From 3040c7cb5f32bbecbcac568b527300f830a57641 Mon Sep 17 00:00:00 2001
From: Rick Herrick <jrherrick@wustl.edu>
Date: Sun, 1 May 2016 18:25:49 -0500
Subject: [PATCH] Removed obfuscated encoder, fixed issue that prevented
 clearing unencrypted passwords.

---
 .../initialization/tasks/EncryptXnatPasswords.java  |  2 +-
 .../DatabaseAuthenticationProviderConfigurator.java | 13 +------------
 .../resources/META-INF/xnat/init_security_000.sql   |  2 +-
 3 files changed, 3 insertions(+), 14 deletions(-)

diff --git a/src/main/java/org/nrg/xnat/initialization/tasks/EncryptXnatPasswords.java b/src/main/java/org/nrg/xnat/initialization/tasks/EncryptXnatPasswords.java
index e6968b17..f958eb6e 100644
--- a/src/main/java/org/nrg/xnat/initialization/tasks/EncryptXnatPasswords.java
+++ b/src/main/java/org/nrg/xnat/initialization/tasks/EncryptXnatPasswords.java
@@ -58,7 +58,7 @@ public class EncryptXnatPasswords extends AbstractInitializingTask {
 
     private boolean tableExists(final String name) throws SQLException {
         try (final Connection connection = _template.getDataSource().getConnection();
-             final ResultSet results = connection.getMetaData().getTables("catalog", null, name, new String[]{"table"})) {
+             final ResultSet results = connection.getMetaData().getTables("catalog", null, name, new String[]{"TABLE"})) {
             if (results.next()) {
                 return true;
             }
diff --git a/src/main/java/org/nrg/xnat/security/config/DatabaseAuthenticationProviderConfigurator.java b/src/main/java/org/nrg/xnat/security/config/DatabaseAuthenticationProviderConfigurator.java
index 3f338a30..532d0856 100644
--- a/src/main/java/org/nrg/xnat/security/config/DatabaseAuthenticationProviderConfigurator.java
+++ b/src/main/java/org/nrg/xnat/security/config/DatabaseAuthenticationProviderConfigurator.java
@@ -11,7 +11,6 @@
 package org.nrg.xnat.security.config;
 
 import org.nrg.xdat.preferences.InitializerSiteConfiguration;
-import org.nrg.xdat.security.ObfuscatedPasswordEncoder;
 import org.nrg.xnat.security.provider.XnatDatabaseAuthenticationProvider;
 import org.nrg.xnat.security.userdetailsservices.XnatDatabaseUserDetailsService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -33,23 +32,13 @@ public class DatabaseAuthenticationProviderConfigurator extends AbstractAuthenti
         saltSource.setUserPropertyToUse("salt");
 
         XnatDatabaseAuthenticationProvider sha2DatabaseAuthProvider = new XnatDatabaseAuthenticationProvider(_preferences.getEmailVerification());
-        ShaPasswordEncoder encoder = new ShaPasswordEncoder(256);
         sha2DatabaseAuthProvider.setUserDetailsService(_detailsService);
-        sha2DatabaseAuthProvider.setPasswordEncoder(encoder);
+        sha2DatabaseAuthProvider.setPasswordEncoder(new ShaPasswordEncoder(256));
         sha2DatabaseAuthProvider.setName(name);
         sha2DatabaseAuthProvider.setProviderId(id);
         sha2DatabaseAuthProvider.setSaltSource(saltSource);
         providers.add(sha2DatabaseAuthProvider);
 
-        XnatDatabaseAuthenticationProvider sha2ObfuscatedDatabaseAuthProvider = new XnatDatabaseAuthenticationProvider(_preferences.getEmailVerification());
-        ObfuscatedPasswordEncoder encoder2 = new ObfuscatedPasswordEncoder(256);
-        sha2ObfuscatedDatabaseAuthProvider.setUserDetailsService(_detailsService);
-        sha2ObfuscatedDatabaseAuthProvider.setPasswordEncoder(encoder2);
-        sha2ObfuscatedDatabaseAuthProvider.setName(name);
-        sha2ObfuscatedDatabaseAuthProvider.setProviderId(id);
-        sha2ObfuscatedDatabaseAuthProvider.setSaltSource(saltSource);
-        providers.add(sha2ObfuscatedDatabaseAuthProvider);
-
         return providers;
     }
 
diff --git a/src/main/resources/META-INF/xnat/init_security_000.sql b/src/main/resources/META-INF/xnat/init_security_000.sql
index 9f0873f1..73f40c71 100644
--- a/src/main/resources/META-INF/xnat/init_security_000.sql
+++ b/src/main/resources/META-INF/xnat/init_security_000.sql
@@ -828,7 +828,7 @@ INSERT INTO xdat_field_mapping (comparison_type,xdat_field_mapping_set_xdat_fiel
 
 INSERT INTO xdat_user_meta_data (status,activation_date,modified,row_last_modified,insert_date,xft_version,shareable,meta_data_id) VALUES ('active','2013-09-25 18:31:55.466',0,'2013-09-25 18:31:52.129','2013-09-25 18:31:52.129','1',1,1)
 
-INSERT INTO xdat_user (primary_password_encrypt,xdat_user_id,users_user_xdat_security_xdat_security_id,verified,firstname,lastname,enabled,email,login,user_info,primary_password) VALUES (1,1,1,1,'Admin','Admin',1,'administrator@xnat.org','admin',1,'cfokl')
+INSERT INTO xdat_user (primary_password_encrypt,xdat_user_id,users_user_xdat_security_xdat_security_id,verified,firstname,lastname,enabled,email,login,user_info,primary_password) VALUES (1,1,1,1,'Admin','Admin',1,'administrator@xnat.org','admin',1,'admin')
 
 INSERT INTO xdat_role_type_meta_data (status,activation_date,modified,row_last_modified,insert_date,xft_version,shareable,meta_data_id) VALUES ('active','2013-09-25 18:31:55.483',0,'2013-09-25 18:31:52.129','2013-09-25 18:31:52.129','1',1,1)
 
-- 
GitLab