My whim today, is to create an EJB that generates the SHA-1 message digest from the contents of a simple form.
I will be using GlassFish 3.1.2 to deploy my application. The SHA-1 is generated by using the MessageDigest class, found in the java.security package.
So, the first step is to create a Dynamic Web Project in Eclipse. It generates a default JSP. I use this page to hold the HTML contents of the form.
I will be using GlassFish 3.1.2 to deploy my application. The SHA-1 is generated by using the MessageDigest class, found in the java.security package.
So, the first step is to create a Dynamic Web Project in Eclipse. It generates a default JSP. I use this page to hold the HTML contents of the form.
<%@page contentType="text/html" pageEncoding="UTF-8"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Test Form</title> </head> <body> <form method="POST" action="HashIt"> Username: <input name="username"/> <br/> Password: <input name="password" type="password"><br/> <input type="submit" value="Submit"> </form> </body> </html>Then I create the servlet that processes this form. It does the following,
- Receive the contents of the form (doPost)
- Use the EJB to actually generate the SHA-1 and render the result
package com.whycouch; import java.io.IOException; import javax.ejb.EJB; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * This class processes the requests from the form * @author Hathy */ @WebServlet("/HashIt") public class HashIt extends HttpServlet { private static final long serialVersionUID = 1L; @EJB private Hash hash; public HashIt() { super(); } protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // Let us always use the doPost doPost(request,response); } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String username=request.getParameter("username"); String password=request.getParameter("password"); if(username==null || username.length()==0) username="EMPTY"; if(password==null || password.length()==0) password="EMPTY"; response.getWriter().println( "The SHA-1 of the form data is "+ hash.digest(username+password) ); } }Finally, I create the EJB itself, which is nothing but a stateless session bean.
package com.whycouch; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import javax.ejb.LocalBean; import javax.ejb.Stateless; import com.sun.xml.wss.impl.misc.Base64; /** * This is the EJB that actually generates the SHA-1 * for the input it is provided with * * @author Hathy */ @Stateless @LocalBean public class Hash { MessageDigest sha1; // Initialize the MessageDigest to use SHA-1 // as its algorithm public Hash() { try { sha1=MessageDigest.getInstance("SHA-1"); } catch (NoSuchAlgorithmException e) { System.err.println("Unable to find SHA-1"); } System.out.println("Initialized"); } // Generate the message digest, and then convert it // into a Base64 string public String digest(String data){ if(data==null) return ""; byte[] output = sha1.digest(data.getBytes()); return Base64.encode(output); } }The Base64 utility class that I have used was found in the webservices-rt.jar, that comes along with the GlassFish server. So, when you run the application, and submit the form, you should see a message like,
The SHA-1 of the form data is yPf+Ow5BvoRtVodZLPIBj/biJoc=
No comments:
Post a Comment