summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBhupendra Bhusman Bhardwaj <bhupendrab@apache.org>2007-04-20 10:42:52 +0000
committerBhupendra Bhusman Bhardwaj <bhupendrab@apache.org>2007-04-20 10:42:52 +0000
commit6cfd8a3db4ff30fe28d7f4909e7f1ff236ef1b8a (patch)
treea501352af36f5ef2b66e440c37ea8c90bf1e02f7
parent0301b999ca82f6f66e2159d2aad4bad376cb2cab (diff)
downloadqpid-python-6cfd8a3db4ff30fe28d7f4909e7f1ff236ef1b8a.tar.gz
QPID-445 : md5 hashed password will be sent from management console to Qpid
git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/branches/M2@530734 13f79535-47bb-0310-9956-ffa450edef68
Diffstat
-rw-r--r--java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java17
-rw-r--r--java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java4
-rw-r--r--java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java31
-rw-r--r--java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java4
-rw-r--r--java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java4
-rw-r--r--java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java4
-rw-r--r--java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java46
-rw-r--r--java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/ViewUtility.java22
8 files changed, 69 insertions, 63 deletions
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java
index a43474559d..20f123179f 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java
@@ -22,7 +22,6 @@ package org.apache.qpid.server.security.access;
import org.apache.qpid.server.management.MBeanDescription;
import org.apache.qpid.server.management.AMQManagedObject;
-import org.apache.qpid.server.management.MBeanOperationParameter;
import org.apache.qpid.server.management.MBeanOperation;
import org.apache.qpid.server.management.MBeanInvocationHandlerImpl;
import org.apache.qpid.server.security.auth.database.PrincipalDatabase;
@@ -107,8 +106,7 @@ public class AMQUserManagementMBean extends AMQManagedObject implements UserMana
return UserManagement.TYPE;
}
- public boolean setPassword(@MBeanOperationParameter(name = "username", description = "Username")String username,
- @MBeanOperationParameter(name = "password", description = "Password")String password)
+ public boolean setPassword(String username, char[] password)
{
try
{
@@ -122,10 +120,7 @@ public class AMQUserManagementMBean extends AMQManagedObject implements UserMana
}
}
- public boolean setRights(@MBeanOperationParameter(name = "username", description = "Username")String username,
- @MBeanOperationParameter(name = "read", description = "Administration read")boolean read,
- @MBeanOperationParameter(name = "write", description = "Administration write")boolean write,
- @MBeanOperationParameter(name = "admin", description = "Administration rights")boolean admin)
+ public boolean setRights(String username, boolean read, boolean write, boolean admin)
{
if (_accessRights.get(username) == null)
@@ -179,11 +174,7 @@ public class AMQUserManagementMBean extends AMQManagedObject implements UserMana
return true;
}
- public boolean createUser(@MBeanOperationParameter(name = "username", description = "Username")String username,
- @MBeanOperationParameter(name = "password", description = "Password")String password,
- @MBeanOperationParameter(name = "read", description = "Administration read")boolean read,
- @MBeanOperationParameter(name = "write", description = "Administration write")boolean write,
- @MBeanOperationParameter(name = "admin", description = "Administration rights")boolean admin)
+ public boolean createUser(String username, char[] password, boolean read, boolean write, boolean admin)
{
if (_principalDatabase.createPrincipal(new UsernamePrincipal(username), password))
{
@@ -195,7 +186,7 @@ public class AMQUserManagementMBean extends AMQManagedObject implements UserMana
return false;
}
- public boolean deleteUser(@MBeanOperationParameter(name = "username", description = "Username")String username)
+ public boolean deleteUser(String username)
{
try
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java
index 6381213398..ce5e9fa4a7 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java
@@ -45,7 +45,7 @@ public interface UserManagement
*/
@MBeanOperation(name = "setPassword", description = "Set password for user.")
