You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by jb...@apache.org on 2013/10/08 16:26:21 UTC

svn commit: r1530285 - in /karaf/trunk/jaas/modules/src: main/java/org/apache/karaf/jaas/modules/properties/ test/java/org/apache/karaf/jaas/modules/properties/ test/resources/ test/resources/org/ test/resources/org/apache/ test/resources/org/apache/ka...

Author: jbonofre
Date: Tue Oct  8 14:26:20 2013
New Revision: 1530285

URL: http://svn.apache.org/r1530285
Log:
[KARAF-2497] Test if username and password are null in the PropertiesLoginModule and throw a LoginException

Added:
    karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/NullHandler.java
    karaf/trunk/jaas/modules/src/test/resources/
    karaf/trunk/jaas/modules/src/test/resources/org/
    karaf/trunk/jaas/modules/src/test/resources/org/apache/
    karaf/trunk/jaas/modules/src/test/resources/org/apache/karaf/
    karaf/trunk/jaas/modules/src/test/resources/org/apache/karaf/jaas/
    karaf/trunk/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/
    karaf/trunk/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/properties/
    karaf/trunk/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/properties/test.properties
Modified:
    karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesLoginModule.java
    karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/NamePasswordHandler.java
    karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/PropertiesLoginModuleTest.java

Modified: karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesLoginModule.java
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesLoginModule.java?rev=1530285&r1=1530284&r2=1530285&view=diff
==============================================================================
--- karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesLoginModule.java (original)
+++ karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesLoginModule.java Tue Oct  8 14:26:20 2013
@@ -84,6 +84,9 @@ public class PropertiesLoginModule exten
             throw new LoginException(uce.getMessage() + " not available to obtain information from user");
         }
         // user callback get value
+        if (((NameCallback) callbacks[0]).getName() == null) {
+            throw new LoginException("Username can not be null");
+        }
         user = ((NameCallback) callbacks[0]).getName();
         if (user.startsWith(PropertiesBackingEngine.GROUP_PREFIX)) {
             // you can't log in under a group name
@@ -91,6 +94,9 @@ public class PropertiesLoginModule exten
         }
 
         // password callback get value
+        if (((PasswordCallback) callbacks[1]).getPassword() == null) {
+            throw new LoginException("Password can not be null");
+        }
         String password = new String(((PasswordCallback) callbacks[1]).getPassword());
 
         // user infos container read from the users properties file

Modified: karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/NamePasswordHandler.java
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/NamePasswordHandler.java?rev=1530285&r1=1530284&r2=1530285&view=diff
==============================================================================
--- karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/NamePasswordHandler.java (original)
+++ karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/NamePasswordHandler.java Tue Oct  8 14:26:20 2013
@@ -1,3 +1,19 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.apache.karaf.jaas.modules.properties;
 
 import java.io.IOException;

Added: karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/NullHandler.java
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/NullHandler.java?rev=1530285&view=auto
==============================================================================
--- karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/NullHandler.java (added)
+++ karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/NullHandler.java Tue Oct  8 14:26:20 2013
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.karaf.jaas.modules.properties;
+
+import javax.security.auth.callback.*;
+import java.io.IOException;
+
+public class NullHandler implements CallbackHandler {
+
+    @Override
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+        for (Callback callback : callbacks) {
+            if (callback instanceof NameCallback) {
+                NameCallback nameCallback = (NameCallback) callback;
+                nameCallback.setName("test");
+            } else if (callback instanceof PasswordCallback) {
+                PasswordCallback passwordCallback = (PasswordCallback) callback;
+                passwordCallback.setPassword(null);
+            }
+        }
+    }
+
+}

Modified: karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/PropertiesLoginModuleTest.java
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/PropertiesLoginModuleTest.java?rev=1530285&r1=1530284&r2=1530285&view=diff
==============================================================================
--- karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/PropertiesLoginModuleTest.java (original)
+++ karaf/trunk/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/properties/PropertiesLoginModuleTest.java Tue Oct  8 14:26:20 2013
@@ -260,6 +260,23 @@ public class PropertiesLoginModuleTest {
         }
     }
 
+    @Test
+    public void testNullPassword() throws Exception {
+        PropertiesLoginModule module = new PropertiesLoginModule();
+        Subject subject = new Subject();
+        CallbackHandler handler = new NullHandler();
+        Map<String, String> options = new HashMap<String, String>();
+        options.put("users", this.getClass().getClassLoader().getResource("org/apache/karaf/jaas/modules/properties/test.properties").getFile());
+        module.initialize(subject, handler, null, options);
+
+        try {
+            module.login();
+            Assert.fail("LoginException expected");
+        } catch (LoginException e) {
+            Assert.assertEquals("Password can not be null", e.getMessage());
+        }
+    }
+
     private void testWithUsersFile(String usersFilePath) throws LoginException {
         PropertiesLoginModule module = new PropertiesLoginModule();
         Subject sub = new Subject();

Added: karaf/trunk/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/properties/test.properties
URL: http://svn.apache.org/viewvc/karaf/trunk/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/properties/test.properties?rev=1530285&view=auto
==============================================================================
--- karaf/trunk/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/properties/test.properties (added)
+++ karaf/trunk/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/properties/test.properties Tue Oct  8 14:26:20 2013
@@ -0,0 +1 @@
+test=test,test
\ No newline at end of file