Return-Path: Delivered-To: apmail-incubator-qpid-commits-archive@locus.apache.org Received: (qmail 145 invoked from network); 20 Apr 2007 10:43:15 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 20 Apr 2007 10:43:15 -0000 Received: (qmail 90121 invoked by uid 500); 20 Apr 2007 10:43:22 -0000 Delivered-To: apmail-incubator-qpid-commits-archive@incubator.apache.org Received: (qmail 90100 invoked by uid 500); 20 Apr 2007 10:43:22 -0000 Mailing-List: contact qpid-commits-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: qpid-dev@incubator.apache.org Delivered-To: mailing list qpid-commits@incubator.apache.org Received: (qmail 90080 invoked by uid 99); 20 Apr 2007 10:43:22 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 20 Apr 2007 03:43:22 -0700 X-ASF-Spam-Status: No, hits=-99.5 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 20 Apr 2007 03:43:14 -0700 Received: by eris.apache.org (Postfix, from userid 65534) id 9626F1A9838; Fri, 20 Apr 2007 03:42:54 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r530734 - in /incubator/qpid/branches/M2/java: broker/src/main/java/org/apache/qpid/server/security/access/ broker/src/main/java/org/apache/qpid/server/security/auth/database/ management/eclipse-plugin/src/main/java/org/apache/qpid/manageme... Date: Fri, 20 Apr 2007 10:42:54 -0000 To: qpid-commits@incubator.apache.org From: bhupendrab@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20070420104254.9626F1A9838@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: bhupendrab Date: Fri Apr 20 03:42:52 2007 New Revision: 530734 URL: http://svn.apache.org/viewvc?view=rev&rev=530734 Log: QPID-445 : md5 hashed password will be sent from management console to Qpid Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java incubator/qpid/branches/M2/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java incubator/qpid/branches/M2/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/ViewUtility.java Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java?view=diff&rev=530734&r1=530733&r2=530734 ============================================================================== --- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java (original) +++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AMQUserManagementMBean.java Fri Apr 20 03:42:52 2007 @@ -22,7 +22,6 @@ import org.apache.qpid.server.management.MBeanDescription; import org.apache.qpid.server.management.AMQManagedObject; -import org.apache.qpid.server.management.MBeanOperationParameter; import org.apache.qpid.server.management.MBeanOperation; import org.apache.qpid.server.management.MBeanInvocationHandlerImpl; import org.apache.qpid.server.security.auth.database.PrincipalDatabase; @@ -107,8 +106,7 @@ return UserManagement.TYPE; } - public boolean setPassword(@MBeanOperationParameter(name = "username", description = "Username")String username, - @MBeanOperationParameter(name = "password", description = "Password")String password) + public boolean setPassword(String username, char[] password) { try { @@ -122,10 +120,7 @@ } } - public boolean setRights(@MBeanOperationParameter(name = "username", description = "Username")String username, - @MBeanOperationParameter(name = "read", description = "Administration read")boolean read, - @MBeanOperationParameter(name = "write", description = "Administration write")boolean write, - @MBeanOperationParameter(name = "admin", description = "Administration rights")boolean admin) + public boolean setRights(String username, boolean read, boolean write, boolean admin) { if (_accessRights.get(username) == null) @@ -179,11 +174,7 @@ return true; } - public boolean createUser(@MBeanOperationParameter(name = "username", description = "Username")String username, - @MBeanOperationParameter(name = "password", description = "Password")String password, - @MBeanOperationParameter(name = "read", description = "Administration read")boolean read, - @MBeanOperationParameter(name = "write", description = "Administration write")boolean write, - @MBeanOperationParameter(name = "admin", description = "Administration rights")boolean admin) + public boolean createUser(String username, char[] password, boolean read, boolean write, boolean admin) { if (_principalDatabase.createPrincipal(new UsernamePrincipal(username), password)) { @@ -195,7 +186,7 @@ return false; } - public boolean deleteUser(@MBeanOperationParameter(name = "username", description = "Username")String username) + public boolean deleteUser(String username) { try Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java?view=diff&rev=530734&r1=530733&r2=530734 ============================================================================== --- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java (original) +++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/UserManagement.java Fri Apr 20 03:42:52 2007 @@ -45,7 +45,7 @@ */ @MBeanOperation(name = "setPassword", description = "Set password for user.") boolean setPassword(@MBeanOperationParameter(name = "username", description = "Username")String username, - @MBeanOperationParameter(name = "password", description = "Password")String password); + @MBeanOperationParameter(name = "password", description = "Password")char[] password); /** * set rights for users with given details @@ -76,7 +76,7 @@ */ @MBeanOperation(name = "createUser", description = "Create new user from system.") boolean createUser(@MBeanOperationParameter(name = "username", description = "Username")String username, - @MBeanOperationParameter(name = "password", description = "Password")String password, + @MBeanOperationParameter(name = "password", description = "Password")char[] password, @MBeanOperationParameter(name = "read", description = "Administration read")boolean read, @MBeanOperationParameter(name = "write", description = "Administration write")boolean write, @MBeanOperationParameter(name = "admin", description = "Administration rights")boolean admin); Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java?view=diff&rev=530734&r1=530733&r2=530734 ============================================================================== --- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java (original) +++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java Fri Apr 20 03:42:52 2007 @@ -176,7 +176,7 @@ } } - public boolean updatePassword(Principal principal, String password) throws AccountNotFoundException + public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException { User user = _users.get(principal.getName()); @@ -187,13 +187,10 @@ try { - - char[] passwd = convertPassword(password); - try { _userUpdate.lock(); - user.setPassword(passwd); + user.setPassword(password); try { @@ -215,7 +212,7 @@ } } } - catch (UnsupportedEncodingException e) + catch (Exception e) { return false; } @@ -237,23 +234,14 @@ return passwd; } - public boolean createPrincipal(Principal principal, String password) + public boolean createPrincipal(Principal principal, char[] password) { if (_users.get(principal.getName()) != null) { return false; } - User user; - try - { - user = new User(principal.getName(), convertPassword(password)); - } - catch (UnsupportedEncodingException e) - { - _logger.warn("Unable to encode password:" + e); - return false; - } + User user = new User(principal.getName(), password); try { @@ -598,8 +586,13 @@ private void encodePassword() throws EncoderException, UnsupportedEncodingException, NoSuchAlgorithmException { - Base64 b64 = new Base64(); - _encodedPassword = b64.encode(new String(_password).getBytes(DEFAULT_ENCODING)); + byte[] byteArray = new byte[_password.length]; + int index = 0; + for (char c : _password) + { + byteArray[index++] = (byte)c; + } + _encodedPassword = (new Base64()).encode(byteArray); } public boolean isModified() Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java?view=diff&rev=530734&r1=530733&r2=530734 ============================================================================== --- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java (original) +++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java Fri Apr 20 03:42:52 2007 @@ -151,12 +151,12 @@ return passwd; } - public boolean updatePassword(Principal principal, String password) throws AccountNotFoundException + public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException { return false; // updates denied } - public boolean createPrincipal(Principal principal, String password) + public boolean createPrincipal(Principal principal, char[] password) { return false; // updates denied } Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java?view=diff&rev=530734&r1=530733&r2=530734 ============================================================================== --- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java (original) +++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PrincipalDatabase.java Fri Apr 20 03:42:52 2007 @@ -65,7 +65,7 @@ * @return True if change was successful * @throws AccountNotFoundException If the given principal doesn't exist in the Database */ - boolean updatePassword(Principal principal, String password) + boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException; /** @@ -74,7 +74,7 @@ * @param password The password to set for the principal * @return True on a successful creation */ - boolean createPrincipal(Principal principal, String password); + boolean createPrincipal(Principal principal, char[] password); /** * Delete a principal Modified: incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java?view=diff&rev=530734&r1=530733&r2=530734 ============================================================================== --- incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java (original) +++ incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/PropertiesPrincipalDatabase.java Fri Apr 20 03:42:52 2007 @@ -93,12 +93,12 @@ } } - public boolean updatePassword(Principal principal, String password) throws AccountNotFoundException + public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException { return false; // updates denied } - public boolean createPrincipal(Principal principal, String password) + public boolean createPrincipal(Principal principal, char[] password) { return false; // updates denied } Modified: incubator/qpid/branches/M2/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java?view=diff&rev=530734&r1=530733&r2=530734 ============================================================================== --- incubator/qpid/branches/M2/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java (original) +++ incubator/qpid/branches/M2/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/OperationTabControl.java Fri Apr 20 03:42:52 2007 @@ -31,6 +31,7 @@ import javax.management.openmbean.TabularDataSupport; import static org.apache.qpid.management.ui.Constants.*; + import org.apache.qpid.management.ui.ApplicationRegistry; import org.apache.qpid.management.ui.ManagedBean; import org.apache.qpid.management.ui.jmx.MBeanUtility; @@ -337,10 +338,17 @@ // display the parameter data type next to the text field if (valueInCombo) + { label = _toolkit.createLabel(_paramsComposite, ""); + } + else if (PASSWORD.equalsIgnoreCase(param.getName())) + { + label = _toolkit.createLabel(_paramsComposite, "(String)"); + } else { - String str = param.getType() ; + String str = param.getType(); + if (param.getType().lastIndexOf(".") != -1) str = param.getType().substring(1 + param.getType().lastIndexOf(".")); @@ -581,34 +589,32 @@ } // End of custom code - - // customized for passwords - if (PASSWORD.equalsIgnoreCase(param.getName())) + ViewUtility.popupInfoMessage(_form.getText(), "Please select the " + ViewUtility.getDisplayText(param.getName())); + return; + } + + // customized for passwords + String securityMechanism = ApplicationRegistry.getSecurityMechanism(); + if ((MECH_CRAMMD5.equals(securityMechanism)) && PASSWORD.equalsIgnoreCase(param.getName())) + { + try { - try - { - param.setValueFromString(ViewUtility.getHashedString(param.getValue())); - } - catch (Exception ex) - { - MBeanUtility.handleException(_mbean, ex); - return; - } + param.setValue(ViewUtility.getMD5HashedCharArray(param.getValue())); + } + catch (Exception ex) + { + MBeanUtility.handleException(_mbean, ex); + return; } - // end of customization - ViewUtility.popupInfoMessage(_form.getText(), - "Please select the " + ViewUtility.getDisplayText(param.getName())); - - return; } + // end of customization } } if (_opData.getImpact() == OPERATION_IMPACT_ACTION) { String bean = _mbean.getName() == null ? _mbean.getType() : _mbean.getName(); - int response = ViewUtility.popupConfirmationMessage(bean, - "Do you want to " + _form.getText()+ " ?"); + int response = ViewUtility.popupConfirmationMessage(bean, "Do you want to " + _form.getText()+ " ?"); if (response == SWT.YES) { executeAndShowResults(); Modified: incubator/qpid/branches/M2/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/ViewUtility.java URL: http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/ViewUtility.java?view=diff&rev=530734&r1=530733&r2=530734 ============================================================================== --- incubator/qpid/branches/M2/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/ViewUtility.java (original) +++ incubator/qpid/branches/M2/java/management/eclipse-plugin/src/main/java/org/apache/qpid/management/ui/views/ViewUtility.java Fri Apr 20 03:42:52 2007 @@ -560,10 +560,26 @@ } } - public static String getHashedString(Object text) throws NoSuchAlgorithmException, UnsupportedEncodingException + public static char[] getMD5HashedCharArray(Object text) throws NoSuchAlgorithmException, UnsupportedEncodingException { - char[] chars = getHash((String)text); - return new String(chars); + byte[] data = ((String)text).getBytes("utf-8"); + + MessageDigest md = MessageDigest.getInstance("MD5"); + + for (byte b : data) + { + md.update(b); + } + + byte[] digest = md.digest(); + + char[] byteArray = new char[digest.length]; + int index = 0; + for (byte b : digest) + { + byteArray[index++] = (char)b; + } + return byteArray; } public static char[] getHash(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException