Merge branch 'master' of ssh://git@gitorious.org/yacy/rc1.git

source/net/yacy/http/YaCyLegacyCredential.java

@@ -26,7 +26,6 @@ package net.yacy.http;
 
 import net.yacy.cora.order.Base64Order;
 import net.yacy.cora.order.Digest;
-import net.yacy.kelondro.util.MapTools;
 import org.eclipse.jetty.util.security.Credential;
 
 
@@ -38,28 +37,22 @@ public class YaCyLegacyCredential extends Credential {
 	
 	private static final long serialVersionUID = -3527894085562480001L;
 	private String hash;
-	
-    /**
-     * <p><code>public static final String <strong>ADMIN_ACCOUNT_B64MD5</strong> = "adminAccountBase64MD5"</code></p>
-     * <p>Name of the setting holding the authentication hash for the static <code>admin</code>-account. It is calculated
-     * by first encoding <code>username:password</code> as Base64 and hashing it using {@link MapTools#encodeMD5Hex(String)}.</p>
-     */
-    public static final String ADMIN_ACCOUNT_B64MD5 = "adminAccountBase64MD5";
-
+        private String foruser; // remember the user as YaCy credential is username:pwd (not just pwd)
+        
 	/**
 	 * internal hash function
 	 * @param clear password
 	 * @return hash string
 	 */
 	private static String calcHash(String pw) {
-		return Digest.encodeMD5Hex(Base64Order.standardCoder.encodeString("admin:" + pw));
+            return Digest.encodeMD5Hex(Base64Order.standardCoder.encodeString(pw));
 	}
 
 	@Override
 	public boolean check(Object credentials) {
 		if(credentials instanceof String) {
 			final String pw = (String) credentials;
-			return calcHash(pw).equals(this.hash);
+			return calcHash(foruser+":"+pw).equals(this.hash);
 		}
         throw new UnsupportedOperationException();
 	}
@@ -69,8 +62,9 @@ public class YaCyLegacyCredential extends Credential {
 	 * @param configHash hash as in config file
 	 * @return
 	 */
-	public static Credential getCredentialsFromConfig(String configHash) {
+	public static Credential getCredentialsFromConfig(String user, String configHash) {
 		YaCyLegacyCredential c = new YaCyLegacyCredential();
+                c.foruser=user;
 		c.hash = configHash;
 		return c;
 	}
@@ -80,9 +74,10 @@ public class YaCyLegacyCredential extends Credential {
 	 * @param password
 	 * @return
 	 */
-	public static Credential getCredentials(String password) {
+	public static Credential getCredentials(String user, String password) {
 		YaCyLegacyCredential c = new YaCyLegacyCredential();
-		c.hash = calcHash(password);
+                c.foruser=user;
+		c.hash = calcHash(user + ":" + password);
 		return c;
 	}
 

source/net/yacy/http/YaCyLoginService.java

@@ -30,6 +30,7 @@ import java.security.Principal;
 import javax.security.auth.Subject;
 
 import net.yacy.search.Switchboard;
+import net.yacy.search.SwitchboardConstants;
 
 import org.eclipse.jetty.security.IdentityService;
 import org.eclipse.jetty.security.MappedLoginService;
@@ -43,12 +44,18 @@ public class YaCyLoginService extends MappedLoginService {
 
 	@Override
 	protected UserIdentity loadUser(String username) {
-		if(username.equals("admin")) {
+		/*if(username.equals("admin"))*/ {
 			// TODO: implement legacy credentials
 			final Switchboard sb = Switchboard.getSwitchboard();
-			final String adminAccountBase64MD5 = sb.getConfig(YaCyLegacyCredential.ADMIN_ACCOUNT_B64MD5, "");
-			Credential credential = YaCyLegacyCredential.getCredentialsFromConfig(adminAccountBase64MD5);
-			Principal userPrincipal = new MappedLoginService.KnownUser("admin", credential); 
+			final String adminAccountBase64MD5 = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "");
+                        // in YaCy the credential hash is composed of username:pwd so the username is needed to create valid credential 
+                        // not just the password (as usually in Jetty). As the accountname for the std. adminuser is not stored a useridentity 
+                        // is created for current user (and the pwd checked against the stored  username:pwd setting)                        
+			Credential credential = YaCyLegacyCredential.getCredentialsFromConfig(username, adminAccountBase64MD5);
+                        // TODO: YaCy user:pwd hashes should longterm likely be switched to separable username + pwd-hash entries
+                        //       and/or the standard admin account username shuld be fix = "admin"
+          
+                        Principal userPrincipal = new MappedLoginService.KnownUser(username, credential); 
 			Subject subject = new Subject();
 			subject.getPrincipals().add(userPrincipal);
 			subject.getPrivateCredentials().add(credential);
@@ -56,7 +63,7 @@ public class YaCyLoginService extends MappedLoginService {
 			IdentityService is = getIdentityService();
 			return is.newUserIdentity(subject, userPrincipal, new String[]{"admin"});
 		}
-		return null;
+	//	return null;
 	}
 	
 	@Override

source/net/yacy/yacy.java

@@ -358,7 +358,7 @@ public final class yacy {
                     final String  browserPopUpPage = sb.getConfig(SwitchboardConstants.BROWSER_POP_UP_PAGE, "ConfigBasic.html");
                     //boolean properPW = (sb.getConfig("adminAccount", "").isEmpty()) && (sb.getConfig(httpd.ADMIN_ACCOUNT_B64MD5, "").length() > 0);
                     //if (!properPW) browserPopUpPage = "ConfigBasic.html";
-                    Browser.openBrowser((httpServer.withSSL()?"https://localhost:"+httpServer.getSslPort():"http://localhost:"+port) + "/" + browserPopUpPage);
+                    Browser.openBrowser(("http://localhost:"+port) + "/" + browserPopUpPage);
                    // Browser.openBrowser((server.withSSL()?"https":"http") + "://localhost:" + serverCore.getPortNr(port) + "/" + browserPopUpPage);
                 } catch (final Throwable e) {
                     // cannot open browser. This may be normal in headless environments