![[Contents]](FIGURE/CONTENT.GIF)
uCosminexus Application Server, Security Management Guide
![[Index]](FIGURE/INDEX.GIF)
![[Back]](FIGURE/FRONT.GIF)
![[Next]](FIGURE/AFTER.GIF)
Password authentication is possible even if passwords are not encrypted in the default encryption methods (SHA-1 or MD5) or in plain text. To provide enhanced encryption support, implementation classes must be created in advance.
This section describes the login modules that provide enhanced encryption support and the method used to implement classes for enhanced encryption support. To get an overview of enhanced encryption support, see 5.3.9 Enhanced support of authentication password encryption.
WebPasswordLoginModule and WebPasswordJDBCLoginModule provide enhanced support of authentication password encryption.
To achieve enhanced encryption support, the com.cosminexus.admin.auth.security.PasswordCryptography class must be inherited. The created class should be stored in the following directories as a class file.
The directories can be changed by the com.cosminexus.admin.auth.custom.modules option in the integrated user management configuration file (ua.conf).
The following is an example of implementation in which the byte arrays are compared in the SHA-1 format.
package my;
import com.cosminexus.admin.auth.security.PasswordCryptography;
import java.security.*;
public class CustomCryptography implements PasswordCryptography
{
public byte[] encrypt (byte[] plain) {
byte[] encryptedPassword = null;
try{
MessageDigest md = MessageDigest.getInstance("SHA");
md.update(plain);
encryptedPassword = md.digest();
} catch (NoSuchAlgorithmException e) {
encryptedPassword = plain;
}
return encryptedPassword;
}
}
|
All Rights Reserved. Copyright (C) 2013, Hitachi, Ltd