[1/2] activemq-artemis git commit: ARTEMIS-1821 LDAPLoginModule always returns true on commit()

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[1/2] activemq-artemis git commit: ARTEMIS-1821 LDAPLoginModule always returns true on commit()

gaohoward-2
Repository: activemq-artemis
Updated Branches:
  refs/heads/master d1c3ed554 -> 932f0f408


ARTEMIS-1821 LDAPLoginModule always returns true on commit()


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/a2ade00a
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/a2ade00a
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/a2ade00a

Branch: refs/heads/master
Commit: a2ade00a545a7ee8b593015b7f71fff4bebdd32d
Parents: d1c3ed5
Author: Justin Bertram <[hidden email]>
Authored: Fri Apr 20 13:58:53 2018 -0500
Committer: Howard Gao <[hidden email]>
Committed: Tue Apr 24 11:16:53 2018 +0800

----------------------------------------------------------------------
 .../spi/core/security/jaas/LDAPLoginModule.java | 15 +++++++++++----
 .../core/security/jaas/LDAPLoginModuleTest.java | 20 ++++++++++++++++++++
 2 files changed, 31 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/a2ade00a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java
index e24f4f6..99648c2 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java
@@ -181,15 +181,16 @@ public class LDAPLoginModule implements LoginModule {
 
    @Override
    public boolean logout() throws LoginException {
-      username = null;
+      clear();
       return true;
    }
 
    @Override
    public boolean commit() throws LoginException {
+      boolean result = userAuthenticated;
       Set<UserPrincipal> authenticatedUsers = subject.getPrincipals(UserPrincipal.class);
       Set<Principal> principals = subject.getPrincipals();
-      if (userAuthenticated) {
+      if (result) {
          principals.add(new UserPrincipal(username));
       }
 
@@ -210,12 +211,18 @@ public class LDAPLoginModule implements LoginModule {
       for (RolePrincipal gp : groups) {
          principals.add(gp);
       }
-      return true;
+      clear();
+      return result;
+   }
+
+   private void clear() {
+      username = null;
+      userAuthenticated = false;
    }
 
    @Override
    public boolean abort() throws LoginException {
-      username = null;
+      clear();
       return true;
    }
 

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/a2ade00a/artemis-server/src/test/java/org/apache/activemq/artemis/core/security/jaas/LDAPLoginModuleTest.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/test/java/org/apache/activemq/artemis/core/security/jaas/LDAPLoginModuleTest.java b/artemis-server/src/test/java/org/apache/activemq/artemis/core/security/jaas/LDAPLoginModuleTest.java
index e3ace3a..75316e6 100644
--- a/artemis-server/src/test/java/org/apache/activemq/artemis/core/security/jaas/LDAPLoginModuleTest.java
+++ b/artemis-server/src/test/java/org/apache/activemq/artemis/core/security/jaas/LDAPLoginModuleTest.java
@@ -21,6 +21,7 @@ import javax.naming.NameClassPair;
 import javax.naming.NamingEnumeration;
 import javax.naming.directory.DirContext;
 import javax.naming.directory.InitialDirContext;
+import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.NameCallback;
@@ -28,10 +29,14 @@ import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
 import java.io.IOException;
+import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Hashtable;
 
+import org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler;
+import org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule;
 import org.apache.directory.server.annotations.CreateLdapServer;
 import org.apache.directory.server.annotations.CreateTransport;
 import org.apache.directory.server.core.annotations.ApplyLdifFiles;
@@ -43,6 +48,7 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
@@ -142,4 +148,18 @@ public class LDAPLoginModuleTest extends AbstractLdapTestUnit {
       }
       fail("Should have failed authenticating");
    }
+
+   @Test
+   public void testCommitOnFailedLogin() throws LoginException {
+      LoginModule loginModule = new LDAPLoginModule();
+      JaasCallbackHandler callbackHandler = new JaasCallbackHandler(null, null, null);
+
+      loginModule.initialize(new Subject(), callbackHandler, null, new HashMap<String, Object>());
+
+      // login should return false due to null username
+      assertFalse(loginModule.login());
+
+      // since login failed commit should return false as well
+      assertFalse(loginModule.commit());
+   }
 }

Reply | Threaded
Open this post in threaded view
|

[2/2] activemq-artemis git commit: This closes #2036

gaohoward-2
This closes #2036


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/932f0f40
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/932f0f40
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/932f0f40

Branch: refs/heads/master
Commit: 932f0f4086f4560ce013bbbc612225ea5695f678
Parents: d1c3ed5 a2ade00
Author: Howard Gao <[hidden email]>
Authored: Tue Apr 24 11:33:35 2018 +0800
Committer: Howard Gao <[hidden email]>
Committed: Tue Apr 24 11:33:35 2018 +0800

----------------------------------------------------------------------
 .../spi/core/security/jaas/LDAPLoginModule.java | 15 +++++++++++----
 .../core/security/jaas/LDAPLoginModuleTest.java | 20 ++++++++++++++++++++
 2 files changed, 31 insertions(+), 4 deletions(-)
----------------------------------------------------------------------