From 6b162ff0ed6ef09e7cde37dc89e4071bba82d4aa Mon Sep 17 00:00:00 2001
From: Alex Rudyy <orudyy@apache.org>
Date: Fri, 22 Mar 2013 13:14:22 +0000
Subject: QPID-4596: create/delete password file for the password file
 authentication provider being created/removed

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1459757 13f79535-47bb-0310-9956-ffa450edef68
---
 .../adapter/AuthenticationProviderAdapter.java     |  5 +-
 .../adapter/AuthenticationProviderFactory.java     |  2 +
 .../AbstractPasswordFilePrincipalDatabase.java     | 16 +++----
 .../security/auth/database/PrincipalDatabase.java  |  4 +-
 ...bstractPrincipalDatabaseAuthManagerFactory.java | 12 +----
 .../manager/AnonymousAuthenticationManager.java    | 12 +++++
 .../auth/manager/AuthenticationManager.java        | 10 ++++
 .../manager/ExternalAuthenticationManager.java     | 12 +++++
 .../manager/KerberosAuthenticationManager.java     | 12 +++++
 .../PrincipalDatabaseAuthenticationManager.java    | 40 +++++++++++++++-
 .../manager/SimpleLDAPAuthenticationManager.java   | 12 +++++
 .../auth/sasl/crammd5/CRAMMD5HexInitialiser.java   |  4 +-
 ...Base64MD5PasswordFilePrincipalDatabaseTest.java |  8 ++--
 .../PlainPasswordFilePrincipalDatabaseTest.java    |  6 +--
 .../auth/database/PropertiesPrincipalDatabase.java |  4 +-
 ...PrincipalDatabaseAuthenticationManagerTest.java | 53 ++++++++++++++++++++--
 .../security/auth/sasl/CRAMMD5HexServerTest.java   |  2 +-
 .../security/auth/sasl/TestPrincipalDatabase.java  |  4 +-
 18 files changed, 179 insertions(+), 39 deletions(-)

(limited to 'java')

diff --git a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java
index a7204d991c..0c17637e2f 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java
@@ -36,7 +36,6 @@ import javax.security.auth.login.AccountNotFoundException;
 import org.apache.log4j.Logger;
 import org.apache.qpid.server.model.AuthenticationProvider;
 import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.model.ConfigurationChangeListener;
 import org.apache.qpid.server.model.ConfiguredObject;
 import org.apache.qpid.server.model.IllegalStateTransitionException;
 import org.apache.qpid.server.model.IntegrityViolationException;
@@ -69,7 +68,7 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana
     protected final Broker _broker;
 
     protected Collection<String> _supportedAttributes;
-    Map<String, AuthenticationManagerFactory> _factories;
+    protected Map<String, AuthenticationManagerFactory> _factories;
 
     private AuthenticationProviderAdapter(UUID id, Broker broker, final T authManager, Map<String, Object> attributes, Collection<String> attributeNames)
     {
@@ -233,6 +232,8 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana
                     throw new IntegrityViolationException("Authentication provider '" + providerName + "' is set on port " + port.getName());
                 }
             }
+            _authManager.close();
+            _authManager.onDelete();
             return true;
         }
         else if(desiredState == State.ACTIVE)
diff --git a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderFactory.java b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderFactory.java
index fb4b41861d..353e9f83bf 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderFactory.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderFactory.java
@@ -85,11 +85,13 @@ public class AuthenticationProviderFactory
                         }
                     }
 
+                    manager.onCreate();
                     authenticationProvider = new PrincipalDatabaseAuthenticationManagerAdapter(id, broker,
                             (PrincipalDatabaseAuthenticationManager) manager, attributes, factory.getAttributeNames());
                 }
                 else
                 {
+                    manager.onCreate();
                     authenticationProvider = new SimpleAuthenticationProviderAdapter(id, broker, manager, attributes, factory.getAttributeNames());
                 }
                 return authenticationProvider;
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/AbstractPasswordFilePrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/AbstractPasswordFilePrincipalDatabase.java
index 578bb96efa..81f26a3e2f 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/AbstractPasswordFilePrincipalDatabase.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/AbstractPasswordFilePrincipalDatabase.java
@@ -65,19 +65,17 @@ public abstract class AbstractPasswordFilePrincipalDatabase<U extends PasswordPr
         }
     }
 
