View Javadoc
1   package org.apache.fulcrum.security.authenticator;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  import org.apache.avalon.framework.logger.AbstractLogEnabled;
22  import org.apache.fulcrum.security.entity.User;
23  import org.apache.fulcrum.security.util.DataBackendException;
24  
25  /**
26   * This class authenticates by doing a plain text match of the user's passwords.
27   * Very insecure!
28   * 
29   * avalon.component name="textmatch-authenticator" avalon.service
30   * type="org.apache.fulcrum.security.authenticator.Authenticator"
31   *
32   * @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
33   * @version $Id$
34   * 
35   */
36  public class TextMatchAuthenticator extends AbstractLogEnabled implements Authenticator {
37  	/**
38  	 * Authenticate an username with the specified password. Returns true if the
39  	 * user password plain text matches the passed in password.
40  	 *
41  	 * @param user     object
42  	 * @param password the user supplied password.
43  	 * @exception DataBackendException if there is a problem accessing the storage.
44  	 */
45  	@Override
46  	public boolean authenticate(User user, String password) throws DataBackendException {
47  		if (user == null) {
48  			return false;
49  		}
50  
51  		String referenced = user.getPassword() == null ? "" : user.getPassword().trim();
52  		String tested = password == null ? "" : password.trim();
53  		return referenced.equals(tested);
54  	}
55  }