Example 1 with StandardPasswordEncoder
use of org.springframework.security.crypto.password.StandardPasswordEncoder in project cas by apereo.
the class Beans method newPasswordEncoder.
/**
* New password encoder password encoder.
*
* @param properties the properties
* @return the password encoder
*/
public static PasswordEncoder newPasswordEncoder(final PasswordEncoderProperties properties) {
final String type = properties.getType();
if (StringUtils.isBlank(type)) {
LOGGER.debug("No password encoder type is defined, and so none shall be created");
return NoOpPasswordEncoder.getInstance();
}
if (type.contains(".")) {
try {
LOGGER.debug("Configuration indicates use of a custom password encoder [{}]", type);
final Class<PasswordEncoder> clazz = (Class<PasswordEncoder>) Class.forName(type);
return clazz.newInstance();
} catch (final Exception e) {
LOGGER.error("Falling back to a no-op password encoder as CAS has failed to create " + "an instance of the custom password encoder class " + type, e);
return NoOpPasswordEncoder.getInstance();
}
}
final PasswordEncoderProperties.PasswordEncoderTypes encoderType = PasswordEncoderProperties.PasswordEncoderTypes.valueOf(type);
switch(encoderType) {
case DEFAULT:
LOGGER.debug("Creating default password encoder with encoding alg [{}] and character encoding [{}]", properties.getEncodingAlgorithm(), properties.getCharacterEncoding());
return new DefaultPasswordEncoder(properties.getEncodingAlgorithm(), properties.getCharacterEncoding());
case STANDARD:
LOGGER.debug("Creating standard password encoder with the secret defined in the configuration");
return new StandardPasswordEncoder(properties.getSecret());
case BCRYPT:
LOGGER.debug("Creating BCRYPT password encoder given the strength [{}] and secret in the configuration", properties.getStrength());
if (StringUtils.isBlank(properties.getSecret())) {
LOGGER.debug("Creating BCRYPT encoder without secret");
return new BCryptPasswordEncoder(properties.getStrength());
}
LOGGER.debug("Creating BCRYPT encoder with secret");
return new BCryptPasswordEncoder(properties.getStrength(), new SecureRandom(properties.getSecret().getBytes(StandardCharsets.UTF_8)));
case SCRYPT:
LOGGER.debug("Creating SCRYPT encoder");
return new SCryptPasswordEncoder();
case PBKDF2:
if (StringUtils.isBlank(properties.getSecret())) {
LOGGER.debug("Creating PBKDF2 encoder without secret");
return new Pbkdf2PasswordEncoder();
}
final int hashWidth = 256;
return new Pbkdf2PasswordEncoder(properties.getSecret(), properties.getStrength(), hashWidth);
case NONE:
default:
LOGGER.debug("No password encoder shall be created given the requested encoder type [{}]", type);
return NoOpPasswordEncoder.getInstance();
}
}
Also used :
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
DefaultPasswordEncoder(org.apereo.cas.util.crypto.DefaultPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
SecureRandom(java.security.SecureRandom)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
BeanCreationException(org.springframework.beans.factory.BeanCreationException)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
PasswordEncoderProperties(org.apereo.cas.configuration.model.core.authentication.PasswordEncoderProperties)
DefaultPasswordEncoder(org.apereo.cas.util.crypto.DefaultPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 2 with StandardPasswordEncoder
use of org.springframework.security.crypto.password.StandardPasswordEncoder in project ocvn by devgateway.
the class WebSecurityConfig method configureGlobal.
@Autowired
public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception {
// we use standard password encoder for all passwords
StandardPasswordEncoder spe = new StandardPasswordEncoder();
auth.userDetailsService(customJPAUserDetailsService).passwordEncoder(spe);
}
Also used :
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Example 3 with StandardPasswordEncoder
use of org.springframework.security.crypto.password.StandardPasswordEncoder in project ocvn by devgateway.
the class EditUserPage method getSaveEditPageButton.
