Author: kwall
Date: Mon Feb 15 18:00:53 2016
New Revision: 1730582
URL: http://svn.apache.org/viewvc?rev=1730582&view=rev
Log:
QPID-7035: [Java Broker] SCRAM implementation should make iteration count
configurable
Merged from trunk with command:
svn merge -c 1727954,1728501 ^/qpid/java/trunk
Modified:
qpid/java/branches/6.0.x/ (props changed)
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/PlainAuthenticationProvider.java
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/PlainPasswordDatabaseAuthenticationManager.java
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleAuthenticationManager.java
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServerSource.java
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServerSourceAdapter.java
qpid/java/branches/6.0.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabaseTest.java
qpid/java/branches/6.0.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManagerTest.java
Propchange: qpid/java/branches/6.0.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Feb 15 18:00:53 2016
@@ -9,5 +9,5 @@
/qpid/branches/java-broker-vhost-refactor/java:1493674-1494547
/qpid/branches/java-network-refactor/qpid/java:805429-821809
/qpid/branches/qpid-2935/qpid/java:1061302-1072333
-/qpid/java/trunk:1715445-1715447,1715586,1715940,1716086-1716087,1716127-1716128,1716141,1716153,1716155,1716194,1716204,1716209,1716227,1716277,1716357,1716368,1716370,1716374,1716432,1716444-1716445,1716455,1716461,1716474,1716489,1716497,1716515,1716555,1716602,1716606-1716610,1716619,1716636,1717269,1717299,1717401,1717446,1717449,1717626,1717691,1717735,1717780,1718744,1718889,1718893,1718918,1718922,1719026,1719028,1719033,1719037,1719047,1719051,1720340,1720664,1721151,1721198,1722019-1722020,1722246,1722339,1722416,1722674,1722678,1722683,1722711,1723064,1723194,1723563,1724216,1724251,1724257,1724292,1724375,1724397,1724432,1724582,1724603,1724780,1724843-1724844,1725295,1725569,1725760,1726176,1726244-1726246,1726249,1726358,1726436,1726449,1726456,1726646,1726653,1726755,1726778,1727532,1727555,1727608,1727951,1728089,1728167,1728302,1728497,1728524,1728639,1728772,1729215,1729297,1729347,1729356,1729406,1729408,1729412,1729515,1729638,1729656-1729657,1729783,1729828,1729
832,1729841,1729851,1729904,1729973,1730019,1730025,1730052,1730072,1730494,1730499,1730559
+/qpid/java/trunk:1715445-1715447,1715586,1715940,1716086-1716087,1716127-1716128,1716141,1716153,1716155,1716194,1716204,1716209,1716227,1716277,1716357,1716368,1716370,1716374,1716432,1716444-1716445,1716455,1716461,1716474,1716489,1716497,1716515,1716555,1716602,1716606-1716610,1716619,1716636,1717269,1717299,1717401,1717446,1717449,1717626,1717691,1717735,1717780,1718744,1718889,1718893,1718918,1718922,1719026,1719028,1719033,1719037,1719047,1719051,1720340,1720664,1721151,1721198,1722019-1722020,1722246,1722339,1722416,1722674,1722678,1722683,1722711,1723064,1723194,1723563,1724216,1724251,1724257,1724292,1724375,1724397,1724432,1724582,1724603,1724780,1724843-1724844,1725295,1725569,1725760,1726176,1726244-1726246,1726249,1726358,1726436,1726449,1726456,1726646,1726653,1726755,1726778,1727532,1727555,1727608,1727951,1727954,1728089,1728167,1728302,1728497,1728501,1728524,1728639,1728772,1729215,1729297,1729347,1729356,1729406,1729408,1729412,1729515,1729638,1729656-1729657,1729
783,1729828,1729832,1729841,1729851,1729904,1729973,1730019,1730025,1730052,1730072,1730494,1730499,1730559
/qpid/trunk/qpid:796646-796653
Modified:
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java
URL:
http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java?rev=1730582&r1=1730581&r2=1730582&view=diff
==============================================================================
---
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java
(original)
+++
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.java
Mon Feb 15 18:00:53 2016
@@ -36,6 +36,8 @@ import javax.security.sasl.SaslServer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.apache.qpid.server.model.AuthenticationProvider;
+import
org.apache.qpid.server.security.auth.manager.AbstractScramAuthenticationManager;
import
org.apache.qpid.server.security.auth.manager.ScramSHA1AuthenticationManager;
import
org.apache.qpid.server.security.auth.manager.ScramSHA256AuthenticationManager;
