Почетна Преглед Помоћ
Регистрација Пријавите се
github
/
spring-security
огледало од https://github.com/spring-projects/spring-security
2
0
Креирај огранак 0
Датотеке Дискусије 0 Вики
Дрво: e5529fffea
Гране Ознаке
spring-security
/
docs
/
modules
/
ROOT
/
pages
/
servlet
/
authentication
/
passwords
/
erasure.adoc

erasure.adoc 2.4 KB
Историја Датотека

1234567891011121314151617181920212223242526272829303132333435363738394041 
  1. == Password Erasure
    2. 

  2. 

  3. After successful authentication, it's a security best practice to erase credentials from memory to prevent them from being exposed to potential memory dump attacks. `ProviderManager` and most `AuthenticationProvider` implementations in Spring Security support this practice through the `eraseCredentials` method, which should be invoked after the authentication process completes.
    4. 

  4. 

  5. === Best Practices
    6. 

  6. 

  7. . *Immediate Erasure*: Credentials should be erased immediately after they are no longer needed. This minimizes the window during which the credentials are exposed in memory.
    8. 

  8. . *Automatic Erasure*: Configure `ProviderManager` to automatically erase credentials post-authentication by setting `eraseCredentialsAfterAuthentication` to `true`.
    9. 

  9. . *Custom Erasure Strategies*: Implement custom erasure strategies in custom `AuthenticationProvider` implementations if the default erasure behavior does not meet specific security requirements.
    10. 

  10. 

  11. === Risk Assessment
    12. 

  12. 

  13. Failure to properly erase credentials can lead to several risks:
    14. 

  14. 

  15. . *Memory Access Attacks*: Attackers can access raw credentials from memory through exploits like buffer overflow attacks or memory dumps.
    16. 

  16. . *Insider Threats*: Malicious insiders with access to systems could potentially extract credentials from application memory.
    17. 

  17. . *Accidental Exposure*: In multi-tenant environments, lingering credentials in memory could accidentally be exposed to other tenants.
    18. 

  18. 

  19. === Implementation
    20. 

  20. 

  21. [source,java]
    22. 

  22. ----
    23. 

  23. public class CustomAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
    24. 

  24.     @Override
    25. 

  25.     protected void additionalAuthenticationChecks(UserDetails userDetails,
    26. 

  26.                                                   UsernamePasswordAuthenticationToken authentication)
    27. 

  27.             throws AuthenticationException {
    28. 

  28.         // Perform authentication checks
    29. 

  29.         if (!passwordEncoder.matches(authentication.getCredentials().toString(), userDetails.getPassword())) {
    30. 

  30.             throw new BadCredentialsException(messages.getMessage(
    31. 

  31.                 "AbstractUserDetailsAuthenticationProvider.badCredentials",
    32. 

  32.                 "Bad credentials"));
    33. 

  33.         }
    34. 

  34. 

  35.         // Erase credentials post-check
    36. 

  36.         authentication.eraseCredentials();
    37. 

  37.     }
    38. 

  38. }
    39. 

  39. ----
    40. 

  40. 

  41. By implementing these practices, organizations can significantly enhance the security of their authentication systems by ensuring that credentials are not left exposed in system memory.
    42.