/** * Creates the security manager without registering it. * * @param repo the component repository, only used to register secondary items like lifecycle, not null * @param pwService the password service, not null * @return the security manager, not null */ protected SecurityManager createSecurityManager(ComponentRepository repo, PasswordService pwService) throws IOException { // password matcher PasswordMatcher pwMatcher = new PasswordMatcher(); pwMatcher.setPasswordService(pwService); // user database realm UserSource userSource = getUserSource(); if (userSource == null) { userSource = getUserMaster(); } UserSourceRealm realm = new UserSourceRealm(userSource); realm.setAuthenticationCachingEnabled(true); realm.setAuthorizationCachingEnabled(true); realm.setCredentialsMatcher(pwMatcher); realm.setPermissionResolver(AuthUtils.getPermissionResolver()); // security manager DefaultWebSecurityManager sm = new DefaultWebSecurityManager(); sm.setRealm(realm); sm.setAuthorizer(realm); // replace ModularRealmAuthorizer as not needed sm.setCacheManager(new MemoryConstrainedCacheManager()); return sm; }
@Override protected void propertySet(Bean bean, String propertyName, Object newValue, boolean quiet) { switch (propertyName.hashCode()) { case 1402846733: // userMaster ((WebUserData) bean).setUserMaster((UserMaster) newValue); return; case 348360602: // passwordService ((WebUserData) bean).setPasswordService((PasswordService) newValue); return; case -1723794814: // uriUserName ((WebUserData) bean).setUriUserName((String) newValue); return; case 3599307: // user ((WebUserData) bean).setUser((ManageableUser) newValue); return; } super.propertySet(bean, propertyName, newValue, quiet); }
/** * Declares some services. */ public static void bind(ServiceBinder binder) { binder.bind(UserDAO.class, UserDAOImpl.class); binder.bind(PageDAO.class, PageDAOImpl.class); binder.bind(TagDAO.class, TagDAOImpl.class); binder.bind(CommentDAO.class, CommentDAOImpl.class); binder.bind(CommentController.class, CommentControllerImpl.class); binder.bind(UserController.class, UserControllerImpl.class); binder.bind(PageController.class, PageControllerImpl.class); binder.bind(TagController.class, TagControllerImpl.class); binder.bind(EloquentiaRealm.class); binder.bind(PasswordService.class, BcryptPasswordService.class); binder.bind(PasswordHasher.class, BcryptPasswordService.class); binder.bind(UserValueEncoder.class); binder.bind(PageValueEncoder.class); binder.bind(PagePermissionChecker.class); binder.bind(UserService.class, UserServiceImpl.class); binder.bind(PageActivationContextService.class, PageActivationContextServiceImpl.class); }
@Override protected void onInitialize() { super.onInitialize(); PasswordEditBean bean = new PasswordEditBean(); Set<String> excludedProperties = new HashSet<>(); // in case administrator changes password we do not ask for old password if (SecurityUtils.isAdministrator()) excludedProperties.add("oldPassword"); Form<?> form = new Form<Void>("form") { @Override protected void onSubmit() { super.onSubmit(); getUser().setPassword(AppLoader.getInstance(PasswordService.class).encryptPassword(bean.getNewPassword())); GitPlex.getInstance(UserManager.class).save(getUser(), null); Session.get().success("Password has been changed"); bean.setOldPassword(null); replace(BeanContext.editBean("editor", bean, excludedProperties)); } }; add(form); form.add(BeanContext.editBean("editor", bean, excludedProperties)); }
@Inject public GitPlexAuthorizingRealm(UserManager userManager, CacheManager cacheManager, ConfigManager configManager, MembershipManager membershipManager, GroupManager groupManager) { PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(AppLoader.getInstance(PasswordService.class)); setCredentialsMatcher(passwordMatcher); this.userManager = userManager; this.cacheManager = cacheManager; this.configManager = configManager; this.membershipManager = membershipManager; this.groupManager = groupManager; }
@Inject public DefaultUserManager(Dao dao, CacheManager cacheManager, PasswordService passwordService) { super(dao); this.passwordService = passwordService; this.cacheManager = cacheManager; }
@Inject public DefaultDataManager(IdManager idManager, UserManager userManager, ConfigManager configManager, TaskScheduler taskScheduler, PersistManager persistManager, MailManager mailManager, Validator validator, PasswordService passwordService) { this.userManager = userManager; this.configManager = configManager; this.validator = validator; this.idManager = idManager; this.taskScheduler = taskScheduler; this.persistManager = persistManager; this.mailManager = mailManager; this.passwordService = passwordService; }
@Inject public ResetAdminPasswordCommand(PhysicalNamingStrategy physicalNamingStrategy, HibernateProperties properties, Interceptor interceptor, IdManager idManager, Dao dao, EntityValidator validator, UserManager userManager, PasswordService passwordService) { super(physicalNamingStrategy, properties, interceptor, idManager, dao, validator); this.userManager = userManager; this.passwordService = passwordService; }
