List of usage examples for org.springframework.security.crypto.bcrypt BCryptPasswordEncoder encode
public String encode(CharSequence rawPassword)
From source file:com.cristian.tareask.controller.ProfileController.java
@RequestMapping(value = "/editprofile", method = RequestMethod.POST) public String editProfile(HttpSession session, @RequestParam(value = "name") String name, @RequestParam(value = "subname") String subname, @RequestParam(value = "birthdate") String birthdate, @RequestParam(value = "phone") String phone, @RequestParam(value = "oldpassword") String oldpassword, @RequestParam(value = "newpassword") String newpassword, final RedirectAttributes redirectAttrs) throws ParseException { if ((session.getAttribute("namesession")) != null) { User u = new User(); u = userService.getUserByName(session.getAttribute("namesession").toString()); if (name == null || subname == null || birthdate == null || phone == null) { redirectAttrs.addFlashAttribute("editprofile", "Ups!. Unable to to update information."); return "redirect:profile.html"; }/*from w ww . j av a2 s . c om*/ SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd"); Date date = formatter.parse(birthdate); u.setName(name); u.setSubname(subname); u.setBirthdate(date); int phonenumber = Integer.parseInt(phone); u.setPhone(phonenumber); if (!"".equals(oldpassword) & !"".equals(newpassword)) { BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); String hashedOldPassword = passwordEncoder.encode(oldpassword); System.out.println(hashedOldPassword); if (passwordEncoder.matches(oldpassword, u.getPassword())) { String hashedNewPassword = passwordEncoder.encode(newpassword); u.setPassword(hashedNewPassword); } else { redirectAttrs.addFlashAttribute("editprofile", "You must enter your old password."); return "redirect:profile.html"; } } userService.edit(u); redirectAttrs.addFlashAttribute("editprofile", "Your profile has been updated!"); session.setAttribute("namesession", u.getName()); return "redirect:profile.html"; } return ""; }
From source file:org.oncoblocks.centromere.web.test.security.SecurityTests.java
@Before public void setup() { mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).addFilter(springSecurityFilterChain) .build();/*from w w w . j a va 2 s . com*/ if (isConfigured) return; userRepository.deleteAll(); BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); Set<String> roles = new HashSet<>(); roles.add("USER"); User user = new User(); user.setName("User"); user.setUsername("user"); user.setPassword(encoder.encode("user")); user.setEmail("user@email.com"); user.setRegistrationDate(new Date()); user.setRoles(roles); userRepository.insert(user); roles.add("ADMIN"); User admin = new User(); admin.setName("Admin"); admin.setUsername("admin"); admin.setPassword(encoder.encode("admin")); admin.setEmail("admin@email.com"); admin.setRegistrationDate(new Date()); admin.setRoles(roles); userRepository.insert(admin); isConfigured = true; }
From source file:org.openwms.core.uaa.UserTest.java
/** * Test that only valid passwords can be stored and the removal of the oldest password in the history list works. *//*from w w w.ja v a 2s . co m*/ @Ignore public @Test final void testPasswordHistory() { User u1 = new User(TEST_USER1); BCryptPasswordEncoder enc = new BCryptPasswordEncoder(15); for (int i = 0; i <= User.NUMBER_STORED_PASSWORDS + 5; i++) { try { if (i <= User.NUMBER_STORED_PASSWORDS) { u1.changePassword(enc.encode(String.valueOf(i)), String.valueOf(i), enc); } else { LOGGER.debug("Number of password history exceeded, resetting to:0"); u1.changePassword(enc.encode("0"), "0", enc); } } catch (InvalidPasswordException e) { if (i <= User.NUMBER_STORED_PASSWORDS) { Assert.fail("Number of acceptable passwords not exceeded"); } else { LOGGER.debug("OK: Exception because password is already in the list, set password to:" + i); try { u1.changePassword(enc.encode(String.valueOf(i)), String.valueOf(i), enc); } catch (InvalidPasswordException ex) { LOGGER.debug("Error" + ex.getMessage()); } } } try { // Just wait to setup changeDate correctly. Usually password // changes aren't done within the same millisecond Thread.sleep(100); } catch (InterruptedException e) { LOGGER.debug("Error" + e.getMessage()); } } // Verify that the password list was sorted in the correct order. String oldPassword = null; for (UserPassword pw : u1.getPasswords()) { if (oldPassword == null) { oldPassword = pw.getPassword(); continue; } assertThat(Integer.valueOf(oldPassword)).isGreaterThan(Integer.valueOf(pw.getPassword())); } }
