protected void validatePasswordAgainstPolicy(char[] password) throws PasswordPolicyException { PasswordValidator val = null; try { val = manager.loadPasswordValidator(PasswordValidatorImpl.MASTERPASSWORD_NAME); val.validatePassword(password); } catch (IOException e) { throw new RuntimeException(e); } } }
/** Loads the password policy for the named config from persistence. */ public PasswordValidator load(String name) throws IOException { PasswordPolicyConfig config = loadConfig(name); if (config == null) { // no such config return null; } // look up the validator for this config PasswordValidator validator = null; for (GeoServerSecurityProvider p : lookupSecurityProviders()) { if (p.getPasswordValidatorClass() == null) { continue; } if (p.getPasswordValidatorClass().getName().equals(config.getClassName())) { validator = p.createPasswordValidator(config, GeoServerSecurityManager.this); break; } } if (validator == null) { throw new IOException("No password policy matching config: " + config); } validator.setConfig(config); return validator; }
/** * validates and encodes the password. Do nothing for a not changed password of an existing user * * @param user * @throws IOException */ protected void preparePassword(GeoServerUser user) throws IOException, PasswordPolicyException { char[] passwordArray = user.getPassword() != null ? user.getPassword().toCharArray() : null; if (PasswordValidatorImpl.passwordStartsWithEncoderPrefix(passwordArray) != null) return; // do nothing, password already encoded // we have a plain text password // validate it getSecurityManager() .loadPasswordValidator(getPasswordValidatorName()) .validatePassword(passwordArray); // validation ok, initializer encoder and set encoded password GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(getPasswordEncoderName()); enc.initializeFor(this); user.setPassword(enc.encodePassword(user.getPassword(), null)); }
/** * validates and encodes the password. Do nothing * for a not changed password of an existing user * * @param user * @throws IOException */ protected void preparePassword(GeoServerUser user) throws IOException,PasswordPolicyException { char []passwordArray = user.getPassword() != null ? user.getPassword().toCharArray() : null; if (PasswordValidatorImpl.passwordStartsWithEncoderPrefix(passwordArray)!=null) return; // do nothing, password already encoded // we have a plain text password // validate it getSecurityManager().loadPasswordValidator(getPasswordValidatorName()). validatePassword(passwordArray); // validation ok, initializer encoder and set encoded password GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(getPasswordEncoderName()); enc.initializeFor(this); user.setPassword(enc.encodePassword(user.getPassword(), null)); }