From b49c3877b8c0060d56e7c0f875e71248418e7964 Mon Sep 17 00:00:00 2001 From: Robert Gemmell Date: Mon, 17 Aug 2009 15:52:13 +0000 Subject: QPID-2041: update the save process for the B64 MD5 password file. Only attempt the move if the new file is created successfully. Check if the rename/move succeeds, and if not attempt a copy instead git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@805018 13f79535-47bb-0310-9956-ffa450edef68 --- .../Base64MD5PasswordFilePrincipalDatabase.java | 46 ++++++++++++++++++---- 1 file changed, 38 insertions(+), 8 deletions(-) diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java index 3c211746e3..cd4eb0bec7 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java @@ -25,6 +25,7 @@ import org.apache.qpid.server.security.access.management.AMQUserManagementMBean; import org.apache.qpid.server.security.auth.sasl.AuthenticationProviderInitialiser; import org.apache.qpid.server.security.auth.sasl.UsernamePrincipal; import org.apache.qpid.server.security.auth.sasl.crammd5.CRAMMD5HashedInitialiser; +import org.apache.qpid.util.FileUtils; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.login.AccountNotFoundException; @@ -428,6 +429,7 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase BufferedReader reader = null; PrintStream writer = null; File tmp = File.createTempFile(_passwordFile.getName(), ".tmp"); + tmp.deleteOnExit(); try { @@ -501,6 +503,11 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase } } } + catch(IOException e) + { + _logger.error("Unable to create the new password file: " + e); + throw new IOException("Unable to create the new password file" + e); + } finally { if (reader != null) @@ -512,16 +519,39 @@ public class Base64MD5PasswordFilePrincipalDatabase implements PrincipalDatabase { writer.close(); } - - // Swap temp file to main password file. - File old = new File(_passwordFile.getAbsoluteFile() + ".old"); - if (old.exists()) + } + + // Swap temp file to main password file. + File old = new File(_passwordFile.getAbsoluteFile() + ".old"); + if (old.exists()) + { + old.delete(); + } + + try + { + if(!_passwordFile.renameTo(old)) { - old.delete(); + FileUtils.copyCheckedEx(_passwordFile, old); } - _passwordFile.renameTo(old); - tmp.renameTo(_passwordFile); - tmp.delete(); + } + catch (IOException e) + { + _logger.error("Could not backup the existing password file: " +e); + throw new IOException("Could not backup the existing password file: " + e); + } + + try + { + if(!tmp.renameTo(_passwordFile)) + { + FileUtils.copyCheckedEx(tmp, _passwordFile); + } + } + catch (IOException e) + { + _logger.error("Could not copy the new password file into place: " +e); + throw new IOException("Could not copy the new password file into place: " + e); } } finally -- cgit v1.2.1