QPID-1536 : Convert Base64MD5PrincipalDatabase to accept plain text password input and do the hashing locally.

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@727057 13f79535-47bb-0310-9956-ffa450edef68
author: Martin Ritchie <ritchiem@apache.org> 2008-12-16 14:40:52 +0000
committer: Martin Ritchie <ritchiem@apache.org> 2008-12-16 14:40:52 +0000
commit: 83cf9b595ce30e1379290356870dbba33144c8d8 (patch)
tree: c0c3e93981af88b6fa96586b9aa9993462ac0ac0 /qpid/java
parent: 6dad32c8e06688a90d71dc22790b171f6ee520d8 (diff)
download: qpid-python-83cf9b595ce30e1379290356870dbba33144c8d8.tar.gz
4 files changed, 34 insertions, 20 deletions
diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64HashedUser.java
index 4d92e3fb4c..2caccebb2a 100644
--- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java
+++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64HashedUser.java
@@ -27,10 +27,11 @@ import org.apache.log4j.Logger;
 import java.io.UnsupportedEncodingException;
 import java.security.NoSuchAlgorithmException;
 import java.security.Principal;
+import java.security.MessageDigest;
 
-public class HashedUser implements Principal
+public class Base64HashedUser implements Principal
 {
-    private static final Logger _logger = Logger.getLogger(HashedUser.class);
+    private static final Logger _logger = Logger.getLogger(Base64HashedUser.class);
 
     String _name;
     char[] _password;
@@ -38,7 +39,7 @@ public class HashedUser implements Principal
     private boolean _modified = false;
     private boolean _deleted = false;
 
-    HashedUser(String[] data) throws UnsupportedEncodingException
+    Base64HashedUser(String[] data) throws UnsupportedEncodingException
     {
         if (data.length != 2)
         {
@@ -63,7 +64,20 @@ public class HashedUser implements Principal
         }
     }
 
-    public HashedUser(String name, char[] password)
+    public byte[] getMD5(byte[] data) throws NoSuchAlgorithmException, UnsupportedEncodingException
+    {
+        MessageDigest md = MessageDigest.getInstance("MD5");
+
+        for (byte b : data)
+        {
+            md.update(b);
+        }
+
+        return md.digest();
+    }
+    
+    
+    public Base64HashedUser(String name, char[] password)
     {
         _name = name;
         setPassword(password);
@@ -108,7 +122,8 @@ public class HashedUser implements Principal
         {
             byteArray[index++] = (byte) c;
         }
-        _encodedPassword = (new Base64()).encode(byteArray);
+                        
+        _encodedPassword = (new Base64()).encode(getMD5(byteArray));
     }
 
     public boolean isModified()
diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
index cca9deb6da..0f0c0309db 100644
--- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
+++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
@@ -61,7 +61,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
 
     AMQUserManagementMBean _mbean;
     public static final String DEFAULT_ENCODING = "utf-8";
-    private Map<String, HashedUser> _users = new HashMap<String, HashedUser>();
+    private Map<String, Base64HashedUser> _users = new HashMap<String, Base64HashedUser>();
     private ReentrantLock _userUpdate = new ReentrantLock();
 
     public Base64MD5PasswordFilePrincipalDatabase()
@@ -180,7 +180,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
      */
     public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException
     {
-        HashedUser user = _users.get(principal.getName());
+        Base64HashedUser user = _users.get(principal.getName());
 
         if (user == null)
         {
@@ -230,7 +230,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
             return false;
         }
 
-        HashedUser user = new HashedUser(principal.getName(), password);
+        Base64HashedUser user = new Base64HashedUser(principal.getName(), password);
 
         try
         {
@@ -260,7 +260,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
 
     public boolean deletePrincipal(Principal principal) throws AccountNotFoundException
     {
-        HashedUser user = _users.get(principal.getName());
+        Base64HashedUser user = _users.get(principal.getName());
 
         if (user == null)
         {
@@ -324,7 +324,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
      */
     private char[] lookupPassword(String name)
     {
-        HashedUser user = _users.get(name);
+        Base64HashedUser user = _users.get(name);
         if (user == null)
         {
             return null;
@@ -356,7 +356,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
                         continue;
                     }
 
-                    HashedUser user = new HashedUser(result);
+                    Base64HashedUser user = new Base64HashedUser(result);
                     _logger.info("Created user:" + user);
                     _users.put(user.getName(), user);
                 }
@@ -408,7 +408,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
                         continue;
                     }
 
-                    HashedUser user = _users.get(result[0]);
+                    Base64HashedUser user = _users.get(result[0]);
 
                     if (user == null)
                     {
@@ -444,7 +444,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
                     }
                 }
 
-                for (HashedUser user : _users.values())
+                for (Base64HashedUser user : _users.values())
                 {
                     if (user.isModified())
                     {
diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/HashedUserTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64HashedUserTest.java
index a7d951cb5b..4c69edcac7 100644
--- a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/HashedUserTest.java
+++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64HashedUserTest.java
@@ -21,15 +21,13 @@
 package org.apache.qpid.server.security.auth.database;
 
 import junit.framework.TestCase;
-import org.apache.log4j.Level;
-import org.apache.log4j.Logger;
 
 import java.io.UnsupportedEncodingException;
 
 /*
     Note User is mainly tested by Base64MD5PFPDTest this is just to catch the extra methods
  */
-public class HashedUserTest extends TestCase
+public class Base64HashedUserTest extends TestCase
 {
 
     String USERNAME = "username";
@@ -40,7 +38,7 @@ public class HashedUserTest extends TestCase
     {
         try
         {
-            HashedUser user = new HashedUser(new String[]{USERNAME, PASSWORD, USERNAME});
+            Base64HashedUser user = new Base64HashedUser(new String[]{USERNAME, PASSWORD, USERNAME});
             fail("Error expected");
         }
         catch (IllegalArgumentException e)
@@ -57,7 +55,7 @@ public class HashedUserTest extends TestCase
     {
         try
         {
-            HashedUser user = new HashedUser(new String[]{USERNAME, HASHED_PASSWORD});
+            Base64HashedUser user = new Base64HashedUser(new String[]{USERNAME, HASHED_PASSWORD});
             assertEquals("Username incorrect", USERNAME, user.getName());
             int index = 0;
 
diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
index b5034d9f5d..6af042dee6 100644
--- a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
+++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
@@ -228,8 +228,9 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase
 
         assertNotNull(testUser);
 
-        String NEW_PASSWORD = "NewPassword";
-        String NEW_PASSWORD_HASH = "TmV3UGFzc3dvcmQ=";
+        String NEW_PASSWORD = "guest";
+        
+        String NEW_PASSWORD_HASH = "CE4DQ6BIb/BVMN9scFyLtA==";
         try
         {
             _database.updatePassword(testUser, NEW_PASSWORD.toCharArray());
author	Martin Ritchie <ritchiem@apache.org>	2008-12-16 14:40:52 +0000
committer	Martin Ritchie <ritchiem@apache.org>	2008-12-16 14:40:52 +0000
commit	83cf9b595ce30e1379290356870dbba33144c8d8 (patch)
tree	c0c3e93981af88b6fa96586b9aa9993462ac0ac0 /qpid/java
parent	6dad32c8e06688a90d71dc22790b171f6ee520d8 (diff)
download	qpid-python-83cf9b595ce30e1379290356870dbba33144c8d8.tar.gz