You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@rave.apache.org by mp...@apache.org on 2012/01/10 14:19:27 UTC
svn commit: r1229527 - in /incubator/rave/trunk:
rave-components/rave-core/src/main/java/org/apache/rave/portal/service/impl/
rave-components/rave-core/src/main/resources/org/apache/rave/
rave-components/rave-core/src/test/java/org/apache/rave/portal/r...
Author: mpierce
Date: Tue Jan 10 13:19:27 2012
New Revision: 1229527
URL: http://svn.apache.org/viewvc?rev=1229527&view=rev
Log:
(RAVE-410) Committing patch contributed by Marijan Milicevic to use bcrypt password hashing.
Modified:
incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/service/impl/DefaultNewAccountService.java
incubator/rave/trunk/rave-components/rave-core/src/main/resources/org/apache/rave/core-applicationContext.xml
incubator/rave/trunk/rave-components/rave-core/src/test/java/org/apache/rave/portal/repository/impl/JpaUserRepositoryTest.java
incubator/rave/trunk/rave-components/rave-core/src/test/java/org/apache/rave/portal/service/impl/DefaultNewAccountServiceTest.java
incubator/rave/trunk/rave-components/rave-core/src/test/resources/test_data.sql
incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml
incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/db/initial_data.sql
Modified: incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/service/impl/DefaultNewAccountService.java
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/service/impl/DefaultNewAccountService.java?rev=1229527&r1=1229526&r2=1229527&view=diff
==============================================================================
--- incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/service/impl/DefaultNewAccountService.java (original)
+++ incubator/rave/trunk/rave-components/rave-core/src/main/java/org/apache/rave/portal/service/impl/DefaultNewAccountService.java Tue Jan 10 13:19:27 2012
@@ -30,8 +30,8 @@ import org.apache.rave.portal.service.Us
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.dao.SaltSource;
-import org.springframework.security.authentication.encoding.PasswordEncoder;
+
+import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
@Service
@@ -47,10 +47,7 @@ public class DefaultNewAccountService im
private final AuthorityService authorityService;
@Autowired
- private SaltSource saltSource;
-
- @Autowired
- private PasswordEncoder passwordEncoder;
+ private PasswordEncoder passwordEncoder;
@Autowired
public DefaultNewAccountService(UserService userService,
@@ -77,12 +74,8 @@ public class DefaultNewAccountService im
User user=new User();
user.setUsername(userName);
user.setEmail(email);
- //This assumes we use the username for the salt. If not, the code below will need to change.
- //See also applicationContext-security.xml
- Object salt = saltSource.getSalt(user);
- String saltedHashedPassword=passwordEncoder.encodePassword(password, salt);
- logger.debug("Salt Source: {}", salt);
- user.setPassword(saltedHashedPassword);
+ String hashedPassword = passwordEncoder.encode(password);
+ user.setPassword(hashedPassword);
user.setExpired(false);
user.setLocked(false);
Modified: incubator/rave/trunk/rave-components/rave-core/src/main/resources/org/apache/rave/core-applicationContext.xml
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-components/rave-core/src/main/resources/org/apache/rave/core-applicationContext.xml?rev=1229527&r1=1229526&r2=1229527&view=diff
==============================================================================
