You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@qpid.apache.org by ri...@apache.org on 2007/04/27 14:27:20 UTC

svn commit: r533075 - /incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java

Author: ritchiem
Date: Fri Apr 27 05:27:19 2007
New Revision: 533075

URL: http://svn.apache.org/viewvc?view=rev&rev=533075
Log:
QPID-473 Base64MD5PrincipalDatabase doesn't check password changes were applied to disk before storing in memory
Reversed the effects of the requested change if the changes cannot be persisted to disk

Modified:
    incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java

Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java?view=diff&rev=533075&r1=533074&r2=533075
==============================================================================
--- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java (original)
+++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java Fri Apr 27 05:27:19 2007
@@ -182,6 +182,7 @@
             try
             {
                 _userUpdate.lock();
+                char[] orig = user.getPassword();
                 user.setPassword(password);
 
                 try
@@ -192,6 +193,8 @@
                 {
                     _logger.error("Unable to save password file, password change for user'"
                                   + principal + "' will revert at restart");
+                    //revert the password change
+                    user.setPassword(orig);
                     return false;
                 }
                 return true;
@@ -210,22 +213,6 @@
         }
     }
 
-    private char[] convertPassword(String password) throws UnsupportedEncodingException
-    {
-        byte[] passwdBytes = password.getBytes(DEFAULT_ENCODING);
-
-        char[] passwd = new char[passwdBytes.length];
-
-        int index = 0;
-
-        for (byte b : passwdBytes)
-        {
-            passwd[index++] = (char) b;
-        }
-
-        return passwd;
-    }
-
     public boolean createPrincipal(Principal principal, char[] password)
     {
         if (_users.get(principal.getName()) != null)
@@ -247,9 +234,10 @@
             }
             catch (IOException e)
             {
+                //remove the use on failure.
+                _users.remove(user.getName());
                 return false;
             }
-
         }
         finally
         {