diff options
| author | Aidan Skinner <aidan@apache.org> | 2008-12-09 17:03:30 +0000 |
|---|---|---|
| committer | Aidan Skinner <aidan@apache.org> | 2008-12-09 17:03:30 +0000 |
| commit | 5b0299abeef865d74ebf827bedd0a26f4d6d8ab1 (patch) | |
| tree | a4b043c612b5f377e4009aae6c31f0f90b76c981 /qpid/java/broker/src/main | |
| parent | 2a8dee1b13f1e974224a0c0313c5d7c9f30766a6 (diff) | |
| download | qpid-python-5b0299abeef865d74ebf827bedd0a26f4d6d8ab1.tar.gz | |
QPID-1503: Add more tests for Base64MD5PasswordFilePrincipalDatabase, fix buglets.
git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/trunk@724779 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java/broker/src/main')
| -rw-r--r-- | qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java index a2a0be926e..cca9deb6da 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java @@ -109,6 +109,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase /** * SASL Callback Mechanism - sets the Password in the PasswordCallback based on the value in the PasswordFile + * If you want to change the password for a user, use updatePassword instead. * * @param principal The Principal to set the password for * @param callback The PasswordCallback to call setPassword on @@ -152,17 +153,31 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase { char[] pwd = lookupPassword(principal); - int index = 0; - boolean verified = true; - - while (verified & index < password.length) + return compareCharArray(pwd, password); + } + + private boolean compareCharArray(char[] a, char[] b) + { + boolean equal = false; + if (a.length == b.length) { - verified = (pwd[index] == password[index]); - index++; + equal = true; + int index = 0; + while (equal && index < a.length) + { + equal = a[index] == b[index]; + index++; + } } - return verified; + return equal; } + /** + * Changes the password for the specified user + * + * @param principal to change the password for + * @param password plaintext password to set the password too + */ public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException { HashedUser user = _users.get(principal.getName()); |