001
014
015 package com.liferay.portal.security.pwd;
016
017 import com.liferay.portal.PwdEncryptorException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.util.Base64;
020 import com.liferay.portal.kernel.util.GetterUtil;
021 import com.liferay.portal.kernel.util.PropsKeys;
022 import com.liferay.portal.kernel.util.StringPool;
023 import com.liferay.portal.util.PropsUtil;
024
025 import java.io.UnsupportedEncodingException;
026
027 import java.security.MessageDigest;
028 import java.security.NoSuchAlgorithmException;
029
030
033 public class PwdAuthenticator {
034
035 public static boolean authenticate(
036 String login, String clearTextPassword,
037 String currentEncryptedPassword)
038 throws PwdEncryptorException, SystemException {
039
040 String encryptedPassword = PwdEncryptor.encrypt(
041 clearTextPassword, currentEncryptedPassword);
042
043 if (currentEncryptedPassword.equals(encryptedPassword)) {
044 return true;
045 }
046 else if (GetterUtil.getBoolean(
047 PropsUtil.get(PropsKeys.AUTH_MAC_ALLOW))) {
048
049 try {
050 MessageDigest digester = MessageDigest.getInstance(
051 PropsUtil.get(PropsKeys.AUTH_MAC_ALGORITHM));
052
053 digester.update(login.getBytes(StringPool.UTF8));
054
055 String shardKey = PropsUtil.get(PropsKeys.AUTH_MAC_SHARED_KEY);
056
057 encryptedPassword = Base64.encode(
058 digester.digest(shardKey.getBytes(StringPool.UTF8)));
059
060 if (currentEncryptedPassword.equals(encryptedPassword)) {
061 return true;
062 }
063 else {
064 return false;
065 }
066 }
067 catch (NoSuchAlgorithmException nsae) {
068 throw new SystemException(nsae);
069 }
070 catch (UnsupportedEncodingException uee) {
071 throw new SystemException(uee);
072 }
073 }
074
075 return false;
076 }
077
078 }