From source file:br.com.semanticwot.cd.controllers.UserController.java
@RequestMapping(method = RequestMethod.POST, name = "saveUser") public ModelAndView save(@Valid User user, BindingResult bindingResult, RedirectAttributes redirectAttributes, Authentication authentication, HttpServletRequest request) { System.out.println("Entrei no save"); if (bindingResult.hasErrors()) { // Aqui que ele verifica a validao return form(user, authentication); // Se tiver erro ele redireciona, se no tratar o erro da erro ao tentar salvar }//from www . ja va 2 s . c o m // Aqui eu tenho que converter a senha para crypto e // adicionar as rules, para ento eu criar um SystemUser SystemUser systemUser = new SystemUser(); systemUser.setName(user.getName()); systemUser.setPerfilstatus(user.getPerfilstatus()); // Encripta o password BCryptPasswordEncoder senhaBCrypt = new BCryptPasswordEncoder(); systemUser.setPassword(senhaBCrypt.encode(user.getPassword())); // Tentar salvar ou atualizar o usurio if (authentication != null && (authentication.getPrincipal() instanceof SystemUser)) { SystemUser userAuth = (SystemUser) authentication.getPrincipal(); // Verificando se ele tentou enviar um email diferente // Acho que no precisa mais dessa verificacao // j que eu posso capturar direcionar a excecao para uma funcao if (!userAuth.getLogin().equals(user.getLogin())) { redirectAttributes.addFlashAttribute("info", "The email can not be changed"); return new ModelAndView("redirect:user/form"); } // Definindo valores que nao podem ser alterados systemUser.setLogin(userAuth.getLogin()); systemUser.setIp(userAuth.getIp()); systemUser.setPort(userAuth.getPort()); // Alterando para publicou ou privado somente se for atualizado if (!systemUser.getPerfilstatus().equals(userAuth.getPerfilstatus())) { try { createSettingsNodeRed(systemUser); } catch (SettingsNodeRedNotCreated ex) { Logger.getLogger(UserController.class.getName()).log(Level.SEVERE, null, ex); throw new SettingsNodeRedNotCreated("Error when trying " + "to create the user"); } } userDAO.update(systemUser); redirectAttributes.addFlashAttribute("info", "User updated successfully"); return new ModelAndView("redirect:logout"); // Criando um novo usurio } else { /* BEGIN Configuraes automticas */ systemUser.setLogin(user.getLogin()); List<Role> list = new ArrayList<>(); list.add(ruleDAO.findByName("ROLE_ADMIN")); systemUser.setRoles(list); // Associando o endereco do usuario a instancia do nodered String ipAddress = request.getHeader("X-FORWARDED-FOR"); if (ipAddress == null) { ipAddress = request.getRemoteAddr(); } systemUser.setIp(ipAddress); // Gerando uma porta para as portas liberadas no servidor systemUser.setPort((int) (1880 + Math.random() * 200)); // Capturar o erro aqui, para no enviar o Email e // tambm no deixar o erro chegar no usuario final! if (userDAO.findOne(user.getLogin()) != null) { throw new UserEmailExists("Mail address " + "is already registered"); } /* END Configuraes automticas */ // Criar o arquivo settings dele try { createSettingsNodeRed(systemUser); } catch (SettingsNodeRedNotCreated ex) { Logger.getLogger(UserController.class.getName()).log(Level.SEVERE, null, ex); throw new SettingsNodeRedNotCreated("Error when trying " + "to create the user"); } // Configurar servidor para aceitar na porta requisicoes so desse IP serverConfigure(ipAddress, systemUser.getPort()); System.out.println(ipAddress); // Chegou aqui, esta tudo pronto para criar o usuario userDAO.create(systemUser); // Mensagem de sucesso para a tela de login redirectAttributes.addFlashAttribute("info", "User created successfully"); // Desativando temporariamente // try { // // Enviando o Email // mailManager.sendNewPurchaseMail(systemUser, // EmailTemplates.registerTemplate); // // Se Email no for enviado // } catch (MessagingException ex) { // Logger.getLogger(UserController.class.getName()) // .log(Level.SEVERE, null, ex); // throw new EmailNotSend("Error when trying " // + "send the Email"); // } } return new ModelAndView("redirect:login"); }
From source file:net.swigg.security.example.SecurityTest.java
