You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@eventmesh.apache.org by mi...@apache.org on 2021/10/16 16:05:07 UTC
[incubator-eventmesh] branch revert-555-dev-securityfix created
(now aad71fa)
This is an automated email from the ASF dual-hosted git repository.
mikexue pushed a change to branch revert-555-dev-securityfix
in repository https://gitbox.apache.org/repos/asf/incubator-eventmesh.git.
at aad71fa Revert "[Issue #554] Removing hardcoded username and password in the project code (#555)"
This branch includes the following new commits:
new aad71fa Revert "[Issue #554] Removing hardcoded username and password in the project code (#555)"
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@eventmesh.apache.org
For additional commands, e-mail: commits-help@eventmesh.apache.org
[incubator-eventmesh] 01/01: Revert "[Issue #554] Removing
hardcoded username and password in the project code (#555)"
Posted by mi...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
mikexue pushed a commit to branch revert-555-dev-securityfix
in repository https://gitbox.apache.org/repos/asf/incubator-eventmesh.git
commit aad71fa5f6d178d326c6d380617beb422fd7e50c
Author: mike_xwm <mi...@126.com>
AuthorDate: Sun Oct 17 00:05:04 2021 +0800
Revert "[Issue #554] Removing hardcoded username and password in the project code (#555)"
This reverts commit e2adda890c31d852231f7a38c6419dda0c32fdb2.
---
.../common/protocol/http/common/ProtocolKey.java | 4 ++--
.../protocol/http/header/client/RegRequestHeader.java | 10 +++++-----
.../http/header/client/SubscribeRequestHeader.java | 10 +++++-----
.../http/header/client/UnSubscribeRequestHeader.java | 10 +++++-----
.../http/header/message/PushMessageResponseHeader.java | 10 +++++-----
.../http/header/message/ReplyMessageRequestHeader.java | 10 +++++-----
.../header/message/SendMessageBatchRequestHeader.java | 10 +++++-----
.../header/message/SendMessageBatchV2RequestHeader.java | 10 +++++-----
.../http/header/message/SendMessageRequestHeader.java | 10 +++++-----
.../header/message/PushMessageResponseHeaderTest.java | 5 +++++
.../header/message/ReplyMessageRequestHeaderTest.java | 4 ++++
.../eventmesh/client/http/conf/LiteClientConfig.java | 4 ++--
.../eventmesh/client/http/ssl/MyX509TrustManager.java | 16 ++++++++--------
.../eventmesh/client/tcp/common/EventMeshCommon.java | 4 ++--
14 files changed, 63 insertions(+), 54 deletions(-)
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/common/ProtocolKey.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/common/ProtocolKey.java
index f599ea2..28e944e 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/common/ProtocolKey.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/common/ProtocolKey.java
@@ -30,8 +30,8 @@ public class ProtocolKey {
public static final String SYS = "Sys";
public static final String PID = "Pid";
public static final String IP = "Ip";
- public static final String USERNAME = "";
- public static final String PASSWD = "";
+ public static final String USERNAME = "Username";
+ public static final String PASSWD = "Passwd";
}
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/RegRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/RegRequestHeader.java
index 3b831a0..0ee7cab 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/RegRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/RegRequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.client;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class RegRequestHeader extends Header {
private String code;
@@ -45,9 +45,9 @@ public class RegRequestHeader extends Header {
private String ip;
- private String username;
+ private String username = "username";
- private String passwd;
+ private String passwd = "user@123";
public static RegRequestHeader buildHeader(Map<String, Object> headerParam) {
RegRequestHeader header = new RegRequestHeader();
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/SubscribeRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/SubscribeRequestHeader.java
index e6ba1b7..6143e4b 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/SubscribeRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/SubscribeRequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.client;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class SubscribeRequestHeader extends Header {
private String code;
@@ -45,9 +45,9 @@ public class SubscribeRequestHeader extends Header {
private String ip;
- private String username;
+ private String username = "username";
- private String passwd;
+ private String passwd = "user@123";
public static SubscribeRequestHeader buildHeader(Map<String, Object> headerParam) {
SubscribeRequestHeader header = new SubscribeRequestHeader();
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/UnSubscribeRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/UnSubscribeRequestHeader.java
