/** * validates and encodes the password. Do nothing for a not changed password of an existing user * * @param user * @throws IOException */ protected void preparePassword(GeoServerUser user) throws IOException, PasswordPolicyException { char[] passwordArray = user.getPassword() != null ? user.getPassword().toCharArray() : null; if (PasswordValidatorImpl.passwordStartsWithEncoderPrefix(passwordArray) != null) return; // do nothing, password already encoded // we have a plain text password // validate it getSecurityManager() .loadPasswordValidator(getPasswordValidatorName()) .validatePassword(passwordArray); // validation ok, initializer encoder and set encoded password GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(getPasswordEncoderName()); enc.initializeFor(this); user.setPassword(enc.encodePassword(user.getPassword(), null)); }
@Override public void validatePassword(char[] password) throws PasswordPolicyException { // if (password==null) // throw createSecurityException(PW_IS_NULL); if (password == null) { // treat as "empty" password = new char[] {}; } if (password.length < config.getMinLength()) throw createSecurityException(MIN_LENGTH_$1, config.getMinLength()); if (config.getMaxLength() >= 0 && password.length > config.getMaxLength()) throw createSecurityException(MAX_LENGTH_$1, config.getMaxLength()); if (config.isDigitRequired()) { if (checkUsingMethod("isDigit", password) == false) throw createSecurityException(NO_DIGIT); } if (config.isUppercaseRequired()) { if (checkUsingMethod("isUpperCase", password) == false) throw createSecurityException(NO_UPPERCASE); } if (config.isLowercaseRequired()) { if (checkUsingMethod("isLowerCase", password) == false) throw createSecurityException(NO_LOWERCASE); } String prefix = passwordStartsWithEncoderPrefix(password); if (prefix != null) throw createSecurityException(RESERVED_PREFIX_$1, prefix); }
/** * validates and encodes the password. Do nothing * for a not changed password of an existing user * * @param user * @throws IOException */ protected void preparePassword(GeoServerUser user) throws IOException,PasswordPolicyException { char []passwordArray = user.getPassword() != null ? user.getPassword().toCharArray() : null; if (PasswordValidatorImpl.passwordStartsWithEncoderPrefix(passwordArray)!=null) return; // do nothing, password already encoded // we have a plain text password // validate it getSecurityManager().loadPasswordValidator(getPasswordValidatorName()). validatePassword(passwordArray); // validation ok, initializer encoder and set encoded password GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(getPasswordEncoderName()); enc.initializeFor(this); user.setPassword(enc.encodePassword(user.getPassword(), null)); }