You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by kt...@apache.org on 2013/04/19 19:39:42 UTC
svn commit: r1469967 - in /accumulo/branches/1.5/core/src: main/java/org/apache/accumulo/core/client/security/tokens/ test/java/org/apache/accumulo/core/client/security/tokens/

Author: kturner
Date: Fri Apr 19 17:39:42 2013
New Revision: 1469967

URL: http://svn.apache.org/r1469967
Log:
ACCUMULO-1314 made PasswordToken init work w/ multi-byte chars and clear intermediate byte buffer.  Made AuthToken props fail after destroyed

Added:
    accumulo/branches/1.5/core/src/test/java/org/apache/accumulo/core/client/security/tokens/
    accumulo/branches/1.5/core/src/test/java/org/apache/accumulo/core/client/security/tokens/PasswordTokenTest.java
Modified:
    accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/client/security/tokens/AuthenticationToken.java
    accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/client/security/tokens/PasswordToken.java

Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/client/security/tokens/AuthenticationToken.java
URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/client/security/tokens/AuthenticationToken.java?rev=1469967&r1=1469966&r2=1469967&view=diff
==============================================================================
--- accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/client/security/tokens/AuthenticationToken.java (original)
+++ accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/client/security/tokens/AuthenticationToken.java Fri Apr 19 17:39:42 2013
@@ -17,6 +17,7 @@
 package org.apache.accumulo.core.client.security.tokens;
 
 import java.util.Arrays;
+import java.util.Collection;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
@@ -30,18 +31,26 @@ import org.apache.hadoop.io.Writable;
  * @since 1.5.0
  */
 public interface AuthenticationToken extends Writable, Destroyable, Cloneable {
-  public class Properties extends HashMap<String, char[]> implements Destroyable {
-    private static final long serialVersionUID = 507486847276806489L;
-    boolean destroyed = false;
+  public class Properties implements Destroyable, Map<String,char[]> {
+    
+    private boolean destroyed = false;
+    private HashMap<String,char[]> map = new HashMap<String,char[]>();
+    
+    private void checkDestroyed() {
+      if (destroyed)
+        throw new IllegalStateException();
+    }
     
     public char[] put(String key, CharSequence value) {
+      checkDestroyed();
       char[] toPut = new char[value.length()];
       for (int i = 0; i < value.length(); i++)
         toPut[i] = value.charAt(i);
-      return this.put(key, toPut);
+      return map.put(key, toPut);
     }
     
     public void putAllStrings(Map<String, ? extends CharSequence> map) {
+      checkDestroyed();
       for (Map.Entry<String,? extends CharSequence> entry : map.entrySet()) {
         put(entry.getKey(), entry.getValue());
       }
@@ -61,6 +70,79 @@ public interface AuthenticationToken ext
     public boolean isDestroyed() {
       return destroyed;
     }
+    
+    @Override
+    public int size() {
+      checkDestroyed();
+      return map.size();
+    }
+    
+    @Override
+    public boolean isEmpty() {
+      checkDestroyed();
+      return map.isEmpty();
+    }
+    
+    @Override
+    public boolean containsKey(Object key) {
+      checkDestroyed();
+      return map.containsKey(key);
+    }
+    
+    @Override
+    public boolean containsValue(Object value) {
+      checkDestroyed();
+      return map.containsValue(value);
+    }
+    
+    @Override
+    public char[] get(Object key) {
+      checkDestroyed();
+      // TODO Auto-generated method stub
+      return map.get(key);
+    }
+    
+    @Override
+    public char[] put(String key, char[] value) {
+      checkDestroyed();
+      return map.put(key, value);
+    }
+    
+    @Override
+    public char[] remove(Object key) {
+      checkDestroyed();
+      return map.remove(key);
+    }
+    
+    @Override
+    public void putAll(Map<? extends String,? extends char[]> m) {
+      checkDestroyed();
+      map.putAll(m);
+    }
+    
+    @Override
+    public void clear() {
+      checkDestroyed();
+      map.clear();
+    }
+    
+    @Override
+    public Set<String> keySet() {
+      checkDestroyed();
+      return map.keySet();
+    }
+    
+    @Override
+    public Collection<char[]> values() {
+      checkDestroyed();
+      return map.values();
+    }
+    
+    @Override
+    public Set<java.util.Map.Entry<String,char[]>> entrySet() {
+      checkDestroyed();
+      return map.entrySet();
+    }
   }
   
