You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@eventmesh.apache.org by mi...@apache.org on 2021/10/16 16:05:08 UTC
[incubator-eventmesh] 01/01: Revert "[Issue #554] Removing
hardcoded username and password in the project code (#555)"
This is an automated email from the ASF dual-hosted git repository.
mikexue pushed a commit to branch revert-555-dev-securityfix
in repository https://gitbox.apache.org/repos/asf/incubator-eventmesh.git
commit aad71fa5f6d178d326c6d380617beb422fd7e50c
Author: mike_xwm <mi...@126.com>
AuthorDate: Sun Oct 17 00:05:04 2021 +0800
Revert "[Issue #554] Removing hardcoded username and password in the project code (#555)"
This reverts commit e2adda890c31d852231f7a38c6419dda0c32fdb2.
---
.../common/protocol/http/common/ProtocolKey.java | 4 ++--
.../protocol/http/header/client/RegRequestHeader.java | 10 +++++-----
.../http/header/client/SubscribeRequestHeader.java | 10 +++++-----
.../http/header/client/UnSubscribeRequestHeader.java | 10 +++++-----
.../http/header/message/PushMessageResponseHeader.java | 10 +++++-----
.../http/header/message/ReplyMessageRequestHeader.java | 10 +++++-----
.../header/message/SendMessageBatchRequestHeader.java | 10 +++++-----
.../header/message/SendMessageBatchV2RequestHeader.java | 10 +++++-----
.../http/header/message/SendMessageRequestHeader.java | 10 +++++-----
.../header/message/PushMessageResponseHeaderTest.java | 5 +++++
.../header/message/ReplyMessageRequestHeaderTest.java | 4 ++++
.../eventmesh/client/http/conf/LiteClientConfig.java | 4 ++--
.../eventmesh/client/http/ssl/MyX509TrustManager.java | 16 ++++++++--------
.../eventmesh/client/tcp/common/EventMeshCommon.java | 4 ++--
14 files changed, 63 insertions(+), 54 deletions(-)
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/common/ProtocolKey.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/common/ProtocolKey.java
index f599ea2..28e944e 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/common/ProtocolKey.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/common/ProtocolKey.java
@@ -30,8 +30,8 @@ public class ProtocolKey {
public static final String SYS = "Sys";
public static final String PID = "Pid";
public static final String IP = "Ip";
- public static final String USERNAME = "";
- public static final String PASSWD = "";
+ public static final String USERNAME = "Username";
+ public static final String PASSWD = "Passwd";
}
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/RegRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/RegRequestHeader.java
index 3b831a0..0ee7cab 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/RegRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/RegRequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.client;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class RegRequestHeader extends Header {
private String code;
@@ -45,9 +45,9 @@ public class RegRequestHeader extends Header {
private String ip;
- private String username;
+ private String username = "username";
- private String passwd;
+ private String passwd = "user@123";
public static RegRequestHeader buildHeader(Map<String, Object> headerParam) {
RegRequestHeader header = new RegRequestHeader();
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/SubscribeRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/SubscribeRequestHeader.java
index e6ba1b7..6143e4b 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/SubscribeRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/SubscribeRequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.client;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class SubscribeRequestHeader extends Header {
private String code;
@@ -45,9 +45,9 @@ public class SubscribeRequestHeader extends Header {
private String ip;
- private String username;
+ private String username = "username";
- private String passwd;
+ private String passwd = "user@123";
public static SubscribeRequestHeader buildHeader(Map<String, Object> headerParam) {
SubscribeRequestHeader header = new SubscribeRequestHeader();
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/UnSubscribeRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/UnSubscribeRequestHeader.java
index d58e8c8..f5b3456 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/UnSubscribeRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/UnSubscribeRequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.client;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class UnSubscribeRequestHeader extends Header {
private String code;
@@ -45,9 +45,9 @@ public class UnSubscribeRequestHeader extends Header {
private String ip;
- private String username;
+ private String username = "username";
- private String passwd;
+ private String passwd = "user@123";
public static UnSubscribeRequestHeader buildHeader(Map<String, Object> headerParam) {
UnSubscribeRequestHeader header = new UnSubscribeRequestHeader();
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeader.java
index c5b7271..6d61b82 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeader.java
@@ -18,14 +18,14 @@
package org.apache.eventmesh.common.protocol.http.header.message;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.eventmesh.common.Constants;
import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class PushMessageResponseHeader extends Header {
//response code
@@ -53,10 +53,10 @@ public class PushMessageResponseHeader extends Header {
private String ip;
//USERNAME of the requester
- private String username;
+ private String username = "username";
//PASSWD of the requester
- private String passwd;
+ private String passwd = "user@123";
public String getUsername() {
return username;
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeader.java
index d25936e..769fe4a 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.message;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class ReplyMessageRequestHeader extends Header {
//request code
@@ -54,10 +54,10 @@ public class ReplyMessageRequestHeader extends Header {
private String ip;
//USERNAME of the requester
- private String username;
+ private String username = "username";
//PASSWD of the requester
- private String passwd;
+ private String passwd = "user@123";
public String getUsername() {
return username;
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchRequestHeader.java
index 62cafa4..88d3c00 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchRequestHeader.java
@@ -18,6 +18,9 @@
package org.apache.eventmesh.common.protocol.http.header.message;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -25,9 +28,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class SendMessageBatchRequestHeader extends Header {
//request code
@@ -55,10 +55,10 @@ public class SendMessageBatchRequestHeader extends Header {
private String ip;
