Hi Andrea
About checking plain text passwords.
Let us assume we have a plain text password like
crypt1:abc
In this case, a GeoServer password decoder will feel responsible for
decoding. This is the unlucky situation because the encoder is not
responsible.
Nevertheless, if you try to decrypt the password I am quite sure that you
will get a runtime exception
org.jasypt.exceptions.EncryptionOperationNotPossibleException
This happens because the encrypted password has a format. There is a
padding, a hex/base64 encoding, a random salt with a fixed length at a
fixed position and whatsoever I cannot remember at the moment. (Depends on
the encoder used).
If you get such an exception, the reason may be
1) The password was a plain text password
2) The password was already encrypted but tampered anywhere in the system
Unfortunately, you cannot decide and as a consequence, an "emergency exit"
is needed like reentering the password on the GUI.
An example for a valid encrypted password is
crypt1:KWhO7jrTz/Gi0oTQRKsVeCmWIZY5VZaD
I cannot image a user having such a plain text password. It is easier to
win the jack pot in a lottery than remember such a password :-)
As simple calculation. Let us assume that the password alphabet consists of
26 lower case letters,10 digits and the ":". Then you have 37^7
= 94931877133 possibilities for the first 7 characters. Very unlikely that
a password starts with "crypt1:"
Taking this numbers into account, +1 for your proposal, we should not make
things more complicated as needed.
Cheers
Christian
2013/6/21 Andrea Aime <[email protected]>
> On Wed, Jun 19, 2013 at 11:52 AM, Andrea Aime <
> [email protected]> wrote:
>
>> On Tue, Jun 18, 2013 at 11:20 AM, Andrea Aime <
>> [email protected]> wrote:
>>
>>> Maybe not indeed, I was considering a case in which the password encoder
>>> changed... even if
>>> I don't see normal standalone GWC users entering encrypted passwords
>>> in the config files,
>>> I was thinking about future-proofing the code, so that if GWC ever gets
>>> its own config GUI,
>>> we have a way to handle changing the password encryption.
>>>
>>
>> I had another look at the whole matter and believe this can be solved
>> without having to modify
>> GWC at all.
>> GeoServer has two methods to load and save the JDBC configuration (used
>> by the GUI),
>> so I just need to tap into those and encrypt the password before it gets
>> saved, and decrypt
>> it on the way back, before GWC can start using it.
>>
>> I cannot know if the password is encrypted or not just by searching for
>> the well
>> known prefixes, but I can just test with each GeoServer password encoder
>> if the value is something
>> it can handle, and if none is found, assume the password is still
>> plaintext.
>> Might have some little glitch for some unlucky cases where the plaintext
>> password is matched
>> by some password encoder, but that should be very unlikely,
>> and the functionality is only a few months old, and only useful in
>> clustered environments,
>> so very few people are probably already using it.
>> Plus it has a simple fix, just go into the GUI and enter the right
>> password again
>>
>> Would that be acceptable?
>>
>
> Cough cough... anyone? :-)
>
> Cheers
> Andrea
>
>
> --
> ==
> Our support, Your Success! Visit http://opensdi.geo-solutions.it for more
> information.
> ==
>
> Ing. Andrea Aime
> @geowolf
> Technical Lead
>
> GeoSolutions S.A.S.
> Via Poggio alle Viti 1187
> 55054 Massarosa (LU)
> Italy
> phone: +39 0584 962313
> fax: +39 0584 1660272
> mob: +39 339 8844549
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Geoserver-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
