@Override protected PasswordEncoder createStringEncoder() { PasswordEncoder encoder = new JasyptPasswordEncoderWrapper(); ((JasyptPasswordEncoderWrapper) encoder) .setPasswordEncryptor(new StrongPasswordEncryptor()); ((JasyptPasswordEncoderWrapper) encoder).setPrefix(getPrefix()); return encoder; }
protected GeoServerDigestPasswordEncoder createDigestPasswordEncoder( GeoServerSecurityManager secMgr) throws IOException { GeoServerDigestPasswordEncoder digestPwe = new GeoServerDigestPasswordEncoder(); digestPwe.setBeanName("digestPasswordEncoder"); digestPwe.setPrefix("digest1"); return digestPwe; }
@Override public String encode(CharSequence rawPassword) { return createCharEncoder().encodePassword(decodeToCharArray(rawPassword.toString()), null); } }
static protected JDBCUserGroupServiceConfig createConfigObject(String fixtureId,LiveDbmsDataSecurity data,GeoServerSecurityManager securityManager) throws Exception { JDBCUserGroupServiceConfig config = new JDBCUserGroupServiceConfig(); Properties props=Util.loadUniversal(new FileInputStream(data.getFixture())); config.setName(fixtureId); config.setConnectURL(props.getProperty("url")); config.setDriverClassName(props.getProperty("driver")); config.setUserName(props.getProperty("user")== null ? props.getProperty("username"): props.getProperty("user")); config.setPassword(props.getProperty("password")); config.setClassName(JDBCUserGroupService.class.getName()); config.setCreatingTables(false); config.setPasswordEncoderName( securityManager.loadPasswordEncoder(GeoServerDigestPasswordEncoder.class).getName()); config.setPasswordPolicyName(PasswordValidator.DEFAULT_NAME); if ("mysql".equals(fixtureId)) { config.setPropertyFileNameDDL("usersddl.mysql.xml"); } else { config.setPropertyFileNameDDL(JDBCUserGroupService.DEFAULT_DDL_FILE); } config.setPropertyFileNameDML(JDBCUserGroupService.DEFAULT_DML_FILE); return config; } static protected GeoServerUserGroupService createUserGroupService(String fixtureId,
config.setPasswordEncoderName(getDigestPasswordEncoder().getName()); getSecurityManager().saveUserGroupService(config); service.initializeFromConfig(config); service.loadUserByUsername("u1") .getPassword() .startsWith(getDigestPasswordEncoder().getPrefix())); assertTrue( service.loadUserByUsername("u2") .getPassword() .startsWith(getDigestPasswordEncoder().getPrefix())); service.loadUserByUsername("u1") .getPassword() .startsWith(getDigestPasswordEncoder().getPrefix())); assertTrue( service.loadUserByUsername("u2") .getPassword() .startsWith(getDigestPasswordEncoder().getPrefix())); service.loadUserByUsername("u1") .getPassword() .startsWith(getDigestPasswordEncoder().getPrefix())); assertTrue( service.loadUserByUsername("u2") .getPassword() .startsWith(getDigestPasswordEncoder().getPrefix())); assertTrue( service.loadUserByUsername("u3")
String computeAndSaveMasterPasswordDigest(char[] passwd) throws IOException { GeoServerDigestPasswordEncoder pwEncoder = loadPasswordEncoder(GeoServerDigestPasswordEncoder.class); String masterPasswdDigest = pwEncoder.encodePassword(passwd, null); saveMasterPasswordDigest(masterPasswdDigest); return masterPasswdDigest; }
/** Checks the specified password against the master password. */ public boolean checkMasterPassword(char[] passwd, boolean forLogin) { try { if (forLogin && !this.masterPasswordProviderHelper .loadConfig(this.masterPasswordConfig.getProviderName()) .isLoginEnabled()) { return false; } } catch (IOException e) { throw new RuntimeException("Unable to load master password provider config", e); } GeoServerDigestPasswordEncoder pwEncoder = loadPasswordEncoder(GeoServerDigestPasswordEncoder.class); if (masterPasswdDigest == null) { synchronized (this) { if (masterPasswdDigest == null) { try { // look for file masterPasswdDigest = loadMasterPasswordDigest(); } catch (IOException e) { throw new RuntimeException("Unable to create master password digest", e); } } } } return pwEncoder.isPasswordValid(masterPasswdDigest, passwd, null); }
protected static JDBCUserGroupServiceConfig createConfigObject( String fixtureId, LiveDbmsDataSecurity data, GeoServerSecurityManager securityManager) throws Exception { JDBCUserGroupServiceConfig config = new JDBCUserGroupServiceConfig(); Properties props = Util.loadUniversal(new FileInputStream(data.getFixture())); config.setName(fixtureId); config.setConnectURL(props.getProperty("url")); config.setDriverClassName(props.getProperty("driver")); config.setUserName( props.getProperty("user") == null ? props.getProperty("username") : props.getProperty("user")); config.setPassword(props.getProperty("password")); config.setClassName(JDBCUserGroupService.class.getName()); config.setCreatingTables(false); config.setPasswordEncoderName( securityManager .loadPasswordEncoder(GeoServerDigestPasswordEncoder.class) .getName()); config.setPasswordPolicyName(PasswordValidator.DEFAULT_NAME); if ("mysql".equals(fixtureId)) { config.setPropertyFileNameDDL("usersddl.mysql.xml"); } else { config.setPropertyFileNameDDL(JDBCUserGroupService.DEFAULT_DDL_FILE); } config.setPropertyFileNameDML(JDBCUserGroupService.DEFAULT_DML_FILE); return config; }
@Override public GeoServerUserGroupService createUserGroupService(String name) throws Exception { XMLUserGroupServiceConfig config = new XMLUserGroupServiceConfig(); config.setName(name); config.setClassName(XMLUserGroupService.class.getName()); config.setFileName("users.xml"); config.setCheckInterval(1000); config.setPasswordEncoderName(getDigestPasswordEncoder().getName()); config.setPasswordPolicyName(PasswordValidator.DEFAULT_NAME); getSecurityManager().saveUserGroupService(config); return getSecurityManager().loadUserGroupService(name); }
@Test public void testCopyFrom() throws Exception { // from crypt tp crytp GeoServerUserGroupService service1 = createUserGroupService("copyFrom"); GeoServerUserGroupService service2 = createUserGroupService("copyTo"); copyFrom(service1, service2); // from plain to plain service1 = createUserGroupService("copyFrom1", getPlainTextPasswordEncoder().getName()); service2 = createUserGroupService("copyTo1", getPlainTextPasswordEncoder().getName()); copyFrom(service1, service2); // cypt to digest service1 = createUserGroupService("copyFrom2"); service2 = createUserGroupService("copyTo2", getDigestPasswordEncoder().getName()); copyFrom(service1, service2); // digest to digest service1 = createUserGroupService("copyFrom3", getDigestPasswordEncoder().getName()); service2 = createUserGroupService("copyTo3", getDigestPasswordEncoder().getName()); copyFrom(service1, service2); // digest to crypt service1 = createUserGroupService("copyFrom4", getDigestPasswordEncoder().getName()); service2 = createUserGroupService("copyTo4"); copyFrom(service1, service2); }
protected static JDBCUserGroupServiceConfig createConfigObjectH2Jndi( String serviceName ,GeoServerSecurityManager securityManager) { JDBCUserGroupServiceConfig config = new JDBCUserGroupServiceConfig(); config.setName(serviceName); config.setJndi(true); config.setJndiName("ds.h2"); config.setClassName(JDBCUserGroupService.class.getName()); config.setPropertyFileNameDDL(JDBCUserGroupService.DEFAULT_DDL_FILE); config.setPropertyFileNameDML(JDBCUserGroupService.DEFAULT_DML_FILE); config.setCreatingTables(false); config.setPasswordEncoderName( securityManager.loadPasswordEncoder(GeoServerDigestPasswordEncoder.class).getName()); config.setPasswordPolicyName(PasswordValidator.DEFAULT_NAME); return config; } protected static GeoServerUserGroupService createH2UserGroupServiceFromJNDI(String serviceName,
protected static JDBCUserGroupServiceConfig createConfigObjectH2Jndi( String serviceName, GeoServerSecurityManager securityManager) { JDBCUserGroupServiceConfig config = new JDBCUserGroupServiceConfig(); config.setName(serviceName); config.setJndi(true); config.setJndiName("ds.h2"); config.setClassName(JDBCUserGroupService.class.getName()); config.setPropertyFileNameDDL(JDBCUserGroupService.DEFAULT_DDL_FILE); config.setPropertyFileNameDML(JDBCUserGroupService.DEFAULT_DML_FILE); config.setCreatingTables(false); config.setPasswordEncoderName( securityManager .loadPasswordEncoder(GeoServerDigestPasswordEncoder.class) .getName()); config.setPasswordPolicyName(PasswordValidator.DEFAULT_NAME); return config; }
protected static JDBCUserGroupServiceConfig createConfigObjectH2(String serviceName, GeoServerSecurityManager securityManager) { JDBCUserGroupServiceConfig config = new JDBCUserGroupServiceConfig(); config.setName(serviceName); config.setConnectURL("jdbc:h2:target/h2/security"); config.setDriverClassName("org.h2.Driver"); config.setUserName("sa"); config.setPassword(""); config.setClassName(JDBCUserGroupService.class.getName()); config.setPropertyFileNameDDL(JDBCUserGroupService.DEFAULT_DDL_FILE); config.setPropertyFileNameDML(JDBCUserGroupService.DEFAULT_DML_FILE); config.setCreatingTables(false); config.setPasswordEncoderName( securityManager.loadPasswordEncoder(GeoServerDigestPasswordEncoder.class).getName()); config.setPasswordPolicyName(PasswordValidator.DEFAULT_NAME); return config; }
protected static JDBCUserGroupServiceConfig createConfigObjectH2( String serviceName, GeoServerSecurityManager securityManager) { JDBCUserGroupServiceConfig config = new JDBCUserGroupServiceConfig(); config.setName(serviceName); config.setConnectURL("jdbc:h2:target/h2/security"); config.setDriverClassName("org.h2.Driver"); config.setUserName("sa"); config.setPassword(""); config.setClassName(JDBCUserGroupService.class.getName()); config.setPropertyFileNameDDL(JDBCUserGroupService.DEFAULT_DDL_FILE); config.setPropertyFileNameDML(JDBCUserGroupService.DEFAULT_DML_FILE); config.setCreatingTables(false); config.setPasswordEncoderName( securityManager .loadPasswordEncoder(GeoServerDigestPasswordEncoder.class) .getName()); config.setPasswordPolicyName(PasswordValidator.DEFAULT_NAME); return config; }
@Override public GeoServerUserGroupService createUserGroupService(String serviceName) throws Exception { // KeyStoreProvider.get().setUserGroupKey(serviceName, // RandomPasswordProvider.get().getRandomPassword(32)); XMLUserGroupServiceConfig ugConfig = new XMLUserGroupServiceConfig(); ugConfig.setName(serviceName); ugConfig.setClassName(XMLUserGroupService.class.getName()); ugConfig.setCheckInterval(1000); ugConfig.setFileName(XMLConstants.FILE_UR); ugConfig.setValidating(true); // ugConfig.setPasswordEncoderName(GeoserverUserPBEPasswordEncoder.PrototypeName); ugConfig.setPasswordEncoderName(getDigestPasswordEncoder().getName()); ugConfig.setPasswordPolicyName(PasswordValidator.DEFAULT_NAME); getSecurityManager().saveUserGroupService(ugConfig); GeoServerUserGroupService service = getSecurityManager().loadUserGroupService(serviceName); service.initializeFromConfig(ugConfig); return service; }
protected GeoServerUserGroupService createUserGroupService( String serviceName, String xmlFileName) throws Exception { XMLUserGroupServiceConfig ugConfig = (XMLUserGroupServiceConfig) getSecurityManager().loadUserGroupServiceConfig(serviceName); if (ugConfig == null) { ugConfig = createConfigObject(serviceName); ugConfig.setName(serviceName); } ugConfig.setClassName(XMLUserGroupService.class.getName()); ugConfig.setCheckInterval(1000); ugConfig.setFileName(xmlFileName); ugConfig.setValidating(true); ugConfig.setPasswordEncoderName(getDigestPasswordEncoder().getName()); ugConfig.setPasswordPolicyName(PasswordValidator.DEFAULT_NAME); getSecurityManager().saveUserGroupService(ugConfig /*,isNewUGService(serviceName)*/); GeoServerUserGroupService service = getSecurityManager().loadUserGroupService(serviceName); service.initializeFromConfig(ugConfig); // create files return service; }