@Bean @ConditionalOnMissingBean public PasswordService passwordService() { DefaultPasswordService service = new DefaultPasswordService(); DefaultHashService hashService = new DefaultHashService(); hashService.setHashAlgorithmName(shiroProperties.getHashAlgorithmName()); hashService.setHashIterations(shiroProperties.getHashIterations()); service.setHashService(hashService); return service; }
@Inject public SecurityConfigurationManagerImpl(final SecurityConfigurationSource configurationSource, final SecurityConfigurationCleaner configCleaner, final PasswordService passwordService, final EventManager eventManager) { this.configurationSource = configurationSource; this.eventManager = eventManager; this.configCleaner = configCleaner; this.passwordService = passwordService; }
@Inject public UserManagerImpl(final EventManager eventManager, final SecurityConfigurationManager configuration, final SecuritySystem securitySystem, final PasswordService passwordService) { this.eventManager = checkNotNull(eventManager); this.configuration = configuration; this.securitySystem = securitySystem; this.passwordService = passwordService; }
@Inject public DefaultSecurityPasswordService(@Named("legacy") final PasswordService legacyPasswordService) { this.passwordService = new DefaultPasswordService(); this.legacyPasswordService = checkNotNull(legacyPasswordService); //Create and set a hash service according to our hashing policies DefaultHashService hashService = new DefaultHashService(); hashService.setHashAlgorithmName(DEFAULT_HASH_ALGORITHM); hashService.setHashIterations(DEFAULT_HASH_ITERATIONS); hashService.setGeneratePublicSalt(true); this.passwordService.setHashService(hashService); }
@Inject public AuthenticatingRealmImpl(final SecurityConfigurationManager configuration, final PasswordService passwordService) { this.configuration = configuration; this.passwordService = passwordService; PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(this.passwordService); setCredentialsMatcher(passwordMatcher); setName(NAME); setAuthenticationCachingEnabled(true); }
@Override protected void setUp() throws Exception { super.setUp(); realm = (AuthenticatingRealmImpl) lookup(Realm.class, AuthenticatingRealmImpl.NAME); configurationManager = lookup(SecurityConfigurationManagerImpl.class); passwordService = lookup(PasswordService.class, "default"); }
/** * Initializes the password service via {@code createPasswordService}. * * @param repo the component repository, not null * @return the password service, not null */ protected PasswordService initPasswordService(ComponentRepository repo) { PasswordService pwService = createPasswordService(repo); ComponentInfo info = new ComponentInfo(PasswordService.class, getClassifier()); repo.registerComponent(info, pwService); return pwService; }
/** * Creates the password service without registering it. * * @param repo the component repository, only used to register secondary items like lifecycle, not null * @return the password service, not null */ protected PasswordService createPasswordService(ComponentRepository repo) { DefaultHashService hashService = new DefaultHashService(); hashService.setHashAlgorithmName(getHashAlgorithm()); hashService.setHashIterations(getHashIterations()); hashService.setGeneratePublicSalt(true); hashService.setPrivateSalt(new SimpleByteSource(getPrivateSalt())); DefaultPasswordService pwService = new DefaultPasswordService(); pwService.setHashService(hashService); return pwService; }
/** * Initializes the security manager via {@code createSecurityManager}. * * @param repo the component repository, not null * @param pwService the password service, not null * @return the security manager, not null */ protected SecurityManager initSecurityManager(ComponentRepository repo, PasswordService pwService) throws IOException { SecurityManager securityManager = createSecurityManager(repo, pwService); ComponentInfo info = new ComponentInfo(SecurityManager.class, getClassifier()); repo.registerComponent(info, securityManager); repo.registerLifecycleStop(securityManager, "destroy"); return securityManager; }
/** * Creates the resource. * * @param userMaster the user master, not null * @param passwordService the password service, not null */ protected AbstractWebUserResource(final UserMaster userMaster, final PasswordService passwordService) { super(new WebUserData()); ArgumentChecker.notNull(userMaster, "userMaster"); ArgumentChecker.notNull(passwordService, "passwordService"); data().setUserMaster(userMaster); data().setPasswordService(passwordService); }
@Provides @Singleton UsersService provideUsersService(UsersDao dao, PasswordService passwordService) { try { UsersServiceImpl service = new UsersServiceImpl(dao, passwordService); service.init(); return service; } catch (IOException e) { LOGGER.error("Can' start users service...", e); throw new IllegalStateException("Can' start users service", e); } }
