|
|||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||
java.lang.Object
|
+--arlut.csd.ganymede.DBField
|
+--arlut.csd.ganymede.PasswordDBField
PasswordDBField is a subclass of DBField
for the storage and handling of password
fields in the DBStore on the Ganymede
server.
The Ganymede client talks to PasswordDBFields through the
pass_field RMI interface.
This class differs a bit from most subclasses of DBField in that the normal setValue()/getValue()
methods are non-functional. Instead, there are special methods used to set or
access password information in crypted and non-crypted forms.
Crypted passwords are stored in the UNIX crypt() format. See the
jcrypt class for details on the crypt hashing.
There are no methods provided to allow remote access to password
information.. server-side code must locally access the getUNIXCryptText() and getPlainText()
methods to get access to the password information. Generally, even
in that case, only crypted password information will be available.
If this password field was configured to store encrypted passwords
by way of its DBObjectBaseField, this password field will never emit() the
plaintext to disk. Instead, the crypt()'ed password information
will be retained for user authentication. The plaintext of the
password may be retained in memory for the purpose of
replicating to systems that do not use the UNIX crypt() format for
password hashing, but only on a temporary basis, for those
passwords whose plaintext was provided to the server during its
operation. Basically, it's for custom builder tasks that
need to be able to provide the plaintext of a stored password
for replication to a system with an incompatible hash format.
BaseField.setCrypted(boolean),
BaseField.setPlainText(boolean)| Field Summary | |
private java.lang.String |
cryptedPass
Traditional Unix crypt()'ed pass |
(package private) static boolean |
debug
|
private java.lang.String |
lanHash
Samba LANMAN hash, for Win95 clients |
private java.lang.String |
md5CryptPass
The complex md5crypt()'ed password, as in OpenBSD, FreeBSD, Linux PAM, etc. |
private java.lang.String |
ntHash
Samba md4 Unicode hash, for WinNT/2k clients |
private java.lang.String |
uncryptedPass
Plaintext password.. |
| Fields inherited from class arlut.csd.ganymede.DBField |
fieldcode, owner, value |
| Constructor Summary | |
(package private) |
PasswordDBField(DBObject owner,
java.io.DataInput in,
DBObjectBaseField definition)
Receive constructor. |
(package private) |
PasswordDBField(DBObject owner,
DBObjectBaseField definition)
No-value constructor. |
|
PasswordDBField(DBObject owner,
PasswordDBField field)
Copy constructor. |
| Method Summary | |
boolean |
allowed(char c)
Convenience method to identify if a particular character is acceptable in this field. |
java.lang.String |
allowedChars()
Returns a string containing the list of acceptable characters. |
private void |
clear_stored()
private helper to clear all stored password information in this field |
java.lang.Object |
clone()
|
ReturnVal |
copyFieldTo(PasswordDBField target,
boolean local)
This method copies the current value of this DBField to target. |
boolean |
crypted()
Returns true if the password stored in this field is hash-crypted. |
java.lang.String |
disallowedChars()
Returns a string containing the list of forbidden characters for this field. |
(package private) void |
emit(java.io.DataOutput out)
This method is responsible for writing out the contents of this field to an binary output stream. |
(package private) void |
emitXML(XMLDumpContext dump)
This method is used when the database is being dumped, to write out this field to disk. |
boolean |
equals(java.lang.Object obj)
Returns true if obj is a field with the same value(s) as this one. |
DBField |
getCopy(DBObject newOwner)
This method is used to return a copy of this field, with the field's owner set to newOwner. |
java.lang.String |
getDiffString(DBField orig)
Returns a String representing the change in value between this field and orig. |
java.lang.String |
getEncodingString()
The default getValueString() encoding is acceptable. |
java.lang.String |
getLANMANCryptText()
This server-side only method returns the LANMAN-compatible password hash of the password data held in this field. |
java.lang.String |
getMD5CryptText()
This server-side only method returns the md5crypt()-encrypted hashed password text. |
java.lang.String |
getMD5Salt()
Method to obtain the SALT for a stored OpenBSD-style md5crypt()'ed password. |
java.lang.String |
getNTUNICODECryptText()
This server-side only method returns the Windows NT 4 SP3-compatible md4/Unicode password hash of the password data held in this field. |
java.lang.String |