index d58e8c8..f5b3456 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/UnSubscribeRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/client/UnSubscribeRequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.client;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class UnSubscribeRequestHeader extends Header {
private String code;
@@ -45,9 +45,9 @@ public class UnSubscribeRequestHeader extends Header {
private String ip;
- private String username;
+ private String username = "username";
- private String passwd;
+ private String passwd = "user@123";
public static UnSubscribeRequestHeader buildHeader(Map<String, Object> headerParam) {
UnSubscribeRequestHeader header = new UnSubscribeRequestHeader();
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeader.java
index c5b7271..6d61b82 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeader.java
@@ -18,14 +18,14 @@
package org.apache.eventmesh.common.protocol.http.header.message;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.eventmesh.common.Constants;
import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class PushMessageResponseHeader extends Header {
//response code
@@ -53,10 +53,10 @@ public class PushMessageResponseHeader extends Header {
private String ip;
//USERNAME of the requester
- private String username;
+ private String username = "username";
//PASSWD of the requester
- private String passwd;
+ private String passwd = "user@123";
public String getUsername() {
return username;
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeader.java
index d25936e..769fe4a 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.message;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class ReplyMessageRequestHeader extends Header {
//request code
@@ -54,10 +54,10 @@ public class ReplyMessageRequestHeader extends Header {
private String ip;
//USERNAME of the requester
- private String username;
+ private String username = "username";
//PASSWD of the requester
- private String passwd;
+ private String passwd = "user@123";
public String getUsername() {
return username;
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchRequestHeader.java
index 62cafa4..88d3c00 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchRequestHeader.java
@@ -18,6 +18,9 @@
package org.apache.eventmesh.common.protocol.http.header.message;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -25,9 +28,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class SendMessageBatchRequestHeader extends Header {
//request code
@@ -55,10 +55,10 @@ public class SendMessageBatchRequestHeader extends Header {
private String ip;
//USERNAME of the requester
- private String username;
+ private String username = "username";
//PASSWD of the requester
- private String passwd;
+ private String passwd = "user@123";
public String getUsername() {
return username;
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchV2RequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchV2RequestHeader.java
index b5d2e14..aabc2d6 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchV2RequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageBatchV2RequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.message;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class SendMessageBatchV2RequestHeader extends Header {
//request code
@@ -54,10 +54,10 @@ public class SendMessageBatchV2RequestHeader extends Header {
private String ip;
//USERNAME of the requester
- private String username;
+ private String username = "username";
//PASSWD of the requester
- private String passwd;
+ private String passwd = "user@123";
public String getUsername() {
return username;
diff --git a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageRequestHeader.java b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageRequestHeader.java
index 0eeea9a..8745fe1 100644
--- a/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageRequestHeader.java
+++ b/eventmesh-common/src/main/java/org/apache/eventmesh/common/protocol/http/header/message/SendMessageRequestHeader.java
@@ -17,6 +17,9 @@
package org.apache.eventmesh.common.protocol.http.header.message;
+import java.util.HashMap;
+import java.util.Map;
+
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.eventmesh.common.Constants;
@@ -24,9 +27,6 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolKey;
import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.apache.eventmesh.common.protocol.http.header.Header;
-import java.util.HashMap;
-import java.util.Map;
-
public class SendMessageRequestHeader extends Header {
//request code
@@ -54,10 +54,10 @@ public class SendMessageRequestHeader extends Header {
private String ip;
//USERNAME of the requester
- private String username;
+ private String username = "username";
//PASSWD of the requester
- private String passwd;
+ private String passwd = "user@123";
public String getUsername() {
return username;
diff --git a/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeaderTest.java b/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeaderTest.java
index 174d57b..728a5a4 100644
--- a/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeaderTest.java
