Example 11 with FileUserRepository
use of org.neo4j.server.security.auth.FileUserRepository in project neo4j by neo4j.
the class SetInitialPasswordCommand method execute.
@Override
public void execute() throws IOException {
Config config = loadNeo4jConfig();
FileSystemAbstraction fileSystem = ctx.fs();
if (realUsersExist(config)) {
Path authFile = CommunitySecurityModule.getUserRepositoryFile(config);
throw new CommandFailedException(realUsersExistErrorMsg(fileSystem, authFile));
} else {
Path file = CommunitySecurityModule.getInitialUserRepositoryFile(config);
if (fileSystem.fileExists(file)) {
fileSystem.deleteFile(file);
}
FileUserRepository userRepository = new FileUserRepository(fileSystem, file, NullLogProvider.getInstance());
try {
userRepository.start();
userRepository.create(new User.Builder(INITIAL_USER_NAME, createCredentialForPassword(UTF8.encode(password))).withRequiredPasswordChange(changeRequired).build());
userRepository.shutdown();
} catch (Exception e) {
throw new RuntimeException(e);
}
ctx.out().println("Changed password for user '" + INITIAL_USER_NAME + "'.");
}
}
Also used :
Path(java.nio.file.Path)
FileUserRepository(org.neo4j.server.security.auth.FileUserRepository)
FileSystemAbstraction(org.neo4j.io.fs.FileSystemAbstraction)
User(org.neo4j.kernel.impl.security.User)
Config(org.neo4j.configuration.Config)
CommandFailedException(org.neo4j.cli.CommandFailedException)
IOException(java.io.IOException)
CommandFailedException(org.neo4j.cli.CommandFailedException)
Example 12 with FileUserRepository
use of org.neo4j.server.security.auth.FileUserRepository in project neo4j by neo4j.
the class SetInitialPasswordCommand method realUsersExist.
private boolean realUsersExist(Config config) {
boolean result = false;
Path authFile = CommunitySecurityModule.getUserRepositoryFile(config);
if (ctx.fs().fileExists(authFile)) {
result = true;
// Check if it only contains the default neo4j user
FileUserRepository userRepository = new FileUserRepository(ctx.fs(), authFile, NullLogProvider.getInstance());
try (Lifespan life = new Lifespan(userRepository)) {
ListSnapshot<User> users = userRepository.getSnapshot();
if (users.values().size() == 1) {
User user = users.values().get(0);
if (INITIAL_USER_NAME.equals(user.name()) && user.credentials().matchesPassword(UTF8.encode(INITIAL_PASSWORD))) {
// We allow overwriting an unmodified default neo4j user
result = false;
}
}
} catch (IOException e) {
// Do not allow overwriting if we had a problem reading the file
}
}
return result;
}
Also used :
Path(java.nio.file.Path)
FileUserRepository(org.neo4j.server.security.auth.FileUserRepository)
User(org.neo4j.kernel.impl.security.User)
IOException(java.io.IOException)
Lifespan(org.neo4j.kernel.lifecycle.Lifespan)
Aggregations
FileUserRepository (org.neo4j.server.security.auth.FileUserRepository)12
User (org.neo4j.kernel.impl.security.User)6
File (java.io.File)5
Path (java.nio.file.Path)5
FileSystemAbstraction (org.neo4j.io.fs.FileSystemAbstraction)3
UserRepository (org.neo4j.server.security.auth.UserRepository)3
IOException (java.io.IOException)2
CommandFailed (org.neo4j.commandline.admin.CommandFailed)2
Config (org.neo4j.configuration.Config)2
Config (org.neo4j.kernel.configuration.Config)2
Before (org.junit.Before)1
CommandFailedException (org.neo4j.cli.CommandFailedException)1
EphemeralFileSystemAbstraction (org.neo4j.graphdb.mockfs.EphemeralFileSystemAbstraction)1
PasswordPolicy (org.neo4j.kernel.api.security.PasswordPolicy)1
Lifespan (org.neo4j.kernel.lifecycle.Lifespan)1
AuthenticationStrategy (org.neo4j.server.security.auth.AuthenticationStrategy)1
BasicPasswordPolicy (org.neo4j.server.security.auth.BasicPasswordPolicy)1
RateLimitedAuthenticationStrategy (org.neo4j.server.security.auth.RateLimitedAuthenticationStrategy)1