getPlainText()
This server-side only method returns the plaintext password text, if available. |
java.lang.String |
getSalt()
Method to obtain the SALT for a stored crypted password. |
java.lang.String |
getUNIXCryptText()
This server-side only method returns the UNIX-encrypted password text. |
java.lang.Object |
getValue()
Standard db_field method
to retrieve the value of this field. |
java.lang.Object |
getValueLocal()
Returns an Object carrying the value held in this field. |
java.lang.String |
getValueString()
Returns a String representing the value of this field. |
boolean |
isDefined()
Returns true if this field has a value associated with it, or false if it is an unfilled 'placeholder'. |
java.lang.Object |
key()
Object value of DBField. |
boolean |
matchPlainText(java.lang.String plaintext)
This method is used for authenticating a provided plaintext password against the stored contents of this password field. |
int |
maxSize()
Returns the maximum acceptable string length for this field. |
int |
minSize()
Returns the minimum acceptable string length for this field. |
(package private) void |
receive(java.io.DataInput in,
DBObjectBaseField definition)
This method is responsible for reading in the contents of this field from an binary input stream. |
ReturnVal |
setCryptPass(java.lang.String text)
This method is used to set a pre-crypted password for this field. |
ReturnVal |
setCryptPass(java.lang.String text,
boolean local,
boolean noWizards)
This method is used to set a pre-crypted password for this field. |
ReturnVal |
setMD5CryptedPass(java.lang.String text)
This method is used to set a pre-crypted OpenBSD-style MD5Crypt password for this field. |
ReturnVal |
setMD5CryptedPass(java.lang.String text,
boolean local,
boolean noWizards)
This method is used to set a pre-crypted OpenBSD-style MD5Crypt password for this field. |
ReturnVal |
setPlainTextPass(java.lang.String plaintext)
This method is used to set the password for this field, crypting it in various ways if this password field is stored crypted. |
ReturnVal |
setPlainTextPass(java.lang.String plaintext,
boolean local,
boolean noWizards)
This method is used to set the password for this field, crypting it in various ways if this password field is stored crypted. |
ReturnVal |
setUndefined(boolean local)
This method is used to mark a field as undefined when it is checked out for editing. |
ReturnVal |
setValue(java.lang.Object value,
boolean local,
boolean noWizards)
Sets the value of this field, if a scalar. |
ReturnVal |
setWinCryptedPass(java.lang.String LANMAN,
java.lang.String NTUnicodeMD4)
This method is used to set a pre-crypted OpenBSD-style MD5Crypt password for this field. |
ReturnVal |
setWinCryptedPass(java.lang.String LANMAN,
java.lang.String NTUnicodeMD4,
boolean local,
boolean noWizards)
This method is used to set a pre-crypted OpenBSD-style MD5Crypt password for this field. |
private boolean |
streq(java.lang.String str1,
java.lang.String str2)
Convenience null-friendly string comparison helper. |
ReturnVal |
verifyNewValue(java.lang.Object o)
Generally only for when we get a plaintext submission.. |
boolean |
verifyTypeMatch(java.lang.Object o)
Overridable method to determine whether an Object submitted to this field is of an appropriate type. |
| Methods inherited from class java.lang.Object |
|
| Methods inherited from interface arlut.csd.ganymede.db_field |
addElement, addElements, containsElement, deleteAllElements, deleteElement, deleteElement, deleteElements, getComment, getElement, getFieldInfo, getFieldTemplate, getID, getName, getType, getTypeDesc, getValues, isBuiltIn, isEditable, isEditInPlace, isVector, isVisible, setElement, setValue, size |
| Field Detail |
static final boolean debug
private java.lang.String cryptedPass
Traditional Unix crypt()'ed pass
private java.lang.String md5CryptPass
The complex md5crypt()'ed password, as in OpenBSD, FreeBSD, Linux PAM, etc.
private java.lang.String uncryptedPass
Plaintext password.. will never be saved to disk if we have cryptedPass or md5CryptPass.
private java.lang.String lanHash
Samba LANMAN hash, for Win95 clients
private java.lang.String ntHash
Samba md4 Unicode hash, for WinNT/2k clients
| Constructor Detail |
PasswordDBField(DBObject owner,
java.io.DataInput in,
DBObjectBaseField definition)
throws java.io.IOException
Receive constructor. Used to create a PasswordDBField from a DBStore/DBJournal DataInput stream.
PasswordDBField(DBObject owner,
DBObjectBaseField definition)
No-value constructor. Allows the construction of a
'non-initialized' field, for use where the DBObjectBase definition
indicates that a given field may be present, but for which no
value has been stored in the DBStore.
