You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by lq...@apache.org on 2016/02/15 16:16:18 UTC
svn commit: r1730547 -
/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
Author: lquack
Date: Mon Feb 15 15:16:18 2016
New Revision: 1730547
URL: http://svn.apache.org/viewvc?rev=1730547&view=rev
Log:
QPID-7067: [Java Broker] Fix Scram password upgrade code to not loose passwords upon upgrade
* Workaround by temporarily disabling password encoding mechanism in case we are upgrading.
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java?rev=1730547&r1=1730546&r2=1730547&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java Mon Feb 15 15:16:18 2016
@@ -64,6 +64,7 @@ public abstract class AbstractScramAuthe
public static final int DEFAULT_ITERATION_COUNT = 4096;
private int _iterationCount = DEFAULT_ITERATION_COUNT;
+ private boolean _doNotCreateStoredPasswordBecauseItIsBeingUpgraded;
protected AbstractScramAuthenticationManager(final Map<String, Object> attributes, final Broker broker)
@@ -173,8 +174,9 @@ public abstract class AbstractScramAuthe
+ DatatypeConverter.printBase64Binary(storedKey) + ","
+ DatatypeConverter.printBase64Binary(serverKey) + ","
+ oldDefaultIterationCount;
-
+ _doNotCreateStoredPasswordBecauseItIsBeingUpgraded = true;
user.setPassword(password);
+ _doNotCreateStoredPasswordBecauseItIsBeingUpgraded = false;
}
catch (NoSuchAlgorithmException e)
{
@@ -188,7 +190,9 @@ public abstract class AbstractScramAuthe
+ passwordFields[PasswordField.STORED_KEY.ordinal()] + ","
+ passwordFields[PasswordField.SERVER_KEY.ordinal()] + ","
+ oldDefaultIterationCount;
+ _doNotCreateStoredPasswordBecauseItIsBeingUpgraded = true;
user.setPassword(password);
+ _doNotCreateStoredPasswordBecauseItIsBeingUpgraded = false;
}
else if (passwordFields.length != 5)
{
@@ -246,6 +250,11 @@ public abstract class AbstractScramAuthe
@Override
protected String createStoredPassword(final String password)
{
+ if (_doNotCreateStoredPasswordBecauseItIsBeingUpgraded)
+ {
+ return password;
+ }
+
try
{
final int iterationCount = getIterationCount();
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org