You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by la...@apache.org on 2012/12/19 23:20:34 UTC
svn commit: r1424170 - in /airavata/trunk:
modules/commons/utils/src/main/java/org/apache/airavata/common/utils/
modules/distribution/airavata-client/src/main/resources/conf/
modules/distribution/airavata-server/src/main/resources/conf/
modules/distrib...
Author: lahiru
Date: Wed Dec 19 22:20:33 2012
New Revision: 1424170
URL: http://svn.apache.org/viewvc?rev=1424170&view=rev
Log:
Fixing AIRAVATA-681. Thanks Amila.
Added:
airavata/trunk/modules/commons/utils/src/main/java/org/apache/airavata/common/utils/SecurityUtil.java
airavata/trunk/modules/rest/webapp/src/main/webapp/images/
airavata/trunk/modules/rest/webapp/src/main/webapp/images/airavata-logo-2.png (with props)
Modified:
airavata/trunk/modules/distribution/airavata-client/src/main/resources/conf/registry.properties
airavata/trunk/modules/distribution/airavata-server/src/main/resources/conf/registry.properties
airavata/trunk/modules/distribution/xbaya-gui/src/main/resources/conf/registry.properties
airavata/trunk/modules/integration-tests/src/test/resources/registry.properties
airavata/trunk/modules/registry/airavata-jpa-registry/src/main/java/org/apache/airavata/persistance/registry/jpa/resources/UserResource.java
airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql
airavata/trunk/modules/registry/airavata-jpa-registry/src/test/resources/registry.properties
airavata/trunk/modules/registry/airavata-registry-test/src/test/resources/registry.properties
airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/local/LocalUserStore.java
airavata/trunk/modules/rest/webapp/src/main/resources/authenticators.xml
airavata/trunk/modules/rest/webapp/src/main/resources/registry.properties
airavata/trunk/modules/rest/webapp/src/main/webapp/index.jsp
airavata/trunk/modules/xbaya-gui/src/main/resources/registry.properties
airavata/trunk/samples/airavata-client/create-application/src/main/resources/registry.properties
airavata/trunk/samples/airavata-client/workflow-run/src/main/resources/registry.properties
Added: airavata/trunk/modules/commons/utils/src/main/java/org/apache/airavata/common/utils/SecurityUtil.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/commons/utils/src/main/java/org/apache/airavata/common/utils/SecurityUtil.java?rev=1424170&view=auto
==============================================================================
--- airavata/trunk/modules/commons/utils/src/main/java/org/apache/airavata/common/utils/SecurityUtil.java (added)
+++ airavata/trunk/modules/commons/utils/src/main/java/org/apache/airavata/common/utils/SecurityUtil.java Wed Dec 19 22:20:33 2012
@@ -0,0 +1,28 @@
+package org.apache.airavata.common.utils;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * Class which includes security utilities.
+ */
+public class SecurityUtil {
+
+ /**
+ * Creates a hash of given string with the given hash algorithm.
+ * @param stringToDigest The string to digest.
+ * @param digestingAlgorithm Hash algorithm.
+ * @return The digested string.
+ * @throws NoSuchAlgorithmException If given hash algorithm doesnt exists.
