OF-401 - addes sha-256 and sha-512 to JDBCAuthProvider and documentation

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@11902 b35dd754-fafc-0310-a699-88a17e54d16e

documentation/docs/db-integration-guide.html

@@ -105,10 +105,12 @@
     <li>jdbcAuthProvider.passwordSQL -- the SQL String to select a user's password. The SQL
         statement should contain a single "?" character, which will be dynamically replaced with
         a username when being executed.</li>
-    <li>jdbcAuthProvider.passwordType -- the type of the password. Valid values are "plain" (the
-        password is stored as plain text), "md5" (the password is stored as a hex-encoded MD5 hash)
-        and "sha1" (the password is stored as a hex-encoded SHA-1 hash). If this value is not set,
-        the password type is assumed to be plain.</li>
+    <li>jdbcAuthProvider.passwordType -- the type of the password. Valid values are <ul><li>"plain" (the password is stored as plain text)</li>
+	 <li>"md5" (the password is stored as a hex-encoded MD5 hash)</li>
+    <li>"sha1" (the password is stored as a hex-encoded SHA-1 hash)</li>
+    <li>"sha256" (the password is stored as a hex-encoded SHA-256 hash)</li>
+    <li>"sha512" (the password is stored as a hex-encoded SHA-512 hash)</li></ul>
+	 If this value is not set, the password type is assumed to be plain.</li>
 </ul>
 
 <p>

src/java/org/jivesoftware/openfire/auth/JDBCAuthProvider.java

@@ -69,6 +69,8 @@ import org.slf4j.LoggerFactory;
  *      <li>{@link PasswordType#plain plain}
  *      <li>{@link PasswordType#md5 md5}
  *      <li>{@link PasswordType#sha1 sha1}
+ *      <li>{@link PasswordType#sha256 sha256}
+ *      <li>{@link PasswordType#sha512 sha512}
  *  </ul>
  *
  * @author David Snopek
@@ -159,6 +161,12 @@ public class JDBCAuthProvider implements AuthProvider {
         else if (passwordType == PasswordType.sha1) {
             password = StringUtils.hash(password, "SHA-1");
         }
+        else if (passwordType == PasswordType.sha256) {
+            password = StringUtils.hash(password, "SHA-256");
+        }
+        else if (passwordType == PasswordType.sha512) {
+            password = StringUtils.hash(password, "SHA-512");
+        }
         if (!password.equals(userPassword)) {
             throw new UnauthorizedException();
         }
@@ -328,6 +336,12 @@ public class JDBCAuthProvider implements AuthProvider {
             else if (passwordType == PasswordType.sha1) {
                 password = StringUtils.hash(password, "SHA-1");
             }
+            else if (passwordType == PasswordType.sha256) {
+                password = StringUtils.hash(password, "SHA-256");
+            }
+            else if (passwordType == PasswordType.sha512) {
+                password = StringUtils.hash(password, "SHA-512");
+            }
             pstmt.setString(1, password);
             pstmt.executeQuery();
         }
@@ -360,8 +374,18 @@ public class JDBCAuthProvider implements AuthProvider {
         /**
          * The password is stored as a hex-encoded SHA-1 hash.
          */
-        sha1;
-    }
+        sha1,
+        
+        /**
+         * The password is stored as a hex-encoded SHA-256 hash.
+         */
+        sha256,
+              
+        /**
+          * The password is stored as a hex-encoded SHA-512 hash.
+          */
+        sha512;
+   }
 
     /**
      * Checks to see if the user exists; if not, a new user is created.