boxtec
/
yacy_search_server
mirror of https://github.com/yacy/yacy_search_server
4
1
Fork 0
Code Issues Projects Releases Wiki Activity

let User servlet detect static admin with (newer) md5 encoded pwd

Browse Source 
(complete a old todo)
pull/93/head
reger 8 years ago
parent 60ba5c117c
commit 20c9b0138e
1 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File

23
htroot/User.java
Unescape View File

@ -91,20 +91,27 @@ public class User{
}else if(sb.verifyAuthentication(requestHeader)){ }else if(sb.verifyAuthentication(requestHeader)){
prop.put("logged-in", "2"); prop.put("logged-in", "2");
//identified via form-login //identified via form-login
//TODO: this does not work for a static admin, yet. } else if (post != null && post.containsKey("username") && post.containsKey("password")) {
}else if(post != null && post.containsKey("username") && post.containsKey("password")){
if (post.containsKey("returnto")) if (post.containsKey("returnto"))
prop.putHTML("logged-in_returnto", post.get("returnto")); prop.putHTML("logged-in_returnto", post.get("returnto"));
final String username=post.get("username"); final String username=post.get("username");
final String password=post.get("password"); final String password=post.get("password");
prop.putHTML("logged-in_username", username); prop.putHTML("logged-in_username", username);
entry=sb.userDB.passwordAuth(username, password); entry = sb.userDB.passwordAuth(username, password);
final boolean staticAdmin = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "").equals( boolean staticAdmin = false;
Digest.encodeMD5Hex( if (entry == null) {
Base64Order.standardCoder.encodeString(username + ":" + password) // check for old style admin account
) staticAdmin = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "").equals(
); Digest.encodeMD5Hex(Base64Order.standardCoder.encodeString(username + ":" + password)));
if (!staticAdmin) {
// check for DIGEST authentication admin account
final String realm = sb.getConfig(SwitchboardConstants.ADMIN_REALM, "YaCy");
staticAdmin = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "").equals(
"MD5:" + Digest.encodeMD5Hex(username + ":" + realm + ":" + password));
}
}
String cookie=""; String cookie="";
if(entry != null) if(entry != null)
//set a random token in a cookie //set a random token in a cookie

Write Preview
Loading…
Cancel
Save