Commit 784e68d9 authored by God Ly's avatar God Ly Committed by it2000

OF-401 - addes sha-256 and sha-512 to JDBCAuthProvider and documentation

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@11902 b35dd754-fafc-0310-a699-88a17e54d16e
parent 2757056a
......@@ -105,10 +105,12 @@
<li>jdbcAuthProvider.passwordSQL -- the SQL String to select a user's password. The SQL
statement should contain a single "?" character, which will be dynamically replaced with
a username when being executed.</li>
<li>jdbcAuthProvider.passwordType -- the type of the password. Valid values are "plain" (the
password is stored as plain text), "md5" (the password is stored as a hex-encoded MD5 hash)
and "sha1" (the password is stored as a hex-encoded SHA-1 hash). If this value is not set,
the password type is assumed to be plain.</li>
<li>jdbcAuthProvider.passwordType -- the type of the password. Valid values are <ul><li>"plain" (the password is stored as plain text)</li>
<li>"md5" (the password is stored as a hex-encoded MD5 hash)</li>
<li>"sha1" (the password is stored as a hex-encoded SHA-1 hash)</li>
<li>"sha256" (the password is stored as a hex-encoded SHA-256 hash)</li>
<li>"sha512" (the password is stored as a hex-encoded SHA-512 hash)</li></ul>
If this value is not set, the password type is assumed to be plain.</li>
</ul>
<p>
......
......@@ -69,6 +69,8 @@ import org.slf4j.LoggerFactory;
* <li>{@link PasswordType#plain plain}
* <li>{@link PasswordType#md5 md5}
* <li>{@link PasswordType#sha1 sha1}
* <li>{@link PasswordType#sha256 sha256}
* <li>{@link PasswordType#sha512 sha512}
* </ul>
*
* @author David Snopek
......@@ -159,6 +161,12 @@ public class JDBCAuthProvider implements AuthProvider {
else if (passwordType == PasswordType.sha1) {
password = StringUtils.hash(password, "SHA-1");
}
else if (passwordType == PasswordType.sha256) {
password = StringUtils.hash(password, "SHA-256");
}
else if (passwordType == PasswordType.sha512) {
password = StringUtils.hash(password, "SHA-512");
}
if (!password.equals(userPassword)) {
throw new UnauthorizedException();
}
......@@ -328,6 +336,12 @@ public class JDBCAuthProvider implements AuthProvider {
else if (passwordType == PasswordType.sha1) {
password = StringUtils.hash(password, "SHA-1");
}
else if (passwordType == PasswordType.sha256) {
password = StringUtils.hash(password, "SHA-256");
}
else if (passwordType == PasswordType.sha512) {
password = StringUtils.hash(password, "SHA-512");
}
pstmt.setString(1, password);
pstmt.executeQuery();
}
......@@ -360,7 +374,17 @@ public class JDBCAuthProvider implements AuthProvider {
/**
* The password is stored as a hex-encoded SHA-1 hash.
*/
sha1;
sha1,
/**
* The password is stored as a hex-encoded SHA-256 hash.
*/
sha256,
/**
* The password is stored as a hex-encoded SHA-512 hash.
*/
sha512;
}
/**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment