Skip to content

S
spring-boot
Commit 9e18183d authored by Dave Syer's avatar Dave Syer Committed by Phillip Webb
Browse files
Options

Don't set deefault password if empty or unresolved

parent 1e0e2e71
Hide whitespace changes
Inline Side-by-side
Showing with 27 additions and 2 deletions
spring-boot-actuator/src/main/java/org/springframework/boot/actuate/properties/SecurityProperties.java
View file @ 9e18183d
...@@ -20,6 +20,7 @@ import java.util.UUID; ...@@ -20,6 +20,7 @@ import java.util.UUID;
import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.util.StringUtils;
/** /**
* Properties for the security aspects of an application. * Properties for the security aspects of an application.
...@@ -148,7 +149,7 @@ public class SecurityProperties { ...@@ -148,7 +149,7 @@ public class SecurityProperties {
private String role = "USER"; private String role = "USER";
private boolean defaultPassword; private boolean defaultPassword = true;
public String getName() { public String getName() {
return this.name; return this.name;
...@@ -163,6 +164,10 @@ public class SecurityProperties { ...@@ -163,6 +164,10 @@ public class SecurityProperties {
} }
public void setPassword(String password) { public void setPassword(String password) {
if (password.startsWith("${") && password.endsWith("}")
|| !StringUtils.hasLength(password)) {
return;
}
this.defaultPassword = false; this.defaultPassword = false;
this.password = password; this.password = password;
} }
......
spring-boot-actuator/src/test/java/org/springframework/boot/actuate/properties/SecurityPropertiesTests.java
View file @ 9e18183d
...@@ -20,12 +20,12 @@ import java.util.Collections; ...@@ -20,12 +20,12 @@ import java.util.Collections;
import org.junit.Test; import org.junit.Test;
import org.springframework.beans.MutablePropertyValues; import org.springframework.beans.MutablePropertyValues;
import org.springframework.boot.actuate.properties.SecurityProperties;
import org.springframework.boot.bind.RelaxedDataBinder; import org.springframework.boot.bind.RelaxedDataBinder;
import org.springframework.core.convert.support.DefaultConversionService; import org.springframework.core.convert.support.DefaultConversionService;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
/** /**
* Tests for {@link SecurityProperties}. * Tests for {@link SecurityProperties}.
...@@ -55,4 +55,24 @@ public class SecurityPropertiesTests { ...@@ -55,4 +55,24 @@ public class SecurityPropertiesTests {
assertEquals(2, security.getIgnored().length); assertEquals(2, security.getIgnored().length);
} }
@Test
public void testDefaultPasswordAutogeneratedIfUnresolovedPlaceholder() {
SecurityProperties security = new SecurityProperties();
RelaxedDataBinder binder = new RelaxedDataBinder(security, "security");
binder.bind(new MutablePropertyValues(Collections.singletonMap(
"security.user.password", "${ADMIN_PASSWORD}")));
assertFalse(binder.getBindingResult().hasErrors());
assertTrue(security.getUser().isDefaultPassword());
}
@Test
public void testDefaultPasswordAutogeneratedIfEmpty() {
SecurityProperties security = new SecurityProperties();
RelaxedDataBinder binder = new RelaxedDataBinder(security, "security");
binder.bind(new MutablePropertyValues(Collections.singletonMap(
"security.user.password", "")));
assertFalse(binder.getBindingResult().hasErrors());
assertTrue(security.getUser().isDefaultPassword());
}
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment