Examples of ICrypt

• org.apache.wicket.util.crypt.ICrypt
  Encryption and decryption implementations are accessed through this interface. It provide some simple means to encrypt and decrypt strings, like passwords etc.. It depends on the implementation itself which algorithms are used to en-/decrypt the data.

  If you value the privacy of your websites users, then please consider using a one-way encryption algorithm instead of the Wicket provided ICrypt implementations. The intention of these encryption facilities is to keep passwords private when stored in cookies or in the session.The implementation of the encryption algorithm may change between releases. As such, this interface and its implementations are not intended and should not be used as an encryption facility for persistent values.

  As of Wicket 1.2 the methods encrypt and decrypt are deprecated. Consider changing your persistent encryption strategy to be based on a one-way encryption such as a SHA1 hash, not depending on Wicket classes. @author Juergen Donnerstag

Examples of org.apache.wicket.util.crypt.ICrypt

   */
  @Test
  public void noCrypt()
  {
    // The NoCrypt implementation does not modify the string at all
    final ICrypt crypt = new NoCrypt();

    assertEquals("test", crypt.encryptUrlSafe("test"));
    assertEquals("test", crypt.decryptUrlSafe("test"));
  }

Examples of org.apache.wicket.util.crypt.ICrypt

  {

    @Override
    public ICrypt newCrypt()
    {
      return new ICrypt()
      {

        @Override
        public String decryptUrlSafe(String text)
        {

Examples of org.apache.wicket.util.crypt.ICrypt

   * @return The encoded url
   */
  public CharSequence encodeURL(CharSequence url)
  {
      // Get the crypt implementation from the application
    ICrypt urlCrypt = Application.get().getSecuritySettings().getCryptFactory().newCrypt();
    if (urlCrypt != null)
    {
        // The url must have a query string, otherwise keep the url unchanged
        final int pos = url.toString().indexOf('?');
        if (pos > 0)
        {
            // The url's path
          CharSequence urlPrefix = url.subSequence(0, pos);

          // Extract the querystring
          String queryString = url.subSequence(pos + 1, url.length()).toString();

          // if the querystring starts with a parameter like
          // "x=", than don't change the querystring as it
          // has been encoded already
          if (!queryString.startsWith("x="))
          {
              // The length of the encrypted string depends on the
              // length of the original querystring. Let's try to
              // make the querystring shorter first without loosing
              // information.
            queryString = shortenUrl(queryString).toString();

            // encrypt the query string
          final String encryptedQueryString = urlCrypt.encryptUrlSafe(queryString);

          // build the new complete url
          return new AppendingStringBuffer(urlPrefix).append("?x=").append(encryptedQueryString);
          }
        }

Examples of org.apache.wicket.util.crypt.ICrypt

    // Encoded query string have only a single parameter named "x"
    final String secureParam = request.getParameter("x");
    if ((secureParam != null) && (secureParam.length() > 0))
    {
      // Get the crypt implementation from the application
      ICrypt urlCrypt = Application.get().getSecuritySettings().getCryptFactory().newCrypt();

      // Decrypt the query string
      final String queryString = urlCrypt.decryptUrlSafe(secureParam);

      // The querystring might have been shortened (length reduced).
      // In that case, lengthen the query string again.
      this.queryString = rebuildUrl(queryString);

Examples of org.apache.wicket.util.crypt.ICrypt

        // should never happen
        throw new WicketRuntimeException(ex);
      }

      // Get the crypt implementation from the application
      final ICrypt urlCrypt = Application.get().getSecuritySettings().getCryptFactory()
          .newCrypt();

      // Decrypt the query string
      final String queryString = urlCrypt.decryptUrlSafe(secureParam);

      // The querystring might have been shortened (length reduced).
      // In that case, lengthen the query string again.
      return rebuildUrl(queryString);
    }

Examples of org.apache.wicket.util.crypt.ICrypt

   * @return The encoded url
   */
  protected CharSequence encodeURL(final CharSequence url)
  {
    // Get the crypt implementation from the application
    ICrypt urlCrypt = Application.get().getSecuritySettings().getCryptFactory().newCrypt();
    if (urlCrypt != null)
    {
      // The url must have a query string, otherwise keep the url
      // unchanged
      final int pos = url.toString().indexOf('?');
      if (pos > -1)
      {
        // The url's path
        CharSequence urlPrefix = url.subSequence(0, pos);

        // Extract the querystring
        String queryString = url.subSequence(pos + 1, url.length()).toString();

