You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by fm...@apache.org on 2012/09/03 12:23:52 UTC
svn commit: r1380190 - in /incubator/syncope/trunk: ./
archetype/src/main/resources/archetype-resources/core/src/main/resources/
archetype/src/main/resources/archetype-resources/core/src/test/resources/
client/src/main/java/org/apache/syncope/types/ co...
Author: fmartelli
Date: Mon Sep 3 10:23:51 2012
New Revision: 1380190
URL: http://svn.apache.org/viewvc?rev=1380190&view=rev
Log:
Fixes issue SYNCOPE-51 and SYNCOPE-100 special thanks to Bob and Massimiliano
Added:
incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/EncodePasswordCLI.java (with props)
incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/PasswordEncoder.java (with props)
incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/security/
incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/security/PasswordEncoderTest.java (with props)
Modified:
incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/main/resources/ (props changed)
incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/main/resources/security.properties
incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/test/resources/security.properties
incubator/syncope/trunk/client/src/main/java/org/apache/syncope/types/CipherAlgorithm.java
incubator/syncope/trunk/core/pom.xml
incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/persistence/beans/user/SyncopeUser.java
incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/UserDataBinder.java
incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java
incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/workflow/NoOpUserWorkflowAdapter.java
incubator/syncope/trunk/core/src/main/resources/content.xml
incubator/syncope/trunk/core/src/main/resources/security.properties
incubator/syncope/trunk/core/src/main/resources/securityContext.xml
incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java
incubator/syncope/trunk/core/src/test/resources/content.xml
incubator/syncope/trunk/core/src/test/resources/security.properties
incubator/syncope/trunk/pom.xml
Propchange: incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/main/resources/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Mon Sep 3 10:23:51 2012
@@ -3,3 +3,4 @@ logback.xml
workflow.properties
content.xml
META-INF
+.content.xml.swp
Modified: incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/main/resources/security.properties
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/main/resources/security.properties?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/main/resources/security.properties (original)
+++ incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/main/resources/security.properties Mon Sep 3 10:23:51 2012
@@ -15,4 +15,5 @@
# specific language governing permissions and limitations
# under the License.
adminUser=admin
-adminMD5Password=5f4dcc3b5aa765d61d8327deb882cf99
+adminPassword=5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
+adminPasswordAlgorithm=SHA1
Modified: incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/test/resources/security.properties
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/test/resources/security.properties?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/test/resources/security.properties (original)
+++ incubator/syncope/trunk/archetype/src/main/resources/archetype-resources/core/src/test/resources/security.properties Mon Sep 3 10:23:51 2012
@@ -15,4 +15,5 @@
# specific language governing permissions and limitations
# under the License.
adminUser=admin
-adminMD5Password=5f4dcc3b5aa765d61d8327deb882cf99
+adminPassword=5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
+adminPasswordAlgorithm=SHA1
Modified: incubator/syncope/trunk/client/src/main/java/org/apache/syncope/types/CipherAlgorithm.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/client/src/main/java/org/apache/syncope/types/CipherAlgorithm.java?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/client/src/main/java/org/apache/syncope/types/CipherAlgorithm.java (original)
+++ incubator/syncope/trunk/client/src/main/java/org/apache/syncope/types/CipherAlgorithm.java Mon Sep 3 10:23:51 2012
@@ -20,10 +20,13 @@ package org.apache.syncope.types;
public enum CipherAlgorithm {
- MD5("MD5"),
SHA1("SHA-1"),
SHA256("SHA-256"),
- AES("AES");
+ AES("AES"),
+ SMD5("S-MD5"),
+ SSHA1("S-SHA-1"),
+ SSHA256("S-SHA-256"),
+ BCRYPT("BCRYPT");
final private String algorithm;
Modified: incubator/syncope/trunk/core/pom.xml
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/pom.xml?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/pom.xml (original)
+++ incubator/syncope/trunk/core/pom.xml Mon Sep 3 10:23:51 2012
@@ -274,6 +274,12 @@ under the License.
<groupId>org.connid</groupId>
<artifactId>framework-internal</artifactId>
</dependency>
+
+ <dependency>
+ <groupId>org.jasypt</groupId>
+ <artifactId>jasypt</artifactId>
+ <version>${jasypt.version}</version>
+ </dependency>
<!-- TEST -->
<dependency>
@@ -669,6 +675,7 @@ under the License.
<skip>false</skip>
<includes>
<include>**/dao/**Test.java</include>
+ <include>**/security/**Test.java</include>
</includes>
<excludes>
<exclude>**/relationships/**Test.java</exclude>
@@ -689,6 +696,7 @@ under the License.
