You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by co...@apache.org on 2017/06/23 12:36:41 UTC
[1/2] syncope git commit: SYNCOPE-1117 - Require that a jwsKey is
specified when using the installer + maven archetype
Repository: syncope
Updated Branches:
refs/heads/master bdff1fd61 -> 3b88f6830
SYNCOPE-1117 - Require that a jwsKey is specified when using the installer + maven archetype
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/3b88f683
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/3b88f683
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/3b88f683
Branch: refs/heads/master
Commit: 3b88f683089162b62fe7b190be177e79e35944ea
Parents: 14d5e76
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Jun 23 13:36:08 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Jun 23 13:36:31 2017 +0100
----------------------------------------------------------------------
.../resources/META-INF/maven/archetype-metadata.xml | 1 +
archetype/src/main/resources/meta-pom.xml | 1 +
.../resources/projects/default/archetype.properties | 2 ++
core/spring/src/main/resources/security.properties | 2 +-
.../syncope/installer/processes/ArchetypeProcess.java | 4 +++-
.../apache/syncope/installer/utilities/MavenUtils.java | 13 +++++++++++--
.../installer/validators/ArchetypeValidator.java | 5 +++++
.../src/main/resources/izpack/ProcessPanel.Spec.xml | 3 ++-
.../src/main/resources/izpack/userInputLang.xml_eng | 1 +
.../src/main/resources/izpack/userInputLang.xml_ita | 1 +
installer/src/main/resources/izpack/userInputSpec.xml | 4 ++++
pom.xml | 1 +
12 files changed, 33 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/archetype/src/main/resources/META-INF/maven/archetype-metadata.xml
----------------------------------------------------------------------
diff --git a/archetype/src/main/resources/META-INF/maven/archetype-metadata.xml b/archetype/src/main/resources/META-INF/maven/archetype-metadata.xml
index 7060a73..db55592 100644
--- a/archetype/src/main/resources/META-INF/maven/archetype-metadata.xml
+++ b/archetype/src/main/resources/META-INF/maven/archetype-metadata.xml
@@ -23,6 +23,7 @@ under the License.
<requiredProperties>
<requiredProperty key="secretKey"/>
<requiredProperty key="anonymousKey"/>
+ <requiredProperty key="jwsKey"/>
</requiredProperties>
<modules>
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/archetype/src/main/resources/meta-pom.xml
----------------------------------------------------------------------
diff --git a/archetype/src/main/resources/meta-pom.xml b/archetype/src/main/resources/meta-pom.xml
index 47a2d5e..3ee57a1 100644
--- a/archetype/src/main/resources/meta-pom.xml
+++ b/archetype/src/main/resources/meta-pom.xml
@@ -33,6 +33,7 @@ under the License.
<syncope.version></syncope.version>
<secretKey>${secretKey}</secretKey>
<anonymousKey>${anonymousKey}</anonymousKey>
+ <jwsKey>${jwsKey}</jwsKey>
<rat.skip>true</rat.skip>
<checkstyle.skip>true</checkstyle.skip>
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/archetype/src/test/resources/projects/default/archetype.properties
----------------------------------------------------------------------
diff --git a/archetype/src/test/resources/projects/default/archetype.properties b/archetype/src/test/resources/projects/default/archetype.properties
index e8b1aee..620c4b7 100644
--- a/archetype/src/test/resources/projects/default/archetype.properties
+++ b/archetype/src/test/resources/projects/default/archetype.properties
@@ -19,3 +19,5 @@ artifactId=syncope-test
version=1.0-SNAPSHOT
secretKey=testSecretKey
anonymousKey=testAnonymousKey
+jwsKey=testJwsKey
+adminPassword=testPassword
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/core/spring/src/main/resources/security.properties
----------------------------------------------------------------------
diff --git a/core/spring/src/main/resources/security.properties b/core/spring/src/main/resources/security.properties
index d4f892b..9e59a96 100644
--- a/core/spring/src/main/resources/security.properties