@Test @Transactional/* w ww .j a va 2 s . c o m*/ public void testPermissions() throws Exception { BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); Role adminRole = new Role("admin"); Role memberRole = new Role("member"); Role guestRole = new Role("guest"); // add basic accounts Account kermit = new Account(1, "kermit", passwordEncoder.encode("kermit1"), adminRole, memberRole); Account fozzy = new Account(2, "fozzy", passwordEncoder.encode("fozzy1"), memberRole); accountRepository.addAccount(kermit, fozzy); // setup test permissions entityManager.persist(new DATPermission(adminRole, "*:*:*")); // admin role can do anything entityManager.persist(new DATPermission(memberRole, "account:read:*")); // members can read any account entityManager.persist(new DATPermission(guestRole, "account:create")); // guests can create an account entityManager.persist(new DATPermission(fozzy, "account:delete").setTargets(fozzy)); // fozzy can delete his own account // login as kermit SecurityUtils.getSubject().login(new UsernamePasswordToken("kermit", "kermit1")); Subject subject = SecurityUtils.getSubject(); // what roles does kermit have? assertTrue(subject.hasRole(adminRole.getPrincipalIdentity())); assertTrue(subject.hasRole(memberRole.getPrincipalIdentity())); assertFalse(subject.hasRole(guestRole.getPrincipalIdentity())); // can kermit generally do anything? assertTrue(subject.isPermitted(new AccountPermission().create())); assertTrue(subject.isPermitted(new AccountPermission().read())); assertTrue(subject.isPermitted(new AccountPermission().delete())); assertTrue(subject.isPermitted(new AccountPermission(ANY).create())); assertTrue(subject.isPermitted(new AccountPermission(ANY).read())); assertTrue(subject.isPermitted(new AccountPermission(ANY).delete())); // can kermit do stuff to his own account? assertTrue(subject.isPermitted(new AccountPermission(kermit).create())); // this is meaningless, but kermit can do anything assertTrue(subject.isPermitted(new AccountPermission(kermit).read())); assertTrue(subject.isPermitted(new AccountPermission(kermit).delete())); // can kermit do stuff to fozzy's account? assertTrue(subject.isPermitted(new AccountPermission(fozzy).create())); // this is meaningless, but kermit can do anything assertTrue(subject.isPermitted(new AccountPermission(fozzy).read())); assertTrue(subject.isPermitted(new AccountPermission(fozzy).delete())); // login as fozzy SecurityUtils.getSubject().login(new UsernamePasswordToken("fozzy", "fozzy1")); subject = SecurityUtils.getSubject(); // what roles does fozzy have? assertFalse(subject.hasRole(adminRole.getPrincipalIdentity())); assertTrue(subject.hasRole(memberRole.getPrincipalIdentity())); assertFalse(subject.hasRole(guestRole.getPrincipalIdentity())); // can fozzy generally do anything? assertFalse(subject.isPermitted(new AccountPermission().create())); // no permission implies "account:create" assertTrue(subject.isPermitted(new AccountPermission().read())); // member implies "account:read:*" assertFalse(subject.isPermitted(new AccountPermission().delete())); // no permission implies "account:delete" assertFalse(subject.isPermitted(new AccountPermission(ANY).create())); // no permission implies: "account:create:*" assertTrue(subject.isPermitted(new AccountPermission(ANY).read())); // member implies "account:read:*" assertFalse(subject.isPermitted(new AccountPermission(ANY).delete())); // no permission implies "account:delete:*" // can fozzy do stuff to his own account? assertFalse(subject.isPermitted(new AccountPermission(fozzy).create())); // this is meaningless, but technically no permissions implies "account:create:account-2" assertTrue(subject.isPermitted(new AccountPermission(fozzy).read())); // member implies "account:read:*" assertTrue(subject.isPermitted(new AccountPermission(fozzy).delete())); // as fozzy: "account:delete:account-2" // can fozzy do stuff to kermit's account? assertFalse(subject.isPermitted(new AccountPermission(kermit).create())); // no permission implies "account:create:account-1" assertTrue(subject.isPermitted(new AccountPermission(kermit).read())); // member implies "account:read:*" assertFalse(subject.isPermitted(new AccountPermission(kermit).delete())); // no permission implies "account:delete:account-1" }
From source file:ru.codemine.ccms.router.AdminRouter.java
@Secured("ROLE_ADMIN") @RequestMapping(value = "/admin/profile", method = RequestMethod.POST) public String saveEmployee(@Valid @ModelAttribute("employee") Employee employee, @RequestParam(required = false) boolean userpage, BindingResult result, ModelMap model) { if (result.hasErrors()) { model.addAllAttributes(utils.prepareModel()); model.addAttribute("rolesList", employeeService.getAllRoles()); return "admin/profile"; }// w ww.ja v a2 s.c o m if (employee.getPassword().isEmpty()) { Employee oldEmp = employeeService.getById(employee.getId()); employee.setPassword(oldEmp.getPassword()); employeeService.evict(oldEmp); } else { BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(11); employee.setPassword(passwordEncoder.encode(employee.getPassword())); } employeeService.update(employee); return userpage ? "redirect:/employee?id=" + employee.getId() : "redirect:/admin/employees"; }
