You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ri...@apache.org on 2007/04/20 15:24:44 UTC

svn commit: r530797 - /incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/

Author: ritchiem
Date: Fri Apr 20 06:24:43 2007
New Revision: 530797

URL: http://svn.apache.org/viewvc?view=rev&rev=530797
Log:
Updated PrincipalDatabase verifyPassword to match rest of API and take a char[]

Modified:
    incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
    incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java
    incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java
    incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java

Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java?view=diff&rev=530797&r1=530796&r2=530797
==============================================================================
--- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java (original)
+++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java Fri Apr 20 06:24:43 2007
@@ -153,27 +153,19 @@
      *
      * @throws AccountNotFoundException if the principal cannot be found
      */
-    public boolean verifyPassword(String principal, String password) throws AccountNotFoundException
+    public boolean verifyPassword(String principal, char[] password) throws AccountNotFoundException
     {
-        try
-        {
-            char[] pwd = lookupPassword(principal);
-            byte[] passwordBytes = password.getBytes(DEFAULT_ENCODING);
+        char[] pwd = lookupPassword(principal);
 
-            int index = 0;
-            boolean verified = true;
+        int index = 0;
+        boolean verified = true;
 
-            while (verified & index < passwordBytes.length)
-            {
-                verified = (pwd[index] == (char) passwordBytes[index]);
-                index++;
-            }
-            return verified;
-        }
-        catch (UnsupportedEncodingException e)
+        while (verified & index < password.length)
         {
-            return false;
+            verified = (pwd[index] == password[index]);
+            index++;
         }
+        return verified;
     }
 
     public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException
@@ -590,7 +582,7 @@
             int index = 0;
             for (char c : _password)
             {
-                byteArray[index++] = (byte)c;    
+                byteArray[index++] = (byte) c;
             }
             _encodedPassword = (new Base64()).encode(byteArray);
         }

Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java
URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java?view=diff&rev=530797&r1=530796&r2=530797
==============================================================================
--- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java (original)
+++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java Fri Apr 20 06:24:43 2007
@@ -121,34 +121,18 @@
         }
     }
 
-    public boolean verifyPassword(String principal, String password) throws AccountNotFoundException
+    public boolean verifyPassword(String principal, char[] password) throws AccountNotFoundException
     {
         try
         {
             char[] pwd = lookupPassword(principal);
 
-            return compareCharArray(pwd, convertPassword(password));
+            return compareCharArray(pwd, password);
         }
         catch (IOException e)
         {
             return false;
         }
-    }
-
-    private char[] convertPassword(String password) throws UnsupportedEncodingException
-    {
-        byte[] passwdBytes = password.getBytes("utf-8");
-
-        char[] passwd = new char[passwdBytes.length];
-
-        int index = 0;
-
-        for (byte b : passwdBytes)
-        {
-            passwd[index++] = (char) b;
-        }
-
-        return passwd;
     }
 
     public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException

Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java
URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java?view=diff&rev=530797&r1=530796&r2=530797
==============================================================================
--- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java (original)
+++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java Fri Apr 20 06:24:43 2007
@@ -55,7 +55,7 @@
      * @return true if password is correct
      * @throws AccountNotFoundException if the principal cannot be found
      */
-    boolean verifyPassword(String principal, String password)
+    boolean verifyPassword(String principal, char[] password)
             throws AccountNotFoundException;
 
     /**

Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java
URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java?view=diff&rev=530797&r1=530796&r2=530797
==============================================================================
--- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java (original)
+++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java Fri Apr 20 06:24:43 2007
@@ -79,18 +79,12 @@
         }
     }
 
-    public boolean verifyPassword(String principal, String password) throws AccountNotFoundException
+    public boolean verifyPassword(String principal, char[] password) throws AccountNotFoundException
     {
+        //fixme this is not correct as toCharArray is not safe based on the type of string.
         char[] pwd = _users.getProperty(principal).toCharArray();
 
-        try
-        {
-            return compareCharArray(pwd, convertPassword(password));
-        }
-        catch (UnsupportedEncodingException e)
-        {
-            return false;
-        }
+        return compareCharArray(pwd, password);
     }
 
     public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException