Beispiel #1
0
  @Override
  protected boolean validateConfiguration() {
    if (configuration.getPasswordSecret().isEmpty()) {
      LOG.error(
          "No password secret set. Please define \"password_secret\" in your Graylog configuration.");
      return false;
    }

    return true;
  }
 @Override
 public void setSystemPassword(String systemPassword) {
   // set new salt value, if we didn't have any.
   if (getSystemPasswordSalt().isEmpty()) {
     LOG.debug("Generating new salt for LDAP system password.");
     final SecureRandom random = new SecureRandom();
     byte[] saltBytes = new byte[8];
     random.nextBytes(saltBytes);
     setSystemPasswordSalt(Hex.encodeToString(saltBytes));
   }
   final String encrypted =
       AESTools.encrypt(
           systemPassword,
           configuration.getPasswordSecret().substring(0, 16),
           getSystemPasswordSalt());
   fields.put(SYSTEM_PASSWORD, encrypted);
 }
 @Override
 public String getSystemPassword() {
   final Object o = fields.get(SYSTEM_PASSWORD);
   if (o == null) return "";
   if (getSystemPasswordSalt().isEmpty()) {
     // this is an old version of the database that doesn't have the salt value,
     // simply return the password, because it's unencrypted.
     // The next time we will generate a salt and then re-use that value.
     // TODO remove this after 0.20 is out, and the RC versions are pulled.
     LOG.debug(
         "Old database version does not have salted, encrypted password. Please save the LDAP settings again.");
     return o.toString();
   }
   String encryptedPw = o.toString();
   return AESTools.decrypt(
       encryptedPw, configuration.getPasswordSecret().substring(0, 16), getSystemPasswordSalt());
 }