--- incubator/rave/trunk/rave-components/rave-core/src/main/resources/org/apache/rave/core-applicationContext.xml (original)
+++ incubator/rave/trunk/rave-components/rave-core/src/main/resources/org/apache/rave/core-applicationContext.xml Tue Jan 10 13:19:27 2012
@@ -95,10 +95,9 @@
<property name="password" value="${portal.dataSource.password}"/>
</bean>
- <!-- Password encoding and salting-->
- <bean class="org.springframework.security.authentication.encoding.ShaPasswordEncoder" id="passwordEncoder"/>
- <bean class="org.springframework.security.authentication.dao.ReflectionSaltSource" id="saltSource">
- <property name="userPropertyToUse" value="username"/>
+ <!-- Password encoding -->
+ <bean class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" id="passwordEncoder">
+ <!--<constructor-arg index="0" value="10"/>-->
</bean>
</beans>
\ No newline at end of file
Modified: incubator/rave/trunk/rave-components/rave-core/src/test/java/org/apache/rave/portal/repository/impl/JpaUserRepositoryTest.java
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-components/rave-core/src/test/java/org/apache/rave/portal/repository/impl/JpaUserRepositoryTest.java?rev=1229527&r1=1229526&r2=1229527&view=diff
==============================================================================
--- incubator/rave/trunk/rave-components/rave-core/src/test/java/org/apache/rave/portal/repository/impl/JpaUserRepositoryTest.java (original)
+++ incubator/rave/trunk/rave-components/rave-core/src/test/java/org/apache/rave/portal/repository/impl/JpaUserRepositoryTest.java Tue Jan 10 13:19:27 2012
@@ -28,6 +28,9 @@ import org.apache.rave.portal.repository
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.bcrypt.BCrypt;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.transaction.annotation.Transactional;
@@ -50,9 +53,7 @@ public class JpaUserRepositoryTest {
private static final Long USER_ID = 1L;
private static final String USER_NAME = "canonical";
- //The password value depends on the hash algorithm and salt used, so this
- //may need updating in the future.
- private static final String HASHED_SALTED_PASSWORD = "b97fd0fa25ba8a504309be2b6651ac6dee167ded";
+
private static final Long INVALID_USER = -2L;
private static final String USER_EMAIL = "canonical@example.com";
private static final Long VALID_WIDGET_ID = 1L;
@@ -61,6 +62,9 @@ public class JpaUserRepositoryTest {
private UserRepository repository;
@Autowired
+ private PasswordEncoder passwordEncoder;
+
+ @Autowired
private AuthorityRepository authorityRepository;
@Test
@@ -68,7 +72,8 @@ public class JpaUserRepositoryTest {
User user = repository.get(USER_ID);
assertThat(user, notNullValue());
assertThat(user.getUsername(), is(equalTo(USER_NAME)));
- assertThat(user.getPassword(), is(equalTo(HASHED_SALTED_PASSWORD)));
+ passwordEncoder.encode(USER_NAME);
+ assertThat(true, is(passwordEncoder.matches(USER_NAME, user.getPassword())));
assertThat(user.isAccountNonExpired(), is(true));
assertThat(user.getEmail(), is(equalTo(USER_EMAIL)));
}
@@ -84,7 +89,7 @@ public class JpaUserRepositoryTest {
User user = repository.getByUsername(USER_NAME);
assertThat(user, notNullValue());
assertThat(user.getEntityId(), is(equalTo(USER_ID)));
- assertThat(user.getPassword(), is(equalTo(HASHED_SALTED_PASSWORD)));
+ assertThat(true, is(passwordEncoder.matches(USER_NAME, user.getPassword())));
assertThat(user.isAccountNonExpired(), is(true));
assertThat(user.getEmail(), is(equalTo(USER_EMAIL)));
}
@@ -100,7 +105,7 @@ public class JpaUserRepositoryTest {
User user = repository.getByUserEmail(USER_EMAIL);
