1 package org.jgroups.auth; 2 3 import java.io.DataInputStream; 4 import java.io.DataOutputStream; 5 import java.io.IOException; 6 7 import org.jgroups.Message; 8 import org.jgroups.annotations.Property; 9 import org.jgroups.util.Util; 10 11 /** 12 * <p> 13 * This is an example of using a preshared token that is encrypted using an MD5/SHA hash for 14 * authentication purposes. All members of the group have to have the same string value in the 15 * JGroups config. 16 *</p> 17 * <p> 18 * Configuration parameters for this example are shown below: 19 * </p> 20 * <ul> 21 * <li>token_hash (required) = MD5(default)/SHA</li> 22 * <li>auth_value (required) = the string to encrypt</li> 23 * </ul> 24 * 25 * @see org.jgroups.auth.AuthToken 26 * @author Chris Mills 27 */ 28 public class MD5Token extends AuthToken { 29 30 @Property 31 private String auth_value = null; 32 33 @Property(name = "token_hash") 34 private String hash_type = "MD5"; 35 private static final long serialVersionUID = -5787154335375249191L; 36 MD5Token()37 public MD5Token() { 38 // need an empty constructor 39 } 40 MD5Token(String authvalue)41 public MD5Token(String authvalue) { 42 this.auth_value = hash(authvalue); 43 } 44 MD5Token(String authvalue, String hash_type)45 public MD5Token(String authvalue, String hash_type) { 46 this.auth_value = hash(authvalue); 47 this.hash_type = hash_type; 48 } 49 getHashType()50 public String getHashType() { 51 return hash_type; 52 } 53 setHashType(String hash_type)54 public void setHashType(String hash_type) { 55 this.hash_type = hash_type; 56 } 57 getAuthValue()58 public String getAuthValue() { 59 return auth_value; 60 } 61 setAuthValue(String auth_value)62 public void setAuthValue(String auth_value) { 63 this.auth_value = auth_value; 64 } 65 getName()66 public String getName() { 67 return "org.jgroups.auth.MD5Token"; 68 } 69 70 /** 71 * Called during setup to hash the auth_value string in to an MD5/SHA hash 72 * 73 * @param token 74 * the string to hash 75 * @return the hashed version of the string 76 */ hash(String token)77 private String hash(String token) { 78 // perform the hashing of the token key 79 String hashedToken = null; 80 81 if (hash_type.equalsIgnoreCase("SHA")) { 82 hashedToken = Util.sha(token); 83 } else { 84 hashedToken = Util.md5(token); 85 } 86 87 if (hashedToken == null) { 88 // failed to encrypt 89 if (log.isWarnEnabled()) { 90 log.warn("Failed to hash token - sending in clear text"); 91 } 92 return token; 93 } 94 return hashedToken; 95 } 96 authenticate(AuthToken token, Message msg)97 public boolean authenticate(AuthToken token, Message msg) { 98 99 if ((token != null) && (token instanceof MD5Token)) { 100 // Found a valid Token to authenticate against 101 MD5Token serverToken = (MD5Token) token; 102 103 if ((this.auth_value != null) && (serverToken.auth_value != null) 104 && (this.auth_value.equalsIgnoreCase(serverToken.auth_value))) { 105 // validated 106 if (log.isDebugEnabled()) { 107 log.debug("MD5Token match"); 108 } 109 return true; 110 } else { 111 // if(log.isWarnEnabled()){ 112 // log.warn("Authentication failed on MD5Token"); 113 // } 114 return false; 115 } 116 } 117 118 if (log.isWarnEnabled()) { 119 log.warn("Invalid AuthToken instance - wrong type or null"); 120 } 121 return false; 122 } 123 writeTo(DataOutputStream out)124 public void writeTo(DataOutputStream out) throws IOException { 125 if (log.isDebugEnabled()) { 126 log.debug("MD5Token writeTo()"); 127 } 128 Util.writeString(this.auth_value, out); 129 } 130 readFrom(DataInputStream in)131 public void readFrom(DataInputStream in) throws IOException, IllegalAccessException, 132 InstantiationException { 133 if (log.isDebugEnabled()) { 134 log.debug("MD5Token readFrom()"); 135 } 136 this.auth_value = Util.readString(in); 137 } 138 } 139