building login module
Hi!
I have a project to do in networking security. One of the moduls is building a secured login system. It suppose to be on same level like unix works. Encrypting 0 with DES like 25 times using salt+password and storing it with the username.
Now we didn't learn anything about security in java, so can you help me please. Is there some already existing classes or code samples for doing login, or maybe des function.
Every help will be appriciated! If somthing is unclear please ask.
Thanx.
[524 byte] By [
supermaxa] at [2007-10-2 21:40:01]
Use javax.security.auth.callback.CallbackHandler. It can be used for Swing or/and HTML authorization of SSL or KeyStore (file or Smart Card).
For example I have the following file which implements this interface:
package com.cosmos.security;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import java.awt.Component;
import javax.swing.JOptionPane;
import javax.swing.JPasswordField;
import javax.swing.ImageIcon;
import javax.swing.JDialog;
import java.util.Locale;
import java.util.Properties;
import java.net.URL;
import java.io.InputStream;
public class PasswordCallbackHandler
implements CallbackHandler
{
static final String OK_KEY = "OK";
static final String CANCEL_KEY = "Cancel";
static final String ICON_PATH = "Icon_Path";
static final Properties defaultProperties = new Properties();
static
{
defaultProperties.setProperty(OK_KEY, OK_KEY);
defaultProperties.setProperty(CANCEL_KEY, CANCEL_KEY);
}
Component parentComponent;
String title;
Locale locale;
Properties properties = null;
ImageIcon icon = null;
private char password[];
public PasswordCallbackHandler()
{
this(null, "Въвеждане на PIN", null);
}
public PasswordCallbackHandler(Component parentComponent, String title, Locale locale)
{
this.parentComponent = parentComponent;
this.locale = locale;
this.title = title;
getProperties();
}
public Properties getProperties()
{
if(properties == null)
{
String bundleName = this.getClass().getName();
String resName = bundleName.replace('.', '/') + ".properties";
properties = new Properties(defaultProperties);
try
{
InputStream inStream = ClassLoader.getSystemResourceAsStream(resName);
if(inStream != null)
properties.load(inStream);
}
catch(Exception ex)
{
ex.printStackTrace();
}
}
return properties;
}
public String getProperty(String propertyName)
{
return getProperties().getProperty(propertyName);
}
public String getProperty(String propertyName, String defaultValue)
{
return getProperties().getProperty(propertyName, defaultValue);
}
public ImageIcon getIcon()
{
if(icon == null)
{
String iconFileName = getProperty(ICON_PATH, "SystemLogo-eCS.gif");
URL imageURL = ClassLoader.getSystemResource(iconFileName);
if(imageURL == null)
{
try
{
icon = new ImageIcon(iconFileName);
}
catch(Exception ex)
{
ex.printStackTrace();
}
}
else
icon = new ImageIcon(imageURL);
}
return icon;
}
public void handle(Callback[] callbacks)
throws UnsupportedCallbackException
{
Object message = null;
PasswordCallback passCB = null;
JPasswordField passField = new JPasswordField();
for(int i = 0; i < callbacks.length; i++)
{
if(callbacks instanceof PasswordCallback)
{
passCB = (PasswordCallback)callbacks;
message = new Object[] {passCB.getPrompt(), passField};
}
else
{
throw new UnsupportedCallbackException(
callbacks, "Unrecognized Callback");
}
}
Object options[] =
{
getProperty(OK_KEY), getProperty(CANCEL_KEY)};
int messageType = JOptionPane.QUESTION_MESSAGE;
JOptionPane pane = new JOptionPane(message, messageType,
JOptionPane.OK_CANCEL_OPTION, getIcon(),
options, options[0]);
pane.setComponentOrientation(JOptionPane.getRootFrame().getComponentOrientation());
JDialog dialog = pane.createDialog(parentComponent, title);
passField.requestFocus();
dialog.setVisible(true);
dialog.dispose();
Object value = pane.getValue();
if(value != null && options[0].equals(value) && passCB != null)
{
password = passField.getPassword();
passCB.setPassword(password);
}
}
public char[] getPassword()
{
return password;
}
}
