Examples of hudson.util.Secret

hudson.util.Secret
Glorified {@link String} that uses encryption in the persisted form, to avoid accidental exposure of a secret.
Note that since the cryptography relies on {@link jenkins.model.Jenkins#getSecretKey()}, this is not meant as a protection against code running in the same VM, nor against an attacker who has local file system access.
{@link Secret}s can correctly read-in plain text password, so this allows the existing String field to be updated to {@link Secret}. @author Kohsuke Kawaguchi

     *
     * @return {@link jenkins.model.Jenkins#ANONYMOUS} if no such credential is found, or if the stored credential is invalid.
     */
    public Authentication get() {
        Jenkins h = Jenkins.getInstance();
        Secret userName = Secret.decrypt(props.getProperty(getPropertyKey()));
        if (userName==null) return Jenkins.ANONYMOUS; // failed to decrypt
        try {
            UserDetails u = h.getSecurityRealm().loadUserByUsername(userName.getPlainText());
            return new UsernamePasswordAuthenticationToken(u.getUsername(), "", u.getAuthorities());
        } catch (AuthenticationException e) {
            return Jenkins.ANONYMOUS;
        } catch (DataAccessException e) {
            return Jenkins.ANONYMOUS;

View Full Code Here

                    String form = pm.group();
                    PostMethod post = new PostMethod(
                            new URL(new URL(m.getURI().getURI()),pm.group(1)).toExternalForm());


                    String u = getDescriptor().getUsername();
                    Secret p = getDescriptor().getPassword();
                    if (u==null || p==null) {
                        log.hyperlink(getCredentialPageUrl(),"Oracle now requires Oracle account to download previous versions of JDK. Please specify your Oracle account username/password.\n");
                        throw new AbortException("Unable to install JDK unless a valid Oracle account username/password is provided in the system configuration.");
                    }


                    for (String fragment : form.split("<input")) {
                        String n = extractAttribute(fragment,"name");
                        String v = extractAttribute(fragment,"value");
                        if (n==null || v==null)     continue;
                        if (n.equals("ssousername"))
                            v = u;
                        if (n.equals("password")) {
                            v = p.getPlainText();
                            if (authCount++ > 3) {
                                log.hyperlink(getCredentialPageUrl(),"Your Oracle account doesn't appear valid. Please specify a valid username/password\n");
                                throw new AbortException("Unable to install JDK unless a valid username/password is provided.");
                            }
                        }

View Full Code Here

    public void setUp() throws Exception {
        Hudson hudson = createMock(Hudson.class);
        mockStatic(Hudson.class);
        expect(Hudson.getInstance()).andReturn(hudson).anyTimes();
        mockStatic(Secret.class);
        Secret secret = Whitebox.invokeConstructor(Secret.class, new Class<?>[]{String.class}, new String[]{"value"});
        expect(Secret.fromString(EasyMock.<String>anyObject())).andReturn(secret).anyTimes();
        expect(Secret.toString(EasyMock.<Secret>anyObject())).andReturn(secret.toString()).anyTimes();
        replayAll();
    }

View Full Code Here

     *
     * @return {@link Hudson#ANONYMOUS} if no such credential is found, or if the stored credential is invalid.
     */
    public Authentication get() {
        Hudson h = Hudson.getInstance();
        Secret userName = Secret.decrypt(props.getProperty(getPropertyKey()));
        if (userName==null) return Hudson.ANONYMOUS; // failed to decrypt
        try {
            UserDetails u = h.getSecurityRealm().loadUserByUsername(userName.toString());
            return new UsernamePasswordAuthenticationToken(u.getUsername(), u.getPassword(), u.getAuthorities());
        } catch (AuthenticationException e) {
            return Hudson.ANONYMOUS;
        } catch (DataAccessException e) {
            return Hudson.ANONYMOUS;

View Full Code Here

        form = (JSONObject)JSONSerializer.toJSON(formString);
        config = new Config(form);
        assertEquals("plainpass", config.getGerritAuthKeyFilePassword());


        // encrypted string
        Secret pass = Secret.fromString("encryptpass");
        formString = "{\"gerritAuthKeyFilePassword\":\"" + pass.getEncryptedValue() + "\"}";
        form = (JSONObject)JSONSerializer.toJSON(formString);
        config = new Config(form);
        assertEquals("encryptpass", config.getGerritAuthKeyFilePassword());


        // empty

View Full Code Here

TOP

Related Classes of hudson.util.Secret

com.sonyericsson.hudson.plugins.gerrit.trigger.config.ConfigTest

hudson.cli.ClientAuthenticationCache

hudson.model.PasswordParameterDefinitionEqualsHashCodeTest

hudson.tools.JDKInstaller

javax.crypto.Cipher

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.