/** * Single constructor of this class. * * @param userController an {@link UserController}. * @param passwordService a {@link PasswordService}. * @param permissionProvider a {@link PermissionProvider}. * @param logger a {@link Logger}. */ public EloquentiaRealm(UserController userController, PasswordService passwordService, @Primary ObjectPermissionChecker<?> objectPermissionChecker, Logger logger) { assert userController != null; assert passwordService != null; assert objectPermissionChecker != null; assert logger != null; this.userController = userController; this.passwordService = passwordService; this.objectPermissionChecker = objectPermissionChecker; this.logger = logger; }
@Override protected void onInitialize() { super.onInitialize(); final User user = new User(); final BeanEditor<?> editor = BeanContext.editBean("editor", user); Form<?> form = new Form<Void>("form") { @Override protected void onSubmit() { super.onSubmit(); UserManager userManager = GitPlex.getInstance(UserManager.class); User userWithSameName = userManager.findByName(user.getName()); if (userWithSameName != null) { editor.getErrorContext(new PathSegment.Property("name")) .addError("This name has already been used by another user."); } User userWithSameEmail = userManager.findByEmail(user.getEmail()); if (userWithSameEmail != null) { editor.getErrorContext(new PathSegment.Property("email")) .addError("This email has already been used by another user."); } if (!editor.hasErrors(true)) { user.setPassword(AppLoader.getInstance(PasswordService.class).encryptPassword(user.getPassword())); userManager.save(user, null); Session.get().success("New user registered"); SecurityUtils.getSubject().runAs(user.getPrincipals()); setResponsePage(AvatarEditPage.class, UserPage.paramsOf(user)); } } }; form.add(editor); form.add(new SubmitLink("save")); form.add(new Link<Void>("cancel") { @Override public void onClick() { setResponsePage(ProjectListPage.class); } }); add(form); }
@Override protected void onInitialize() { super.onInitialize(); BeanEditor<?> editor = BeanContext.editBean("editor", user); Form<?> form = new Form<Void>("form") { @Override protected void onSubmit() { super.onSubmit(); UserManager userManager = GitPlex.getInstance(UserManager.class); User userWithSameName = userManager.findByName(user.getName()); if (userWithSameName != null) { editor.getErrorContext(new PathSegment.Property("name")) .addError("This name has already been used by another user."); } User userWithSameEmail = userManager.findByEmail(user.getEmail()); if (userWithSameEmail != null) { editor.getErrorContext(new PathSegment.Property("email")) .addError("This email has already been used by another user."); } if (!editor.hasErrors(true)){ user.setPassword(AppLoader.getInstance(PasswordService.class).encryptPassword(user.getPassword())); userManager.save(user, null); Session.get().success("New user created"); if (continueToAdd) { user = new User(); replace(BeanContext.editBean("editor", user)); } else { setResponsePage(UserMembershipsPage.class, UserMembershipsPage.paramsOf(user)); } } } }; form.add(editor); form.add(new CheckBox("continueToAdd", new IModel<Boolean>() { @Override public void detach() { } @Override public Boolean getObject() { return continueToAdd; } @Override public void setObject(Boolean object) { continueToAdd = object; } })); add(form); }
public ShiroPasswordEncoder(final PasswordService delegate) { setDelegate(delegate); }
public PasswordService getDelegate() { return delegate; }
public void setDelegate(final PasswordService delegate) { CommonHelper.assertNotNull("delegate", delegate); this.delegate = delegate; }
public void setPasswordService(PasswordService passwordService) { this.passwordService = passwordService; }
@Override protected void configure() { bind(DefaultPasswordService.class).to(PasswordService.class).in(Singleton.class); }
@Override protected void setUp() throws Exception { super.setUp(); passwordService = lookup(PasswordService.class, "default"); }
@Produces @ShiroIni @Named public PasswordService passwordService() { return new DefaultPasswordService(); }
@Provides @Singleton PasswordService providePasswordService() { return new DefaultPasswordService(); }
@Provides @Singleton PasswordMatcher providePasswordMatcher(PasswordService passwordService) { PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(passwordService); return passwordMatcher; }
/** * Gets the password service. * @return the value of the property */ public PasswordService getPasswordService() { return _passwordService; }
/** * Sets the password service. * @param passwordService the new value of the property */ public void setPasswordService(PasswordService passwordService) { this._passwordService = passwordService; }
/** * Gets the the {@code passwordService} property. * @return the property, not null */ public final Property<PasswordService> passwordService() { return metaBean().passwordService().createProperty(this); }
/** * The meta-property for the {@code passwordService} property. * @return the meta-property, not null */ public final MetaProperty<PasswordService> passwordService() { return _passwordService; }
