Merged 5.1-MC1 (5.1.0) to HEAD (5.1)

119059 adavis: Merged 5.1.N (5.1.1) to 5.1-MC1 (5.1.0) 117341 adavis: Merged 5.0.2-CLOUD42 (Cloud ) to 5.1.N (5.1.1) 117249 adavis: Merged 5.0.2-CLOUD (Cloud ) to 5.0.2-CLOUD42 (Cloud ) 114518 adavis: Merged BCRYPT to 5.0.2-CLOUD 114018 gcornwell: MNT-14892: Fixed tests git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@119898 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-10-08 14:51:49 +00:00 · 2015-12-10 10:00:09 +00:00
parent 47373d2dc0
commit ae043651cb
5 changed files with 84 additions and 72 deletions
--- a/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
+++ b/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2005-2014 Alfresco Software Limited.
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
 *
 * This file is part of Alfresco
 *
@@ -19,7 +19,6 @@
 package org.alfresco.repo.security.authentication;

 import java.io.Serializable;
-import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
 import java.util.HashMap;
@@ -29,7 +28,6 @@ import java.util.Map;
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.GrantedAuthorityImpl;
 import net.sf.acegisecurity.UserDetails;
-import net.sf.acegisecurity.providers.dao.User;
 import net.sf.acegisecurity.providers.dao.UsernameNotFoundException;

 import org.alfresco.error.AlfrescoRuntimeException;
--- a/source/java/org/alfresco/repo/security/authentication/UpgradePasswordHashWorker.java
+++ b/source/java/org/alfresco/repo/security/authentication/UpgradePasswordHashWorker.java
@@ -41,10 +41,7 @@ import org.alfresco.repo.lock.JobLockService;
 import org.alfresco.repo.lock.JobLockService.JobLockRefreshCallback;
 import org.alfresco.repo.lock.LockAcquisitionException;
 import org.alfresco.repo.policy.BehaviourFilter;
-import org.alfresco.repo.site.SiteModel;
 import org.alfresco.repo.transaction.RetryingTransactionHelper;
-import org.alfresco.service.cmr.repository.NodeRef;
-import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
 import org.alfresco.service.namespace.NamespaceService;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.service.transaction.TransactionService;
@@ -270,6 +267,49 @@ public class UpgradePasswordHashWorker implements ApplicationContextAware, Initi
        return progress;
    }
    
+    /**
+     * Processes the user properties, re-hashing the password, if required.
+     * 
+     * @param properties The properties for the user.
+     * @return true if the password was upgraded, false if no changes were made.
+     */
+    public boolean processPasswordHash(Map<QName, Serializable> properties)
+    {
+        // retrieve the password and hash indicator
+        Pair<List<String>, String> passwordHash = RepositoryAuthenticationDao.determinePasswordHash(properties);
+        
+        // determine if current password hash matches the preferred encoding
+        if (!passwordEncoder.lastEncodingIsPreferred(passwordHash.getFirst()))
+        {
+            // We need to double hash
+            List<String> nowHashed = new ArrayList<String>();
+            nowHashed.addAll(passwordHash.getFirst());
+            nowHashed.add(passwordEncoder.getPreferredEncoding());
+            Object salt = properties.get(ContentModel.PROP_SALT);
+            properties.put(ContentModel.PROP_PASSWORD_HASH,  passwordEncoder.encodePreferred(new String(passwordHash.getSecond()), salt));
+            properties.put(ContentModel.PROP_HASH_INDICATOR, (Serializable)nowHashed);
+            properties.remove(ContentModel.PROP_PASSWORD);
+            properties.remove(ContentModel.PROP_PASSWORD_SHA256);
+            return true;
+        }
+
+        // ensure password hash is in the correct place
+        @SuppressWarnings("unchecked")
+        List<String> hashIndicator = (List<String>) properties.get(ContentModel.PROP_HASH_INDICATOR);
+        if (hashIndicator == null)
+        {
+            // Already the preferred encoding, just set it
+            properties.put(ContentModel.PROP_HASH_INDICATOR, (Serializable)passwordHash.getFirst());
+            properties.put(ContentModel.PROP_PASSWORD_HASH,  passwordHash.getSecond());
+            properties.remove(ContentModel.PROP_PASSWORD);
+            properties.remove(ContentModel.PROP_PASSWORD_SHA256);
+            return true;
+        }
+
+        // if we get here no changes were made
+        return false;
+    }
+    
    /**
     * @param progress          the thread-safe progress
     */
@@ -459,49 +499,6 @@ public class UpgradePasswordHashWorker implements ApplicationContextAware, Initi
        {
            AuthenticationUtil.clearCurrentSecurityContext();
        }
-        
-        /**
-         * Processes the user properties, re-hashing the password, if required.
-         * 
-         * @param properties The properties for the user.
-         * @return true if the password was upgraded, false if no changes were made.
-         */
-        private boolean processPasswordHash(Map<QName, Serializable> properties)
-        {
-            // retrieve the password and hash indicator
-            Pair<List<String>, String> passwordHash = RepositoryAuthenticationDao.determinePasswordHash(properties);
-            
-            // determine if current password hash matches the preferred encoding
-            if (!passwordEncoder.lastEncodingIsPreferred(passwordHash.getFirst()))
-            {
-                // We need to double hash
-                List<String> nowHashed = new ArrayList<String>();
-                nowHashed.addAll(passwordHash.getFirst());
-                nowHashed.add(passwordEncoder.getPreferredEncoding());
-                Object salt = properties.get(ContentModel.PROP_SALT);
-                properties.put(ContentModel.PROP_PASSWORD_HASH,  passwordEncoder.encodePreferred(new String(passwordHash.getSecond()), salt));
-                properties.put(ContentModel.PROP_HASH_INDICATOR, (Serializable)nowHashed);
-                properties.remove(ContentModel.PROP_PASSWORD);
-                properties.remove(ContentModel.PROP_PASSWORD_SHA256);
-                return true;
-            }
-
-            // ensure password hash is in the correct place
-            @SuppressWarnings("unchecked")
-            List<String> hashIndicator = (List<String>) properties.get(ContentModel.PROP_HASH_INDICATOR);
-            if (hashIndicator == null)
-            {
-                // Already the preferred encoding, just set it
-                properties.put(ContentModel.PROP_HASH_INDICATOR, (Serializable)passwordHash.getFirst());
-                properties.put(ContentModel.PROP_PASSWORD_HASH,  passwordHash.getSecond());
-                properties.remove(ContentModel.PROP_PASSWORD);
-                properties.remove(ContentModel.PROP_PASSWORD_SHA256);
-                return true;
-            }
-
-            // if we get here no changes were made
-            return false;
-        }
    }

    /**