-    public final void setPasswordFile(String passwordFile) throws IOException
+    public final void open(File passwordFile) throws IOException
     {
-        File f = new File(passwordFile);
-        getLogger().info("PasswordFile using file " + f.getAbsolutePath());
-        _passwordFile = f;
-        if (!f.exists())
+        getLogger().info("PasswordFile using file " + passwordFile.getAbsolutePath());
+        _passwordFile = passwordFile;
+        if (!passwordFile.exists())
         {
-            throw new FileNotFoundException("Cannot find password file " + f);
+            throw new FileNotFoundException("Cannot find password file " + passwordFile);
         }
-        if (!f.canRead())
+        if (!passwordFile.canRead())
         {
-            throw new FileNotFoundException("Cannot read password file " + f +
-                                            ". Check permissions.");
+            throw new FileNotFoundException("Cannot read password file " + passwordFile + ". Check permissions.");
         }
 
         loadPasswordFile();
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java
index 605d2d019d..df770e84f8 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java
@@ -24,6 +24,8 @@ import org.apache.qpid.server.security.auth.sasl.AuthenticationProviderInitialis
 
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.login.AccountNotFoundException;
+
+import java.io.File;
 import java.io.IOException;
 import java.security.Principal;
 import java.util.List;
@@ -32,7 +34,7 @@ import java.util.Map;
 /** Represents a "user database" which is really a way of storing principals (i.e. usernames) and passwords. */
 public interface PrincipalDatabase
 {
-    void setPasswordFile(String passwordFile) throws IOException;
+    void open(File passwordFile) throws IOException;
 
     /**
      * Set the password for a given principal in the specified callback. This is used for certain SASL providers. The
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractPrincipalDatabaseAuthManagerFactory.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractPrincipalDatabaseAuthManagerFactory.java
index 2cf8c4619a..5d427c4afb 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractPrincipalDatabaseAuthManagerFactory.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractPrincipalDatabaseAuthManagerFactory.java
@@ -19,7 +19,6 @@
  */
 package org.apache.qpid.server.security.auth.manager;
 
-import java.io.IOException;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
@@ -62,16 +61,7 @@ public abstract class AbstractPrincipalDatabaseAuthManagerFactory implements Aut
         }
 
         PrincipalDatabase principalDatabase = createPrincipalDatabase();
-        try
-        {
-            principalDatabase.setPasswordFile(passwordFile);
-        }
-        catch (IOException e)
-        {
-            throw new RuntimeException(e.getMessage(), e);
-        }
-
-        return new PrincipalDatabaseAuthenticationManager(principalDatabase);
+        return new PrincipalDatabaseAuthenticationManager(principalDatabase, passwordFile);
     }
 
     abstract PrincipalDatabase createPrincipalDatabase();
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AnonymousAuthenticationManager.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AnonymousAuthenticationManager.java
index dd4c2e717a..ae3bc5131f 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AnonymousAuthenticationManager.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AnonymousAuthenticationManager.java
@@ -113,4 +113,16 @@ public class AnonymousAuthenticationManager implements AuthenticationManager
     public void close()
     {
     }
+
+    @Override
+    public void onCreate()
+    {
+        // nothing to do, no external resource is required
+    }
+
+    @Override
+    public void onDelete()
+    {
+        // nothing to do, no external resource is used
+    }
 }
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java
index c1a694f148..1576a73a82 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java
@@ -88,4 +88,14 @@ public interface AuthenticationManager extends Closeable
      * @return authentication result
      */
     AuthenticationResult authenticate(String username, String password);
+
+    /**
+     * Called after manager creation to create the required resources, for example, user databases etc.
+     */
+    void onCreate();
+
+    /**
+     * Called before manager deletion to release and clean the resources created in {@link #onCreate()}.
+     */
+    void onDelete();
 }
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManager.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManager.java
index 9ed8cf7fed..43e0a9f64f 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManager.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManager.java
@@ -96,4 +96,16 @@ public class ExternalAuthenticationManager implements AuthenticationManager
     public void close()
     {
     }
+
+    @Override
+    public void onCreate()
+    {
+        // nothing to do, no external resource is required
+    }
+
+    @Override
+    public void onDelete()
+    {
+        // nothing to do, no external resource is used
+    }
 }
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManager.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManager.java
index 3c1b709648..6bbf3ca6f5 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManager.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManager.java
@@ -109,6 +109,18 @@ public class KerberosAuthenticationManager implements AuthenticationManager
     {
     }
 
+    @Override
+    public void onCreate()
+    {
+        // nothing to do, no external resource is required
+    }
+
+    @Override
+    public void onDelete()
+    {
+        // nothing to do, no external resource is used
+    }
+
     private static class GssApiCallbackHandler implements CallbackHandler
     {
 
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManager.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManager.java
index f4c834810d..9647499783 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManager.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManager.java
@@ -20,9 +20,12 @@
  */
 package org.apache.qpid.server.security.auth.manager;
 
+import java.io.File;
+import java.io.IOException;
 import java.security.Principal;
 import org.apache.log4j.Logger;
 
+import org.apache.qpid.server.configuration.IllegalConfigurationException;
 import org.apache.qpid.server.security.auth.AuthenticationResult;
 import org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus;
 import org.apache.qpid.server.security.auth.database.PrincipalDatabase;
@@ -66,10 +69,12 @@ public class PrincipalDatabaseAuthenticationManager implements AuthenticationMan
     private final Map<String, Map<String, ?>> _serverCreationProperties = new HashMap<String, Map<String, ?>>();
 
     private final PrincipalDatabase _principalDatabase;
+    private final String _passwordFile;
 
-    public PrincipalDatabaseAuthenticationManager(PrincipalDatabase pd)
+    public PrincipalDatabaseAuthenticationManager(PrincipalDatabase pd, String passwordFile)
     {
         _principalDatabase = pd;
+        _passwordFile = passwordFile;
     }
 
     public void initialise()
@@ -204,4 +209,37 @@ public class PrincipalDatabaseAuthenticationManager implements AuthenticationMan
     {
         return _principalDatabase;
     }
+
+    @Override
+    public void onCreate()
+    {
+        try
+        {
+            File passwordFile = new File(_passwordFile);
+            if (!passwordFile.exists())
+            {
+                passwordFile.createNewFile();
+            }
+            else if (!passwordFile.canRead())
+            {
+                throw new IllegalConfigurationException("Cannot read password file" + _passwordFile + ". Check permissions.");
+            }
+
+            _principalDatabase.open(passwordFile);
+        }
+        catch (IOException e)
+        {
+            throw new IllegalConfigurationException("Cannot use password database at :" + _passwordFile, e);
+        }
+    }
+
+    @Override
+    public void onDelete()
+    {
+        File file = new File(_passwordFile);
+        if (file.exists() && file.isFile())
+        {
+            file.delete();
+        }
+    }
 }
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManager.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManager.java
index 7891ef8cf5..ee00e9850d 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManager.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManager.java
@@ -306,4 +306,16 @@ public class SimpleLDAPAuthenticationManager implements AuthenticationManager
         }
 
     }
+
+    @Override
+    public void onCreate()
+    {
+        // nothing to do, no external resource is required
+    }
+
+    @Override
+    public void onDelete()
+    {
+        // nothing to do, no external resource is used
+    }
 }
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/crammd5/CRAMMD5HexInitialiser.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/crammd5/CRAMMD5HexInitialiser.java
index 4e12ac0750..8467dad60a 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/crammd5/CRAMMD5HexInitialiser.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/crammd5/CRAMMD5HexInitialiser.java
@@ -27,6 +27,8 @@ import org.apache.qpid.server.security.auth.sasl.UsernamePasswordInitialiser;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.login.AccountNotFoundException;
 import javax.security.sasl.SaslServerFactory;
+
+import java.io.File;
 import java.io.IOException;
 import java.security.Principal;
 import java.util.List;
@@ -141,7 +143,7 @@ public class CRAMMD5HexInitialiser extends UsernamePasswordInitialiser
         }
 