assertThat(user, notNullValue());
assertThat(user.getEntityId(), is(equalTo(USER_ID)));
- assertThat(user.getPassword(), is(equalTo(HASHED_SALTED_PASSWORD)));
+ assertThat(true, is(passwordEncoder.matches(USER_NAME, user.getPassword())));
assertThat(user.isAccountNonExpired(), is(true));
assertThat(user.getEmail(), is(equalTo(USER_EMAIL)));
}
Modified: incubator/rave/trunk/rave-components/rave-core/src/test/java/org/apache/rave/portal/service/impl/DefaultNewAccountServiceTest.java
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-components/rave-core/src/test/java/org/apache/rave/portal/service/impl/DefaultNewAccountServiceTest.java?rev=1229527&r1=1229526&r2=1229527&view=diff
==============================================================================
--- incubator/rave/trunk/rave-components/rave-core/src/test/java/org/apache/rave/portal/service/impl/DefaultNewAccountServiceTest.java (original)
+++ incubator/rave/trunk/rave-components/rave-core/src/test/java/org/apache/rave/portal/service/impl/DefaultNewAccountServiceTest.java Tue Jan 10 13:19:27 2012
@@ -37,8 +37,7 @@ import org.junit.Before;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.security.authentication.dao.SaltSource;
-import org.springframework.security.authentication.encoding.PasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.test.util.ReflectionTestUtils;
@@ -55,7 +54,7 @@ public class DefaultNewAccountServiceTes
private RegionService regionService;
private NewAccountService newAccountService;
private AuthorityService authorityService;
- private SaltSource saltSource;
+
private UserDetails userDetails;
private PasswordEncoder passwordEncoder;
@@ -75,7 +74,6 @@ public class DefaultNewAccountServiceTes
pageService = createMock(PageService.class);
pageLayoutService = createMock(PageLayoutService.class);
regionService = createMock(RegionService.class);
- saltSource = createMock(SaltSource.class);
userDetails = createMock(UserDetails.class);
passwordEncoder = createMock(PasswordEncoder.class);
authorityService = createMock(AuthorityService.class);
@@ -116,22 +114,22 @@ public class DefaultNewAccountServiceTes
expectedUser.setLocked(false);
expectedUser.setEnabled(true);
- ReflectionTestUtils.setField(newAccountService, "saltSource", saltSource);
+
ReflectionTestUtils.setField(newAccountService, "passwordEncoder", passwordEncoder);
- expect(saltSource.getSalt(anyObject(UserDetails.class))).andReturn("salt");
- expect(passwordEncoder.encodePassword("valid.password", "salt")).andReturn("valid.password");
+
+ expect(passwordEncoder.encode("valid.password")).andReturn("valid.password");
expect(userService.getUserByUsername(VALID_USER)).andReturn(null);
expect(userService.getUserByEmail(VALID_EMAIL)).andReturn(null);
expect(pageLayoutService.getPageLayoutByCode(VALID_LAYOUT_CODE)).andReturn(validPageLayout);
expect(authorityService.getDefaultAuthorities()).andReturn(validAuthoritySearchResult);
userService.registerNewUser(expectedUser);
expectLastCall();
- replay(saltSource, userDetails, passwordEncoder, userService, pageLayoutService, authorityService);
+ replay(userDetails, passwordEncoder, userService, pageLayoutService, authorityService);
newAccountService.createNewAccount(newUser);
- verify(saltSource, userDetails, passwordEncoder, userService, pageLayoutService);
+ verify(userDetails, passwordEncoder, userService, pageLayoutService);
}
@Test
Modified: incubator/rave/trunk/rave-components/rave-core/src/test/resources/test_data.sql
