QPID-4090: Bug fix: allow Java client to make connections to Java Broker using CRAM-MD5-HASHED mechanism.

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1355775 13f79535-47bb-0310-9956-ffa450edef68

3 files changed, 93 insertions, 9 deletions

diff --git a/qpid/java/client/src/main/java/org/apache/qpid/client/security/crammd5hashed/CRAMMD5HashedSaslClient.java b/qpid/java/client/src/main/java/org/apache/qpid/client/security/crammd5hashed/CRAMMD5HashedSaslClient.java
new file mode 100644
index 0000000000..9965176772
--- /dev/null
+++ b/qpid/java/client/src/main/java/org/apache/qpid/client/security/crammd5hashed/CRAMMD5HashedSaslClient.java
@@ -0,0 +1,91 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+package org.apache.qpid.client.security.crammd5hashed;
+
+import java.util.Map;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.sasl.Sasl;
+import javax.security.sasl.SaslClient;
+import javax.security.sasl.SaslException;
+
+import org.apache.qpid.client.security.UsernameHashedPasswordCallbackHandler;
+
+/**
+ * A {@link CRAMMD5HashedSaslClient} merely wraps an instance of a CRAM-MD5 SASL client delegating
+ * all method calls to it, except {@link #getMechanismName()} which returns "CRAM-MD5-HASHED".
+ *
+ * This mechanism must be used with {@link UsernameHashedPasswordCallbackHandler} which is responsible
+ * for the additional hash of the password.
+ */
+public class CRAMMD5HashedSaslClient implements SaslClient
+{
+    private final SaslClient _cramMd5SaslClient;
+
+    public CRAMMD5HashedSaslClient(String authorizationId, String protocol, String serverName, Map<String, ?> props, CallbackHandler cbh) throws SaslException
+    {
+        super();
+        String[] mechanisms = {"CRAM-MD5"};
+        _cramMd5SaslClient = Sasl.createSaslClient(mechanisms, authorizationId, protocol, serverName, props, cbh);
+    }
+
+    public void dispose() throws SaslException
+    {
+        _cramMd5SaslClient.dispose();
+    }
+
+    public String getMechanismName()
+    {
+        return CRAMMD5HashedSaslClientFactory.MECHANISM;
+    }
+
+    public byte[] evaluateChallenge(byte[] challenge) throws SaslException
+    {
+        return _cramMd5SaslClient.evaluateChallenge(challenge);
+    }
+
+
+    public Object getNegotiatedProperty(String propName)
+    {
+        return _cramMd5SaslClient.getNegotiatedProperty(propName);
+    }
+
+    public boolean hasInitialResponse()
+    {
+        return _cramMd5SaslClient.hasInitialResponse();
+    }
+
+    public boolean isComplete()
+    {
+        return _cramMd5SaslClient.isComplete();
+    }
+
+    public byte[] unwrap(byte[] incoming, int offset, int len)
+            throws SaslException
+    {
+        return _cramMd5SaslClient.unwrap(incoming, offset, len);
+    }
+
+    public byte[] wrap(byte[] outgoing, int offset, int len)
+            throws SaslException
+    {
+        return _cramMd5SaslClient.wrap(outgoing, offset, len);
+    }
+}
diff --git a/qpid/java/client/src/main/java/org/apache/qpid/client/security/crammd5hashed/CRAMMD5HashedSaslClientFactory.java b/qpid/java/client/src/main/java/org/apache/qpid/client/security/crammd5hashed/CRAMMD5HashedSaslClientFactory.java
index cb989f7919..b3ce1a0d23 100644
--- a/qpid/java/client/src/main/java/org/apache/qpid/client/security/crammd5hashed/CRAMMD5HashedSaslClientFactory.java
+++ b/qpid/java/client/src/main/java/org/apache/qpid/client/security/crammd5hashed/CRAMMD5HashedSaslClientFactory.java
@@ -44,14 +44,13 @@ public class CRAMMD5HashedSaslClientFactory implements SaslClientFactory
                     throw new SaslException("CallbackHandler must not be null");
                 }
 
-                String[] mechs = {"CRAM-MD5"};
-                return Sasl.createSaslClient(mechs, authorizationId, protocol, serverName, props, cbh);
+                return new CRAMMD5HashedSaslClient(authorizationId, protocol, serverName, props, cbh);
             }
         }
         return null;
     }
 
-    public String[] getMechanismNames(Map props)
+    public String[] getMechanismNames(Map<String,?> props)
     {
         if (props != null)
         {
diff --git a/qpid/java/test-profiles/Java010Excludes b/qpid/java/test-profiles/Java010Excludes
index f9ba753a5f..ca2383a8f3 100755
--- a/qpid/java/test-profiles/Java010Excludes
+++ b/qpid/java/test-profiles/Java010Excludes
@@ -64,9 +64,3 @@ org.apache.qpid.client.failover.AddressBasedFailoverBehaviourTest#testFlowContro
 
 // QPID-3604: Immediate Prefetch no longer supported by 0-10
 org.apache.qpid.client.AsynchMessageListenerTest#testImmediatePrefetchWithMessageListener
-
-// QPID-4090: Can't connect from Java Client to Java Broker when Broker uses Base64MD5PasswordFilePrincipalDatabase principal database (0-10 protocol only)
-org.apache.qpid.systest.management.jmx.UserManagementWithBase64MD5PasswordsTest#testJmsLoginForNewUser
-org.apache.qpid.systest.management.jmx.UserManagementWithBase64MD5PasswordsTest#testJmsLoginNotPossibleForDeletedUser
-org.apache.qpid.systest.management.jmx.UserManagementWithBase64MD5PasswordsTest#testJmsLoginForPasswordChangedUser
-org.apache.qpid.systest.management.jmx.UserManagementWithBase64MD5PasswordsTest#testReload