protected void validatePasswordAgainstPolicy(char[] password) throws PasswordPolicyException { PasswordValidator val = null; try { val = manager.loadPasswordValidator(PasswordValidatorImpl.MASTERPASSWORD_NAME); val.validatePassword(password); } catch (IOException e) { throw new RuntimeException(e); } } }
/** * validates and encodes the password. Do nothing for a not changed password of an existing user * * @param user * @throws IOException */ protected void preparePassword(GeoServerUser user) throws IOException, PasswordPolicyException { char[] passwordArray = user.getPassword() != null ? user.getPassword().toCharArray() : null; if (PasswordValidatorImpl.passwordStartsWithEncoderPrefix(passwordArray) != null) return; // do nothing, password already encoded // we have a plain text password // validate it getSecurityManager() .loadPasswordValidator(getPasswordValidatorName()) .validatePassword(passwordArray); // validation ok, initializer encoder and set encoded password GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(getPasswordEncoderName()); enc.initializeFor(this); user.setPassword(enc.encodePassword(user.getPassword(), null)); }
keyStoreProvider.storeKeyStore(); PasswordValidator validator = loadPasswordValidator(PasswordValidator.DEFAULT_NAME); if (validator == null) { pwpconfig.setMinLength(0); savePasswordPolicy(pwpconfig); validator = loadPasswordValidator(PasswordValidator.DEFAULT_NAME); validator = loadPasswordValidator(PasswordValidator.MASTERPASSWORD_NAME); if (validator == null) { pwpconfig.setMinLength(8); savePasswordPolicy(pwpconfig); validator = loadPasswordValidator(PasswordValidator.MASTERPASSWORD_NAME);
expect(secMgr.loadPasswordValidator(PasswordValidator.DEFAULT_NAME)) .andReturn(passwdValidator) .anyTimes(); masterPasswdValidator.setConfig(masterPasswdPolicyConfig); expect(secMgr.loadPasswordValidator(PasswordValidator.MASTERPASSWORD_NAME)) .andReturn(masterPasswdValidator) .anyTimes();
/** * validates and encodes the password. Do nothing * for a not changed password of an existing user * * @param user * @throws IOException */ protected void preparePassword(GeoServerUser user) throws IOException,PasswordPolicyException { char []passwordArray = user.getPassword() != null ? user.getPassword().toCharArray() : null; if (PasswordValidatorImpl.passwordStartsWithEncoderPrefix(passwordArray)!=null) return; // do nothing, password already encoded // we have a plain text password // validate it getSecurityManager().loadPasswordValidator(getPasswordValidatorName()). validatePassword(passwordArray); // validation ok, initializer encoder and set encoded password GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(getPasswordEncoderName()); enc.initializeFor(this); user.setPassword(enc.encodePassword(user.getPassword(), null)); }