CachingKeyInSessionSunJceCryptFactory.java example

Explorer
servoy-client-master
/*
 This file belongs to the Servoy development and deployment environment, Copyright (C) 1997-2013 Servoy BV

 This program is free software; you can redistribute it and/or modify it under
 the terms of the GNU Affero General Public License as published by the Free
 Software Foundation; either version 3 of the License, or (at your option) any
 later version.

 This program is distributed in the hope that it will be useful, but WITHOUT
 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

 You should have received a copy of the GNU Affero General Public License along
 with this program; if not, see http://www.gnu.org/licenses or write to the Free
 Software Foundation,Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
 */

package com.servoy.j2db.server.headlessclient;

import java.security.GeneralSecurityException;
import java.util.UUID;

import javax.servlet.http.HttpSession;

import org.apache.wicket.RequestCycle;
import org.apache.wicket.Session;
import org.apache.wicket.protocol.http.WebRequestCycle;
import org.apache.wicket.util.crypt.ICrypt;
import org.apache.wicket.util.crypt.ICryptFactory;
import org.apache.wicket.util.crypt.NoCrypt;

import com.servoy.j2db.util.Debug;

/**
 * @author jcompagner
 *
 */
public class CachingKeyInSessionSunJceCryptFactory implements ICryptFactory
{
	public ICrypt newCrypt()
	{
		ICrypt crypt = null;
		WebClientSession webClientSession = null;
		if (Session.exists())
		{
			webClientSession = WebClientSession.get();
			crypt = webClientSession.getCrypt();
		}

		if (crypt == null)
		{

			WebRequestCycle rc = (WebRequestCycle)RequestCycle.get();

			// get http session, create if necessary
			HttpSession session = rc.getWebRequest().getHttpServletRequest().getSession(true);

			// retrieve or generate encryption key from session
			final String keyAttr = rc.getApplication().getApplicationKey() + "." + getClass().getName();
			String key = (String)session.getAttribute(keyAttr);
			if (key == null)
			{
				// generate new key
				key = session.getId() + "." + UUID.randomUUID().toString();
				session.setAttribute(keyAttr, key);
			}

			// build the crypt based on session key
			try
			{
				crypt = new CachingSunJceCrypt(key);
			}
			catch (GeneralSecurityException e)
			{

				Debug.error("couldn't generate the crypt class", e);
				return new NoCrypt();
			}

			if (webClientSession != null)
			{
				webClientSession.setCrypt(crypt);
			}
		}
		return crypt;
	}
}