Used to provide the client a template for 'creating' this field if so desired.
public PasswordDBField(DBObject owner,
PasswordDBField field)
| Method Detail |
public boolean isDefined()
Returns true if this field has a value associated with it, or false if it is an unfilled 'placeholder'.
isDefined in interface db_fieldisDefined in class DBFielddb_fieldpublic ReturnVal setUndefined(boolean local)
This method is used to mark a field as undefined when it is checked out for editing. Different subclasses of DBField will implement this in different ways. Any namespace values claimed by the field will be released, and when the transaction is committed, this field will be released.
setUndefined in class DBFieldprivate final void clear_stored()
private helper to clear all stored password information in this field
public boolean equals(java.lang.Object obj)
Returns true if obj is a field with the same value(s) as this one.
This method is ok to be synchronized because it does not call synchronized methods on any other object.
equals in class DBField
private final boolean streq(java.lang.String str1,
java.lang.String str2)
Convenience null-friendly string comparison helper.
public ReturnVal copyFieldTo(PasswordDBField target,
boolean local)
This method copies the current value of this DBField to target. The target DBField must be contained within a checked-out DBEditObject in order to be updated. Any actions that would normally occur from a user manually setting a value into the field will occur.
NOTE: this method is mainly used in cloning objects, and
cloneFromObject
doesn't allow cloning of password fields by default.
target - The DBField to copy this field's contents to.local - If true, permissions checking is skipped.public java.lang.Object key()
Object value of DBField. Used to represent value in value hashes. Subclasses need to override this method in subclass.
key in class DBFieldpublic DBField getCopy(DBObject newOwner)
This method is used to return a copy of this field, with the field's owner set to newOwner.
getCopy in class DBFieldpublic java.lang.Object clone()
clone in class java.lang.Object
void emit(java.io.DataOutput out)
throws java.io.IOException
DBFieldThis method is responsible for writing out the contents of this field to an binary output stream. It is used in writing fields to the ganymede.db file and to the journal file.
This method only writes out the value contents of this field.
The DBObject
emit()
method is responsible for writing out the field identifier information
ahead of the field's contents.
emit in class DBField
void receive(java.io.DataInput in,
DBObjectBaseField definition)
throws java.io.IOException
DBFieldThis method is responsible for reading in the contents of this field from an binary input stream. It is used in reading fields from the ganymede.db file and from the journal file.
The code that calls receive() on this field is responsible for having read enough of the binary input stream's context to place the read cursor at the point in the file immediately after the field's id and type information has been read.
receive in class DBField
void emitXML(XMLDumpContext dump)
throws java.io.IOException
This method is used when the database is being dumped, to write out this field to disk. It is mated with receiveXML().
emitXML in class DBFieldpublic java.lang.Object getValue()
Standard db_field method
to retrieve the value of this field. Because we are holding sensitive
password information, this method always returns null.. we don't want
to make password values available to the client under any circumstances.
getValue in interface db_fieldgetValue in class DBFieldarlut.csd.ganymede.DBFielddb_fieldpublic java.lang.Object getValueLocal()
Returns an Object carrying the value held in this field.
This is intended to be used within the Ganymede server, it bypasses the permissions checking that getValues() does.
Note that this method will always return null, as you need to use the special Password-specific value accessors to get access to the password information in crypted or non-crypted form.
getValueLocal in class DBFieldpublic java.lang.String getValueString()
db_fieldgetValueString in interface db_fieldgetValueString in class DBFieldpublic java.lang.String getEncodingString()
getEncodingString in interface db_fieldgetEncodingString in class DBFieldarlut.csd.ganymede.DBFielddb_fieldpublic java.lang.String getDiffString(DBField orig)
Returns a String representing the change in value between this field and orig. This String is intended for logging and email, not for any sort of programmatic activity. The format of the generated string is not defined, but is intended to be suitable for inclusion in a log entry and in an email message.
If there is no change in the field, null will be returned.
getDiffString in class DBFieldpublic int maxSize()
Returns the maximum acceptable string length for this field.
maxSize in interface pass_fieldpass_fieldpublic int minSize()
Returns the minimum acceptable string length for this field.
minSize in interface pass_fieldpass_fieldpublic java.lang.String allowedChars()
Returns a string containing the list of acceptable characters. If the string is null, it should be interpreted as meaning all characters not listed in disallowedChars() are allowable by default.
allowedChars in interface pass_fieldpass_fieldpublic java.lang.String disallowedChars()
Returns a string containing the list of forbidden characters for this field. If the string is null, it should be interpreted as meaning that no characters are specifically disallowed.
disallowedChars in interface pass_fieldpass_fieldpublic boolean allowed(char c)
Convenience method to identify if a particular character is acceptable in this field.
allowed in interface pass_fieldpass_fieldpublic boolean crypted()
Returns true if the password stored in this field is hash-crypted.
crypted in interface pass_fieldpass_fieldpublic boolean matchPlainText(java.lang.String plaintext)
This method is used for authenticating a provided plaintext password against the stored contents of this password field. The password field may have stored the password in plaintext, or in any of a variety of cryptographic hash formats. matchPlainText() will perform whatever operation on the provided plaintext as is required to determine whether or not it matches with the stored password data.
matchPlainText in interface pass_fieldpass_fieldpublic java.lang.String getUNIXCryptText()
This server-side only method returns the UNIX-encrypted password text.
