diff options
| author | Martin Ritchie <ritchiem@apache.org> | 2007-04-20 13:24:43 +0000 |
|---|---|---|
| committer | Martin Ritchie <ritchiem@apache.org> | 2007-04-20 13:24:43 +0000 |
| commit | 778fe8abf053f99e539ccdfe9dd78a7ca2e3bf6b (patch) | |
| tree | e466d9148368a5578a975f5ce80fc12cf754b211 | |
| parent | b05f1c94de8c339f00c9eb109d17bf81d585dda2 (diff) | |
| download | qpid-python-778fe8abf053f99e539ccdfe9dd78a7ca2e3bf6b.tar.gz | |
Updated PrincipalDatabase verifyPassword to match rest of API and take a char[]
git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/branches/M2@530797 13f79535-47bb-0310-9956-ffa450edef68
4 files changed, 15 insertions, 45 deletions
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java index cd0a371b48..8ade3cdd98 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java @@ -153,27 +153,19 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase * * @throws AccountNotFoundException if the principal cannot be found */ - public boolean verifyPassword(String principal, String password) throws AccountNotFoundException + public boolean verifyPassword(String principal, char[] password) throws AccountNotFoundException { - try - { - char[] pwd = lookupPassword(principal); - byte[] passwordBytes = password.getBytes(DEFAULT_ENCODING); + char[] pwd = lookupPassword(principal); - int index = 0; - boolean verified = true; + int index = 0; + boolean verified = true; - while (verified & index < passwordBytes.length) - { - verified = (pwd[index] == (char) passwordBytes[index]); - index++; - } - return verified; - } - catch (UnsupportedEncodingException e) + while (verified & index < password.length) { - return false; + verified = (pwd[index] == password[index]); + index++; } + return verified; } public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException @@ -590,7 +582,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase int index = 0; for (char c : _password) { - byteArray[index++] = (byte)c; + byteArray[index++] = (byte) c; } _encodedPassword = (new Base64()).encode(byteArray); } diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java index 90d08c963e..5170f6216c 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java @@ -121,13 +121,13 @@ public class PlainPasswordFilePrincipalDatabase implements PrincipalDatabase } } - public boolean verifyPassword(String principal, String password) throws AccountNotFoundException + public boolean verifyPassword(String principal, char[] password) throws AccountNotFoundException { try { char[] pwd = lookupPassword(principal); - return compareCharArray(pwd, convertPassword(password)); + return compareCharArray(pwd, password); } catch (IOException e) { @@ -135,22 +135,6 @@ public class PlainPasswordFilePrincipalDatabase implements PrincipalDatabase } } - private char[] convertPassword(String password) throws UnsupportedEncodingException - { - byte[] passwdBytes = password.getBytes("utf-8"); - - char[] passwd = new char[passwdBytes.length]; - - int index = 0; - - for (byte b : passwdBytes) - { - passwd[index++] = (char) b; - } - - return passwd; - } - public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException { return false; // updates denied diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java index 494d8e0bf4..a82f9ed40b 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java @@ -55,7 +55,7 @@ public interface PrincipalDatabase * @return true if password is correct * @throws AccountNotFoundException if the principal cannot be found */ - boolean verifyPassword(String principal, String password) + boolean verifyPassword(String principal, char[] password) throws AccountNotFoundException; /** diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java index 74c330f606..49cd71e978 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java @@ -79,18 +79,12 @@ public class PropertiesPrincipalDatabase implements PrincipalDatabase } } - public boolean verifyPassword(String principal, String password) throws AccountNotFoundException + public boolean verifyPassword(String principal, char[] password) throws AccountNotFoundException { + //fixme this is not correct as toCharArray is not safe based on the type of string. char[] pwd = _users.getProperty(principal).toCharArray(); - try - { - return compareCharArray(pwd, convertPassword(password)); - } - catch (UnsupportedEncodingException e) - { - return false; - } + return compareCharArray(pwd, password); } public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException |