From: Mathieu Baudier <mbaudier@argeo.org>
Date: Fri, 27 Feb 2015 10:14:37 +0000 (+0000)
Subject: Import hashed password directly for Jackrabbit users.
X-Git-Tag: argeo-commons-2.1.30~310
X-Git-Url: http://git.argeo.org/?a=commitdiff_plain;h=b0e0bd5cf868321306cdb47697e7d623d6cd466d;p=lgpl%2Fargeo-commons.git

Import hashed password directly for Jackrabbit users.

git-svn-id: https://svn.argeo.org/commons/trunk@7974 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc
---

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/useradmin/jackrabbit/JackrabbitUserAdminService.java b/org.argeo.cms/src/org/argeo/cms/internal/useradmin/jackrabbit/JackrabbitUserAdminService.java
index 6b73a3e19..983f8e407 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/useradmin/jackrabbit/JackrabbitUserAdminService.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/useradmin/jackrabbit/JackrabbitUserAdminService.java
@@ -12,6 +12,7 @@ import javax.jcr.Repository;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 import javax.jcr.SimpleCredentials;
+import javax.jcr.Value;
 import javax.jcr.version.VersionManager;
 
 import org.apache.jackrabbit.api.JackrabbitSession;
@@ -51,6 +52,7 @@ public class JackrabbitUserAdminService implements UserAdminService,
 		AuthenticationProvider {
 	private final static String JACKR_ADMINISTRATORS = "administrators";
 	private final static String REP_PRINCIPAL_NAME = "rep:principalName";
+	private final static String REP_PASSWORD = "rep:password";
 
 	private Repository repository;
 	private JcrSecurityModel securityModel;
@@ -117,20 +119,29 @@ public class JackrabbitUserAdminService implements UserAdminService,
 	@Override
 	public void updateUser(UserDetails userDetails) {
 		try {
-			User user = (User) getUserManager().getAuthorizable(
-					userDetails.getUsername());
+			String username = userDetails.getUsername();
+			User user = (User) getUserManager().getAuthorizable(username);
 			if (user == null)
 				throw new ArgeoException("No user " + userDetails.getUsername());
 
 			// new password
 			String newPassword = userDetails.getPassword();
 			if (!newPassword.trim().equals("")) {
-				SimpleCredentials sp = new SimpleCredentials(
-						userDetails.getUsername(), newPassword.toCharArray());
-				CryptedSimpleCredentials credentials = (CryptedSimpleCredentials) user
-						.getCredentials();
-				if (!credentials.matches(sp))
-					user.changePassword(new String(newPassword));
+				if (newPassword.startsWith("{SHA-256}")) {
+					// Already hashed password					
+					Value v = adminSession.getValueFactory().createValue(
+							newPassword);
+					user.setProperty(REP_PASSWORD, v);
+				} else {
+					SimpleCredentials sp = new SimpleCredentials(
+							userDetails.getUsername(),
+							newPassword.toCharArray());
+					CryptedSimpleCredentials credentials = (CryptedSimpleCredentials) user
+							.getCredentials();
+
+					if (!credentials.matches(sp))
+						user.changePassword(new String(newPassword));
+				}
 			}
 
 			List<String> roles = new ArrayList<String>();