</includes>
<excludes>
<exclude>**/dao/**Test.java</exclude>
+ <exclude>**/security/**Test.java</exclude>
<exclude>${sureExcludes}</exclude>
</excludes>
</configuration>
Modified: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/persistence/beans/user/SyncopeUser.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/persistence/beans/user/SyncopeUser.java?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/persistence/beans/user/SyncopeUser.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/persistence/beans/user/SyncopeUser.java Mon Sep 3 10:23:51 2012
@@ -20,7 +20,6 @@ package org.apache.syncope.core.persiste
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
-import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Calendar;
@@ -30,10 +29,8 @@ import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.SecretKeySpec;
import javax.persistence.Basic;
import javax.persistence.Cacheable;
import javax.persistence.CascadeType;
@@ -56,9 +53,7 @@ import javax.validation.Valid;
import javax.validation.constraints.Max;
import javax.validation.constraints.Min;
import javax.validation.constraints.NotNull;
-import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.RandomStringUtils;
-import org.springframework.security.crypto.codec.Base64;
import org.apache.syncope.core.persistence.beans.AbstractAttr;
import org.apache.syncope.core.persistence.beans.AbstractAttributable;
import org.apache.syncope.core.persistence.beans.AbstractDerAttr;
@@ -67,6 +62,7 @@ import org.apache.syncope.core.persisten
import org.apache.syncope.core.persistence.beans.membership.Membership;
import org.apache.syncope.core.persistence.beans.role.SyncopeRole;
import org.apache.syncope.core.persistence.validation.entity.SyncopeUserCheck;
+import org.apache.syncope.core.security.PasswordEncoder;
import org.apache.syncope.types.CipherAlgorithm;
@Entity
@@ -76,16 +72,6 @@ public class SyncopeUser extends Abstrac
private static final long serialVersionUID = -3905046855521446823L;
- private static SecretKeySpec keySpec;
-
- static {
- try {
- keySpec = new SecretKeySpec(ArrayUtils.subarray("1abcdefghilmnopqrstuvz2!".getBytes("UTF8"), 0, 16), "AES");
- } catch (Exception e) {
- LOG.error("Error during key specification", e);
- }
- }
-
@Id
private Long id;
@@ -514,42 +500,7 @@ public class SyncopeUser extends Abstrac
throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
IllegalBlockSizeException, BadPaddingException {
- String encodedPassword = null;
-
- if (password != null) {
- if (cipherAlgoritm == null || cipherAlgoritm == CipherAlgorithm.AES) {
-
- final byte[] cleartext = password.getBytes("UTF8");
-
- final Cipher cipher = Cipher.getInstance(CipherAlgorithm.AES.getAlgorithm());
-
- cipher.init(Cipher.ENCRYPT_MODE, keySpec);
-
- byte[] encoded = cipher.doFinal(cleartext);
-
- encodedPassword = new String(Base64.encode(encoded));
- } else {
- MessageDigest algorithm = MessageDigest.getInstance(cipherAlgoritm.getAlgorithm());
-
- algorithm.reset();
- algorithm.update(password.getBytes());
-
- byte[] messageDigest = algorithm.digest();
-
- StringBuilder hexString = new StringBuilder();
- for (int i = 0; i < messageDigest.length; i++) {
- String hex = Integer.toHexString(0xff & messageDigest[i]);
- if (hex.length() == 1) {
- hexString.append('0');
- }
- hexString.append(hex);
- }
-
- encodedPassword = hexString.toString();
- }
- }
-
- return encodedPassword;
+ return PasswordEncoder.encodePassword(password, cipherAlgoritm);
}
public boolean verifyPasswordHistory(final String password, final int size) {
Modified: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/UserDataBinder.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/UserDataBinder.java?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/UserDataBinder.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/UserDataBinder.java Mon Sep 3 10:23:51 2012
@@ -42,6 +42,7 @@ import org.apache.syncope.core.persisten
import org.apache.syncope.core.persistence.beans.user.SyncopeUser;
import org.apache.syncope.core.propagation.PropagationByResource;
import org.apache.syncope.core.rest.controller.UnauthorizedRoleException;
+import org.apache.syncope.core.security.PasswordEncoder;
import org.apache.syncope.core.util.AttributableUtil;
import org.apache.syncope.core.util.ConnObjectUtil;
import org.apache.syncope.core.util.EntitlementUtil;
@@ -95,22 +96,14 @@ public class UserDataBinder extends Abst
public boolean verifyPassword(final String username, final String password)
throws NotFoundException, UnauthorizedRoleException {
- SyncopeUser user = getUserFromUsername(username);
-
- SyncopeUser passwordUser = new SyncopeUser();
- passwordUser.setPassword(password, user.getCipherAlgoritm(), 0);
-
- return user.getPassword().equalsIgnoreCase(passwordUser.getPassword());
+ return verifyPassword(getUserFromUsername(username), password);
}
@Transactional(readOnly = true)
public boolean verifyPassword(final SyncopeUser user, final String password)
throws NotFoundException, UnauthorizedRoleException {
- SyncopeUser passwordUser = new SyncopeUser();
- passwordUser.setPassword(password, user.getCipherAlgoritm(), 0);
-
- return user.getPassword().equalsIgnoreCase(passwordUser.getPassword());
+ return PasswordEncoder.verifyPassword(password, user.getCipherAlgoritm(), user.getPassword());
}
@Transactional(readOnly = true)
@@ -137,8 +130,23 @@ public class UserDataBinder extends Abst
return user;
}
- private CipherAlgorithm getCipherAlgoritm() {
- return CipherAlgorithm.valueOf(confDAO.find("password.cipher.algorithm", "AES").getValue());
+ /**
+ * Get pre-configured password cipher algorithm.
+ *
+ * @return cipher algorithm.
+ * @throws NotFoundException in case of algorithm not included into
+ * <code>CipherAlgorithm</code>.
+ */
+ private CipherAlgorithm getCipherAlgoritm()
+ throws NotFoundException {
+
+ final String algorithm = confDAO.find("password.cipher.algorithm", "AES").getValue();
+
+ try {
+ return CipherAlgorithm.valueOf(algorithm);
+ } catch (IllegalArgumentException e) {
+ throw new NotFoundException("Cipher algorithm " + algorithm);
+ }
}
public void create(final SyncopeUser user, final UserTO userTO)
@@ -191,7 +199,16 @@ public class UserDataBinder extends Abst
if (userTO.getPassword() == null || userTO.getPassword().isEmpty()) {
LOG.error("No password provided");
} else {
- user.setPassword(userTO.getPassword(), getCipherAlgoritm(), passwordHistorySize);
+ try {
+ user.setPassword(userTO.getPassword(), getCipherAlgoritm(), passwordHistorySize);
+ } catch (NotFoundException e) {
+ final SyncopeClientException invalidAlgorith =
+ new SyncopeClientException(SyncopeClientExceptionType.NotFound);
+ invalidAlgorith.addElement(e.getMessage());
+ scce.addException(invalidAlgorith);
+
+ throw scce;
+ }
}
// set username
@@ -233,7 +250,16 @@ public class UserDataBinder extends Abst
// ignore exceptions
}
- user.setPassword(userMod.getPassword(), getCipherAlgoritm(), passwordHistorySize);
+ try {
+ user.setPassword(userMod.getPassword(), getCipherAlgoritm(), passwordHistorySize);
+ } catch (NotFoundException e) {
+ final SyncopeClientException invalidAlgorith =
+ new SyncopeClientException(SyncopeClientExceptionType.NotFound);
+ invalidAlgorith.addElement(e.getMessage());
+ scce.addException(invalidAlgorith);
+
+ throw scce;
+ }
user.setChangePwdDate(new Date());
Added: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/EncodePasswordCLI.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/EncodePasswordCLI.java?rev=1380190&view=auto
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/EncodePasswordCLI.java (added)
+++ incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/EncodePasswordCLI.java Mon Sep 3 10:23:51 2012
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.security;
+
+import java.util.Arrays;
+import org.apache.syncope.types.CipherAlgorithm;
+
+/**
+ * Command line version of encoder to encode the admin password
+ */
+public class EncodePasswordCLI {
+
+ /**
+ * @param args
+ */
+ public static void main(String[] args)
+ throws Exception {
+
+ if (args.length != 2) {
+ usage();
+ System.exit(0);
+ }
+
+ if (CipherAlgorithm.valueOf(args[1]).getAlgorithm().isEmpty()) {
+ System.out.println("Unsupported algorithm " + args[1]);
+ usage();
+ System.exit(0);
+ }
+
+ System.out.println("Encoding password '" + args[0] + "' with " + args[1]);
+ System.out.println(PasswordEncoder.encodePassword(args[0], CipherAlgorithm.valueOf(args[1])));
+ }
+
+ private static void usage() {
+ System.out.println("Usage: EncodePassword <password> <algorithm>");
+ System.out.println("Supported algorithms:" + Arrays.toString(CipherAlgorithm.values()));
+ }
+}
Propchange: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/EncodePasswordCLI.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/EncodePasswordCLI.java
------------------------------------------------------------------------------
svn:keywords = Date Author Id Revision HeadURL
Propchange: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/EncodePasswordCLI.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/PasswordEncoder.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/PasswordEncoder.java?rev=1380190&view=auto
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/PasswordEncoder.java (added)
+++ incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/PasswordEncoder.java Mon Sep 3 10:23:51 2012
@@ -0,0 +1,133 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.security;
+
+import java.io.UnsupportedEncodingException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.SecretKeySpec;
+import org.apache.commons.lang.ArrayUtils;
+import org.apache.syncope.types.CipherAlgorithm;
+import org.jasypt.digest.StandardStringDigester;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.crypto.bcrypt.BCrypt;
+import org.springframework.security.crypto.codec.Base64;
+
+/**
+ * TODO: Description of the class.
+ *
+ * @author bl
+ *
+ * @since
+ *
+ */
+public class PasswordEncoder {
+
+ protected static final Logger LOG = LoggerFactory.getLogger(PasswordEncoder.class);
+
+ private static SecretKeySpec keySpec;
+
+ static {
+ try {
+ keySpec = new SecretKeySpec(ArrayUtils.subarray("1abcdefghilmnopqrstuvz2!".getBytes("UTF8"), 0, 16), "AES");
+ } catch (Exception e) {
+ LOG.error("Error during key specification", e);
+ }
+ }
+
+ public static String encodePassword(final String password, final CipherAlgorithm cipherAlgorithm)
+ throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
+ IllegalBlockSizeException, BadPaddingException {
+
+ String encodedPassword = null;
+
+ if (password != null) {
+ if (cipherAlgorithm == null || cipherAlgorithm == CipherAlgorithm.AES) {
+
+ final byte[] cleartext = password.getBytes("UTF8");
+
+ final Cipher cipher = Cipher.getInstance(CipherAlgorithm.AES.getAlgorithm());
+ cipher.init(Cipher.ENCRYPT_MODE, keySpec);
+ byte[] encoded = cipher.doFinal(cleartext);
+
+ encodedPassword = new String(Base64.encode(encoded));
+ } else if (cipherAlgorithm.getAlgorithm().equals("BCRYPT")) {
+ encodedPassword = BCrypt.hashpw(password, BCrypt.gensalt());
+ } else {
+ encodedPassword = getDigester(cipherAlgorithm).digest(password);
+
+ }
+ }
+
+ return encodedPassword;
+ }
+
+ public static boolean verifyPassword(String password, CipherAlgorithm cipherAlgorithm, String digestedPassword) {
+
+ boolean res = false;
+
+ try {
+ if (password != null) {
+ if (cipherAlgorithm == null || cipherAlgorithm == CipherAlgorithm.AES) {
+
+ final byte[] cleartext = password.getBytes("UTF8");
+
+ final Cipher cipher = Cipher.getInstance(CipherAlgorithm.AES.getAlgorithm());
+ cipher.init(Cipher.ENCRYPT_MODE, keySpec);
+ byte[] encoded = cipher.doFinal(cleartext);
+
+ res = new String(Base64.encode(encoded)).equals(digestedPassword);
+ } else if (cipherAlgorithm.getAlgorithm().equals("BCRYPT")) {
+ res = BCrypt.checkpw(password, digestedPassword);
+ } else {
+ res = getDigester(cipherAlgorithm).matches(password, digestedPassword);
+ }
+ }
+ } catch (Exception e) {
+ LOG.error("Could not verify password", e);
+ }
+
+ return res;
+ }
+
+ private static StandardStringDigester getDigester(CipherAlgorithm cipherAlgorithm) {
+ StandardStringDigester digester = new StandardStringDigester();
+
+ if (cipherAlgorithm.getAlgorithm().startsWith("S-")) {
+ // Salted ...
+ digester.setAlgorithm(cipherAlgorithm.getAlgorithm().replaceFirst("S\\-", ""));
+ digester.setIterations(100000);
+ digester.setSaltSizeBytes(16);
+ } else {
+ // Not salted ...
+ digester.setAlgorithm(cipherAlgorithm.getAlgorithm());
+ digester.setIterations(1);
+ digester.setSaltSizeBytes(0);
+
+ }
+
+ digester.setStringOutputType("hexadecimal");
+ return digester;
+ }
+}
Propchange: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/PasswordEncoder.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/PasswordEncoder.java
------------------------------------------------------------------------------
svn:keywords = Date Author Id Revision HeadURL
Propchange: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/PasswordEncoder.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/security/SyncopeAuthenticationProvider.java Mon Sep 3 10:23:51 2012
@@ -19,24 +19,24 @@
package org.apache.syncope.core.security;
import java.util.Date;
+import org.apache.syncope.core.audit.AuditManager;
+import org.apache.syncope.core.persistence.beans.user.SyncopeUser;
+import org.apache.syncope.core.persistence.dao.UserDAO;
+import org.apache.syncope.types.AuditElements.AuthenticationSubCategory;
+import org.apache.syncope.types.AuditElements.Category;
+import org.apache.syncope.types.AuditElements.Result;
+import org.apache.syncope.types.CipherAlgorithm;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Configurable;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.transaction.annotation.Transactional;
-import org.apache.syncope.core.audit.AuditManager;
-import org.apache.syncope.core.persistence.beans.user.SyncopeUser;
-import org.apache.syncope.core.persistence.dao.UserDAO;
-import org.apache.syncope.types.CipherAlgorithm;
-import org.apache.syncope.types.AuditElements.AuthenticationSubCategory;
-import org.apache.syncope.types.AuditElements.Category;
-import org.apache.syncope.types.AuditElements.Result;
-import org.springframework.security.authentication.DisabledException;
@Configurable
public class SyncopeAuthenticationProvider implements AuthenticationProvider {
@@ -56,21 +56,43 @@ public class SyncopeAuthenticationProvid
private String adminUser;
- private String adminMD5Password;
+ private String adminPassword;
- public String getAdminMD5Password() {
- return adminMD5Password;
+ /**
+ * @return the adminPassword
+ */
+ public String getAdminPassword() {
+ return adminPassword;
}
- public void setAdminMD5Password(String adminMD5Password) {
- this.adminMD5Password = adminMD5Password;
+ /**
+ * @param adminPassword the adminPassword to set
+ */
+ public void setAdminPassword(final String adminPassword) {
+ this.adminPassword = adminPassword;
}
+ /**
+ * @return the adminPasswordAlgorithm
+ */
+ public String getAdminPasswordAlgorithm() {
+ return adminPasswordAlgorithm;
+ }
+
+ /**
+ * @param adminPasswordAlgorithm the adminPasswordAlgorithm to set
+ */
+ public void setAdminPasswordAlgorithm(final String adminPasswordAlgorithm) {
+ this.adminPasswordAlgorithm = adminPasswordAlgorithm;
+ }
+
+ private String adminPasswordAlgorithm;
+
public String getAdminUser() {
return adminUser;
}
- public void setAdminUser(String adminUser) {
+ public void setAdminUser(final String adminUser) {
this.adminUser = adminUser;
}
@@ -95,8 +117,10 @@ public class SyncopeAuthenticationProvid
String username = authentication.getPrincipal().toString();
if (adminUser.equals(username)) {
- passwordUser.setPassword(authentication.getCredentials().toString(), CipherAlgorithm.MD5, 0);
- authenticated = adminMD5Password.equalsIgnoreCase(passwordUser.getPassword());
+ authenticated = PasswordEncoder.verifyPassword(
+ authentication.getCredentials().toString(),
+ CipherAlgorithm.valueOf(adminPasswordAlgorithm),
+ adminPassword);
} else {
user = userDAO.find(username);
@@ -104,9 +128,10 @@ public class SyncopeAuthenticationProvid
if (user.getSuspended()) {
throw new DisabledException("User " + user.getUsername() + " is suspended");
}
-
- passwordUser.setPassword(authentication.getCredentials().toString(), user.getCipherAlgoritm(), 0);
- authenticated = user.getPassword().equalsIgnoreCase(passwordUser.getPassword());
+ authenticated = PasswordEncoder.verifyPassword(
+ authentication.getCredentials().toString(),
+ user.getCipherAlgoritm(),
+ user.getPassword());
}
}
Modified: incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/workflow/NoOpUserWorkflowAdapter.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/workflow/NoOpUserWorkflowAdapter.java?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/workflow/NoOpUserWorkflowAdapter.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/apache/syncope/core/workflow/NoOpUserWorkflowAdapter.java Mon Sep 3 10:23:51 2012
@@ -37,11 +37,11 @@ import org.springframework.transaction.a
/**
* Simple implementation basically not involving any workflow engine.
*/
-@Transactional(rollbackFor = { Throwable.class })
+@Transactional(rollbackFor = {Throwable.class})
public class NoOpUserWorkflowAdapter extends AbstractUserWorkflowAdapter {
- private static final List<String> TASKS = Arrays.asList(new String[] { "create", "activate", "update", "suspend",
- "reactivate", "delete" });
+ private static final List<String> TASKS = Arrays.asList(new String[]{"create", "activate", "update", "suspend",
+ "reactivate", "delete"});
public static final String ENABLED = "enabled";
@@ -53,7 +53,8 @@ public class NoOpUserWorkflowAdapter ext
@Override
public WorkflowResult<Map.Entry<Long, Boolean>> create(final UserTO userTO, final boolean disablePwdPolicyCheck,
- final Boolean enabled) throws WorkflowException {
+ final Boolean enabled)
+ throws WorkflowException {
SyncopeUser user = new SyncopeUser();
dataBinder.create(user, userTO);
@@ -88,7 +89,8 @@ public class NoOpUserWorkflowAdapter ext
}
@Override
- protected WorkflowResult<Long> doActivate(final SyncopeUser user, final String token) throws WorkflowException {
+ protected WorkflowResult<Long> doActivate(final SyncopeUser user, final String token)
+ throws WorkflowException {
if (!user.checkToken(token)) {
throw new WorkflowException(new RuntimeException("Wrong token: " + token));
@@ -114,7 +116,8 @@ public class NoOpUserWorkflowAdapter ext
}
@Override
- protected WorkflowResult<Long> doSuspend(final SyncopeUser user) throws WorkflowException {
+ protected WorkflowResult<Long> doSuspend(final SyncopeUser user)
+ throws WorkflowException {
user.setStatus("suspended");
SyncopeUser updated = userDAO.save(user);
@@ -123,7 +126,8 @@ public class NoOpUserWorkflowAdapter ext
}
@Override
- protected WorkflowResult<Long> doReactivate(final SyncopeUser user) throws WorkflowException {
+ protected WorkflowResult<Long> doReactivate(final SyncopeUser user)
+ throws WorkflowException {
user.setStatus("active");
SyncopeUser updated = userDAO.save(user);
@@ -132,7 +136,8 @@ public class NoOpUserWorkflowAdapter ext
