in guacamole/src/main/java/org/apache/guacamole/auth/file/Authorization.java [183:232]
public boolean validate(String username, String password) {
// If username matches
if (username != null && password != null
&& username.equals(this.username)) {
switch (encoding) {
// If plain text, just compare
case PLAIN_TEXT:
// Compare plaintext
return password.equals(this.password);
// If hased with MD5, hash password and compare
case MD5:
// Compare hashed password
try {
MessageDigest digest = MessageDigest.getInstance("MD5");
String hashedPassword = getHexString(digest.digest(password.getBytes("UTF-8")));
return hashedPassword.equals(this.password.toUpperCase());
}
catch (UnsupportedEncodingException e) {
throw new UnsupportedOperationException("Unexpected lack of UTF-8 support.", e);
}
catch (NoSuchAlgorithmException e) {
throw new UnsupportedOperationException("Unexpected lack of MD5 support.", e);
}
case SHA_256:
try {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
String hashedPassword = getHexString(digest.digest(password.getBytes("UTF-8")));
return hashedPassword.equals(this.password.toUpperCase());
}
catch (UnsupportedEncodingException e) {
throw new UnsupportedOperationException("Unexpected lack of UTF-8 support.", e);
}
catch (NoSuchAlgorithmException e) {
throw new UnsupportedOperationException("Unexpected lack of SHA-256 support.", e);
}
}
} // end validation check
return false;
}