Fix password encoder for compatibility
parent
1a524434da
commit
430b30bffb
|
@ -0,0 +1,26 @@
|
||||||
|
package com.wisemapping.security;
|
||||||
|
|
||||||
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
|
import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
|
||||||
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
public class DefaultPasswordEncoderFactories {
|
||||||
|
|
||||||
|
private static final String ENCODING_ID = "bcrypt";
|
||||||
|
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
|
static PasswordEncoder createDelegatingPasswordEncoder() {
|
||||||
|
|
||||||
|
final Map<String, PasswordEncoder> encoders = new HashMap<>();
|
||||||
|
encoders.put(ENCODING_ID, new BCryptPasswordEncoder(16));
|
||||||
|
|
||||||
|
DelegatingPasswordEncoder result = new DelegatingPasswordEncoder(ENCODING_ID, encoders);
|
||||||
|
result.setDefaultPasswordEncoderForMatches(new LegacyPasswordEncoder());
|
||||||
|
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -18,27 +18,37 @@
|
||||||
|
|
||||||
package com.wisemapping.security;
|
package com.wisemapping.security;
|
||||||
|
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.apache.log4j.Logger;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
|
||||||
public class CustomPasswordEncoder implements PasswordEncoder {
|
@SuppressWarnings("deprecation")
|
||||||
|
public class LegacyPasswordEncoder implements PasswordEncoder {
|
||||||
|
final private static Logger logger = Logger.getLogger("com.wisemapping.security.LegacyPasswordEncoder");
|
||||||
|
|
||||||
private static final String ENC_PREFIX = "ENC:";
|
private static final String ENC_PREFIX = "ENC:";
|
||||||
private BCryptPasswordEncoder delegateEncoder = new BCryptPasswordEncoder(16);
|
private static final PasswordEncoder sha1Encoder = new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1");
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String encode(CharSequence rawPassword) {
|
public String encode(CharSequence rawPassword) {
|
||||||
String password = rawPassword.toString();
|
|
||||||
if(!rawPassword.toString().startsWith(ENC_PREFIX)) {
|
logger.info("LegacyPasswordEncoder encode executed.");
|
||||||
password = ENC_PREFIX + delegateEncoder.encode(rawPassword);
|
|
||||||
|
String result = rawPassword.toString();
|
||||||
|
if (!rawPassword.toString().startsWith(ENC_PREFIX)) {
|
||||||
|
result = ENC_PREFIX + sha1Encoder.encode(rawPassword);
|
||||||
}
|
}
|
||||||
|
|
||||||
return password;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean matches(CharSequence rawPassword, String encodedPassword) {
|
public boolean matches(CharSequence rawPassword, String encodedPassword) {
|
||||||
String encodedRawPassword = delegateEncoder.encode(rawPassword);
|
|
||||||
|
|
||||||
return delegateEncoder.matches(encodedRawPassword, encodedPassword);
|
String newEncodedPassword = encodedPassword;
|
||||||
|
if (encodedPassword.startsWith(ENC_PREFIX)) {
|
||||||
|
|
||||||
|
newEncodedPassword = encode(rawPassword);
|
||||||
|
}
|
||||||
|
return newEncodedPassword.equals(encodedPassword);
|
||||||
}
|
}
|
||||||
}
|
}
|
|
@ -1,7 +1,6 @@
|
||||||
log4j.rootLogger=WARN, stdout, R
|
log4j.rootLogger=WARN, stdout, R
|
||||||
log4j.logger.com.wisemapping=WARN,stdout,R
|
log4j.logger.com.wisemapping=INFO,stdout,R
|
||||||
log4j.logger.org.springframework=WARN,stdout,R
|
log4j.logger.org.springframework=INFO,stdout,R
|
||||||
log4j.logger.org.codehaus.jackson=WARN,stdout,R
|
|
||||||
log4j.logger.org.hibernate=WARN,stdout,R
|
log4j.logger.org.hibernate=WARN,stdout,R
|
||||||
log4j.logger.org.hibernate.engine.StatefulPersistenceContext=ERROR,stdout,R
|
log4j.logger.org.hibernate.engine.StatefulPersistenceContext=ERROR,stdout,R
|
||||||
|
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
<beans>
|
<beans>
|
||||||
<bean id="userManager" class="com.wisemapping.dao.UserManagerImpl">
|
<bean id="userManager" class="com.wisemapping.dao.UserManagerImpl">
|
||||||
<property name="hibernateTemplate" ref="hibernateTemplate"/>
|
<property name="hibernateTemplate" ref="hibernateTemplate"/>
|
||||||
<property name="encoder" ref="encoder"/>
|
<property name="encoder" ref="passwordEncoder"/>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="mindmapManager" class="com.wisemapping.dao.MindmapManagerImpl">
|
<bean id="mindmapManager" class="com.wisemapping.dao.MindmapManagerImpl">
|
||||||
|
|
|
@ -8,6 +8,8 @@
|
||||||
http://www.springframework.org/schema/security
|
http://www.springframework.org/schema/security
|
||||||
http://www.springframework.org/schema/security/spring-security.xsd">
|
http://www.springframework.org/schema/security/spring-security.xsd">
|
||||||
|
|
||||||
|
<bean id="passwordEncoder" class="com.wisemapping.security.DefaultPasswordEncoderFactories" factory-method="createDelegatingPasswordEncoder"/>
|
||||||
|
|
||||||
<sec:authentication-manager alias="authenticationManager">
|
<sec:authentication-manager alias="authenticationManager">
|
||||||
<sec:authentication-provider ref="dbAuthenticationProvider"/>
|
<sec:authentication-provider ref="dbAuthenticationProvider"/>
|
||||||
<sec:authentication-provider user-service-ref="userDetailsService"/>
|
<sec:authentication-provider user-service-ref="userDetailsService"/>
|
||||||
|
@ -15,7 +17,6 @@
|
||||||
|
|
||||||
<bean id="dbAuthenticationProvider" class="com.wisemapping.security.AuthenticationProvider">
|
<bean id="dbAuthenticationProvider" class="com.wisemapping.security.AuthenticationProvider">
|
||||||
<property name="userDetailsService" ref="userDetailsService"/>
|
<property name="userDetailsService" ref="userDetailsService"/>
|
||||||
<property name="encoder" ref="encoder"/>
|
<property name="encoder" ref="passwordEncoder"/>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
</beans>
|
</beans>
|
|
@ -87,8 +87,6 @@
|
||||||
<sec:logout logout-url="/c/logout" invalidate-session="true" logout-success-url="/c/login"/>
|
<sec:logout logout-url="/c/logout" invalidate-session="true" logout-success-url="/c/login"/>
|
||||||
</sec:http>
|
</sec:http>
|
||||||
|
|
||||||
<bean id="encoder" class="com.wisemapping.security.CustomPasswordEncoder"/>
|
|
||||||
|
|
||||||
<import resource="wisemapping-security-${security.type}.xml"/>
|
<import resource="wisemapping-security-${security.type}.xml"/>
|
||||||
|
|
||||||
<bean id="userDetailsService" class="com.wisemapping.security.UserDetailsService">
|
<bean id="userDetailsService" class="com.wisemapping.security.UserDetailsService">
|
||||||
|
|
Loading…
Reference in New Issue