Source code

001/*
002 * $Id: SimpleLoginService.java 3475 2009-08-28 08:30:47Z kleopatra $
003 *
004 * Copyright 2004 Sun Microsystems, Inc., 4150 Network Circle,
005 * Santa Clara, California 95054, U.S.A. All rights reserved.
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 * 
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
015 * Lesser General Public License for more details.
016 * 
017 * You should have received a copy of the GNU Lesser General Public
018 * License along with this library; if not, write to the Free Software
019 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
020 */
021
022package org.jdesktop.swingx.auth;
023import java.util.Arrays;
024import java.util.HashMap;
025import java.util.Map;
026
027/**
028 * An implementation of LoginService that simply matches
029 * the username/password against a list of known users and their passwords.
030 * This is useful for demos or prototypes where a proper login server is not available.
031 *
032 * <em>This Implementation is NOT secure. DO NOT USE this in a real application</em>
033 * To make this implementation more secure, the passwords should be passed in and
034 * stored as the result of a one way hash algorithm. That way an attacker cannot 
035 * simply read the password in memory to crack into the system.
036 *
037 * @author rbair
038 */
039public final class SimpleLoginService extends LoginService {
040    private Map<String,char[]> passwordMap;
041    
042    /**
043     * Creates a new SimpleLoginService based on the given password map.
044     */
045    public SimpleLoginService(Map<String,char[]> passwordMap) {
046        if (passwordMap == null) {
047            passwordMap = new HashMap<String,char[]>();
048        }
049        this.passwordMap = passwordMap;
050    }
051
052    /**
053     * Attempts to authenticate the given username and password against the password map
054     */
055    @Override
056    public boolean authenticate(String name, char[] password, String server) throws Exception {
057        char[] p = passwordMap.get(name);
058        return Arrays.equals(password, p);
059    }
060}