         @Override
-        public void setPasswordFile(String passwordFile) throws IOException
+        public void open(File passwordFile) throws IOException
         {
             throw new UnsupportedOperationException();
         }
diff --git a/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java b/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
index 7b244e219e..4102a1fc68 100644
--- a/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
+++ b/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
@@ -84,7 +84,7 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase
         _database = new Base64MD5PasswordFilePrincipalDatabase();
         _pwdFile = File.createTempFile(this.getClass().getName(), "pwd");
         _pwdFile.deleteOnExit();
-        _database.setPasswordFile(_pwdFile.getAbsolutePath());
+        _database.open(_pwdFile);
         _testPwdFiles.clear();
     }
     
@@ -153,7 +153,7 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase
     {
         try
         {
-            _database.setPasswordFile(file.toString());
+            _database.open(file);
         }
         catch (IOException e)
         {
@@ -392,7 +392,7 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase
     {
         try
         {
-            _database.setPasswordFile("DoesntExist");
+            _database.open(new File("DoesntExist"));
         }
         catch (FileNotFoundException fnfe)
         {
@@ -414,7 +414,7 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase
 
         try
         {
-            _database.setPasswordFile(testFile.toString());
+            _database.open(testFile);
         }
         catch (FileNotFoundException fnfe)
         {
diff --git a/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabaseTest.java b/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabaseTest.java
index 8e62324f7d..eecbcdf38d 100644
--- a/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabaseTest.java
+++ b/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabaseTest.java
@@ -284,7 +284,7 @@ public class PlainPasswordFilePrincipalDatabaseTest extends TestCase
     {
         try
         {
-            _database.setPasswordFile("DoesntExist");
+            _database.open(new File("DoesntExist"));
         }
         catch (FileNotFoundException fnfe)
         {
@@ -306,7 +306,7 @@ public class PlainPasswordFilePrincipalDatabaseTest extends TestCase
 
         try
         {
-            _database.setPasswordFile(testFile.toString());
+            _database.open(testFile);
         }
         catch (FileNotFoundException fnfe)
         {
@@ -403,7 +403,7 @@ public class PlainPasswordFilePrincipalDatabaseTest extends TestCase
     {
         try
         {
-            _database.setPasswordFile(file.toString());
+            _database.open(file);
         }
         catch (IOException e)
         {
diff --git a/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java b/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java
index f670d80ae8..c41b9bf081 100644
--- a/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java
+++ b/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java
@@ -27,6 +27,8 @@ import org.apache.qpid.server.security.auth.sasl.plain.PlainInitialiser;
 
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.login.AccountNotFoundException;
+
+import java.io.File;
 import java.io.IOException;
 import java.security.Principal;
 import java.util.HashMap;
@@ -151,7 +153,7 @@ public class PropertiesPrincipalDatabase implements PrincipalDatabase
     }
 
     @Override
-    public void setPasswordFile(String passwordFile)
+    public void open(File passwordFile)
     {
         throw new UnsupportedOperationException();
     }
diff --git a/java/broker/src/test/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManagerTest.java b/java/broker/src/test/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManagerTest.java
index 1ae667804a..8025907e41 100644
--- a/java/broker/src/test/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManagerTest.java
+++ b/java/broker/src/test/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManagerTest.java
@@ -24,6 +24,7 @@ import static org.apache.qpid.server.security.auth.AuthenticatedPrincipalTestHel
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
+import java.io.File;
 import java.security.Provider;
 import java.security.Security;
 import java.util.Collections;
@@ -54,13 +55,29 @@ public class PrincipalDatabaseAuthenticationManagerTest extends QpidTestCase
 
     private AuthenticationManager _manager = null; // Class under test
     private PrincipalDatabase _principalDatabase;
+    private String _passwordFileLocation;
+
+    @Override
+    public void setUp() throws Exception
+    {
+        super.setUp();
+        _passwordFileLocation = TMP_FOLDER + File.separator + PrincipalDatabaseAuthenticationManagerTest.class.getSimpleName() + "-" + getName();
+        deletePasswordFileIfExists();
+    }
 
