From 756ae1e3e91a17d5f35107580fdb8f2978ade5b6 Mon Sep 17 00:00:00 2001
From: eitch <eitch@b4757028-c133-0410-b46f-93a16e12d406>
Date: Mon, 31 May 2010 21:44:15 +0000
Subject: [PATCH]

---
 config/PrivilegeContainer.xml                 |  2 +-
 config/PrivilegeRoles.xml                     |  6 +-
 config/PrivilegeUsers.xml                     | 12 ++--
 .../eitchnet/privilege/base/XmlConstants.java | 16 ++---
 .../handler/DefaultEncryptionHandler.java     | 36 ++++-------
 .../handler/DefaultSessionHandler.java        |  9 ++-
 .../privilege/helper/EncryptionHelper.java    | 47 +++++++++++++++
 .../privilege/helper/PasswordCreator.java     | 54 +++++++++++++++++
 .../helper/TestConfigurationHelper.java       | 59 +++++++++++++++++++
 .../eitchnet/privilege/helper/XmlHelper.java  |  2 +-
 10 files changed, 196 insertions(+), 47 deletions(-)
 create mode 100644 src/ch/eitchnet/privilege/helper/EncryptionHelper.java
 create mode 100644 src/ch/eitchnet/privilege/helper/PasswordCreator.java
 create mode 100644 src/ch/eitchnet/privilege/helper/TestConfigurationHelper.java

diff --git a/config/PrivilegeContainer.xml b/config/PrivilegeContainer.xml
index c2b5beab8..547e13e78 100644
--- a/config/PrivilegeContainer.xml
+++ b/config/PrivilegeContainer.xml
@@ -9,7 +9,7 @@
 	</SessionHandler>
 	<EncryptionHandler class="ch.eitchnet.privilege.handler.DefaultEncryptionHandler">
 		<Parameters>
-			<Parameter name="hashAlgorithm" value="SHA-1" />
+			<Parameter name="hashAlgorithm" value="SHA-256" />
 		</Parameters>
 	</EncryptionHandler>
 	<PolicyHandler class="ch.eitchnet.privilege.handler.DefaultPolicyHandler">
diff --git a/config/PrivilegeRoles.xml b/config/PrivilegeRoles.xml
index 49ea61ef9..dab3a4382 100644
--- a/config/PrivilegeRoles.xml
+++ b/config/PrivilegeRoles.xml
@@ -3,9 +3,9 @@
 
 	<Role name="admin">
 		<Privilege name="Service" policy="DefaultRestriction">
-			<allAllowed>true</allAllowed>
-			<deny></deny>
-			<allow></allow>
+			<AllAllowed>true</AllAllowed>
+			<Deny></Deny>
+			<Allow></Allow>
 		</Privilege>
 	</Role>
 
diff --git a/config/PrivilegeUsers.xml b/config/PrivilegeUsers.xml
index e215250cd..b9e54eb55 100644
--- a/config/PrivilegeUsers.xml
+++ b/config/PrivilegeUsers.xml
@@ -1,13 +1,13 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <PrivilegesUsers>
 
-	<User username="eitch" password="adc83b19e793491b1c6ea0fd8b46cd9f32e592fc">
-		<firstname>Robert</firstname>
-		<surname>von Burg</surname>
-		<state>NEW</state>
-		<locale>en_GB</locale>
+	<User username="eitch" password="4d3827bc9c98f96af0d04145fd0d538bec08adf7f8103d91bf52cc53a6c0d4c6">
+		<Firstname>Robert</Firstname>
+		<Surname>von Burg</Surname>
+		<State>ENABLED</State>
+		<Locale>en_GB</Locale>
 		<Roles>
-			<role>admin</role>
+			<Role>admin</Role>
 		</Roles>
 	</User>
 
diff --git a/src/ch/eitchnet/privilege/base/XmlConstants.java b/src/ch/eitchnet/privilege/base/XmlConstants.java
index a5cee78dc..c98317907 100644
--- a/src/ch/eitchnet/privilege/base/XmlConstants.java
+++ b/src/ch/eitchnet/privilege/base/XmlConstants.java
@@ -20,18 +20,18 @@ public class XmlConstants {
 	public static final String XML_HANDLER_POLICY = "PolicyHandler";
 