@Override
public SaveEditPageButton getSaveEditPageButton() {
return new SaveEditPageButton("save", new StringResourceModel("save", EditUserPage.this, null)) {
private static final long serialVersionUID = 5214537995514151323L;
@Override
protected void onSubmit(final AjaxRequestTarget target, final Form<?> form) {
Person saveable = editForm.getModelObject();
StandardPasswordEncoder encoder = new StandardPasswordEncoder("");
// encode the password
if (saveable.getChangePass()) {
saveable.setPassword(encoder.encode(password.getField().getModelObject()));
} else {
if (saveable.getPassword() == null || saveable.getPassword().compareTo("") == 0) {
feedbackPanel.error(new StringResourceModel("nullPassword", this, null).getString());
target.add(feedbackPanel);
return;
}
}
// it again next time
if (isChangePassPage()) {
saveable.setChangePassword(false);
}
saveable = jpaRepository.save(saveable);
ensureDefaultDashboardIsAlsoAssignedDashboard(saveable);
if (!SecurityUtil.isCurrentUserAdmin()) {
setResponsePage(Homepage.class);
} else {
setResponsePage(listPageClass);
}
}
};
}
Also used :
AjaxRequestTarget(org.apache.wicket.ajax.AjaxRequestTarget)
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
Form(org.apache.wicket.markup.html.form.Form)
StringResourceModel(org.apache.wicket.model.StringResourceModel)
Person(org.devgateway.toolkit.persistence.dao.Person)
Example 4 with StandardPasswordEncoder
use of org.springframework.security.crypto.password.StandardPasswordEncoder in project summerb by skarpushin.
the class PasswordServiceDbImplFactory method createPasswordServiceDbImpl.
public static PasswordServiceImpl createPasswordServiceDbImpl() {
PasswordServiceImpl ret = new PasswordServiceImpl();
ret.setPasswordEncoder(new StandardPasswordEncoder("test"));
UserService userService = UserServiceImplFactory.createUsersServiceImpl();
ret.setUserService(userService);
PasswordDao passwordDao = Mockito.mock(PasswordDao.class);
ret.setPasswordDao(passwordDao);
when(passwordDao.findPasswordByUserUuid(UserFactory.EXISTENT_USER)).thenReturn(PasswordFactory.createExistentUserPassword());
when(passwordDao.findPasswordByUserUuid(UserFactory.NON_EXISTENT_USER)).thenReturn(null);
when(passwordDao.findPasswordByUserUuid(UserFactory.EXISTENT_USER_WITH_MISSING_PASSWORD)).thenReturn(null);
when(passwordDao.findPasswordByUserUuid(UserFactory.USER_RESULT_IN_EXCEPTION)).thenThrow(new IllegalStateException("Simulate unexpected excception"));
when(passwordDao.findPasswordByUserUuid(UserFactory.EXISTENT_USER_2_PROBLEM_WITH_PASSWORD)).thenThrow(new IllegalStateException("Simulate unexpected excception"));
when(passwordDao.updateUserPassword(eq(UserFactory.EXISTENT_USER), anyString())).thenReturn(1);
when(passwordDao.updateUserPassword(eq(UserFactory.EXISTENT_USER_WITH_MISSING_PASSWORD), anyString())).thenReturn(0);
when(passwordDao.setRestorationToken(eq(UserFactory.EXISTENT_USER), anyString())).thenReturn(1);
when(passwordDao.setRestorationToken(eq(UserFactory.EXISTENT_USER_WITH_MISSING_PASSWORD), anyString())).thenReturn(0);
return ret;
}
Also used :
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
PasswordDao(org.summerb.microservices.users.impl.dao.PasswordDao)
UserService(org.summerb.microservices.users.api.UserService)
Example 5 with StandardPasswordEncoder
use of org.springframework.security.crypto.password.StandardPasswordEncoder in project cas by apereo.
the class PasswordEncoderUtils method newPasswordEncoder.
/**
* New password encoder password encoder.