+++ b/core/spring/src/main/resources/security.properties
@@ -23,7 +23,7 @@ anonymousKey=${anonymousKey}
secretKey=${secretKey}
-jwsKey=ZW7pRixehFuNUtnY5Se47IemgMryTzazPPJ9CGX5LTCmsOJpOgHAQEuPQeV9A28f
+jwsKey=${jwsKey}
jwtIssuer=ApacheSyncope
# default for LDAP / RFC2307 SSHA
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/installer/src/main/java/org/apache/syncope/installer/processes/ArchetypeProcess.java
----------------------------------------------------------------------
diff --git a/installer/src/main/java/org/apache/syncope/installer/processes/ArchetypeProcess.java b/installer/src/main/java/org/apache/syncope/installer/processes/ArchetypeProcess.java
index e0e61b0..8115b2b 100644
--- a/installer/src/main/java/org/apache/syncope/installer/processes/ArchetypeProcess.java
+++ b/installer/src/main/java/org/apache/syncope/installer/processes/ArchetypeProcess.java
@@ -56,6 +56,7 @@ public class ArchetypeProcess extends BaseProcess {
final boolean mavenProxyAutoconf = Boolean.valueOf(args[17]);
final boolean swagger = Boolean.valueOf(args[18]);
final boolean activiti = Boolean.valueOf(args[19]);
+ final String jwsKey = args[20];
setSyncopeInstallDir(installPath, artifactId);
@@ -94,7 +95,8 @@ public class ArchetypeProcess extends BaseProcess {
handler.logOutput("See " + InstallLog.getInstance().getFileAbsolutePath() + " for the maven logs", true);
handler.logOutput("########################## IMPORTANT ##########################", true);
mavenUtils.archetypeGenerate(
- syncopeVersion, groupId, artifactId, secretKey, anonymousKey, installPath, customMavenProxySettings);
+ syncopeVersion, groupId, artifactId, secretKey, anonymousKey, jwsKey, syncopeAdminPassword,
+ installPath, customMavenProxySettings);
if (syncopeVersion.contains("SNAPSHOT")) {
final File pomFile = new File(syncopeInstallDir + PROPERTIES.getProperty("pomFile"));
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/installer/src/main/java/org/apache/syncope/installer/utilities/MavenUtils.java
----------------------------------------------------------------------
diff --git a/installer/src/main/java/org/apache/syncope/installer/utilities/MavenUtils.java b/installer/src/main/java/org/apache/syncope/installer/utilities/MavenUtils.java
index fb073f4..cd773a8 100644
--- a/installer/src/main/java/org/apache/syncope/installer/utilities/MavenUtils.java
+++ b/installer/src/main/java/org/apache/syncope/installer/utilities/MavenUtils.java
@@ -64,6 +64,8 @@ public class MavenUtils {
final String artifactId,
final String secretKey,
final String anonymousKey,
+ final String jwsKey,
+ final String adminPassword,
final String installPath,
final File customSettingsFile) {
@@ -74,7 +76,8 @@ public class MavenUtils {
: "archetype:generate"));
request.setBatchMode(true);
final Properties properties =
- archetypeProperties(archetypeVersion, groupId, artifactId, secretKey, anonymousKey);
+ archetypeProperties(archetypeVersion, groupId, artifactId, secretKey,
+ anonymousKey, jwsKey, adminPassword);
request.setProperties(properties);
if (customSettingsFile != null && FileUtils.sizeOf(customSettingsFile) > 0) {
request.setUserSettingsFile(customSettingsFile);
@@ -89,7 +92,9 @@ public class MavenUtils {
final String groupId,
final String artifactId,
final String secretKey,
- final String anonymousKey) {
+ final String anonymousKey,
+ final String jwsKey,
+ final String adminPassword) {
final Properties properties = new Properties();
properties.setProperty("archetypeGroupId", "org.apache.syncope");
@@ -103,6 +108,10 @@ public class MavenUtils {
properties.setProperty("artifactId", artifactId);
properties.setProperty("secretKey", secretKey);
properties.setProperty("anonymousKey", anonymousKey);
+ properties.setProperty("jwsKey", jwsKey);
+
+ //String encodedPassword = PasswordGenerator.password(adminPassword, "SHA-1");
+ //properties.setProperty("adminPassword", encodedPassword);
properties.setProperty("version", "1.0-SNAPSHOT");