}
@Override
- protected void doDelete(final SyncopeUser user) throws WorkflowException {
+ protected void doDelete(final SyncopeUser user)
+ throws WorkflowException {
userDAO.delete(user);
}
@@ -145,19 +150,22 @@ public class NoOpUserWorkflowAdapter ext
}
@Override
- public WorkflowDefinitionTO getDefinition() throws WorkflowException {
+ public WorkflowDefinitionTO getDefinition()
+ throws WorkflowException {
return new WorkflowDefinitionTO();
}
@Override
- public void updateDefinition(final WorkflowDefinitionTO definition) throws NotFoundException, WorkflowException {
+ public void updateDefinition(final WorkflowDefinitionTO definition)
+ throws NotFoundException, WorkflowException {
throw new WorkflowException(new UnsupportedOperationException("Not supported."));
}
@Override
- public List<String> getDefinedTasks() throws WorkflowException {
+ public List<String> getDefinedTasks()
+ throws WorkflowException {
return TASKS;
}
@@ -168,7 +176,8 @@ public class NoOpUserWorkflowAdapter ext
}
@Override
- public WorkflowFormTO getForm(final String workflowId) throws NotFoundException, WorkflowException {
+ public WorkflowFormTO getForm(final String workflowId)
+ throws NotFoundException, WorkflowException {
return null;
}
Modified: incubator/syncope/trunk/core/src/main/resources/content.xml
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/resources/content.xml?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/resources/content.xml (original)
+++ incubator/syncope/trunk/core/src/main/resources/content.xml Mon Sep 3 10:23:51 2012
@@ -24,7 +24,7 @@ under the License.
<SyncopeConf confKey="smtp.host" confValue="smtp.ngi.it"/>
<SyncopeConf confKey="smtp.port" confValue="25"/>
<SyncopeConf confKey="connid.bundles.directory" confValue="${bundles.directory}"/>
- <SyncopeConf confKey="password.cipher.algorithm" confValue="MD5"/>
+ <SyncopeConf confKey="password.cipher.algorithm" confValue="SHA1"/>
<SyncopeConf confKey="createRequest.allowed" confValue="false"/>
<Policy DTYPE="SyncPolicy" id="1" description="Global Sync Policy" type="GLOBAL_SYNC"
Modified: incubator/syncope/trunk/core/src/main/resources/security.properties
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/resources/security.properties?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/resources/security.properties (original)
+++ incubator/syncope/trunk/core/src/main/resources/security.properties Mon Sep 3 10:23:51 2012
@@ -15,4 +15,5 @@
# specific language governing permissions and limitations
# under the License.
adminUser=admin
-adminMD5Password=5f4dcc3b5aa765d61d8327deb882cf99
+adminPassword=5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
+adminPasswordAlgorithm=SHA1
Modified: incubator/syncope/trunk/core/src/main/resources/securityContext.xml
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/resources/securityContext.xml?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/resources/securityContext.xml (original)
+++ incubator/syncope/trunk/core/src/main/resources/securityContext.xml Mon Sep 3 10:23:51 2012
@@ -36,14 +36,15 @@ under the License.
</security:http>
<bean id="syncopeUserDetailsService"
- class="org.apache.syncope.core.security.SyncopeUserDetailsService">
+ class="org.apache.syncope.core.security.SyncopeUserDetailsService">
<property name="adminUser" value="${adminUser}"/>
</bean>
<bean id="syncopeAuthenticationProvider"
- class="org.apache.syncope.core.security.SyncopeAuthenticationProvider">
+ class="org.apache.syncope.core.security.SyncopeAuthenticationProvider">
<property name="adminUser" value="${adminUser}"/>
- <property name="adminMD5Password" value="${adminMD5Password}"/>
+ <property name="adminPassword" value="${adminPassword}"/>
+ <property name="adminPasswordAlgorithm" value="${adminPasswordAlgorithm}"/>
<property name="syncopeUserDetailsService" ref="syncopeUserDetailsService"/>
</bean>
Modified: incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java (original)
+++ incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java Mon Sep 3 10:23:51 2012
@@ -47,6 +47,7 @@ import org.apache.syncope.client.search.
import org.apache.syncope.client.to.MembershipTO;
import org.apache.syncope.client.search.NodeCond;
import org.apache.syncope.client.search.ResourceCond;
+import org.apache.syncope.client.to.ConfigurationTO;
import org.apache.syncope.client.to.ConnObjectTO;
import org.apache.syncope.client.to.PasswordPolicyTO;
import org.apache.syncope.client.to.PolicyTO;
@@ -552,8 +553,7 @@ public class UserTestITCase extends Abst
assertEquals(maxTaskExecutions, taskTO.getExecutions().size());
// 3. verify password
- Boolean verify = restTemplate.
