summaryrefslogtreecommitdiffstats
path: root/src/test/java/com/gitblit/tests/AuthenticationManagerTest.java
Commit message (Collapse)AuthorAgeFilesLines
* Delete password from memory in AuthenticationManagerFlorian Zschocke2020-04-051-11/+73
| | | | | | Zero out the password to remove it from memory after use. This is only a first step, implementing it for one method: `AuthenticationManager.authenticate(String, char[], String)`.
* 🦟 fix: Password hash upgrade kills existing passwordsFlorian Zschocke2020-04-051-4/+12
| | | | | | | | | | The upgrade of a MD5 stored password hash to a PBKDF password hash destroys the stored password. The has check zeroes out the password that is tested, so that the new hash is built over the zeroed out value. This fix prevents that an also adds a check to the test. Fixes #1335
* Use the new PasswordHash classes.Florian Zschocke2019-11-051-6/+32
| | | | | | Integrate the `PasswordHash` class and subclass in the user and password editing and authentication. Replaces the old code and the previous `SecurePasswordHashingUtils` class.
* Update AuthenticationManager to update weakly stored passwords on loginMartin Spielmann2017-01-071-0/+6
|
* Log update for Fail2Ban usagePaul Martin2015-10-251-2/+2
| | | | | + Adds standard logging for all authentication providers + Updates help page to use default GitBlit SSH port
* A patch that allows to extract a new user informations from the HTTP sessionFabrice Bacchella2015-05-151-17/+658
| | | | if the webapp container can fill it.
* Create infrastructure for XSS sanitizationJames Moger2014-09-071-1/+4
|
* Add repository and user/team lifecycle listener extension pointsJames Moger2014-06-091-1/+1
|
* Implement user "disabled" flag as an alternative to deleting the accountJames Moger2014-03-041-0/+66
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-29 02:25:59 +0000