 	public static final String XML_ROLES = "Roles";
-	public static final String XML_ROLE = "role";
+	public static final String XML_ROLE = "Role";
 	public static final String XML_USER = "User";
 	public static final String XML_PRIVILEGE = "Privilege";
 	public static final String XML_POLICY = "Policy";
 	public static final String XML_PARAMETERS = "Parameters";
-	public static final String XML_ALL_ALLOWED = "allAllowed";
-	public static final String XML_DENY = "deny";
-	public static final String XML_ALLOW = "allow";
-	public static final String XML_FIRSTNAME = "firstname";
-	public static final String XML_SURNAME = "surname";
-	public static final String XML_STATE = "state";
-	public static final String XML_LOCALE = "locale";
+	public static final String XML_ALL_ALLOWED = "AllAllowed";
+	public static final String XML_DENY = "Deny";
+	public static final String XML_ALLOW = "Allow";
+	public static final String XML_FIRSTNAME = "Firstname";
+	public static final String XML_SURNAME = "Surname";
+	public static final String XML_STATE = "State";
+	public static final String XML_LOCALE = "Locale";
 
 	public static final String XML_ATTR_CLASS = "class";
 	public static final String XML_ATTR_NAME = "name";
diff --git a/src/ch/eitchnet/privilege/handler/DefaultEncryptionHandler.java b/src/ch/eitchnet/privilege/handler/DefaultEncryptionHandler.java
index 2810ef699..8cb679885 100644
--- a/src/ch/eitchnet/privilege/handler/DefaultEncryptionHandler.java
+++ b/src/ch/eitchnet/privilege/handler/DefaultEncryptionHandler.java
@@ -11,8 +11,6 @@
 package ch.eitchnet.privilege.handler;
 
 import java.io.UnsupportedEncodingException;
-import java.math.BigInteger;
-import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.util.Map;
@@ -22,6 +20,7 @@ import org.dom4j.Element;
 
 import ch.eitchnet.privilege.base.XmlConstants;
 import ch.eitchnet.privilege.helper.ConfigurationHelper;
+import ch.eitchnet.privilege.helper.EncryptionHelper;
 import ch.eitchnet.privilege.i18n.PrivilegeException;
 
 /**
@@ -31,14 +30,8 @@ import ch.eitchnet.privilege.i18n.PrivilegeException;
 public class DefaultEncryptionHandler implements EncryptionHandler {
 	private static final Logger logger = Logger.getLogger(DefaultEncryptionHandler.class);
 
-	public String hashAlgorithm;
-
-	/**
-	 * Hex char table for fast calculating of hex value
-	 */
-	private static final byte[] HEX_CHAR_TABLE = { (byte) '0', (byte) '1', (byte) '2', (byte) '3', (byte) '4',
-			(byte) '5', (byte) '6', (byte) '7', (byte) '8', (byte) '9', (byte) 'a', (byte) 'b', (byte) 'c', (byte) 'd',
-			(byte) 'e', (byte) 'f' };
+	private SecureRandom secureRandom;
+	private String hashAlgorithm;
 
 	/**
 	 * @see ch.eitchnet.privilege.handler.EncryptionHandler#convertToHash(java.lang.String)
@@ -47,19 +40,7 @@ public class DefaultEncryptionHandler implements EncryptionHandler {
 	public String convertToHash(String string) {
 		try {
 
-			MessageDigest digest = MessageDigest.getInstance(hashAlgorithm);
-			byte[] hashArray = digest.digest(string.getBytes());
-
-			byte[] hex = new byte[2 * hashArray.length];
-			int index = 0;
-
-			for (byte b : hashArray) {
-				int v = b & 0xFF;
-				hex[index++] = HEX_CHAR_TABLE[v >>> 4];
-				hex[index++] = HEX_CHAR_TABLE[v & 0xF];
-			}
-
-			return new String(hex, "ASCII");
+			return EncryptionHelper.encryptString(hashAlgorithm, string);
 
 		} catch (NoSuchAlgorithmException e) {
 			throw new PrivilegeException("Algorithm " + hashAlgorithm + " was not found!", e);
@@ -73,9 +54,10 @@ public class DefaultEncryptionHandler implements EncryptionHandler {
 	 */
 	@Override
 	public String nextToken() {
-		SecureRandom secureRandom = new SecureRandom();
-		String randomString = new BigInteger(130, secureRandom).toString(32);
-		logger.info("Token: " + randomString); // XXX remove this line after testing!!!
+		byte[] bytes = new byte[16];
+		secureRandom.nextBytes(bytes);
+		String randomString = new String(bytes);
+		//String randomString = new BigInteger(80, secureRandom).toString(32); // 80 big integer bits = 16 chars
 		return randomString;
 	}
 
