public static String doPasswordDigest(String nonce, String created, String password) { String passwdDigest = null; try { passwdDigest = doPasswordDigest(nonce, created, password.getBytes(StandardCharsets.UTF_8)); } catch (Exception e) { LOG.debug(e.getMessage(), e); } return passwdDigest; }
protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible // authenticate the user somehow subject.getPrincipals().add(new SimplePrincipal(name)); // add roles this user is in String roleName = "Alice".equals(name) ? "developers" : "pms"; String expectedPassword = "Alice".equals(name) ? "ecilA" : UsernameToken.doPasswordDigest(nonce, created, "invalid-password"); if (!password.equals(expectedPassword)) { throw new SecurityException("Wrong Password"); } subject.getPrincipals().add(new SimpleGroup(roleName, name)); subject.setReadOnly(); return subject; }
if (hashed) { if (passwordsAreEncoded) { node.setData(doPasswordDigest(getNonce(), getCreated(), org.apache.xml.security.utils.XMLUtils.decode(pwd))); } else { node.setData(doPasswordDigest(getNonce(), getCreated(), pwd));
String passDigest; if (passwordsAreEncoded) { passDigest = UsernameToken.doPasswordDigest(nonce, createdTime, XMLUtils.decode(origPassword)); } else { passDigest = UsernameToken.doPasswordDigest(nonce, createdTime, origPassword);