import org.apache.qpid.server.security.auth.sasl.crammd5.CRAMMD5Initialiser;
@@ -64,7 +66,7 @@ public class PlainPasswordFilePrincipalD
private final ScramSaslServerSourceAdapter _scramSha256Adapter;
- public PlainPasswordFilePrincipalDatabase()
+ public PlainPasswordFilePrincipalDatabase(AuthenticationProvider<?>
authenticationProvider)
{
PlainInitialiser plainInitialiser = new PlainInitialiser();
plainInitialiser.initialise(this);
@@ -87,10 +89,9 @@ public class PlainPasswordFilePrincipalD
}
};
- _scramSha1Adapter = new ScramSaslServerSourceAdapter(4096, "HmacSHA1",
"SHA-1", passwordSource);
- _scramSha256Adapter = new ScramSaslServerSourceAdapter(4096,
"HmacSHA256", "SHA-256", passwordSource);
-
-
+ final int scramIterationCount =
authenticationProvider.getContextValue(Integer.class,
AbstractScramAuthenticationManager.QPID_AUTHMANAGER_SCRAM_ITERATION_COUNT);
+ _scramSha1Adapter = new
ScramSaslServerSourceAdapter(scramIterationCount, "HmacSHA1", "SHA-1",
passwordSource);
+ _scramSha256Adapter = new
ScramSaslServerSourceAdapter(scramIterationCount, "HmacSHA256", "SHA-256",
passwordSource);
}
Modified:
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
URL:
http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java?rev=1730582&r1=1730581&r2=1730582&view=diff
==============================================================================
---
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
(original)
+++
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
Mon Feb 15 18:00:53 2016
@@ -39,7 +39,9 @@ import javax.xml.bind.DatatypeConverter;
import com.google.common.util.concurrent.ListenableFuture;
+import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.model.ManagedContextDefault;
import
org.apache.qpid.server.model.PasswordCredentialManagingAuthenticationProvider;
import org.apache.qpid.server.model.State;
import org.apache.qpid.server.model.StateTransition;
@@ -57,7 +59,11 @@ public abstract class AbstractScramAuthe
public static final String PLAIN = "PLAIN";
private final SecureRandom _random = new SecureRandom();
- private int _iterationCount = 4096;
+ public static final String QPID_AUTHMANAGER_SCRAM_ITERATION_COUNT =
"qpid.auth.scram.iteration_count";
+ @ManagedContextDefault(name = QPID_AUTHMANAGER_SCRAM_ITERATION_COUNT)
+ public static final int DEFAULT_ITERATION_COUNT = 4096;
+
+ private int _iterationCount = DEFAULT_ITERATION_COUNT;
protected AbstractScramAuthenticationManager(final Map<String, Object>
attributes, final Broker broker)
@@ -68,6 +74,7 @@ public abstract class AbstractScramAuthe
@StateTransition( currentState = { State.UNINITIALIZED, State.QUIESCED,
State.QUIESCED }, desiredState = State.ACTIVE )
protected ListenableFuture<Void> activate()
{
+ _iterationCount = getContextValue(Integer.class,
QPID_AUTHMANAGER_SCRAM_ITERATION_COUNT);
for(ManagedUser user : getUserMap().values())
{
updateStoredPasswordFormatIfNecessary(user);
@@ -115,7 +122,7 @@ public abstract class AbstractScramAuthe
SaltAndPasswordKeys saltAndPasswordKeys =
getSaltAndPasswordKeys(username);
try
{
- byte[] saltedPassword =
createSaltedPassword(saltAndPasswordKeys.getSalt(), password);
+ byte[] saltedPassword =
createSaltedPassword(saltAndPasswordKeys.getSalt(), password,
saltAndPasswordKeys.getIterationCount());
byte[] clientKey = computeHmac(saltedPassword, "Client Key");
byte[] storedKey =
MessageDigest.getInstance(getDigestName()).digest(clientKey);
@@ -147,8 +154,9 @@ public abstract class AbstractScramAuthe
private void updateStoredPasswordFormatIfNecessary(final ManagedUser user)
{
+ final int oldDefaultIterationCount = 4096;
final String[] passwordFields = user.getPassword().split(",");
- if(passwordFields.length < 4)
+ if (passwordFields.length == 2)
{
byte[] saltedPassword =
DatatypeConverter.parseBase64Binary(passwordFields[PasswordField.SALTED_PASSWORD.ordinal()]);
@@ -160,9 +168,11 @@ public abstract class AbstractScramAuthe
byte[] serverKey = computeHmac(saltedPassword, "Server Key");
- String password = passwordFields[PasswordField.SALT.ordinal()]
+ ",,"
+ String password = passwordFields[PasswordField.SALT.ordinal()]
+ ","
+ + "," // remove previously insecure salted
password field
+
DatatypeConverter.printBase64Binary(storedKey) + ","
- +
DatatypeConverter.printBase64Binary(serverKey);
+ +
DatatypeConverter.printBase64Binary(serverKey) + ","
+ + oldDefaultIterationCount;
user.setPassword(password);
}
@@ -171,9 +181,22 @@ public abstract class AbstractScramAuthe
throw new IllegalArgumentException(e);
}
}
+ else if (passwordFields.length == 4)
+ {
+ String password = passwordFields[PasswordField.SALT.ordinal()] +
","
+ + "," // remove previously insecure salted password field
+ + passwordFields[PasswordField.STORED_KEY.ordinal()] + ","
+ + passwordFields[PasswordField.SERVER_KEY.ordinal()] + ","
+ + oldDefaultIterationCount;
+ user.setPassword(password);
+ }
+ else if (passwordFields.length != 5)
+ {
+ throw new IllegalConfigurationException("password field for user
'" + user.getName() + "' has unrecognised format.");
+ }
}
- private byte[] createSaltedPassword(byte[] salt, String password)
+ private byte[] createSaltedPassword(byte[] salt, String password, int
iterationCount)
{
Mac mac = createShaHmac(password.getBytes(ASCII));
@@ -182,7 +205,7 @@ public abstract class AbstractScramAuthe
byte[] result = mac.doFinal();
byte[] previous = null;
- for(int i = 1; i < getIterationCount(); i++)
+ for(int i = 1; i < iterationCount; i++)
{
mac.update(previous != null? previous: result);
previous = mac.doFinal();
@@ -225,16 +248,19 @@ public abstract class AbstractScramAuthe
{
try
{
+ final int iterationCount = getIterationCount();
byte[] salt = generateSalt();
- byte[] saltedPassword = createSaltedPassword(salt, password);
+ byte[] saltedPassword = createSaltedPassword(salt, password,
iterationCount);
byte[] clientKey = computeHmac(saltedPassword, "Client Key");
byte[] storedKey =
MessageDigest.getInstance(getDigestName()).digest(clientKey);
byte[] serverKey = computeHmac(saltedPassword, "Server Key");
- return DatatypeConverter.printBase64Binary(salt) + ",,"
+ return DatatypeConverter.printBase64Binary(salt) + ","
+ + "," // leave insecure salted password field blank
+ DatatypeConverter.printBase64Binary(storedKey) + ","
- + DatatypeConverter.printBase64Binary(serverKey);
+ + DatatypeConverter.printBase64Binary(serverKey) + ","
+ + iterationCount;
}
catch (NoSuchAlgorithmException e)
{
@@ -259,6 +285,7 @@ public abstract class AbstractScramAuthe
final byte[] salt;
final byte[] storedKey;
final byte[] serverKey;
+ final int iterationCount;
final SaslException exception;
if(user == null)
@@ -268,6 +295,7 @@ public abstract class AbstractScramAuthe
salt = generateSalt();
storedKey = null;
serverKey = null;
+ iterationCount = -1;
exception = new SaslException("Authentication Failed");
}
else
@@ -277,6 +305,7 @@ public abstract class AbstractScramAuthe
salt =
DatatypeConverter.parseBase64Binary(passwordFields[PasswordField.SALT.ordinal()]);
storedKey =
DatatypeConverter.parseBase64Binary(passwordFields[PasswordField.STORED_KEY.ordinal()]);
serverKey =
DatatypeConverter.parseBase64Binary(passwordFields[PasswordField.SERVER_KEY.ordinal()]);
+ iterationCount =
Integer.parseInt(passwordFields[PasswordField.ITERATION_COUNT.ordinal()]);
exception = null;
}
@@ -307,6 +336,16 @@ public abstract class AbstractScramAuthe
}
return serverKey;
}
+
+ @Override
+ public int getIterationCount() throws SaslException
+ {
+ if(iterationCount < 0)
+ {
+ throw exception;
+ }
+ return iterationCount;
+ }
};
}
@@ -319,6 +358,6 @@ public abstract class AbstractScramAuthe
private enum PasswordField
{
- SALT, SALTED_PASSWORD, STORED_KEY, SERVER_KEY
+ SALT, SALTED_PASSWORD, STORED_KEY, SERVER_KEY, ITERATION_COUNT
}
}
Modified:
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/PlainAuthenticationProvider.java
URL:
http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/PlainAuthenticationProvider.java?rev=1730582&r1=1730581&r2=1730582&view=diff
==============================================================================
---
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/PlainAuthenticationProvider.java
(original)
+++
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/PlainAuthenticationProvider.java
Mon Feb 15 18:00:53 2016
@@ -79,8 +79,9 @@ public class PlainAuthenticationProvider
}
};
- _scramSha1Adapter = new ScramSaslServerSourceAdapter(4096, "HmacSHA1",
"SHA-1", passwordSource);
- _scramSha256Adapter = new ScramSaslServerSourceAdapter(4096,
"HmacSHA256", "SHA-256", passwordSource);
+ final int scramIterationCount = getContextValue(Integer.class,
