Examples of org.geoserver.security.password.GeoServerPasswordEncoder

• org.geoserver.security.password.GeoServerPasswordEncoder
  General Geoserver password encoding interface @author christian

        // validate it
        getSecurityManager().loadPasswordValidator(getPasswordValidatorName()).
            validatePassword(passwordArray);

        // validation ok, initializer encoder and set encoded password
        GeoServerPasswordEncoder enc =
                getSecurityManager().loadPasswordEncoder(getPasswordEncoderName());

        enc.initializeFor(this);
        user.setPassword(enc.encodePassword(user.getPassword(), null));

    }

        // validate it
        getSecurityManager().loadPasswordValidator(getPasswordValidatorName()).
            validatePassword(passwordArray);

        // validation ok, initializer encoder and set encoded password
        GeoServerPasswordEncoder enc =
                getSecurityManager().loadPasswordEncoder(getPasswordEncoderName());

        enc.initializeFor(this);
        user.setPassword(enc.encodePassword(user.getPassword(), null));

    }

     * Loads a password encoder with the specified name.
     *
     * @return The password encoder, or <code>null</code> if non found matching the name.
     */
    public GeoServerPasswordEncoder loadPasswordEncoder(String name) {
        GeoServerPasswordEncoder encoder = (GeoServerPasswordEncoder) GeoServerExtensions.bean(name);
        if (encoder != null) {
            try {
                encoder.initialize(this);
            } catch (IOException e) {
                throw new RuntimeException("Error occurred initializing password encoder");
            }
        }
        return encoder;

        this.name=config.getName();
        validatingXMLSchema=false;
        passwordEncoderName=((SecurityUserGroupServiceConfig)config).getPasswordEncoderName();
        passwordValidatorName=((SecurityUserGroupServiceConfig)config).getPasswordPolicyName();

        GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(passwordEncoderName);
        if (enc.getEncodingType()==PasswordEncodingType.ENCRYPT) {
            KeyStoreProvider prov = getSecurityManager().getKeyStoreProvider();
            String alias = prov.aliasForGroupService(name);
            if (prov.containsAlias(alias)==false) {
                prov.setUserGroupKey(name,
                    getSecurityManager().getRandomPassworddProvider().getRandomPasswordWithDefaultLength());
                prov.storeKeyStore();
            }
        }
        enc.initializeFor(this);

        if (config instanceof XMLSecurityServiceConfig) {
            validatingXMLSchema =((XMLSecurityServiceConfig) config).isValidating();
            // copy schema file
            File xsdFile = new File(getConfigRoot(), XMLConstants.FILE_UR_SCHEMA);

                file = checkORCreateJDBCPropertyFile(fileNameDDL, getConfigRoot(), DEFAULT_DDL_FILE);
                ddlProps = Util.loadUniversal(new FileInputStream(file));
                createTablesIfRequired((JDBCSecurityServiceConfig)config);
            }

            GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(passwordEncoderName);
            if (enc.getEncodingType()==PasswordEncodingType.ENCRYPT) {
                KeyStoreProvider prov = getSecurityManager().getKeyStoreProvider();
                String alias = prov.aliasForGroupService(name);
                if (prov.containsAlias(alias)==false) {
                    prov.setUserGroupKey(name,
                        getSecurityManager().getRandomPassworddProvider().getRandomPasswordWithDefaultLength());
                    prov.storeKeyStore();
                }
            }
            enc.initializeFor(this);
            passwordValidatorName=jdbcConfig.getPasswordPolicyName();

        }
    }

     * @param store
     * @throws IOException
     */
    static public void copyFrom(GeoServerUserGroupService service, GeoServerUserGroupStore store) throws IOException,PasswordPolicyException {

        GeoServerPasswordEncoder encoder = store.getSecurityManager().loadPasswordEncoder(store.getPasswordEncoderName());
        encoder.initializeFor(store);

        GeoServerMultiplexingPasswordEncoder mEncoder = new
                GeoServerMultiplexingPasswordEncoder(store.getSecurityManager(),service);


        store.clear();
        Map<String,GeoServerUser> newUserDict = new HashMap<String,GeoServerUser>();
        Map<String,GeoServerUserGroup> newGroupDict = new HashMap<String,GeoServerUserGroup>();

        for (GeoServerUser user : service.getUsers()) {

            String rawPassword = null;
            String encPassword = null;
            try {
                rawPassword = mEncoder.decode(user.getPassword());
                encPassword= encoder.encodePassword(rawPassword, null);
            } catch (UnsupportedOperationException ex) {
                LOGGER.warning("Cannot recode user: "+user.getUsername()+" password: "+user.getPassword());
                encPassword=user.getPassword();
            }
            GeoServerUser newUser = store.createUserObject(user.getUsername(),encPassword, user.isEnabled());

     *
     * @param store
     * @throws IOException
     */
    public static void recodePasswords( GeoServerUserGroupStore store) throws IOException{
        GeoServerPasswordEncoder encoder = store.getSecurityManager().loadPasswordEncoder(store.getPasswordEncoderName());
        encoder.initializeFor(store);

        GeoServerMultiplexingPasswordEncoder mEncoder = new
                GeoServerMultiplexingPasswordEncoder(store.getSecurityManager(),store);
        for (GeoServerUser user : store.getUsers()) {
            if (encoder.isResponsibleForEncoding(user.getPassword()))
                continue; // nothing to do
            try {
                String rawpass= mEncoder.decode(user.getPassword());
                // to avoid password policy exceptions, recode explicitly
                String encPass=encoder.encodePassword(rawpass, null);
                user.setPassword(encPass);
                try {
                    store.updateUser(user);
                } catch (PasswordPolicyException e) {
                    store.load();  // rollback

    }

    @Test
    public void testEncryption() throws Exception {
        SecurityManagerConfig config = getSecurityManager().getSecurityConfig();
        GeoServerPasswordEncoder encoder = getPlainTextPasswordEncoder();
        String plainprefix=encoder.getPrefix()+GeoServerPasswordEncoder.PREFIX_DELIMTER;
        config.setConfigPasswordEncrypterName(encoder.getName());

        getSecurityManager().saveSecurityConfig(config);

        String serviceName = "testEncrypt";
        String cryptprefix = getPBEPasswordEncoder().getPrefix()+GeoServerPasswordEncoder.PREFIX_DELIMTER;

    @Test
    public void testPasswordPersistence() throws Exception {
        Catalog cat = getCatalog();
        SecurityManagerConfig config = getSecurityManager().getSecurityConfig();
        GeoServerPasswordEncoder encoder = getPlainTextPasswordEncoder();
        String prefix=encoder.getPrefix()+GeoServerPasswordEncoder.PREFIX_DELIMTER;
        config.setConfigPasswordEncrypterName(encoder.getName());
        getSecurityManager().saveSecurityConfig(config);

        GeoServerPersister p =
            new GeoServerPersister( getResourceLoader(), new XStreamPersisterFactory().createXMLPersister() );
        cat.addListener( p );

            }

            // check for password encoding in the default user group service
            visibility=false;
            if (passwordEncoderName!=null) {
                GeoServerPasswordEncoder encoder = manager.loadPasswordEncoder(passwordEncoderName);
                if (encoder!=null) {
                    visibility = encoder.isReversible();
                }
            }

            label=new Label("digestEncoding", new StringResourceModel("digestEncoding", (Component)this, null));
            add(label);