1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
package de.fhswf.in.inf.fit.aufgabe5;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import de.fhswf.in.inf.fit.aufgabe5.model.Account;
/**
* Servlet implementation class LoginServlet
*/
@WebServlet("/LoginServletWithJpa")
public class LoginServletWithJpa extends HttpServlet
{
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public LoginServletWithJpa()
{
super();
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException
{
response.sendRedirect("LoginFormWithJpa.jsp");
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException
{
String requestUsername = request.getParameter("username");
String requestPassword = request.getParameter("password");
if (requestUsername == null || requestPassword == null)
{
doGet(request, response);
}
EntityManagerFactory emf = Persistence.createEntityManagerFactory(
getServletContext().getInitParameter("persistenceUnit"));
EntityManager em = emf.createEntityManager();
Account account = em.find(Account.class, requestUsername);
PrintWriter pw = response.getWriter();
pw.println("<!DOCTYPE html>");
pw.println("<html>");
pw.println("<head>");
pw.println("<meta charset=\"utf-8\" />");
pw.println("<title>Login Answer</title>");
pw.println("</head>");
pw.println("<body>");
System.out.println(account.getPassword() + " == "
+ (createSaltedPasswordHash(requestPassword, account.getSalt())));
// This is very insecure and can be exploited via timing attacks
if (account != null && account.getPassword().equals(
createSaltedPasswordHash(requestPassword, account.getSalt())))
{
pw.println("<h1>Success</h1>");
request.getSession().setAttribute("loggedin", true);
}
else
{
pw.println("<h1>Failed</h1>");
pw.println("<a href=\"LoginFormWithJpa.jsp\">Retry</a>");
}
pw.println("</body>");
pw.println("</html>");
emf.close();
}
/**
* Generate a Base64 encoded SHA-1 hashed password that is salted.
*
* @param password
* The password to encode.
* @param salt
* The salt for salting the password.
* @return The salted and encoded password hash.
*/
public static String createSaltedPasswordHash(String password, String salt)
{
if (password == null)
{
throw new IllegalArgumentException("Password can't be null");
}
if (salt == null)
{
throw new IllegalArgumentException("Salt can't be null");
}
try
{
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.update((password + salt).getBytes());
return Base64.getEncoder().encodeToString(md.digest());
}
catch (NoSuchAlgorithmException e)
{
throw new IllegalStateException(
"SHA-1 for some reason is not supported.", e);
}
}
}
|
