/hudson-core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java

http://github.com/hudson/hudson · Java · 53 lines · 17 code · 3 blank · 33 comment · 0 complexity · a981496ddfc5a07ad695dfce0310adfd MD5 · raw file 

    

  1. /*
    2. 

  2.  * The MIT License
    3. 

  3.  * 
    4. 

  4.  * Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi
    5. 

  5.  * 
    6. 

  6.  * Permission is hereby granted, free of charge, to any person obtaining a copy
    7. 

  7.  * of this software and associated documentation files (the "Software"), to deal
    8. 

  8.  * in the Software without restriction, including without limitation the rights
    9. 

  9.  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
    10. 

  10.  * copies of the Software, and to permit persons to whom the Software is
    11. 

  11.  * furnished to do so, subject to the following conditions:
    12. 

  12.  * 
    13. 

  13.  * The above copyright notice and this permission notice shall be included in
    14. 

  14.  * all copies or substantial portions of the Software.
    15. 

  15.  * 
    16. 

  16.  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    17. 

  17.  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    18. 

  18.  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    19. 

  19.  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    20. 

  20.  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
    21. 

  21.  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
    22. 

  22.  * THE SOFTWARE.
    23. 

  23.  */
    24. 

  24. package hudson.security;
    25. 

  25. 

  26. import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
    27. 

  27. import org.acegisecurity.userdetails.UserDetails;
    28. 

  28. import org.acegisecurity.Authentication;
    29. 

  29. import org.apache.commons.codec.digest.DigestUtils;
    30. 

  30. 

  31. /**
    32. 

  32.  * {@link TokenBasedRememberMeServices} with modification so as not to rely
    33. 

  33.  * on the user password being available.
    34. 

  34.  *
    35. 

  35.  * <p>
    36. 

  36.  * This allows remember-me to work with security realms where the password
    37. 

  37.  * is never available in clear text.
    38. 

  38.  *
    39. 

  39.  * @author Kohsuke Kawaguchi
    40. 

  40.  */
    41. 

  41. public class TokenBasedRememberMeServices2 extends TokenBasedRememberMeServices {
    42. 

  42.     @Override
    43. 

  43.     protected String makeTokenSignature(long tokenExpiryTime, UserDetails userDetails) {
    44. 

  44.         String expectedTokenSignature = DigestUtils.md5Hex(userDetails.getUsername() + ":" + tokenExpiryTime + ":"
    45. 

  45.                 + "N/A" + ":" + getKey());
    46. 

  46.         return expectedTokenSignature;
    47. 

  47.     }
    48. 

  48. 

  49.     @Override
    50. 

  50.     protected String retrievePassword(Authentication successfulAuthentication) {
    51. 

  51.         return "N/A";
    52. 

  52.     }
    53. 

  53. }
    54.