diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java index 53555f102..3c48c0428 100644 --- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java +++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java @@ -126,7 +126,7 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements } @Override - public Certificate authenticate(String username, byte[] password) { + public Certificate authenticate(String username, char[] password) { assertContainerStarted(); Certificate certificate = this.privilegeHandler.authenticate(username, password); StrolchRealm realm = getContainer().getRealm(certificate); diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java index b69d61fda..43ff60d94 100644 --- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java +++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java @@ -41,7 +41,7 @@ public interface PrivilegeHandler { * * @see li.strolch.privilege.handler.PrivilegeHandler#authenticate(String, byte[]) */ - public Certificate authenticate(String username, byte[] password); + public Certificate authenticate(String username, char[] password); /** * Validate that the certificate is still valid diff --git a/li.strolch.agent/src/test/java/li/strolch/agent/ComponentContainerTest.java b/li.strolch.agent/src/test/java/li/strolch/agent/ComponentContainerTest.java index f799c76aa..71b448444 100644 --- a/li.strolch.agent/src/test/java/li/strolch/agent/ComponentContainerTest.java +++ b/li.strolch.agent/src/test/java/li/strolch/agent/ComponentContainerTest.java @@ -168,7 +168,7 @@ public class ComponentContainerTest { private static Certificate login(StrolchAgent agent) { PrivilegeHandler privilegeHandler = agent.getContainer().getPrivilegeHandler(); - return privilegeHandler.authenticate("test", "test".getBytes()); + return privilegeHandler.authenticate("test", "test".toCharArray()); } public static void testPersistenceContainer(StrolchAgent agent) { diff --git a/li.strolch.agent/src/test/java/li/strolch/policytest/PolicyHandlerTest.java b/li.strolch.agent/src/test/java/li/strolch/policytest/PolicyHandlerTest.java index a6fb49cd9..5a1bb1a8a 100644 --- a/li.strolch.agent/src/test/java/li/strolch/policytest/PolicyHandlerTest.java +++ b/li.strolch.agent/src/test/java/li/strolch/policytest/PolicyHandlerTest.java @@ -44,7 +44,7 @@ public class PolicyHandlerTest { PolicyHandler policyHandler = agent.getContainer().getComponent(PolicyHandler.class); ComponentContainer container = agent.getContainer(); - Certificate certificate = container.getPrivilegeHandler().authenticate("test", "test".getBytes()); + Certificate certificate = container.getPrivilegeHandler().authenticate("test", "test".toCharArray()); try (StrolchTransaction tx = container.getRealm(StrolchConstants.DEFAULT_REALM).openTx(certificate, "test")) { diff --git a/li.strolch.agent/src/test/java/li/strolch/runtime/query/enums/EnumHandlerTest.java b/li.strolch.agent/src/test/java/li/strolch/runtime/query/enums/EnumHandlerTest.java index fca2a2e31..7087a3833 100644 --- a/li.strolch.agent/src/test/java/li/strolch/runtime/query/enums/EnumHandlerTest.java +++ b/li.strolch.agent/src/test/java/li/strolch/runtime/query/enums/EnumHandlerTest.java @@ -43,7 +43,7 @@ public class EnumHandlerTest { ComponentContainer container = agent.getContainer(); - Certificate certificate = container.getPrivilegeHandler().authenticate("test", "test".getBytes()); + Certificate certificate = container.getPrivilegeHandler().authenticate("test", "test".toCharArray()); EnumHandler enumHandler = container.getComponent(EnumHandler.class); StrolchEnum sexEnum = enumHandler.getEnum(certificate, "sex", Locale.ENGLISH); diff --git a/li.strolch.agent/src/test/java/li/strolch/runtime/query/inmemory/FindByLocatorTest.java b/li.strolch.agent/src/test/java/li/strolch/runtime/query/inmemory/FindByLocatorTest.java index 87514cfd4..22f28447f 100644 --- a/li.strolch.agent/src/test/java/li/strolch/runtime/query/inmemory/FindByLocatorTest.java +++ b/li.strolch.agent/src/test/java/li/strolch/runtime/query/inmemory/FindByLocatorTest.java @@ -52,7 +52,7 @@ public class FindByLocatorTest { runtimeMock = new RuntimeMock(PATH_FIND_BY_LOCATOR_RUNTIME, ComponentContainerTest.PATH_TRANSIENT_CONTAINER); runtimeMock.mockRuntime(); runtimeMock.startContainer(); - certificate = runtimeMock.getPrivilegeHandler().authenticate("test", "test".getBytes()); + certificate = runtimeMock.getPrivilegeHandler().authenticate("test", "test".toCharArray()); } diff --git a/li.strolch.agent/src/test/java/li/strolch/runtime/query/inmemory/QueryTest.java b/li.strolch.agent/src/test/java/li/strolch/runtime/query/inmemory/QueryTest.java index 9b2994b1b..d925a2ce2 100644 --- a/li.strolch.agent/src/test/java/li/strolch/runtime/query/inmemory/QueryTest.java +++ b/li.strolch.agent/src/test/java/li/strolch/runtime/query/inmemory/QueryTest.java @@ -52,7 +52,7 @@ public class QueryTest { public static final String PATH_EMPTY_RUNTIME = "target/QueryTest/"; //$NON-NLS-1$ private Certificate login(ComponentContainer container) { - return container.getPrivilegeHandler().authenticate("test", "test".getBytes()); + return container.getPrivilegeHandler().authenticate("test", "test".toCharArray()); } @Test diff --git a/li.strolch.agent/src/test/resources/cachedtest/config/PrivilegeConfig.xml b/li.strolch.agent/src/test/resources/cachedtest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.agent/src/test/resources/cachedtest/config/PrivilegeConfig.xml +++ b/li.strolch.agent/src/test/resources/cachedtest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.agent/src/test/resources/cachedtest/config/PrivilegeUsers.xml b/li.strolch.agent/src/test/resources/cachedtest/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.agent/src/test/resources/cachedtest/config/PrivilegeUsers.xml +++ b/li.strolch.agent/src/test/resources/cachedtest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.agent/src/test/resources/emptytest/config/PrivilegeConfig.xml b/li.strolch.agent/src/test/resources/emptytest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.agent/src/test/resources/emptytest/config/PrivilegeConfig.xml +++ b/li.strolch.agent/src/test/resources/emptytest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.agent/src/test/resources/emptytest/config/PrivilegeUsers.xml b/li.strolch.agent/src/test/resources/emptytest/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.agent/src/test/resources/emptytest/config/PrivilegeUsers.xml +++ b/li.strolch.agent/src/test/resources/emptytest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.agent/src/test/resources/minimaltest/config/PrivilegeConfig.xml b/li.strolch.agent/src/test/resources/minimaltest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.agent/src/test/resources/minimaltest/config/PrivilegeConfig.xml +++ b/li.strolch.agent/src/test/resources/minimaltest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.agent/src/test/resources/minimaltest/config/PrivilegeUsers.xml b/li.strolch.agent/src/test/resources/minimaltest/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.agent/src/test/resources/minimaltest/config/PrivilegeUsers.xml +++ b/li.strolch.agent/src/test/resources/minimaltest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.agent/src/test/resources/realmtest/config/PrivilegeConfig.xml b/li.strolch.agent/src/test/resources/realmtest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.agent/src/test/resources/realmtest/config/PrivilegeConfig.xml +++ b/li.strolch.agent/src/test/resources/realmtest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.agent/src/test/resources/realmtest/config/PrivilegeUsers.xml b/li.strolch.agent/src/test/resources/realmtest/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.agent/src/test/resources/realmtest/config/PrivilegeUsers.xml +++ b/li.strolch.agent/src/test/resources/realmtest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.agent/src/test/resources/transactionaltest/config/PrivilegeConfig.xml b/li.strolch.agent/src/test/resources/transactionaltest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.agent/src/test/resources/transactionaltest/config/PrivilegeConfig.xml +++ b/li.strolch.agent/src/test/resources/transactionaltest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.agent/src/test/resources/transactionaltest/config/PrivilegeUsers.xml b/li.strolch.agent/src/test/resources/transactionaltest/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.agent/src/test/resources/transactionaltest/config/PrivilegeUsers.xml +++ b/li.strolch.agent/src/test/resources/transactionaltest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.agent/src/test/resources/transienttest/config/PrivilegeConfig.xml b/li.strolch.agent/src/test/resources/transienttest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.agent/src/test/resources/transienttest/config/PrivilegeConfig.xml +++ b/li.strolch.agent/src/test/resources/transienttest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.agent/src/test/resources/transienttest/config/PrivilegeUsers.xml b/li.strolch.agent/src/test/resources/transienttest/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.agent/src/test/resources/transienttest/config/PrivilegeUsers.xml +++ b/li.strolch.agent/src/test/resources/transienttest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.agent/src/test/resources/versioningtest/config/PrivilegeConfig.xml b/li.strolch.agent/src/test/resources/versioningtest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.agent/src/test/resources/versioningtest/config/PrivilegeConfig.xml +++ b/li.strolch.agent/src/test/resources/versioningtest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.agent/src/test/resources/versioningtest/config/PrivilegeUsers.xml b/li.strolch.agent/src/test/resources/versioningtest/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.agent/src/test/resources/versioningtest/config/PrivilegeUsers.xml +++ b/li.strolch.agent/src/test/resources/versioningtest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.performancetest/src/runtime_postgresql/config/PrivilegeConfig.xml b/li.strolch.performancetest/src/runtime_postgresql/config/PrivilegeConfig.xml index 9793f19b8..95a8f70d3 100644 --- a/li.strolch.performancetest/src/runtime_postgresql/config/PrivilegeConfig.xml +++ b/li.strolch.performancetest/src/runtime_postgresql/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.performancetest/src/runtime_postgresql/config/PrivilegeUsers.xml b/li.strolch.performancetest/src/runtime_postgresql/config/PrivilegeUsers.xml index ac8f13f5c..af52f213c 100644 --- a/li.strolch.performancetest/src/runtime_postgresql/config/PrivilegeUsers.xml +++ b/li.strolch.performancetest/src/runtime_postgresql/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED @@ -18,7 +18,7 @@ - + Application Administrator ENABLED diff --git a/li.strolch.performancetest/src/runtime_postgresql_versioning/config/PrivilegeConfig.xml b/li.strolch.performancetest/src/runtime_postgresql_versioning/config/PrivilegeConfig.xml index 9793f19b8..95a8f70d3 100644 --- a/li.strolch.performancetest/src/runtime_postgresql_versioning/config/PrivilegeConfig.xml +++ b/li.strolch.performancetest/src/runtime_postgresql_versioning/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.performancetest/src/runtime_postgresql_versioning/config/PrivilegeUsers.xml b/li.strolch.performancetest/src/runtime_postgresql_versioning/config/PrivilegeUsers.xml index ac8f13f5c..af52f213c 100644 --- a/li.strolch.performancetest/src/runtime_postgresql_versioning/config/PrivilegeUsers.xml +++ b/li.strolch.performancetest/src/runtime_postgresql_versioning/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED @@ -18,7 +18,7 @@ - + Application Administrator ENABLED diff --git a/li.strolch.performancetest/src/runtime_transient/config/PrivilegeConfig.xml b/li.strolch.performancetest/src/runtime_transient/config/PrivilegeConfig.xml index 9793f19b8..95a8f70d3 100644 --- a/li.strolch.performancetest/src/runtime_transient/config/PrivilegeConfig.xml +++ b/li.strolch.performancetest/src/runtime_transient/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.performancetest/src/runtime_transient/config/PrivilegeUsers.xml b/li.strolch.performancetest/src/runtime_transient/config/PrivilegeUsers.xml index 61cb01b8f..74710fed4 100644 --- a/li.strolch.performancetest/src/runtime_transient/config/PrivilegeUsers.xml +++ b/li.strolch.performancetest/src/runtime_transient/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.performancetest/src/runtime_xml/config/PrivilegeConfig.xml b/li.strolch.performancetest/src/runtime_xml/config/PrivilegeConfig.xml index 9793f19b8..95a8f70d3 100644 --- a/li.strolch.performancetest/src/runtime_xml/config/PrivilegeConfig.xml +++ b/li.strolch.performancetest/src/runtime_xml/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.performancetest/src/runtime_xml/config/PrivilegeUsers.xml b/li.strolch.performancetest/src/runtime_xml/config/PrivilegeUsers.xml index ac8f13f5c..af52f213c 100644 --- a/li.strolch.performancetest/src/runtime_xml/config/PrivilegeUsers.xml +++ b/li.strolch.performancetest/src/runtime_xml/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED @@ -18,7 +18,7 @@ - + Application Administrator ENABLED diff --git a/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTest.java b/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTest.java index 7f9c1bfa5..42b3ed6ff 100644 --- a/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTest.java +++ b/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTest.java @@ -18,7 +18,7 @@ public abstract class PerformanceTest { @Test public void runPerformanceTestCached() { - Certificate certificate = runtime().getPrivilegeHandler().authenticate("cached", "test".getBytes()); + Certificate certificate = runtime().getPrivilegeHandler().authenticate("cached", "test".toCharArray()); ServiceHandler svcHandler = runtime().getServiceHandler(); svcHandler.doService(certificate, new PerformanceTestService(), argInstance()); @@ -27,7 +27,7 @@ public abstract class PerformanceTest { @Test public void runPerformanceTestTransactional() { - Certificate certificate = runtime().getPrivilegeHandler().authenticate("transactional", "test".getBytes()); + Certificate certificate = runtime().getPrivilegeHandler().authenticate("transactional", "test".toCharArray()); ServiceHandler svcHandler = runtime().getServiceHandler(); svcHandler.doService(certificate, new PerformanceTestService(), argInstance()); diff --git a/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTransientTest.java b/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTransientTest.java index 9dc24eea1..90e8f3ccc 100644 --- a/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTransientTest.java +++ b/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTransientTest.java @@ -50,7 +50,7 @@ public class PerformanceTransientTest { @Test public void runPerformanceTest() { - Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("transient", "test".getBytes()); + Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("transient", "test".toCharArray()); ServiceHandler svcHandler = runtimeMock.getServiceHandler(); svcHandler.doService(certificate, new PerformanceTestService(), new PerformanceTestArgument()); diff --git a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ActivityQueryTest.java b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ActivityQueryTest.java index 458475250..fc58b273c 100644 --- a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ActivityQueryTest.java +++ b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ActivityQueryTest.java @@ -59,7 +59,7 @@ public class ActivityQueryTest extends QueryTest { new File(rootPath, DB_STORE_PATH_DIR).mkdir(); runtimeMock.startContainer(); - Certificate cert = runtimeMock.getPrivilegeHandler().authenticate("test", "test".getBytes()); + Certificate cert = runtimeMock.getPrivilegeHandler().authenticate("test", "test".toCharArray()); StrolchRealm realm = runtimeMock.getRealm(StrolchConstants.DEFAULT_REALM); try (StrolchTransaction tx = realm.openTx(cert, "test")) { ActivityMap activityMap = tx.getActivityMap(); diff --git a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/AuditQueryTest.java b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/AuditQueryTest.java index 4cb0e019d..b5d48c8f7 100644 --- a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/AuditQueryTest.java +++ b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/AuditQueryTest.java @@ -100,7 +100,7 @@ public class AuditQueryTest { cal.set(2000, 11, 1); future = cal.getTime(); - Certificate cert = runtimeMock.getPrivilegeHandler().authenticate("test", "test".getBytes()); + Certificate cert = runtimeMock.getPrivilegeHandler().authenticate("test", "test".toCharArray()); StrolchRealm realm = runtimeMock.getRealm(StrolchConstants.DEFAULT_REALM); int i = 0; try (StrolchTransaction tx = realm.openTx(cert, "test")) { diff --git a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ObserverUpdateTest.java b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ObserverUpdateTest.java index b1fcd222b..22cc6fa01 100644 --- a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ObserverUpdateTest.java +++ b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ObserverUpdateTest.java @@ -120,7 +120,7 @@ public class ObserverUpdateTest { realm.getObserverHandler().registerObserver(Tags.RESOURCE, observer); PrivilegeHandler privilegeHandler = runtimeMock.getAgent().getContainer().getPrivilegeHandler(); - Certificate certificate = privilegeHandler.authenticate("test", "test".getBytes()); //$NON-NLS-1$ //$NON-NLS-2$ + Certificate certificate = privilegeHandler.authenticate("test", "test".toCharArray()); //$NON-NLS-1$ //$NON-NLS-2$ // create order Order newOrder = createOrder("MyTestOrder", "Test Name", "TestType", new Date(), State.CREATED); //$NON-NLS-1$//$NON-NLS-2$ //$NON-NLS-3$ diff --git a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/OrderQueryTest.java b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/OrderQueryTest.java index de1fc75b5..b24fb5daf 100644 --- a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/OrderQueryTest.java +++ b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/OrderQueryTest.java @@ -78,7 +78,7 @@ public class OrderQueryTest extends QueryTest { cal.set(2000, 11, 1); future = cal.getTime(); - Certificate cert = runtimeMock.getPrivilegeHandler().authenticate("test", "test".getBytes()); + Certificate cert = runtimeMock.getPrivilegeHandler().authenticate("test", "test".toCharArray()); StrolchRealm realm = runtimeMock.getRealm(StrolchConstants.DEFAULT_REALM); try (StrolchTransaction tx = realm.openTx(cert, "test")) { OrderMap orderMap = tx.getOrderMap(); diff --git a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/RealmTest.java b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/RealmTest.java index 17cdfc6aa..255907c80 100644 --- a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/RealmTest.java +++ b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/RealmTest.java @@ -82,7 +82,7 @@ public class RealmTest extends AbstractModelTest { String type = "Bla"; //$NON-NLS-1$ PrivilegeHandler privilegeHandler = runtimeMock.getAgent().getContainer().getPrivilegeHandler(); - Certificate certificate = privilegeHandler.authenticate(TEST, TEST.getBytes()); + Certificate certificate = privilegeHandler.authenticate(TEST, TEST.toCharArray()); { StrolchRealm firstRealm = runtimeMock.getRealm(FIRST); diff --git a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ResourceDaoTest.java b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ResourceDaoTest.java index c284bd437..257291f9d 100644 --- a/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ResourceDaoTest.java +++ b/li.strolch.persistence.postgresql/src/test/java/li/strolch/persistence/postgresql/dao/test/ResourceDaoTest.java @@ -55,7 +55,7 @@ public class ResourceDaoTest extends QueryTest { new File(rootPath, DB_STORE_PATH_DIR).mkdir(); runtimeMock.startContainer(); - Certificate cert = runtimeMock.getPrivilegeHandler().authenticate("test", "test".getBytes()); + Certificate cert = runtimeMock.getPrivilegeHandler().authenticate("test", "test".toCharArray()); StrolchRealm realm = runtimeMock.getRealm(StrolchConstants.DEFAULT_REALM); try (StrolchTransaction tx = realm.openTx(cert, "test")) { diff --git a/li.strolch.persistence.postgresql/src/test/resources/cachedruntime/config/PrivilegeConfig.xml b/li.strolch.persistence.postgresql/src/test/resources/cachedruntime/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.persistence.postgresql/src/test/resources/cachedruntime/config/PrivilegeConfig.xml +++ b/li.strolch.persistence.postgresql/src/test/resources/cachedruntime/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.persistence.postgresql/src/test/resources/cachedruntime/config/PrivilegeUsers.xml b/li.strolch.persistence.postgresql/src/test/resources/cachedruntime/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.persistence.postgresql/src/test/resources/cachedruntime/config/PrivilegeUsers.xml +++ b/li.strolch.persistence.postgresql/src/test/resources/cachedruntime/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.persistence.postgresql/src/test/resources/cachedruntimeVersioning/config/PrivilegeConfig.xml b/li.strolch.persistence.postgresql/src/test/resources/cachedruntimeVersioning/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.persistence.postgresql/src/test/resources/cachedruntimeVersioning/config/PrivilegeConfig.xml +++ b/li.strolch.persistence.postgresql/src/test/resources/cachedruntimeVersioning/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.persistence.postgresql/src/test/resources/cachedruntimeVersioning/config/PrivilegeUsers.xml b/li.strolch.persistence.postgresql/src/test/resources/cachedruntimeVersioning/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.persistence.postgresql/src/test/resources/cachedruntimeVersioning/config/PrivilegeUsers.xml +++ b/li.strolch.persistence.postgresql/src/test/resources/cachedruntimeVersioning/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.persistence.postgresql/src/test/resources/realmtest/config/PrivilegeConfig.xml b/li.strolch.persistence.postgresql/src/test/resources/realmtest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.persistence.postgresql/src/test/resources/realmtest/config/PrivilegeConfig.xml +++ b/li.strolch.persistence.postgresql/src/test/resources/realmtest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.persistence.postgresql/src/test/resources/realmtest/config/PrivilegeUsers.xml b/li.strolch.persistence.postgresql/src/test/resources/realmtest/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.persistence.postgresql/src/test/resources/realmtest/config/PrivilegeUsers.xml +++ b/li.strolch.persistence.postgresql/src/test/resources/realmtest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.persistence.postgresql/src/test/resources/transactionalruntime/config/PrivilegeConfig.xml b/li.strolch.persistence.postgresql/src/test/resources/transactionalruntime/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.persistence.postgresql/src/test/resources/transactionalruntime/config/PrivilegeConfig.xml +++ b/li.strolch.persistence.postgresql/src/test/resources/transactionalruntime/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.persistence.postgresql/src/test/resources/transactionalruntime/config/PrivilegeUsers.xml b/li.strolch.persistence.postgresql/src/test/resources/transactionalruntime/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.persistence.postgresql/src/test/resources/transactionalruntime/config/PrivilegeUsers.xml +++ b/li.strolch.persistence.postgresql/src/test/resources/transactionalruntime/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.persistence.postgresql/src/test/resources/transactionalruntimeVersioning/config/PrivilegeConfig.xml b/li.strolch.persistence.postgresql/src/test/resources/transactionalruntimeVersioning/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.persistence.postgresql/src/test/resources/transactionalruntimeVersioning/config/PrivilegeConfig.xml +++ b/li.strolch.persistence.postgresql/src/test/resources/transactionalruntimeVersioning/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.persistence.postgresql/src/test/resources/transactionalruntimeVersioning/config/PrivilegeUsers.xml b/li.strolch.persistence.postgresql/src/test/resources/transactionalruntimeVersioning/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.persistence.postgresql/src/test/resources/transactionalruntimeVersioning/config/PrivilegeUsers.xml +++ b/li.strolch.persistence.postgresql/src/test/resources/transactionalruntimeVersioning/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.persistence.xml/src/test/resources/cachedruntime/config/PrivilegeConfig.xml b/li.strolch.persistence.xml/src/test/resources/cachedruntime/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.persistence.xml/src/test/resources/cachedruntime/config/PrivilegeConfig.xml +++ b/li.strolch.persistence.xml/src/test/resources/cachedruntime/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.persistence.xml/src/test/resources/cachedruntime/config/PrivilegeUsers.xml b/li.strolch.persistence.xml/src/test/resources/cachedruntime/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.persistence.xml/src/test/resources/cachedruntime/config/PrivilegeUsers.xml +++ b/li.strolch.persistence.xml/src/test/resources/cachedruntime/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.persistence.xml/src/test/resources/existingDbRuntime/config/PrivilegeConfig.xml b/li.strolch.persistence.xml/src/test/resources/existingDbRuntime/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.persistence.xml/src/test/resources/existingDbRuntime/config/PrivilegeConfig.xml +++ b/li.strolch.persistence.xml/src/test/resources/existingDbRuntime/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.persistence.xml/src/test/resources/existingDbRuntime/config/PrivilegeUsers.xml b/li.strolch.persistence.xml/src/test/resources/existingDbRuntime/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.persistence.xml/src/test/resources/existingDbRuntime/config/PrivilegeUsers.xml +++ b/li.strolch.persistence.xml/src/test/resources/existingDbRuntime/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.persistence.xml/src/test/resources/transactionalruntime/config/PrivilegeConfig.xml b/li.strolch.persistence.xml/src/test/resources/transactionalruntime/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.persistence.xml/src/test/resources/transactionalruntime/config/PrivilegeConfig.xml +++ b/li.strolch.persistence.xml/src/test/resources/transactionalruntime/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.persistence.xml/src/test/resources/transactionalruntime/config/PrivilegeUsers.xml b/li.strolch.persistence.xml/src/test/resources/transactionalruntime/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.persistence.xml/src/test/resources/transactionalruntime/config/PrivilegeUsers.xml +++ b/li.strolch.persistence.xml/src/test/resources/transactionalruntime/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.planningwebapp/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml b/li.strolch.planningwebapp/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml index 9afe128f7..18c2cffcf 100644 --- a/li.strolch.planningwebapp/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml +++ b/li.strolch.planningwebapp/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.planningwebapp/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml b/li.strolch.planningwebapp/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml index 83057842c..79a3aff5e 100644 --- a/li.strolch.planningwebapp/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml +++ b/li.strolch.planningwebapp/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED @@ -20,7 +20,7 @@ - + Bob Bernstein ENABLED @@ -30,7 +30,7 @@ - + Jill Johnson ENABLED @@ -40,7 +40,7 @@ - + System User Administrator SYSTEM diff --git a/li.strolch.privilege/config/PrivilegeConfig.xml b/li.strolch.privilege/config/PrivilegeConfig.xml index 99865acd8..f38f260d8 100644 --- a/li.strolch.privilege/config/PrivilegeConfig.xml +++ b/li.strolch.privilege/config/PrivilegeConfig.xml @@ -15,7 +15,13 @@ - + + + + + + + diff --git a/li.strolch.privilege/config/PrivilegeConfigMerge.xml b/li.strolch.privilege/config/PrivilegeConfigMerge.xml index 43b07c272..2cc02f506 100644 --- a/li.strolch.privilege/config/PrivilegeConfigMerge.xml +++ b/li.strolch.privilege/config/PrivilegeConfigMerge.xml @@ -11,7 +11,13 @@ - + + + + + + + diff --git a/li.strolch.privilege/config/PrivilegeUsers.xml b/li.strolch.privilege/config/PrivilegeUsers.xml index 46b0cdf42..13ca8d1f2 100644 --- a/li.strolch.privilege/config/PrivilegeUsers.xml +++ b/li.strolch.privilege/config/PrivilegeUsers.xml @@ -1,7 +1,7 @@ - + Application Administrator ENABLED diff --git a/li.strolch.privilege/config/PrivilegeUsersMerge.xml b/li.strolch.privilege/config/PrivilegeUsersMerge.xml index 978464173..7465d8c85 100644 --- a/li.strolch.privilege/config/PrivilegeUsersMerge.xml +++ b/li.strolch.privilege/config/PrivilegeUsersMerge.xml @@ -1,7 +1,7 @@ - + System User Administrator ENABLED @@ -12,7 +12,7 @@ - + System User Administrator ENABLED diff --git a/li.strolch.privilege/src/main/java/Temp.java b/li.strolch.privilege/src/main/java/Temp.java new file mode 100644 index 000000000..b1c924302 --- /dev/null +++ b/li.strolch.privilege/src/main/java/Temp.java @@ -0,0 +1,80 @@ +import java.io.UnsupportedEncodingException; +import java.security.SecureRandom; +import java.text.MessageFormat; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; + +public class Temp { + + public static void main(String[] args) throws Exception { + + for (int i = 0; i < 10; i++) { + + long start = System.nanoTime(); + + byte[] bytes = new byte[16]; + SecureRandom secureRandom = new SecureRandom(); + secureRandom.nextBytes(bytes); + String token = getHexString(bytes); + System.out.println(token); + + String algorithm = "PBKDF2WithHmacSHA512"; + char[] password = "admin".toCharArray(); + byte[] salt = "admin".getBytes(); + int iterations = 10000; + int keyLength = 256; + + SecretKeyFactory skf = SecretKeyFactory.getInstance(algorithm); + PBEKeySpec spec = new PBEKeySpec(password, salt, iterations, keyLength); + SecretKey key = skf.generateSecret(spec); + byte[] res = key.getEncoded(); + + System.out.println("Password hash: " + getHexString(res)); + System.out.println("Salt: " + getHexString(salt)); + + long end = System.nanoTime(); + System.out.println("Took: " + formatNanoDuration(end - start)); + } + } + + public static String getHexString(byte[] raw) throws RuntimeException { + try { + byte[] hex = new byte[2 * raw.length]; + int index = 0; + + for (byte b : raw) { + int v = b & 0xFF; + hex[index++] = HEX_CHAR_TABLE[v >>> 4]; + hex[index++] = HEX_CHAR_TABLE[v & 0xF]; + } + + return new String(hex, "ASCII"); //$NON-NLS-1$ + + } catch (UnsupportedEncodingException e) { + String msg = MessageFormat.format("Something went wrong while converting to HEX: {0}", e.getMessage()); //$NON-NLS-1$ + throw new RuntimeException(msg, e); + } + } + + public static String formatNanoDuration(final long nanos) { + if (nanos >= 3600000000000L) { + return String.format("%.0fh", (nanos / 3600000000000.0D)); //$NON-NLS-1$ + } else if (nanos >= 60000000000L) { + return String.format("%.0fm", (nanos / 60000000000.0D)); //$NON-NLS-1$ + } else if (nanos >= 1000000000L) { + return String.format("%.0fs", (nanos / 1000000000.0D)); //$NON-NLS-1$ + } else if (nanos >= 1000000L) { + return String.format("%.0fms", (nanos / 1000000.0D)); //$NON-NLS-1$ + } else if (nanos >= 1000L) { + return String.format("%.0fus", (nanos / 1000.0D)); //$NON-NLS-1$ + } else { + return nanos + "ns"; //$NON-NLS-1$ + } + } + + private static final byte[] HEX_CHAR_TABLE = { (byte) '0', (byte) '1', (byte) '2', (byte) '3', (byte) '4', + (byte) '5', (byte) '6', (byte) '7', (byte) '8', (byte) '9', (byte) 'a', (byte) 'b', (byte) 'c', (byte) 'd', + (byte) 'e', (byte) 'f' }; +} diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultEncryptionHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultEncryptionHandler.java index 5bab8c615..eae6ac714 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultEncryptionHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultEncryptionHandler.java @@ -15,13 +15,17 @@ */ package li.strolch.privilege.handler; -import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; +import java.security.spec.InvalidKeySpecException; import java.text.MessageFormat; import java.util.Map; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -37,7 +41,7 @@ import li.strolch.utils.helper.StringHelper; * * Required parameters: *
    - *
  • {@link XmlConstants#XML_PARAM_HASH_ALGORITHM}
    • + *
  • {@link XmlConstants#XML_PARAM_HASH_ALGORITHM}
    • *
* * @author Robert von Burg @@ -55,40 +59,47 @@ public class DefaultEncryptionHandler implements EncryptionHandler { private SecureRandom secureRandom; /** - * The configured hash algorithm for this instance + * The configured algorithm for this instance */ - private String hashAlgorithm; + private String algorithm; - @Override - public String convertToHash(String string) { - return convertToHash(string.getBytes()); - } + /** + * The number of iterations to perform the hashing with + */ + private int iterations; - @Override - public String convertToHash(byte[] bytes) { - try { - - return StringHelper.hashAsHex(this.hashAlgorithm, bytes); - - } catch (RuntimeException e) { - if (e.getCause() == null) - throw e; - if (e.getCause().getClass().equals(NoSuchAlgorithmException.class)) - throw new PrivilegeException( - MessageFormat.format("Algorithm {0} was not found!", this.hashAlgorithm), e.getCause()); //$NON-NLS-1$ - if (e.getCause().getClass().equals(UnsupportedEncodingException.class)) - throw new PrivilegeException("Charset ASCII is not supported!", e.getCause()); //$NON-NLS-1$ - - throw e; - } - } + /** + * The length of the secure key for the hashing + */ + private int keyLength; @Override public String nextToken() { byte[] bytes = new byte[16]; this.secureRandom.nextBytes(bytes); - String randomString = new String(bytes); - return randomString; + return StringHelper.getHexString(bytes); + } + + @Override + public byte[] nextSalt() { + byte[] bytes = new byte[32]; + this.secureRandom.nextBytes(bytes); + return bytes; + } + + @Override + public byte[] hashPassword(char[] password, byte[] salt) { + + try { + SecretKeyFactory skf = SecretKeyFactory.getInstance(this.algorithm); + PBEKeySpec spec = new PBEKeySpec(password, salt, this.iterations, this.keyLength); + SecretKey key = skf.generateSecret(spec); + byte[] res = key.getEncoded(); + return res; + + } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { + throw new IllegalStateException(e); + } } @Override @@ -97,18 +108,14 @@ public class DefaultEncryptionHandler implements EncryptionHandler { this.secureRandom = new SecureRandom(); // get hash algorithm parameters - this.hashAlgorithm = parameterMap.get(XmlConstants.XML_PARAM_HASH_ALGORITHM); - if (this.hashAlgorithm == null || this.hashAlgorithm.isEmpty()) { - String msg = "[{0}] Defined parameter {1} is invalid"; //$NON-NLS-1$ - msg = MessageFormat.format(msg, EncryptionHandler.class.getName(), XmlConstants.XML_PARAM_HASH_ALGORITHM); - throw new PrivilegeException(msg); - } + this.algorithm = parameterMap.getOrDefault(XmlConstants.XML_PARAM_HASH_ALGORITHM, "PBKDF2WithHmacSHA512"); + this.iterations = Integer.parseInt(parameterMap.getOrDefault(XmlConstants.XML_PARAM_HASH_ITERATIONS, "200000")); + this.keyLength = Integer.parseInt(parameterMap.getOrDefault(XmlConstants.XML_PARAM_HASH_KEY_LENGTH, "256")); // test hash algorithm try { - convertToHash("test"); //$NON-NLS-1$ - DefaultEncryptionHandler.logger.info(MessageFormat - .format("Using hashing algorithm {0}", this.hashAlgorithm)); //$NON-NLS-1$ + hashPassword("test".toCharArray(), "test".getBytes()); //$NON-NLS-1$ + DefaultEncryptionHandler.logger.info(MessageFormat.format("Using hashing algorithm {0}", this.algorithm)); //$NON-NLS-1$ } catch (Exception e) { String msg = "[{0}] Defined parameter {1} is invalid because of underlying exception: {2}"; //$NON-NLS-1$ msg = MessageFormat.format(msg, EncryptionHandler.class.getName(), XmlConstants.XML_PARAM_HASH_ALGORITHM, diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java index 9903e437f..f4b01f58c 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java @@ -404,7 +404,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { } @Override - public UserRep addUser(Certificate certificate, UserRep userRepParam, byte[] password) { + public UserRep addUser(Certificate certificate, UserRep userRepParam, char[] password) { try { // validate user actually has this type of privilege @@ -433,18 +433,22 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { throw new PrivilegeException(MessageFormat.format(msg, userRep.getUsername())); } - String passwordHash = null; + byte[] passwordHash = null; + byte[] salt = null; if (password != null) { // validate password meets basic requirements validatePassword(password); + // get new salt for user + salt = this.encryptionHandler.nextSalt(); + // hash password - passwordHash = this.encryptionHandler.convertToHash(password); + passwordHash = this.encryptionHandler.hashPassword(password, salt); } // create new user - User newUser = createUser(userRep, passwordHash); + User newUser = createUser(userRep, passwordHash, salt); // detect privilege conflicts assertNoPrivilegeConflict(newUser); @@ -465,7 +469,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { } @Override - public UserRep replaceUser(Certificate certificate, UserRep userRep, byte[] password) { + public UserRep replaceUser(Certificate certificate, UserRep userRep, char[] password) { try { // validate user actually has this type of privilege @@ -491,17 +495,21 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { throw new PrivilegeException(MessageFormat.format(msg, userRep.getUsername())); } - String passwordHash = null; + byte[] passwordHash = null; + byte[] salt = null; if (password != null) { // validate password meets basic requirements validatePassword(password); + // get new salt for user + salt = this.encryptionHandler.nextSalt(); + // hash password - passwordHash = this.encryptionHandler.convertToHash(password); + passwordHash = this.encryptionHandler.hashPassword(password, salt); } - User newUser = createUser(userRep, passwordHash); + User newUser = createUser(userRep, passwordHash, salt); // detect privilege conflicts assertNoPrivilegeConflict(newUser); @@ -532,8 +540,8 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { } } - private User createUser(UserRep userRep, String passwordHash) { - User user = new User(userRep.getUserId(), userRep.getUsername(), passwordHash, userRep.getFirstname(), + private User createUser(UserRep userRep, byte[] passwordHash, byte[] salt) { + User user = new User(userRep.getUserId(), userRep.getUsername(), passwordHash, salt, userRep.getFirstname(), userRep.getLastname(), userRep.getUserState(), userRep.getRoles(), userRep.getLocale(), userRep.getPropertyMap()); return user; @@ -563,7 +571,8 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { String userId = existingUser.getUserId(); String username = existingUser.getUsername(); - String password = existingUser.getPassword(); + byte[] password = existingUser.getPassword(); + byte[] salt = existingUser.getSalt(); String firstname = existingUser.getFirstname(); String lastname = existingUser.getLastname(); UserState userState = existingUser.getUserState(); @@ -582,7 +591,8 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { propertyMap = userRep.getPropertyMap(); // create new user - User newUser = new User(userId, username, password, firstname, lastname, userState, roles, locale, propertyMap); + User newUser = new User(userId, username, password, salt, firstname, lastname, userState, roles, locale, + propertyMap); // detect privilege conflicts assertNoPrivilegeConflict(newUser); @@ -657,8 +667,8 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { newRoles.add(roleName); User newUser = new User(existingUser.getUserId(), existingUser.getUsername(), existingUser.getPassword(), - existingUser.getFirstname(), existingUser.getLastname(), existingUser.getUserState(), newRoles, - existingUser.getLocale(), existingUser.getProperties()); + existingUser.getSalt(), existingUser.getFirstname(), existingUser.getLastname(), + existingUser.getUserState(), newRoles, existingUser.getLocale(), existingUser.getProperties()); // detect privilege conflicts assertNoPrivilegeConflict(newUser); @@ -699,8 +709,8 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { Set newRoles = new HashSet<>(currentRoles); newRoles.remove(roleName); User newUser = new User(existingUser.getUserId(), existingUser.getUsername(), existingUser.getPassword(), - existingUser.getFirstname(), existingUser.getLastname(), existingUser.getUserState(), newRoles, - existingUser.getLocale(), existingUser.getProperties()); + existingUser.getSalt(), existingUser.getFirstname(), existingUser.getLastname(), + existingUser.getUserState(), newRoles, existingUser.getLocale(), existingUser.getProperties()); // delegate user replacement to persistence handler this.persistenceHandler.replaceUser(newUser); @@ -725,8 +735,8 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { // create new user User newUser = new User(existingUser.getUserId(), existingUser.getUsername(), existingUser.getPassword(), - existingUser.getFirstname(), existingUser.getLastname(), existingUser.getUserState(), - existingUser.getRoles(), locale, existingUser.getProperties()); + existingUser.getSalt(), existingUser.getFirstname(), existingUser.getLastname(), + existingUser.getUserState(), existingUser.getRoles(), locale, existingUser.getProperties()); // if the user is not setting their own locale, then make sure this user may set this user's locale if (!certificate.getUsername().equals(username)) { @@ -747,7 +757,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { } @Override - public void setUserPassword(Certificate certificate, String username, byte[] password) { + public void setUserPassword(Certificate certificate, String username, char[] password) { try { // validate user actually has this type of privilege @@ -760,18 +770,22 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { throw new PrivilegeException(MessageFormat.format("User {0} does not exist!", username)); //$NON-NLS-1$ } - String passwordHash = null; + byte[] passwordHash = null; + byte[] salt = null; if (password != null) { // validate password meets basic requirements validatePassword(password); + // get new salt for user + salt = this.encryptionHandler.nextSalt(); + // hash password - passwordHash = this.encryptionHandler.convertToHash(password); + passwordHash = this.encryptionHandler.hashPassword(password, salt); } // create new user - User newUser = new User(existingUser.getUserId(), existingUser.getUsername(), passwordHash, + User newUser = new User(existingUser.getUserId(), existingUser.getUsername(), passwordHash, salt, existingUser.getFirstname(), existingUser.getLastname(), existingUser.getUserState(), existingUser.getRoles(), existingUser.getLocale(), existingUser.getProperties()); @@ -815,8 +829,8 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { // create new user User newUser = new User(existingUser.getUserId(), existingUser.getUsername(), existingUser.getPassword(), - existingUser.getFirstname(), existingUser.getLastname(), state, existingUser.getRoles(), - existingUser.getLocale(), existingUser.getProperties()); + existingUser.getSalt(), existingUser.getFirstname(), existingUser.getLastname(), state, + existingUser.getRoles(), existingUser.getLocale(), existingUser.getProperties()); // validate that this user may modify this user's state prvCtx.validateAction(new SimpleRestrictable(PRIVILEGE_SET_USER_STATE, new Tuple(existingUser, newUser))); @@ -1059,7 +1073,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { // validate the response UserChallenge userChallenge = this.userChallengeHandler.validateResponse(user, challenge); - String authToken = this.encryptionHandler.convertToHash(this.encryptionHandler.nextToken()); + String authToken = this.encryptionHandler.nextToken(); String sessionId = UUID.randomUUID().toString(); // create a new certificate, with details of the user @@ -1077,7 +1091,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { } @Override - public Certificate authenticate(String username, byte[] password) { + public Certificate authenticate(String username, char[] password) { try { // username must be at least 2 characters in length @@ -1097,7 +1111,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { } // get 2 auth tokens - String authToken = this.encryptionHandler.convertToHash(this.encryptionHandler.nextToken()); + String authToken = this.encryptionHandler.nextToken(); // get next session id String sessionId = UUID.randomUUID().toString(); @@ -1232,15 +1246,12 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { * @throws InvalidCredentialsException * if the given credentials are invalid, the user does not exist, or has no password set */ - private User checkCredentialsAndUserState(String username, byte[] password) + private User checkCredentialsAndUserState(String username, char[] password) throws InvalidCredentialsException, AccessDeniedException { // and validate the password validatePassword(password); - // we only work with hashed passwords - String passwordHash = this.encryptionHandler.convertToHash(password); - // get user object User user = this.persistenceHandler.getUser(username); // no user means no authentication @@ -1256,14 +1267,6 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { throw new InvalidCredentialsException(msg); } - // validate password - String pwHash = user.getPassword(); - if (pwHash == null) - throw new AccessDeniedException( - MessageFormat.format("User {0} has no password and may not login!", username)); //$NON-NLS-1$ - if (!pwHash.equals(passwordHash)) - throw new InvalidCredentialsException(MessageFormat.format("Password is incorrect for {0}", username)); //$NON-NLS-1$ - // validate if user is allowed to login // this also capture the trying to login of SYSTEM user if (user.getUserState() != UserState.ENABLED) { @@ -1272,6 +1275,25 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { throw new AccessDeniedException(msg); } + byte[] pwHash = user.getPassword(); + if (pwHash == null) + throw new AccessDeniedException( + MessageFormat.format("User {0} has no password and may not login!", username)); //$NON-NLS-1$ + byte[] salt = user.getSalt(); + if (salt == null) + throw new AccessDeniedException(MessageFormat.format("User {0} has no salt and may not login!", salt)); //$NON-NLS-1$ + + // we only work with hashed passwords + byte[] passwordHash = this.encryptionHandler.hashPassword(password, salt); + + logger.info("New hash: " + StringHelper.getHexString(passwordHash)); + logger.info("User hash: " + StringHelper.getHexString(pwHash)); + logger.info("User salt: " + StringHelper.getHexString(salt)); + + // validate password + if (!Arrays.equals(passwordHash, pwHash)) + throw new InvalidCredentialsException(MessageFormat.format("Password is incorrect for {0}", username)); //$NON-NLS-1$ + return user; } @@ -1426,10 +1448,10 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { /** * This simple implementation validates that the password is not null, and that the password string is not empty * - * @see li.strolch.privilege.handler.PrivilegeHandler#validatePassword(byte[]) + * @see li.strolch.privilege.handler.PrivilegeHandler#validatePassword(char[]) */ @Override - public void validatePassword(byte[] password) throws PrivilegeException { + public void validatePassword(char[] password) throws PrivilegeException { if (password == null || password.length == 0) { throw new PrivilegeException("A password may not be empty!"); //$NON-NLS-1$ @@ -1708,13 +1730,13 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { } /** - * Passwords should not be kept as strings, as string are immutable, this method thus clears the byte array so that + * Passwords should not be kept as strings, as string are immutable, this method thus clears the char array so that * the password is not in memory anymore * * @param password - * the byte array containing the passwort which is to be set to zeroes + * the char array containing the passwort which is to be set to zeroes */ - private void clearPassword(byte[] password) { + private void clearPassword(char[] password) { if (password != null) { for (int i = 0; i < password.length; i++) { password[i] = 0; @@ -1797,7 +1819,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { } // validate password - String pwHash = user.getPassword(); + byte[] pwHash = user.getPassword(); if (pwHash != null) { String msg = MessageFormat.format("System users must not have a password: {0}", systemUsername); //$NON-NLS-1$ throw new AccessDeniedException(msg); diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/EncryptionHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/EncryptionHandler.java index 238772be8..aa7feb63d 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/EncryptionHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/EncryptionHandler.java @@ -26,29 +26,30 @@ import java.util.Map; public interface EncryptionHandler { /** - * Calculates or generates a token which can be used to identify certificates and so forth + * Generates a token which can be used to identify certificates and so forth * - * @return the secure token + * @return a new token */ public String nextToken(); /** - * Converts a given string, e.g. a password to a hash which is defined by the concrete implementation + * Generates a token which can be used to identify certificates and so forth * - * @param string - * the string to convert - * @return the hash of the string after converting + * @return a new token */ - public String convertToHash(String string); + public byte[] nextSalt(); /** - * Converts a given byte array, e.g. a password to a hash which is defined by the concrete implementation + * Hashes the given password with the given salt with the configured algorithm * - * @param bytes - * the bytes to convert - * @return the hash of the string after converting + * @param password + * the password + * @param salt + * the salt + * + * @return the hashed password */ - public String convertToHash(byte[] bytes); + public byte[] hashPassword(final char[] password, final byte[] salt); /** * Initialize the concrete {@link EncryptionHandler}. The passed parameter map contains any configuration the diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java index aff0d2ca6..a3acc15ff 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java @@ -331,7 +331,7 @@ public interface PrivilegeHandler { * *

* If the password given is null, then the user is created, but can not not login! Otherwise the password must meet - * the requirements of the implementation under {@link PrivilegeHandler#validatePassword(byte[])} + * the requirements of the implementation under {@link PrivilegeHandler#validatePassword(char[])} *

* * @param certificate @@ -341,14 +341,14 @@ public interface PrivilegeHandler { * @param password * the password of the new user. If the password is null, then this is accepted but the user can not * login, otherwise the password must be validated against - * {@link PrivilegeHandler#validatePassword(byte[])} + * {@link PrivilegeHandler#validatePassword(char[])} * * @throws AccessDeniedException * if the user for this certificate may not perform the action * @throws PrivilegeException * if there is anything wrong with this certificate or the user already exists */ - public UserRep addUser(Certificate certificate, UserRep userRep, byte[] password) + public UserRep addUser(Certificate certificate, UserRep userRep, char[] password) throws AccessDeniedException, PrivilegeException; /** @@ -390,7 +390,7 @@ public interface PrivilegeHandler { * *

* If the password given is null, then the user is created, but can not not login! Otherwise the password must meet - * the requirements of the implementation under {@link PrivilegeHandler#validatePassword(byte[])} + * the requirements of the implementation under {@link PrivilegeHandler#validatePassword(char[])} *

* * @param certificate @@ -400,14 +400,14 @@ public interface PrivilegeHandler { * @param password * the password of the new user. If the password is null, then this is accepted but the user can not * login, otherwise the password must be validated against - * {@link PrivilegeHandler#validatePassword(byte[])} + * {@link PrivilegeHandler#validatePassword(char[])} * * @throws AccessDeniedException * if the user for this certificate may not perform the action * @throws PrivilegeException * if there is anything wrong with this certificate or if the user does not exist */ - public UserRep replaceUser(Certificate certificate, UserRep userRep, byte[] password) + public UserRep replaceUser(Certificate certificate, UserRep userRep, char[] password) throws AccessDeniedException, PrivilegeException; /** @@ -481,7 +481,7 @@ public interface PrivilegeHandler { *

* Changes the password for the {@link User} with the given username. If the password is null, then the {@link User} * can not login anymore. Otherwise the password must meet the requirements of the implementation under - * {@link PrivilegeHandler#validatePassword(byte[])} + * {@link PrivilegeHandler#validatePassword(char[])} *

* *

@@ -495,14 +495,14 @@ public interface PrivilegeHandler { * @param password * the new password for this user. If the password is null, then the {@link User} can not login anymore. * Otherwise the password must meet the requirements of the implementation under - * {@link PrivilegeHandler#validatePassword(byte[])} + * {@link PrivilegeHandler#validatePassword(char[])} * * @throws AccessDeniedException * if the user for this certificate may not perform the action * @throws PrivilegeException * if there is anything wrong with this certificate */ - public void setUserPassword(Certificate certificate, String username, byte[] password) + public void setUserPassword(Certificate certificate, String username, char[] password) throws AccessDeniedException, PrivilegeException; /** @@ -575,14 +575,14 @@ public interface PrivilegeHandler { * the username of the {@link User} which is registered in the {@link PersistenceHandler} * @param password * the password with which this user is to be authenticated. Null passwords are not accepted and they - * must meet the requirements of the {@link #validatePassword(byte[])}-method + * must meet the requirements of the {@link #validatePassword(char[])}-method * * @return a {@link Certificate} with which this user may then perform actions * * @throws AccessDeniedException * if the user credentials are not valid */ - public Certificate authenticate(String username, byte[] password) throws AccessDeniedException; + public Certificate authenticate(String username, char[] password) throws AccessDeniedException; /** * Invalidates the session for the given {@link Certificate}, effectively logging out the user who was authenticated @@ -630,7 +630,7 @@ public interface PrivilegeHandler { * @throws PrivilegeException * if the password does not implement the requirement of the concrete implementation */ - public void validatePassword(byte[] password) throws PrivilegeException; + public void validatePassword(char[] password) throws PrivilegeException; /** *

diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/PasswordCreaterUI.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/PasswordCreaterUI.java deleted file mode 100644 index 40e68f95d..000000000 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/PasswordCreaterUI.java +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright 2013 Robert von Burg - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package li.strolch.privilege.helper; - -import java.awt.Dimension; -import java.awt.GridLayout; -import java.awt.Toolkit; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.awt.event.KeyEvent; -import java.awt.event.KeyListener; - -import javax.swing.JButton; -import javax.swing.JComboBox; -import javax.swing.JFrame; -import javax.swing.JLabel; -import javax.swing.JPasswordField; -import javax.swing.JTextField; -import javax.swing.SwingConstants; - -import li.strolch.utils.helper.StringHelper; - -/** - * Simple Swing UI to create passwords - * - * @author Robert von Burg - */ -@SuppressWarnings("nls") -public class PasswordCreaterUI { - - /** - * Launches the UI - * - * @param args - * not used - */ - public static void main(String[] args) { - - JFrame.setDefaultLookAndFeelDecorated(true); - - JFrame frame = new JFrame(); - frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); - frame.setTitle("Password creator"); - frame.setLayout(new GridLayout(4, 2)); - - JLabel digest = new JLabel("Digest:", SwingConstants.RIGHT); - JLabel password = new JLabel("Password:", SwingConstants.RIGHT); - JLabel hash = new JLabel("Hash:", SwingConstants.RIGHT); - - String[] digests = new String[] { "MD2", "MD5", "SHA-1", "SHA-256", "SHA-384", "SHA-512" }; - final JComboBox digestCombo = new JComboBox<>(digests); - digestCombo.setSelectedIndex(3); - final JPasswordField passwordField = new JPasswordField(); - final JTextField hashField = new JTextField(150); - - JButton digestBtn = new JButton("Digest"); - - passwordField.addKeyListener(new KeyListener() { - - @Override - public void keyTyped(KeyEvent e) { - // - } - - @Override - public void keyReleased(KeyEvent e) { - // - } - - @Override - public void keyPressed(KeyEvent e) { - hashField.setText(""); - } - }); - digestBtn.addActionListener(new ActionListener() { - - @Override - public void actionPerformed(ActionEvent e) { - - try { - String digest = (String) digestCombo.getSelectedItem(); - char[] passwordChar = passwordField.getPassword(); - String password = new String(passwordChar); - String hash = StringHelper.hashAsHex(digest, password); - hashField.setText(hash); - } catch (Exception e1) { - e1.printStackTrace(); - hashField.setText("Failed: " + e1.getLocalizedMessage()); - } - } - }); - - frame.add(digest); - frame.add(digestCombo); - frame.add(password); - frame.add(passwordField); - frame.add(hash); - frame.add(hashField); - frame.add(new JLabel()); - frame.add(digestBtn); - - Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize(); - int width = 500; - int height = 160; - frame.setSize(width, height); - frame.setLocation(screenSize.width / 2 - width, screenSize.height / 2 - height); - - frame.setVisible(true); - } -} \ No newline at end of file diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/PasswordCreator.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/PasswordCreator.java index 2898e12e8..d8847454d 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/PasswordCreator.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/PasswordCreator.java @@ -17,8 +17,12 @@ package li.strolch.privilege.helper; import java.io.BufferedReader; import java.io.InputStreamReader; -import java.security.MessageDigest; +import java.util.HashMap; +import java.util.Map; +import javax.crypto.SecretKeyFactory; + +import li.strolch.privilege.handler.DefaultEncryptionHandler; import li.strolch.utils.helper.StringHelper; /** @@ -26,10 +30,6 @@ import li.strolch.utils.helper.StringHelper; * Simple main class which can be used to create a hash from a password which the user must type in at the command line *

* - *

- * TODO: Note: currently the password input is echoed which is a security risk - *

- * * @author Robert von Burg */ public class PasswordCreator { @@ -47,26 +47,82 @@ public class PasswordCreator { String hashAlgorithm = null; while (hashAlgorithm == null) { - System.out.print("Hash Algorithm [SHA-256]: "); + System.out.print("Hash Algorithm [PBKDF2WithHmacSHA512]: "); String readLine = r.readLine().trim(); if (readLine.isEmpty()) { - hashAlgorithm = "SHA-256"; + hashAlgorithm = "PBKDF2WithHmacSHA512"; } else { try { - MessageDigest.getInstance(readLine); + SecretKeyFactory.getInstance(readLine); hashAlgorithm = readLine; } catch (Exception e) { - System.out.println(e.getLocalizedMessage()); + System.err.println(e.getLocalizedMessage()); hashAlgorithm = null; } } } - System.out.print("Password: "); - String password = r.readLine().trim(); - System.out.print("Hash is: " + StringHelper.hashAsHex(hashAlgorithm, password)); - } + int iterations = -1; + while (iterations == -1) { + System.out.print("Hash iterations [200000]: "); + String readLine = r.readLine().trim(); + if (readLine.isEmpty()) { + iterations = 200000; + } else { + + try { + iterations = Integer.parseInt(readLine); + } catch (Exception e) { + System.err.println(e.getLocalizedMessage()); + iterations = -1; + } + } + } + + int keyLength = -1; + while (keyLength == -1) { + System.out.print("Hash keyLength [256]: "); + String readLine = r.readLine().trim(); + + if (readLine.isEmpty()) { + keyLength = 256; + } else { + + try { + keyLength = Integer.parseInt(readLine); + if (keyLength <= 0) + throw new IllegalArgumentException("KeyLength must be > 0"); + } catch (Exception e) { + System.err.println(e.getLocalizedMessage()); + keyLength = -1; + } + } + } + + System.out.print("Password: "); + char[] password = r.readLine().trim().toCharArray(); + System.out.print("Salt: "); + String saltS = StringHelper.getHexString(r.readLine().trim().getBytes()); + byte[] salt = StringHelper.fromHexString(saltS); + + Map parameterMap = new HashMap<>(); + parameterMap.put(XmlConstants.XML_PARAM_HASH_ALGORITHM, hashAlgorithm); + parameterMap.put(XmlConstants.XML_PARAM_HASH_ITERATIONS, "" + iterations); + parameterMap.put(XmlConstants.XML_PARAM_HASH_KEY_LENGTH, "" + keyLength); + + DefaultEncryptionHandler encryptionHandler = new DefaultEncryptionHandler(); + encryptionHandler.initialize(parameterMap); + + byte[] passwordHash = encryptionHandler.hashPassword(password, salt); + String passwordHashS = StringHelper.getHexString(passwordHash); + System.out.println("Hash is: " + passwordHashS); + System.out.println("Salt is: " + saltS); + System.out.println(); + + System.out.println(XmlConstants.XML_ATTR_PASSWORD + "=\"" + passwordHashS + "\" " + XmlConstants.XML_ATTR_SALT + + "=\"" + saltS + "\""); + } } diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/XmlConstants.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/XmlConstants.java index d5c8aa6dc..cad9ab76e 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/XmlConstants.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/helper/XmlConstants.java @@ -233,11 +233,26 @@ public class XmlConstants { */ public static final String XML_ATTR_PASSWORD = "password"; + /** + * XML_ATTR_SALT = "salt" : + */ + public static final String XML_ATTR_SALT = "salt"; + /** * XML_PARAM_HASH_ALGORITHM = "hashAlgorithm" : */ public static final String XML_PARAM_HASH_ALGORITHM = "hashAlgorithm"; + /** + * XML_PARAM_HASH_ALGORITHM = "hashAlgorithm" : + */ + public static final String XML_PARAM_HASH_ITERATIONS = "hashIterations"; + + /** + * XML_PARAM_HASH_ALGORITHM = "hashAlgorithm" : + */ + public static final String XML_PARAM_HASH_KEY_LENGTH = "hashKeyLength"; + /** * XML_PARAM_USERS_FILE = "usersXmlFile" : */ diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/model/internal/User.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/model/internal/User.java index 70cd57b5b..aec9bae8e 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/model/internal/User.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/model/internal/User.java @@ -43,7 +43,8 @@ public final class User { private final String userId; private final String username; - private final String password; + private final byte[] password; + private final byte[] salt; private final String firstname; private final String lastname; @@ -78,7 +79,7 @@ public final class User { * @param propertyMap * a {@link Map} containing string value pairs of properties for this user */ - public User(String userId, String username, String password, String firstname, String lastname, + public User(String userId, String username, byte[] password, byte[] salt, String firstname, String lastname, UserState userState, Set roles, Locale locale, Map propertyMap) { if (StringHelper.isEmpty(userId)) { @@ -107,7 +108,8 @@ public final class User { this.userId = userId; this.username = username; - this.password = StringHelper.isEmpty(password) ? null : password; + this.password = password; + this.salt = salt; this.userState = userState; this.firstname = firstname; @@ -148,10 +150,19 @@ public final class User { * * @return the hashed password for this {@link User} */ - public String getPassword() { + public byte[] getPassword() { return this.password; } + /** + * Return the salt for this {@link User} + * + * @return the salt for this {@link User} + */ + public byte[] getSalt() { + return this.salt; + } + /** * @return the first name */ diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/xml/PrivilegeUsersDomWriter.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/xml/PrivilegeUsersDomWriter.java index dec448fce..7eacc5ba9 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/xml/PrivilegeUsersDomWriter.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/xml/PrivilegeUsersDomWriter.java @@ -59,8 +59,10 @@ public class PrivilegeUsersDomWriter { userElement.setAttribute(XmlConstants.XML_ATTR_USER_ID, user.getUserId()); userElement.setAttribute(XmlConstants.XML_ATTR_USERNAME, user.getUsername()); - if (StringHelper.isNotEmpty(user.getPassword())) - userElement.setAttribute(XmlConstants.XML_ATTR_PASSWORD, user.getPassword()); + if (user.getPassword() != null) + userElement.setAttribute(XmlConstants.XML_ATTR_PASSWORD, StringHelper.getHexString(user.getPassword())); + if (user.getSalt() != null) + userElement.setAttribute(XmlConstants.XML_ATTR_SALT, StringHelper.getHexString(user.getSalt())); // add first name element if (StringHelper.isNotEmpty(user.getFirstname())) { diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/xml/PrivilegeUsersSaxReader.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/xml/PrivilegeUsersSaxReader.java index e79efe676..221f9e306 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/xml/PrivilegeUsersSaxReader.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/xml/PrivilegeUsersSaxReader.java @@ -35,6 +35,7 @@ import org.xml.sax.helpers.DefaultHandler; import li.strolch.privilege.helper.XmlConstants; import li.strolch.privilege.model.UserState; import li.strolch.privilege.model.internal.User; +import li.strolch.utils.helper.StringHelper; /** * @author Robert von Burg @@ -114,7 +115,8 @@ public class PrivilegeUsersSaxReader extends DefaultHandler { String userId; String username; - String password; + byte[] password; + byte[] salt; String firstName; String lastname; UserState userState; @@ -135,7 +137,12 @@ public class PrivilegeUsersSaxReader extends DefaultHandler { if (qName.equals(XmlConstants.XML_USER)) { this.userId = attributes.getValue(XmlConstants.XML_ATTR_USER_ID); this.username = attributes.getValue(XmlConstants.XML_ATTR_USERNAME); - this.password = attributes.getValue(XmlConstants.XML_ATTR_PASSWORD); + String passwordS = attributes.getValue(XmlConstants.XML_ATTR_PASSWORD); + if (!StringHelper.isEmpty(passwordS)) + this.password = StringHelper.fromHexString(passwordS); + String saltS = attributes.getValue(XmlConstants.XML_ATTR_SALT); + if (!StringHelper.isEmpty(saltS)) + this.salt = StringHelper.fromHexString(saltS); } } @@ -165,8 +172,8 @@ public class PrivilegeUsersSaxReader extends DefaultHandler { // NO-OP } else if (qName.equals(XmlConstants.XML_USER)) { - User user = new User(this.userId, this.username, this.password, this.firstName, this.lastname, - this.userState, this.userRoles, this.locale, this.parameters); + User user = new User(this.userId, this.username, this.password, this.salt, this.firstName, + this.lastname, this.userState, this.userRoles, this.locale, this.parameters); logger.info(MessageFormat.format("New User: {0}", user)); //$NON-NLS-1$ getUsers().add(user); } else { diff --git a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/AbstractPrivilegeTest.java b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/AbstractPrivilegeTest.java index af4af356e..fb5b13f28 100644 --- a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/AbstractPrivilegeTest.java +++ b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/AbstractPrivilegeTest.java @@ -22,7 +22,7 @@ public class AbstractPrivilegeTest { protected PrivilegeHandler privilegeHandler; protected PrivilegeContext ctx; - protected void login(String username, byte[] password) { + protected void login(String username, char[] password) { Certificate certificate = privilegeHandler.authenticate(username, password); assertTrue("Certificate is null!", certificate != null); PrivilegeContext privilegeContext = privilegeHandler.getPrivilegeContext(certificate); diff --git a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PersistSessionsTest.java b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PersistSessionsTest.java index e79ddbb57..d5c6d02ef 100644 --- a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PersistSessionsTest.java +++ b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PersistSessionsTest.java @@ -37,7 +37,7 @@ public class PersistSessionsTest extends AbstractPrivilegeTest { assertFalse("Sessions File should no yet exist", sessionsFile.exists()); // login and assert sessions file was written - login("admin", "admin".getBytes()); + login("admin", "admin".toCharArray()); this.privilegeHandler.isCertificateValid(ctx.getCertificate()); assertTrue("Sessions File should have been created!", sessionsFile.isFile()); diff --git a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PrivilegeConflictMergeTest.java b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PrivilegeConflictMergeTest.java index 8943c1c5f..dc52a45cb 100644 --- a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PrivilegeConflictMergeTest.java +++ b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PrivilegeConflictMergeTest.java @@ -51,7 +51,7 @@ public class PrivilegeConflictMergeTest extends AbstractPrivilegeTest { @Test public void shouldMergePrivileges1() { try { - login("userA", "admin".getBytes()); + login("userA", "admin".toCharArray()); IPrivilege privilege = this.ctx.getPrivilege("Foo"); assertTrue(privilege.isAllAllowed()); assertTrue(privilege.getAllowList().isEmpty()); @@ -65,7 +65,7 @@ public class PrivilegeConflictMergeTest extends AbstractPrivilegeTest { @Test public void shouldMergePrivileges2() { try { - login("userB", "admin".getBytes()); + login("userB", "admin".toCharArray()); IPrivilege privilege = this.ctx.getPrivilege("Bar"); assertFalse(privilege.isAllAllowed()); assertEquals(2, privilege.getAllowList().size()); diff --git a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PrivilegeTest.java b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PrivilegeTest.java index ec5b1f699..9c684a42b 100644 --- a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PrivilegeTest.java +++ b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/PrivilegeTest.java @@ -70,21 +70,21 @@ public class PrivilegeTest extends AbstractPrivilegeTest { private static final String ROLE_PRIVILEGE_ADMIN = "PrivilegeAdmin"; private static final String PRIVILEGE_USER_ACCESS = "UserAccessPrivilege"; private static final String ADMIN = "admin"; - private static final byte[] PASS_ADMIN = "admin".getBytes(); + private static final char[] PASS_ADMIN = "admin".toCharArray(); private static final String BOB = "bob"; private static final String TED = "ted"; private static final String SYSTEM_USER_ADMIN = "system_admin"; private static final String SYSTEM_USER_ADMIN2 = "system_admin2"; - private static final byte[] PASS_BOB = "admin1".getBytes(); + private static final char[] PASS_BOB = "admin1".toCharArray(); private static final String ROLE_APP_USER = "AppUser"; private static final String ROLE_MY = "MyRole"; private static final String ROLE_MY2 = "MyRole2"; private static final String ROLE_CHANGE_PW = "changePw"; private static final String ROLE_TEMP = "temp"; private static final String ROLE_USER = "user"; - private static final byte[] PASS_DEF = "def".getBytes(); - private static final byte[] PASS_BAD = "123".getBytes(); - private static final byte[] PASS_TED = "12345".getBytes(); + private static final char[] PASS_DEF = "def".toCharArray(); + private static final char[] PASS_BAD = "123".toCharArray(); + private static final char[] PASS_TED = "12345".toCharArray(); private static final Logger logger = LoggerFactory.getLogger(PrivilegeTest.class); @@ -223,7 +223,7 @@ public class PrivilegeTest extends AbstractPrivilegeTest { this.exception.expect(AccessDeniedException.class); this.exception.expectMessage("User system_admin is a system user and may not login!"); try { - login(SYSTEM_USER_ADMIN, SYSTEM_USER_ADMIN.getBytes()); + login(SYSTEM_USER_ADMIN, SYSTEM_USER_ADMIN.toCharArray()); } finally { logout(); } diff --git a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/XmlTest.java b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/XmlTest.java index 52ef1c8ee..59e743fc9 100644 --- a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/XmlTest.java +++ b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/XmlTest.java @@ -129,7 +129,7 @@ public class XmlTest { assertEquals(6, containerModel.getParameterMap().size()); assertEquals(3, containerModel.getPolicies().size()); - assertEquals(1, containerModel.getEncryptionHandlerParameterMap().size()); + assertEquals(3, containerModel.getEncryptionHandlerParameterMap().size()); assertEquals(3, containerModel.getPersistenceHandlerParameterMap().size()); // TODO extend assertions to actual model @@ -184,7 +184,9 @@ public class XmlTest { User admin = findUser("admin", users); assertEquals("1", admin.getUserId()); assertEquals("admin", admin.getUsername()); - assertEquals("8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918", admin.getPassword()); + assertEquals("cb69962946617da006a2f95776d78b49e5ec7941d2bdb2d25cdb05f957f64344", + StringHelper.getHexString(admin.getPassword())); + assertEquals("61646d696e", StringHelper.getHexString(admin.getSalt())); assertEquals("Application", admin.getFirstname()); assertEquals("Administrator", admin.getLastname()); assertEquals(UserState.ENABLED, admin.getUserState()); @@ -200,6 +202,7 @@ public class XmlTest { assertEquals("2", systemAdmin.getUserId()); assertEquals("system_admin", systemAdmin.getUsername()); assertEquals(null, systemAdmin.getPassword()); + assertEquals(null, systemAdmin.getSalt()); assertEquals("System User", systemAdmin.getFirstname()); assertEquals("Administrator", systemAdmin.getLastname()); assertEquals(UserState.SYSTEM, systemAdmin.getUserState()); @@ -264,9 +267,8 @@ public class XmlTest { Role systemAdminPrivileges = findRole("system_admin_privileges", roles); assertEquals("system_admin_privileges", systemAdminPrivileges.getName()); assertEquals(2, systemAdminPrivileges.getPrivilegeNames().size()); - assertThat(systemAdminPrivileges.getPrivilegeNames(), - containsInAnyOrder("li.strolch.privilege.handler.SystemAction", - "li.strolch.privilege.test.model.TestSystemRestrictable")); + assertThat(systemAdminPrivileges.getPrivilegeNames(), containsInAnyOrder( + "li.strolch.privilege.handler.SystemAction", "li.strolch.privilege.test.model.TestSystemRestrictable")); IPrivilege testSystemUserAction = systemAdminPrivileges .getPrivilege("li.strolch.privilege.handler.SystemAction"); @@ -288,11 +290,9 @@ public class XmlTest { Role restrictedRole = findRole("restrictedRole", roles); assertEquals("restrictedRole", restrictedRole.getName()); assertEquals(1, restrictedRole.getPrivilegeNames().size()); - assertThat(restrictedRole.getPrivilegeNames(), - containsInAnyOrder("li.strolch.privilege.handler.SystemAction")); + assertThat(restrictedRole.getPrivilegeNames(), containsInAnyOrder("li.strolch.privilege.handler.SystemAction")); - IPrivilege testSystemUserAction2 = restrictedRole - .getPrivilege("li.strolch.privilege.handler.SystemAction"); + IPrivilege testSystemUserAction2 = restrictedRole.getPrivilege("li.strolch.privilege.handler.SystemAction"); assertEquals("li.strolch.privilege.handler.SystemAction", testSystemUserAction2.getName()); assertEquals("DefaultPrivilege", testSystemUserAction2.getPolicy()); assertFalse(testSystemUserAction2.isAllAllowed()); @@ -341,16 +341,16 @@ public class XmlTest { propertyMap.put("prop1", "value1"); userRoles = new HashSet<>(); userRoles.add("role1"); - User user1 = new User("1", "user1", "blabla", "Bob", "White", UserState.DISABLED, userRoles, Locale.ENGLISH, - propertyMap); + User user1 = new User("1", "user1", "blabla".getBytes(), "blabla".getBytes(), "Bob", "White", + UserState.DISABLED, userRoles, Locale.ENGLISH, propertyMap); users.add(user1); propertyMap = new HashMap<>(); propertyMap.put("prop2", "value2"); userRoles = new HashSet<>(); userRoles.add("role2"); - User user2 = new User("2", "user2", "haha", "Leonard", "Sheldon", UserState.ENABLED, userRoles, Locale.ENGLISH, - propertyMap); + User user2 = new User("2", "user2", "haha".getBytes(), "haha".getBytes(), "Leonard", "Sheldon", + UserState.ENABLED, userRoles, Locale.ENGLISH, propertyMap); users.add(user2); File modelFile = new File("./target/test/PrivilegeUsersTest.xml"); @@ -370,7 +370,8 @@ public class XmlTest { assertEquals(user1.getFirstname(), parsedUser1.getFirstname()); assertEquals(user1.getLastname(), parsedUser1.getLastname()); assertEquals(user1.getLocale(), parsedUser1.getLocale()); - assertEquals(user1.getPassword(), parsedUser1.getPassword()); + assertTrue(Arrays.equals(user1.getPassword(), parsedUser1.getPassword())); + assertTrue(Arrays.equals(user1.getSalt(), parsedUser1.getSalt())); assertEquals(user1.getProperties(), parsedUser1.getProperties()); assertEquals(user1.getUserId(), parsedUser1.getUserId()); assertEquals(user1.getUserState(), parsedUser1.getUserState()); @@ -379,7 +380,8 @@ public class XmlTest { assertEquals(user2.getFirstname(), parsedUser2.getFirstname()); assertEquals(user2.getLastname(), parsedUser2.getLastname()); assertEquals(user2.getLocale(), parsedUser2.getLocale()); - assertEquals(user2.getPassword(), parsedUser2.getPassword()); + assertTrue(Arrays.equals(user2.getPassword(), parsedUser2.getPassword())); + assertTrue(Arrays.equals(user2.getSalt(), parsedUser2.getSalt())); assertEquals(user2.getProperties(), parsedUser2.getProperties()); assertEquals(user2.getUserId(), parsedUser2.getUserId()); assertEquals(user2.getUserState(), parsedUser2.getUserState()); diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java b/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java index 252284c5d..ba0a845a3 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java @@ -138,7 +138,7 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St } @Override - public Certificate authenticate(String username, byte[] password) { + public Certificate authenticate(String username, char[] password) { DBC.PRE.assertNotEmpty("Username must be set!", username); //$NON-NLS-1$ DBC.PRE.assertNotNull("Passwort must be set", password); //$NON-NLS-1$ diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/StrolchSessionHandler.java b/li.strolch.rest/src/main/java/li/strolch/rest/StrolchSessionHandler.java index af54aa23d..2678b7519 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/StrolchSessionHandler.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/StrolchSessionHandler.java @@ -28,7 +28,7 @@ import li.strolch.rest.model.UserSession; */ public interface StrolchSessionHandler { - public Certificate authenticate(String username, byte[] password); + public Certificate authenticate(String username, char[] password); public Certificate validate(String authToken); diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java index 7beec3587..a396c94ef 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java @@ -92,7 +92,8 @@ public class AuthenticationService { sb.append("Password was not given!"); //$NON-NLS-1$ } - byte[] password = passwordE == null ? new byte[] {} : Base64.getDecoder().decode(passwordE.getAsString()); + char[] password = passwordE == null ? new char[] {} + : new String(Base64.getDecoder().decode(passwordE.getAsString())).toCharArray(); if (password.length < 3) { if (sb.length() > 0) sb.append("\n"); @@ -295,7 +296,7 @@ public class AuthenticationService { String msg = "Authorization cookie is secure, but connection is not secure! Cookie won't be passed to client!"; logger.warn(msg); } - + NewCookie cookie = new NewCookie(StrolchRestfulConstants.STROLCH_AUTHORIZATION, certificate.getAuthToken(), "/", null, "Authorization header", (int) TimeUnit.DAYS.toSeconds(1), secureCookie); diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java index 0df168ca4..af6d585cf 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java @@ -360,7 +360,7 @@ public class PrivilegeUsersService { PrivilegeSetUserPasswordService svc = new PrivilegeSetUserPasswordService(); PrivilegeSetUserPasswordArgument arg = new PrivilegeSetUserPasswordArgument(); arg.username = username; - arg.password = Base64.getDecoder().decode(password); + arg.password = new String(Base64.getDecoder().decode(password)).toCharArray(); ServiceResult svcResult = svcHandler.doService(cert, svc, arg); if (svcResult.isOk()) { diff --git a/li.strolch.rest/src/test/resources/withPrivilegeRuntime/config/PrivilegeConfig.xml b/li.strolch.rest/src/test/resources/withPrivilegeRuntime/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.rest/src/test/resources/withPrivilegeRuntime/config/PrivilegeConfig.xml +++ b/li.strolch.rest/src/test/resources/withPrivilegeRuntime/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.rest/src/test/resources/withPrivilegeRuntime/config/PrivilegeUsers.xml b/li.strolch.rest/src/test/resources/withPrivilegeRuntime/config/PrivilegeUsers.xml index 7ff78a5fc..94b3a7b23 100644 --- a/li.strolch.rest/src/test/resources/withPrivilegeRuntime/config/PrivilegeUsers.xml +++ b/li.strolch.rest/src/test/resources/withPrivilegeRuntime/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED @@ -20,7 +20,7 @@ - + Bob Bernstein ENABLED @@ -30,7 +30,7 @@ - + Jill Johnson ENABLED @@ -40,7 +40,7 @@ - + System User Administrator SYSTEM diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordArgument.java index 406e79894..4b13bea6e 100644 --- a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordArgument.java +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordArgument.java @@ -20,5 +20,5 @@ import li.strolch.service.api.ServiceArgument; public class PrivilegeSetUserPasswordArgument extends ServiceArgument { private static final long serialVersionUID = 1L; public String username; - public byte[] password; + public char[] password; } diff --git a/li.strolch.service/src/test/java/li/strolch/command/AbstractRealmCommandTest.java b/li.strolch.service/src/test/java/li/strolch/command/AbstractRealmCommandTest.java index 9c4ec632e..17ada06dc 100644 --- a/li.strolch.service/src/test/java/li/strolch/command/AbstractRealmCommandTest.java +++ b/li.strolch.service/src/test/java/li/strolch/command/AbstractRealmCommandTest.java @@ -65,7 +65,7 @@ public abstract class AbstractRealmCommandTest { runtimeMock.mockRuntime(rootPath, configSrc); runtimeMock.startContainer(); - certificate = runtimeMock.getPrivilegeHandler().authenticate(getUsername(), "test".getBytes()); + certificate = runtimeMock.getPrivilegeHandler().authenticate(getUsername(), getUsername().toCharArray()); importFromXml(REALM_CACHED, certificate, getServiceHandler()); importFromXml(REALM_TRANSACTIONAL, certificate, getServiceHandler()); } diff --git a/li.strolch.service/src/test/java/li/strolch/migrations/MigrationsTest.java b/li.strolch.service/src/test/java/li/strolch/migrations/MigrationsTest.java index 5503a8192..00f0843de 100644 --- a/li.strolch.service/src/test/java/li/strolch/migrations/MigrationsTest.java +++ b/li.strolch.service/src/test/java/li/strolch/migrations/MigrationsTest.java @@ -56,7 +56,7 @@ public class MigrationsTest { runtimeMock.mockRuntime(rootPath, configSrc); runtimeMock.startContainer(); - certificate = runtimeMock.getPrivilegeHandler().authenticate("test", "test".getBytes()); + certificate = runtimeMock.getPrivilegeHandler().authenticate("test", "test".toCharArray()); } @AfterClass diff --git a/li.strolch.service/src/test/java/li/strolch/service/test/AbstractRealmServiceTest.java b/li.strolch.service/src/test/java/li/strolch/service/test/AbstractRealmServiceTest.java index de304724f..5dd4f3f94 100644 --- a/li.strolch.service/src/test/java/li/strolch/service/test/AbstractRealmServiceTest.java +++ b/li.strolch.service/src/test/java/li/strolch/service/test/AbstractRealmServiceTest.java @@ -75,7 +75,7 @@ public abstract class AbstractRealmServiceTest { runtimeMock.mockRuntime(rootPath, configSrc); runtimeMock.startContainer(); - this.certificate = runtimeMock.getPrivilegeHandler().authenticate(getUsername(), "test".getBytes()); + this.certificate = runtimeMock.getPrivilegeHandler().authenticate(getUsername(), getUsername().toCharArray()); importFromXml(REALM_CACHED, this.certificate, getServiceHandler()); importFromXml(REALM_TRANSACTIONAL, this.certificate, getServiceHandler()); } diff --git a/li.strolch.service/src/test/java/li/strolch/service/test/GreetingServiceTest.java b/li.strolch.service/src/test/java/li/strolch/service/test/GreetingServiceTest.java index 5c3dec1ba..688ac90c8 100644 --- a/li.strolch.service/src/test/java/li/strolch/service/test/GreetingServiceTest.java +++ b/li.strolch.service/src/test/java/li/strolch/service/test/GreetingServiceTest.java @@ -37,7 +37,7 @@ public class GreetingServiceTest extends AbstractServiceTest { GreetingArgument greetingArgument = new GreetingArgument(); greetingArgument.name = "Robert"; //$NON-NLS-1$ - Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("jill", "jill".getBytes()); //$NON-NLS-1$//$NON-NLS-2$ + Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("jill", "jill".toCharArray()); //$NON-NLS-1$//$NON-NLS-2$ try { GreetingResult greetingResult = getServiceHandler().doService(certificate, greetingService, greetingArgument); diff --git a/li.strolch.service/src/test/java/li/strolch/service/test/LockingTest.java b/li.strolch.service/src/test/java/li/strolch/service/test/LockingTest.java index f3dbcde93..f9c843a64 100644 --- a/li.strolch.service/src/test/java/li/strolch/service/test/LockingTest.java +++ b/li.strolch.service/src/test/java/li/strolch/service/test/LockingTest.java @@ -72,7 +72,7 @@ public class LockingTest { } public static Certificate login() { - return runtimeMock.getPrivilegeHandler().authenticate("test", "test".getBytes()); + return runtimeMock.getPrivilegeHandler().authenticate("test", "test".toCharArray()); } @Test diff --git a/li.strolch.service/src/test/java/li/strolch/service/test/ServiceTest.java b/li.strolch.service/src/test/java/li/strolch/service/test/ServiceTest.java index e31966a33..51a6adf96 100644 --- a/li.strolch.service/src/test/java/li/strolch/service/test/ServiceTest.java +++ b/li.strolch.service/src/test/java/li/strolch/service/test/ServiceTest.java @@ -74,7 +74,7 @@ public class ServiceTest extends AbstractServiceTest { @Test public void shouldFailWithNoAccess() { - Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("jill", "jill".getBytes()); //$NON-NLS-1$//$NON-NLS-2$ + Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("jill", "jill".toCharArray()); //$NON-NLS-1$//$NON-NLS-2$ try { TestService testService = new TestService(); ServiceResult svcResult = getServiceHandler().doService(certificate, testService); @@ -88,7 +88,7 @@ public class ServiceTest extends AbstractServiceTest { @Test public void shouldNotFailWithAccess() { - Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("jill", "jill".getBytes()); //$NON-NLS-1$//$NON-NLS-2$ + Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("jill", "jill".toCharArray()); //$NON-NLS-1$//$NON-NLS-2$ try { GreetingService service = new GreetingService(); GreetingArgument argument = new GreetingArgument(); @@ -103,7 +103,7 @@ public class ServiceTest extends AbstractServiceTest { @Test public void shouldNotFailWithLogin1() { - Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("bob", "bob".getBytes()); //$NON-NLS-1$//$NON-NLS-2$ + Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("bob", "bob".toCharArray()); //$NON-NLS-1$//$NON-NLS-2$ try { TestService testService = new TestService(); getServiceHandler().doService(certificate, testService); @@ -114,7 +114,7 @@ public class ServiceTest extends AbstractServiceTest { @Test public void shouldNotFailWithLogin2() { - Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("bob", "bob".getBytes()); //$NON-NLS-1$//$NON-NLS-2$ + Certificate certificate = runtimeMock.getPrivilegeHandler().authenticate("bob", "bob".toCharArray()); //$NON-NLS-1$//$NON-NLS-2$ try { GreetingService service = new GreetingService(); GreetingArgument argument = new GreetingArgument(); diff --git a/li.strolch.service/src/test/java/li/strolch/service/test/XmlExportServiceTest.java b/li.strolch.service/src/test/java/li/strolch/service/test/XmlExportServiceTest.java index 6e42318ce..6a10a63f2 100644 --- a/li.strolch.service/src/test/java/li/strolch/service/test/XmlExportServiceTest.java +++ b/li.strolch.service/src/test/java/li/strolch/service/test/XmlExportServiceTest.java @@ -54,7 +54,7 @@ public class XmlExportServiceTest { runtimeMock.mockRuntime(rootPath, configSrc); runtimeMock.startContainer(); - certificate = runtimeMock.getPrivilegeHandler().authenticate("test", "test".getBytes()); + certificate = runtimeMock.getPrivilegeHandler().authenticate("test", "test".toCharArray()); } @AfterClass diff --git a/li.strolch.service/src/test/resources/executiontest/config/PrivilegeConfig.xml b/li.strolch.service/src/test/resources/executiontest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.service/src/test/resources/executiontest/config/PrivilegeConfig.xml +++ b/li.strolch.service/src/test/resources/executiontest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.service/src/test/resources/executiontest/config/PrivilegeUsers.xml b/li.strolch.service/src/test/resources/executiontest/config/PrivilegeUsers.xml index 411d37116..22cad3857 100644 --- a/li.strolch.service/src/test/resources/executiontest/config/PrivilegeUsers.xml +++ b/li.strolch.service/src/test/resources/executiontest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.service/src/test/resources/migrationstest/config/PrivilegeConfig.xml