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-components/rave-core/src/test/resources/test_data.sql?rev=1229527&r1=1229526&r2=1229527&view=diff
==============================================================================
--- incubator/rave/trunk/rave-components/rave-core/src/test/resources/test_data.sql (original)
+++ incubator/rave/trunk/rave-components/rave-core/src/test/resources/test_data.sql Tue Jan 10 13:19:27 2012
@@ -90,68 +90,68 @@ UPDATE RAVE_PORTAL_SEQUENCES SET seq_cou
--- start user data ---
set @user_id_1 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_1, 'canonical', 'b97fd0fa25ba8a504309be2b6651ac6dee167ded', FALSE, FALSE, TRUE,'canonical@example.com', @three_col_id, 'User', 'Canonical', 'Paul');
+values (@user_id_1, 'canonical', '$2a$10$TkEgze5kLy9nRlfd8PT1zunh6P1ND8WPjLojFjAMNgZMu1D9D1n4.', FALSE, FALSE, TRUE,'canonical@example.com', @three_col_id, 'User', 'Canonical', 'Paul');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_2 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_2, 'john.doe', '49e5f5c7c7ae8372af9b3063c493f080d16411f5', FALSE, FALSE, TRUE,'john.doe@example.com', @three_col_id, 'User', 'Doe', 'John');
+values (@user_id_2, 'john.doe', '$2a$10$8Dir7boy3UyVqy6erfj6WuQXUTf.ejTldPSsVIty7.pPT3Krkly26', FALSE, FALSE, TRUE,'john.doe@example.com', @three_col_id, 'User', 'Doe', 'John');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_3 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_3, 'jane.doe', '30dd37e81704bbbd4e235c22990802ae25b187da', FALSE, FALSE, TRUE,'jane.doe@example.net', @three_col_id, 'User', 'Doe', 'Jane');
+values (@user_id_3, 'jane.doe', '$2a$10$YP9cjZEA.gG/ng2YwTBIyucMpuiQ7Fvz0K8rOt14rIBhVwlOrh1tu', FALSE, FALSE, TRUE,'jane.doe@example.net', @three_col_id, 'User', 'Doe', 'Jane');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_4 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_4, 'george.doe', '452802e3f2ff8b7b28785f50dfaaaaf80fc1430f', FALSE, FALSE, TRUE,'george.doe@example.org', @three_col_id, 'User', 'Doe', 'George');
+values (@user_id_4, 'george.doe', '$2a$10$0bcOUkQgAwE/qmdc1NcUveNzx/IYIcOUu4ydyT8DEicTCxGJF/vcW', FALSE, FALSE, TRUE,'george.doe@example.org', @three_col_id, 'User', 'Doe', 'George');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_5 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_5,'mario.rossi', '8aadae9f6e73a479cb8a565bcfa6e8de2b074e89', FALSE, FALSE, TRUE,'mario.rossi@example.com', @three_col_id, 'User', 'Rossi', 'Mario');
+values (@user_id_5,'mario.rossi', '$2a$10$HZ6WHAKQCs8waLooL98l6.fLzwh3D8u/V0.UebIjojawfXJhX1DQ2', FALSE, FALSE, TRUE,'mario.rossi@example.com', @three_col_id, 'User', 'Rossi', 'Mario');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_6 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_6, 'maija.m', '18550acca1b36af6cfa41c82e1caab12073475a1', FALSE, FALSE, TRUE,'maijam@example.com', @three_col_id, 'User', 'M', 'Maija');
+values (@user_id_6, 'maija.m', '$2a$10$3feYdjrW40hkqP4/xupKP.YMgdYmDsZZus./vK4FbBs9QZG2.FuNC', FALSE, FALSE, TRUE,'maijam@example.com', @three_col_id, 'User', 'M', 'Maija');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_7 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_7, 'one.col', '07acee6193e84ba9ae2f7b2bf26538f2d6e4b0a1', FALSE, FALSE, TRUE,'one.col@example.com', @three_col_id, 'User', 'Column', 'One');
+values (@user_id_7, 'one.col', '$2a$10$5VqE2YEqT75pCVjKqjP2b.gNGly9fsTVUOMQR/JEjkHSbqvA3A6IO', FALSE, FALSE, TRUE,'one.col@example.com', @three_col_id, 'User', 'Column', 'One');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_8 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_8, 'twown.col', '24159ea43cbcecb50021cd14a1d41a8079fd9714', FALSE, FALSE, TRUE,'twown.col@example.com', @three_col_id, 'User', 'Column', 'Two');
