Hi,
Written a custom password encryption bean as per Suggestions given in CUBA forum.
Found that while adding new user getPasswordHash,getHash are not overriden from Custom Encryption Module but I can see that SEC_USER table stored bcrypt password and password_encryption field updated as sha256
while logging in after user creation checkPassword method overriden as expected.
Please suggest why it is redirecting to bcrypt hash generator?
Followed Below Steps:
-
created a bean
@Component(“webportal_Sha256EncryptionModule”)
public class Sha256EncryptionModule implements EncryptionModule { -
entry in app.properties
cuba.passwordEncryptionModule = webportal_Sha256EncryptionModule -
entry in spring.xml
Below is the code of Sha256EncryptionModule.
package com.touchngo.raptor.web_portal.service;
import com.haulmont.cuba.core.global.HashDescriptor;
import com.haulmont.cuba.core.sys.encryption.EncryptionModule;
import com.haulmont.cuba.security.entity.User;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import com.haulmont.cuba.core.global.DataManager;
import org.springframework.security.crypto.password.MessageDigestPasswordEncoder;
import javax.inject.Inject;
import java.util.ArrayList;
import java.util.UUID;
@Component(“webportal_Sha256EncryptionModule”)
public class Sha256EncryptionModule implements EncryptionModule {
Logger logger = LoggerFactory.getLogger(Sha256EncryptionModule.class);
MessageDigestPasswordEncoder messageDigestPasswordEncoder;
@Inject
private DataManager dataManager;
@Override
public String getHashMethod() {
logger.info("inside getHashMethod");
return "sha256";
}
@Override
public HashDescriptor getHash(String content) {
logger.info("inside HashDescriptor getHash");
return null;
}
@Override
public String getPasswordHash(UUID userId, String password) {
logger.info("inside getPasswordHash");
String login = null;
String spring5xHash = null;
try {
User userlogin = dataManager.load(User.class).
query("select u from sec$User u where u.id = :userId").
parameter("userId",userId).optional().orElse(null);
if(userlogin != null){
login = userlogin.getLogin();
}
} catch (Exception e) {
e.printStackTrace();
}
org.springframework.security.core.userdetails.User springUser =
new org.springframework.security.core.userdetails.User
(login, "", false, false, false,
false, new ArrayList());
messageDigestPasswordEncoder = new MessageDigestPasswordEncoder("sha-256");
spring5xHash = messageDigestPasswordEncoder.encode(password);
System.out.println("Plain Password "+password);
System.out.println("encryptPassword spring5xHash is "+spring5xHash);
return spring5xHash;
}
@Override
public String getHash(String content, String salt) {
logger.info("inside String getHash");
return null;
}
@Override
public String getPlainHash(String content) {
logger.info("inside getPlainHash");
return null;
}
@Override
public boolean checkPassword(User user, String rawPassword) {
logger.info("inside checkPassword");
messageDigestPasswordEncoder = new MessageDigestPasswordEncoder("sha-256");
String hashedPassword = user.getPassword(); // getPasswordHash(user.getId(), rawPassword);
logger.info("Stored Hash Password "+hashedPassword);
Boolean flag1 = messageDigestPasswordEncoder.matches(rawPassword, hashedPassword);
System.out.println("is password matched"+flag1);
return flag1;
}
}