You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by la...@apache.org on 2012/12/19 23:20:34 UTC
svn commit: r1424170 - in /airavata/trunk: modules/commons/utils/src/main/java/org/apache/airavata/common/utils/ modules/distribution/airavata-client/src/main/resources/conf/ modules/distribution/airavata-server/src/main/resources/conf/ modules/distrib...

Author: lahiru
Date: Wed Dec 19 22:20:33 2012
New Revision: 1424170

URL: http://svn.apache.org/viewvc?rev=1424170&view=rev
Log:
Fixing AIRAVATA-681. Thanks Amila.

Added:
    airavata/trunk/modules/commons/utils/src/main/java/org/apache/airavata/common/utils/SecurityUtil.java
    airavata/trunk/modules/rest/webapp/src/main/webapp/images/
    airavata/trunk/modules/rest/webapp/src/main/webapp/images/airavata-logo-2.png   (with props)
Modified:
    airavata/trunk/modules/distribution/airavata-client/src/main/resources/conf/registry.properties
    airavata/trunk/modules/distribution/airavata-server/src/main/resources/conf/registry.properties
    airavata/trunk/modules/distribution/xbaya-gui/src/main/resources/conf/registry.properties
    airavata/trunk/modules/integration-tests/src/test/resources/registry.properties
    airavata/trunk/modules/registry/airavata-jpa-registry/src/main/java/org/apache/airavata/persistance/registry/jpa/resources/UserResource.java
    airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql
    airavata/trunk/modules/registry/airavata-jpa-registry/src/test/resources/registry.properties
    airavata/trunk/modules/registry/airavata-registry-test/src/test/resources/registry.properties
    airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/local/LocalUserStore.java
    airavata/trunk/modules/rest/webapp/src/main/resources/authenticators.xml
    airavata/trunk/modules/rest/webapp/src/main/resources/registry.properties
    airavata/trunk/modules/rest/webapp/src/main/webapp/index.jsp
    airavata/trunk/modules/xbaya-gui/src/main/resources/registry.properties
    airavata/trunk/samples/airavata-client/create-application/src/main/resources/registry.properties
    airavata/trunk/samples/airavata-client/workflow-run/src/main/resources/registry.properties

Added: airavata/trunk/modules/commons/utils/src/main/java/org/apache/airavata/common/utils/SecurityUtil.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/commons/utils/src/main/java/org/apache/airavata/common/utils/SecurityUtil.java?rev=1424170&view=auto
==============================================================================
--- airavata/trunk/modules/commons/utils/src/main/java/org/apache/airavata/common/utils/SecurityUtil.java (added)
+++ airavata/trunk/modules/commons/utils/src/main/java/org/apache/airavata/common/utils/SecurityUtil.java Wed Dec 19 22:20:33 2012
@@ -0,0 +1,28 @@
+package org.apache.airavata.common.utils;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * Class which includes security utilities.
+ */
+public class SecurityUtil {
+
+    /**
+     * Creates a hash of given string with the given hash algorithm.
+     * @param stringToDigest The string to digest.
+     * @param digestingAlgorithm Hash algorithm.
+     * @return The digested string.
+     * @throws NoSuchAlgorithmException If given hash algorithm doesnt exists.
+     */
+    public static String digestString(String stringToDigest, String digestingAlgorithm)
+            throws NoSuchAlgorithmException {
+
+        if (digestingAlgorithm == null) {
+            return stringToDigest;
+        }
+
+        MessageDigest messageDigest = MessageDigest.getInstance(digestingAlgorithm);
+        return new String(messageDigest.digest(stringToDigest.getBytes()));
+    }
+}

Modified: airavata/trunk/modules/distribution/airavata-client/src/main/resources/conf/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/distribution/airavata-client/src/main/resources/conf/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/distribution/airavata-client/src/main/resources/conf/registry.properties (original)
+++ airavata/trunk/modules/distribution/airavata-client/src/main/resources/conf/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
 
 default.registry.user=admin
 default.registry.password=admin
+default.registry.password.hash.method=SHA
 default.registry.gateway=default
 
 #for rest [RegistryClient]

Modified: airavata/trunk/modules/distribution/airavata-server/src/main/resources/conf/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/distribution/airavata-server/src/main/resources/conf/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/distribution/airavata-server/src/main/resources/conf/registry.properties (original)
+++ airavata/trunk/modules/distribution/airavata-server/src/main/resources/conf/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
 
 default.registry.user=admin
 default.registry.password=admin
+default.registry.password.hash.method=SHA
 default.registry.gateway=default
 
 #for rest [RegistryClient]

Modified: airavata/trunk/modules/distribution/xbaya-gui/src/main/resources/conf/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/distribution/xbaya-gui/src/main/resources/conf/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/distribution/xbaya-gui/src/main/resources/conf/registry.properties (original)
+++ airavata/trunk/modules/distribution/xbaya-gui/src/main/resources/conf/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
 
 default.registry.user=admin
 default.registry.password=admin
+default.registry.password.hash.method=SHA
 default.registry.gateway=default
 
 #for rest [RegistryClient]

Modified: airavata/trunk/modules/integration-tests/src/test/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/integration-tests/src/test/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/integration-tests/src/test/resources/registry.properties (original)
+++ airavata/trunk/modules/integration-tests/src/test/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
 
 default.registry.user=admin
 default.registry.password=admin
+default.registry.password.hash.method=SHA
 default.registry.gateway=default
 
 #for rest [RegistryClient]

Modified: airavata/trunk/modules/registry/airavata-jpa-registry/src/main/java/org/apache/airavata/persistance/registry/jpa/resources/UserResource.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/registry/airavata-jpa-registry/src/main/java/org/apache/airavata/persistance/registry/jpa/resources/UserResource.java?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/registry/airavata-jpa-registry/src/main/java/org/apache/airavata/persistance/registry/jpa/resources/UserResource.java (original)
+++ airavata/trunk/modules/registry/airavata-jpa-registry/src/main/java/org/apache/airavata/persistance/registry/jpa/resources/UserResource.java Wed Dec 19 22:20:33 2012
@@ -20,12 +20,16 @@
 */
 package org.apache.airavata.persistance.registry.jpa.resources;
 
+import java.security.NoSuchAlgorithmException;
 import java.util.List;
 
+import org.apache.airavata.common.utils.SecurityUtil;
 import org.apache.airavata.persistance.registry.jpa.Resource;
 import org.apache.airavata.persistance.registry.jpa.ResourceType;
 import org.apache.airavata.persistance.registry.jpa.ResourceUtils;
 import org.apache.airavata.persistance.registry.jpa.model.Users;
+import org.apache.airavata.registry.api.exception.RegistrySettingsException;
+import org.apache.airavata.registry.api.util.RegistrySettings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -129,7 +133,14 @@ public class UserResource extends Abstra
         em.getTransaction().begin();
         Users user = new Users();
         user.setUser_name(userName);
-        user.setPassword(password);
+        try {
+            user.setPassword(SecurityUtil.digestString(password,
+                    RegistrySettings.getSetting("default.registry.password.hash.method")));
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException("Error hashing default admin password. Invalid hash algorithm.", e);
+        } catch (RegistrySettingsException e) {
+            throw new RuntimeException("Error reading hash algorithm from configurations", e);
+        }
         if(existingUser != null){
             existingUser.setPassword(password);
             user = em.merge(existingUser);

Modified: airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql (original)
+++ airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql Wed Dec 19 22:20:33 2012
@@ -191,7 +191,6 @@ create table Gram_Data
        FOREIGN KEY (workflow_instanceID) REFERENCES Workflow_Data(workflow_instanceID) ON DELETE CASCADE
 );
 
-insert into Users values ('admin', 'admin');
 
 
 

Modified: airavata/trunk/modules/registry/airavata-jpa-registry/src/test/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/registry/airavata-jpa-registry/src/test/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/registry/airavata-jpa-registry/src/test/resources/registry.properties (original)
+++ airavata/trunk/modules/registry/airavata-jpa-registry/src/test/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
 
 default.registry.user=admin
 default.registry.password=admin
+default.registry.password.hash.method=SHA
 default.registry.gateway=default
 
 #for rest [RegistryClient]

Modified: airavata/trunk/modules/registry/airavata-registry-test/src/test/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/registry/airavata-registry-test/src/test/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/registry/airavata-registry-test/src/test/resources/registry.properties (original)
+++ airavata/trunk/modules/registry/airavata-registry-test/src/test/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
 
 default.registry.user=admin
 default.registry.password=admin
+default.registry.password.hash.method=SHA
 default.registry.gateway=default
 
