ArgeoLdapUserDetailsManager.java

   1 package org.argeo.security.ldap;
   2
   3 import java.security.NoSuchAlgorithmException;
   4 import java.security.SecureRandom;
   5 import java.util.Random;
   6
   7 import org.springframework.ldap.core.ContextSource;
   8 import org.springframework.security.providers.encoding.PasswordEncoder;
   9 import org.springframework.security.userdetails.ldap.LdapUserDetailsManager;
  10
  11 /** Extends {@link LdapUserDetailsManager} by adding password encoding support. */
  12 public class ArgeoLdapUserDetailsManager extends LdapUserDetailsManager {
  13         private PasswordEncoder passwordEncoder;
  14         private final Random random;
  15
  16         public ArgeoLdapUserDetailsManager(ContextSource contextSource) {
  17                 super(contextSource);
  18                 this.random = createRandom();
  19         }
  20
  21         private static Random createRandom() {
  22                 try {
  23                         return SecureRandom.getInstance("SHA1PRNG");
  24                 } catch (NoSuchAlgorithmException e) {
  25                         return new Random(System.currentTimeMillis());
  26                 }
  27         }
  28
  29         @Override
  30         public void changePassword(String oldPassword, String newPassword) {
  31                 super.changePassword(oldPassword, encodePassword(newPassword));
  32         }
  33
  34         protected String encodePassword(String password) {
  35                 if (!password.startsWith("{")) {
  36                         byte[] salt = new byte[16];
  37                         random.nextBytes(salt);
  38                         return passwordEncoder.encodePassword(password, salt);
  39                 } else {
  40                         return password;
  41                 }
  42         }
  43
  44         public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
  45                 this.passwordEncoder = passwordEncoder;
  46         }
  47
  48 }