AbstractScramAuthenticationManager.QPID_AUTHMANAGER_SCRAM_ITERATION_COUNT);
+ _scramSha1Adapter = new
ScramSaslServerSourceAdapter(scramIterationCount, "HmacSHA1", "SHA-1",
passwordSource);
+ _scramSha256Adapter = new
ScramSaslServerSourceAdapter(scramIterationCount, "HmacSHA256", "SHA-256",
passwordSource);
}
@Override
Modified:
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/PlainPasswordDatabaseAuthenticationManager.java
URL:
http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/PlainPasswordDatabaseAuthenticationManager.java?rev=1730582&r1=1730581&r2=1730582&view=diff
==============================================================================
---
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/PlainPasswordDatabaseAuthenticationManager.java
(original)
+++
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/PlainPasswordDatabaseAuthenticationManager.java
Mon Feb 15 18:00:53 2016
@@ -42,6 +42,6 @@ public class PlainPasswordDatabaseAuthen
@Override
protected PrincipalDatabase createDatabase()
{
- return new PlainPasswordFilePrincipalDatabase();
+ return new PlainPasswordFilePrincipalDatabase(this);
}
}
Modified:
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleAuthenticationManager.java
URL:
http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleAuthenticationManager.java?rev=1730582&r1=1730581&r2=1730582&view=diff
==============================================================================
---
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleAuthenticationManager.java
(original)
+++
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleAuthenticationManager.java
Mon Feb 15 18:00:53 2016
@@ -81,8 +81,9 @@ public class SimpleAuthenticationManager
}
};
- _scramSha1Adapter = new ScramSaslServerSourceAdapter(4096, "HmacSHA1",
"SHA-1", passwordSource);
- _scramSha256Adapter = new ScramSaslServerSourceAdapter(4096,
"HmacSHA256", "SHA-256", passwordSource);
+ final int scramIterationCount = getContextValue(Integer.class,
AbstractScramAuthenticationManager.QPID_AUTHMANAGER_SCRAM_ITERATION_COUNT);
+ _scramSha1Adapter = new
ScramSaslServerSourceAdapter(scramIterationCount, "HmacSHA1", "SHA-1",
passwordSource);
+ _scramSha256Adapter = new
ScramSaslServerSourceAdapter(scramIterationCount, "HmacSHA256", "SHA-256",
passwordSource);
}
Modified:
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java
URL:
http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java?rev=1730582&r1=1730581&r2=1730582&view=diff
==============================================================================
---
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java
(original)
+++
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java
Mon Feb 15 18:00:53 2016
@@ -128,9 +128,8 @@ public class ScramSaslServer implements
}
_nonce = parts[3].substring(2) + UUID.randomUUID().toString();
- int count = _authManager.getIterationCount();
_saltAndPassword = _authManager.getSaltAndPasswordKeys(_username);
- _serverFirstMessage = "r="+_nonce+",s="+
DatatypeConverter.printBase64Binary(_saltAndPassword.getSalt())+",i=" + count;
+ _serverFirstMessage = "r="+_nonce+",s="+
DatatypeConverter.printBase64Binary(_saltAndPassword.getSalt())+",i=" +
_saltAndPassword.getIterationCount();
return _serverFirstMessage.getBytes(ASCII);
}
Modified:
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServerSource.java
URL:
http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServerSource.java?rev=1730582&r1=1730581&r2=1730582&view=diff
==============================================================================
---
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServerSource.java
(original)
+++
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServerSource.java
Mon Feb 15 18:00:53 2016
@@ -33,6 +33,8 @@ public interface ScramSaslServerSource
byte[] getStoredKey() throws SaslException;
byte[] getServerKey() throws SaslException;
+
+ int getIterationCount() throws SaslException;
}
SaltAndPasswordKeys getSaltAndPasswordKeys(String username);
Modified:
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServerSourceAdapter.java
URL:
http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServerSourceAdapter.java?rev=1730582&r1=1730581&r2=1730582&view=diff
==============================================================================
---