- getForObject(BASE_URL + "user/verifyPassword/{username}.json?password=password123",
+ Boolean verify = restTemplate.getForObject(BASE_URL + "user/verifyPassword/{username}.json?password=password123",
Boolean.class, newUserTO.getUsername());
assertTrue(verify);
@@ -869,8 +869,7 @@ public class UserTestITCase extends Abst
assertNotNull(user);
}
- users = Arrays.
- asList(restTemplate.getForObject(BASE_URL + "user/list/{page}/{size}.json", UserTO[].class, 2, 2));
+ users = Arrays.asList(restTemplate.getForObject(BASE_URL + "user/list/{page}/{size}.json", UserTO[].class, 2, 2));
assertNotNull(users);
assertFalse(users.isEmpty());
@@ -1122,7 +1121,7 @@ public class UserTestITCase extends Abst
assertNotNull(userTO);
SyncopeUser passwordTestUser = new SyncopeUser();
- passwordTestUser.setPassword("newPassword", CipherAlgorithm.MD5, 0);
+ passwordTestUser.setPassword("newPassword", CipherAlgorithm.SHA1, 0);
assertEquals(passwordTestUser.getPassword(), userTO.getPassword());
assertEquals(1, userTO.getMemberships().size());
@@ -1174,7 +1173,7 @@ public class UserTestITCase extends Abst
assertNotNull(userTO.getChangePwdDate());
SyncopeUser passwordTestUser = new SyncopeUser();
- passwordTestUser.setPassword("newPassword", CipherAlgorithm.MD5, 0);
+ passwordTestUser.setPassword("newPassword", CipherAlgorithm.SHA1, 0);
assertEquals(passwordTestUser.getPassword(), userTO.getPassword());
List<PropagationTaskTO> afterTasks = Arrays.asList(restTemplate.getForObject(
@@ -2000,4 +1999,35 @@ public class UserTestITCase extends Abst
}
assertNotNull(sce);
}
+
+ @Test()
+ public void issueSYNCOPE51() {
+ ConfigurationTO defaultConfigurationTO = restTemplate.getForObject(
+ BASE_URL + "configuration/read/{key}.json", ConfigurationTO.class, "password.cipher.algorithm");
+
+ ConfigurationTO configurationTO = new ConfigurationTO();
+ configurationTO.setKey("password.cipher.algorithm");
+ configurationTO.setValue("MD5");
+
+ ConfigurationTO newConfTO =
+ restTemplate.postForObject(BASE_URL + "configuration/update", configurationTO, ConfigurationTO.class);
+
+ assertEquals(configurationTO, newConfTO);
+
+ UserTO userTO = getSampleTO("syncope51@syncope.apache.org");
+ userTO.setPassword("password");
+
+ try {
+ restTemplate.postForObject(BASE_URL + "user/create", userTO, UserTO.class);
+ fail();
+ } catch (SyncopeClientCompositeErrorException e) {
+ assertTrue(
+ e.getException(SyncopeClientExceptionType.NotFound).getElements().iterator().next().contains("MD5"));
+ }
+
+ ConfigurationTO oldConfTO = restTemplate.postForObject(
+ BASE_URL + "configuration/update", defaultConfigurationTO, ConfigurationTO.class);
+
+ assertEquals(defaultConfigurationTO, oldConfTO);
+ }
}
Added: incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/security/PasswordEncoderTest.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/security/PasswordEncoderTest.java?rev=1380190&view=auto
==============================================================================
--- incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/security/PasswordEncoderTest.java (added)
+++ incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/security/PasswordEncoderTest.java Mon Sep 3 10:23:51 2012
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.security;
+
+import static org.junit.Assert.*;
+import org.apache.syncope.types.CipherAlgorithm;
+import org.junit.Test;
+
+/**
+ * Testclass to test all encryption algorithms.
+ */
+public class PasswordEncoderTest {
+
+ private final String password = "password";
+
+ /**
+ * Verify all algorithms
+ */
+ @Test
+ public void testEncoder()
+ throws Exception {
+
+ for (CipherAlgorithm cipherAlgorithm : CipherAlgorithm.values()) {
+ final String encPassword = PasswordEncoder.encodePassword(password, cipherAlgorithm);
+
+ assertNotNull(encPassword);
+ assertTrue(PasswordEncoder.verifyPassword(password, cipherAlgorithm, encPassword));
+ assertFalse(PasswordEncoder.verifyPassword("pass", cipherAlgorithm, encPassword));
+
+ // check that same password encoded with BCRYPT or Salted versions results in different digest
+ if (cipherAlgorithm.equals(CipherAlgorithm.BCRYPT) || cipherAlgorithm.getAlgorithm().startsWith("S-")) {
+ final String encSamePassword = PasswordEncoder.encodePassword(password, cipherAlgorithm);
+ assertNotNull(encSamePassword);
+ assertFalse(encSamePassword.equals(encPassword));
+ assertTrue(PasswordEncoder.verifyPassword(password, cipherAlgorithm, encSamePassword));
+ }
+ }
+
+ }
+}
Propchange: incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/security/PasswordEncoderTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/security/PasswordEncoderTest.java
------------------------------------------------------------------------------
svn:keywords = Date Author Id Revision HeadURL
Propchange: incubator/syncope/trunk/core/src/test/java/org/apache/syncope/core/security/PasswordEncoderTest.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: incubator/syncope/trunk/core/src/test/resources/content.xml
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/test/resources/content.xml?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/test/resources/content.xml (original)
+++ incubator/syncope/trunk/core/src/test/resources/content.xml Mon Sep 3 10:23:51 2012
@@ -24,7 +24,7 @@ under the License.
