diff --git a/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java b/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java index a754a76e..53282e20 100644 --- a/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java +++ b/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java @@ -1,28 +1,28 @@ /* -* Conditions Of Use -* -* This software was developed by employees of the National Institute of -* Standards and Technology (NIST), an agency of the Federal Government. -* Pursuant to title 15 Untied States Code Section 105, works of NIST -* employees are not subject to copyright protection in the United States -* and are considered to be in the public domain. As a result, a formal -* license is not needed to use the software. -* -* This software is provided by NIST as a service and is expressly -* provided "AS IS." NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED -* OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF -* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT -* AND DATA ACCURACY. NIST does not warrant or make any representations -* regarding the use of the software or the results thereof, including but -* not limited to the correctness, accuracy, reliability or usefulness of -* the software. -* -* Permission to use this software is contingent upon your acceptance -* of the terms of this agreement -* -* . -* -*/ + * Conditions Of Use + * + * This software was developed by employees of the National Institute of + * Standards and Technology (NIST), an agency of the Federal Government. + * Pursuant to title 15 Untied States Code Section 105, works of NIST + * employees are not subject to copyright protection in the United States + * and are considered to be in the public domain. As a result, a formal + * license is not needed to use the software. + * + * This software is provided by NIST as a service and is expressly + * provided "AS IS." NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED + * OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT + * AND DATA ACCURACY. NIST does not warrant or make any representations + * regarding the use of the software or the results thereof, including but + * not limited to the correctness, accuracy, reliability or usefulness of + * the software. + * + * Permission to use this software is contingent upon your acceptance + * of the terms of this agreement + * + * . + * + */ package com.genersoft.iot.vmp.gb28181.auth; import java.security.MessageDigest; @@ -42,18 +42,18 @@ import gov.nist.core.InternalErrorHandler; /** * Implements the HTTP digest authentication method server side functionality. - * + * * @author M. Ranganathan * @author Marc Bednarek */ public class DigestServerAuthenticationHelper { - + private MessageDigest messageDigest; - + public static final String DEFAULT_ALGORITHM = "MD5"; public static final String DEFAULT_SCHEME = "Digest"; - + @@ -63,11 +63,11 @@ public class DigestServerAuthenticationHelper { /** * Default constructor. - * @throws NoSuchAlgorithmException + * @throws NoSuchAlgorithmException */ - public DigestServerAuthenticationHelper() - throws NoSuchAlgorithmException { - messageDigest = MessageDigest.getInstance(DEFAULT_ALGORITHM); + public DigestServerAuthenticationHelper() + throws NoSuchAlgorithmException { + messageDigest = MessageDigest.getInstance(DEFAULT_ALGORITHM); } public static String toHexString(byte b[]) { @@ -79,7 +79,7 @@ public class DigestServerAuthenticationHelper { } return new String(c); } - + /** * Generate the challenge string. * @@ -121,34 +121,34 @@ public class DigestServerAuthenticationHelper { * * @param request - the request to authenticate. * @param hashedPassword -- the MD5 hashed string of username:realm:plaintext password. - * + * * @return true if authentication succeded and false otherwise. */ public boolean doAuthenticateHashedPassword(Request request, String hashedPassword) { - AuthorizationHeader authHeader = (AuthorizationHeader) request.getHeader(AuthorizationHeader.NAME); + AuthorizationHeader authHeader = (AuthorizationHeader) request.getHeader(AuthorizationHeader.NAME); if ( authHeader == null ) return false; String realm = authHeader.getRealm(); String username = authHeader.getUsername(); - + if ( username == null || realm == null ) { return false; } - + String nonce = authHeader.getNonce(); URI uri = authHeader.getURI(); if (uri == null) { return false; } - - + + String A2 = request.getMethod().toUpperCase() + ":" + uri.toString(); String HA1 = hashedPassword; - + byte[] mdbytes = messageDigest.digest(A2.getBytes()); String HA2 = toHexString(mdbytes); - + String cnonce = authHeader.getCNonce(); String KD = HA1 + ":" + nonce; if (cnonce != null) { @@ -158,7 +158,7 @@ public class DigestServerAuthenticationHelper { mdbytes = messageDigest.digest(KD.getBytes()); String mdString = toHexString(mdbytes); String response = authHeader.getResponse(); - + return mdString.equals(response); } @@ -168,11 +168,11 @@ public class DigestServerAuthenticationHelper { * * @param request - the request to authenticate. * @param pass -- the plain text password. - * + * * @return true if authentication succeded and false otherwise. */ public boolean doAuthenticatePlainTextPassword(Request request, String pass) { - AuthorizationHeader authHeader = (AuthorizationHeader) request.getHeader(AuthorizationHeader.NAME); + AuthorizationHeader authHeader = (AuthorizationHeader) request.getHeader(AuthorizationHeader.NAME); if ( authHeader == null ) return false; String realm = authHeader.getRealm().trim(); String username = authHeader.getUsername().trim(); @@ -184,7 +184,7 @@ public class DigestServerAuthenticationHelper { String nonce = authHeader.getNonce(); URI uri = authHeader.getURI(); if (uri == null) { - return false; + return false; } // qop 保护质量 包含auth(默认的)和auth-int(增加了报文完整性检测)两种策略 String qop = authHeader.getQop(); @@ -233,6 +233,6 @@ public class DigestServerAuthenticationHelper { String response = authHeader.getResponse(); System.out.println("response: " + response); return mdString.equals(response); - + } } diff --git a/src/main/java/com/genersoft/iot/vmp/storager/dao/DeviceMapper.java b/src/main/java/com/genersoft/iot/vmp/storager/dao/DeviceMapper.java index b49d0dc3..f6e328bf 100644 --- a/src/main/java/com/genersoft/iot/vmp/storager/dao/DeviceMapper.java +++ b/src/main/java/com/genersoft/iot/vmp/storager/dao/DeviceMapper.java @@ -43,7 +43,6 @@ public interface DeviceMapper { ")") int add(Device device); - @Update(value = {"