@Override public void initialize(GeoServerSecurityManager securityManager) throws IOException { this.keystoreProvider = securityManager.getKeyStoreProvider(); }
public GeoServerMultiplexingPasswordEncoder( GeoServerSecurityManager secMgr, GeoServerUserGroupService service) { encoders = new HashSet<GeoServerPasswordEncoder>(); for (GeoServerPasswordEncoder enc : secMgr.loadPasswordEncoders()) { if (StringUtils.hasLength(enc.getPrefix())) { if (service != null) { try { if (enc instanceof GeoServerPBEPasswordEncoder) { if (!secMgr.getKeyStoreProvider().hasUserGroupKey(service.getName())) { continue; // cannot use pbe encoder, no key } } enc.initializeFor(service); } catch (IOException e) { throw new RuntimeException(e); } } encoders.add(enc); } } }
protected void checkCurrentPassword(MasterPasswordChangeRequest request) throws MasterPasswordChangeException { if (isNotEmpty(request.getCurrentPassword()) == false) { throw createSecurityException(MasterPasswordChangeException.CURRENT_PASSWORD_REQUIRED); } try { if (!manager.getKeyStoreProvider().isKeyStorePassword(request.getCurrentPassword())) { throw createSecurityException(MasterPasswordChangeException.CURRENT_PASSWORD_ERROR); } } catch (IOException ex) { throw new RuntimeException(ex); } }
getKeyStoreProvider().reloadKeyStore();
getSecurityManager().loadPasswordEncoder(passwordEncoderName); if (enc.getEncodingType() == PasswordEncodingType.ENCRYPT) { KeyStoreProvider prov = getSecurityManager().getKeyStoreProvider(); String alias = prov.aliasForGroupService(name); if (prov.containsAlias(alias) == false) {
KeyStoreProvider keyStoreProvider = getKeyStoreProvider(); try {
loadUserGroupService(XMLUserGroupService.DEFAULT_NAME); KeyStoreProvider keyStoreProvider = getKeyStoreProvider(); keyStoreProvider.reloadKeyStore(); keyStoreProvider.setUserGroupKey(
.andReturn(new SecretKeySpec(toBytes("geoserver".toCharArray()), "PBE")) .anyTimes(); expect(secMgr.getKeyStoreProvider()).andReturn(keyStoreProvider).anyTimes();
String oldMasterPasswdDigest = masterPasswdDigest; KeyStoreProvider ksProvider = getKeyStoreProvider(); synchronized (ksProvider) { ksProvider.prepareForMasterPasswordChange(currPasswd, newPasswdConfirm);
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { this.name = config.getName(); SecurityUserGroupServiceConfig ugConfig = (SecurityUserGroupServiceConfig) config; passwordEncoderName = ugConfig.getPasswordEncoderName(); GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(passwordEncoderName); if (enc.getEncodingType() == PasswordEncodingType.ENCRYPT) { KeyStoreProvider prov = getSecurityManager().getKeyStoreProvider(); String alias = prov.aliasForGroupService(name); if (prov.containsAlias(alias) == false) { prov.setUserGroupKey( name, getSecurityManager() .getRandomPassworddProvider() .getRandomPasswordWithDefaultLength()); prov.storeKeyStore(); } } enc.initializeFor(this); passwordValidatorName = ugConfig.getPasswordPolicyName(); toBeEncrypted = (((MemoryUserGroupServiceConfigImpl) config).getToBeEncrypted()); } }
KeyStoreProvider prov = getSecurityManager().getKeyStoreProvider(); String alias = prov.aliasForGroupService(name); if (prov.containsAlias(alias)==false) {
.toString() .endsWith(URLMasterPasswordProviderConfig.MASTER_PASSWD_FILENAME)); getSecurityManager().getKeyStoreProvider().reloadKeyStore(); assertEquals("geoserver1", getMasterPassword()); getSecurityManager().getKeyStoreProvider().getConfigPasswordKey(); getSecurityManager().getKeyStoreProvider().getConfigPasswordKey(); getSecurityManager().getKeyStoreProvider().commitMasterPasswordChange(); getSecurityManager().getKeyStoreProvider().getConfigPasswordKey();
KeyStoreProvider ksp = getSecurityManager().getKeyStoreProvider(); ksp.removeKey(KeyStoreProviderImpl.CONFIGPASSWORDKEY); ksp.removeKey(ksp.aliasForGroupService("default"));
KeyStoreProvider keyStoreProvider = getSecurityManager().getKeyStoreProvider(); keyStoreProvider.setUserGroupKey(service.getName(), password.toCharArray());