Examples of PasswordEncoder

org.acegisecurity.providers.encoding.PasswordEncoder

Interface for performing authentication operations on a password.
@author colin sampaleanu @version $Id: PasswordEncoder.java 1784 2007-02-24 21:00:24Z luke_t $
org.apache.archiva.redback.policy.PasswordEncoder
org.codehaus.plexus.security.policy.PasswordEncoder

org.jasypt.spring.security3.PasswordEncoder

This class implements the Spring Security 3.x org.springframework.security.authentication.encoding.PasswordEncoder interface, allowing Spring Security-enabled applications to use JASYPT for password encryption.

Objects of this class will internally hold either an object of type org.jasypt.util.password.PasswordEncryptor or an object of type org.jasypt.digest.StringDigester (only one of them), which should be set by respectively calling {@link #setPasswordEncryptor(PasswordEncryptor)} or{@link #setStringDigester(StringDigester)}after creation. If neither a PasswordEncryptor nor a StringDigester are set, a new org.jasypt.util.password.BasicPasswordEncryptor object is created and internally used.

Important: This implementation ignores any salt provided through the interface methods, as the internal Jasypt PasswordEncryptor or StringDigester objects normally use a random one. This means that salt can be safely passed as null.

Usage with a PasswordEncryptor

This class can be used like this from your Spring XML resource files:

 ... <!-- Your application may use the PasswordEncryptor in several places, -->  <!-- like for example at new user sign-up.                             -->  <bean id="jasyptPasswordEncryptor" class="org.jasypt.util.password.StrongPasswordEncryptor" /> ... ... <!-- This Spring Security-friendly PasswordEncoder implementation will --> <!-- wrap the PasswordEncryptor instance so that it can be used from   --> <!-- the security framework.                                           --> <bean id="passwordEncoder" class="org.jasypt.spring.security2.PasswordEncoder"> <property name="passwordEncryptor"> <ref bean="jasyptPasswordEncryptor" /> </property> </bean> ... ... <!-- Your DaoAuthenticationProvider will then use it like with any     --> <!-- other implementation of the PasswordEncoder interface.            --> <bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService"/> <property name="passwordEncoder"> <ref bean="passwordEncoder" /> </property> </bean> ...

Usage with a StringDigester

This class can be used like this from your Spring XML resource files:

 ... <!-- Your application may use the StringDigester in several places,    -->  <!-- like for example at new user sign-up.                             -->  <bean id="jasyptStringDigester" class="org.jasypt.digest.StandardStringDigester" > <property name="algorithm" value="SHA-1" /> <property name="iterations" value="100000" /> </bean> ... ... <!-- This Spring Security-friendly PasswordEncoder implementation will --> <!-- wrap the StringDigester instance so that it can be used from      --> <!-- the security framework.                                           --> <bean id="passwordEncoder" class="org.jasypt.spring.security2.PasswordEncoder"> <property name="stringDigester"> <ref bean="jasyptStringDigester" /> </property> </bean> ... ... <!-- Your DaoAuthenticationProvider will then use it like with any     --> <!-- other implementation of the PasswordEncoder interface.            --> <bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService"/> <property name="passwordEncoder"> <ref bean="passwordEncoder" /> </property> </bean> ...

This class is thread-safe

@since 1.6 @author Daniel Fernández

org.springframework.security.authentication.encoding.PasswordEncoder
Interface for performing authentication operations on a password. @author colin sampaleanu @deprecated It is recommended to use{@link org.springframework.security.crypto.password.PasswordEncoder}instead which better accommodates best practice of randomly generated salt that is included with the password.
org.springframework.security.crypto.password.PasswordEncoder
Service interface for encoding passwords. The preferred implementation is {@code BCryptPasswordEncoder}. @author Keith Donald
org.springframework.security.providers.encoding.PasswordEncoder

Examples of org.springframework.security.crypto.password.PasswordEncoder

        }


        ApplicationContext ctx =
                WebApplicationContextUtils.getRequiredWebApplicationContext(context);


        PasswordEncoder passwordEncoder = null;
        try {
            ProviderManager provider = (ProviderManager) ctx.getBean("org.springframework.security.authentication.ProviderManager#0");
            for (Object o : provider.getProviders()) {
                AuthenticationProvider p = (AuthenticationProvider) o;
                if (p instanceof RememberMeAuthenticationProvider) {
                    config.put("rememberMeEnabled", Boolean.TRUE);
                } else if (ctx.getBean("passwordEncoder") != null) {
                    passwordEncoder = (PasswordEncoder) ctx.getBean("passwordEncoder");
                }
            }
        } catch (NoSuchBeanDefinitionException n) {
            log.debug("authenticationManager bean not found, assuming test and ignoring...");
            // ignore, should only happen when testing
        }


        context.setAttribute(Constants.CONFIG, config);


        // output the retrieved values for the Init and Context Parameters
        if (log.isDebugEnabled()) {
            log.debug("Remember Me Enabled? " + config.get("rememberMeEnabled"));
            if (passwordEncoder != null) {
                log.debug("Password Encoder: " + passwordEncoder.getClass().getSimpleName());
            }
            log.debug("Populating drop-downs...");
        }


        setupContext(context);

View Full Code Here

Examples of org.springframework.security.crypto.password.PasswordEncoder


  }


  @Transactional
  public void createTestUsers() {
    PasswordEncoder encoder = injector.getInstance(PasswordEncoder.class);


    RoleEntity adminRole = new RoleEntity();
    adminRole.setRoleName("admin");


    UserEntity admin = new UserEntity();
    admin.setUserName("administrator");
    admin.setUserPassword(encoder.encode("admin"));


    Set<RoleEntity> roles = new HashSet<RoleEntity>();
    Set<UserEntity> users = new HashSet<UserEntity>();


    roles.add(adminRole);
    users.add(admin);


    admin.setRoleEntities(roles);
    adminRole.setUserEntities(users);


    userDAO.create(admin);
    roleDAO.create(adminRole);


    UserEntity userWithoutRoles = new UserEntity();
    userWithoutRoles.setUserName("userWithoutRoles");
    userWithoutRoles.setUserPassword(encoder.encode("test"));
    userDAO.create(userWithoutRoles);


  }

View Full Code Here

Examples of org.springframework.security.crypto.password.PasswordEncoder

     */
    @Override
    public boolean isPaswordCorrect(User user, String password) {
        // load fresh user version from db to be sure to have current password.
        User userFromDb = findById(user.getId());
        PasswordEncoder encoder = new StandardPasswordEncoder();
        String encodedPassword = encoder.encode(password);
        return encodedPassword.equals(userFromDb.getPassword());
    }

View Full Code Here

Examples of org.springframework.security.crypto.password.PasswordEncoder

     * @see ${package}.services.IUserService${symbol_pound}changePassword(${package}.domain.User, java.lang.String)
     */
    @Override
    @Transactional(readOnly = false)
    public void changePassword(User user, String newPassword) {
        PasswordEncoder encoder = new StandardPasswordEncoder();
        String encodedPassword = encoder.encode(newPassword);
        // load fresh user version from db to have managed version and avoid optimistic lock exception.
        User userFromDb = findById(user.getId());
        userFromDb.setPassword(encodedPassword);
        update(userFromDb);
    }

View Full Code Here

Examples of org.springframework.security.crypto.password.PasswordEncoder

     */
    @Override
    public boolean isPaswordCorrect(User user, String password) {
        // load fresh user version from db to be sure to have current password.
        User userFromDb = findById(user.getId());
        PasswordEncoder encoder = new StandardPasswordEncoder();
        String encodedPassword = encoder.encode(password);
        return encodedPassword.equals(userFromDb.getPassword());
    }

View Full Code Here

Examples of org.springframework.security.crypto.password.PasswordEncoder

     * @see org.happyfaces.services.IUserService#changePassword(org.happyfaces.domain.User, java.lang.String)
     */
    @Override
    @Transactional(readOnly = false)
    public void changePassword(User user, String newPassword) {
        PasswordEncoder encoder = new StandardPasswordEncoder();
        String encodedPassword = encoder.encode(newPassword);
        // load fresh user version from db to have managed version and avoid optimistic lock exception.
        User userFromDb = findById(user.getId());
        userFromDb.setPassword(encodedPassword);
        update(userFromDb);
    }

View Full Code Here

Examples of org.springframework.security.crypto.password.PasswordEncoder

  public void testUpdateClientSecret() {


    BaseClientDetails clientDetails = new BaseClientDetails();
    clientDetails.setClientId("newClientIdWithNoDetails");


    service.setPasswordEncoder(new PasswordEncoder() {


      public boolean matches(CharSequence rawPassword,
          String encodedPassword) {
        return true;
      }

View Full Code Here

Examples of org.springframework.security.crypto.password.PasswordEncoder

        User user = repo.findOne(iUserId);
        if (user == null) {
            throw new UserNotFoundEx(""+iUserId);
        }


        PasswordEncoder encoder = encoder(appContext);
    return updatePasswordWithNew(matchOldPassword, oldPassword, newPassword, user, encoder, repo);
  }

View Full Code Here

Examples of org.springframework.security.crypto.password.PasswordEncoder


  }


  @Transactional
  public void createTestUsers() {
    PasswordEncoder encoder = injector.getInstance(PasswordEncoder.class);


    RoleEntity adminRole = new RoleEntity();
    adminRole.setRoleName("admin");


    UserEntity admin = new UserEntity();
    admin.setUserName("administrator");
    admin.setUserPassword(encoder.encode("admin"));


    Set<RoleEntity> roles = new HashSet<RoleEntity>();
    Set<UserEntity> users = new HashSet<UserEntity>();


    roles.add(adminRole);
    users.add(admin);


    admin.setRoleEntities(roles);
    adminRole.setUserEntities(users);


    userDAO.create(admin);
    roleDAO.create(adminRole);


    UserEntity userWithoutRoles = new UserEntity();
    userWithoutRoles.setUserName("userWithoutRoles");
    userWithoutRoles.setUserPassword(encoder.encode("test"));
    userDAO.create(userWithoutRoles);


  }

View Full Code Here

Examples of org.springframework.security.crypto.password.PasswordEncoder


  }


  @Transactional
  public void createTestUsers() {
    PasswordEncoder encoder = injector.getInstance(PasswordEncoder.class);


    RoleEntity adminRole = new RoleEntity();
    adminRole.setRoleName("admin");


    UserEntity admin = new UserEntity();
    admin.setUserName("administrator");
    admin.setUserPassword(encoder.encode("admin"));


    Set<RoleEntity> roles = new HashSet<RoleEntity>();
    Set<UserEntity> users = new HashSet<UserEntity>();


    roles.add(adminRole);
    users.add(admin);


    admin.setRoleEntities(roles);
    adminRole.setUserEntities(users);


    userDAO.create(admin);
    roleDAO.create(adminRole);


    UserEntity userWithoutRoles = new UserEntity();
    userWithoutRoles.setUserName("userWithoutRoles");
    userWithoutRoles.setUserPassword(encoder.encode("test"));
    userDAO.create(userWithoutRoles);


  }

View Full Code Here

0 1 2 3 4

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.