QPID-1505 : PlainSaslServer throws and immediately catches and wraps Sasl Exception

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1291330 13f79535-47bb-0310-9956-ffa450edef68
author: Robert Godfrey <rgodfrey@apache.org> 2012-02-20 16:01:01 +0000
committer: Robert Godfrey <rgodfrey@apache.org> 2012-02-20 16:01:01 +0000
commit: f8c03792d304e62acac9f4c2fc64c08490acdf98 (patch)
tree: b7b369be517eada3febae8e4f48e39034952c329 /qpid/java
parent: 377fcb66deaba1871aecf6056ff94daa765d7508 (diff)
download: qpid-python-f8c03792d304e62acac9f4c2fc64c08490acdf98.tar.gz
2 files changed, 37 insertions, 28 deletions
diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java
index c1f306dce9..a811806c00 100644
--- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java
+++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/sasl/plain/PlainSaslServer.java
@@ -51,56 +51,65 @@ public class PlainSaslServer implements SaslServer
 
     public byte[] evaluateResponse(byte[] response) throws SaslException
     {
-        try
+        int authzidNullPosition = findNullPosition(response, 0);
+        if (authzidNullPosition < 0)
         {
-            int authzidNullPosition = findNullPosition(response, 0);
-            if (authzidNullPosition < 0)
-            {
-                throw new SaslException("Invalid PLAIN encoding, authzid null terminator not found");
-            }
-            int authcidNullPosition = findNullPosition(response, authzidNullPosition + 1);
-            if (authcidNullPosition < 0)
-            {
-                throw new SaslException("Invalid PLAIN encoding, authcid null terminator not found");
-            }
+            throw new SaslException("Invalid PLAIN encoding, authzid null terminator not found");
+        }
+        int authcidNullPosition = findNullPosition(response, authzidNullPosition + 1);
+        if (authcidNullPosition < 0)
+        {
+            throw new SaslException("Invalid PLAIN encoding, authcid null terminator not found");
+        }
+
+        PlainPasswordCallback passwordCb;
+        AuthorizeCallback authzCb;
 
+        try
+        {
             // we do not currently support authcid in any meaningful way
             String authzid = new String(response, authzidNullPosition + 1, authcidNullPosition - authzidNullPosition - 1, "utf8");
 
             // TODO: should not get pwd as a String but as a char array...
             int passwordLen = response.length - authcidNullPosition - 1;
             String pwd = new String(response, authcidNullPosition + 1, passwordLen, "utf8");
-            
+
             // we do not care about the prompt but it throws if null
             NameCallback nameCb = new NameCallback("prompt", authzid);
-            PlainPasswordCallback passwordCb = new PlainPasswordCallback("prompt", false, pwd);
-            AuthorizeCallback authzCb = new AuthorizeCallback(authzid, authzid);
+            passwordCb = new PlainPasswordCallback("prompt", false, pwd);
+            authzCb = new AuthorizeCallback(authzid, authzid);
 
             Callback[] callbacks = new Callback[]{nameCb, passwordCb, authzCb};
             _cbh.handle(callbacks);
 
-            if (passwordCb.isAuthenticated())
-            {
-                _complete = true;
-            }
-            if (authzCb.isAuthorized() && _complete)
-            {
-                _authorizationId = authzCb.getAuthenticationID();
-                return null;
-            }
-            else
-            {
-                throw new SaslException("Authentication failed");
-            }
         }
         catch (IOException e)
         {
+            if(e instanceof SaslException)
+            {
+                throw (SaslException) e;
+            }
             throw new SaslException("Error processing data: " + e, e);
         }
         catch (UnsupportedCallbackException e)
         {
             throw new SaslException("Unable to obtain data from callback handler: " + e, e);
         }
+
+        if (passwordCb.isAuthenticated())
+        {
+            _complete = true;
+        }
+
+        if (authzCb.isAuthorized() && _complete)
+        {
+            _authorizationId = authzCb.getAuthenticationID();
+            return null;
+        }
+        else
+        {
+            throw new SaslException("Authentication failed");
+        }
     }
 
 
diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/SaslServerTestCase.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/SaslServerTestCase.java
index c3671d6a87..f5247634ac 100644
--- a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/SaslServerTestCase.java
+++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/sasl/SaslServerTestCase.java
@@ -54,7 +54,7 @@ public abstract class SaslServerTestCase extends TestCase
         }
         catch (SaslException e)
         {
-            assertEquals("Authentication failed", e.getCause().getMessage());
+            assertTrue(e.getMessage().contains("Authentication failed"));
             exceptionCaught = true;
         }
         if (!exceptionCaught)
author	Robert Godfrey <rgodfrey@apache.org>	2012-02-20 16:01:01 +0000
committer	Robert Godfrey <rgodfrey@apache.org>	2012-02-20 16:01:01 +0000
commit	f8c03792d304e62acac9f4c2fc64c08490acdf98 (patch)
tree	b7b369be517eada3febae8e4f48e39034952c329 /qpid/java
parent	377fcb66deaba1871aecf6056ff94daa765d7508 (diff)
download	qpid-python-f8c03792d304e62acac9f4c2fc64c08490acdf98.tar.gz