001/**************************************************************** 002 * Licensed to the Apache Software Foundation (ASF) under one * 003 * or more contributor license agreements. See the NOTICE file * 004 * distributed with this work for additional information * 005 * regarding copyright ownership. The ASF licenses this file * 006 * to you under the Apache License, Version 2.0 (the * 007 * "License"); you may not use this file except in compliance * 008 * with the License. You may obtain a copy of the License at * 009 * * 010 * http://www.apache.org/licenses/LICENSE-2.0 * 011 * * 012 * Unless required by applicable law or agreed to in writing, * 013 * software distributed under the License is distributed on an * 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * 015 * KIND, either express or implied. See the License for the * 016 * specific language governing permissions and limitations * 017 * under the License. * 018 ****************************************************************/ 019 020package org.apache.james.user.lib.model; 021 022import org.apache.james.user.api.model.User; 023import org.apache.james.user.lib.util.DigestUtil; 024 025import java.io.Serializable; 026import java.security.NoSuchAlgorithmException; 027 028/** 029 * Implementation of User Interface. Instances of this class do not allow the 030 * the user name to be reset. 031 */ 032public class DefaultUser implements User, Serializable { 033 034 private static final long serialVersionUID = 5178048915868531270L; 035 036 private final String userName; 037 private String hashedPassword; 038 private final String algorithm; 039 040 /** 041 * Standard constructor. 042 * 043 * @param name 044 * the String name of this user 045 * @param hashAlg 046 * the algorithm used to generate the hash of the password 047 */ 048 public DefaultUser(String name, String hashAlg) { 049 userName = name; 050 algorithm = hashAlg; 051 } 052 053 /** 054 * Constructor for repositories that are construcing user objects from 055 * separate fields, e.g. databases. 056 * 057 * @param name 058 * the String name of this user 059 * @param passwordHash 060 * the String hash of this users current password 061 * @param hashAlg 062 * the String algorithm used to generate the hash of the password 063 */ 064 public DefaultUser(String name, String passwordHash, String hashAlg) { 065 userName = name; 066 hashedPassword = passwordHash; 067 algorithm = hashAlg; 068 } 069 070 /** 071 * @see org.apache.james.user.api.model.User#getUserName() 072 */ 073 public String getUserName() { 074 return userName; 075 } 076 077 /** 078 * @see org.apache.james.user.api.model.User#verifyPassword(java.lang.String) 079 */ 080 public boolean verifyPassword(String pass) { 081 try { 082 String hashGuess = DigestUtil.digestString(pass, algorithm); 083 return hashedPassword.equals(hashGuess); 084 } catch (NoSuchAlgorithmException nsae) { 085 throw new RuntimeException("Security error: " + nsae); 086 } 087 } 088 089 /** 090 * @see org.apache.james.user.api.model.User#setPassword(java.lang.String) 091 */ 092 public boolean setPassword(String newPass) { 093 try { 094 hashedPassword = DigestUtil.digestString(newPass, algorithm); 095 return true; 096 } catch (NoSuchAlgorithmException nsae) { 097 throw new RuntimeException("Security error: " + nsae); 098 } 099 } 100 101 /** 102 * Method to access hash of password 103 * 104 * @return the String of the hashed Password 105 */ 106 public String getHashedPassword() { 107 return hashedPassword; 108 } 109 110 /** 111 * Method to access the hashing algorithm of the password. 112 * 113 * @return the name of the hashing algorithm used for this user's password 114 */ 115 public String getHashAlgorithm() { 116 return algorithm; 117 } 118}