@@ -84,6 +66,8 @@ public class DefaultEncryptionHandler implements EncryptionHandler {
 	 */
 	public void initialize(Element element) {
 
+		secureRandom = new SecureRandom();
+
 		// get parameters
 		Element parameterElement = element.element(XmlConstants.XML_PARAMETERS);
 		Map<String, String> parameterMap = ConfigurationHelper.convertToParameterMap(parameterElement);
diff --git a/src/ch/eitchnet/privilege/handler/DefaultSessionHandler.java b/src/ch/eitchnet/privilege/handler/DefaultSessionHandler.java
index 714fddc43..7452e71ba 100644
--- a/src/ch/eitchnet/privilege/handler/DefaultSessionHandler.java
+++ b/src/ch/eitchnet/privilege/handler/DefaultSessionHandler.java
@@ -184,6 +184,11 @@ public class DefaultSessionHandler implements SessionHandler {
 	 */
 	public void initialize(Element element) {
 
+		lastSessionId = 0l;
+		roleMap = new HashMap<String, Role>();
+		userMap = new HashMap<String, User>();
+		sessionMap = new HashMap<String, CertificateSessionPair>();
+
 		// get parameters
 		Element parameterElement = element.element(XmlConstants.XML_PARAMETERS);
 		Map<String, String> parameterMap = ConfigurationHelper.convertToParameterMap(parameterElement);
@@ -259,8 +264,8 @@ public class DefaultSessionHandler implements SessionHandler {
 			List<String> roleList = new LinkedList<String>();
 			for (Element roleElement : rolesElementList) {
 				String roleName = roleElement.getTextTrim();
-				if (roleList.isEmpty()) {
-					logger.warn("User " + username + " has an role defined with empty name, Skipped.");
+				if (roleName.isEmpty()) {
+					logger.warn("User " + username + " has a role defined with no name, Skipped.");
 				} else {
 					roleList.add(roleName);
 				}
diff --git a/src/ch/eitchnet/privilege/helper/EncryptionHelper.java b/src/ch/eitchnet/privilege/helper/EncryptionHelper.java
new file mode 100644
index 000000000..afc52c1f2
--- /dev/null
+++ b/src/ch/eitchnet/privilege/helper/EncryptionHelper.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2010
+ * 
+ * Robert von Burg
+ * eitch@eitchnet.ch
+ * 
+ * All rights reserved.
+ * 
+ */
+
+package ch.eitchnet.privilege.helper;
+
+import java.io.UnsupportedEncodingException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * @author rvonburg
+ * 
+ */
+public class EncryptionHelper {
+
+	/**
+	 * Hex char table for fast calculating of hex value
+	 */
+	private static final byte[] HEX_CHAR_TABLE = { (byte) '0', (byte) '1', (byte) '2', (byte) '3', (byte) '4',
+			(byte) '5', (byte) '6', (byte) '7', (byte) '8', (byte) '9', (byte) 'a', (byte) 'b', (byte) 'c', (byte) 'd',
+			(byte) 'e', (byte) 'f' };
+
+	public static String encryptString(String hashAlgorithm, String string) throws NoSuchAlgorithmException,
+			UnsupportedEncodingException {
+
+		MessageDigest digest = MessageDigest.getInstance(hashAlgorithm);
+		byte[] hashArray = digest.digest(string.getBytes());
+
+		byte[] hex = new byte[2 * hashArray.length];
+		int index = 0;
+
+		for (byte b : hashArray) {
+			int v = b & 0xFF;
+			hex[index++] = HEX_CHAR_TABLE[v >>> 4];
+			hex[index++] = HEX_CHAR_TABLE[v & 0xF];
+		}
+
+		return new String(hex, "ASCII");
+	}
+}
diff --git a/src/ch/eitchnet/privilege/helper/PasswordCreator.java b/src/ch/eitchnet/privilege/helper/PasswordCreator.java
new file mode 100644
index 000000000..77b4cf677
--- /dev/null
+++ b/src/ch/eitchnet/privilege/helper/PasswordCreator.java
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2010
+ * 
+ * Robert von Burg
+ * eitch@eitchnet.ch
+ * 
+ * All rights reserved.
+ * 
+ */
+
+package ch.eitchnet.privilege.helper;
+
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+import java.security.MessageDigest;
+
+/**
+ * @author rvonburg
+ * 
+ */
+public class PasswordCreator {
+
+	/**
+	 * @param args
+	 */
+	public static void main(String[] args) throws Exception {
+
+		BufferedReader r = new BufferedReader(new InputStreamReader(System.in));
+
+		String hashAlgorithm = null;
+		while (hashAlgorithm == null) {
+			System.out.print("Hash Algorithm [SHA-256]: ");
+			String readLine = r.readLine().trim();
+
+			if (readLine.isEmpty()) {
+				hashAlgorithm = "SHA-256";
+			} else {
+
+				try {
+					MessageDigest.getInstance(readLine);
+					hashAlgorithm = readLine;
+				} catch (Exception e) {
+					System.out.println(e.getLocalizedMessage());
+					hashAlgorithm = null;
+				}
+			}
+		}
+
+		System.out.print("Password: ");
+		String password = r.readLine();
+		System.out.print("Hash is: " + EncryptionHelper.encryptString(hashAlgorithm, password));
+	}
+
+}
diff --git a/src/ch/eitchnet/privilege/helper/TestConfigurationHelper.java b/src/ch/eitchnet/privilege/helper/TestConfigurationHelper.java
new file mode 100644
index 000000000..ff384bb7c
--- /dev/null
+++ b/src/ch/eitchnet/privilege/helper/TestConfigurationHelper.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2010
+ * 
+ * Robert von Burg
+ * eitch@eitchnet.ch
+ * 
+ * All rights reserved.
+ * 
+ */
+
+package ch.eitchnet.privilege.helper;
+
+import java.io.File;
+
+import org.apache.log4j.BasicConfigurator;
+import org.apache.log4j.ConsoleAppender;
+import org.apache.log4j.Level;
+import org.apache.log4j.Logger;
+import org.apache.log4j.PatternLayout;
+
+import ch.eitchnet.privilege.base.PrivilegeContainer;
+import ch.eitchnet.privilege.model.Certificate;
+
+/**
+ * @author rvonburg
+ * 
+ */
+public class TestConfigurationHelper {
+	private static final Logger logger = Logger.getLogger(TestConfigurationHelper.class);
+
+	/**
+	 * @param args
+	 */
+	public static void main(String[] args) {
+		BasicConfigurator.resetConfiguration();
+		BasicConfigurator.configure(new ConsoleAppender(new PatternLayout("%d %5p [%t] %C{1} %M - %m%n")));
+		Logger.getRootLogger().setLevel(Level.INFO);
+
+		// initialize container
+		String pwd = System.getProperty("user.dir");
+		File privilegeContainerXml = new File(pwd + "/config/PrivilegeContainer.xml");
+		PrivilegeContainer.getInstance().initialize(privilegeContainerXml);
+
+		for (int i = 0; i < 10; i++) {
+			// let's authenticate a session
+			auth("eitch", "592038");
+		}
+	}
+
+	/**
+	 * 
+	 */
+	private static void auth(String username, String password) {
+		long start = System.currentTimeMillis();
+		Certificate certificate = PrivilegeContainer.getInstance().getSessionHandler().authenticate(username, password);
+		logger.info("Auth took " + (System.currentTimeMillis() - start));
+		logger.info("Authenticated with certificate: " + certificate);
+	}
+}
diff --git a/src/ch/eitchnet/privilege/helper/XmlHelper.java b/src/ch/eitchnet/privilege/helper/XmlHelper.java
index 3a8f2d4b4..693cfee3b 100644
--- a/src/ch/eitchnet/privilege/helper/XmlHelper.java
+++ b/src/ch/eitchnet/privilege/helper/XmlHelper.java
@@ -38,7 +38,7 @@ public class XmlHelper {
 			SAXReader reader = new SAXReader();
 			Document document = reader.read(inStream);
 
-			logger.info("Read Xml document " + document.getName());
+			logger.info("Read Xml document " + document.getRootElement().getName());
 			return document;
 
 		} catch (FileNotFoundException e) {