boolean setPassword(@MBeanOperationParameter(name = "username", description = "Username")String username,
- @MBeanOperationParameter(name = "password", description = "Password")String password);
+ @MBeanOperationParameter(name = "password", description = "Password")char[] password);
/**
* set rights for users with given details
@@ -76,7 +76,7 @@ public interface UserManagement
*/
@MBeanOperation(name = "createUser", description = "Create new user from system.")
boolean createUser(@MBeanOperationParameter(name = "username", description = "Username")String username,
- @MBeanOperationParameter(name = "password", description = "Password")String password,
+ @MBeanOperationParameter(name = "password", description = "Password")char[] password,
@MBeanOperationParameter(name = "read", description = "Administration read")boolean read,
@MBeanOperationParameter(name = "write", description = "Administration write")boolean write,
@MBeanOperationParameter(name = "admin", description = "Administration rights")boolean admin);
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
index 956db64d90..cd0a371b48 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
@@ -176,7 +176,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
}
}
- public boolean updatePassword(Principal principal, String password) throws AccountNotFoundException
+ public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException
{
User user = _users.get(principal.getName());
@@ -187,13 +187,10 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
try
{
-
- char[] passwd = convertPassword(password);
-
try
{
_userUpdate.lock();
- user.setPassword(passwd);
+ user.setPassword(password);
try
{
@@ -215,7 +212,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
}
}
}
- catch (UnsupportedEncodingException e)
+ catch (Exception e)
{
return false;
}
@@ -237,23 +234,14 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
return passwd;
}
- public boolean createPrincipal(Principal principal, String password)
+ public boolean createPrincipal(Principal principal, char[] password)
{
if (_users.get(principal.getName()) != null)
{
return false;
}
- User user;
- try
- {
- user = new User(principal.getName(), convertPassword(password));
- }
- catch (UnsupportedEncodingException e)
- {
- _logger.warn("Unable to encode password:" + e);
- return false;
- }
+ User user = new User(principal.getName(), password);
try
{
@@ -598,8 +586,13 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase
private void encodePassword() throws EncoderException, UnsupportedEncodingException, NoSuchAlgorithmException
{
- Base64 b64 = new Base64();
- _encodedPassword = b64.encode(new String(_password).getBytes(DEFAULT_ENCODING));
+ byte[] byteArray = new byte[_password.length];
+ int index = 0;
+ for (char c : _password)
+ {
+ byteArray[index++] = (byte)c;
+ }
+ _encodedPassword = (new Base64()).encode(byteArray);
}
public boolean isModified()
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java
index 3f6794aaaf..90d08c963e 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java
@@ -151,12 +151,12 @@ public class PlainPasswordFilePrincipalDatabase implements PrincipalDatabase
return passwd;
}
- public boolean updatePassword(Principal principal, String password) throws AccountNotFoundException
+ public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException
{
return false; // updates denied
}
- public boolean createPrincipal(Principal principal, String password)
+ public boolean createPrincipal(Principal principal, char[] password)
{
return false; // updates denied
}
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java
index 8073fcc3c6..494d8e0bf4 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java
@@ -65,7 +65,7 @@ public interface PrincipalDatabase
* @return True if change was successful
* @throws AccountNotFoundException If the given principal doesn't exist in the Database
*/
- boolean updatePassword(Principal principal, String password)
+ boolean updatePassword(Principal principal, char[] password)
throws AccountNotFoundException;
/**
@@ -74,7 +74,7 @@ public interface PrincipalDatabase
* @param password The password to set for the principal
* @return True on a successful creation
*/
- boolean createPrincipal(Principal principal, String password);
+ boolean createPrincipal(Principal principal, char[] password);
/**
* Delete a principal