//USERNAME of the requester
- private String username;
+ private String username = "username";
//PASSWD of the requester
- private String passwd;
+ private String passwd = "user@123";
public String getUsername() {
return username;
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchV2RequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchV2RequestHeader.java
index b5d2e14..aabc2d6 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchV2RequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchV2RequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.message;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class SendMessageBatchV2RequestHeader extends Header {
//request code
@@ -54,10 +54,10 @@ public class SendMessageBatchV2RequestHeader extends Header {
private String ip;
//USERNAME of the requester
- private String username;
+ private String username = "username";
//PASSWD of the requester
- private String passwd;
+ private String passwd = "user@123";
public String getUsername() {
return username;
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageRequestHeader.java
index 0eeea9a..8745fe1 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageRequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.message;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class SendMessageRequestHeader extends Header {
//request code
@@ -54,10 +54,10 @@ public class SendMessageRequestHeader extends Header {
private String ip;
//USERNAME of the requester
- private String username;
+ private String username = "username";
//PASSWD of the requester
- private String passwd;
+ private String passwd = "user@123";
public String getUsername() {
return username;
diff --git a/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeaderTest.java b/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeaderTest.java
index 174d57b..728a5a4 100644
--- a/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeaderTest.java
+++ b/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeaderTest.java
@@ -23,6 +23,9 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.junit.Assert;
import org.junit.Test;
+import java.util.HashMap;
+import java.util.Map;
+
import static org.hamcrest.CoreMatchers.is;
public class PushMessageResponseHeaderTest {
@@ -39,5 +42,7 @@ public class PushMessageResponseHeaderTest {
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.SYS), is("SYSID"));
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.PID), is("PID"));
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.IP), is("127.0.0.1"));
+ Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.USERNAME), is("username"));
+ Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.PASSWD), is("user@123"));
}
}
diff --git a/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeaderTest.java b/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeaderTest.java
index f8625c0..e54b641 100644
--- a/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeaderTest.java
+++ b/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeaderTest.java
@@ -44,6 +44,8 @@ public class ReplyMessageRequestHeaderTest {
headerParam.put(ProtocolKey.ClientInstanceKey.SYS, "SYS");
headerParam.put(ProtocolKey.ClientInstanceKey.PID, "PID");
headerParam.put(ProtocolKey.ClientInstanceKey.IP, "127.0.0.1");
+ headerParam.put(ProtocolKey.ClientInstanceKey.USERNAME, "username");
+ headerParam.put(ProtocolKey.ClientInstanceKey.PASSWD, "user@123");
header = ReplyMessageRequestHeader.buildHeader(headerParam);
}
@@ -57,5 +59,7 @@ public class ReplyMessageRequestHeaderTest {
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.SYS), is("SYS"));
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.PID), is("PID"));
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.IP), is("127.0.0.1"));
+ Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.USERNAME), is("username"));
+ Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.PASSWD), is("user@123"));
}
}
diff --git a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/conf/LiteClientConfig.java b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/conf/LiteClientConfig.java
index c302523..2749816 100644
--- a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/conf/LiteClientConfig.java
+++ b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/conf/LiteClientConfig.java
@@ -52,9 +52,9 @@ public class LiteClientConfig {
private String sys;
- private String userName;
+ private String userName = "userName";
- private String password;
+ private String password = "password";
private boolean useTls = false;
diff --git a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/ssl/MyX509TrustManager.java b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/ssl/MyX509TrustManager.java
index 000f13b..6128b38 100644
--- a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/ssl/MyX509TrustManager.java
+++ b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/ssl/MyX509TrustManager.java
@@ -17,12 +17,6 @@
package org.apache.eventmesh.client.http.ssl;
-import org.apache.commons.lang3.StringUtils;
-
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.X509TrustManager;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
@@ -30,14 +24,20 @@ import java.nio.file.StandardOpenOption;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
+
+import org.apache.commons.lang3.StringUtils;
public class MyX509TrustManager implements X509TrustManager {
X509TrustManager myTrustManager;
public MyX509TrustManager() throws Exception {
KeyStore keyStore = KeyStore.getInstance("JKS");
- String fileName = System.getProperty("ssl.client.cer", "");
- String pass = System.getProperty("ssl.client.pass", "");
+ String fileName = System.getProperty("ssl.client.cer", "sChat2.jks");
+ String pass = System.getProperty("ssl.client.pass", "sNetty");
char[] filePass = null;
if (StringUtils.isNotBlank(pass)) {
filePass = pass.toCharArray();
diff --git a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/tcp/common/EventMeshCommon.java b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/tcp/common/EventMeshCommon.java
index a3f89e8..44ff49f 100644
--- a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/tcp/common/EventMeshCommon.java
+++ b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/tcp/common/EventMeshCommon.java
@@ -52,12 +52,12 @@ public class EventMeshCommon {
/**
* Username used for EventMesh verification
*/
- public static String EventMesh_USER = "";
+ public static String EventMesh_USER = "EventMesh";
/**
* Password used for EventMesh verification
*/
- public static String EventMesh_PASS = "";
+ public static String EventMesh_PASS = "EventMesh@123";
/**
* Timeout time shared by the server
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@eventmesh.apache.org
For additional commands, e-mail: commits-help@eventmesh.apache.org