From 6cfd8a3db4ff30fe28d7f4909e7f1ff236ef1b8a Mon Sep 17 00:00:00 2001 From: Bhupendra Bhusman Bhardwaj Date: Fri, 20 Apr 2007 10:42:52 +0000 Subject: QPID-445 : md5 hashed password will be sent from management console to Qpid git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/branches/M2@530734 13f79535-47bb-0310-9956-ffa450edef68 --- .../security/access/AMQUserManagementMBean.java | 17 +++--------- .../server/security/access/UserManagement.java | 4 +-- .../Base64MD5PasswordFilePrincipalDatabase.java | 31 +++++++++------------- .../PlainPasswordFilePrincipalDatabase.java | 4 +-- .../security/auth/database/PrincipalDatabase.java | 4 +-- .../auth/database/PropertiesPrincipalDatabase.java | 4 +-- 6 files changed, 24 insertions(+), 40 deletions(-) (limited to 'java/broker/src') diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java index a43474559d..20f123179f 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java @@ -22,7 +22,6 @@ package org.apache.qpid.server.security.access; import org.apache.qpid.server.management.MBeanDescription; import org.apache.qpid.server.management.AMQManagedObject; -import org.apache.qpid.server.management.MBeanOperationParameter; import org.apache.qpid.server.management.MBeanOperation; import org.apache.qpid.server.management.MBeanInvocationHandlerImpl; import org.apache.qpid.server.security.auth.database.PrincipalDatabase; @@ -107,8 +106,7 @@ public class AMQUserManagementMBean extends AMQManagedObject implements UserMana return UserManagement.TYPE; } - public boolean setPassword(@MBeanOperationParameter(name = "username", description = "Username")String username, - @MBeanOperationParameter(name = "password", description = "Password")String password) + public boolean setPassword(String username, char[] password) { try { @@ -122,10 +120,7 @@ public class AMQUserManagementMBean extends AMQManagedObject implements UserMana } } - public boolean setRights(@MBeanOperationParameter(name = "username", description = "Username")String username, - @MBeanOperationParameter(name = "read", description = "Administration read")boolean read, - @MBeanOperationParameter(name = "write", description = "Administration write")boolean write, - @MBeanOperationParameter(name = "admin", description = "Administration rights")boolean admin) + public boolean setRights(String username, boolean read, boolean write, boolean admin) { if (_accessRights.get(username) == null) @@ -179,11 +174,7 @@ public class AMQUserManagementMBean extends AMQManagedObject implements UserMana return true; } - public boolean createUser(@MBeanOperationParameter(name = "username", description = "Username")String username, - @MBeanOperationParameter(name = "password", description = "Password")String password, - @MBeanOperationParameter(name = "read", description = "Administration read")boolean read, - @MBeanOperationParameter(name = "write", description = "Administration write")boolean write, - @MBeanOperationParameter(name = "admin", description = "Administration rights")boolean admin) + public boolean createUser(String username, char[] password, boolean read, boolean write, boolean admin) { if (_principalDatabase.createPrincipal(new UsernamePrincipal(username), password)) { @@ -195,7 +186,7 @@ public class AMQUserManagementMBean extends AMQManagedObject implements UserMana return false; } - public boolean deleteUser(@MBeanOperationParameter(name = "username", description = "Username")String username) + public boolean deleteUser(String username) { try diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java index 6381213398..ce5e9fa4a7 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java @@ -45,7 +45,7 @@ public interface UserManagement */ @MBeanOperation(name = "setPassword", description = "Set password for user.") boolean setPassword(@MBeanOperationParameter(name = "username", description = "Username")String username, - @MBeanOperationParameter(name = "password", description = "Password")String password); + @MBeanOperationParameter(name = "password", description = "Password")char[] password); /** * set rights for users with given details @@ -76,7 +76,7 @@ public interface UserManagement */ @MBeanOperation(name = "createUser", description = "Create new user from system.") boolean createUser(@MBeanOperationParameter(name = "username", description = "Username")String username, - @MBeanOperationParameter(name = "password", description = "Password")String password, + @MBeanOperationParameter(name = "password", description = "Password")char[] password, @MBeanOperationParameter(name = "read", description = "Administration read")boolean read, @MBeanOperationParameter(name = "write", description = "Administration write")boolean write, @MBeanOperationParameter(name = "admin", description = "Administration rights")boolean admin); diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java index 956db64d90..cd0a371b48 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java @@ -176,7 +176,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase } } - public boolean updatePassword(Principal principal, String password) throws AccountNotFoundException + public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException { User user = _users.get(principal.getName()); @@ -187,13 +187,10 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase try { - - char[] passwd = convertPassword(password); - try { _userUpdate.lock(); - user.setPassword(passwd); + user.setPassword(password); try { @@ -215,7 +212,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase } } } - catch (UnsupportedEncodingException e) + catch (Exception e) { return false; } @@ -237,23 +234,14 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase return passwd; } - public boolean createPrincipal(Principal principal, String password) + public boolean createPrincipal(Principal principal, char[] password) { if (_users.get(principal.getName()) != null) { return false; } - User user; - try - { - user = new User(principal.getName(), convertPassword(password)); - } - catch (UnsupportedEncodingException e) - { - _logger.warn("Unable to encode password:" + e); - return false; - } + User user = new User(principal.getName(), password); try { @@ -598,8 +586,13 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase private void encodePassword() throws EncoderException, UnsupportedEncodingException, NoSuchAlgorithmException { - Base64 b64 = new Base64(); - _encodedPassword = b64.encode(new String(_password).getBytes(DEFAULT_ENCODING)); + byte[] byteArray = new byte[_password.length]; + int index = 0; + for (char c : _password) + { + byteArray[index++] = (byte)c; + } + _encodedPassword = (new Base64()).encode(byteArray); } public boolean isModified() diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java index 3f6794aaaf..90d08c963e 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java @@ -151,12 +151,12 @@ public class PlainPasswordFilePrincipalDatabase implements PrincipalDatabase return passwd; } - public boolean updatePassword(Principal principal, String password) throws AccountNotFoundException + public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException { return false; // updates denied } - public boolean createPrincipal(Principal principal, String password) + public boolean createPrincipal(Principal principal, char[] password) { return false; // updates denied } diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java index 8073fcc3c6..494d8e0bf4 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java @@ -65,7 +65,7 @@ public interface PrincipalDatabase * @return True if change was successful * @throws AccountNotFoundException If the given principal doesn't exist in the Database */ - boolean updatePassword(Principal principal, String password) + boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException; /** @@ -74,7 +74,7 @@ public interface PrincipalDatabase * @param password The password to set for the principal * @return True on a successful creation */ - boolean createPrincipal(Principal principal, String password); + boolean createPrincipal(Principal principal, char[] password); /** * Delete a principal diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java index b1ac0e1f00..74c330f606 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java @@ -93,12 +93,12 @@ public class PropertiesPrincipalDatabase implements PrincipalDatabase } } - public boolean updatePassword(Principal principal, String password) throws AccountNotFoundException + public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException { return false; // updates denied } - public boolean createPrincipal(Principal principal, String password) + public boolean createPrincipal(Principal principal, char[] password) { return false; // updates denied } -- cgit v1.2.1