tapestry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hls...@apache.org
Subject git commit: Make the default HMAC passphrase the application root package name Use the AlertManager to (help) ensure that the developer knows about an unconfigured HMAC passphrase
Date Mon, 08 Oct 2012 17:26:54 GMT
Updated Branches:
  refs/heads/5.3 acac8db6f -> 9f935bc9f


Make the default HMAC passphrase the application root package name
Use the AlertManager to (help) ensure that the developer knows about an unconfigured HMAC
passphrase


Project: http://git-wip-us.apache.org/repos/asf/tapestry-5/repo
Commit: http://git-wip-us.apache.org/repos/asf/tapestry-5/commit/9f935bc9
Tree: http://git-wip-us.apache.org/repos/asf/tapestry-5/tree/9f935bc9
Diff: http://git-wip-us.apache.org/repos/asf/tapestry-5/diff/9f935bc9

Branch: refs/heads/5.3
Commit: 9f935bc9f52a3c6bfa20e7ff0e0211ce19cc5f60
Parents: acac8db
Author: Howard M. Lewis Ship <hlship@apache.org>
Authored: Mon Oct 8 10:26:34 2012 -0700
Committer: Howard M. Lewis Ship <hlship@apache.org>
Committed: Mon Oct 8 10:26:51 2012 -0700

----------------------------------------------------------------------
 .../internal/services/ClientDataEncoderImpl.java   |   23 +++++++++++----
 .../services/ClientDataEncoderImplTest.groovy      |   17 ++++++----
 2 files changed, 27 insertions(+), 13 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/tapestry-5/blob/9f935bc9/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/ClientDataEncoderImpl.java
----------------------------------------------------------------------
diff --git a/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/ClientDataEncoderImpl.java
b/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/ClientDataEncoderImpl.java
index 3bf26cc..fc6293c 100644
--- a/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/ClientDataEncoderImpl.java
+++ b/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/ClientDataEncoderImpl.java
@@ -15,6 +15,7 @@
 package org.apache.tapestry5.internal.services;
 
 import org.apache.tapestry5.SymbolConstants;
+import org.apache.tapestry5.alerts.AlertManager;
 import org.apache.tapestry5.internal.TapestryInternalUtils;
 import org.apache.tapestry5.internal.util.Base64InputStream;
 import org.apache.tapestry5.internal.util.MacOutputStream;
@@ -38,19 +39,29 @@ public class ClientDataEncoderImpl implements ClientDataEncoder
 
     private final Key hmacKey;
 
-    public ClientDataEncoderImpl(URLEncoder urlEncoder, @Symbol(SymbolConstants.HMAC_PASSPHRASE)
String passphrase, Logger logger) throws UnsupportedEncodingException
+    public ClientDataEncoderImpl(URLEncoder urlEncoder, @Symbol(SymbolConstants.HMAC_PASSPHRASE)
String passphrase,
+                                 Logger logger,
+                                 @Symbol(SymbolConstants.APPLICATION_VERSION)
+                                 String applicationPackageName, AlertManager alertManager)
throws UnsupportedEncodingException
     {
         this.urlEncoder = urlEncoder;
 
         if (passphrase.equals(""))
         {
-            logger.error(String.format("The symbol '%s' has not been configured. " +
+            String message = String.format("The symbol '%s' has not been configured. " +
                     "This is used to configure hash-based message authentication of Tapestry
data stored in forms, or in the URL. " +
-                    "You application is less secure, and more vulnerable to denial-of-service
attacks, when this symbol is left unconfigured.",
-                    SymbolConstants.HMAC_PASSPHRASE));
+                    "You application is less secure, and more vulnerable to denial-of-service
attacks, when this symbol is not configured.",
+                    SymbolConstants.HMAC_PASSPHRASE);
 
-            // Errors at lower levels if the passphrase is empty, so override the parameter
to set a default value.
-            passphrase = "DEFAULT";
+            // Now to really get the attention of the developer!
+
+            alertManager.error(message);
+
+            logger.error(message);
+
+            // Override the blank parameter to set a default value. Use the application package
name,
+            // which is justly slightly more secure than having a fixed default.
+            passphrase = applicationPackageName;
         }
 
         hmacKey = new SecretKeySpec(passphrase.getBytes("UTF8"), "HmacSHA1");

http://git-wip-us.apache.org/repos/asf/tapestry-5/blob/9f935bc9/tapestry-core/src/test/groovy/org/apache/tapestry5/internal/services/ClientDataEncoderImplTest.groovy
----------------------------------------------------------------------
diff --git a/tapestry-core/src/test/groovy/org/apache/tapestry5/internal/services/ClientDataEncoderImplTest.groovy
b/tapestry-core/src/test/groovy/org/apache/tapestry5/internal/services/ClientDataEncoderImplTest.groovy
index 07399f4..68e1ab7 100644
--- a/tapestry-core/src/test/groovy/org/apache/tapestry5/internal/services/ClientDataEncoderImplTest.groovy
+++ b/tapestry-core/src/test/groovy/org/apache/tapestry5/internal/services/ClientDataEncoderImplTest.groovy
@@ -1,5 +1,6 @@
 package org.apache.tapestry5.internal.services
 
+import org.apache.tapestry5.alerts.AlertManager
 import org.apache.tapestry5.ioc.test.TestBase
 import org.apache.tapestry5.services.ClientDataEncoder
 import org.easymock.EasyMock
@@ -43,12 +44,14 @@ class ClientDataEncoderImplTest extends TestBase {
     @Test
     void blank_passphrase_works_but_logs_error() {
         Logger logger = newMock Logger
+        AlertManager alertManager = newMock AlertManager
 
         logger.error(EasyMock.isA(String))
+        alertManager.error(EasyMock.isA(String))
 
         replay()
 
-        ClientDataEncoder cde = new ClientDataEncoderImpl(null, "", logger)
+        ClientDataEncoder cde = new ClientDataEncoderImpl(null, "", logger, "foo.bar", alertManager)
 
         tryEncodeAndDecode cde
 
@@ -57,15 +60,15 @@ class ClientDataEncoderImplTest extends TestBase {
 
     @Test
     void no_logged_error_with_non_blank_passphrase() {
-        ClientDataEncoder cde = new ClientDataEncoderImpl(null, "Testing, Testing, 1.., 2..,
3...", null)
+        ClientDataEncoder cde = new ClientDataEncoderImpl(null, "Testing, Testing, 1.., 2..,
3...", null, "foo.bar", null)
 
         tryEncodeAndDecode cde
     }
 
     @Test
     void passphrase_affects_encoded_output() {
-        ClientDataEncoder first = new ClientDataEncoderImpl(null, "first passphrase", null)
-        ClientDataEncoder second = new ClientDataEncoderImpl(null, " different passphrase
", null)
+        ClientDataEncoder first = new ClientDataEncoderImpl(null, "first passphrase", null,
"foo.bar", null)
+        ClientDataEncoder second = new ClientDataEncoderImpl(null, " different passphrase
", null, "foo.bar", null)
 
         def input = "current time millis is ${System.currentTimeMillis()} ms"
 
@@ -79,7 +82,7 @@ class ClientDataEncoderImplTest extends TestBase {
 
     @Test(expectedExceptions = IllegalArgumentException)
     void decode_with_missing_hmac_prefix_is_a_failure() {
-        ClientDataEncoder cde = new ClientDataEncoderImpl(null, "a passphrase", null)
+        ClientDataEncoder cde = new ClientDataEncoderImpl(null, "a passphrase", null, "foo.bar",
null)
 
         cde.decodeClientData("so completely invalid")
     }
@@ -89,8 +92,8 @@ class ClientDataEncoderImplTest extends TestBase {
 
         // Simulate tampering by encoding with one passphrase and attempting to decode with
a different
         // passphrase.
-        ClientDataEncoder first = new ClientDataEncoderImpl(null, "first passphrase", null)
-        ClientDataEncoder second = new ClientDataEncoderImpl(null, " different passphrase
", null)
+        ClientDataEncoder first = new ClientDataEncoderImpl(null, "first passphrase", null,
"foo.bar", null)
+        ClientDataEncoder second = new ClientDataEncoderImpl(null, " different passphrase
", null, "foo.bar", null)
 
         def input = "current time millis is ${System.currentTimeMillis()} ms"
 


Mime
View raw message