diff options
2 files changed, 52 insertions, 2 deletions
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationProvider.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationProvider.java index cdb2f3dcc7..44aef27de0 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationProvider.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationProvider.java @@ -183,9 +183,9 @@ public class MD5AuthenticationProvider char[] password; if(_hexify) { - password = new char[passwordBytes.length]; + password = new char[passwordBytes.length * 2]; - for(int i = 0; i < passwordBytes.length; i--) + for(int i = 0; i < passwordBytes.length; i++) { password[2*i] = HEX_CHARACTERS[(((int)passwordBytes[i]) & 0xf0)>>4]; password[(2*i)+1] = HEX_CHARACTERS[(((int)passwordBytes[i]) & 0x0f)]; diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationManagerTest.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationManagerTest.java index aecd318937..25540dcb92 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationManagerTest.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationManagerTest.java @@ -20,10 +20,20 @@ */ package org.apache.qpid.server.security.auth.manager; +import javax.security.sasl.SaslServer; +import java.util.HashMap; import java.util.Map; +import org.apache.qpid.server.model.User; +import org.apache.qpid.server.security.auth.AuthenticationResult; +import org.apache.qpid.server.security.auth.sasl.SaslUtil; + public class MD5AuthenticationManagerTest extends ManagedAuthenticationManagerTestBase { + + public static final String USER_NAME = "test"; + public static final String USER_PASSWORD = "password"; + @Override public void setUp() throws Exception { @@ -48,6 +58,46 @@ public class MD5AuthenticationManagerTest extends ManagedAuthenticationManagerTe super.tearDown(); } + public void testMD5HexAuthenticationWithValidCredentials() throws Exception + { + createUser(USER_NAME, USER_PASSWORD); + AuthenticationResult result = authenticate("CRAM-MD5-HEX", USER_NAME, USER_PASSWORD); + assertEquals("Unexpected authentication result", AuthenticationResult.AuthenticationStatus.SUCCESS, result.getStatus()); + } + + public void testMD5HexAuthenticationWithInvalidPassword() throws Exception + { + createUser(USER_NAME, USER_PASSWORD); + AuthenticationResult result = authenticate("CRAM-MD5-HEX", USER_NAME, "invalid"); + assertEquals("Unexpected authentication result", AuthenticationResult.AuthenticationStatus.ERROR, result.getStatus()); + } + + public void testMD5HexAuthenticationWithInvalidUsername() throws Exception + { + createUser(USER_NAME, USER_PASSWORD); + AuthenticationResult result = authenticate("CRAM-MD5-HEX", "invalid", USER_PASSWORD); + assertEquals("Unexpected authentication result", AuthenticationResult.AuthenticationStatus.ERROR, result.getStatus()); + } + private AuthenticationResult authenticate(String mechanism, String userName, String userPassword) throws Exception + { + SaslServer ss = getAuthManager().createSaslServer(mechanism, "test", null); + byte[] challenge = ss.evaluateResponse(new byte[0]); + byte[] response = SaslUtil.generateCramMD5HexClientResponse(userName, userPassword, challenge);; + + return getAuthManager().authenticate(ss, response); + } + + private User createUser(String userName, String userPassword) + { + final Map<String, Object> childAttrs = new HashMap<String, Object>(); + + childAttrs.put(User.NAME, userName); + childAttrs.put(User.PASSWORD, userPassword); + User user = getAuthManager().addChild(User.class, childAttrs); + assertNotNull("User should be created but addChild returned null", user); + assertEquals(userName, user.getName()); + return user; + } } |