        // if the querystring starts with a parameter like
        // "x=", than don't change the querystring as it
        // has been encoded already
        if (!queryString.startsWith("x="))
        {
          // The length of the encrypted string depends on the
          // length of the original querystring. Let's try to
          // make the querystring shorter first without loosing
          // information.
          queryString = shortenUrl(queryString).toString();

          // encrypt the query string
          String encryptedQueryString = urlCrypt.encryptUrlSafe(queryString);

          try
          {
            encryptedQueryString = URLEncoder.encode(encryptedQueryString, Application
                .get().getRequestCycleSettings().getResponseRequestEncoding());

Examples of org.apache.wicket.util.crypt.ICrypt

        secureParam = URLDecoder.decode(secureParam, Application.get()
            .getRequestCycleSettings().getResponseRequestEncoding());

        // Get the crypt implementation from the application
        final ICrypt urlCrypt = Application.get().getSecuritySettings().getCryptFactory()
            .newCrypt();

        // Decrypt the query string
        String queryString = urlCrypt.decryptUrlSafe(secureParam);

        // The querystring might have been shortened (length reduced).
        // In that case, lengthen the query string again.
        queryString = rebuildUrl(queryString);
        return queryString;

Examples of org.apache.wicket.util.crypt.ICrypt

   * @return The encoded url
   */
  protected CharSequence encodeURL(final CharSequence url)
  {
    // Get the crypt implementation from the application
    ICrypt urlCrypt = Application.get().getSecuritySettings().getCryptFactory().newCrypt();
    if (urlCrypt != null)
    {
      // The url must have a query string, otherwise keep the url
      // unchanged
      final int pos = url.toString().indexOf('?');
      if (pos > -1)
      {
        // The url's path
        CharSequence urlPrefix = url.subSequence(0, pos);

        // Extract the querystring
        String queryString = url.subSequence(pos + 1, url.length()).toString();

        // if the querystring starts with a parameter like
        // "x=", than don't change the querystring as it
        // has been encoded already
        if (!queryString.startsWith("x="))
        {
          // The length of the encrypted string depends on the
          // length of the original querystring. Let's try to
          // make the querystring shorter first without loosing
          // information.
          queryString = shortenUrl(queryString).toString();

          // encrypt the query string
          String encryptedQueryString = urlCrypt.encryptUrlSafe(queryString);

          try
          {
            encryptedQueryString = URLEncoder.encode(encryptedQueryString, Application
                .get().getRequestCycleSettings().getResponseRequestEncoding());

Examples of org.apache.wicket.util.crypt.ICrypt

        secureParam = URLDecoder.decode(secureParam, Application.get()
            .getRequestCycleSettings().getResponseRequestEncoding());

        // Get the crypt implementation from the application
        final ICrypt urlCrypt = Application.get().getSecuritySettings().getCryptFactory()
            .newCrypt();

        // Decrypt the query string
        String queryString = urlCrypt.decryptUrlSafe(secureParam);

        // The querystring might have been shortened (length reduced).
        // In that case, lengthen the query string again.
        queryString = rebuildUrl(queryString);
        return queryString;

Examples of org.apache.wicket.util.crypt.ICrypt

   * @return The encoded url
   */
  protected CharSequence encodeURL(final CharSequence url)
  {
    // Get the crypt implementation from the application
    ICrypt urlCrypt = Application.get().getSecuritySettings().getCryptFactory().newCrypt();
    if (urlCrypt != null)
    {
      // The url must have a query string, otherwise keep the url
      // unchanged
      final int pos = url.toString().indexOf('?');
      if (pos > -1)
      {
        // The url's path
        CharSequence urlPrefix = url.subSequence(0, pos);

        // Extract the querystring
        String queryString = url.subSequence(pos + 1, url.length()).toString();

        // if the querystring starts with a parameter like
        // "x=", than don't change the querystring as it
        // has been encoded already
        if (!queryString.startsWith("x="))
        {
          // The length of the encrypted string depends on the
          // length of the original querystring. Let's try to
          // make the querystring shorter first without loosing
          // information.
          queryString = shortenUrl(queryString).toString();

          // encrypt the query string
          String encryptedQueryString = urlCrypt.encryptUrlSafe(queryString);

          try
          {
            encryptedQueryString = URLEncoder.encode(encryptedQueryString, Application
                .get().getRequestCycleSettings().getResponseRequestEncoding());