You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by so...@apache.org on 2016/04/11 07:55:17 UTC

svn commit: r1738514 - /openmeetings/application/trunk/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/user/User.java

Author: solomax
Date: Mon Apr 11 05:55:17 2016
New Revision: 1738514

URL: http://svn.apache.org/viewvc?rev=1738514&view=rev
Log:
[OPENMEETINGS-1344] SHA256 with salt and 1000 iterations used to encrypt passwords

Modified:
    openmeetings/application/trunk/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/user/User.java

Modified: openmeetings/application/trunk/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/user/User.java
URL: http://svn.apache.org/viewvc/openmeetings/application/trunk/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/user/User.java?rev=1738514&r1=1738513&r2=1738514&view=diff
==============================================================================
--- openmeetings/application/trunk/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/user/User.java (original)
+++ openmeetings/application/trunk/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/user/User.java Mon Apr 11 05:55:17 2016
@@ -90,8 +90,7 @@ import org.simpleframework.xml.Root;
 			+ "OR lower(c.firstname) LIKE :search "
 			+ "OR lower(c.lastname) LIKE :search )"),
 	@NamedQuery(name = "getAllUsers", query = "SELECT u FROM User u ORDER BY u.id"),
-	@NamedQuery(name = "checkPassword", query = "select count(c) from User c where c.deleted = false AND c.id = :userId " //
-			+ "AND c.password LIKE :password"), //
+	@NamedQuery(name = "getPassword", query = "SELECT u.password FROM User u WHERE u.deleted = false AND u.id = :userId "),
 	@NamedQuery(name = "updatePassword", query = "UPDATE User u SET u.password = :password WHERE u.id = :userId"), //
 	@NamedQuery(name = "getNondeletedUsers", query = "SELECT u FROM User u WHERE u.deleted = false"),
 	@NamedQuery(name = "countNondeletedUsers", query = "SELECT COUNT(u) FROM User u WHERE u.deleted = false"),
@@ -203,7 +202,7 @@ public class User implements IDataProvid
 	private String login;
 
 	@Basic(fetch = FetchType.LAZY)
-	@Column(name = "password")
+	@Column(name = "password", length = 1024)
 	@LoadFetchGroup("backupexport")
 	@Element(name = "pass", data = true, required = false)
 	private String password;
@@ -389,11 +388,11 @@ public class User implements IDataProvid
 		this.login = login;
 	}
 
-	public void updatePassword(ConfigurationDao configDao, String pass) throws NoSuchAlgorithmException, UnsupportedEncodingException {
+	public void updatePassword(ConfigurationDao configDao, String pass) throws NoSuchAlgorithmException {
 		updatePassword(configDao, pass, false);
 	}
 	
-	public void updatePassword(ConfigurationDao configDao, String pass, boolean empty) throws NoSuchAlgorithmException, UnsupportedEncodingException {
+	public void updatePassword(ConfigurationDao configDao, String pass, boolean empty) throws NoSuchAlgorithmException {
 		if (!empty) {
 			if (invalidPassword(pass, configDao)) {
 				throw new RuntimeException("Password of invalid length is provided");