     @Override
     public void tearDown() throws Exception
     {
-        if (_manager != null)
+        try
+        {
+            if (_manager != null)
+            {
+                _manager.close();
+            }
+        }
+        finally
         {
-            _manager.close();
+            deletePasswordFileIfExists();
         }
         super.tearDown();
     }
@@ -74,7 +91,7 @@ public class PrincipalDatabaseAuthenticationManagerTest extends QpidTestCase
 
         when(_principalDatabase.getMechanisms()).thenReturn(_initialisers);
 
-        _manager = new PrincipalDatabaseAuthenticationManager(_principalDatabase);
+        _manager = new PrincipalDatabaseAuthenticationManager(_principalDatabase, _passwordFileLocation);
         _manager.initialise();
     }
 
@@ -104,7 +121,7 @@ public class PrincipalDatabaseAuthenticationManagerTest extends QpidTestCase
 
         usernamePasswordInitialiser.initialise(_principalDatabase);
 
-        _manager = new PrincipalDatabaseAuthenticationManager(_principalDatabase);
+        _manager = new PrincipalDatabaseAuthenticationManager(_principalDatabase, null);
         _manager.initialise();
     }
 
@@ -232,6 +249,34 @@ public class PrincipalDatabaseAuthenticationManagerTest extends QpidTestCase
         _manager = null;
     }
 
+    public void testOnCreate() throws Exception
+    {
+        setupMocks();
+
+        _manager.onCreate();
+        assertTrue("Password file was not created", new File(_passwordFileLocation).exists());
+    }
+
+    public void testOnDelete() throws Exception
+    {
+        setupMocks();
+
+        _manager.onCreate();
+        assertTrue("Password file was not created", new File(_passwordFileLocation).exists());
+
+        _manager.onDelete();
+        assertFalse("Password file was not deleted", new File(_passwordFileLocation).exists());
+    }
+
+    private void deletePasswordFileIfExists()
+    {
+        File passwordFile = new File(_passwordFileLocation);
+        if (passwordFile.exists())
+        {
+            passwordFile.delete();
+        }
+    }
+
     /**
      * Test SASL implementation used to test the authenticate() method.
      */
diff --git a/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/CRAMMD5HexServerTest.java b/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/CRAMMD5HexServerTest.java
index 51c2a0a5b8..629e1b4cf5 100644
--- a/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/CRAMMD5HexServerTest.java
+++ b/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/CRAMMD5HexServerTest.java
@@ -186,7 +186,7 @@ public class CRAMMD5HexServerTest extends TestCase
         Base64MD5PasswordFilePrincipalDatabase db = new Base64MD5PasswordFilePrincipalDatabase();
         File file = File.createTempFile("passwd", "db");
         file.deleteOnExit();
-        db.setPasswordFile(file.getCanonicalPath());
+        db.open(file);
         db.createPrincipal( createTestPrincipal("knownuser"), "guest".toCharArray());
         db.createPrincipal( createTestPrincipal("qpid3158user"), "guest2".toCharArray());
         return db;
diff --git a/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/TestPrincipalDatabase.java b/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/TestPrincipalDatabase.java
index f94d8ddfc3..5e66bc9336 100644
--- a/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/TestPrincipalDatabase.java
+++ b/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/TestPrincipalDatabase.java
@@ -25,6 +25,8 @@ import org.apache.qpid.server.security.auth.database.PrincipalDatabase;
 
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.login.AccountNotFoundException;
+
+import java.io.File;
 import java.io.IOException;
 import java.security.Principal;
 import java.util.List;
@@ -87,7 +89,7 @@ public class TestPrincipalDatabase implements PrincipalDatabase
     }
 
     @Override
-    public void setPasswordFile(String passwordFile) throws IOException
+    public void open(File passwordFile) throws IOException
     {
         // TODO Auto-generated method stub
     }
-- 
cgit v1.2.1