Example 36 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project mots by motech-implementations.
the class UserService method changeUserPassword.
/**
* Updates user's password.
*
* @param username of user which password is about to change.
* @param newPassword is new password value for user.
* @param currentPassword is current user's password.
*/
public void changeUserPassword(String username, String newPassword, String currentPassword) {
User user = getUserByUserName(username);
if (!passwordsMatch(currentPassword, user.getPassword())) {
throw new IllegalArgumentException("Current password is incorrect.");
}
String newPasswordEncoded = new BCryptPasswordEncoder().encode(newPassword);
user.setPassword(newPasswordEncoded);
userRepository.save(user);
}
Also used :
User(org.motechproject.mots.domain.security.User)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 37 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project cas by apereo.
the class QueryDatabaseAuthenticationHandlerTests method verifyBCryptFail.
/**
* This test proves that in case BCRYPT is used authentication using encoded password always fail
* with FailedLoginException
*/
@Test
public void verifyBCryptFail() {
val encoder = new BCryptPasswordEncoder(8, RandomUtils.getNativeInstance());
val sql = SQL.replace("*", '\'' + encoder.encode("pswbc1") + "' password");
val properties = new QueryJdbcAuthenticationProperties().setSql(sql).setFieldPassword(PASSWORD_FIELD);
val q = new QueryDatabaseAuthenticationHandler(properties, null, PrincipalFactoryUtils.newPrincipalFactory(), this.dataSource, new HashMap<>(0));
q.setPasswordEncoder(encoder);
assertThrows(FailedLoginException.class, () -> q.authenticate(CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("user0", "pswbc1")));
}
Also used :
lombok.val(lombok.val)
QueryJdbcAuthenticationProperties(org.apereo.cas.configuration.model.support.jdbc.authn.QueryJdbcAuthenticationProperties)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Test(org.junit.jupiter.api.Test)
Example 38 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project spring-boot-starter-kit by tripsta.
the class SecurityConfiguration method configure.
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
auth.inMemoryAuthentication().withUser(userRoleUsername).password(encoder.encode(userRolePassword)).roles(ROLE_USER).and().withUser(adminRoleUsername).password(encoder.encode(adminRolePassword)).roles(ROLE_USER, ROLE_ADMIN);
}
Also used :
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 39 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project hub-alert by blackducksoftware.
the class PasswordEncoderSample method testEncodePassword.
@Test
public void testEncodePassword() {
PasswordEncoder encoder = new BCryptPasswordEncoder(16);
String encodedString = encoder.encode("replace_me_with_a_password_to_get_encoded_value");
logger.debug("Encoded String: {}", encodedString);
}
Also used :
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Test(org.junit.jupiter.api.Test)
Example 40 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project CzechIdMng by bcvsolutions.
the class DefaultIdmPasswordHistoryService method checkHistory.
@Override
public boolean checkHistory(UUID identityId, int countOfIteration, GuardedString newPassword) {
Assert.notNull(identityId, "Identity id can't be null.");
Assert.notNull(newPassword, "New password can't be null.");
//
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(12);
//
for (IdmPasswordHistoryDto passwordHistory : getPasswordHistoryForIdentity(identityId, countOfIteration)) {
boolean matches = encoder.matches(newPassword.asString(), passwordHistory.getPassword());
if (matches) {
return true;
}
}
return false;
}
Also used :
IdmPasswordHistoryDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordHistoryDto)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Aggregations
BCryptPasswordEncoder (org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)48
PasswordEncoder (org.springframework.security.crypto.password.PasswordEncoder)18
Test (org.junit.jupiter.api.Test)7
KeystorePasswordHolder (won.owner.model.KeystorePasswordHolder)7
User (won.owner.model.User)7
SCryptPasswordEncoder (org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)6
DelegatingPasswordEncoder (org.springframework.security.crypto.password.DelegatingPasswordEncoder)5
NoOpPasswordEncoder (org.springframework.security.crypto.password.NoOpPasswordEncoder)5
Pbkdf2PasswordEncoder (org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)5
StandardPasswordEncoder (org.springframework.security.crypto.password.StandardPasswordEncoder)5
User (com.github.liuweijw.business.admin.domain.User)4
HashMap (java.util.HashMap)4
Transactional (org.springframework.transaction.annotation.Transactional)4
KeystoreHolder (won.owner.model.KeystoreHolder)4
ExpensiveSecureRandomString (won.protocol.util.ExpensiveSecureRandomString)4
PrePermissions (com.github.liuweijw.business.commons.web.aop.PrePermissions)3
Date (java.util.Date)3
lombok.val (lombok.val)3
Bean (org.springframework.context.annotation.Bean)3
DataIntegrityViolationException (org.springframework.dao.DataIntegrityViolationException)3
