@Override public Resource getResource() { if (keyStoreResource == null) { keyStoreResource = securityManager.security().get(DEFAULT_FILE_NAME); } return keyStoreResource; }
void saveMasterPasswordDigest(String masterPasswdDigest) throws IOException { OutputStream fout = security().get(MASTER_PASSWD_DIGEST_FILENAME).out(); try { IOUtils.write(masterPasswdDigest, fout); } finally { fout.close(); } }
private void writeCurrentVersion() throws IOException { Resource security = security(); security.dir(); Resource properties = security.get(VERSION_PROPERTIES); Properties p = new Properties(); p.put(VERSION, CURR_VERSION.toString()); try (OutputStream os = properties.out()) { p.store( os, "Current version of the security directory. Do not remove or alter this file"); } }
public SecurityManagerConfig loadSecurityConfig() throws IOException { return (SecurityManagerConfig) loadConfigFile(security(), globalPersister()); }
public MasterPasswordConfig loadMasterPasswordConfig() throws IOException { Resource resource = security().get(MASTER_PASSWD_CONFIG_FILENAME); return loadConfig(MasterPasswordConfig.class, resource, globalPersister()); }
private Version getSecurityVersion() throws IOException { Resource security = security(); if (security.getType() == Type.UNDEFINED) { return BASE_VERSION; } Resource properties = security.get(VERSION_PROPERTIES); if (properties.getType() == Type.UNDEFINED) { return BASE_VERSION; } Properties p = new Properties(); try (InputStream is = properties.in()) { p.load(is); } String version = p.getProperty(VERSION); if (version != null) { return new Version(version); } else { return BASE_VERSION; } }
/** Saves master password config out directly, not during a password change. */ public void saveMasterPasswordConfig(MasterPasswordConfig config) throws IOException { xStreamPersist(security().get(MASTER_PASSWD_CONFIG_FILENAME), config, globalPersister()); this.masterPasswordConfig = new MasterPasswordConfig(config); }
Resource info = security().get(MASTER_PASSWD_INFO_FILENAME); char[] masterPasswordArray = null; if (masterPW != null) {
String loadMasterPasswordDigest() throws IOException { // look for file Resource pwDigestFile = security().get(MASTER_PASSWD_DIGEST_FILENAME); if (pwDigestFile.getType() == Type.RESOURCE) { InputStream fin = pwDigestFile.in(); try { return IOUtils.toString(fin); } finally { fin.close(); } } else { // compute and store char[] masterPasswd = getMasterPassword(); try { return computeAndSaveMasterPasswordDigest(masterPasswd); } finally { disposePassword(masterPasswd); } } }
public GeoServerSecurityManager(GeoServerDataDirectory dataDir) throws Exception { this.dataDir = dataDir; /* * JD we have to ensure that the master password is initialized first thing, before the * catalog since we need to decrypt configuration the passwords, the rest of the security * initializes occurs at the end of startup */ Resource masterpw = security().get(MASTER_PASSWD_CONFIG_FILENAME); if (masterpw.getType() == Type.RESOURCE) { init(loadMasterPasswordConfig()); } // if it doesn't exist this must be a migration startup... and this case should be // handled during migration where all the datastore passwords are processed // explicitly configPasswordEncryptionHelper = new ConfigurationPasswordEncryptionHelper(this); }
public synchronized void saveSecurityConfig(SecurityManagerConfig config) throws Exception { SecurityManagerConfig oldConfig = new SecurityManagerConfig(this.securityConfig); SecurityConfigValidator validator = new SecurityConfigValidator(this); validator.validateManagerConfig( (SecurityManagerConfig) config.clone(true), (SecurityManagerConfig) oldConfig.clone(true)); // save the current config to fall back to // The whole try block should run as a transaction, unfortunately // this is not possible with files. try { // set the new configuration init(config); if (config.getConfigPasswordEncrypterName() .equals(oldConfig.getConfigPasswordEncrypterName()) == false) { updateConfigurationFilesWithEncryptedFields(); } // save out new configuration xStreamPersist(security().get(CONFIG_FILENAME), config, globalPersister()); } catch (IOException e) { // exception, revert back to known working config LOGGER.log(Level.SEVERE, "Error saving security config, reverting back to previous", e); init(oldConfig); return; } fireChanged(); }
filterRoot().get(GeoServerSecurityFilterChain.FORM_LOGOUT_FILTER); Resource oldLogoutFilterConfig = logoutFilterDir.get("config.xml.2.2.x"); Resource oldSecManagerConfig = security().get("config.xml.2.2.x"); security().get("config.xml").in(), oldSecManagerConfig.out()); SecurityManagerConfig config = loadSecurityConfig(); for (RequestFilterChain chain : config.getFilterChain().getRequestChains()) {
Resource masterPasswordInfo = security().get(MASTER_PASSWD_INFO_FILENAME); if (masterPasswordInfo.getType() != Type.UNDEFINED) { LOGGER.warning(
Resource oldUserFile = security().get("users.properties.old"); if (oldUserFile.getType() != Type.UNDEFINED) { LOGGER.warning(oldUserFile.path() + " could be removed manually"); Resource propFile = security().get("users.properties"); Properties userprops = null; if (propFile.getType() == Type.RESOURCE) userprops = Util.loadPropertyFile(propFile); Resource serviceFile = security().get("services.properties"); if (serviceFile.getType() == Type.UNDEFINED) { org.geoserver.util.IOUtils.copy( Resource usersFile = security().get("users.properties"); if (usersFile.getType() == Type.RESOURCE) { Resource file = security().get(filename); if (file.getType() == Type.UNDEFINED) { continue; serviceFile = security().get("services.properties"); if (serviceFile.getType() != Type.UNDEFINED) { Properties props = Util.loadPropertyFile(serviceFile); Resource dataFile = security().get("layers.properties"); if (dataFile.getType() == Type.RESOURCE) { Properties props = Util.loadPropertyFile(dataFile);