Search in sources :

Example 1 with PasswordEncoder

use of org.springframework.security.authentication.encoding.PasswordEncoder in project spring-security by spring-projects.

the class PasswordComparisonAuthenticator method setPasswordEncoder.

public void setPasswordEncoder(Object passwordEncoder) {
    if (passwordEncoder instanceof PasswordEncoder) {
        this.usePasswordAttrCompare = false;
        setPasswordEncoder((PasswordEncoder) passwordEncoder);
        return;
    }
    if (passwordEncoder instanceof org.springframework.security.crypto.password.PasswordEncoder) {
        final org.springframework.security.crypto.password.PasswordEncoder delegate = (org.springframework.security.crypto.password.PasswordEncoder) passwordEncoder;
        setPasswordEncoder(new PasswordEncoder() {

            public String encodePassword(String rawPass, Object salt) {
                checkSalt(salt);
                return delegate.encode(rawPass);
            }

            public boolean isPasswordValid(String encPass, String rawPass, Object salt) {
                checkSalt(salt);
                return delegate.matches(rawPass, encPass);
            }

            private void checkSalt(Object salt) {
                Assert.isNull(salt, "Salt value must be null when used with crypto module PasswordEncoder");
            }
        });
        this.usePasswordAttrCompare = true;
        return;
    }
    throw new IllegalArgumentException("passwordEncoder must be a PasswordEncoder instance");
}
Also used : LdapShaPasswordEncoder(org.springframework.security.authentication.encoding.LdapShaPasswordEncoder) PasswordEncoder(org.springframework.security.authentication.encoding.PasswordEncoder)

Example 2 with PasswordEncoder

use of org.springframework.security.authentication.encoding.PasswordEncoder in project spring-security by spring-projects.

the class DaoAuthenticationProvider method setPasswordEncoder.

/**
	 * Sets the PasswordEncoder instance to be used to encode and validate passwords. If
	 * not set, the password will be compared as plain text.
	 * <p>
	 * For systems which are already using salted password which are encoded with a
	 * previous release, the encoder should be of type
	 * {@code org.springframework.security.authentication.encoding.PasswordEncoder}.
	 * Otherwise, the recommended approach is to use
	 * {@code org.springframework.security.crypto.password.PasswordEncoder}.
	 *
	 * @param passwordEncoder must be an instance of one of the {@code PasswordEncoder}
	 * types.
	 */
public void setPasswordEncoder(Object passwordEncoder) {
    Assert.notNull(passwordEncoder, "passwordEncoder cannot be null");
    if (passwordEncoder instanceof PasswordEncoder) {
        setPasswordEncoder((PasswordEncoder) passwordEncoder);
        return;
    }
    if (passwordEncoder instanceof org.springframework.security.crypto.password.PasswordEncoder) {
        final org.springframework.security.crypto.password.PasswordEncoder delegate = (org.springframework.security.crypto.password.PasswordEncoder) passwordEncoder;
        setPasswordEncoder(new PasswordEncoder() {

            public String encodePassword(String rawPass, Object salt) {
                checkSalt(salt);
                return delegate.encode(rawPass);
            }

            public boolean isPasswordValid(String encPass, String rawPass, Object salt) {
                checkSalt(salt);
                return delegate.matches(rawPass, encPass);
            }

            private void checkSalt(Object salt) {
                Assert.isNull(salt, "Salt value must be null when used with crypto module PasswordEncoder");
            }
        });
        return;
    }
    throw new IllegalArgumentException("passwordEncoder must be a PasswordEncoder instance");
}
Also used : PlaintextPasswordEncoder(org.springframework.security.authentication.encoding.PlaintextPasswordEncoder) PasswordEncoder(org.springframework.security.authentication.encoding.PasswordEncoder)

Example 3 with PasswordEncoder

use of org.springframework.security.authentication.encoding.PasswordEncoder in project pentaho-platform by pentaho.

the class SpringSecurityHibernateConfigTest method testGetPasswordEncoder.

@Test
public void testGetPasswordEncoder() throws Exception {
    config = new SpringSecurityHibernateConfig(document);
    Node node = mock(Node.class);
    when(node.getText()).thenReturn(DefaultPentahoPasswordEncoder.class.getName());
    when(document.selectSingleNode(anyString())).thenReturn(node);
    PasswordEncoder passwordEncoder = config.getPasswordEncoder();
    assertTrue(passwordEncoder instanceof DefaultPentahoPasswordEncoder);
}
Also used : DefaultPentahoPasswordEncoder(org.pentaho.platform.repository2.userroledao.jackrabbit.security.DefaultPentahoPasswordEncoder) PasswordEncoder(org.springframework.security.authentication.encoding.PasswordEncoder) Node(org.dom4j.Node) DefaultPentahoPasswordEncoder(org.pentaho.platform.repository2.userroledao.jackrabbit.security.DefaultPentahoPasswordEncoder) Test(org.junit.Test)

Example 4 with PasswordEncoder

use of org.springframework.security.authentication.encoding.PasswordEncoder in project pentaho-platform by pentaho.

the class SpringSecurityHibernateConfigTest method testGetPasswordEncoder_ClassNotFound.

@Test
public void testGetPasswordEncoder_ClassNotFound() throws Exception {
    config = new SpringSecurityHibernateConfig(document);
    Node node = mock(Node.class);
    when(node.getText()).thenReturn("org.pentaho.ClassNotFoundEncoder");
    when(document.selectSingleNode(anyString())).thenReturn(node);
    PasswordEncoder passwordEncoder = config.getPasswordEncoder();
    assertNull(passwordEncoder);
}
Also used : DefaultPentahoPasswordEncoder(org.pentaho.platform.repository2.userroledao.jackrabbit.security.DefaultPentahoPasswordEncoder) PasswordEncoder(org.springframework.security.authentication.encoding.PasswordEncoder) Node(org.dom4j.Node) Test(org.junit.Test)

Example 5 with PasswordEncoder

use of org.springframework.security.authentication.encoding.PasswordEncoder in project pentaho-platform by pentaho.

the class AppConfigPropertiesTest method testGetPasswordEncoder.

@Test
public void testGetPasswordEncoder() throws Exception {
    SpringSecurityHibernateConfig springSecurityConfig = mock(SpringSecurityHibernateConfig.class);
    doReturn(springSecurityConfig).when(spyAppConfigProperties).getSpringSecurityHibernateConfig();
    PasswordEncoder pwdEncoder = mock(PasswordEncoder.class);
    when(springSecurityConfig.getPasswordEncoder()).thenReturn(pwdEncoder);
    PasswordEncoder passwordEncoder = spyAppConfigProperties.getPasswordEncoder();
    verify(springSecurityConfig).getPasswordEncoder();
    assertEquals(pwdEncoder, passwordEncoder);
}
Also used : PasswordEncoder(org.springframework.security.authentication.encoding.PasswordEncoder) Test(org.junit.Test)

Aggregations

PasswordEncoder (org.springframework.security.authentication.encoding.PasswordEncoder)6 Test (org.junit.Test)3 Node (org.dom4j.Node)2 DefaultPentahoPasswordEncoder (org.pentaho.platform.repository2.userroledao.jackrabbit.security.DefaultPentahoPasswordEncoder)2 IPentahoUser (org.pentaho.platform.api.engine.security.userroledao.IPentahoUser)1 PentahoUser (org.pentaho.platform.security.userroledao.PentahoUser)1 LdapShaPasswordEncoder (org.springframework.security.authentication.encoding.LdapShaPasswordEncoder)1 PlaintextPasswordEncoder (org.springframework.security.authentication.encoding.PlaintextPasswordEncoder)1