Set duration adjustable.

src/fr/devinsy/kiss4web/SimpleSecurityAgent.java

@@ -15,13 +15,15 @@ import fr.devinsy.util.StringList;
 public class SimpleSecurityAgent
 {
 	static private final Logger logger = LoggerFactory.getLogger(SimpleSecurityAgent.class);
-	final static public String USERID_LABEL = "securityAgent.userId";
+	public static final String USERID_LABEL = "securityAgent.userId";
-	final static public String ACCOUNTID_LABEL = "securityAgent.accountId";
+	public static final String ACCOUNTID_LABEL = "securityAgent.accountId";
-	final static public String AUTH_LABEL = "securityAgent.auth";
+	public static final String AUTH_LABEL = "securityAgent.auth";
-	protected String userIdLabel;
+	private String userIdLabel;
-	protected String accountIdLabel;
+	private String accountIdLabel;
-	protected String authLabel;
+	private String authLabel;
-	protected String secretKey;
+	private String secretKey;
+	private static final int DEFAULT_DURATION = 60 * 60; // One hour.
+	private int duration;
 
 	/**
 	 * 
@@ -32,6 +34,7 @@ public class SimpleSecurityAgent
 		this.accountIdLabel = prefix + "." + ACCOUNTID_LABEL;
 		this.authLabel = prefix + "." + AUTH_LABEL;
 		this.secretKey = secretKey;
+		this.duration = DEFAULT_DURATION;
 	}
 
 	/**
@@ -82,13 +85,22 @@ public class SimpleSecurityAgent
 			targetKeys[keys.length] = this.secretKey;
 
 			//
-			result = md5sum(targetKeys);
+			result = digest(targetKeys);
 		}
 
 		//
 		return (result);
 	}
 
+	/**
+	 * 
+	 * @return
+	 */
+	public int getDuration()
+	{
+		return duration;
+	}
+
 	/**
 	 * Check authentication and refresh it (reset countdown).
 	 */
@@ -137,7 +149,7 @@ public class SimpleSecurityAgent
 		else
 		{
 			String key = source + this.secretKey;
-			result = md5sum(key);
+			result = digest(key);
 		}
 
 		//
@@ -160,16 +172,24 @@ public class SimpleSecurityAgent
 	public void setAuthenticated(final HttpServletRequest request, final HttpServletResponse response, final String accountId, final String userId)
 	{
 		// Refresh cookie.
-		int duration = 60 * 60;
 		String auth = computeAuth(String.valueOf(accountId), userId, request.getRemoteAddr());
 
-		response.addCookie(CookieHelper.buildCookie(this.authLabel, auth, duration));
+		response.addCookie(CookieHelper.buildCookie(this.authLabel, auth, this.duration));
-		response.addCookie(CookieHelper.buildCookie(this.accountIdLabel, accountId, duration));
+		response.addCookie(CookieHelper.buildCookie(this.accountIdLabel, accountId, this.duration));
-		response.addCookie(CookieHelper.buildCookie(this.userIdLabel, userId, duration));
+		response.addCookie(CookieHelper.buildCookie(this.userIdLabel, userId, this.duration));
 
 		logger.info("set [" + auth + "," + accountId + "," + userId + "," + request.getRemoteAddr() + ")");
 	}
 
+	/**
+	 * 
+	 * @param duration
+	 */
+	public void setDuration(final int duration)
+	{
+		this.duration = duration;
+	}
+
 	/**
 	 *
 	 */
@@ -186,7 +206,7 @@ public class SimpleSecurityAgent
 	/**
 	 * 
 	 */
-	static public String md5sum(final String... keys)
+	static public String digest(final String... keys)
 	{
 		String result;
 
@@ -204,7 +224,7 @@ public class SimpleSecurityAgent
 			}
 
 			//
-			result = DigestUtils.md5Hex(targetKey.toString());
+			result = DigestUtils.sha256Hex(targetKey.toString());
 		}
 
 		//