/* * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. * * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved * * The contents of this file are subject to the terms * of the Common Development and Distribution License * (the License). You may not use this file except in * compliance with the License. * * You can obtain a copy of the License at * https://opensso.dev.java.net/public/CDDLv1.0.html or * opensso/legal/CDDLv1.0.txt * See the License for the specific language governing * permission and limitations under the License. * * When distributing Covered Code, include this CDDL * Header Notice in each file and include the License file * at opensso/legal/CDDLv1.0.txt. * If applicable, add the following below the CDDL Header, * with the fields enclosed by brackets [] replaced by * your own identifying information: * "Portions Copyrighted [year] [name of copyright owner]" * * $Id: DecodeAction.java,v 1.4 2008/08/19 19:14:55 veiming Exp $ * * Portions Copyrighted 2011-2015 ForgeRock AS. */ package com.sun.identity.security; import java.security.PrivilegedAction; import com.iplanet.services.util.AMEncryption; import com.iplanet.services.util.Crypt; /** * * The class is used to perform privileged operations with * AccessController.doPrivileged() * when using * com.iplanet.services.util.Crypt to decode passwords. Ths class * implements the interface * PrivilegedAction with a non-default * constructor. This class should be used in order to perform the privileged * operation of com.iplanet.services.util.Crypt.decode/decrypt(). * *
 * 
 * This line of code: String decStr =
 * com.iplanet.services.util.Crypt.decode(str) should be replaced with: String
 * decStr = (String) AccessController.doPrivileged( new DecodeAction(str)); If
 * this is not done and Java security permissions check is enabled, then the
 * operation will fail and return a null every time.
 * 
 * Note: Java security permissions check for OpenAM can be enabled by
 * setting the property com.sun.identity.security.checkcaller to
 * true in AMConfig properties file.
 * 
 * 
* * @supported.all.api */ public class DecodeAction implements PrivilegedAction { protected String value; protected AMEncryption encr; /** * Non default constructor to be used when a doPrivileged() * is performed for the decryption operations. * * @param svalue * Value of string to be encoded/decoded * */ public DecodeAction(String svalue) { super(); value = svalue; } /** * @param value * Value to be decoded * @param encrKey * Encryption object to be used for decoding */ public DecodeAction(String value, AMEncryption encrKey) { super(); this.value = value; this.encr = encrKey; } /* * (non-Javadoc) * * @see java.security.PrivilegedAction#run() */ public String run() { if (encr != null) { return Crypt.decode(value, encr); } else { return Crypt.decode(value); } } }