*
* @param properties the properties
* @param applicationContext the application context
* @return the password encoder
*/
@SuppressWarnings("java:S5344")
public static PasswordEncoder newPasswordEncoder(final PasswordEncoderProperties properties, final ApplicationContext applicationContext) {
val type = properties.getType();
if (StringUtils.isBlank(type)) {
LOGGER.trace("No password encoder type is defined, and so none shall be created");
return NoOpPasswordEncoder.getInstance();
}
if (type.endsWith(".groovy")) {
LOGGER.trace("Creating Groovy-based password encoder at [{}]", type);
val resource = applicationContext.getResource(type);
return new GroovyPasswordEncoder(resource, applicationContext);
}
if (type.contains(".")) {
try {
LOGGER.debug("Configuration indicates use of a custom password encoder [{}]", type);
val clazz = (Class<PasswordEncoder>) Class.forName(type);
return clazz.getDeclaredConstructor().newInstance();
} catch (final Exception e) {
val msg = "Falling back to a no-op password encoder as CAS has failed to create " + "an instance of the custom password encoder class " + type;
LoggingUtils.error(LOGGER, msg, e);
return NoOpPasswordEncoder.getInstance();
}
}
val encoderType = PasswordEncoderProperties.PasswordEncoderTypes.valueOf(type);
switch(encoderType) {
case DEFAULT:
LOGGER.debug("Creating default password encoder with encoding alg [{}] and character encoding [{}]", properties.getEncodingAlgorithm(), properties.getCharacterEncoding());
return new DefaultPasswordEncoder(properties.getEncodingAlgorithm(), properties.getCharacterEncoding());
case STANDARD:
LOGGER.debug("Creating standard password encoder with the secret defined in the configuration");
return new StandardPasswordEncoder(properties.getSecret());
case BCRYPT:
LOGGER.debug("Creating BCRYPT password encoder given the strength [{}] and secret in the configuration", properties.getStrength());
if (StringUtils.isBlank(properties.getSecret())) {
LOGGER.debug("Creating BCRYPT encoder without secret");
return new BCryptPasswordEncoder(properties.getStrength());
}
LOGGER.debug("Creating BCRYPT encoder with secret");
return new BCryptPasswordEncoder(properties.getStrength(), RandomUtils.getNativeInstance());
case SCRYPT:
LOGGER.debug("Creating SCRYPT encoder");
return new SCryptPasswordEncoder();
case SSHA:
LOGGER.warn("Creating SSHA encoder; digest based password encoding is not considered secure. " + "This strategy is here to support legacy implementations and using it is considered insecure.");
return new LdapShaPasswordEncoder();
case PBKDF2:
if (StringUtils.isBlank(properties.getSecret())) {
LOGGER.trace("Creating PBKDF2 encoder without secret");
return new Pbkdf2PasswordEncoder();
}
return new Pbkdf2PasswordEncoder(properties.getSecret(), properties.getStrength(), HASH_WIDTH);
case GLIBC_CRYPT:
val hasSecret = StringUtils.isNotBlank(properties.getSecret());
val msg = String.format("Creating glibc CRYPT encoder with encoding alg [%s], strength [%s] and %ssecret", properties.getEncodingAlgorithm(), properties.getStrength(), BooleanUtils.toString(hasSecret, StringUtils.EMPTY, "without "));
LOGGER.debug(msg);
return new GlibcCryptPasswordEncoder(properties.getEncodingAlgorithm(), properties.getStrength(), properties.getSecret());
case NONE:
default:
LOGGER.trace("No password encoder shall be created given the requested encoder type [{}]", type);
return NoOpPasswordEncoder.getInstance();
}
}
Also used :
lombok.val(lombok.val)
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
GlibcCryptPasswordEncoder(org.apereo.cas.util.crypto.GlibcCryptPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
UtilityClass(lombok.experimental.UtilityClass)
DefaultPasswordEncoder(org.apereo.cas.util.crypto.DefaultPasswordEncoder)
LdapShaPasswordEncoder(org.springframework.security.crypto.password.LdapShaPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Aggregations
StandardPasswordEncoder (org.springframework.security.crypto.password.StandardPasswordEncoder)9
BCryptPasswordEncoder (org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)4
SCryptPasswordEncoder (org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)4
NoOpPasswordEncoder (org.springframework.security.crypto.password.NoOpPasswordEncoder)3
PasswordEncoder (org.springframework.security.crypto.password.PasswordEncoder)3
Pbkdf2PasswordEncoder (org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)3
AjaxRequestTarget (org.apache.wicket.ajax.AjaxRequestTarget)2
Form (org.apache.wicket.markup.html.form.Form)2
StringResourceModel (org.apache.wicket.model.StringResourceModel)2
DefaultPasswordEncoder (org.apereo.cas.util.crypto.DefaultPasswordEncoder)2
Person (org.devgateway.toolkit.persistence.dao.Person)2
Autowired (org.springframework.beans.factory.annotation.Autowired)2
SecureRandom (java.security.SecureRandom)1
HashMap (java.util.HashMap)1
UtilityClass (lombok.experimental.UtilityClass)1
lombok.val (lombok.val)1
PasswordEncoderProperties (org.apereo.cas.configuration.model.core.authentication.PasswordEncoderProperties)1
GlibcCryptPasswordEncoder (org.apereo.cas.util.crypto.GlibcCryptPasswordEncoder)1
SpringSecurityPasswordEncoder (org.pac4j.core.credentials.password.SpringSecurityPasswordEncoder)1
TechnicalException (org.pac4j.core.exception.TechnicalException)1
