accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Keith Turner (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-1314) Support destroyable map for creating authentication token
Date Thu, 18 Apr 2013 21:06:13 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-1314?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13635691#comment-13635691
] 

Keith Turner commented on ACCUMULO-1314:
----------------------------------------

I looked at what Java does in its APIs for passwords.   For KeyStore[1], there is a 'load(InputStream
stream, char[] password)' method.  So maybe we should do Map<String, char[]>.  To make
it easier on users maybe do option #4 like below?

{code:java}
public class DestroyableMap implements Destroyable, Map<String,char[]> {
  
  private boolean destroyed = false;
  private HashMap<String,char[]> map = new HashMap<String,char[]>();
  
  @Override
  public void destroy() throws DestroyFailedException {
    if (destroyed)
      throw new IllegalStateException();
    
    for (char[] ca : map.values()) {
      for (int i = 0; i < ca.length; i++) {
        ca[i] = 0;
      }
    }
    
    map.clear();
    destroyed = true;
  }
  
  @Override
  public boolean isDestroyed() {
    return destroyed;
  }
  
  @Override
  public char[] put(String key, char[] value) {
    if (destroyed)
      throw new IllegalStateException();
    return map.put(key, value);
  }
 
  //maybe have this method for convenience??
  public char[] put(String key, CharSequence value) {
    char[] val = new char[value.length()];
    for (int i = 0; i < value.length(); i++)
      val[i] = value.charAt(i);
    
    put(key, value);
    return val;
  }

  //rest of map methods

}

{code}


[1] http://docs.oracle.com/javase/6/docs/api/java/security/KeyStore.html


                
> Support destroyable map for creating authentication token
> ---------------------------------------------------------
>
>                 Key: ACCUMULO-1314
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1314
>             Project: Accumulo
>          Issue Type: Sub-task
>          Components: master, tserver
>            Reporter: Keith Turner
>            Assignee: John Vines
>             Fix For: 1.5.0
>
>
> A java properties object can be used to create Authentication tokens.  Properties use
Strings which are immutable.  It would be nice if something that allowed memory to be zeroed
were used.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message