return properties;
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/installer/src/main/java/org/apache/syncope/installer/validators/ArchetypeValidator.java
----------------------------------------------------------------------
diff --git a/installer/src/main/java/org/apache/syncope/installer/validators/ArchetypeValidator.java b/installer/src/main/java/org/apache/syncope/installer/validators/ArchetypeValidator.java
index 7f4c0c4..39836d85 100644
--- a/installer/src/main/java/org/apache/syncope/installer/validators/ArchetypeValidator.java
+++ b/installer/src/main/java/org/apache/syncope/installer/validators/ArchetypeValidator.java
@@ -33,6 +33,7 @@ public class ArchetypeValidator extends AbstractValidator {
final String mavenArtifactId = StringUtils.trim(installData.getVariable("mvn.artifactid"));
final String mavenSecretKey = StringUtils.trim(installData.getVariable("mvn.secretkey"));
final String mavenAnonymousKey = StringUtils.trim(installData.getVariable("mvn.anonymous.key"));
+ final String mavenJwsKey = StringUtils.trim(installData.getVariable("mvn.jws.key"));
final String mavenLogDirectory = StringUtils.trim(installData.getVariable("mvn.log.directory"));
final String mavenBundleDirectory = StringUtils.trim(installData.getVariable("mvn.bundle.directory"));
@@ -61,6 +62,10 @@ public class ArchetypeValidator extends AbstractValidator {
error.append("AnonymousKey\n");
verified = false;
}
+ if (StringUtils.isBlank(mavenJwsKey)) {
+ error.append("JwsKey\n");
+ verified = false;
+ }
if (StringUtils.isBlank(mavenLogDirectory)) {
error.append("Logs directory\n");
verified = false;
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/installer/src/main/resources/izpack/ProcessPanel.Spec.xml
----------------------------------------------------------------------
diff --git a/installer/src/main/resources/izpack/ProcessPanel.Spec.xml b/installer/src/main/resources/izpack/ProcessPanel.Spec.xml
index e78149d..9ea24b4 100644
--- a/installer/src/main/resources/izpack/ProcessPanel.Spec.xml
+++ b/installer/src/main/resources/izpack/ProcessPanel.Spec.xml
@@ -46,6 +46,7 @@ under the License.
<arg>$mvn.proxy.autoconf</arg><!-- 17 -->
<arg>$options.swagger</arg><!-- 18 -->
<arg>$options.activiti.workflow.adapter</arg><!-- 19 -->
+ <arg>$mvn.jws.key</arg><!-- 20 -->
</executeclass>
</job>
<job name="Persistence configuration...">
@@ -97,4 +98,4 @@ under the License.
</job>
<onFail previous="true" next="false" />
<onSuccess previous="false" next="true" />
-</izpack:processing>
\ No newline at end of file
+</izpack:processing>
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/installer/src/main/resources/izpack/userInputLang.xml_eng
----------------------------------------------------------------------
diff --git a/installer/src/main/resources/izpack/userInputLang.xml_eng b/installer/src/main/resources/izpack/userInputLang.xml_eng
index 95732fe..59b543d 100644
--- a/installer/src/main/resources/izpack/userInputLang.xml_eng
+++ b/installer/src/main/resources/izpack/userInputLang.xml_eng
@@ -28,6 +28,7 @@ under the License.
<str id="archetype.mvn.artifactid" txt="ArtifactId:"/>
<str id="archetype.mvn.secretkey" txt="SecretKey:"/>
<str id="mvn.anonymous.key.id" txt="Anonymous Key:"/>
+ <str id="mvn.jws.key.id" txt="JWS Key:"/>
<str id="archetype.mvn.conf.directory" txt="Conf directory name:"/>
<str id="archetype.mvn.log.directory" txt="Log directory name:"/>
<str id="archetype.mvn.bundle.directory" txt="Bundle directory name:"/>
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/installer/src/main/resources/izpack/userInputLang.xml_ita
----------------------------------------------------------------------
diff --git a/installer/src/main/resources/izpack/userInputLang.xml_ita b/installer/src/main/resources/izpack/userInputLang.xml_ita
index 92b6d03..f719ffc 100644
--- a/installer/src/main/resources/izpack/userInputLang.xml_ita
+++ b/installer/src/main/resources/izpack/userInputLang.xml_ita
@@ -28,6 +28,7 @@ under the License.
<str id="archetype.mvn.artifactid" txt="ArtifactId:"/>
<str id="archetype.mvn.secretkey" txt="SecretKey:"/>
<str id="mvn.anonymous.key.id" txt="Anonymous Key:"/>
+ <str id="mvn.jws.key.id" txt="JWS Key:"/>
<str id="archetype.mvn.conf.directory" txt="Conf directory name:"/>
<str id="archetype.mvn.log.directory" txt="Log directory name:"/>
<str id="archetype.mvn.bundle.directory" txt="Bundle directory name:"/>
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/installer/src/main/resources/izpack/userInputSpec.xml
----------------------------------------------------------------------
diff --git a/installer/src/main/resources/izpack/userInputSpec.xml b/installer/src/main/resources/izpack/userInputSpec.xml
index b5dde14..7e2a287 100644
--- a/installer/src/main/resources/izpack/userInputSpec.xml
+++ b/installer/src/main/resources/izpack/userInputSpec.xml
@@ -49,6 +49,10 @@ under the License.
<spec id="mvn.anonymous.key.id" size="20" set="123456789asdfghj"/>
</field>
<field type="space"/>
+ <field type="text" variable="mvn.jws.key">
+ <spec id="mvn.jws.key.id" size="20" set="ZW7pRixehFuNUtnY5Se47IemgMryTzazPPJ9CGX5LTCmsOJpOgHAQEuPQeV9A28f"/>
+ </field>
+ <field type="space"/>
<field type="dir" variable="mvn.conf.directory">
<spec id="archetype.mvn.conf.directory" size="20" set="/var/tmp/syncope/conf" mustExist="false" create="true"/>
</field>
http://git-wip-us.apache.org/repos/asf/syncope/blob/3b88f683/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 36c897e..cedae1c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -483,6 +483,7 @@ under the License.
<!-- static keys, only used for build: generated overlays will override during archetype:generate -->
<anonymousKey>anonymousKey</anonymousKey>
<secretKey>1abcdefghilmnopqrstuvz2!</secretKey>
+ <jwsKey>ZW7pRixehFuNUtnY5Se47IemgMryTzazPPJ9CGX5LTCmsOJpOgHAQEuPQeV9A28f</jwsKey>
<targetJdk>1.8</targetJdk>
<rootpom.basedir>${basedir}</rootpom.basedir>
[2/2] syncope git commit: SYNCOPE-1119 - Make it more obvious that
the default admin password needs to be changed
Posted by co...@apache.org.
SYNCOPE-1119 - Make it more obvious that the default admin password needs to be changed
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/14d5e768
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/14d5e768
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/14d5e768
Branch: refs/heads/master
Commit: 14d5e768734e725d8a0ec2738257a94abb682876
Parents: bdff1fd
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Jun 23 12:37:29 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Jun 23 13:36:31 2017 +0100
----------------------------------------------------------------------
.../spring/security/UsernamePasswordAuthenticationProvider.java | 4 ++++
1 file changed, 4 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/14d5e768/core/spring/src/main/java/org/apache/syncope/core/spring/security/UsernamePasswordAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/core/spring/src/main/java/org/apache/syncope/core/spring/security/UsernamePasswordAuthenticationProvider.java b/core/spring/src/main/java/org/apache/syncope/core/spring/security/UsernamePasswordAuthenticationProvider.java
index 28cc970..2a5430e 100644
--- a/core/spring/src/main/java/org/apache/syncope/core/spring/security/UsernamePasswordAuthenticationProvider.java
+++ b/core/spring/src/main/java/org/apache/syncope/core/spring/security/UsernamePasswordAuthenticationProvider.java
@@ -50,6 +50,9 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
@Autowired
protected UserProvisioningManager provisioningManager;
+ @Autowired
+ private DefaultCredentialChecker credentialChecker;
+
@Resource(name = "adminUser")
protected String adminUser;
@@ -99,6 +102,7 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
} else if (adminUser.equals(authentication.getName())) {
username[0] = adminUser;
if (SyncopeConstants.MASTER_DOMAIN.equals(domainKey)) {
+ credentialChecker.checkIsDefaultAdminPasswordInUse();
authenticated = ENCRYPTOR.verify(
authentication.getCredentials().toString(),
CipherAlgorithm.valueOf(adminPasswordAlgorithm),