UserMappingCrypto class (Java programming language)
If your external repository encrypts or encodes remote passwords, you must create your own subclass of the UserMappingCrypto class. The constructor of the subclass that you create is used to construct the cryptography object. The methods of the cryptography class are called by other classes when the user mapping passwords need to be encrypted, decrypted, encoded, or decoded.
The UserMappingCrypto class contains the following public methods: encrypt(), decrypt(), encode(), and decode(). In these functions, you must write your code for encrypting, decrypting, encoding, and decoding the remote password. The getBytes() and getChars() functions are utility functions that are inherited and can be used without modification. The encryption, decryption, encoding, and decoding methods that you code must match the encryption and encoding methods that the external repository uses to protect the stored passwords.
You can view the implementation of these functions in a sample Java™ plug-in that retrieves user mappings from an LDAP server. The files are located in the sqllib/samples/federated/umplugin/ldap/ directory. The functions from this class are used in the UserMappingRepositoryLDAP.java and UserMappingSetupLDAP.java sample files.
Public methods
- abstract byte[] encrypt( byte[] plainValue)
- Implement the encryption algorithm that matches the encryption algorithm that the external repository uses.
- abstract byte[] decrypt( byte[] encryptedValue)
- Implement the decryption algorithm that reverses the encryption algorithm that the external repository uses and then returns the password.
- abstract string encode( byte[] bytes)
- Write or implement a function that encodes the bytes parameter into a string. This function encodes the encrypted value, which is in bytes, into a string.
- abstract byte[] decode( String[] string)
- Write or implement a function that decodes the string parameter into bytes. This function decodes the retrieved password, which is a string, into bytes so that the value can be decrypted.
- byte[] getBytes( char[] chars)
- This function is inherited and can be used without modification. The function transforms each character of a string into a byte.
- char[] getChars( byte[] bytes)
- This function is inherited and can be used without modification. The function transforms each byte into a character.
Protected attributes
- SecretKey key
- The secret key that is used to encrypt and decrypt the remote passwords.
- Cipher cipher
- The algorithm that the secret key uses to encrypt the password.