+values (@user_id_8, 'twown.col', '$2a$10$Inpufv82TRUGYoPuXhYXVuMCKHkhLz44W6FijxW2e9n3T1hgyxcVq', FALSE, FALSE, TRUE,'twown.col@example.com', @three_col_id, 'User', 'Column', 'Two');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_9 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_9, 'three.col', 'c736434430af90772bfd4351bffa3da04cec0403', FALSE, FALSE, TRUE,'three.col@example.com', @three_col_id, 'User', 'Column', 'Three');
+values (@user_id_9, 'three.col', '$2a$10$ImRXq4gFC9teBstOBdQrZeEwBkCAJ0S6.CwI9/9r7fxWKTZ30pgVC', FALSE, FALSE, TRUE,'three.col@example.com', @three_col_id, 'User', 'Column', 'Three');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_10 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_10, 'threewn.col', 'ad67065a5bc25f86036508971a09a58e9c9131e8', FALSE, FALSE, TRUE,'threewn.col@example.com', @three_col_id, 'User', 'Column2', 'Three');
+values (@user_id_10, 'threewn.col', '$2a$10$LLYTJoK6MCBpeDBbmdt7tu1LNt7Eenqe1IpMlfem8xVjzynn.HpxW', FALSE, FALSE, TRUE,'threewn.col@example.com', @three_col_id, 'User', 'Column2', 'Three');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_11 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_11, 'four.col', 'c875ce4416fc56cd34c01bd366a3af5468137155', FALSE, FALSE, TRUE,'four.col@example.com', @three_col_id, 'User', 'Column', 'Four');
+values (@user_id_11, 'four.col', '$2a$10$tZgWcaG2EJPLtseZ339n7uTu3GZn31h3iTr20orwgbbRAI15uoIFK', FALSE, FALSE, TRUE,'four.col@example.com', @three_col_id, 'User', 'Column', 'Four');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_12 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_12, 'fourwn.col', 'eb0b450eff79a33027a41a05051f5609a83667e8', FALSE, FALSE, TRUE,'fourwn.col@example.com', @three_col_id, 'User', 'Column2', 'Four');
+values (@user_id_12, 'fourwn.col', '$2a$10$4kPYhgowurWqXGVDigxOxOVj/M.rqLRwqbn0kT/OD4pISL6pDG/c2', FALSE, FALSE, TRUE,'fourwn.col@example.com', @three_col_id, 'User', 'Column2', 'Four');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
-- duplicate user id!!
set @user_id_13 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_13, 'http://rave2011.myopenid.com/', 'cdf15c184b7d2539b0cfc29ee9f10bad62793d50', FALSE, FALSE, TRUE,'rave2011_openid@example.org', @three_col_id, 'User', 'Openid', 'Rave');
+values (@user_id_13, 'http://rave2011.myopenid.com/', '$2a$10$dML97.rnOn4.iSlEEdju8OCB2NckuKw0Ki5yMVzzMmWQsWMvym3qC', FALSE, FALSE, TRUE,'rave2011_openid@example.org', @three_col_id, 'User', 'Openid', 'Rave');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
--- end user data ---
Modified: incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml?rev=1229527&r1=1229526&r2=1229527&view=diff
==============================================================================
--- incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml (original)
+++ incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml Tue Jan 10 13:19:27 2012
@@ -55,9 +55,7 @@
<security:authentication-manager>
<security:authentication-provider
user-service-ref="userService">
- <security:password-encoder ref="passwordEncoder">
- <security:salt-source ref="saltSource"/>
- </security:password-encoder>
+ <security:password-encoder ref="passwordEncoder" />
</security:authentication-provider>
</security:authentication-manager>
Modified: incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/db/initial_data.sql
