Example 1 with OSymmetricKey
use of com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey in project orientdb by orientechnologies.
the class OSymmetricKeySecurity method authenticate.
public OUser authenticate(final String username, final String password) {
if (delegate == null)
throw new OSecurityAccessException("OSymmetricKeySecurity.authenticate() Delegate is null for username: " + username);
if (database == null)
throw new OSecurityAccessException("OSymmetricKeySecurity.authenticate() Database is null for username: " + username);
final String dbName = database.getName();
OUser user = delegate.getUser(username);
if (user == null)
throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() Username or Key is invalid for username: " + username);
if (user.getAccountStatus() != OSecurityUser.STATUSES.ACTIVE)
throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() User '" + username + "' is not active");
try {
OUserSymmetricKeyConfig userConfig = new OUserSymmetricKeyConfig(user);
OSymmetricKey sk = OSymmetricKey.fromConfig(userConfig);
String decryptedUsername = sk.decryptAsString(password);
if (OSecurityManager.instance().checkPassword(username, decryptedUsername))
return user;
} catch (Exception ex) {
throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() Exception for database: " + dbName + ", username: " + username + " " + ex.getMessage());
}
throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() Username or Key is invalid for database: " + dbName + ", username: " + username);
}
Also used :
OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException)
OSymmetricKey(com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey)
OUser(com.orientechnologies.orient.core.metadata.security.OUser)
OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException)
OUserSymmetricKeyConfig(com.orientechnologies.orient.core.security.symmetrickey.OUserSymmetricKeyConfig)
Example 2 with OSymmetricKey
use of com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey in project orientdb by orientechnologies.
the class OSymmetricKeyTest method shouldTestDefaultConstructor.
@Test
public void shouldTestDefaultConstructor() throws Exception {
OSymmetricKey sk = new OSymmetricKey();
String msgToEncrypt = "Please, encrypt this!";
String magic = sk.encrypt(msgToEncrypt);
String decryptedMsg = sk.decryptAsString(magic);
assertThat(msgToEncrypt).isEqualTo(decryptedMsg);
}
Also used :
OSymmetricKey(com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey)
Test(org.junit.Test)
Example 3 with OSymmetricKey
use of com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey in project orientdb by orientechnologies.
the class OSymmetricKeyTest method shouldTestSpecificAESKey.
@Test
public void shouldTestSpecificAESKey() throws Exception {
OSymmetricKey sk = new OSymmetricKey("AES", "8BC7LeGkFbmHEYNTz5GwDw==");
String msgToEncrypt = "Please, encrypt this!";
String magic = sk.encrypt("AES/CBC/PKCS5Padding", msgToEncrypt);
String decryptedMsg = sk.decryptAsString(magic);
assertThat(msgToEncrypt).isEqualTo(decryptedMsg);
}
Also used :
OSymmetricKey(com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey)
Test(org.junit.Test)
Example 4 with OSymmetricKey
use of com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey in project orientdb by orientechnologies.
the class OSymmetricKeyTest method shouldTestOSymmetricKeySecurity.
@Test
public void shouldTestOSymmetricKeySecurity() throws Exception {
ODatabaseDocumentTx db = new ODatabaseDocumentTx("memory:" + OSymmetricKeyTest.class.getSimpleName());
if (db.exists()) {
db.open("admin", "admin");
db.drop();
}
db.create();
final String user = "test";
command(db, "insert into OUser set name=?, password='password', status='ACTIVE', roles=(SELECT FROM ORole WHERE name = ?)", user, "admin");
command(db, "update OUser set properties={'@type':'d', 'key':'8BC7LeGkFbmHEYNTz5GwDw==','keyAlgorithm':'AES'} where name = ?", user);
db.close();
db.setProperty(ODatabase.OPTIONS.SECURITY.toString(), OSymmetricKeySecurity.class);
OSymmetricKey sk = new OSymmetricKey("AES", "8BC7LeGkFbmHEYNTz5GwDw==");
// We encrypt the username and specify the Base64-encoded JSON document as the password.
db.open(user, sk.encrypt("AES/CBC/PKCS5Padding", user));
db.close();
}
Also used :
OSymmetricKey(com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey)
ODatabaseDocumentTx(com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx)
Test(org.junit.Test)
Example 5 with OSymmetricKey
use of com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey in project orientdb by orientechnologies.
the class OSymmetricKeyTest method shouldTestGeneratedAESKey.
@Test
public void shouldTestGeneratedAESKey() throws Exception {
OSymmetricKey sk = new OSymmetricKey("AES", "AES/CBC/PKCS5Padding", 128);
String key = sk.getBase64Key();
String msgToEncrypt = "Please, encrypt this!";
String magic = sk.encrypt(msgToEncrypt);
OSymmetricKey sk2 = new OSymmetricKey("AES", key);
String decryptedMsg = sk2.decryptAsString(magic);
assertThat(msgToEncrypt).isEqualTo(decryptedMsg);
}
Also used :
OSymmetricKey(com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey)
Test(org.junit.Test)
Aggregations
OSymmetricKey (com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey)5
Test (org.junit.Test)4
ODatabaseDocumentTx (com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx)1
OSecurityAccessException (com.orientechnologies.orient.core.exception.OSecurityAccessException)1
OUser (com.orientechnologies.orient.core.metadata.security.OUser)1
OUserSymmetricKeyConfig (com.orientechnologies.orient.core.security.symmetrickey.OUserSymmetricKeyConfig)1
