You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2017/03/02 14:16:12 UTC
svn commit: r1785143 - in /qpid/java/branches/6.1.x/broker-core/src:
main/java/org/apache/qpid/server/security/auth/database/
test/java/org/apache/qpid/server/security/auth/database/
Author: orudyy
Date: Thu Mar 2 14:16:12 2017
New Revision: 1785143
URL: http://svn.apache.org/viewvc?rev=1785143&view=rev
Log:
QPID-7643: [Java Broker] Fix support for SASL mechanism 'PLAIN' in Base64MD5PasswordFile authentication provider
Modified:
qpid/java/branches/6.1.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
qpid/java/branches/6.1.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
Modified: qpid/java/branches/6.1.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.1.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java?rev=1785143&r1=1785142&r2=1785143&view=diff
==============================================================================
--- qpid/java/branches/6.1.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java (original)
+++ qpid/java/branches/6.1.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java Thu Mar 2 14:16:12 2017
@@ -145,20 +145,13 @@ public class Base64MD5PasswordFilePrinci
@Override
public SaslServer createSaslServer(String mechanism, String localFQDN, Principal externalPrincipal) throws SaslException
{
- CallbackHandler callbackHandler = _callbackHandlerMap.get(mechanism);
- if(callbackHandler == null)
- {
- throw new SaslException("Unsupported mechanism: " + mechanism);
- }
-
- //The SaslServers simply delegate to the built in CRAM-MD5 SaslServer
if(CRAMMD5HashedSaslServer.MECHANISM.equals(mechanism))
{
- return new CRAMMD5HashedSaslServer(mechanism, "AMQP", localFQDN, null, callbackHandler);
+ return new CRAMMD5HashedSaslServer(mechanism, "AMQP", localFQDN, null, getCallbackHandler(mechanism));
}
else if(CRAMMD5HexSaslServer.MECHANISM.equals(mechanism))
{
- return new CRAMMD5HexSaslServer(mechanism, "AMQP", localFQDN, null, callbackHandler);
+ return new CRAMMD5HexSaslServer(mechanism, "AMQP", localFQDN, null, getCallbackHandler(mechanism));
}
else if(PlainSaslServer.MECHANISM.equals(mechanism))
{
@@ -181,4 +174,14 @@ public class Base64MD5PasswordFilePrinci
throw new SaslException("Unsupported mechanism: " + mechanism);
}
+
+ private CallbackHandler getCallbackHandler(final String mechanism) throws SaslException
+ {
+ CallbackHandler callbackHandler = _callbackHandlerMap.get(mechanism);
+ if(callbackHandler == null)
+ {
+ throw new SaslException("Unsupported mechanism: " + mechanism);
+ }
+ return callbackHandler;
+ }
}
Modified: qpid/java/branches/6.1.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.1.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java?rev=1785143&r1=1785142&r2=1785143&view=diff
==============================================================================
--- qpid/java/branches/6.1.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java (original)
+++ qpid/java/branches/6.1.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java Thu Mar 2 14:16:12 2017
@@ -21,9 +21,14 @@
package org.apache.qpid.server.security.auth.database;
import org.apache.qpid.server.security.auth.UsernamePrincipal;
+import org.apache.qpid.server.security.auth.sasl.crammd5.CRAMMD5HashedSaslServer;
+import org.apache.qpid.server.security.auth.sasl.crammd5.CRAMMD5HexSaslServer;
+import org.apache.qpid.server.security.auth.sasl.plain.PlainSaslServer;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.AccountNotFoundException;
+import javax.security.sasl.SaslException;
+import javax.security.sasl.SaslServer;
import javax.xml.bind.DatatypeConverter;
import java.io.BufferedReader;
@@ -36,7 +41,9 @@ import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.HashSet;
import java.util.List;
+import java.util.Set;
import java.util.regex.Pattern;
public class Base64MD5PasswordFilePrincipalDatabaseTest extends AbstractPasswordFilePrincipalDatabaseTest
@@ -400,4 +407,30 @@ public class Base64MD5PasswordFilePrinci
assertTrue(_database.verifyPassword(PRINCIPAL_USERNAME, newPwd));
}
+
+ public void testCreateSaslServer() throws Exception
+ {
+ Set<String> expectedMechanisms = new HashSet(Arrays.asList(CRAMMD5HashedSaslServer.MECHANISM,
+ CRAMMD5HexSaslServer.MECHANISM,
+ PlainSaslServer.MECHANISM));
+ Set<String> actualMechanisms = new HashSet(_database.getMechanisms());
+
+ assertEquals("Unexpected supported mechanisms", expectedMechanisms, actualMechanisms);
+
+ for(String mechanism: expectedMechanisms)
+ {
+ SaslServer saslServer = _database.createSaslServer(mechanism, "localhost", PRINCIPAL);
+ assertNotNull(String.format("Sasl server not created for mechanism %s", mechanism), saslServer);
+ }
+
+ try
+ {
+ _database.createSaslServer("BLAH", "localhost", PRINCIPAL);
+ fail("Cannot create sasl server for unsupported mechanism");
+ }
+ catch(SaslException e)
+ {
+ // pass
+ }
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org