001 /****************************************************************
002 * Licensed to the Apache Software Foundation (ASF) under one *
003 * or more contributor license agreements. See the NOTICE file *
004 * distributed with this work for additional information *
005 * regarding copyright ownership. The ASF licenses this file *
006 * to you under the Apache License, Version 2.0 (the *
007 * "License"); you may not use this file except in compliance *
008 * with the License. You may obtain a copy of the License at *
009 * *
010 * http://www.apache.org/licenses/LICENSE-2.0 *
011 * *
012 * Unless required by applicable law or agreed to in writing, *
013 * software distributed under the License is distributed on an *
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY *
015 * KIND, either express or implied. See the License for the *
016 * specific language governing permissions and limitations *
017 * under the License. *
018 ****************************************************************/
019
020 package org.apache.james.user.lib.model;
021
022 import org.apache.james.user.api.model.User;
023 import org.apache.james.user.lib.util.DigestUtil;
024
025 import java.io.Serializable;
026 import java.security.NoSuchAlgorithmException;
027
028 /**
029 * Implementation of User Interface. Instances of this class do not allow the
030 * the user name to be reset.
031 */
032 public class DefaultUser implements User, Serializable {
033
034 private static final long serialVersionUID = 5178048915868531270L;
035
036 private String userName;
037 private String hashedPassword;
038 private String algorithm;
039
040 /**
041 * Standard constructor.
042 *
043 * @param name
044 * the String name of this user
045 * @param hashAlg
046 * the algorithm used to generate the hash of the password
047 */
048 public DefaultUser(String name, String hashAlg) {
049 userName = name;
050 algorithm = hashAlg;
051 }
052
053 /**
054 * Constructor for repositories that are construcing user objects from
055 * separate fields, e.g. databases.
056 *
057 * @param name
058 * the String name of this user
059 * @param passwordHash
060 * the String hash of this users current password
061 * @param hashAlg
062 * the String algorithm used to generate the hash of the password
063 */
064 public DefaultUser(String name, String passwordHash, String hashAlg) {
065 userName = name;
066 hashedPassword = passwordHash;
067 algorithm = hashAlg;
068 }
069
070 /**
071 * @see org.apache.james.user.api.model.User#getUserName()
072 */
073 public String getUserName() {
074 return userName;
075 }
076
077 /**
078 * @see org.apache.james.user.api.model.User#verifyPassword(java.lang.String)
079 */
080 public boolean verifyPassword(String pass) {
081 try {
082 String hashGuess = DigestUtil.digestString(pass, algorithm);
083 return hashedPassword.equals(hashGuess);
084 } catch (NoSuchAlgorithmException nsae) {
085 throw new RuntimeException("Security error: " + nsae);
086 }
087 }
088
089 /**
090 * @see org.apache.james.user.api.model.User#setPassword(java.lang.String)
091 */
092 public boolean setPassword(String newPass) {
093 try {
094 hashedPassword = DigestUtil.digestString(newPass, algorithm);
095 return true;
096 } catch (NoSuchAlgorithmException nsae) {
097 throw new RuntimeException("Security error: " + nsae);
098 }
099 }
100
101 /**
102 * Method to access hash of password
103 *
104 * @return the String of the hashed Password
105 */
106 public String getHashedPassword() {
107 return hashedPassword;
108 }
109
110 /**
111 * Method to access the hashing algorithm of the password.
112 *
113 * @return the name of the hashing algorithm used for this user's password
114 */
115 public String getHashAlgorithm() {
116 return algorithm;
117 }
118 }