@Override public MasterPasswordProvider createMasterPasswordProvider( MasterPasswordProviderConfig config) throws IOException { return new URLMasterPasswordProvider(); }
@Override protected char[] doGetMasterPassword() throws Exception { try { InputStream in = input(config.getURL(), getConfigDir()); try { // JD: for some reason the decrypted passwd comes back sometimes with null chars // tacked on // MCR, was a problem with toBytes and toChar in SecurityUtils // return trimNullChars(toChars(decode(IOUtils.toByteArray(in)))); return toChars(decode(IOUtils.toByteArray(in))); } finally { in.close(); } } catch (IOException e) { throw new RuntimeException(e); } }
@Override protected void doSetMasterPassword(char[] passwd) throws Exception { OutputStream out = output(config.getURL(), getConfigDir()); try { out.write(encode(passwd)); } finally { out.close(); } }
Resource getConfigDir() throws IOException { return getSecurityManager().masterPasswordProvider().get(getName()); }
@Test public void testEncryption() throws Exception { File tmp = File.createTempFile("passwd", "tmp", new File("target")); tmp = tmp.getCanonicalFile(); URLMasterPasswordProviderConfig config = new URLMasterPasswordProviderConfig(); config.setName("test"); config.setReadOnly(false); config.setLoginEnabled(true); config.setClassName(URLMasterPasswordProvider.class.getCanonicalName()); config.setURL(URLs.fileToUrl(tmp)); config.setEncrypting(true); URLMasterPasswordProvider mpp = new URLMasterPasswordProvider(); mpp.setSecurityManager(getSecurityManager()); mpp.initializeFromConfig(config); mpp.setName(config.getName()); mpp.doSetMasterPassword("geoserver".toCharArray()); String encoded = IOUtils.toString(new FileInputStream(tmp)); assertFalse("geoserver".equals(encoded)); char[] passwd = mpp.doGetMasterPassword(); assertTrue(Arrays.equals("geoserver".toCharArray(), passwd)); } }
@Override public void validate(MasterPasswordProviderConfig config) throws SecurityConfigException { super.validate(config); URLMasterPasswordProviderConfig urlConfig = (URLMasterPasswordProviderConfig) config; URL url = urlConfig.getURL(); if (url == null) { throw new URLMasterPasswordProviderException(URL_REQUIRED); } if (config.isReadOnly()) { // read-only, assure we can read from url try { InputStream in = input(url, manager.masterPasswordProvider().get(config.getName())); try { in.read(); } finally { in.close(); } } catch (IOException ex) { throw new URLMasterPasswordProviderException(URL_LOCATION_NOT_READABLE, url); } } } }