/** loads the user and decodes the password to plain text (if possible). */ @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { GeoServerUser user = (GeoServerUser) service.loadUserByUsername(username); if (user == null) return null; try { String decoded = encoder.decode(user.getPassword()); return new UserDetailsPasswordWrapper(user, decoded); } catch (UnsupportedOperationException ex) { return new UserDetailsPasswordWrapper(user, user.getPassword()); } } }
UserDetails prepareForUser(GeoServerUser user) { char[] pw = null; try { pw = enc.decodeToCharArray(user.getPassword()); } catch (UnsupportedOperationException ex) { pw = user.getPassword().toCharArray(); } String a1 = encodePasswordInA1Format(user.getUsername(), GeoServerSecurityManager.REALM, pw); manager.disposePassword(pw); List<GrantedAuthority> roles = new ArrayList<GrantedAuthority>(); roles.addAll(user.getAuthorities()); roles.add(GeoServerRole.AUTHENTICATED_ROLE); return new DigestUserDetails(user, a1, roles); }
users.appendChild(user); user.setAttribute(A_USER_NAME_UR, userObject.getUsername()); if (userObject.getPassword() != null) { user.setAttribute(A_USER_PASSWORD_UR, userObject.getPassword());
public GeoServerUser(GeoServerUser other) { this.username = other.getUsername(); this.password = other.getPassword(); this.accountNonExpired = other.isAccountNonExpired(); this.accountNonLocked = other.isAccountNonLocked(); this.credentialsNonExpired = other.isCredentialsNonExpired(); this.authorities = other.getAuthorities() != null ? new ArrayList<GrantedAuthority>(other.getAuthorities()) : null; }
/** * validates and encodes the password. Do nothing for a not changed password of an existing user * * @param user * @throws IOException */ protected void preparePassword(GeoServerUser user) throws IOException, PasswordPolicyException { char[] passwordArray = user.getPassword() != null ? user.getPassword().toCharArray() : null; if (PasswordValidatorImpl.passwordStartsWithEncoderPrefix(passwordArray) != null) return; // do nothing, password already encoded // we have a plain text password // validate it getSecurityManager() .loadPasswordValidator(getPasswordValidatorName()) .validatePassword(passwordArray); // validation ok, initializer encoder and set encoded password GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(getPasswordEncoderName()); enc.initializeFor(this); user.setPassword(enc.encodePassword(user.getPassword(), null)); }
new GeoServerMultiplexingPasswordEncoder(store.getSecurityManager(), store); for (GeoServerUser user : store.getUsers()) { if (encoder.isResponsibleForEncoding(user.getPassword())) continue; // nothing to do try { String rawpass = mEncoder.decode(user.getPassword()); + user.getUsername() + " with password: " + user.getPassword());
String encPassword = null; try { rawPassword = mEncoder.decode(user.getPassword()); encPassword = encoder.encodePassword(rawPassword, null); } catch (UnsupportedOperationException ex) { + user.getUsername() + " password: " + user.getPassword()); encPassword = user.getPassword();
protected void checkValuesModified(GeoServerUserGroupService userGroupService) throws IOException { GeoServerUser disableduser = userGroupService.getUserByUsername("disableduser"); assertTrue(disableduser.isEnabled()); GeoServerMultiplexingPasswordEncoder encoder = getEncoder(userGroupService); assertTrue(encoder.isPasswordValid(disableduser.getPassword(), "hallo", null)); assertEquals(1, disableduser.getProperties().size()); assertEquals("miller", disableduser.getProperties().getProperty("lastname")); GeoServerUser user2 = userGroupService.getUserByUsername("user2"); assertEquals(1, user2.getProperties().size()); assertEquals("11-22-33", user2.getProperties().getProperty("tel")); GeoServerUserGroup disabledgroup = userGroupService.getGroupByGroupname("disabledgroup"); assertTrue(disabledgroup.isEnabled()); GeoServerUserGroup group1 = userGroupService.getGroupByGroupname("group1"); GeoServerUser user1 = userGroupService.getUserByUsername("user1"); assertEquals(1, userGroupService.getUsersForGroup(group1).size()); assertTrue(userGroupService.getUsersForGroup(group1).contains(user1)); assertEquals(0, userGroupService.getGroupsForUser(user2).size()); assertEquals(0, userGroupService.getUsersHavingProperty("mail").size()); assertEquals(0, userGroupService.getUsersHavingPropertyValue("tel", "12-34-38").size()); assertEquals(1, userGroupService.getUsersHavingPropertyValue("tel", "11-22-33").size()); user2 = userGroupService.getUsersHavingPropertyValue("tel", "11-22-33").first(); assertEquals("11-22-33", user2.getProperties().getProperty("tel")); }