From source file:org.cloudfoundry.identity.uaa.scim.JdbcScimUserProvisioningTests.java
@Before public void createDatasource() throws Exception { template = new JdbcTemplate(dataSource); db = new JdbcScimUserProvisioning(template); ScimSearchQueryConverter filterConverter = new ScimSearchQueryConverter(); Map<String, String> replaceWith = new HashMap<String, String>(); replaceWith.put("emails\\.value", "email"); replaceWith.put("groups\\.display", "authorities"); replaceWith.put("phoneNumbers\\.value", "phoneNumber"); filterConverter.setAttributeNameMapper(new SimpleAttributeNameMapper(replaceWith)); db.setQueryConverter(filterConverter); BCryptPasswordEncoder pe = new BCryptPasswordEncoder(4); existingUserCount = template.queryForInt("select count(id) from users"); addUser(JOE_ID, "joe", pe.encode("joespassword"), "joe@joe.com", "Joe", "User", "+1-222-1234567"); addUser(MABEL_ID, "mabel", pe.encode("mabelspassword"), "mabel@mabel.com", "Mabel", "User", ""); }
From source file:org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioningTests.java
@Before public void createDatasource() throws Exception { template = new JdbcTemplate(dataSource); db = new JdbcScimUserProvisioning(template, new JdbcPagingListFactory(template, limitSqlAdapter)); ScimSearchQueryConverter filterConverter = new ScimSearchQueryConverter(); Map<String, String> replaceWith = new HashMap<String, String>(); replaceWith.put("emails\\.value", "email"); replaceWith.put("groups\\.display", "authorities"); replaceWith.put("phoneNumbers\\.value", "phoneNumber"); filterConverter.setAttributeNameMapper(new SimpleAttributeNameMapper(replaceWith)); db.setQueryConverter(filterConverter); BCryptPasswordEncoder pe = new BCryptPasswordEncoder(4); existingUserCount = template.queryForInt("select count(id) from users"); addUser(JOE_ID, "joe", pe.encode("joespassword"), "joe@joe.com", "Joe", "User", "+1-222-1234567"); addUser(MABEL_ID, "mabel", pe.encode("mabelspassword"), "mabel@mabel.com", "Mabel", "User", ""); }
From source file:com.cami.persistence.service.impl.RoleService.java
@Override public Role updateUser(final Role role) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); final Role userConnected = roleDao.retrieveAUser(auth.getName()); // get the current logged user final Role roleToUpdate = roleDao.findOne(role.getId()); User userToUpdate;//ww w . j av a 2s . co m System.out.println("updating user with ID " + role.getId()); System.out.println("in updateUser service method ..."); if (!userConnected.getRole().equals("ROLE_ADMIN")) { System.out.println("userConected is not admin launching his update of password ..."); userToUpdate = userDao.findByUsername(userConnected.getUser().getUsername()); System.out.println("his username is " + userToUpdate.getUsername()); System.out.println("encrypting his password ..."); userToUpdate.setPassword(passwordEncoder.encode(role.getUser().getPassword())); System.out.println(" password encrypted \n Saving new configuration ...."); userToUpdate = userDao.save(userToUpdate); System.out.println("configuration saved"); roleToUpdate.setUser(userToUpdate); System.out.println("updating cache ...."); return roleDao.save(roleToUpdate); } else { userToUpdate = role.getUser(); userToUpdate.setEnabled(role.getUser().isEnabled()); userToUpdate.setNom(role.getUser().getNom()); userToUpdate.setUsername(role.getUser().getUsername()); userToUpdate.setPassword(passwordEncoder.encode(role.getUser().getPassword())); userToUpdate = userDao.save(userToUpdate); final String vraiRole = getTheRealRoleOf(role.getRole()); roleToUpdate.setUser(userToUpdate); roleToUpdate.setRole(vraiRole); System.out.println("in update service user role= " + roleToUpdate.getRole()); System.out.println("updating ... "); Role r = roleDao.save(roleToUpdate); System.out.println("update finished"); System.out.println("userToUpdate's username is " + r.getUser().getUsername()); System.out.println("\n \n \n \n in updateUser service method displaying user updated "); System.out.println("deleteAction of a user =" + role.getId() + " -Role=" + role.getRole() + " username=" + role.getUser().getUsername() + " enabled=" + role.getUser().isEnabled()); return r; } }