<SyncopeConf confKey="smtp.host" confValue="not-existing"/>
<SyncopeConf confKey="smtp.port" confValue="25"/>
<SyncopeConf confKey="connid.bundles.directory" confValue="${bundles.directory}"/>
- <SyncopeConf confKey="password.cipher.algorithm" confValue="MD5"/>
+ <SyncopeConf confKey="password.cipher.algorithm" confValue="SHA1"/>
<SyncopeConf confKey="createRequest.allowed" confValue="true"/>
<!-- sample policies -->
@@ -36,13 +36,13 @@ under the License.
<Policy DTYPE="AccountPolicy" id="6" description="sample account policy" type="ACCOUNT" specification="%3Corg.apache.syncope.types.AccountPolicySpec%3E%0A++%3CmaxLength%3E0%3C%2FmaxLength%3E%0A++%3CminLength%3E4%3C%2FminLength%3E%0A++%3CprefixesNotPermitted%3E%0A++++%3Cstring%3Enotpermitted1%3C%2Fstring%3E%0A++++%3Cstring%3Enotpermitted2%3C%2Fstring%3E%0A++%3C%2FprefixesNotPermitted%3E%0A++%3CallUpperCase%3Efalse%3C%2FallUpperCase%3E%0A++%3CallLowerCase%3Efalse%3C%2FallLowerCase%3E%0A++%3CpropagateSuspension%3Efalse%3C%2FpropagateSuspension%3E%0A++%3CpermittedLoginRetries%3E3%3C%2FpermittedLoginRetries%3E%0A%3C%2Forg.apache.syncope.types.AccountPolicySpec%3E"/>
<Policy DTYPE="SyncPolicy" id="7" description="sync policy 1" type="SYNC" specification="%3Corg.apache.syncope.types.SyncPolicySpec%2F%3E"/>
- <SyncopeUser id="1" workflowId="0" status="active" password="5f4dcc3b5aa765d61d8327deb882cf99" cipherAlgorithm="MD5"
+ <SyncopeUser id="1" workflowId="0" status="active" password="5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8" cipherAlgorithm="SHA1"
username="user1" creationDate="2010-10-20 11:00:00"/>
- <SyncopeUser id="2" workflowId="0" status="active" password="5f4dcc3b5aa765d61d8327deb882cf99" cipherAlgorithm="MD5"
+ <SyncopeUser id="2" workflowId="0" status="active" password="5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8" cipherAlgorithm="SHA1"
username="user2" creationDate="2010-10-20 11:00:00"/>
- <SyncopeUser id="3" workflowId="0" status="active" password="5f4dcc3b5aa765d61d8327deb882cf99" cipherAlgorithm="MD5"
+ <SyncopeUser id="3" workflowId="0" status="active" password="5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8" cipherAlgorithm="SHA1"
username="user3" creationDate="2010-10-20 11:00:00"/>
- <SyncopeUser id="4" workflowId="0" status="active" password="5f4dcc3b5aa765d61d8327deb882cf99" cipherAlgorithm="MD5"
+ <SyncopeUser id="4" workflowId="0" status="active" password="5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8" cipherAlgorithm="SHA1"
username="user4" creationDate="2010-10-20 11:00:00"/>
<SyncopeRole id="1" name="root"/>
Modified: incubator/syncope/trunk/core/src/test/resources/security.properties
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/test/resources/security.properties?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/test/resources/security.properties (original)
+++ incubator/syncope/trunk/core/src/test/resources/security.properties Mon Sep 3 10:23:51 2012
@@ -15,4 +15,5 @@
# specific language governing permissions and limitations
# under the License.
adminUser=admin
-adminMD5Password=5f4dcc3b5aa765d61d8327deb882cf99
+adminPassword=5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
+adminPasswordAlgorithm=SHA1
Modified: incubator/syncope/trunk/pom.xml
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/pom.xml?rev=1380190&r1=1380189&r2=1380190&view=diff
==============================================================================
--- incubator/syncope/trunk/pom.xml (original)
+++ incubator/syncope/trunk/pom.xml Mon Sep 3 10:23:51 2012
@@ -273,6 +273,8 @@ under the License.
<apacheds.version>1.5.7</apacheds.version>
<tomcat.version>7.0.29</tomcat.version>
+
+ <jasypt.version>1.9.0</jasypt.version>
<bundles.directory>${project.build.directory}/bundles</bundles.directory>
<log.directory>${project.build.directory}/log</log.directory>