From e7f85c4f7d288a103a5ea2873797f1ae50faefe7 Mon Sep 17 00:00:00 2001
From: Martin Ritchie <ritchiem@apache.org>
Date: Fri, 27 Apr 2007 12:27:19 +0000
Subject: QPID-473 Base64MD5PrincipalDatabase doesn't check password changes
 were applied to disk before storing in memory Reversed the effects of the
 requested change if the changes cannot be persisted to disk

git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/branches/M2@533075 13f79535-47bb-0310-9956-ffa450edef68
---
 .../Base64MD5PasswordFilePrincipalDatabase.java    | 22 +++++-----------------
 1 file changed, 5 insertions(+), 17 deletions(-)

(limited to 'java')

diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
index 8ade3cdd98..10adfdd9fc 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
@@ -182,6 +182,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
             try
             {
                 _userUpdate.lock();
+                char[] orig = user.getPassword();
                 user.setPassword(password);
 
                 try
@@ -192,6 +193,8 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
                 {
                     _logger.error("Unable to save password file, password change for user'"
                                   + principal + "' will revert at restart");
+                    //revert the password change
+                    user.setPassword(orig);
                     return false;
                 }
                 return true;
@@ -210,22 +213,6 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
         }
     }
 
-    private char[] convertPassword(String password) throws UnsupportedEncodingException
-    {
-        byte[] passwdBytes = password.getBytes(DEFAULT_ENCODING);
-
-        char[] passwd = new char[passwdBytes.length];
-
-        int index = 0;
-
-        for (byte b : passwdBytes)
-        {
-            passwd[index++] = (char) b;
-        }
-
-        return passwd;
-    }
-
     public boolean createPrincipal(Principal principal, char[] password)
     {
         if (_users.get(principal.getName()) != null)
@@ -247,9 +234,10 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
             }
             catch (IOException e)
             {
+                //remove the use on failure.
+                _users.remove(user.getName());
                 return false;
             }
-
         }
         finally
         {
-- 
cgit v1.2.1