本文整理了Java中jenkins.model.Jenkins.getSecretKey()
方法的一些代码示例,展示了Jenkins.getSecretKey()
的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Jenkins.getSecretKey()
方法的具体详情如下:
包路径:jenkins.model.Jenkins
类名称:Jenkins
方法名:getSecretKey
[英]Returns a secret key that survives across container start/stop.
This value is useful for implementing some of the security features.
[中]返回一个密钥,该密钥在容器启动/停止期间有效。
此值对于实现某些安全功能非常有用。
代码示例来源:origin: jenkinsci/jenkins
/**
* Returns the unique identifier of this Jenkins that has been historically used to identify
* this Jenkins to the outside world.
*
* <p>
* This form of identifier is weak in that it can be impersonated by others. See
* https://wiki.jenkins-ci.org/display/JENKINS/Instance+Identity for more modern form of instance ID
* that can be challenged and verified.
*
* @since 1.498
*/
@SuppressWarnings("deprecation")
public String getLegacyInstanceId() {
return Util.getDigestOf(getSecretKey());
}
代码示例来源:origin: jenkinsci/jenkins
@Nonnull
@Restricted(NoExternalUse.class)
/*package*/ String getApiTokenInsecure() {
if(apiToken == null){
return Messages.ApiTokenProperty_NoLegacyToken();
}
String p = apiToken.getPlainText();
if (p.equals(Util.getDigestOf(Jenkins.getInstance().getSecretKey()+":"+user.getId()))) {
// if the current token is the initial value created by pre SECURITY-49 Jenkins, we can't use that.
// force using the newer value
apiToken = Secret.fromString(p=API_KEY_SEED.mac(user.getId()));
}
return Util.getDigestOf(p);
}
代码示例来源:origin: jenkinsci/jenkins
@SuppressWarnings("deprecation")
private static RememberMeServices createRememberMeService(UserDetailsService uds) {
// create our default TokenBasedRememberMeServices, which depends on the availability of the secret key
TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2();
rms.setUserDetailsService(uds);
/*
TokenBasedRememberMeServices needs to be used in conjunction with RememberMeAuthenticationProvider,
and both needs to use the same key (this is a reflection of a poor design in AcgeiSecurity, if you ask me)
and various security plugins have its own groovy script that configures them.
So if we change this, it creates a painful situation for those plugins by forcing them to choose
to work with earlier version of Jenkins or newer version of Jenkins, and not both.
So we keep this here.
*/
rms.setKey(Jenkins.getInstance().getSecretKey());
rms.setParameter("remember_me"); // this is the form field name in login.jelly
return rms;
}
}
代码示例来源:origin: org.jenkins-ci.main/jenkins-core
/**
* Returns the unique identifier of this Jenkins that has been historically used to identify
* this Jenkins to the outside world.
*
* <p>
* This form of identifier is weak in that it can be impersonated by others. See
* https://wiki.jenkins-ci.org/display/JENKINS/Instance+Identity for more modern form of instance ID
* that can be challenged and verified.
*
* @since 1.498
*/
@SuppressWarnings("deprecation")
public String getLegacyInstanceId() {
return Util.getDigestOf(getSecretKey());
}
代码示例来源:origin: io.provis/provisio-jenkins-runtime
@Override
protected byte[] load(ConfidentialKey key) throws IOException {
if(key instanceof CryptoConfidentialKey) {
MessageDigest digest;
try {
digest = MessageDigest.getInstance("SHA-256");
} catch (NoSuchAlgorithmException e) {
throw new IllegalStateException(e);
}
digest.reset();
digest.update(Jenkins.getInstance().getSecretKey().getBytes("UTF-8"));
return digest.digest();
}
throw new IllegalArgumentException("Unsupported key type " + key.getClass().getName());
}
代码示例来源:origin: io.provis/provisio-jenkins-runtime
public void init(byte[] secretKey) throws IOException {
Jenkins jenkins = Jenkins.setup(rootDir, secretKey);
TextFile secretFile = new TextFile(new File(rootDir, "secret.key"));
secretFile.write(jenkins.getSecretKey());
// don't let jenkins complain about old encryption secret scheme
new FileBoolean(new File(rootDir, "secret.key.not-so-secret")).on();
// but force rekey on start
new FileBoolean(new File(new File(rootDir, "jenkins.security.RekeySecretAdminMonitor"), "scanOnBoot")).on();
}
代码示例来源:origin: org.jenkins-ci.main/jenkins-core
@Nonnull
@Restricted(NoExternalUse.class)
/*package*/ String getApiTokenInsecure() {
String p = apiToken.getPlainText();
if (p.equals(Util.getDigestOf(Jenkins.getInstance().getSecretKey()+":"+user.getId()))) {
// if the current token is the initial value created by pre SECURITY-49 Jenkins, we can't use that.
// force using the newer value
apiToken = Secret.fromString(p=API_KEY_SEED.mac(user.getId()));
}
return Util.getDigestOf(p);
}
代码示例来源:origin: jenkinsci/active-directory-plugin
public SecurityComponents createSecurityComponents() {
BeanBuilder builder = new BeanBuilder(getClass().getClassLoader());
Binding binding = new Binding();
binding.setVariable("realm", this);
InputStream i = getClass().getResourceAsStream("ActiveDirectory.groovy");
try {
builder.parse(i, binding);
} finally {
IOUtils.closeQuietly(i);
}
WebApplicationContext context = builder.createApplicationContext();
//final AbstractActiveDirectoryAuthenticationProvider adp = findBean(AbstractActiveDirectoryAuthenticationProvider.class, context);
findBean(AbstractActiveDirectoryAuthenticationProvider.class, context); //Keeping the call because there might be side effects?
final UserDetailsService uds = findBean(UserDetailsService.class, context);
TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2() {
public Authentication autoLogin(HttpServletRequest request, HttpServletResponse response) {
try {
return super.autoLogin(request, response);
} catch (Exception e) {// TODO: this check is made redundant with 1.556, but needed with earlier versions
cancelCookie(request, response, "Failed to handle remember-me cookie: "+Functions.printThrowable(e));
return null;
}
}
};
rms.setUserDetailsService(uds);
rms.setKey(Jenkins.getActiveInstance().getSecretKey());
rms.setParameter("remember_me"); // this is the form field name in login.jelly
return new SecurityComponents( findBean(AuthenticationManager.class, context), uds, rms);
}
代码示例来源:origin: org.jenkins-ci.main/jenkins-core
@SuppressWarnings("deprecation")
private static RememberMeServices createRememberMeService(UserDetailsService uds) {
// create our default TokenBasedRememberMeServices, which depends on the availability of the secret key
TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2();
rms.setUserDetailsService(uds);
/*
TokenBasedRememberMeServices needs to be used in conjunction with RememberMeAuthenticationProvider,
and both needs to use the same key (this is a reflection of a poor design in AcgeiSecurity, if you ask me)
and various security plugins have its own groovy script that configures them.
So if we change this, it creates a painful situation for those plugins by forcing them to choose
to work with earlier version of Jenkins or newer version of Jenkins, and not both.
So we keep this here.
*/
rms.setKey(Jenkins.getInstance().getSecretKey());
rms.setParameter("remember_me"); // this is the form field name in login.jelly
return rms;
}
}
内容来源于网络,如有侵权,请联系作者删除!