/* * The contents of this file are subject to the terms of the Common Development and * Distribution License (the License). You may not use this file except in compliance with the * License. * * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the * specific language governing permission and limitations under the License. * * When distributing Covered Software, include this CDDL Header Notice in each file and include * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL * Header, with the fields enclosed by brackets [] replaced by your own identifying * information: "Portions Copyright [year] [name of copyright owner]". * * Copyright 2006-2008 Sun Microsystems, Inc. * Portions Copyright 2014-2016 ForgeRock AS. */ package org.opends.server.extensions; import org.forgerock.i18n.LocalizableMessage; import org.forgerock.opendj.server.config.server.ClearPasswordStorageSchemeCfg; import org.opends.server.api.PasswordStorageScheme; import org.forgerock.opendj.config.server.ConfigException; import org.opends.server.types.*; import org.forgerock.opendj.ldap.ResultCode; import org.forgerock.opendj.ldap.ByteString; import org.forgerock.opendj.ldap.ByteSequence; import static org.opends.messages.ExtensionMessages.*; import static org.opends.server.extensions.ExtensionsConstants.*; /** * This class defines a Directory Server password storage scheme that will store * the values in clear-text with no encoding at all. This is not at all secure * but may be required for backward-compatibility and support for certain legacy * applications. */ public class ClearPasswordStorageScheme extends PasswordStorageScheme { /** * Creates a new instance of this password storage scheme. Note that no * initialization should be performed here, as all initialization should be * done in the initializePasswordStorageScheme method. */ public ClearPasswordStorageScheme() { super(); } @Override public void initializePasswordStorageScheme( ClearPasswordStorageSchemeCfg configuration) throws ConfigException, InitializationException { // No initialization is required. } @Override public String getStorageSchemeName() { return STORAGE_SCHEME_NAME_CLEAR; } @Override public ByteString encodePassword(ByteSequence plaintext) throws DirectoryException { return plaintext.toByteString(); } @Override public ByteString encodePasswordWithScheme(ByteSequence plaintext) throws DirectoryException { StringBuilder buffer = new StringBuilder(); buffer.append('{'); buffer.append(STORAGE_SCHEME_NAME_CLEAR); buffer.append('}'); buffer.append(plaintext.toString()); return ByteString.valueOfUtf8(buffer); } @Override public boolean passwordMatches(ByteSequence plaintextPassword, ByteSequence storedPassword) { return plaintextPassword.equals(storedPassword); } @Override public boolean isReversible() { return true; } @Override public ByteString getPlaintextValue(ByteSequence storedPassword) throws DirectoryException { return storedPassword.toByteString(); } @Override public boolean supportsAuthPasswordSyntax() { // This storage scheme does not support the authentication password syntax. return false; } @Override public ByteString encodeAuthPassword(ByteSequence plaintext) throws DirectoryException { LocalizableMessage message = ERR_PWSCHEME_DOES_NOT_SUPPORT_AUTH_PASSWORD.get(getStorageSchemeName()); throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, message); } @Override public boolean authPasswordMatches(ByteSequence plaintextPassword, String authInfo, String authValue) { // This storage scheme does not support the authentication password syntax. return false; } @Override public ByteString getAuthPasswordPlaintextValue(String authInfo, String authValue) throws DirectoryException { LocalizableMessage message = ERR_PWSCHEME_DOES_NOT_SUPPORT_AUTH_PASSWORD.get(getStorageSchemeName()); throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, message); } @Override public boolean isStorageSchemeSecure() { // Clear-text passwords are not obscured in any way. return false; } }