+ */
+ public static String digestString(String stringToDigest, String digestingAlgorithm)
+ throws NoSuchAlgorithmException {
+
+ if (digestingAlgorithm == null) {
+ return stringToDigest;
+ }
+
+ MessageDigest messageDigest = MessageDigest.getInstance(digestingAlgorithm);
+ return new String(messageDigest.digest(stringToDigest.getBytes()));
+ }
+}
Modified: airavata/trunk/modules/distribution/airavata-client/src/main/resources/conf/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/distribution/airavata-client/src/main/resources/conf/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/distribution/airavata-client/src/main/resources/conf/registry.properties (original)
+++ airavata/trunk/modules/distribution/airavata-client/src/main/resources/conf/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
default.registry.user=admin
default.registry.password=admin
+default.registry.password.hash.method=SHA
default.registry.gateway=default
#for rest [RegistryClient]
Modified: airavata/trunk/modules/distribution/airavata-server/src/main/resources/conf/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/distribution/airavata-server/src/main/resources/conf/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/distribution/airavata-server/src/main/resources/conf/registry.properties (original)
+++ airavata/trunk/modules/distribution/airavata-server/src/main/resources/conf/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
default.registry.user=admin
default.registry.password=admin
+default.registry.password.hash.method=SHA
default.registry.gateway=default
#for rest [RegistryClient]
Modified: airavata/trunk/modules/distribution/xbaya-gui/src/main/resources/conf/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/distribution/xbaya-gui/src/main/resources/conf/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/distribution/xbaya-gui/src/main/resources/conf/registry.properties (original)
+++ airavata/trunk/modules/distribution/xbaya-gui/src/main/resources/conf/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
default.registry.user=admin
default.registry.password=admin
+default.registry.password.hash.method=SHA
default.registry.gateway=default
#for rest [RegistryClient]
Modified: airavata/trunk/modules/integration-tests/src/test/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/integration-tests/src/test/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/integration-tests/src/test/resources/registry.properties (original)
+++ airavata/trunk/modules/integration-tests/src/test/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
default.registry.user=admin
default.registry.password=admin
+default.registry.password.hash.method=SHA
default.registry.gateway=default
#for rest [RegistryClient]
Modified: airavata/trunk/modules/registry/airavata-jpa-registry/src/main/java/org/apache/airavata/persistance/registry/jpa/resources/UserResource.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/registry/airavata-jpa-registry/src/main/java/org/apache/airavata/persistance/registry/jpa/resources/UserResource.java?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/registry/airavata-jpa-registry/src/main/java/org/apache/airavata/persistance/registry/jpa/resources/UserResource.java (original)
+++ airavata/trunk/modules/registry/airavata-jpa-registry/src/main/java/org/apache/airavata/persistance/registry/jpa/resources/UserResource.java Wed Dec 19 22:20:33 2012
@@ -20,12 +20,16 @@
*/
package org.apache.airavata.persistance.registry.jpa.resources;
+import java.security.NoSuchAlgorithmException;
import java.util.List;
+import org.apache.airavata.common.utils.SecurityUtil;
import org.apache.airavata.persistance.registry.jpa.Resource;
import org.apache.airavata.persistance.registry.jpa.ResourceType;
import org.apache.airavata.persistance.registry.jpa.ResourceUtils;
import org.apache.airavata.persistance.registry.jpa.model.Users;
+import org.apache.airavata.registry.api.exception.RegistrySettingsException;
+import org.apache.airavata.registry.api.util.RegistrySettings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -129,7 +133,14 @@ public class UserResource extends Abstra
em.getTransaction().begin();
Users user = new Users();
user.setUser_name(userName);
- user.setPassword(password);
+ try {
+ user.setPassword(SecurityUtil.digestString(password,
+ RegistrySettings.getSetting("default.registry.password.hash.method")));
+ } catch (NoSuchAlgorithmException e) {
+ throw new RuntimeException("Error hashing default admin password. Invalid hash algorithm.", e);
+ } catch (RegistrySettingsException e) {
+ throw new RuntimeException("Error reading hash algorithm from configurations", e);
+ }
if(existingUser != null){
existingUser.setPassword(password);
user = em.merge(existingUser);
Modified: airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql (original)
+++ airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql Wed Dec 19 22:20:33 2012
@@ -191,7 +191,6 @@ create table Gram_Data
FOREIGN KEY (workflow_instanceID) REFERENCES Workflow_Data(workflow_instanceID) ON DELETE CASCADE
);
-insert into Users values ('admin', 'admin');
Modified: airavata/trunk/modules/registry/airavata-jpa-registry/src/test/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/registry/airavata-jpa-registry/src/test/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/registry/airavata-jpa-registry/src/test/resources/registry.properties (original)
+++ airavata/trunk/modules/registry/airavata-jpa-registry/src/test/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
default.registry.user=admin
default.registry.password=admin
+default.registry.password.hash.method=SHA
default.registry.gateway=default
#for rest [RegistryClient]
Modified: airavata/trunk/modules/registry/airavata-registry-test/src/test/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/registry/airavata-registry-test/src/test/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/registry/airavata-registry-test/src/test/resources/registry.properties (original)
+++ airavata/trunk/modules/registry/airavata-registry-test/src/test/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
default.registry.user=admin
default.registry.password=admin
+default.registry.password.hash.method=SHA
default.registry.gateway=default
#for rest [RegistryClient]
Modified: airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/local/LocalUserStore.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/local/LocalUserStore.java?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/local/LocalUserStore.java (original)
+++ airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/local/LocalUserStore.java Wed Dec 19 22:20:33 2012
@@ -1,5 +1,6 @@
package org.apache.airavata.services.registry.rest.security.local;
+import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
@@ -11,6 +12,7 @@ import java.util.List;
import javax.servlet.ServletContext;
import org.apache.airavata.common.utils.DBUtil;
+import org.apache.airavata.common.utils.SecurityUtil;
import org.apache.airavata.registry.api.util.RegistrySettings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -24,8 +26,13 @@ public class LocalUserStore {
private DBUtil dbUtil;
+ private String hashMethod;
+
public LocalUserStore(ServletContext servletContext) throws Exception {
// Properties properties = WebAppUtil.getAiravataProperties(servletContext);
+
+ hashMethod = RegistrySettings.getSetting("default.registry.password.hash.method");
+
dbUtil = new DBUtil(RegistrySettings.getSetting("registry.jdbc.url"),
RegistrySettings.getSetting("registry.jdbc.user"),
RegistrySettings.getSetting("registry.jdbc.password"),
@@ -50,7 +57,8 @@ public class LocalUserStore {
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setString(1, userName);
- preparedStatement.setString(2, password);
+ preparedStatement.setString(2, SecurityUtil.digestString(password,
+ hashMethod));
preparedStatement.executeUpdate();
@@ -65,6 +73,11 @@ public class LocalUserStore {
log.error(stringBuilder.toString(), e);
throw new RuntimeException(stringBuilder.toString(), e);
+ } catch (NoSuchAlgorithmException e) {
+ String stringBuilder = "Error creating hash value for password.";
+ log.error(stringBuilder, e);
+
+ throw new RuntimeException(stringBuilder, e);
} finally {
dbUtil.cleanup(preparedStatement, connection);
@@ -129,8 +142,10 @@ public class LocalUserStore {
String storedPassword = getPassword(userName, connection);
+ String oldDigestedPassword = SecurityUtil.digestString(oldPassword, hashMethod);
+
if (storedPassword != null) {
- if (!storedPassword.equals(oldPassword)) {
+ if (!storedPassword.equals(oldDigestedPassword)) {
throw new RuntimeException("Previous password did not match correctly. Please specify old password" +
" correctly.");
}
@@ -140,7 +155,7 @@ public class LocalUserStore {
preparedStatement = connection.prepareStatement(sql);
- preparedStatement.setString(1, newPassword);
+ preparedStatement.setString(1, SecurityUtil.digestString(newPassword, hashMethod));
preparedStatement.setString(2, userName);
preparedStatement.executeUpdate();
@@ -156,6 +171,11 @@ public class LocalUserStore {
log.error(stringBuilder.toString(), e);
throw new RuntimeException(stringBuilder.toString(), e);
+ } catch (NoSuchAlgorithmException e) {
+ String stringBuilder = "Error creating hash value for password.";
+ log.error(stringBuilder, e);
+
+ throw new RuntimeException(stringBuilder, e);
} finally {
dbUtil.cleanup(preparedStatement, connection);
@@ -175,7 +195,7 @@ public class LocalUserStore {
preparedStatement = connection.prepareStatement(sql);
- preparedStatement.setString(1, newPassword);
+ preparedStatement.setString(1, SecurityUtil.digestString(newPassword, hashMethod));
preparedStatement.setString(2, userName);
preparedStatement.executeUpdate();
@@ -191,6 +211,11 @@ public class LocalUserStore {
log.error(stringBuilder.toString(), e);
throw new RuntimeException(stringBuilder.toString(), e);
+ } catch (NoSuchAlgorithmException e) {
+ String stringBuilder = "Error creating hash value for password.";
+ log.error(stringBuilder, e);
+
+ throw new RuntimeException(stringBuilder, e);
} finally {
dbUtil.cleanup(preparedStatement, connection);
Modified: airavata/trunk/modules/rest/webapp/src/main/resources/authenticators.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/resources/authenticators.xml?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/rest/webapp/src/main/resources/authenticators.xml (original)
+++ airavata/trunk/modules/rest/webapp/src/main/resources/authenticators.xml Wed Dec 19 22:20:33 2012
@@ -37,6 +37,7 @@ The "enabled parameter at root level wil
<password>airavata</password>
<databaseDriver>org.apache.derby.jdbc.ClientDriver</databaseDriver>
<userTableName>Users</userTableName>
+ <passwordHashMethod>SHA</passwordHashMethod>
<userNameColumnName>user_name</userNameColumnName>
<passwordColumnName>password</passwordColumnName>
</database>
Modified: airavata/trunk/modules/rest/webapp/src/main/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/rest/webapp/src/main/resources/registry.properties (original)
+++ airavata/trunk/modules/rest/webapp/src/main/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -43,6 +43,7 @@ registry.jdbc.driver=org.apache.derby.jd
registry.jdbc.url=jdbc:derby://localhost:1527/persistent_data;create=true;user=airavata;password=airavata
registry.jdbc.user=airavata
registry.jdbc.password=airavata
+default.registry.password.hash.method=SHA
start.derby.server.mode=true
#for rest [RegistryClient]
Added: airavata/trunk/modules/rest/webapp/src/main/webapp/images/airavata-logo-2.png
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/webapp/images/airavata-logo-2.png?rev=1424170&view=auto
==============================================================================
Binary file - no diff available.
Propchange: airavata/trunk/modules/rest/webapp/src/main/webapp/images/airavata-logo-2.png
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Modified: airavata/trunk/modules/rest/webapp/src/main/webapp/index.jsp
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/webapp/index.jsp?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/rest/webapp/src/main/webapp/index.jsp (original)
+++ airavata/trunk/modules/rest/webapp/src/main/webapp/index.jsp Wed Dec 19 22:20:33 2012
@@ -1,6 +1,9 @@
<html>
<body>
+<img src="images/airavata-logo-2.png">
<h2>Airavata REST API</h2>
<p>Welcome to Airavata Web Application</p>
+
+<p><a href="user-store/index.jsp"><b>Manage Local User Store</b></a></p>
</body>
</html>
Modified: airavata/trunk/modules/xbaya-gui/src/main/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/xbaya-gui/src/main/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/xbaya-gui/src/main/resources/registry.properties (original)
+++ airavata/trunk/modules/xbaya-gui/src/main/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
default.registry.user=admin
default.registry.password=admin
+default.registry.password.hash.method=SHA
default.registry.gateway=default
#for rest [RegistryClient]
Modified: airavata/trunk/samples/airavata-client/create-application/src/main/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/samples/airavata-client/create-application/src/main/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/samples/airavata-client/create-application/src/main/resources/registry.properties (original)
+++ airavata/trunk/samples/airavata-client/create-application/src/main/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
default.registry.user=admin
default.registry.password=admin
+default.registry.password.hash.method=SHA
default.registry.gateway=default
#for rest [RegistryClient]
Modified: airavata/trunk/samples/airavata-client/workflow-run/src/main/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/samples/airavata-client/workflow-run/src/main/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/samples/airavata-client/workflow-run/src/main/resources/registry.properties (original)
+++ airavata/trunk/samples/airavata-client/workflow-run/src/main/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
default.registry.user=admin
default.registry.password=admin
+default.registry.password.hash.method=SHA
default.registry.gateway=default
#for rest [RegistryClient]