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java
index b1ac0e1f00..74c330f606 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java
@@ -93,12 +93,12 @@ public class PropertiesPrincipalDatabase implements PrincipalDatabase
}
}
- public boolean updatePassword(Principal principal, String password) throws AccountNotFoundException
+ public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException
{
return false; // updates denied
}
- public boolean createPrincipal(Principal principal, String password)
+ public boolean createPrincipal(Principal principal, char[] password)
{
return false; // updates denied
}
diff --git a/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java b/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java
index 2ac037e4f0..60d8f7920d 100644
--- a/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java
+++ b/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java
@@ -31,6 +31,7 @@ import javax.management.openmbean.CompositeData;
import javax.management.openmbean.TabularDataSupport;
import static org.apache.qpid.management.ui.Constants.*;
+
import org.apache.qpid.management.ui.ApplicationRegistry;
import org.apache.qpid.management.ui.ManagedBean;
import org.apache.qpid.management.ui.jmx.MBeanUtility;
@@ -337,10 +338,17 @@ public class OperationTabControl extends TabControl
// display the parameter data type next to the text field
if (valueInCombo)
+ {
label = _toolkit.createLabel(_paramsComposite, "");
+ }
+ else if (PASSWORD.equalsIgnoreCase(param.getName()))
+ {
+ label = _toolkit.createLabel(_paramsComposite, "(String)");
+ }
else
{
- String str = param.getType() ;
+ String str = param.getType();
+
if (param.getType().lastIndexOf(".") != -1)
str = param.getType().substring(1 + param.getType().lastIndexOf("."));
@@ -581,34 +589,32 @@ public class OperationTabControl extends TabControl
}
// End of custom code
-
- // customized for passwords
- if (PASSWORD.equalsIgnoreCase(param.getName()))
+ ViewUtility.popupInfoMessage(_form.getText(), "Please select the " + ViewUtility.getDisplayText(param.getName()));
+ return;
+ }
+
+ // customized for passwords
+ String securityMechanism = ApplicationRegistry.getSecurityMechanism();
+ if ((MECH_CRAMMD5.equals(securityMechanism)) && PASSWORD.equalsIgnoreCase(param.getName()))
+ {
+ try
{
- try
- {
- param.setValueFromString(ViewUtility.getHashedString(param.getValue()));
- }
- catch (Exception ex)
- {
- MBeanUtility.handleException(_mbean, ex);
- return;
- }
+ param.setValue(ViewUtility.getMD5HashedCharArray(param.getValue()));
+ }
+ catch (Exception ex)
+ {
+ MBeanUtility.handleException(_mbean, ex);
+ return;
}
- // end of customization
- ViewUtility.popupInfoMessage(_form.getText(),
- "Please select the " + ViewUtility.getDisplayText(param.getName()));
-
- return;
}
+ // end of customization
}
}
if (_opData.getImpact() == OPERATION_IMPACT_ACTION)
{
String bean = _mbean.getName() == null ? _mbean.getType() : _mbean.getName();
- int response = ViewUtility.popupConfirmationMessage(bean,
- "Do you want to " + _form.getText()+ " ?");
+ int response = ViewUtility.popupConfirmationMessage(bean, "Do you want to " + _form.getText()+ " ?");
if (response == SWT.YES)
{
executeAndShowResults();
diff --git a/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/ViewUtility.java b/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/ViewUtility.java
index 9b5cddd342..89ab360937 100644
--- a/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/ViewUtility.java
+++ b/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/ViewUtility.java
@@ -560,10 +560,26 @@ public class ViewUtility
}
}
- public static String getHashedString(Object text) throws NoSuchAlgorithmException, UnsupportedEncodingException
+ public static char[] getMD5HashedCharArray(Object text) throws NoSuchAlgorithmException, UnsupportedEncodingException
{
- char[] chars = getHash((String)text);
- return new String(chars);
+ byte[] data = ((String)text).getBytes("utf-8");
+
+ MessageDigest md = MessageDigest.getInstance("MD5");
+
+ for (byte b : data)
+ {
+ md.update(b);
+ }
+
+ byte[] digest = md.digest();
+
+ char[] byteArray = new char[digest.length];
+ int index = 0;
+ for (byte b : digest)
+ {
+ byteArray[index++] = (char)b;
+ }
+ return byteArray;
}
public static char[] getHash(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException
View Lorry Controller Status