This method is never meant to be available remotely.
public java.lang.String getMD5CryptText()
This server-side only method returns the md5crypt()-encrypted hashed password text.
This method is never meant to be available remotely.
public java.lang.String getLANMANCryptText()
This server-side only method returns the LANMAN-compatible password hash of the password data held in this field.
This method is never meant to be available remotely.
public java.lang.String getNTUNICODECryptText()
This server-side only method returns the Windows NT 4 SP3-compatible md4/Unicode password hash of the password data held in this field.
This method is never meant to be available remotely.
public java.lang.String getPlainText()
This server-side only method returns the plaintext password text, if available.
public java.lang.String getSalt()
Method to obtain the SALT for a stored crypted password. If the client is going to submit a pre-crypted password for comparison via matchCryptText(), it must be salted by the salt returned by this method.
If the password is not stored in crypt() form, null will be returned.
pass_fieldpublic java.lang.String getMD5Salt()
Method to obtain the SALT for a stored OpenBSD-style md5crypt()'ed password. If the client is going to submit a pre-crypted password for comparison via matchMD5CryptText(), it must be salted by the salt returned by this method.
If the password is not stored in md5crypt() form, null will be returned.
pass_field
public ReturnVal setValue(java.lang.Object value,
boolean local,
boolean noWizards)
Sets the value of this field, if a scalar.
The ReturnVal object returned encodes success or failure, and may optionally pass back a dialog.
setValue in class DBFieldarlut.csd.ganymede.DBFieldvalue - Value to set this field tolocal - If true, permissions checking will be skippednoWizards - If true, wizards will be skippedpublic ReturnVal setPlainTextPass(java.lang.String plaintext)
This method is used to set the password for this field, crypting it in various ways if this password field is stored crypted.
setPlainTextPass in interface pass_fieldpass_field
public ReturnVal setPlainTextPass(java.lang.String plaintext,
boolean local,
boolean noWizards)
This method is used to set the password for this field, crypting it in various ways if this password field is stored crypted.
public ReturnVal setCryptPass(java.lang.String text)
This method is used to set a pre-crypted password for this field.
This method will return an error dialog if this field does not store passwords in UNIX crypted format.
Because the UNIX crypt() hashing is not reversible, any MD5 and plain text password information stored in this field will be lost.
setCryptPass in interface pass_fieldpass_field
public ReturnVal setCryptPass(java.lang.String text,
boolean local,
boolean noWizards)
This method is used to set a pre-crypted password for this field.
This method will return an error dialog if this field does not store passwords in UNIX crypted format.
Because the UNIX crypt() hashing is not reversible, any MD5 and plain text password information stored in this field will be lost.
public ReturnVal setMD5CryptedPass(java.lang.String text)
This method is used to set a pre-crypted OpenBSD-style MD5Crypt password for this field. This method will return false if this password field is not stored crypted.
setMD5CryptedPass in interface pass_fieldpass_field
public ReturnVal setMD5CryptedPass(java.lang.String text,
boolean local,
boolean noWizards)
This method is used to set a pre-crypted OpenBSD-style MD5Crypt password for this field. This method will return false if this password field is not stored crypted.
public ReturnVal setWinCryptedPass(java.lang.String LANMAN,
java.lang.String NTUnicodeMD4)
This method is used to set a pre-crypted OpenBSD-style MD5Crypt password for this field. This method will return false if this password field is not stored crypted.
setWinCryptedPass in interface pass_fieldpass_field
public ReturnVal setWinCryptedPass(java.lang.String LANMAN,
java.lang.String NTUnicodeMD4,
boolean local,
boolean noWizards)
This method is used to set a pre-crypted OpenBSD-style MD5Crypt password for this field. This method will return false if this password field is not stored crypted.
public boolean verifyTypeMatch(java.lang.Object o)
DBFieldverifyTypeMatch in class DBFieldpublic ReturnVal verifyNewValue(java.lang.Object o)
verifyNewValue in class DBField
|
|||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||