/hudson-core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java

http://github.com/hudson/hudson · Java · 53 lines · 17 code · 3 blank · 33 comment · 0 complexity · a981496ddfc5a07ad695dfce0310adfd MD5 · raw file

  1. /*
  2. * The MIT License
  3. *
  4. * Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi
  5. *
  6. * Permission is hereby granted, free of charge, to any person obtaining a copy
  7. * of this software and associated documentation files (the "Software"), to deal
  8. * in the Software without restriction, including without limitation the rights
  9. * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  10. * copies of the Software, and to permit persons to whom the Software is
  11. * furnished to do so, subject to the following conditions:
  12. *
  13. * The above copyright notice and this permission notice shall be included in
  14. * all copies or substantial portions of the Software.
  15. *
  16. * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  17. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  18. * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  19. * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  20. * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  21. * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  22. * THE SOFTWARE.
  23. */
  24. package hudson.security;
  25. import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
  26. import org.acegisecurity.userdetails.UserDetails;
  27. import org.acegisecurity.Authentication;
  28. import org.apache.commons.codec.digest.DigestUtils;
  29. /**
  30. * {@link TokenBasedRememberMeServices} with modification so as not to rely
  31. * on the user password being available.
  32. *
  33. * <p>
  34. * This allows remember-me to work with security realms where the password
  35. * is never available in clear text.
  36. *
  37. * @author Kohsuke Kawaguchi
  38. */
  39. public class TokenBasedRememberMeServices2 extends TokenBasedRememberMeServices {
  40. @Override
  41. protected String makeTokenSignature(long tokenExpiryTime, UserDetails userDetails) {
  42. String expectedTokenSignature = DigestUtils.md5Hex(userDetails.getUsername() + ":" + tokenExpiryTime + ":"
  43. + "N/A" + ":" + getKey());
  44. return expectedTokenSignature;
  45. }
  46. @Override
  47. protected String retrievePassword(Authentication successfulAuthentication) {
  48. return "N/A";
  49. }
  50. }