+++ b/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/PushMessageResponseHeaderTest.java
@@ -23,6 +23,9 @@ import org.apache.eventmesh.common.protocol.http.common.ProtocolVersion;
import org.junit.Assert;
import org.junit.Test;
+import java.util.HashMap;
+import java.util.Map;
+
import static org.hamcrest.CoreMatchers.is;
public class PushMessageResponseHeaderTest {
@@ -39,5 +42,7 @@ public class PushMessageResponseHeaderTest {
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.SYS), is("SYSID"));
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.PID), is("PID"));
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.IP), is("127.0.0.1"));
+ Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.USERNAME), is("username"));
+ Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.PASSWD), is("user@123"));
}
}
diff --git a/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeaderTest.java b/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeaderTest.java
index f8625c0..e54b641 100644
--- a/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeaderTest.java
+++ b/eventmesh-common/src/test/java/org/apache/eventmesh/common/protocol/http/header/message/ReplyMessageRequestHeaderTest.java
@@ -44,6 +44,8 @@ public class ReplyMessageRequestHeaderTest {
headerParam.put(ProtocolKey.ClientInstanceKey.SYS, "SYS");
headerParam.put(ProtocolKey.ClientInstanceKey.PID, "PID");
headerParam.put(ProtocolKey.ClientInstanceKey.IP, "127.0.0.1");
+ headerParam.put(ProtocolKey.ClientInstanceKey.USERNAME, "username");
+ headerParam.put(ProtocolKey.ClientInstanceKey.PASSWD, "user@123");
header = ReplyMessageRequestHeader.buildHeader(headerParam);
}
@@ -57,5 +59,7 @@ public class ReplyMessageRequestHeaderTest {
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.SYS), is("SYS"));
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.PID), is("PID"));
Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.IP), is("127.0.0.1"));
+ Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.USERNAME), is("username"));
+ Assert.assertThat(header.toMap().get(ProtocolKey.ClientInstanceKey.PASSWD), is("user@123"));
}
}
diff --git a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/conf/LiteClientConfig.java b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/conf/LiteClientConfig.java
index c302523..2749816 100644
--- a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/conf/LiteClientConfig.java
+++ b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/conf/LiteClientConfig.java
@@ -52,9 +52,9 @@ public class LiteClientConfig {
private String sys;
- private String userName;
+ private String userName = "userName";
- private String password;
+ private String password = "password";
private boolean useTls = false;
diff --git a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/ssl/MyX509TrustManager.java b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/ssl/MyX509TrustManager.java
index 000f13b..6128b38 100644
--- a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/ssl/MyX509TrustManager.java
+++ b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/http/ssl/MyX509TrustManager.java
@@ -17,12 +17,6 @@
package org.apache.eventmesh.client.http.ssl;
-import org.apache.commons.lang3.StringUtils;
-
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.X509TrustManager;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
@@ -30,14 +24,20 @@ import java.nio.file.StandardOpenOption;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
+
+import org.apache.commons.lang3.StringUtils;
public class MyX509TrustManager implements X509TrustManager {
X509TrustManager myTrustManager;
public MyX509TrustManager() throws Exception {
KeyStore keyStore = KeyStore.getInstance("JKS");
- String fileName = System.getProperty("ssl.client.cer", "");
- String pass = System.getProperty("ssl.client.pass", "");
+ String fileName = System.getProperty("ssl.client.cer", "sChat2.jks");
+ String pass = System.getProperty("ssl.client.pass", "sNetty");
char[] filePass = null;
if (StringUtils.isNotBlank(pass)) {
filePass = pass.toCharArray();
diff --git a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/tcp/common/EventMeshCommon.java b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/tcp/common/EventMeshCommon.java
index a3f89e8..44ff49f 100644
--- a/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/tcp/common/EventMeshCommon.java
+++ b/eventmesh-sdk-java/src/main/java/org/apache/eventmesh/client/tcp/common/EventMeshCommon.java
@@ -52,12 +52,12 @@ public class EventMeshCommon {
/**
* Username used for EventMesh verification
*/
- public static String EventMesh_USER = "";
+ public static String EventMesh_USER = "EventMesh";
/**
* Password used for EventMesh verification
*/
- public static String EventMesh_PASS = "";
+ public static String EventMesh_PASS = "EventMesh@123";
/**
* Timeout time shared by the server
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@eventmesh.apache.org
For additional commands, e-mail: commits-help@eventmesh.apache.org