GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Spring Security
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
18492 Commits
61 Branches
369 Tags
120 MiB
 
 
 
 
Tree: c43afbf5e1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c43afbf5e1'
${ noResults }
spring-security/docs/modules/ROOT/pages/servlet/authentication/passwords/erasure.adoc

42 lines
2.0 KiB
Raw Blame History

== Password Erasure
After successful authentication, it is a security best practice to erase credentials from memory to prevent them from being exposed to potential memory dump attacks.
`ProviderManager` in Spring Security supports this practice through the `eraseCredentials` method, which should be invoked after the authentication process is complete.
=== Best Practices
* *Immediate Erasure*: Credentials should be erased immediately after they are no longer needed, which minimizes the window during which the credentials are exposed in memory.
* *Automatic Erasure*: Configure `ProviderManager` to automatically erase credentials post-authentication by setting `eraseCredentialsAfterAuthentication` to `true` (the default).
* *Custom Erasure Strategies*: Implement custom erasure strategies in custom `AuthenticationManager` implementations if the default erasure behavior does not meet specific security requirements.
=== Risk Assessment
Failure to properly erase credentials can lead to several risks:
* *Memory Access Attacks*: Attackers can access raw credentials from memory through exploits like buffer overflow attacks or memory dumps.
* *Insider Threats*: Malicious insiders with access to systems could potentially extract credentials from application memory.
* *Accidental Exposure*: In multi-tenant environments, lingering credentials in memory could accidentally be exposed to other tenants.
=== Implementation
[source,java]
----
public class CustomAuthenticationManager implements AuthenticationManager {
@Override
public Authentication authenticate(Authentication authenticationRequest)
throws AuthenticationException {
Authentication authenticationResult;
// TODO: Perform authentication checks...
// Erase credentials post-check
if (authenticationResult instanceof CredentialsContainer container) {
container.eraseCredentials();
}
}
}
----
By implementing these practices, organizations can significantly enhance the security of their authentication systems by ensuring that credentials are not left exposed in system memory.