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/db/initial_data.sql?rev=1229527&r1=1229526&r2=1229527&view=diff
==============================================================================
--- incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/db/initial_data.sql (original)
+++ incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/db/initial_data.sql Tue Jan 10 13:19:27 2012
@@ -102,68 +102,68 @@ UPDATE RAVE_PORTAL_SEQUENCES SET seq_cou
--- start user data ---
set @user_id_1 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, display_name, family_name, given_name)
-values (@user_id_1, 'canonical', 'b97fd0fa25ba8a504309be2b6651ac6dee167ded', FALSE, FALSE, TRUE,'canonical@example.com', @three_col_id, 'User', 'Canonical User', 'User', 'Canonical');
+values (@user_id_1, 'canonical', '$2a$10$TkEgze5kLy9nRlfd8PT1zunh6P1ND8WPjLojFjAMNgZMu1D9D1n4.', FALSE, FALSE, TRUE,'canonical@example.com', @three_col_id, 'User', 'Canonical User', 'User', 'Canonical');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_2 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, display_name, family_name, given_name)
-values (@user_id_2, 'john.doe', '49e5f5c7c7ae8372af9b3063c493f080d16411f5', FALSE, FALSE, TRUE,'john.doe@example.com', @three_col_id, 'User', 'John Doe', 'Doe', 'John');
+values (@user_id_2, 'john.doe', '$2a$10$8Dir7boy3UyVqy6erfj6WuQXUTf.ejTldPSsVIty7.pPT3Krkly26', FALSE, FALSE, TRUE,'john.doe@example.com', @three_col_id, 'User', 'John Doe', 'Doe', 'John');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_3 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, display_name, family_name, given_name)
-values (@user_id_3, 'jane.doe', '30dd37e81704bbbd4e235c22990802ae25b187da', FALSE, FALSE, TRUE,'jane.doe@example.net', @three_col_id, 'User', 'Jane Doe', 'Doe', 'Jane');
+values (@user_id_3, 'jane.doe', '$2a$10$YP9cjZEA.gG/ng2YwTBIyucMpuiQ7Fvz0K8rOt14rIBhVwlOrh1tu', FALSE, FALSE, TRUE,'jane.doe@example.net', @three_col_id, 'User', 'Jane Doe', 'Doe', 'Jane');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_4 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, display_name, family_name, given_name)
-values (@user_id_4, 'george.doe', '452802e3f2ff8b7b28785f50dfaaaaf80fc1430f', FALSE, FALSE, TRUE,'george.doe@example.org', @three_col_id, 'User', 'George Doe', 'Doe', 'George');
+values (@user_id_4, 'george.doe', '$2a$10$0bcOUkQgAwE/qmdc1NcUveNzx/IYIcOUu4ydyT8DEicTCxGJF/vcW', FALSE, FALSE, TRUE,'george.doe@example.org', @three_col_id, 'User', 'George Doe', 'Doe', 'George');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_5 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, display_name, family_name, given_name)
-values (@user_id_5,'mario.rossi', '8aadae9f6e73a479cb8a565bcfa6e8de2b074e89', FALSE, FALSE, TRUE,'mario.rossi@example.com', @three_col_id, 'User', 'Mario Rossi', 'Rossi', 'Mario');
+values (@user_id_5,'mario.rossi', '$2a$10$HZ6WHAKQCs8waLooL98l6.fLzwh3D8u/V0.UebIjojawfXJhX1DQ2', FALSE, FALSE, TRUE,'mario.rossi@example.com', @three_col_id, 'User', 'Mario Rossi', 'Rossi', 'Mario');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_6 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, display_name, family_name, given_name)
-values (@user_id_6, 'maija.m', '18550acca1b36af6cfa41c82e1caab12073475a1', FALSE, FALSE, TRUE,'maijam@example.com', @three_col_id, 'User', 'Maija M', 'M', 'Maija');
+values (@user_id_6, 'maija.m', '$2a$10$3feYdjrW40hkqP4/xupKP.YMgdYmDsZZus./vK4FbBs9QZG2.FuNC', FALSE, FALSE, TRUE,'maijam@example.com', @three_col_id, 'User', 'Maija M', 'M', 'Maija');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_7 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_7, 'one.col', '07acee6193e84ba9ae2f7b2bf26538f2d6e4b0a1', FALSE, FALSE, TRUE,'one.col@example.com', @three_col_id, 'User', 'Column', 'One');
+values (@user_id_7, 'one.col', '$2a$10$5VqE2YEqT75pCVjKqjP2b.gNGly9fsTVUOMQR/JEjkHSbqvA3A6IO', FALSE, FALSE, TRUE,'one.col@example.com', @three_col_id, 'User', 'Column', 'One');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_8 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_8, 'twown.col', '24159ea43cbcecb50021cd14a1d41a8079fd9714', FALSE, FALSE, TRUE,'twown.col@example.com', @three_col_id, 'User', 'Column', 'Two');
+values (@user_id_8, 'twown.col', '$2a$10$Inpufv82TRUGYoPuXhYXVuMCKHkhLz44W6FijxW2e9n3T1hgyxcVq', FALSE, FALSE, TRUE,'twown.col@example.com', @three_col_id, 'User', 'Column', 'Two');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_9 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_9, 'three.col', 'c736434430af90772bfd4351bffa3da04cec0403', FALSE, FALSE, TRUE,'three.col@example.com', @three_col_id, 'User', 'Column', 'Three');
+values (@user_id_9, 'three.col', '$2a$10$ImRXq4gFC9teBstOBdQrZeEwBkCAJ0S6.CwI9/9r7fxWKTZ30pgVC', FALSE, FALSE, TRUE,'three.col@example.com', @three_col_id, 'User', 'Column', 'Three');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_10 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_10, 'threewn.col', 'ad67065a5bc25f86036508971a09a58e9c9131e8', FALSE, FALSE, TRUE,'threewn.col@example.com', @three_col_id, 'User', 'ColumnWide', 'Three');
+values (@user_id_10, 'threewn.col', '$2a$10$LLYTJoK6MCBpeDBbmdt7tu1LNt7Eenqe1IpMlfem8xVjzynn.HpxW', FALSE, FALSE, TRUE,'threewn.col@example.com', @three_col_id, 'User', 'ColumnWide', 'Three');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_11 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_11, 'four.col', 'c875ce4416fc56cd34c01bd366a3af5468137155', FALSE, FALSE, TRUE,'four.col@example.com', @three_col_id, 'User', 'Column', 'Four');
+values (@user_id_11, 'four.col', '$2a$10$tZgWcaG2EJPLtseZ339n7uTu3GZn31h3iTr20orwgbbRAI15uoIFK', FALSE, FALSE, TRUE,'four.col@example.com', @three_col_id, 'User', 'Column', 'Four');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
set @user_id_12 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_12, 'fourwn.col', 'eb0b450eff79a33027a41a05051f5609a83667e8', FALSE, FALSE, TRUE,'fourwn.col@example.com', @three_col_id, 'User', 'ColumnWide', 'Four');
+values (@user_id_12, 'fourwn.col', '$2a$10$4kPYhgowurWqXGVDigxOxOVj/M.rqLRwqbn0kT/OD4pISL6pDG/c2', FALSE, FALSE, TRUE,'fourwn.col@example.com', @three_col_id, 'User', 'ColumnWide', 'Four');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
-- duplicate user id!!
set @user_id_13 = (SELECT seq_count FROM RAVE_PORTAL_SEQUENCES WHERE seq_name = @user_seq);
insert into person (entity_id, username, password, expired, locked, enabled, email, default_page_layout_id, dtype, family_name, given_name)
-values (@user_id_13, 'http://rave2011.myopenid.com/', 'cdf15c184b7d2539b0cfc29ee9f10bad62793d50', FALSE, FALSE, TRUE,'rave2011_openid@example.org', @three_col_id, 'User', 'OpenId', 'Rave');
+values (@user_id_13, 'http://rave2011.myopenid.com/', '$2a$10$dML97.rnOn4.iSlEEdju8OCB2NckuKw0Ki5yMVzzMmWQsWMvym3qC', FALSE, FALSE, TRUE,'rave2011_openid@example.org', @three_col_id, 'User', 'OpenId', 'Rave');
UPDATE RAVE_PORTAL_SEQUENCES SET seq_count = (seq_count + 1) WHERE seq_name = @user_seq;
--- end user data ---