JarCasting
JarCasting JarCasting

Entando Core: Engine

Entando Engine: an agile, modern and user-centric open source Portal platform.

License

License
GroupId

GroupId

org.entando.entando
ArtifactId

ArtifactId

entando-engine
Last Version

Last Version

6.2.27
Release Date

Release Date
Type

Type

jar
Description

Description

Entando Core: Engine
Entando Engine: an agile, modern and user-centric open source Portal platform.
Project URL

Project URL

http://www.entando.com/
Project Organization

Project Organization

Entando Inc.

Download entando-engine

Filename Size
entando-engine-6.2.27.pom
entando-engine-6.2.27.jar 1 MB
entando-engine-6.2.27-tests.jar 560 KB
entando-engine-6.2.27-sources.jar 1 MB
entando-engine-6.2.27-javadoc.jar 7 MB
Browse

How to add to project

<!-- https://jarcasting.com/artifacts/org.entando.entando/entando-engine/ -->
<dependency>
    <groupId>org.entando.entando</groupId>
    <artifactId>entando-engine</artifactId>
    <version>6.2.27</version>
</dependency>
// https://jarcasting.com/artifacts/org.entando.entando/entando-engine/
implementation 'org.entando.entando:entando-engine:6.2.27'
// https://jarcasting.com/artifacts/org.entando.entando/entando-engine/
implementation ("org.entando.entando:entando-engine:6.2.27")
'org.entando.entando:entando-engine:jar:6.2.27'
<dependency org="org.entando.entando" name="entando-engine" rev="6.2.27">
  <artifact name="entando-engine" type="jar" />
</dependency>
@Grapes(
@Grab(group='org.entando.entando', module='entando-engine', version='6.2.27')
)
libraryDependencies += "org.entando.entando" % "entando-engine" % "6.2.27"
[org.entando.entando/entando-engine "6.2.27"]

Dependencies

compile (32)

Group / Artifact Type Version
org.apache.struts : struts2-core jar 2.5.17
org.apache.logging.log4j : log4j-core jar 2.13.3
org.glassfish.web : javax.el jar 2.2.4
org.hibernate : hibernate-validator jar 6.0.17.Final
org.apache.velocity : velocity jar 1.7
commons-digester : commons-digester jar 1.8
org.springframework.security : spring-security-web jar 5.1.8.RELEASE
org.springframework.security : spring-security-config jar 5.1.8.RELEASE
org.apache.cxf : cxf-rt-rs-extension-providers jar 3.3.6
org.apache.cxf : cxf-rt-frontend-jaxws jar 3.3.6
org.aspectj : aspectjrt jar 1.8.0
com.j256.ormlite : ormlite-core jar 4.40
com.j256.ormlite : ormlite-jdbc jar 4.40
org.aspectj : aspectjweaver jar 1.8.0
org.springframework.security.oauth : spring-security-oauth2 jar 2.3.6.RELEASE
commons-codec : commons-codec jar 1.12
org.jdom : jdom jar 1.1.3
com.sun.xml.bind : jaxb-impl jar 2.2.11
com.sun.xml.bind : jaxb-xjc jar 2.2.6
org.apache.lucene : lucene-core jar 7.2.0
org.apache.lucene : lucene-analyzers-common jar 7.2.0
de.mkammerer : argon2-jvm jar 2.2
io.springfox : springfox-swagger2 jar 2.8.0
io.springfox : springfox-swagger-ui jar 2.8.0
org.codehaus.jettison : jettison jar 1.3.7
com.fasterxml.jackson.dataformat : jackson-dataformat-xml jar 2.10.0
net.bytebuddy : byte-buddy jar 1.9.10
com.google.guava : guava jar 28.2-jre
org.springframework.data : spring-data-rest-webmvc jar 3.1.3.RELEASE
org.apache.commons : commons-dbcp2 jar 2.5.0
joda-time : joda-time jar 2.1
org.apache.taglibs : taglibs-standard-impl jar 1.2.5

provided (2)

Group / Artifact Type Version
javax.servlet : javax.servlet-api jar 3.1.0
javax.servlet.jsp : jsp-api jar 2.2

test (7)

Group / Artifact Type Version
com.jayway.jsonpath : json-path-assert jar 2.2.0
org.apache.derby : derbyclient jar 10.9.1.0
org.apache.derby : derby jar 10.9.1.0
junit : junit jar 4.12
org.mockito : mockito-core jar 2.28.2
org.assertj : assertj-core jar 3.11.1
org.springframework : spring-test jar 5.1.8.RELEASE

Project Modules

There are no modules declared in this project.

Build Status Quality Gate Status Coverage Vulnerabilities Code Smells Security Rating Technical Debt

entando-core-engine

Argon2 encryption algorithm. It provides a one-way encryption for passwords in the Entando Platform.

Configuration You can configure the execution of the algorithm by editing the properties file security.properties; you can find this file in src/main/config path of your project. The default values of the settings are:

algo.argon2.hash.length=32
algo.argon2.salt.length=16
algo.argon2.iterations=4
algo.argon2.memory=65536
algo.argon2.parallelism=4```

Correct values for ```algo.argon2.type``` are (case sensitive):
1. ARGON2d is faster and uses data-depending memory access;
2. ARGON2i default value, is slower but uses data-independent memory access;
3. ARGON2id is a hybrid of Argon2i and Argon2d, using a combination of data-depending and data-independent memory accesses;

Correct values for ```algo.argon2.hash.length``` are: 4..2^32-1 (longer hash means more complex and safe hash but slower execution)

Correct values for ```algo.argon2.salt.length``` are: 8..2^32-1 (longer salt means more complex and safe hash but slower execution)

Correct values for ```algo.argon2.iterations``` are: 1..2^32-1 (more iterations means more complex and safe hash but slower execution)

Correct values for ```algo.argon2.parallelism``` are: 8..2^32-1 (parallelism means the number of execution threads; more threads means more complex and safe hash but slower execution)

Correct values for ```algo.argon2.memory``` are: 8*parallelism..2^32-1 (greater memory means more complex and safe hash but slower execution)

*Important*
If you put the wrong values, default values will be used.
*You can configure the algorithm just one time, before the first launch of your project; changing the parameters afterwards will no longer allow the verification of passwords*.


In order to use the new encryption methods in an existing project, you have to execute this ```alter table``` on your Serv DB (example for PostgreSql):
```ALTER TABLE authusers
   ALTER COLUMN passwd TYPE character varying(512);```

Furthermore, if you want to change the parameters, you have to create the propertis file ```security.properties``` in ```src/main/config``` path of your project.



Entando Core is released under [GNU Lesser General Public License V 3.0] https://github.com/entando/entando-core/blob/master/LICENSE

Enjoy!

*The Entando Team*
org.entando.entando

Entando Inc

Open source micro frontend platform for Kubernetes.

Versions

Version
6.2.27
6.1.1
6.1.0
5.3.2
5.3.1
5.2.0
5.1.0
5.0.3
5.0.2
5.0.1
5.0.0
4.3.2
4.3.1
4.3.0
4.2.0-TP1
4.2.0