assertTrue(encoder.isPasswordValid(admin.getPassword(), "geoserver", null)); assertTrue(encoder.isPasswordValid(user1.getPassword(), "11111", null)); assertTrue(encoder.isPasswordValid(user2.getPassword(), "22222", null)); assertTrue(encoder.isPasswordValid(disableduser.getPassword(), "", null));
void setAuth() { Authentication auth = new UsernamePasswordAuthenticationToken( bob, bob.getPassword(), Collections.singletonList(GeoServerRole.GROUP_ADMIN_ROLE)); SecurityContextHolder.getContext().setAuthentication(auth); }
public void addUser(GeoServerUser user) throws IOException, PasswordPolicyException { preparePassword(user); Connection con = null; PreparedStatement ps = null; try { con = getConnection(); ps = getDMLStatement("users.insert", con); ps.setString(1,user.getUsername()); if (user.getPassword() != null) { ps.setString(2,user.getPassword()); } else { ps.setNull(2, Types.VARCHAR); } ps.setString(3,convertToString(user.isEnabled())); ps.execute(); addUserProperties(user, con); } catch (SQLException ex) { throw new IOException(ex); } finally { closeFinally(con, ps, null); } setModified(true); }
public void updateUser(GeoServerUser user) throws IOException,PasswordPolicyException { preparePassword(user); Connection con = null; PreparedStatement ps = null; try { con = getConnection(); ps = getDMLStatement("users.update", con); ps.setString(1,user.getPassword()); ps.setString(2,convertToString(user.isEnabled())); ps.setString(3,user.getUsername()); ps.execute(); ps.close(); ps = getDMLStatement("userprops.deleteForUser",con); ps.setString(1,user.getUsername()); ps.execute(); addUserProperties(user, con); } catch (SQLException ex) { throw new IOException(ex); } finally { closeFinally(con, ps, null); } setModified(true); }
/** * validates and encodes the password. Do nothing * for a not changed password of an existing user * * @param user * @throws IOException */ protected void preparePassword(GeoServerUser user) throws IOException,PasswordPolicyException { char []passwordArray = user.getPassword() != null ? user.getPassword().toCharArray() : null; if (PasswordValidatorImpl.passwordStartsWithEncoderPrefix(passwordArray)!=null) return; // do nothing, password already encoded // we have a plain text password // validate it getSecurityManager().loadPasswordValidator(getPasswordValidatorName()). validatePassword(passwordArray); // validation ok, initializer encoder and set encoded password GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(getPasswordEncoderName()); enc.initializeFor(this); user.setPassword(enc.encodePassword(user.getPassword(), null)); }
@Test public void testEraseCredentials() throws Exception { GeoServerUser user = store.createUserObject("user", "foobar", true); store.addUser(user); store.store(); user = store.getUserByUsername("user"); assertNotNull(user.getPassword()); user.eraseCredentials(); user = store.getUserByUsername("user"); assertNotNull(user.getPassword()); }
@Test public void testEmptyPassword() throws Exception { // all is empty checkEmpty(service); checkEmpty(store); GeoServerUser user = store.createUserObject("userNoPasswd", null, true); store.addUser(user); store.store(); assertEquals(1, service.getUserCount()); user = service.getUserByUsername("userNoPasswd"); assertNull(user.getPassword()); user = (GeoServerUser) service.loadUserByUsername("userNoPasswd"); assertNull(user.getPassword()); }
String originalPw = user.getPassword(); String pw1 = user.getPassword(); assertNotEquals(originalPw, pw1); String pw2 = user.getPassword(); assertNotEquals(originalPw, pw2); assertNotEquals(pw1, pw2);
@Test public void testDefault() throws Exception { GeoServerUserGroupService service = getSecurityManager().loadUserGroupService(XMLUserGroupService.DEFAULT_NAME); assertEquals(1, service.getUsers().size()); assertEquals(1, service.getUserCount()); assertEquals(0, service.getUserGroups().size()); assertEquals(0, service.getGroupCount()); GeoServerUser admin = service.getUserByUsername(GeoServerUser.ADMIN_USERNAME); assertNotNull(admin); assertEquals(GeoServerUser.AdminEnabled, admin.isEnabled()); GeoServerMultiplexingPasswordEncoder enc = getEncoder(service); assertTrue( enc.isPasswordValid(admin.getPassword(), GeoServerUser.DEFAULT_ADMIN_PASSWD, null)); assertEquals(admin.getProperties().size(), 0); assertEquals(0, service.getGroupsForUser(admin).size()); }
assertNotNull(admin); GeoServerMultiplexingPasswordEncoder enc = getEncoder(userService); assertTrue(enc.isPasswordValid(admin.getPassword(), "gs", null)); assertTrue(enc.isPasswordValid(wfs.getPassword(), "webFeatureService", null)); assertTrue(wfs.isEnabled()); assertTrue(enc.isPasswordValid(disabledUser.getPassword(), "nah", null)); assertFalse(disabledUser.isEnabled());
new Model(user.getPassword())) { @Override public boolean isRequired() {
new Model(user.getPassword())) { @Override public boolean isRequired() {