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServerSourceAdapter.java
(original)
+++
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServerSourceAdapter.java
Mon Feb 15 18:00:53 2016
@@ -91,6 +91,7 @@ public class ScramSaslServerSourceAdapte
final byte[] storedKey;
final byte[] serverKey;
final byte[] salt = new byte[32];
+ final int iterationCount = getIterationCount();
_random.nextBytes(salt);
if(password != null)
@@ -110,7 +111,7 @@ public class ScramSaslServerSourceAdapte
byte[] saltedPassword = mac.doFinal();
byte[] previous = null;
- for (int i = 1; i < getIterationCount(); i++)
+ for (int i = 1; i < iterationCount; i++)
{
mac.update(previous != null ? previous : saltedPassword);
previous = mac.doFinal();
@@ -167,6 +168,12 @@ public class ScramSaslServerSourceAdapte
return serverKey;
}
+ @Override
+ public int getIterationCount() throws SaslException
+ {
+ return iterationCount;
+ }
+
};
}
Modified:
qpid/java/branches/6.0.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabaseTest.java
URL:
http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabaseTest.java?rev=1730582&r1=1730581&r2=1730582&view=diff
==============================================================================
---
qpid/java/branches/6.0.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabaseTest.java
(original)
+++
qpid/java/branches/6.0.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabaseTest.java
Mon Feb 15 18:00:53 2016
@@ -20,7 +20,12 @@
*/
package org.apache.qpid.server.security.auth.database;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.security.auth.UsernamePrincipal;
+import
org.apache.qpid.server.security.auth.manager.AbstractScramAuthenticationManager;
import org.apache.qpid.test.utils.QpidTestCase;
import javax.security.auth.login.AccountNotFoundException;
@@ -50,7 +55,9 @@ public class PlainPasswordFilePrincipalD
public void setUp() throws Exception
{
- _database = new PlainPasswordFilePrincipalDatabase();
+ final AuthenticationProvider mockAuthenticationProvider =
mock(AuthenticationProvider.class);
+ when(mockAuthenticationProvider.getContextValue(Integer.class,
AbstractScramAuthenticationManager.QPID_AUTHMANAGER_SCRAM_ITERATION_COUNT)).thenReturn(4096);
+ _database = new
PlainPasswordFilePrincipalDatabase(mockAuthenticationProvider);
_testPwdFiles.clear();
}
Modified:
qpid/java/branches/6.0.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManagerTest.java
URL:
http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManagerTest.java?rev=1730582&r1=1730581&r2=1730582&view=diff
==============================================================================
---
qpid/java/branches/6.0.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManagerTest.java
(original)
+++
qpid/java/branches/6.0.x/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManagerTest.java
Mon Feb 15 18:00:53 2016
@@ -40,6 +40,7 @@ import javax.security.sasl.SaslServer;
import javax.security.sasl.SaslServerFactory;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
+import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.security.auth.AuthenticationResult;
import
org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus;
@@ -124,7 +125,9 @@ public class PrincipalDatabaseAuthentica
public void testInitialiseWhenPasswordFileNotFound() throws Exception
{
- _principalDatabase = new PlainPasswordFilePrincipalDatabase();
+ AuthenticationProvider mockAuthProvider =
mock(AuthenticationProvider.class);
+ when(mockAuthProvider.getContextValue(Integer.class,
AbstractScramAuthenticationManager.QPID_AUTHMANAGER_SCRAM_ITERATION_COUNT)).thenReturn(4096);
+ _principalDatabase = new
PlainPasswordFilePrincipalDatabase(mockAuthProvider);
setupManager(true);
try
{
@@ -140,7 +143,9 @@ public class PrincipalDatabaseAuthentica
public void testInitialiseWhenPasswordFileExists() throws Exception
{
- _principalDatabase = new PlainPasswordFilePrincipalDatabase();
+ AuthenticationProvider mockAuthProvider =
mock(AuthenticationProvider.class);
+ when(mockAuthProvider.getContextValue(Integer.class,
AbstractScramAuthenticationManager.QPID_AUTHMANAGER_SCRAM_ITERATION_COUNT)).thenReturn(4096);
+ _principalDatabase = new
PlainPasswordFilePrincipalDatabase(mockAuthProvider);
setupManager(true);
File f = new File(_passwordFileLocation);
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
