crypt.setKey(encryptionKey); return crypt;
@Override public void save(final String credential, final String... extraCredentials) { String encryptedValue = getCrypt().encryptUrlSafe(encode(credential, extraCredentials)); getCookieUtils().save(cookieKey, encryptedValue); }
String queryString = urlCrypt.decryptUrlSafe(secureParam);
String queryString = urlCrypt.decryptUrlSafe(secureParam);
crypt.setKey(encryptionKey); return crypt;
@Override public void save(final String credential, final String... extraCredentials) { String encryptedValue = getCrypt().encryptUrlSafe(encode(credential, extraCredentials)); getCookieUtils().save(cookieKey, encryptedValue); }
@Override public String[] load() { String value = getCookieUtils().load(cookieKey); if (Strings.isEmpty(value) == false) { try { value = getCrypt().decryptUrlSafe(value); } catch (RuntimeException e) { logger.info( "Error decrypting login cookie: {}. The cookie will be deleted. Possible cause is that a session-relative encryption key was used to encrypt this cookie while this decryption attempt is happening in a different session, eg user coming back to the application after session expiration", cookieKey); getCookieUtils().remove(cookieKey); value = null; } return decode(value); } return null; }
crypt.setKey(encryptionKey); return crypt;
String encryptedParameterValue = getCrypt().encryptUrlSafe(qp.getName()); Url.QueryParameter encryptedParameter = new Url.QueryParameter(ENCRYPTED_PAGE_COMPONENT_INFO_PARAMETER, encryptedParameterValue);
@Override public String[] load() { String value = getCookieUtils().load(cookieKey); if (Strings.isEmpty(value) == false) { try { value = getCrypt().decryptUrlSafe(value); } catch (RuntimeException e) { logger.info( "Error decrypting login cookie: {}. The cookie will be deleted. Possible cause is that a session-relative encryption key was used to encrypt this cookie while this decryption attempt is happening in a different session, eg user coming back to the application after session expiration", cookieKey); getCookieUtils().remove(cookieKey); value = null; } return decode(value); } return null; }
public ICrypt newCrypt() { WebRequestCycle rc = (WebRequestCycle)RequestCycle.get(); // get http session, create if necessary HttpSession session = rc.getWebRequest().getHttpServletRequest().getSession(true); // retrieve or generate encryption key from session final String keyAttr = rc.getApplication().getApplicationKey() + "." + getClass().getName(); String key = (String)session.getAttribute(keyAttr); if (key == null) { // generate new key key = session.getId() + "." + UUID.randomUUID().toString(); session.setAttribute(keyAttr, key); } // build the crypt based on session key ICrypt crypt = new SunJceCrypt(); crypt.setKey(key); return crypt; } }
String encryptedParameterValue = getCrypt().encryptUrlSafe(qp.getName()); Url.QueryParameter encryptedParameter = new Url.QueryParameter(ENCRYPTED_PAGE_COMPONENT_INFO_PARAMETER, encryptedParameterValue);
try decryptedUrl = getCrypt().decryptUrlSafe(encryptedUrlString);
@Override public ICrypt newCrypt() { Session session = Session.get(); session.bind(); // retrieve or generate encryption key from session String key = session.getMetaData(KEY); if (key == null) { // generate new key key = session.getId() + "." + UUID.randomUUID().toString(); session.setMetaData(KEY, key); } // build the crypt based on session key ICrypt crypt = createCrypt(); crypt.setKey(key); return crypt; }
String encryptedQueryString = urlCrypt.encryptUrlSafe(queryString);
try decryptedUrl = getCrypt().decryptUrlSafe(encryptedUrlString);
@Override public ICrypt newCrypt() { Session session = Session.get(); session.bind(); // retrieve or generate encryption key from session String key = session.getMetaData(KEY); if (key == null) { // generate new key key = session.getId() + "." + UUID.randomUUID().toString(); session.setMetaData(KEY, key); } // build the crypt based on session key ICrypt crypt = createCrypt(); crypt.setKey(key); return crypt; }
String encryptedQueryString = urlCrypt.encryptUrlSafe(queryString);
decryptedValue = getCrypt().decryptUrlSafe(encryptedValue);
/** * Encrypts an entire URL, segments and query parameters. * * @param url * The URL to encrypt. * * @return An encrypted form of the URL. */ protected Url encryptEntireUrl(final Url url) { String encryptedUrlString = getCrypt().encryptUrlSafe(url.toString()); Url encryptedUrl = new Url(url.getCharset()); if (getMarkEncryptedUrls()) { encryptedUrl.getSegments().add(ENCRYPTED_URL_MARKER_PREFIX + encryptedUrlString); } else { encryptedUrl.getSegments().add(encryptedUrlString); } int numberOfSegments = url.getSegments().size() - 1; HashedSegmentGenerator generator = new HashedSegmentGenerator(encryptedUrlString); for (int segNo = 0; segNo < numberOfSegments; segNo++) { encryptedUrl.getSegments().add(generator.next()); } return encryptedUrl; }