From 2a8dee1b13f1e974224a0c0313c5d7c9f30766a6 Mon Sep 17 00:00:00 2001 From: Martin Ritchie Date: Tue, 9 Dec 2008 15:17:44 +0000 Subject: QPID-1503 : Updates based on code review git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/trunk@724743 13f79535-47bb-0310-9956-ffa450edef68 --- .../Base64MD5PasswordFilePrincipalDatabase.java | 20 ++-- .../server/security/auth/database/HashedUser.java | 114 ++++++++++++++++++ .../qpid/server/security/auth/database/User.java | 121 ------------------- ...Base64MD5PasswordFilePrincipalDatabaseTest.java | 27 +---- .../security/auth/database/HashedUserTest.java | 95 +++++++++++++++ .../server/security/auth/database/UserTest.java | 131 --------------------- 6 files changed, 220 insertions(+), 288 deletions(-) create mode 100644 qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java delete mode 100644 qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/User.java create mode 100644 qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/HashedUserTest.java delete mode 100644 qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/UserTest.java (limited to 'qpid/java') diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java index 86a0b7d961..a2a0be926e 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java @@ -61,7 +61,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase AMQUserManagementMBean _mbean; public static final String DEFAULT_ENCODING = "utf-8"; - private Map _users = new HashMap(); + private Map _users = new HashMap(); private ReentrantLock _userUpdate = new ReentrantLock(); public Base64MD5PasswordFilePrincipalDatabase() @@ -165,7 +165,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException { - User user = _users.get(principal.getName()); + HashedUser user = _users.get(principal.getName()); if (user == null) { @@ -215,7 +215,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase return false; } - User user = new User(principal.getName(), password); + HashedUser user = new HashedUser(principal.getName(), password); try { @@ -245,7 +245,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase public boolean deletePrincipal(Principal principal) throws AccountNotFoundException { - User user = _users.get(principal.getName()); + HashedUser user = _users.get(principal.getName()); if (user == null) { @@ -309,7 +309,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase */ private char[] lookupPassword(String name) { - User user = _users.get(name); + HashedUser user = _users.get(name); if (user == null) { return null; @@ -341,7 +341,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase continue; } - User user = new User(result); + HashedUser user = new HashedUser(result); _logger.info("Created user:" + user); _users.put(user.getName(), user); } @@ -393,7 +393,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase continue; } - User user = _users.get(result[0]); + HashedUser user = _users.get(result[0]); if (user == null) { @@ -411,7 +411,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase { try { - byte[] encodedPassword = user.getEncodePassword(); + byte[] encodedPassword = user.getEncodedPassword(); writer.write((user.getName() + ":").getBytes(DEFAULT_ENCODING)); writer.write(encodedPassword); @@ -429,14 +429,14 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase } } - for (User user : _users.values()) + for (HashedUser user : _users.values()) { if (user.isModified()) { byte[] encodedPassword; try { - encodedPassword = user.getEncodePassword(); + encodedPassword = user.getEncodedPassword(); writer.write((user.getName() + ":").getBytes(DEFAULT_ENCODING)); writer.write(encodedPassword); writer.println(); diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java new file mode 100644 index 0000000000..723a1c0cc6 --- /dev/null +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java @@ -0,0 +1,114 @@ +package org.apache.qpid.server.security.auth.database; + +import org.apache.commons.codec.EncoderException; +import org.apache.commons.codec.binary.Base64; +import org.apache.log4j.Logger; + +import java.io.UnsupportedEncodingException; +import java.security.NoSuchAlgorithmException; +import java.security.Principal; + +public class HashedUser implements Principal +{ + private static final Logger _logger = Logger.getLogger(HashedUser.class); + + String _name; + char[] _password; + byte[] _encodedPassword = null; + private boolean _modified = false; + private boolean _deleted = false; + + HashedUser(String[] data) throws UnsupportedEncodingException + { + if (data.length != 2) + { + throw new IllegalArgumentException("User Data should be length 2, username, password"); + } + + _name = data[0]; + + byte[] encoded_password = data[1].getBytes(Base64MD5PasswordFilePrincipalDatabase.DEFAULT_ENCODING); + + Base64 b64 = new Base64(); + byte[] decoded = b64.decode(encoded_password); + + _encodedPassword = encoded_password; + + _password = new char[decoded.length]; + + int index = 0; + for (byte c : decoded) + { + _password[index++] = (char) c; + } + } + + public HashedUser(String name, char[] password) + { + _name = name; + setPassword(password); + } + + public String getName() + { + return _name; + } + + public String toString() + { + return _name; + } + + char[] getPassword() + { + return _password; + } + + void setPassword(char[] password) + { + _password = password; + _modified = true; + _encodedPassword = null; + } + + byte[] getEncodedPassword() throws EncoderException, UnsupportedEncodingException, NoSuchAlgorithmException + { + if (_encodedPassword == null) + { + encodePassword(); + } + return _encodedPassword; + } + + private void encodePassword() throws EncoderException, UnsupportedEncodingException, NoSuchAlgorithmException + { + byte[] byteArray = new byte[_password.length]; + int index = 0; + for (char c : _password) + { + byteArray[index++] = (byte) c; + } + _encodedPassword = (new Base64()).encode(byteArray); + } + + public boolean isModified() + { + return _modified; + } + + public boolean isDeleted() + { + return _deleted; + } + + public void delete() + { + _deleted = true; + } + + public void saved() + { + _modified = false; + } + +} \ No newline at end of file diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/User.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/User.java deleted file mode 100644 index 9ff9cd25cb..0000000000 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/User.java +++ /dev/null @@ -1,121 +0,0 @@ -package org.apache.qpid.server.security.auth.database; - -import org.apache.commons.codec.EncoderException; -import org.apache.commons.codec.binary.Base64; -import org.apache.log4j.Logger; - -import java.io.UnsupportedEncodingException; -import java.security.NoSuchAlgorithmException; -import java.security.Principal; - -public class User implements Principal -{ - private static final Logger _logger = Logger.getLogger(User.class); - - String _name; - char[] _password; - byte[] _encodedPassword = null; - private boolean _modified = false; - private boolean _deleted = false; - - User(String[] data) throws UnsupportedEncodingException - { - if (data.length != 2) - { - throw new IllegalArgumentException("User Data should be length 2, username, password"); - } - - _name = data[0]; - - byte[] encoded_password = data[1].getBytes(Base64MD5PasswordFilePrincipalDatabase.DEFAULT_ENCODING); - - Base64 b64 = new Base64(); - byte[] decoded = b64.decode(encoded_password); - - _encodedPassword = encoded_password; - - _password = new char[decoded.length]; - - int index = 0; - for (byte c : decoded) - { - _password[index++] = (char) c; - } - } - - public User(String name, char[] password) - { - _name = name; - setPassword(password); - } - - public String getName() - { - return _name; - } - - public String toString() - { - if (_logger.isDebugEnabled()) - { - return getName() + ((_encodedPassword == null) ? "" : ":" + new String(_encodedPassword)); - } - else - { - return _name; - } - } - - char[] getPassword() - { - return _password; - } - - void setPassword(char[] password) - { - _password = password; - _modified = true; - _encodedPassword = null; - } - - byte[] getEncodePassword() throws EncoderException, UnsupportedEncodingException, NoSuchAlgorithmException - { - if (_encodedPassword == null) - { - encodePassword(); - } - return _encodedPassword; - } - - private void encodePassword() throws EncoderException, UnsupportedEncodingException, NoSuchAlgorithmException - { - byte[] byteArray = new byte[_password.length]; - int index = 0; - for (char c : _password) - { - byteArray[index++] = (byte) c; - } - _encodedPassword = (new Base64()).encode(byteArray); - } - - public boolean isModified() - { - return _modified; - } - - public boolean isDeleted() - { - return _deleted; - } - - public void delete() - { - _deleted = true; - } - - public void saved() - { - _modified = false; - } - -} \ No newline at end of file diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java index 5a74160b95..ededb1cb26 100644 --- a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java +++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java @@ -38,44 +38,19 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase { Base64MD5PasswordFilePrincipalDatabase _database; - private String QPID_HOME; private static final String TEST_COMMENT = "# Test Comment"; private String USERNAME = "testUser"; - private static final String TEST_FILE_NAME = "B64Test.tmp"; public void setUp() { _database = new Base64MD5PasswordFilePrincipalDatabase(); - - QPID_HOME = System.getProperty("QPID_HOME"); - - assertNotNull("QPID_HOME not set", QPID_HOME); - } - - public void tearDown() - { - File testFile = new File(QPID_HOME + File.separator + TEST_FILE_NAME); - if (testFile.exists()) - { - testFile.delete(); - } - - testFile = new File(QPID_HOME + File.separator + TEST_FILE_NAME + ".old"); - if (testFile.exists()) - { - testFile.delete(); - } } private File createPasswordFile(int commentLines, int users) { try { - File testFile = new File(QPID_HOME + File.separator + TEST_FILE_NAME); - if (testFile.exists()) - { - testFile.delete(); - } + File testFile = File.createTempFile("Base64MD5PDPDTest","tmp"); testFile.deleteOnExit(); BufferedWriter writer = new BufferedWriter(new FileWriter(testFile)); diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/HashedUserTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/HashedUserTest.java new file mode 100644 index 0000000000..a7d951cb5b --- /dev/null +++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/HashedUserTest.java @@ -0,0 +1,95 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.qpid.server.security.auth.database; + +import junit.framework.TestCase; +import org.apache.log4j.Level; +import org.apache.log4j.Logger; + +import java.io.UnsupportedEncodingException; + +/* + Note User is mainly tested by Base64MD5PFPDTest this is just to catch the extra methods + */ +public class HashedUserTest extends TestCase +{ + + String USERNAME = "username"; + String PASSWORD = "password"; + String HASHED_PASSWORD = "cGFzc3dvcmQ="; + + public void testToLongArrayConstructor() + { + try + { + HashedUser user = new HashedUser(new String[]{USERNAME, PASSWORD, USERNAME}); + fail("Error expected"); + } + catch (IllegalArgumentException e) + { + assertEquals("User Data should be length 2, username, password", e.getMessage()); + } + catch (UnsupportedEncodingException e) + { + fail(e.getMessage()); + } + } + + public void testArrayConstructor() + { + try + { + HashedUser user = new HashedUser(new String[]{USERNAME, HASHED_PASSWORD}); + assertEquals("Username incorrect", USERNAME, user.getName()); + int index = 0; + + char[] hash = HASHED_PASSWORD.toCharArray(); + + try + { + for (byte c : user.getEncodedPassword()) + { + assertEquals("Password incorrect", hash[index], (char) c); + index++; + } + } + catch (Exception e) + { + fail(e.getMessage()); + } + + hash = PASSWORD.toCharArray(); + + index=0; + for (char c : user.getPassword()) + { + assertEquals("Password incorrect", hash[index], c); + index++; + } + + } + catch (UnsupportedEncodingException e) + { + fail(e.getMessage()); + } + } +} + diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/UserTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/UserTest.java deleted file mode 100644 index 99902ef4c5..0000000000 --- a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/UserTest.java +++ /dev/null @@ -1,131 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.server.security.auth.database; - -import junit.framework.TestCase; -import org.apache.log4j.Level; -import org.apache.log4j.Logger; - -import java.io.UnsupportedEncodingException; - -/* - Note User is mainly tested by Base64MD5PFPDTest this is just to catch the extra methods - */ -public class UserTest extends TestCase -{ - - String USERNAME = "username"; - String PASSWORD = "password"; - String HASHED_PASSWORD = "cGFzc3dvcmQ="; - - public void testToLongArrayConstructor() - { - try - { - User user = new User(new String[]{USERNAME, PASSWORD, USERNAME}); - fail("Error expected"); - } - catch (IllegalArgumentException e) - { - assertEquals("User Data should be length 2, username, password", e.getMessage()); - } - catch (UnsupportedEncodingException e) - { - fail(e.getMessage()); - } - } - - public void testArrayConstructor() - { - try - { - User user = new User(new String[]{USERNAME, HASHED_PASSWORD}); - assertEquals("Username incorrect", USERNAME, user.getName()); - int index = 0; - - char[] hash = HASHED_PASSWORD.toCharArray(); - - try - { - for (byte c : user.getEncodePassword()) - { - assertEquals("Password incorrect", hash[index], (char) c); - index++; - } - } - catch (Exception e) - { - fail(e.getMessage()); - } - - hash = PASSWORD.toCharArray(); - - index=0; - for (char c : user.getPassword()) - { - assertEquals("Password incorrect", hash[index], c); - index++; - } - - } - catch (UnsupportedEncodingException e) - { - fail(e.getMessage()); - } - } - - public void testToString() - { - - User user = new User(USERNAME, PASSWORD.toCharArray()); - - // Test logger debug case - Logger.getLogger(User.class).setLevel(Level.DEBUG); - - assertEquals("User toString encoding not as expected", USERNAME, user.toString()); - - try - { - char[] hash = HASHED_PASSWORD.toCharArray(); - int index = 0; - for (byte c : user.getEncodePassword()) - { - - assertEquals("Hash not as expected", hash[index], (char) c); - index++; - } - } - catch (Exception e) - { - fail(e.getMessage()); - } - - assertEquals("User toString encoding not as expected", USERNAME + ":" + HASHED_PASSWORD, - user.toString()); - - Logger.getLogger(User.class).setLevel(Level.INFO); - - // Test normal case - assertEquals("User toString encoding not as expected", USERNAME, user.toString()); - } - -} - -- cgit v1.2.1