SDC LoginServer登錄源碼
// 創(chuàng)建 基于Jetty的 SdcHashLoginService服務(wù);
WebServerTask.getLoginService(Configuration conf, String mode){
switch (loginModule) {
case FILE:
String realm = conf.get(DIGEST_REALM_KEY, mode + REALM_POSIX_DEFAULT);
File realmFile = new File(runtimeInfo.getConfigDir(), realm + ".properties").getAbsoluteFile();
validateRealmFile(realmFile);//拼接成 $SDC_HOME/etc/form-realm.properties文件路徑
loginService = new SdcHashLoginService(realm, realmFile.getAbsolutePath());{//SdcHashLoginService的構(gòu)造函數(shù),是否可以在這里做文章;
super(name, config);{//new HashLoginService()
super()://創(chuàng)建父類AbstractLoginService的無參構(gòu)造函數(shù);
setName(name);
setConfig(config);
}
}
break;
}
}
Jetty網(wǎng)站用戶登錄時,基于MD5的驗(yàn)證功能
SecurityHandler.handle(){
if (authentication==null || authentication==Authentication.NOT_CHECKED)
authentication=authenticator==null?Authentication.UNAUTHENTICATED:authenticator.validateRequest(request, response, isAuthMandatory);{//ActivationAuthenticator.validateRequest()
Authentication authentication = authenticator.validateRequest(request, response, mandatory);{//ProxyAuthenticator.validateRequest()
return authenticator.validateRequest(req, res, mandatory);{//FormAuthenticator.validateRequest()
mandatory|=isJSecurityCheck(uri);
if (isJSecurityCheck(uri)){
final String username = request.getParameter(__J_USERNAME);
final String password = request.getParameter(__J_PASSWORD);
UserIdentity user = login(username, password, request);{//FormAuthenticator.login
UserIdentity user = super.login(username,password,request);{//LoginAuthenticator.login()
UserIdentity user = _loginService.login(username,password, request);{//AbstractLoginService.login()
if (username == null) return null;
UserPrincipal userPrincipal = loadUserInfo(username);{//HashLoginService.loadUserInfo()
UserIdentity id = _propertyUserStore.getUserIdentity(userName);
if (id != null){
return (UserPrincipal)id.getUserPrincipal();
}
}
boolean canLogin = userPrincipal != null && userPrincipal.authenticate(credentials);{//AbstractLoginService.authenticate(Object credentials)
return _credential!=null && _credential.check(credentials);{//Credential.$.MD5.check(credentials)
byte[] digest = null;
if (credentials instanceof char[])//若是字節(jié)數(shù)組,先轉(zhuǎn)換String;
credentials = new String((char[])credentials);
if (credentials instanceof Password || credentials instanceof String){//若為Password或字符串; 前端傳入即為字符串,進(jìn)入這里;
synchronized (__md5Lock){
if (__md == null)//若_md為空,則新建一個MD5
__md = MessageDigest.getInstance("MD5");//若要獲取SHA加密算法,輸入"SHA"即可;
__md.reset();{MessageDigest.reset()//更新引擎,可能之前是其他算法引擎,如MD2,MD5,SHA等;
engineReset();
state = INITIAL;
}
__md.update(credentials.toString().getBytes(StandardCharsets.ISO_8859_1));{//MessageDigest.update()
engineUpdate(input, 0, input.length);{//MessageDigest.$.Delegate.engineUpdate()
digestSpi.engineUpdate(input, offset, len);{//sun.security.MD5 -> 父類DigestBase.engineUpdate()
}
}
state = IN_PROGRESS;
}
digest = __md.digest();{//MessageDigest.$Delegate.
return digestSpi.engineDigest();{//DigestBase.engineDigest()
this.engineDigest(var1, 0, var1.length);{//DigestBase.engineDigest()
else if (var2 >= 0 && var3 >= 0 && var2 <= var1.length - var3) {
this.implDigest(var1, var2);{//由子類實(shí)現(xiàn): MD5.implDigest()
MD5.implDigest();
}
}
}
}
}
}
if (digest == null || digest.length != _digest.length)
return false;
boolean digestMismatch = false;
for (int i = 0; i < digest.length; i++)
digestMismatch |= (digest[i] != _digest[i]);
return !digestMismatch;
} else if (credentials instanceof MD5){
return equals((MD5)credentials);
} else if (credentials instanceof Credential){
return ((Credential)credentials).check(this);
} else {
LOG.warn("Can't check " + credentials.getClass() + " against MD5");
return false;
}
}
}
if (canLogin){
String[] roles = loadRoleInfo(userPrincipal);
return _identityService.newUserIdentity(subject,userPrincipal,roles);
}
}
}
if (user!=null){
HttpSession session = ((HttpServletRequest)request).getSession(true);
Authentication cached=new SessionAuthentication(getAuthMethod(),user,password);
}
}
LOG.debug("jsecuritycheck {} {}",username,user);
}
}
}
}
}
