@Test
public void testIsHashed() {
assertTrue(PasswordHelper.isHashed("{SSHA}foo"));
assertTrue(PasswordHelper.isHashed("{SMD5}foo"));
assertFalse(PasswordHelper.isHashed("{foo}bar"));
assertFalse(PasswordHelper.isHashed("foo"));
}
/**
* 修改密码
*
* @param userId
* @param newPassword
*/
@Transactional(readOnly = false)
public void changePassword(Integer userId, String newPassword) {
User user = findOne(userId);
user.setPassword(newPassword);
passwordHelper.encryptPassword(user);
update(user);
}
public void save() {
lock.lock();
configurationFile.getParentFile().mkdirs();
Writer fw = null;
try {
// this is sort of dirty...
String clearPass = null;
// change the password to be encrypted
if (configuration.getConnectionInfo() != null
&& StringUtils.isNotEmpty(configuration.getConnectionInfo().getSystemPassword())) {
try {
clearPass = configuration.getConnectionInfo().getSystemPassword();
configuration.getConnectionInfo().setSystemPassword(passwordHelper.encrypt(clearPass));
} catch (PlexusCipherException e) {
getLogger().error("Failed to encrypt password while storing configuration file", e);
}
}
fw = new OutputStreamWriter(new FileOutputStream(configurationFile));
LdapConfigurationXpp3Writer writer = new LdapConfigurationXpp3Writer();
writer.write(fw, configuration);
// now reset the password
if (configuration.getConnectionInfo() != null) {
configuration.getConnectionInfo().setSystemPassword(clearPass);
}
} catch (IOException e) {
getLogger().error("IOException while storing configuration file", e);
} finally {
if (fw != null) {
try {
fw.flush();
fw.close();
} catch (IOException e) {
// just closing if open
}
}
lock.unlock();
}
// fire clear cache event
this.applicationEventMulticaster.notifyEventListeners(new LdapClearCacheEvent(null));
}
@Test
public void testHash() {
String password = "******";
String hashed;
hashed = PasswordHelper.hashPassword(password, null);
assertEquals(password, hashed);
assertTrue(PasswordHelper.verifyPassword(password, hashed));
hashed = PasswordHelper.hashPassword(password, PasswordHelper.SSHA);
assertTrue(hashed.startsWith("{SSHA}"));
assertTrue(PasswordHelper.verifyPassword(password, hashed));
hashed = PasswordHelper.hashPassword(password, PasswordHelper.SMD5);
assertTrue(hashed.startsWith("{SMD5}"));
assertTrue(PasswordHelper.verifyPassword(password, hashed));
}
@Transactional(readOnly = false)
public User create(User user) {
passwordHelper.encryptPassword(user);
return systemDaos.userDao.save(user);
}
/**
* 修改密码
*
* @param userId
* @param newPassword
*/
public void changePassword(Long userId, String newPassword) {
User user = userDao.findOne(userId);
user.setPassword(newPassword);
passwordHelper.encryptPassword(user);
userDao.updateUser(user);
}
/**
* 创建用户
*
* @param user
*/
public User createUser(User user) {
// 加密密码
passwordHelper.encryptPassword(user);
return userDao.createUser(user);
}
@Test
public void testVerify() {
assertTrue(PasswordHelper.verifyPassword("abcd", "abcd"));
assertTrue(
PasswordHelper.verifyPassword("abcd", "{SSHA}WPvqVeSt0Mr2llICYmAX9+pjtPH271eznDHvrw=="));
assertTrue(PasswordHelper.verifyPassword("abcd", "{SMD5}/wZ7JQUARlCBq4JFHI57AfbvV7OcMe+v"));
assertFalse(PasswordHelper.verifyPassword("1234", "abcd"));
assertFalse(
PasswordHelper.verifyPassword("1234", "{SSHA}WPvqVeSt0Mr2llICYmAX9+pjtPH271eznDHvrw=="));
assertFalse(PasswordHelper.verifyPassword("1234", "{SMD5}/wZ7JQUARlCBq4JFHI57AfbvV7OcMe+v"));
assertFalse(PasswordHelper.verifyPassword(" abcd", "abcd"));
assertFalse(PasswordHelper.verifyPassword("abcd", "{SSHA}WPvqVeS"));
assertFalse(PasswordHelper.verifyPassword("abcd", "{SSHA}/wZ7JQUAR"));
assertFalse(PasswordHelper.verifyPassword("abcd", "{SSHA}WXYZ"));
assertFalse(
PasswordHelper.verifyPassword(
"abcd", "{SSHA}WPvqVeSt0Mr2llICYmAX9+pjtPH271eznDHvrwfghijkl"));
assertFalse(PasswordHelper.verifyPassword("abcd", "{SSHA}/wZ7JQUARlC*"));
}
private Configuration getConfiguration() {
Reader fr = null;
FileInputStream is = null;
try {
lock.lock();
if (configuration != null) {
return configuration;
}
is = new FileInputStream(configurationFile);
LdapConfigurationXpp3Reader reader = new LdapConfigurationXpp3Reader();
fr = new InputStreamReader(is);
configuration = reader.read(fr);
ValidationResponse vr = validator.validateModel(new ValidationRequest(configuration));
if (vr.getValidationErrors().size() > 0) {
// TODO need to code the handling of invalid config
configuration = new Configuration();
}
// decrypt the password, if it fails assume the password is clear text.
// If the password is wrong the the LDAP Realm will not work, which is no different. If the
// user typed in the
// password wrong.
if (configuration.getConnectionInfo() != null
&& StringUtils.isNotEmpty(configuration.getConnectionInfo().getSystemPassword())) {
try {
configuration
.getConnectionInfo()
.setSystemPassword(
passwordHelper.decrypt(configuration.getConnectionInfo().getSystemPassword()));
} catch (PlexusCipherException e) {
this.getLogger()
.error(
"Failed to decrypt password, assuming the password in file: '"
+ configurationFile.getAbsolutePath()
+ "' is clear text.",
e);
}
}
} catch (FileNotFoundException e) {
// This is ok, may not exist first time around
configuration = this.getDefaultConfiguration();
} catch (IOException e) {
getLogger().error("IOException while retrieving configuration file", e);
} catch (XmlPullParserException e) {
getLogger().error("Invalid XML Configuration", e);
} finally {
if (fr != null) {
try {
fr.close();
} catch (IOException e) {
// just closing if open
}
}
if (is != null) {
try {
is.close();
} catch (IOException e) {
// just closing if open
}
}
lock.unlock();
}
return configuration;
}
