You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by so...@apache.org on 2017/05/18 16:12:18 UTC
openmeetings git commit: no jira: SecureRandom should be used for
password stub
Repository: openmeetings
Updated Branches:
refs/heads/3.3.x 1e16be797 -> d31224f34
no jira: SecureRandom should be used for password stub
Project: http://git-wip-us.apache.org/repos/asf/openmeetings/repo
Commit: http://git-wip-us.apache.org/repos/asf/openmeetings/commit/d31224f3
Tree: http://git-wip-us.apache.org/repos/asf/openmeetings/tree/d31224f3
Diff: http://git-wip-us.apache.org/repos/asf/openmeetings/diff/d31224f3
Branch: refs/heads/3.3.x
Commit: d31224f345fe25c51f20c2dda4471b669720ae22
Parents: 1e16be7
Author: Maxim Solodovnik <so...@gmail.com>
Authored: Thu May 18 23:12:10 2017 +0700
Committer: Maxim Solodovnik <so...@gmail.com>
Committed: Thu May 18 23:12:10 2017 +0700
----------------------------------------------------------------------
.../apache/openmeetings/service/user/UserManager.java | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/openmeetings/blob/d31224f3/openmeetings-service/src/main/java/org/apache/openmeetings/service/user/UserManager.java
----------------------------------------------------------------------
diff --git a/openmeetings-service/src/main/java/org/apache/openmeetings/service/user/UserManager.java b/openmeetings-service/src/main/java/org/apache/openmeetings/service/user/UserManager.java
index d52cba1..880f370 100644
--- a/openmeetings-service/src/main/java/org/apache/openmeetings/service/user/UserManager.java
+++ b/openmeetings-service/src/main/java/org/apache/openmeetings/service/user/UserManager.java
@@ -18,7 +18,6 @@
*/
package org.apache.openmeetings.service.user;
-import static java.nio.charset.StandardCharsets.UTF_8;
import static org.apache.openmeetings.db.util.UserHelper.getMinLoginLength;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_DEFAULT_GROUP_ID;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_DEFAULT_LANG_KEY;
@@ -27,6 +26,7 @@ import static org.apache.openmeetings.util.OpenmeetingsVariables.webAppRootKey;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
@@ -34,7 +34,6 @@ import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
-import java.util.Random;
import java.util.Set;
import java.util.TimeZone;
import java.util.UUID;
@@ -43,6 +42,7 @@ import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import javax.persistence.TypedQuery;
+import org.apache.commons.codec.binary.Base64;
import org.apache.openmeetings.core.remote.red5.ScopeApplicationAdapter;
import org.apache.openmeetings.db.dao.basic.ConfigurationDao;
import org.apache.openmeetings.db.dao.label.LabelDao;
@@ -310,6 +310,8 @@ public class UserManager implements IUserManager {
}
return userId;
+ } else {
+ return -14L;
}
} catch (Exception e) {
log.error("[registerUser]", e);
@@ -509,12 +511,10 @@ public class UserManager implements IUserManager {
return null; //TODO FIXME need to be checked
}
// generate random password
+ SecureRandom rnd = new SecureRandom();
byte[] rawPass = new byte[25];
- Random rnd = new Random();
- for (int i = 0; i < rawPass.length; ++i) {
- rawPass[i] = (byte) ('!' + rnd.nextInt(93));
- }
- String pass = new String(rawPass, UTF_8);
+ rnd.nextBytes(rawPass);
+ String pass = Base64.encodeBase64String(rawPass);
// check if the user already exists and register new one if it's needed
if (u == null) {
u = userDao.getNewUserInstance(null);