public static final String TYPE_NONE = "NONE";
public static final String TYPE_SHA = "SHA";
public static final String TYPE_SHA_256 = "SHA-256";
public static final String TYPE_SHA_384 = "SHA-384";
public static final String TYPE_SSHA = "SSHA";
public static final char[] saltChars =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./"
.toCharArray();
public static String encrypt(String clearTextPwd)
throws PwdEncryptorException {
return encrypt(PASSWORDS_ENCRYPTION_ALGORITHM, clearTextPwd, null);
}
public static String encrypt(String clearTextPwd, String currentEncPwd)
throws PwdEncryptorException {
return encrypt(
PASSWORDS_ENCRYPTION_ALGORITHM, clearTextPwd, currentEncPwd);
}
public static String encrypt(
String algorithm, String clearTextPwd, String currentEncPwd)
throws PwdEncryptorException {
if (algorithm.equals(TYPE_CRYPT)) {
byte[] saltBytes = _getSaltFromCrypt(currentEncPwd);
return encodePassword(algorithm, clearTextPwd, saltBytes);
}
else if (algorithm.equals(TYPE_NONE)) {
return clearTextPwd;
}
else if (algorithm.equals(TYPE_SSHA)) {
byte[] saltBytes = _getSaltFromSSHA(currentEncPwd);
return encodePassword(algorithm, clearTextPwd, saltBytes);
}
else {
return encodePassword(algorithm, clearTextPwd, null);
}
}
protected static String encodePassword(
String algorithm, String clearTextPwd, byte[] saltBytes)
throws PwdEncryptorException {
try {
if (algorithm.equals(TYPE_CRYPT)) {
return Crypt.crypt(
clearTextPwd.getBytes(Digester.ENCODING), saltBytes);
}
else if (algorithm.equals(TYPE_SSHA)) {
byte[] clearTextPwdBytes =
clearTextPwd.getBytes(Digester.ENCODING);
// Create a byte array of salt bytes appeneded to password bytes
byte[] pwdPlusSalt =
new byte[clearTextPwdBytes.length + saltBytes.length];
System.arraycopy(
clearTextPwdBytes, 0, pwdPlusSalt, 0,
clearTextPwdBytes.length);
System.arraycopy(
saltBytes, 0, pwdPlusSalt, clearTextPwdBytes.length,
saltBytes.length);
// Digest byte array
MessageDigest sha1Digest = MessageDigest.getInstance("SHA-1");
byte[] pwdPlusSaltHash = sha1Digest.digest(pwdPlusSalt);
// Appends salt bytes to the SHA-1 digest.
byte[] digestPlusSalt =
new byte[pwdPlusSaltHash.length + saltBytes.length];
System.arraycopy(
pwdPlusSaltHash, 0, digestPlusSalt, 0,
pwdPlusSaltHash.length);
System.arraycopy(
saltBytes, 0, digestPlusSalt, pwdPlusSaltHash.length,
saltBytes.length);
// Base64 encode and format string
return Base64.encode(digestPlusSalt);
}
else {
return DigesterUtil.digest(algorithm, clearTextPwd);
}
}
catch (NoSuchAlgorithmException nsae) {
throw new PwdEncryptorException(nsae.getMessage());
}
catch (UnsupportedEncodingException uee) {
throw new PwdEncryptorException(uee.getMessage());
}
}
private static byte[] _getSaltFromCrypt(String cryptString)
throws PwdEncryptorException {
byte[] saltBytes = new byte[2];
try {
if (Validator.isNull(cryptString)) {
// Generate random salt
Random randomGenerator = new Random();
int numSaltChars = saltChars.length;
StringMaker sm = new StringMaker();
int x = Math.abs(randomGenerator.nextInt()) % numSaltChars;
int y = Math.abs(randomGenerator.nextInt()) % numSaltChars;
sm.append(saltChars[x]);
sm.append(saltChars[y]);
String salt = sm.toString();
saltBytes = salt.getBytes(Digester.ENCODING);
}
else {
// Extract salt from encrypted password
String salt = cryptString.substring(0, 3);
saltBytes = salt.getBytes(Digester.ENCODING);
}
}
catch (UnsupportedEncodingException uee) {
throw new PwdEncryptorException(
"Unable to extract salt from encrypted password: " +
uee.getMessage());
}
return saltBytes;
}
private static byte[] _getSaltFromSSHA(String sshaString)
throws PwdEncryptorException {
byte[] saltBytes = new byte[8];
if (Validator.isNull(sshaString)) {
// Generate random salt
Random random = new SecureRandom();
random.nextBytes(saltBytes);
}
else {
// Extract salt from encrypted password
try {
byte[] digestPlusSalt = Base64.decode(sshaString);
byte[] digestBytes = new byte[digestPlusSalt.length - 8];
System.arraycopy(
digestPlusSalt, 0, digestBytes, 0, digestBytes.length);
System.arraycopy(
digestPlusSalt, digestBytes.length, saltBytes, 0,
saltBytes.length);
}
catch (Exception e) {
throw new PwdEncryptorException(
"Unable to extract salt from encrypted password: " +
e.getMessage());
}
}
return saltBytes;
}
}
package com.liferay.portal.util;
import com.liferay.portal.kernel.util.Base64;
import com.liferay.portal.kernel.util.Digester;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* <a href="DigesterImpl.java.html"><b><i>View Source</i></b></a>
*
* @author Brian Wing Shun Chan
*
*/
public class DigesterImpl implements Digester {
public String digest(String text) {
return digest(Digester.DIGEST_ALGORITHM, text);
}
public String digest(String algorithm, String text) {
MessageDigest digester = null;
try{
digester = MessageDigest.getInstance(algorithm);
digester.update(text.getBytes(Digester.ENCODING));
}
catch (NoSuchAlgorithmException nsae) {
_log.error(nsae, nsae);
}
catch (UnsupportedEncodingException uee) {
_log.error(uee, uee);
}
byte[] byteArray = digester.digest();
if (_BASE_64) {
return Base64.encode(byteArray);
}
else {
return new String(Hex.encodeHex(byteArray));
}
}
private static final boolean _BASE_64 =
PropsValues.PASSWORDS_DIGEST_ENCODING.equals("base64");
private static Log _log = LogFactory.getLog(Digester.class);
}
package com.liferay.portal.kernel.util;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
/**
* <a href="Base64.java.html"><b><i>View Source</i></b></a>
*
* @author Brian Wing Shun Chan
*
*/
public class Base64 {
protected static char getChar(int sixbit) {
if (sixbit >= 0 && sixbit <= 25) {
return (char)(65 + sixbit);
}
if (sixbit >= 26 && sixbit <= 51) {
return (char)(97 + (sixbit - 26));
}
if (sixbit >= 52 && sixbit <= 61) {
return (char)(48 + (sixbit - 52));
}
if (sixbit == 62) {
return '+';
}
return sixbit != 63 ? '?' : '/';
}
protected static int getValue(char c) {
if (c >= 'A' && c <= 'Z') {
return c - 65;
}
if (c >= 'a' && c <= 'z') {
return (c - 97) + 26;
}
if (c >= '0' && c <= '9') {
return (c - 48) + 52;
}
if (c == '+') {
return 62;
}
if (c == '/') {
return 63;
}
return c != '=' ? -1 : 0;
}
public static String encode(byte raw[]) {
StringMaker encoded = new StringMaker();
for (int i = 0; i < raw.length; i += 3) {
encoded.append(encodeBlock(raw, i));
}
return encoded.toString();
}
protected static char[] encodeBlock(byte raw[], int offset) {
int block = 0;
int slack = raw.length - offset - 1;
int end = slack < 2 ? slack : 2;
for (int i = 0; i <= end; i++) {
byte b = raw[offset + i];
int neuter = b >= 0 ? ((int) (b)) : b + 256;
block += neuter << 8 * (2 - i);
}
char base64[] = new char[4];
for (int i = 0; i < 4; i++) {
int sixbit = block >>> 6 * (3 - i) & 0x3f;
base64[i] = getChar(sixbit);
}
if (slack < 1) {
base64[2] = '=';
}
if (slack < 2) {
base64[3] = '=';
}
return base64;
}
public static byte[] decode(String base64) {
int pad = 0;
for (int i = base64.length() - 1; base64.charAt(i) == '='; i--) {
pad++;
}
int length = (base64.length() * 6) / 8 - pad;
byte raw[] = new byte[length];
int rawindex = 0;
for (int i = 0; i < base64.length(); i += 4) {
int block = (getValue(base64.charAt(i)) << 18) +
(getValue(base64.charAt(i + 1)) << 12) +
(getValue(base64.charAt(i + 2)) << 6) +
getValue(base64.charAt(i + 3));
for (int j = 0; j < 3 && rawindex + j < raw.length; j++) {
raw[rawindex + j] = (byte)(block >> 8 * (2 - j) & 0xff);
}
rawindex += 3;
}
return raw;
}
public static String objectToString(Object o) {
if (o == null) {
return null;
}
ByteArrayMaker bam = new ByteArrayMaker(32000);
try {
ObjectOutputStream os = new ObjectOutputStream(
new BufferedOutputStream(bam));
os.flush();
os.writeObject(o);
os.flush();
}
catch (IOException e) {
_log.error(e.getMessage());
}
return encode(bam.toByteArray());
}
public static Object stringToObject(String s) {
if (s == null) {
return null;
}
byte byteArray[] = decode(s);
ByteArrayInputStream bais = new ByteArrayInputStream(byteArray);
try {
ObjectInputStream is =
new ObjectInputStream(new BufferedInputStream(bais));
return is.readObject();
}
catch (Exception e) {
_log.error(e.getMessage());
}
return null;
}
private static Log _log = LogFactoryUtil.getLog(Base64.class);
}
分享到:
相关推荐
Struts2和Liferay的集成是一项常见的企业级应用开发任务,尤其对于构建可扩展且功能丰富的Web应用程序至关重要。Struts2是一个强大的MVC框架,它提供了处理用户请求、业务逻辑和视图展示的能力,而Liferay则是一个...
本技术文档主要关注 Liferay 的系统架构、核心技术、Portlet 开发、部署、数据库配置以及系统的定制化能力,同时也支持多语言环境。 1. **Liferay 系统架构** Liferay 的架构基于标准的 J2EE(Java 企业版)框架,...
标题中的“Liferay搭建Struts2”意味着我们将讨论如何在Liferay门户平台上集成并使用Struts2框架。Liferay是一款开源的企业级Portal解决方案,而Struts2是一个流行的Java web应用程序开发框架,它基于Model-View-...
在这个“liferay详细讲解 liferay项目完全讲解”的资料包中,我们可以期待深入了解到关于Liferay的核心概念、开发实践以及与其相关的技术。 首先,我们看到一个名为“JBPM数据库表说明.doc”的文件,这暗示了...
Liferay Portal Liferay IDE
5. **安全与权限管理**:Liferay的权限系统是其强大功能之一,文档可能包含如何定义角色、控制访问权限以及实施工作流审批等内容。 6. **社交协作功能**:Liferay内置了丰富的社交协作特性,如博客、论坛、文档库等...
在Liferay 6中集成Struts2框架进行Portlet开发是一项重要的技术实践。本文档将详细讲解如何使用Struts2框架来构建功能丰富的Portlet应用,并通过具体实例进行深入分析。 #### 二、环境搭建与依赖 为了确保能够顺利...
标题 "liferay-portal-sql-6.1.1-ce-ga2-20120731132656558" 暗示了这是一个关于Liferay Portal 6.1.1社区版(CE GA2)的SQL相关资源,发布日期为2012年7月31日。Liferay Portal是一个开源的企业级内容管理平台,它...
**Liferay 6 + Struts 2 集成项目详解** 在Web应用程序开发中,Liferay Portal和Struts 2框架的结合使用可以提供强大的功能和灵活性。Liferay是一款开源的企业级门户平台,它提供了内容管理、社交网络、工作流等...
标题 "Liferay扩展环境 Liferay Ext" 涉及到的是Liferay门户平台的一个关键概念,Liferay Ext是用于扩展和定制Liferay功能的核心工具。Liferay是一个开源的企业级内容管理平台,它允许用户根据需求构建自定义的数字...
【Liferay SSH 开发案例详解】 在Web应用开发领域,Liferay是一款强大的开源企业级门户平台,它提供了丰富的功能和高度可扩展性。SSH(Spring、Struts、Hibernate)是Java Web开发中常用的一种技术栈,用于构建MVC...
Liferay is a different portal. 10分下载的, 打包5折提供下载. Part 1 Introduction to Liferay 1. Liferay is a different portal 2. Getting started with the Liferay development platform Part 2 Adding ...
通过学习这些教程,开发者不仅可以掌握Liferay 6的基础知识,还能深入了解其插件开发、MVC架构、Struts2、Spring、Hibernate以及LDAP集成等高级技术,从而在Liferay平台上构建出强大且灵活的企业级应用。
liferay cas 代码
本文将深入探讨Liferay Portal的基础知识,安装配置,源码分析,开发环境设置,以及基于Struts2的Portlet应用开发等关键知识点。 1. Liferay Portal初体验: Liferay Portal是一款功能强大的企业级门户平台,支持多...
2. 下载并解压Liferay Portal的源码,这将帮助开发者深入理解Liferay的工作原理,并方便进行扩展和定制。 3. 配置Eclipse的构建路径,确保所有必要的库文件都已包含,如Liferay的API库、服务层库以及所需的依赖库。 ...
### Liferay SSH整合开发知识点详解 #### 一、概述与背景 Liferay作为一个强大的企业级门户平台,提供了丰富的API和工具来支持各种定制化的开发需求。本案例介绍的是基于Liferay 5.2版本,使用Spring、Struts、...
2. 《Liferay Portal Administration》 这本指南主要面向Liferay管理员,讲解了系统设置、用户管理、权限控制、性能优化和故障排查等方面的知识。通过阅读,你可以掌握如何高效地管理和维护Liferay环境。 3. ...
在Liferay Portal中,权限管理是系统的核心组成部分,它允许管理员根据不同的角色和用户组定制访问和操作的权限。Liferay的权限系统基于面向对象编程的继承概念,以确保资源的管理和访问控制既灵活又安全。 1. ...
Liferay Portal是一款功能强大且灵活的企业级门户平台,它基于Java技术,遵循JSR-168标准,提供了丰富的特性来满足企业内外部网站的需求。Liferay Portal 4.0版本作为一款成熟的解决方案,尤其在用户管理、内容管理...