/*
* RHQ Management Platform
* Copyright (C) 2005-2012 Red Hat, Inc.
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation version 2 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package org.rhq.core.util.obfuscation;
import java.lang.reflect.Method;
/**
*
* @author Stefan Negrea
*/
public class PicketBoxObfuscator {
//no instances, please
private PicketBoxObfuscator() {
}
/**
* Use the internal JBossAS mechanism to obfuscate a password. This is not true encryption.
*
* @param text the clear text to be obfuscated
* @return the obfuscated text
*/
public static String encode(String text) {
// We need to do some mumbo jumbo, as the interesting method is private
// in SecureIdentityLoginModule
try {
String className = "org.picketbox.datasource.security.SecureIdentityLoginModule";
Class<?> clazz = Class.forName(className);
Object object = clazz.newInstance();
Method method = clazz.getDeclaredMethod("encode", String.class);
method.setAccessible(true);
String result = method.invoke(object, text).toString();
return result;
} catch (Exception e) {
throw new RuntimeException("obfuscating db password failed: ", e);
}
}
/**
* Use the internal JBossAS mechanism to de-obfuscate a password back to its
* clear text form. This is not true encryption.
*
* @param obfuscatedText the obfuscated text
* @return the clear text
*/
public static String decode(String text) {
// We need to do some mumbo jumbo, as the interesting method is private
// in SecureIdentityLoginModule
try {
String className = "org.picketbox.datasource.security.SecureIdentityLoginModule";
Class<?> clazz = Class.forName(className);
Object object = clazz.newInstance();
Method method = clazz.getDeclaredMethod("decode", String.class);
method.setAccessible(true);
char[] result = (char[]) method.invoke(object, text);
return new String(result);
} catch (Exception e) {
throw new RuntimeException("de-obfuscating db password failed: ", e);
}
}
}