/** * Creates initial key entries auto generated keys {@link #CONFIGPASSWORDKEY} * * @throws IOException */ protected void addInitialKeys() throws IOException { // TODO:scramble RandomPasswordProvider randPasswdProvider = getSecurityManager().getRandomPassworddProvider(); char[] configKey = randPasswdProvider.getRandomPasswordWithDefaultLength(); setSecretKey(CONFIGPASSWORDKEY, configKey); }
} else { message = "The generated master password is: "; masterPasswordArray = getRandomPassworddProvider().getRandomPassword(8); writeMasterPasswordInfo(info, message, masterPasswordArray);
name, getSecurityManager() .getRandomPassworddProvider() .getRandomPasswordWithDefaultLength()); prov.storeKeyStore();
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { this.name = config.getName(); SecurityUserGroupServiceConfig ugConfig = (SecurityUserGroupServiceConfig) config; passwordEncoderName = ugConfig.getPasswordEncoderName(); GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(passwordEncoderName); if (enc.getEncodingType() == PasswordEncodingType.ENCRYPT) { KeyStoreProvider prov = getSecurityManager().getKeyStoreProvider(); String alias = prov.aliasForGroupService(name); if (prov.containsAlias(alias) == false) { prov.setUserGroupKey( name, getSecurityManager() .getRandomPassworddProvider() .getRandomPasswordWithDefaultLength()); prov.storeKeyStore(); } } enc.initializeFor(this); passwordValidatorName = ugConfig.getPasswordPolicyName(); toBeEncrypted = (((MemoryUserGroupServiceConfigImpl) config).getToBeEncrypted()); } }
protected ICrypt getEncrypterFromSession(HttpSession s) { ICrypt result = (ICrypt) s.getAttribute(ICRYPT_ATTR_NAME); if (result != null) return result; GeoServerSecurityManager manager = GeoServerApplication.get().getSecurityManager(); char[] key = manager.getRandomPassworddProvider().getRandomPasswordWithDefaultLength(); StandardPBEByteEncryptor enc = new StandardPBEByteEncryptor(); enc.setPasswordCharArray(key); // since the password is copied, we can scramble it manager.disposePassword(key); if (manager.isStrongEncryptionAvailable()) { enc.setProvider(new BouncyCastleProvider()); enc.setAlgorithm("PBEWITHSHA256AND128BITAES-CBC-BC"); } else // US export restrictions enc.setAlgorithm("PBEWITHMD5ANDDES"); result = new CryptImpl(enc); s.setAttribute(ICRYPT_ATTR_NAME, result); return result; } }
protected ICrypt getEncrypterFromSession(HttpSession s) { ICrypt result = (ICrypt) s.getAttribute(ICRYPT_ATTR_NAME); if (result !=null) return result; GeoServerSecurityManager manager = GeoServerApplication.get().getSecurityManager(); char[] key = manager.getRandomPassworddProvider().getRandomPasswordWithDefaultLength(); StandardPBEByteEncryptor enc = new StandardPBEByteEncryptor(); enc.setPasswordCharArray(key); // since the password is copied, we can scramble it manager.disposePassword(key); if (manager.isStrongEncryptionAvailable()) { enc.setProvider(new BouncyCastleProvider()); enc.setAlgorithm("PBEWITHSHA256AND128BITAES-CBC-BC"); } else // US export restrictions enc.setAlgorithm("PBEWITHMD5ANDDES"); result= new CryptImpl(enc); s.setAttribute(ICRYPT_ATTR_NAME, result); return result; } }
if (prov.containsAlias(alias)==false) { prov.setUserGroupKey(name, getSecurityManager().getRandomPassworddProvider().getRandomPasswordWithDefaultLength()); prov.storeKeyStore();
assertFalse(ksp.hasUserGroupKey("default")); RandomPasswordProvider rpp = getSecurityManager().getRandomPassworddProvider(); char[] urlKey = rpp.getRandomPasswordWithDefaultLength();