Repository: wicket Updated Branches: refs/heads/5756-improve-crypt 42ce1faa5 -> 748fba9b1
WICKET-5756 Allow to use custom ciphers when using SunJceCrypt class Use KeyInSessionSunJceCryptFactory factory by default Project: http://git-wip-us.apache.org/repos/asf/wicket/repo Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/748fba9b Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/748fba9b Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/748fba9b Branch: refs/heads/5756-improve-crypt Commit: 748fba9b16e6c368fecf8bab7aa2a7d5c7e3b2a5 Parents: 42ce1fa Author: Martin Tzvetanov Grigorov <[email protected]> Authored: Tue Nov 18 11:42:00 2014 +0200 Committer: Martin Tzvetanov Grigorov <[email protected]> Committed: Tue Nov 18 11:42:00 2014 +0200 ---------------------------------------------------------------------- .../wicket/settings/def/SecuritySettings.java | 19 +++++-------------- .../core/request/mapper/CryptoMapperTest.java | 13 ++++++++++++- 2 files changed, 17 insertions(+), 15 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/wicket/blob/748fba9b/wicket-core/src/main/java/org/apache/wicket/settings/def/SecuritySettings.java ---------------------------------------------------------------------- diff --git a/wicket-core/src/main/java/org/apache/wicket/settings/def/SecuritySettings.java b/wicket-core/src/main/java/org/apache/wicket/settings/def/SecuritySettings.java index 8f1a79c..d866258 100644 --- a/wicket-core/src/main/java/org/apache/wicket/settings/def/SecuritySettings.java +++ b/wicket-core/src/main/java/org/apache/wicket/settings/def/SecuritySettings.java @@ -22,8 +22,8 @@ import org.apache.wicket.authentication.strategy.DefaultAuthenticationStrategy; import org.apache.wicket.authorization.IAuthorizationStrategy; import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener; import org.apache.wicket.authorization.UnauthorizedInstantiationException; +import org.apache.wicket.core.util.crypt.KeyInSessionSunJceCryptFactory; import org.apache.wicket.settings.ISecuritySettings; -import org.apache.wicket.util.crypt.CachingSunJceCryptFactory; import org.apache.wicket.util.crypt.ICryptFactory; import org.apache.wicket.util.lang.Args; @@ -82,25 +82,16 @@ public class SecuritySettings implements ISecuritySettings } /** - * Note: Prints a warning to stderr if no factory was set and {@link #DEFAULT_ENCRYPTION_KEY} is - * used instead. - * - * @return crypt factory used to generate crypt objects + * @return crypt factory used to generate crypt objects. By default it uses + * {@link org.apache.wicket.core.util.crypt.KeyInSessionSunJceCryptFactory} that + * binds an HTTP session to store the user specific key */ @Override public synchronized ICryptFactory getCryptFactory() { if (cryptFactory == null) { - System.err - .print("********************************************************************\n" - + "*** WARNING: Wicket is using a DEFAULT_ENCRYPTION_KEY ***\n" - + "*** ^^^^^^^^^^^^^^^^^^^^^^ ***\n" - + "*** Do NOT deploy to your live server(s) without changing this. ***\n" - + "*** See SecuritySettings#setCryptFactory() for more information. ***\n" - + "********************************************************************\n"); - - cryptFactory = new CachingSunJceCryptFactory(DEFAULT_ENCRYPTION_KEY); + cryptFactory = new KeyInSessionSunJceCryptFactory(); } return cryptFactory; } http://git-wip-us.apache.org/repos/asf/wicket/blob/748fba9b/wicket-core/src/test/java/org/apache/wicket/core/request/mapper/CryptoMapperTest.java ---------------------------------------------------------------------- diff --git a/wicket-core/src/test/java/org/apache/wicket/core/request/mapper/CryptoMapperTest.java b/wicket-core/src/test/java/org/apache/wicket/core/request/mapper/CryptoMapperTest.java index b8213e6..fce5e0a 100644 --- a/wicket-core/src/test/java/org/apache/wicket/core/request/mapper/CryptoMapperTest.java +++ b/wicket-core/src/test/java/org/apache/wicket/core/request/mapper/CryptoMapperTest.java @@ -40,6 +40,10 @@ import org.apache.wicket.request.mapper.info.PageComponentInfo; import org.apache.wicket.request.mapper.parameter.PageParameters; import org.apache.wicket.request.resource.PackageResourceReference; import org.apache.wicket.request.resource.UrlResourceReference; +import org.apache.wicket.settings.ISecuritySettings; +import org.apache.wicket.util.IProvider; +import org.apache.wicket.util.crypt.CachingSunJceCryptFactory; +import org.apache.wicket.util.crypt.ICrypt; import org.apache.wicket.util.string.StringValue; import org.apache.wicket.util.string.Strings; import org.apache.wicket.util.tester.WicketTester; @@ -74,7 +78,14 @@ public class CryptoMapperTest extends AbstractMapperTest tester = new WicketTester(); WebApplication webApplication = tester.getApplication(); webApplication.mountPage(MOUNTED_URL, Page1.class); - mapper = new CryptoMapper(webApplication.getRootRequestMapper(), webApplication); + mapper = new CryptoMapper(webApplication.getRootRequestMapper(), new IProvider<ICrypt>() + { + @Override + public ICrypt get() + { + return new CachingSunJceCryptFactory(ISecuritySettings.DEFAULT_ENCRYPTION_KEY).newCrypt(); + } + }); } /**