b/li.strolch.service/src/test/resources/migrationstest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.service/src/test/resources/migrationstest/config/PrivilegeConfig.xml +++ b/li.strolch.service/src/test/resources/migrationstest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.service/src/test/resources/migrationstest/config/PrivilegeUsers.xml b/li.strolch.service/src/test/resources/migrationstest/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.service/src/test/resources/migrationstest/config/PrivilegeUsers.xml +++ b/li.strolch.service/src/test/resources/migrationstest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.service/src/test/resources/reporttest/config/PrivilegeConfig.xml b/li.strolch.service/src/test/resources/reporttest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.service/src/test/resources/reporttest/config/PrivilegeConfig.xml +++ b/li.strolch.service/src/test/resources/reporttest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.service/src/test/resources/reporttest/config/PrivilegeUsers.xml b/li.strolch.service/src/test/resources/reporttest/config/PrivilegeUsers.xml index 411d37116..22cad3857 100644 --- a/li.strolch.service/src/test/resources/reporttest/config/PrivilegeUsers.xml +++ b/li.strolch.service/src/test/resources/reporttest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.service/src/test/resources/svctest/config/PrivilegeConfig.xml b/li.strolch.service/src/test/resources/svctest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.service/src/test/resources/svctest/config/PrivilegeConfig.xml +++ b/li.strolch.service/src/test/resources/svctest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.service/src/test/resources/svctest/config/PrivilegeUsers.xml b/li.strolch.service/src/test/resources/svctest/config/PrivilegeUsers.xml index 793c39b4c..35a702f14 100644 --- a/li.strolch.service/src/test/resources/svctest/config/PrivilegeUsers.xml +++ b/li.strolch.service/src/test/resources/svctest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED @@ -15,7 +15,7 @@ AppUser - + Application Administrator ENABLED diff --git a/li.strolch.service/src/test/resources/transienttest/config/PrivilegeConfig.xml b/li.strolch.service/src/test/resources/transienttest/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.service/src/test/resources/transienttest/config/PrivilegeConfig.xml +++ b/li.strolch.service/src/test/resources/transienttest/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.service/src/test/resources/transienttest/config/PrivilegeUsers.xml b/li.strolch.service/src/test/resources/transienttest/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.service/src/test/resources/transienttest/config/PrivilegeUsers.xml +++ b/li.strolch.service/src/test/resources/transienttest/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.service/src/test/resources/withPrivilegeRuntime/config/PrivilegeConfig.xml b/li.strolch.service/src/test/resources/withPrivilegeRuntime/config/PrivilegeConfig.xml index 5ccaf8559..4b73ec32b 100644 --- a/li.strolch.service/src/test/resources/withPrivilegeRuntime/config/PrivilegeConfig.xml +++ b/li.strolch.service/src/test/resources/withPrivilegeRuntime/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.service/src/test/resources/withPrivilegeRuntime/config/PrivilegeUsers.xml b/li.strolch.service/src/test/resources/withPrivilegeRuntime/config/PrivilegeUsers.xml index 9b1030b4c..2fb263aae 100644 --- a/li.strolch.service/src/test/resources/withPrivilegeRuntime/config/PrivilegeUsers.xml +++ b/li.strolch.service/src/test/resources/withPrivilegeRuntime/config/PrivilegeUsers.xml @@ -7,7 +7,7 @@ - + Application Administrator ENABLED @@ -21,7 +21,7 @@ - + Bob Bernstein ENABLED @@ -31,7 +31,7 @@ - + Jill Johnson ENABLED @@ -41,7 +41,7 @@ - + System User Administrator SYSTEM diff --git a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/AbstractModelTest.java b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/AbstractModelTest.java index 5c3a54ee5..b5c133f57 100644 --- a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/AbstractModelTest.java +++ b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/AbstractModelTest.java @@ -35,7 +35,7 @@ public abstract class AbstractModelTest { @Test public void shouldStartContainer() { PrivilegeHandler privilegeHandler = getRuntimeMock().getContainer().getPrivilegeHandler(); - Certificate certificate = privilegeHandler.authenticate("test", "test".getBytes()); + Certificate certificate = privilegeHandler.authenticate("test", "test".toCharArray()); try (StrolchTransaction tx = getRuntimeMock().getRealm(this.realmName).openTx(certificate, "test")) { tx.getOrderMap().getAllKeys(tx); } diff --git a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/ActivityModelTestRunner.java b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/ActivityModelTestRunner.java index a41e19683..157824426 100644 --- a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/ActivityModelTestRunner.java +++ b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/ActivityModelTestRunner.java @@ -56,7 +56,7 @@ public class ActivityModelTestRunner { this.realmName = realmName; PrivilegeHandler privilegeHandler = runtimeMock.getContainer().getPrivilegeHandler(); - this.certificate = privilegeHandler.authenticate("test", "test".getBytes()); + this.certificate = privilegeHandler.authenticate("test", "test".toCharArray()); } public void runCreateActivityTest() { diff --git a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/AuditModelTestRunner.java b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/AuditModelTestRunner.java index 32591ca8f..9ed929e42 100644 --- a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/AuditModelTestRunner.java +++ b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/AuditModelTestRunner.java @@ -55,7 +55,7 @@ public class AuditModelTestRunner { this.realmName = realmName; PrivilegeHandler privilegeHandler = runtimeMock.getContainer().getPrivilegeHandler(); - this.certificate = privilegeHandler.authenticate("test", "test".getBytes()); + this.certificate = privilegeHandler.authenticate("test", "test".toCharArray()); } public void runTestForAudits() { diff --git a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/OrderModelTestRunner.java b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/OrderModelTestRunner.java index 6f707c473..5a341e50d 100644 --- a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/OrderModelTestRunner.java +++ b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/OrderModelTestRunner.java @@ -55,7 +55,7 @@ public class OrderModelTestRunner { this.realmName = realmName; PrivilegeHandler privilegeHandler = runtimeMock.getContainer().getPrivilegeHandler(); - this.certificate = privilegeHandler.authenticate("test", "test".getBytes()); + this.certificate = privilegeHandler.authenticate("test", "test".toCharArray()); } public void runCreateOrderTest() { diff --git a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/ResourceModelTestRunner.java b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/ResourceModelTestRunner.java index 30152f23e..1c0aa3b3a 100644 --- a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/ResourceModelTestRunner.java +++ b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/ResourceModelTestRunner.java @@ -55,7 +55,7 @@ public class ResourceModelTestRunner { this.realmName = realmName; PrivilegeHandler privilegeHandler = runtimeMock.getContainer().getPrivilegeHandler(); - this.certificate = privilegeHandler.authenticate("test", "test".getBytes()); + this.certificate = privilegeHandler.authenticate("test", "test".toCharArray()); } public void runCreateResourceTest() { diff --git a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/RuntimeMock.java b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/RuntimeMock.java index 0ca5edd0a..a0e97761c 100644 --- a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/RuntimeMock.java +++ b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/RuntimeMock.java @@ -77,15 +77,15 @@ public class RuntimeMock { } public Certificate loginAdmin() { - return getPrivilegeHandler().authenticate("admin", "admin".getBytes()); + return getPrivilegeHandler().authenticate("admin", "admin".toCharArray()); } public Certificate loginTest() { - return getPrivilegeHandler().authenticate("test", "test".getBytes()); + return getPrivilegeHandler().authenticate("test", "test".toCharArray()); } public Certificate login(String username, String password) { - return getPrivilegeHandler().authenticate(username, password.getBytes()); + return getPrivilegeHandler().authenticate(username, password.toCharArray()); } public boolean logout(Certificate cert) { diff --git a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/VersioningTestRunner.java b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/VersioningTestRunner.java index c5c64d5fa..358e09320 100644 --- a/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/VersioningTestRunner.java +++ b/li.strolch.testbase/src/main/java/li/strolch/testbase/runtime/VersioningTestRunner.java @@ -26,7 +26,7 @@ public class VersioningTestRunner { this.runtimeMock = runtimeMock; PrivilegeHandler privilegeHandler = runtimeMock.getContainer().getPrivilegeHandler(); - this.certificate = privilegeHandler.authenticate("test", "test".getBytes()); + this.certificate = privilegeHandler.authenticate("test", "test".toCharArray()); } public void runTestsForVersioning() { diff --git a/li.strolch.tutorialapp/src/runtime/config/PrivilegeConfig.xml b/li.strolch.tutorialapp/src/runtime/config/PrivilegeConfig.xml index 9793f19b8..95a8f70d3 100644 --- a/li.strolch.tutorialapp/src/runtime/config/PrivilegeConfig.xml +++ b/li.strolch.tutorialapp/src/runtime/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.tutorialapp/src/runtime/config/PrivilegeUsers.xml b/li.strolch.tutorialapp/src/runtime/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.tutorialapp/src/runtime/config/PrivilegeUsers.xml +++ b/li.strolch.tutorialapp/src/runtime/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.tutorialwebapp/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml b/li.strolch.tutorialwebapp/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml index 9793f19b8..95a8f70d3 100644 --- a/li.strolch.tutorialwebapp/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml +++ b/li.strolch.tutorialwebapp/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/li.strolch.tutorialwebapp/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml b/li.strolch.tutorialwebapp/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml index 2973bf8f5..19a45be9f 100644 --- a/li.strolch.tutorialwebapp/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml +++ b/li.strolch.tutorialwebapp/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/li.strolch.utils/src/main/java/li/strolch/utils/helper/ArraysHelper.java b/li.strolch.utils/src/main/java/li/strolch/utils/helper/ArraysHelper.java index d506c6a1c..c228c9965 100644 --- a/li.strolch.utils/src/main/java/li/strolch/utils/helper/ArraysHelper.java +++ b/li.strolch.utils/src/main/java/li/strolch/utils/helper/ArraysHelper.java @@ -51,4 +51,16 @@ public class ArraysHelper { public static byte[] copyOf(byte[] bytes) { return Arrays.copyOf(bytes, bytes.length); } + + /** + * Creates a simple copy of the given array + * + * @param bytes + * the array to copy + * + * @return the copy + */ + public static char[] copyOf(char[] chars) { + return Arrays.copyOf(chars, chars.length); + } } diff --git a/strolch_minimal/src/runtime/config/PrivilegeConfig.xml b/strolch_minimal/src/runtime/config/PrivilegeConfig.xml index 9793f19b8..95a8f70d3 100644 --- a/strolch_minimal/src/runtime/config/PrivilegeConfig.xml +++ b/strolch_minimal/src/runtime/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/strolch_minimal/src/runtime/config/PrivilegeUsers.xml b/strolch_minimal/src/runtime/config/PrivilegeUsers.xml index 19ef5ac1e..3d239635b 100644 --- a/strolch_minimal/src/runtime/config/PrivilegeUsers.xml +++ b/strolch_minimal/src/runtime/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED diff --git a/strolch_minimal_rest/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml b/strolch_minimal_rest/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml index 9793f19b8..95a8f70d3 100644 --- a/strolch_minimal_rest/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml +++ b/strolch_minimal_rest/src/main/webapp/WEB-INF/config/PrivilegeConfig.xml @@ -10,7 +10,13 @@ - + + + + + + + diff --git a/strolch_minimal_rest/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml b/strolch_minimal_rest/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml index 19ef5ac1e..3d239635b 100644 --- a/strolch_minimal_rest/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml +++ b/strolch_minimal_rest/src/main/webapp/WEB-INF/config/PrivilegeUsers.xml @@ -6,7 +6,7 @@ agent - + Application Administrator ENABLED