View Javadoc

1   /*
2    * EL4J, the Extension Library for the J2EE, adds incremental enhancements to
3    * the spring framework, http://el4j.sf.net
4    * Copyright (C) 2005 by ELCA Informatique SA, Av. de la Harpe 22-24,
5    * 1000 Lausanne, Switzerland, http://www.elca.ch
6    *
7    * EL4J is published under the GNU Lesser General Public License (LGPL)
8    * Version 2.1. See http://www.gnu.org/licenses/
9    *
10   * This program is distributed in the hope that it will be useful,
11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13   * GNU Lesser General Public License for more details.
14   *
15   * For alternative licensing, please contact info@elca.ch
16   */
17  
18  package ch.elca.el4j.tests.services.security.provider;
19  
20  import org.springframework.security.authentication.BadCredentialsException;
21  import org.springframework.security.core.Authentication;
22  import org.springframework.security.core.AuthenticationException;
23  
24  import ch.elca.el4j.services.security.encryption.RSACipher;
25  
26  /**
27   * Provider for testing reasons. This class throws a BadCredentialsException in
28   * case the username is not equal to the password.
29   *
30   * @svnLink $Revision: 4091 $;$Date: 2010-01-15 12:21:07 +0100 (Fr, 15. Jan 2010) $;$Author: jonasha $;$URL: https://el4j.svn.sourceforge.net/svnroot/el4j/branches/el4j_3_1/el4j/framework/modules/security/src/test/java/ch/elca/el4j/tests/services/security/provider/ExtendedTestingAuthenticationProvider.java $
31   *
32   * @author Raphael Boog (RBO)
33   */
34  public class ExtendedTestingAuthenticationProvider extends
35  	TestingAuthenticationProvider {
36  
37  	/**	 */
38  	private RSACipher m_cipher;
39  	
40  	/**	Length of the RSA key pair. */
41  	private static final int m_keyLength = 256;
42  	
43  	/**
44  	 * Default constructor in which the cipher will be initialized.
45  	 */
46  	public ExtendedTestingAuthenticationProvider() {
47  		
48  		m_cipher = new RSACipher(m_keyLength);
49  	}
50  	
51  	/**
52  	 * {@inheritDoc}
53  	 */
54  	public Authentication authenticate(Authentication authentication)
55  		throws AuthenticationException {
56  
57  		if (authentication == null) {
58  			return null;
59  		}
60  		
61  		String encryptedCredential = authentication.getCredentials().toString();
62  		String decryptedCredential = m_cipher.decrypt(encryptedCredential);
63  		
64  		if (authentication.getPrincipal().toString().equals(
65  			decryptedCredential)) {
66  			return authentication;
67  		} else {
68  			throw new BadCredentialsException(
69  				"Authentication Failed with Principal "
70  					+ authentication.getPrincipal().toString()
71  					+ " and Credential "
72  					+ authentication.getCredentials().toString() + ".");
73  		}
74  	}
75  	
76  	/**
77  	 * Obtain the public key to encrypt the password to avoid passing it in
78  	 * clear over the network.
79  	 * 
80  	 * @return The public key suitable to encrypt the password with
81  	 */
82  	public String getPublicKey() {
83  		
84  		return m_cipher.getPublicKey();
85  	}
86  }