首頁 探索 說明
註冊 登入
github
/
spring-security
镜像来自 https://github.com/spring-projects/spring-security
2
0
複刻 0
Files 問題管理 0 Wiki
目錄樹: b95e63ecc6
分支列表 標籤列表
spring-security
/
docs
/
modules
/
ROOT
/
pages
/
servlet
/
authentication
/
passwords
/
erasure.adoc

erasure.adoc 2.0 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142 
  1. == Password Erasure
    2. 

  2. 

  3. After successful authentication, it is a security best practice to erase credentials from memory to prevent them from being exposed to potential memory dump attacks.
    4. 

  4. `ProviderManager` in Spring Security supports this practice through the `eraseCredentials` method, which should be invoked after the authentication process is complete.
    5. 

  5. 

  6. === Best Practices
    7. 

  7. 

  8. * *Immediate Erasure*: Credentials should be erased immediately after they are no longer needed, which minimizes the window during which the credentials are exposed in memory.
    9. 

  9. * *Automatic Erasure*: Configure `ProviderManager` to automatically erase credentials post-authentication by setting `eraseCredentialsAfterAuthentication` to `true` (the default).
    10. 

  10. * *Custom Erasure Strategies*: Implement custom erasure strategies in custom `AuthenticationManager` implementations if the default erasure behavior does not meet specific security requirements.
    11. 

  11. 

  12. === Risk Assessment
    13. 

  13. 

  14. Failure to properly erase credentials can lead to several risks:
    15. 

  15. 

  16. * *Memory Access Attacks*: Attackers can access raw credentials from memory through exploits like buffer overflow attacks or memory dumps.
    17. 

  17. * *Insider Threats*: Malicious insiders with access to systems could potentially extract credentials from application memory.
    18. 

  18. * *Accidental Exposure*: In multi-tenant environments, lingering credentials in memory could accidentally be exposed to other tenants.
    19. 

  19. 

  20. === Implementation
    21. 

  21. 

  22. [source,java]
    23. 

  23. ----
    24. 

  24. public class CustomAuthenticationManager implements AuthenticationManager {
    25. 

  25. 

  26. 	@Override
    27. 

  27. 	public Authentication authenticate(Authentication authenticationRequest)
    28. 

  28. 			throws AuthenticationException {
    29. 

  29. 

  30. 		Authentication authenticationResult;
    31. 

  31. 		// TODO: Perform authentication checks...
    32. 

  32. 

  33. 		// Erase credentials post-check
    34. 

  34. 		if (authenticationResult instanceof CredentialsContainer container) {
    35. 

  35. 			container.eraseCredentials();
    36. 

  36. 		}
    37. 

  37. 	}
    38. 

  38. 

  39. }
    40. 

  40. ----
    41. 

  41. 

  42. By implementing these practices, organizations can significantly enhance the security of their authentication systems by ensuring that credentials are not left exposed in system memory.
    43.