use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.
the class AttributeValidator method encodedAttrs.
/**
* Encodes attribute value if it is of syntax password or encoded_password.
*
* @param attrs Map of the attributes and their values
* @param encryptObj Encryptor
* @return A map which is has replaced values with encrypted ones.
*/
Map encodedAttrs(Map attrs, AMEncryption encryptObj) {
Set values = (Set) attrs.get(as.getName());
if (values == null) {
return attrs;
}
if (as.getSyntax().equals(AttributeSchema.Syntax.PASSWORD) || as.getSyntax().equals(AttributeSchema.Syntax.ENCRYPTED_PASSWORD)) {
// Encrypt the password
Set vals = new HashSet();
for (Iterator items = values.iterator(); items.hasNext(); ) {
String tString = (String) items.next();
try {
vals.add(AccessController.doPrivileged(new EncodeAction(tString, encryptObj)));
} catch (Throwable e) {
debug.error("AttributeValidator.encodedAttrs: Unable to encode", e);
vals.add(tString);
}
}
attrs.put(as.getName(), vals);
}
return (attrs);
}
use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.
the class AttributeSchema method updateDefaultValues.
/**
* Method for modifying default values given the XML document
*/
protected void updateDefaultValues(Set defaultValues, Document doc) throws SMSException, SSOException {
// Check if the values are valid
if (ss != null) {
Map tempattrs = new HashMap(1);
tempattrs.put(getName(), defaultValues);
ss.validateAttributes(tempattrs);
}
// Check if the attributes have to be encoded
boolean encode = false;
if (getSyntax().equals(Syntax.PASSWORD) || getSyntax().equals(Syntax.ENCRYPTED_PASSWORD)) {
encode = true;
}
// Construct DefaultValues node
StringBuffer sb = new StringBuffer(100);
sb.append(XML_PREFIX).append(DEFAULT_VALUES_BEGIN);
Iterator items = defaultValues.iterator();
while (items.hasNext()) {
sb.append(VALUE_BEGIN);
if (encode) {
String encString = (String) items.next();
try {
encString = (String) AccessController.doPrivileged(new EncodeAction(encString));
} catch (Throwable e) {
debug.error("AttributeSchema: Unable to encode", e);
}
sb.append(encString);
} else {
sb.append(SMSSchema.escapeSpecialCharacters((String) items.next()));
}
sb.append(VALUE_END);
}
sb.append(DEFAULT_VALUES_END);
updateXMLDocument(sb, SMSUtils.ATTRIBUTE_DEFAULT_ELEMENT, doc);
}
use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.
the class ServiceManager method checkAndEncryptPasswordSyntax.
protected static void checkAndEncryptPasswordSyntax(Document doc, boolean encrypt, AMEncryption encryptObj) throws SMSException {
// Get the node list of all AttributeSchema
NodeList nl = doc.getElementsByTagName(SMSUtils.SCHEMA_ATTRIBUTE);
for (int i = 0; i < nl.getLength(); i++) {
Node node = nl.item(i);
// Check if the "syntax" attribute is "password"
String syntax = XMLUtils.getNodeAttributeValue(node, SMSUtils.ATTRIBUTE_SYNTAX);
if (syntax.equals(AttributeSchema.Syntax.PASSWORD.toString())) {
if (debug.messageEnabled()) {
debug.message("ServiceManager: encrypting password syntax");
}
// Get the DefaultValues and encrypt then
Node defaultNode;
if ((defaultNode = XMLUtils.getChildNode(node, SMSUtils.ATTRIBUTE_DEFAULT_ELEMENT)) != null) {
// Get NodeList of "Value" nodes and encrypt them
for (Iterator items = XMLUtils.getChildNodes(defaultNode, SMSUtils.ATTRIBUTE_VALUE).iterator(); items.hasNext(); ) {
Node valueNode = (Node) items.next();
String value = XMLUtils.getValueOfValueNode(valueNode);
String encValue;
// skip empty passwords
if (value.equals("null")) {
continue;
}
if (encrypt) {
if (encryptObj != null) {
value = (String) AccessController.doPrivileged(new DecodeAction(value, encryptObj));
if (value.equals("&#160;")) {
try {
byte[] b = new byte[1];
b[0] = -96;
value = new String(b, "ISO-8859-1");
} catch (UnsupportedEncodingException e) {
//ignore
}
}
}
encValue = (String) AccessController.doPrivileged(new EncodeAction(value));
} else {
encValue = AccessController.doPrivileged(new DecodeAction(value));
if (encValue == null) {
encValue = "&#160;";
} else {
try {
//this is catch the whitespace for password
byte[] b = encValue.getBytes("ISO-8859-1");
if ((b.length == 1) && (b[0] == -96)) {
encValue = "&#160;";
}
} catch (UnsupportedEncodingException e) {
//ignore
}
}
if (encryptObj != null) {
encValue = (String) AccessController.doPrivileged(new EncodeAction(encValue, encryptObj));
}
}
// Construct the encrypted "Value" node
StringBuilder sb = new StringBuilder(100);
sb.append(AttributeSchema.VALUE_BEGIN).append(encValue).append(AttributeSchema.VALUE_END);
Document newDoc = SMSSchema.getXMLDocument(sb.toString(), false);
Node newValueNode = XMLUtils.getRootNode(newDoc, SMSUtils.ATTRIBUTE_VALUE);
// Replace the node
Node nValueNode = doc.importNode(newValueNode, true);
defaultNode.replaceChild(nValueNode, valueNode);
}
}
}
}
}
use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.
the class AMKeyProviderTest method getPrivateKeyUsingProvidedPassword.
@Test
public void getPrivateKeyUsingProvidedPassword() {
String encodedPrivatePass = AccessController.doPrivileged(new EncodeAction(PRIVATE_KEY_PASS));
PrivateKey key = amKeyProvider.getPrivateKey(PRIVATE_KEY_ALIAS, encodedPrivatePass);
Assert.assertNotNull(key);
}
use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.
the class XMLSignatureManagerTest method signXMLWithPrivateKeyUsingPassword.
@Test
public void signXMLWithPrivateKeyUsingPassword() {
Document documentToSign = XMLUtils.toDOMDocument(ClassLoader.getSystemResourceAsStream(XML_DOCUMENT_TO_SIGN), SAML2Utils.debug);
Element signature = null;
String encodedPrivatePass = AccessController.doPrivileged(new EncodeAction(PRIVATE_KEY_PASS));
try {
signature = xmlSignatureManager.signXMLUsingKeyPass(documentToSign, PRIVATE_KEY_ALIAS, encodedPrivatePass, null, SAML2Constants.ID, ID_ATTRIBUTE_VALUE, true, null);
} catch (XMLSignatureException e) {
Assert.fail(e.getMessage());
}
Assert.assertNotNull(signature);
NodeList nodes = documentToSign.getElementsByTagName("ds:Signature");
Assert.assertTrue(nodes.getLength() > 0);
Assert.assertTrue(signature.isEqualNode(nodes.item(0)));
}
Aggregations