   public static class TokenProperty implements Comparable<TokenProperty> {

Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/client/security/tokens/PasswordToken.java
URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/client/security/tokens/PasswordToken.java?rev=1469967&r1=1469966&r2=1469967&view=diff
==============================================================================
--- accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/client/security/tokens/PasswordToken.java (original)
+++ accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/client/security/tokens/PasswordToken.java Fri Apr 19 17:39:42 2013
@@ -55,7 +55,7 @@ public class PasswordToken implements Au
    * Password tokens created with this constructor will store the password as UTF-8 bytes.
    */
   public PasswordToken(CharSequence password) {
-    this.password = password.toString().getBytes(Constants.UTF8);
+    setPassword(CharBuffer.wrap(password));
   }
   
   /**
@@ -123,15 +123,29 @@ public class PasswordToken implements Au
     }
   }
   
+  private void setPassword(CharBuffer charBuffer) {
+    // encode() kicks back a C-string, which is not compatible with the old passwording system
+    ByteBuffer bb = Constants.UTF8.encode(charBuffer);
+    // create array using byter buffer length
+    this.password = new byte[bb.remaining()];
+    bb.get(this.password);
+    if (!bb.isReadOnly()) {
+      // clear byte buffer
+      bb.rewind();
+      while (bb.remaining() > 0) {
+        bb.put((byte) 0);
+      }
+    }
+  }
+
   @Override
   public void init(Properties properties) {
     if (properties.containsKey("password")){
-      // encode() kicks back a C-string, which is not compatible with the old passwording system
-      this.password = new byte[properties.get("password").length];
-      Constants.UTF8.encode(CharBuffer.wrap(properties.get("password"))).get(this.password, 0, this.password.length);
+      setPassword(CharBuffer.wrap(properties.get("password")));
     }else
       throw new IllegalArgumentException("Missing 'password' property");
   }
+
   
   @Override
   public Set<TokenProperty> getProperties() {

Added: accumulo/branches/1.5/core/src/test/java/org/apache/accumulo/core/client/security/tokens/PasswordTokenTest.java
URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/test/java/org/apache/accumulo/core/client/security/tokens/PasswordTokenTest.java?rev=1469967&view=auto
==============================================================================
--- accumulo/branches/1.5/core/src/test/java/org/apache/accumulo/core/client/security/tokens/PasswordTokenTest.java (added)
+++ accumulo/branches/1.5/core/src/test/java/org/apache/accumulo/core/client/security/tokens/PasswordTokenTest.java Fri Apr 19 17:39:42 2013
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.accumulo.core.client.security.tokens;
+
+import javax.security.auth.DestroyFailedException;
+
+import org.apache.accumulo.core.Constants;
+import org.junit.Assert;
+import org.junit.Test;
+
+/**
+ * 
+ */
+public class PasswordTokenTest {
+  
+  @Test
+  public void testMultiByte() throws DestroyFailedException {
+    PasswordToken pt = new PasswordToken();
+    AuthenticationToken.Properties props = new AuthenticationToken.Properties();
+    props.put("password", "äºå");
+    pt.init(props);
+    props.destroy();
+    String s = new String(pt.getPassword(), Constants.UTF8);
+    Assert.assertEquals("äºå", s);
+    
+    pt = new PasswordToken("äºå");
+    s = new String(pt.getPassword(), Constants.UTF8);
+    Assert.assertEquals("äºå", s);
+  }
+}