WebLogic Server 6.0 Code Examples, BEA Systems, Inc.

examples.security.rdbmsrealm
Class RDBMSUser

java.lang.Object
  |
  +--java.security.Identity
        |
        +--weblogic.security.acl.User
              |
              +--examples.security.rdbmsrealm.RDBMSUser
All Implemented Interfaces:
java.security.Principal, java.io.Serializable

class RDBMSUser
extends weblogic.security.acl.User

This is the in-memory representation of a user from the database. The user has a name and password. The password may be one-way hashed. Hashed passwords are stored in the database in the form {HASH}gobbledygook, where HASH is the name of the hashing algorithm, and gobbledygook is the hashed password.

You can store passwords either in hashed or plaintext form. You can vary how passwords are stored on a per-user basis (for example, use MD5 for one user and SHA for another user). However, BEA recommends using a single hashing algorithm for all passwords and not storing any plain text passwords in the database.

This class has a main method, which you can use to generate hashed passwords from plain text passwords. The hashed passwords can then be stored in your database.

Author:
Copyright (c) 1998-2000 by BEA Systems, Inc. All Rights Reserved.

Field Summary
protected static java.lang.String ALGORITHM
          The default password generation algorithm.
 
Fields inherited from class weblogic.security.acl.User
authenticatedUser
 
Fields inherited from class java.security.Identity
certificates, info, scope
 
Constructor Summary
(package private) RDBMSUser(java.lang.String name, java.lang.String passwd, RDBMSRealm realm)
          Creates a user with the given name and hashed password from the given realm.
 
Method Summary
(package private)  boolean authenticate(java.lang.String plaintext)
          Checks a plain text password against the user's password.
 weblogic.security.acl.BasicRealm getRealm()
          Returns the realm that created this object.
protected static java.lang.String hash(java.security.MessageDigest md, java.lang.String plaintext)
          Hashes the given plain text with the given digest algorithm, and base64-encode the result.
static void main(java.lang.String[] args)
          Hashes passwords according to the given algorithm.
 
Methods inherited from class weblogic.security.acl.User
getCredential, identityEquals, toString
 
Methods inherited from class java.security.Identity
addCertificate, certificates, equals, fullName, getInfo, getName, getPublicKey, getScope, hashCode, printCertificates, printKeys, removeCertificate, setInfo, setPublicKey, toString
 
Methods inherited from class java.lang.Object
, clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

ALGORITHM

protected static final java.lang.String ALGORITHM
The default password generation algorithm.
Constructor Detail

RDBMSUser

RDBMSUser(java.lang.String name,
          java.lang.String passwd,
          RDBMSRealm realm)
Creates a user with the given name and hashed password from the given realm.
Method Detail

authenticate

boolean authenticate(java.lang.String plaintext)
Checks a plain text password against the user's password. If the object containing the password is not known, authentication will fail.
Parameters:
plaintext - the plaintext password to check
Returns:
true if matched, false otherwise

getRealm

public weblogic.security.acl.BasicRealm getRealm()
Returns the realm that created this object.
Overrides:
getRealm in class weblogic.security.acl.User

hash

protected static java.lang.String hash(java.security.MessageDigest md,
                                       java.lang.String plaintext)
Hashes the given plain text with the given digest algorithm, and base64-encode the result.
Parameters:
md - message digest algorithm to hash with
plaintext - text to hash
Returns:
base64-encoded hashed text

main

public static void main(java.lang.String[] args)
                 throws java.io.IOException
Hashes passwords according to the given algorithm. Plain text passwords are read from stdin, and the encrypted passwords are printed to stdout. If no algorithm is specified on the command line, the one specified in ALGORITHM is used.
See Also:
ALGORITHM

Documentation is available at
http://e-docs.bea.com/wls/docs60

Copyright © 2000 BEA Systems, Inc. All Rights Reserved.