List of usage examples for org.springframework.security.crypto.bcrypt BCryptPasswordEncoder BCryptPasswordEncoder
public BCryptPasswordEncoder()
From source file:bg.elkabel.calculator.configuration.SiteSecurityConfiguration.java
@Bean public BCryptPasswordEncoder getBCryptPasswordEncoder() { return new BCryptPasswordEncoder(); }
From source file:io.dacopancm.jfee.sp.service.UsuarioServiceImpl.java
@Override public void requestPassword(String ci) { Usuario old = usuarioDAO.getUsuario(ci); if (old != null) { old.setUsrFailedLogin(0);//from w ww. j a v a 2 s . co m old.setUsrActive(true); String tmpPassword = org.apache.commons.lang3.RandomStringUtils.randomAlphanumeric(12); old.setUsrPassword(new BCryptPasswordEncoder().encode(tmpPassword)); emailService.sendNewPasswordEmail(old, "usuario", tmpPassword, FacesContext.getCurrentInstance().getExternalContext().getRequestContextPath()); usuarioDAO.updateUsuario(old); } }
From source file:example.Application.java
/** * A Spring Security {@link PasswordEncoder} to encrypt passwords for newly created users, used in * {@link UserManagement}./*from ww w . j a va2 s. c om*/ * * @return */ public @Bean PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); }
From source file:tld.mydomain.example.core.service.ExampleAccountService.java
@Transactional public void createAccount(ExampleAccount newAccount, String newPassword) { if (null != newAccount.getId()) { throw new RuntimeException("Cannot create account: account already persisted."); }/*w w w. j a v a2s. c o m*/ BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); newAccount.setPassword(encoder.encode(newPassword)); newAccount.setEmailConfirmCode(UUID.randomUUID().toString()); newAccount.setEmailConfirmed(true); newAccount.setEmailConfirmedDate(ZonedDateTime.now()); newAccount.setEnabled(true); accountRepository.save(newAccount); }
From source file:net.swigg.security.example.SecurityTest.java
@Test @Transactional/* w w w . j a va 2 s. co m*/ public void testPermissions() throws Exception { BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); Role adminRole = new Role("admin"); Role memberRole = new Role("member"); Role guestRole = new Role("guest"); // add basic accounts Account kermit = new Account(1, "kermit", passwordEncoder.encode("kermit1"), adminRole, memberRole); Account fozzy = new Account(2, "fozzy", passwordEncoder.encode("fozzy1"), memberRole); accountRepository.addAccount(kermit, fozzy); // setup test permissions entityManager.persist(new DATPermission(adminRole, "*:*:*")); // admin role can do anything entityManager.persist(new DATPermission(memberRole, "account:read:*")); // members can read any account entityManager.persist(new DATPermission(guestRole, "account:create")); // guests can create an account entityManager.persist(new DATPermission(fozzy, "account:delete").setTargets(fozzy)); // fozzy can delete his own account // login as kermit SecurityUtils.getSubject().login(new UsernamePasswordToken("kermit", "kermit1")); Subject subject = SecurityUtils.getSubject(); // what roles does kermit have? assertTrue(subject.hasRole(adminRole.getPrincipalIdentity())); assertTrue(subject.hasRole(memberRole.getPrincipalIdentity())); assertFalse(subject.hasRole(guestRole.getPrincipalIdentity())); // can kermit generally do anything? assertTrue(subject.isPermitted(new AccountPermission().create())); assertTrue(subject.isPermitted(new AccountPermission().read())); assertTrue(subject.isPermitted(new AccountPermission().delete())); assertTrue(subject.isPermitted(new AccountPermission(ANY).create())); assertTrue(subject.isPermitted(new AccountPermission(ANY).read())); assertTrue(subject.isPermitted(new AccountPermission(ANY).delete())); // can kermit do stuff to his own account? assertTrue(subject.isPermitted(new AccountPermission(kermit).create())); // this is meaningless, but kermit can do anything assertTrue(subject.isPermitted(new AccountPermission(kermit).read())); assertTrue(subject.isPermitted(new AccountPermission(kermit).delete())); // can kermit do stuff to fozzy's account? assertTrue(subject.isPermitted(new AccountPermission(fozzy).create())); // this is meaningless, but kermit can do anything assertTrue(subject.isPermitted(new AccountPermission(fozzy).read())); assertTrue(subject.isPermitted(new AccountPermission(fozzy).delete())); // login as fozzy SecurityUtils.getSubject().login(new UsernamePasswordToken("fozzy", "fozzy1")); subject = SecurityUtils.getSubject(); // what roles does fozzy have? assertFalse(subject.hasRole(adminRole.getPrincipalIdentity())); assertTrue(subject.hasRole(memberRole.getPrincipalIdentity())); assertFalse(subject.hasRole(guestRole.getPrincipalIdentity())); // can fozzy generally do anything? assertFalse(subject.isPermitted(new AccountPermission().create())); // no permission implies "account:create" assertTrue(subject.isPermitted(new AccountPermission().read())); // member implies "account:read:*" assertFalse(subject.isPermitted(new AccountPermission().delete())); // no permission implies "account:delete" assertFalse(subject.isPermitted(new AccountPermission(ANY).create())); // no permission implies: "account:create:*" assertTrue(subject.isPermitted(new AccountPermission(ANY).read())); // member implies "account:read:*" assertFalse(subject.isPermitted(new AccountPermission(ANY).delete())); // no permission implies "account:delete:*" // can fozzy do stuff to his own account? assertFalse(subject.isPermitted(new AccountPermission(fozzy).create())); // this is meaningless, but technically no permissions implies "account:create:account-2" assertTrue(subject.isPermitted(new AccountPermission(fozzy).read())); // member implies "account:read:*" assertTrue(subject.isPermitted(new AccountPermission(fozzy).delete())); // as fozzy: "account:delete:account-2" // can fozzy do stuff to kermit's account? assertFalse(subject.isPermitted(new AccountPermission(kermit).create())); // no permission implies "account:create:account-1" assertTrue(subject.isPermitted(new AccountPermission(kermit).read())); // member implies "account:read:*" assertFalse(subject.isPermitted(new AccountPermission(kermit).delete())); // no permission implies "account:delete:account-1" }
From source file:ch.ge.ve.protopoc.config.WebSecurityConfigurer.java
@Bean static public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); }
From source file:org.oncoblocks.centromere.web.config.WebSecurityConfig.java
@Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userService).passwordEncoder(new BCryptPasswordEncoder()); }
From source file:com.sothawo.taboo2.SecurityConfig.java
@Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userService).passwordEncoder(new BCryptPasswordEncoder()); }
From source file:com.lixiaocong.security.WebSecurityConfig.java
@Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(detailsService).passwordEncoder(new BCryptPasswordEncoder()); }
From source file:com.lixiaocong.rest.UserController.java
@Autowired public UserController(IUserService userService, Provider<ConnectionRepository> connectionRepositoryProvider) { this.userService = userService; this.encoder = new BCryptPasswordEncoder(); this.connectionRepositoryProvider = connectionRepositoryProvider; }