Import hashed password directly for Jackrabbit users.

git-svn-id: https://svn.argeo.org/commons/trunk@7974 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/useradmin/jackrabbit/JackrabbitUserAdminService.java b/org.argeo.cms/src/org/argeo/cms/internal/useradmin/jackrabbit/JackrabbitUserAdminService.java
index 6b73a3e19af4e182fda24d06aeac4d9b56927a81..983f8e4078529479958a90dcdbd8b547596c6a17 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/internal/useradmin/jackrabbit/JackrabbitUserAdminService.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/useradmin/jackrabbit/JackrabbitUserAdminService.java
@@ -12,6 +12,7 @@ import javax.jcr.Repository;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 import javax.jcr.SimpleCredentials;
+import javax.jcr.Value;
 import javax.jcr.version.VersionManager;
 
 import org.apache.jackrabbit.api.JackrabbitSession;
@@ -51,6 +52,7 @@ public class JackrabbitUserAdminService implements UserAdminService,
                AuthenticationProvider {
        private final static String JACKR_ADMINISTRATORS = "administrators";
        private final static String REP_PRINCIPAL_NAME = "rep:principalName";
+       private final static String REP_PASSWORD = "rep:password";
 
        private Repository repository;
        private JcrSecurityModel securityModel;
@@ -117,20 +119,29 @@ public class JackrabbitUserAdminService implements UserAdminService,
        @Override
        public void updateUser(UserDetails userDetails) {
                try {
-                       User user = (User) getUserManager().getAuthorizable(
-                                       userDetails.getUsername());
+                       String username = userDetails.getUsername();
+                       User user = (User) getUserManager().getAuthorizable(username);
                        if (user == null)
                                throw new ArgeoException("No user " + userDetails.getUsername());
 
                        // new password
                        String newPassword = userDetails.getPassword();
                        if (!newPassword.trim().equals("")) {
-                               SimpleCredentials sp = new SimpleCredentials(
-                                               userDetails.getUsername(), newPassword.toCharArray());
-                               CryptedSimpleCredentials credentials = (CryptedSimpleCredentials) user
-                                               .getCredentials();
-                               if (!credentials.matches(sp))
-                                       user.changePassword(new String(newPassword));
+                               if (newPassword.startsWith("{SHA-256}")) {
+                                       // Already hashed password                                      
+                                       Value v = adminSession.getValueFactory().createValue(
+                                                       newPassword);
+                                       user.setProperty(REP_PASSWORD, v);
+                               } else {
+                                       SimpleCredentials sp = new SimpleCredentials(
+                                                       userDetails.getUsername(),
+                                                       newPassword.toCharArray());
+                                       CryptedSimpleCredentials credentials = (CryptedSimpleCredentials) user
+                                                       .getCredentials();
+
+                                       if (!credentials.matches(sp))
+                                               user.changePassword(new String(newPassword));
+                               }
                        }
 
                        List<String> roles = new ArrayList<String>();