qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ai...@apache.org
Subject svn commit: r724779 - in /incubator/qpid/trunk/qpid/java/broker/src: main/java/org/apache/qpid/server/security/auth/database/ test/java/org/apache/qpid/server/security/auth/database/
Date Tue, 09 Dec 2008 17:03:31 GMT
Author: aidan
Date: Tue Dec  9 09:03:30 2008
New Revision: 724779

URL: http://svn.apache.org/viewvc?rev=724779&view=rev
Log:
QPID-1503: Add more tests for Base64MD5PasswordFilePrincipalDatabase, fix buglets.

Modified:
    incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
    incubator/qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java

Modified: incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java?rev=724779&r1=724778&r2=724779&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
(original)
+++ incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabase.java
Tue Dec  9 09:03:30 2008
@@ -109,6 +109,7 @@
 
     /**
      * SASL Callback Mechanism - sets the Password in the PasswordCallback based on the value
in the PasswordFile
+     * If you want to change the password for a user, use updatePassword instead.
      *
      * @param principal The Principal to set the password for
      * @param callback  The PasswordCallback to call setPassword on
@@ -152,17 +153,31 @@
     {
         char[] pwd = lookupPassword(principal);
 
-        int index = 0;
-        boolean verified = true;
-
-        while (verified & index < password.length)
+        return compareCharArray(pwd, password);
+    }
+    
+    private boolean compareCharArray(char[] a, char[] b)
+    {
+        boolean equal = false;
+        if (a.length == b.length)
         {
-            verified = (pwd[index] == password[index]);
-            index++;
+            equal = true;
+            int index = 0;
+            while (equal && index < a.length)
+            {
+                equal = a[index] == b[index];
+                index++;
+            }
         }
-        return verified;
+        return equal;
     }
 
+    /**
+     * Changes the password for the specified user
+     * 
+     * @param principal to change the password for
+     * @param password plaintext password to set the password too
+     */
     public boolean updatePassword(Principal principal, char[] password) throws AccountNotFoundException
     {
         HashedUser user = _users.get(principal.getName());

Modified: incubator/qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java?rev=724779&r1=724778&r2=724779&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
(original)
+++ incubator/qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java
Tue Dec  9 09:03:30 2008
@@ -23,6 +23,9 @@
 import junit.framework.TestCase;
 
 import javax.security.auth.login.AccountNotFoundException;
+
+import org.apache.qpid.server.security.auth.sasl.UsernamePrincipal;
+
 import java.io.BufferedReader;
 import java.io.BufferedWriter;
 import java.io.File;
@@ -37,13 +40,20 @@
 public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase
 {
 
-    Base64MD5PasswordFilePrincipalDatabase _database;
     private static final String TEST_COMMENT = "# Test Comment";
     private String USERNAME = "testUser";
+    private String _username = this.getClass().getName()+"username";
+    private char[] _password = "password".toCharArray();
+    private Principal _principal = new UsernamePrincipal(_username);
+    private Base64MD5PasswordFilePrincipalDatabase _database;
+    private File _pwdFile;
 
-    public void setUp()
+    public void setUp() throws Exception
     {
         _database = new Base64MD5PasswordFilePrincipalDatabase();
+        _pwdFile = File.createTempFile(this.getClass().getName(), "pwd");
+        _pwdFile.deleteOnExit();
+        _database.setPasswordFile(_pwdFile.getAbsolutePath());
     }
 
     private File createPasswordFile(int commentLines, int users)
@@ -297,4 +307,31 @@
 
         testFile.delete();
     }
+    
+    public void testCreateUserPrincipal() throws IOException
+    {
+        _database.createPrincipal(_principal, _password);
+        Principal newPrincipal = _database.getUser(_username);
+        assertNotNull(newPrincipal);
+        assertEquals(_principal.getName(), newPrincipal.getName());
+    }
+    
+    public void testVerifyPassword() throws IOException, AccountNotFoundException
+    {
+        testCreateUserPrincipal();
+        //assertFalse(_pwdDB.verifyPassword(_username, null));
+        assertFalse(_database.verifyPassword(_username, new char[]{}));
+        assertFalse(_database.verifyPassword(_username, "massword".toCharArray()));
+        assertTrue(_database.verifyPassword(_username, _password));
+    }
+    
+    public void testUpdatePassword() throws IOException, AccountNotFoundException 
+    {
+        testCreateUserPrincipal();
+        char[] newPwd = "newpassword".toCharArray();
+        _database.updatePassword(_principal, newPwd);
+        assertFalse(_database.verifyPassword(_username, _password));
+        assertTrue(_database.verifyPassword(_username, newPwd));
+    }
+    
 }



Mime
View raw message