 #for rest [RegistryClient]

Modified: airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/local/LocalUserStore.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/local/LocalUserStore.java?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/local/LocalUserStore.java (original)
+++ airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/local/LocalUserStore.java Wed Dec 19 22:20:33 2012
@@ -1,5 +1,6 @@
 package org.apache.airavata.services.registry.rest.security.local;
 
+import java.security.NoSuchAlgorithmException;
 import java.sql.Connection;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
@@ -11,6 +12,7 @@ import java.util.List;
 import javax.servlet.ServletContext;
 
 import org.apache.airavata.common.utils.DBUtil;
+import org.apache.airavata.common.utils.SecurityUtil;
 import org.apache.airavata.registry.api.util.RegistrySettings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -24,8 +26,13 @@ public class LocalUserStore {
 
     private DBUtil dbUtil;
 
+    private String hashMethod;
+
     public LocalUserStore(ServletContext servletContext) throws Exception {
 //        Properties properties = WebAppUtil.getAiravataProperties(servletContext);
+
+        hashMethod = RegistrySettings.getSetting("default.registry.password.hash.method");
+
         dbUtil = new DBUtil(RegistrySettings.getSetting("registry.jdbc.url"),
         		RegistrySettings.getSetting("registry.jdbc.user"),
         		RegistrySettings.getSetting("registry.jdbc.password"),
@@ -50,7 +57,8 @@ public class LocalUserStore {
             preparedStatement = connection.prepareStatement(sql);
 
             preparedStatement.setString(1, userName);
-            preparedStatement.setString(2, password);
+            preparedStatement.setString(2, SecurityUtil.digestString(password,
+                    hashMethod));
 
             preparedStatement.executeUpdate();
 
@@ -65,6 +73,11 @@ public class LocalUserStore {
             log.error(stringBuilder.toString(), e);
 
             throw new RuntimeException(stringBuilder.toString(), e);
+        } catch (NoSuchAlgorithmException e) {
+            String stringBuilder = "Error creating hash value for password.";
+            log.error(stringBuilder, e);
+
+            throw new RuntimeException(stringBuilder, e);
         } finally {
 
             dbUtil.cleanup(preparedStatement, connection);
@@ -129,8 +142,10 @@ public class LocalUserStore {
 
             String storedPassword = getPassword(userName, connection);
 
+            String oldDigestedPassword = SecurityUtil.digestString(oldPassword, hashMethod);
+
             if (storedPassword != null) {
-                if (!storedPassword.equals(oldPassword)) {
+                if (!storedPassword.equals(oldDigestedPassword)) {
                     throw new RuntimeException("Previous password did not match correctly. Please specify old password" +
                             " correctly.");
                 }
@@ -140,7 +155,7 @@ public class LocalUserStore {
 
             preparedStatement = connection.prepareStatement(sql);
 
-            preparedStatement.setString(1, newPassword);
+            preparedStatement.setString(1, SecurityUtil.digestString(newPassword, hashMethod));
             preparedStatement.setString(2, userName);
 
             preparedStatement.executeUpdate();
@@ -156,6 +171,11 @@ public class LocalUserStore {
             log.error(stringBuilder.toString(), e);
 
             throw new RuntimeException(stringBuilder.toString(), e);
+        } catch (NoSuchAlgorithmException e) {
+            String stringBuilder = "Error creating hash value for password.";
+            log.error(stringBuilder, e);
+
+            throw new RuntimeException(stringBuilder, e);
         } finally {
 
             dbUtil.cleanup(preparedStatement, connection);
@@ -175,7 +195,7 @@ public class LocalUserStore {
 
             preparedStatement = connection.prepareStatement(sql);
 
-            preparedStatement.setString(1, newPassword);
+            preparedStatement.setString(1, SecurityUtil.digestString(newPassword, hashMethod));
             preparedStatement.setString(2, userName);
 
             preparedStatement.executeUpdate();
@@ -191,6 +211,11 @@ public class LocalUserStore {
             log.error(stringBuilder.toString(), e);
 
             throw new RuntimeException(stringBuilder.toString(), e);
+        } catch (NoSuchAlgorithmException e) {
+            String stringBuilder = "Error creating hash value for password.";
+            log.error(stringBuilder, e);
+
+            throw new RuntimeException(stringBuilder, e);
         } finally {
 
             dbUtil.cleanup(preparedStatement, connection);

Modified: airavata/trunk/modules/rest/webapp/src/main/resources/authenticators.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/resources/authenticators.xml?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/rest/webapp/src/main/resources/authenticators.xml (original)
+++ airavata/trunk/modules/rest/webapp/src/main/resources/authenticators.xml Wed Dec 19 22:20:33 2012
@@ -37,6 +37,7 @@ The "enabled parameter at root level wil
                 <password>airavata</password>
                 <databaseDriver>org.apache.derby.jdbc.ClientDriver</databaseDriver>
                 <userTableName>Users</userTableName>
+                <passwordHashMethod>SHA</passwordHashMethod>
                 <userNameColumnName>user_name</userNameColumnName>
                 <passwordColumnName>password</passwordColumnName>
             </database>

Modified: airavata/trunk/modules/rest/webapp/src/main/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/rest/webapp/src/main/resources/registry.properties (original)
+++ airavata/trunk/modules/rest/webapp/src/main/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -43,6 +43,7 @@ registry.jdbc.driver=org.apache.derby.jd
 registry.jdbc.url=jdbc:derby://localhost:1527/persistent_data;create=true;user=airavata;password=airavata
 registry.jdbc.user=airavata
 registry.jdbc.password=airavata
+default.registry.password.hash.method=SHA
 start.derby.server.mode=true
 
 #for rest [RegistryClient]

Added: airavata/trunk/modules/rest/webapp/src/main/webapp/images/airavata-logo-2.png
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/webapp/images/airavata-logo-2.png?rev=1424170&view=auto
==============================================================================
Binary file - no diff available.

Propchange: airavata/trunk/modules/rest/webapp/src/main/webapp/images/airavata-logo-2.png
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Modified: airavata/trunk/modules/rest/webapp/src/main/webapp/index.jsp
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/webapp/index.jsp?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/rest/webapp/src/main/webapp/index.jsp (original)
+++ airavata/trunk/modules/rest/webapp/src/main/webapp/index.jsp Wed Dec 19 22:20:33 2012
@@ -1,6 +1,9 @@
 <html>
 <body>
+<img src="images/airavata-logo-2.png">
 <h2>Airavata REST API</h2>
 <p>Welcome to Airavata Web Application</p>
+
+<p><a href="user-store/index.jsp"><b>Manage Local User Store</b></a></p>
 </body>
 </html>

Modified: airavata/trunk/modules/xbaya-gui/src/main/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/xbaya-gui/src/main/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/modules/xbaya-gui/src/main/resources/registry.properties (original)
+++ airavata/trunk/modules/xbaya-gui/src/main/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
 
 default.registry.user=admin
 default.registry.password=admin
+default.registry.password.hash.method=SHA
 default.registry.gateway=default
 
 #for rest [RegistryClient]

Modified: airavata/trunk/samples/airavata-client/create-application/src/main/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/samples/airavata-client/create-application/src/main/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/samples/airavata-client/create-application/src/main/resources/registry.properties (original)
+++ airavata/trunk/samples/airavata-client/create-application/src/main/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
 
 default.registry.user=admin
 default.registry.password=admin
+default.registry.password.hash.method=SHA
 default.registry.gateway=default
 
 #for rest [RegistryClient]

Modified: airavata/trunk/samples/airavata-client/workflow-run/src/main/resources/registry.properties
URL: http://svn.apache.org/viewvc/airavata/trunk/samples/airavata-client/workflow-run/src/main/resources/registry.properties?rev=1424170&r1=1424169&r2=1424170&view=diff
==============================================================================
--- airavata/trunk/samples/airavata-client/workflow-run/src/main/resources/registry.properties (original)
+++ airavata/trunk/samples/airavata-client/workflow-run/src/main/resources/registry.properties Wed Dec 19 22:20:33 2012
@@ -47,6 +47,7 @@ start.derby.server.mode=true
 
 default.registry.user=admin
 default.registry.password=admin
+default.registry.password.hash.method=SHA
 default.registry.gateway=default
 
 #for rest [RegistryClient]