Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 599182 Details for
Bug 840512
JON CP test connection not working with valid credentials
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Patch for ObfuscatedPropertySimple
BZ840512.patch (text/plain), 8.28 KB, created by
Lukas Krejci
on 2012-07-19 14:57:49 UTC
(
hide
)
Description:
Patch for ObfuscatedPropertySimple
Filename:
MIME Type:
Creator:
Lukas Krejci
Created:
2012-07-19 14:57:49 UTC
Size:
8.28 KB
patch
obsolete
>diff --git a/modules/core/domain/src/main/java/org/rhq/core/domain/configuration/ObfuscatedPropertySimple.java b/modules/core/domain/src/main/java/org/rhq/core/domain/configuration/ObfuscatedPropertySimple.java >index 779b795..4120416 100644 >--- a/modules/core/domain/src/main/java/org/rhq/core/domain/configuration/ObfuscatedPropertySimple.java >+++ b/modules/core/domain/src/main/java/org/rhq/core/domain/configuration/ObfuscatedPropertySimple.java >@@ -26,10 +26,6 @@ import java.io.ObjectOutputStream; > import javax.persistence.DiscriminatorValue; > import javax.persistence.Entity; > import javax.persistence.PostLoad; >-import javax.persistence.PostPersist; >-import javax.persistence.PostUpdate; >-import javax.persistence.PrePersist; >-import javax.persistence.PreUpdate; > import javax.xml.bind.annotation.XmlAccessType; > import javax.xml.bind.annotation.XmlAccessorType; > import javax.xml.bind.annotation.XmlRootElement; >@@ -43,6 +39,9 @@ import org.rhq.core.util.obfuscation.Obfuscator; > * This is a specialization of {@link PropertySimple} that provides password obfuscation > * methods. > * >+ * In memory, the value is always kept in clear text. It is only at persisting or >+ * serialization time that the value is stored in its obfuscated form. >+ * > * @author Lukas Krejci > */ > @DiscriminatorValue("obfuscated") >@@ -51,10 +50,15 @@ import org.rhq.core.util.obfuscation.Obfuscator; > @XmlRootElement > public class ObfuscatedPropertySimple extends PropertySimple { > >+ //note that while there were changes since RHQ 4.4.0.GA (or JON 3.1.0.GA) version of this class >+ //the serialization has NOT changed. The over-the-wire format of this class remained the same. >+ //Hence, serializationVersionUID is still at 1. > private static final long serialVersionUID = 1L; > > private static final Log LOG = LogFactory.getLog(ObfuscatedPropertySimple.class); > >+ private transient String clearTextValue; >+ > public ObfuscatedPropertySimple() { > } > >@@ -81,7 +85,8 @@ public class ObfuscatedPropertySimple extends PropertySimple { > * @param value > */ > public ObfuscatedPropertySimple(String name, Object value) { >- super(name, value); >+ super(name, null); >+ setValue(value); > } > > @Override >@@ -89,50 +94,125 @@ public class ObfuscatedPropertySimple extends PropertySimple { > return new ObfuscatedPropertySimple(this, keepId); > } > >+ @PostLoad >+ protected void initClearTextValue() { >+ clearTextValue = deobfuscate(getObfuscatedStringValue()); >+ } >+ > /** >- * We deobfuscate right after the entity has been loaded from the database or right >- * after we persist or update the value. >- * >- * Because we change the value before persist or update, we have to swap the value back >- * as soon as those DB changes are done, so that we only use the raw value in memory. >+ * @return the value as being stored in the database > */ >- @PostLoad >- @PostPersist >- @PostUpdate >- protected void deobfuscate() { >- String value = getStringValue(); >- if (value != null) { >- try { >- setStringValue(Obfuscator.decode(getStringValue())); >- } catch (Exception e) { >- LOG.error("Failed to deobfuscate property value: [" + value + "]", e); >- } >+ public String getObfuscatedStringValue() { >+ return super.getStringValue(); >+ } >+ >+ /** >+ * The value of this property as string. Note that this is always in "clear text". I.e. the value >+ * you get from this method is NOT obfuscated (but it gets stored in the database obfuscated). >+ */ >+ @Override >+ public String getStringValue() { >+ return clearTextValue; >+ } >+ >+ /** >+ * Sets the value of this property. You should pass the "clear text" value - the obfuscation of >+ * the value in the database is done for you behind the scenes. >+ */ >+ @Override >+ public void setValue(Object value) { >+ //just use the logic in the superclass to set the value >+ super.setValue(value); >+ //and obtain the result >+ this.clearTextValue = super.getStringValue(); >+ >+ //now set the underlying value to the obfuscated one >+ super.setValue(obfuscate(clearTextValue)); >+ >+ //now we have the clear text string representation of the value in "clearTextValue", >+ //the stringValue in the superclass contains the corresponding obfuscated string. >+ } >+ >+ >+ @Override >+ public Boolean getBooleanValue() { >+ String val = getStringValue(); >+ return val == null ? null : Boolean.valueOf(val); >+ } >+ >+ @Override >+ public Long getLongValue() { >+ String val = getStringValue(); >+ return val == null ? null : Long.valueOf(val); >+ } >+ >+ @Override >+ public Integer getIntegerValue() { >+ String val = getStringValue(); >+ return val == null ? null : Integer.valueOf(val); >+ } >+ >+ @Override >+ public Float getFloatValue() { >+ String val = getStringValue(); >+ return val == null ? null : Float.valueOf(val); >+ } >+ >+ @Override >+ public Double getDoubleValue() { >+ String val = getStringValue(); >+ return val == null ? null : Double.valueOf(val); >+ } >+ >+ @Override >+ public boolean isMasked() { >+ return MASKED_VALUE.equals(getStringValue()); >+ } >+ >+ @Override >+ public void mask() { >+ if (getStringValue() != null) { >+ setValue(MASKED_VALUE); >+ } >+ } >+ >+ protected String deobfuscate(String value) { >+ try { >+ return value == null ? null : Obfuscator.decode(value); >+ } catch (Exception e) { >+ LOG.error("Failed to deobfuscate property value: [" + value + "]", e); >+ throw new IllegalArgumentException("Failed to deobfuscate property value: [" + value + "]", e); > } > } > > /** > * Obfuscate the value right before it gets pushed down to the database. > */ >- @PrePersist >- @PreUpdate >- protected void obfuscate() { >- String value = getStringValue(); >- if (value != null) { >- try { >- setStringValue(Obfuscator.encode(value)); >- } catch (Exception e) { >- LOG.error("Failed to obfuscate property value: [" + value + "]", e); >- } >+ protected String obfuscate(String value) { >+ try { >+ return value == null ? null : Obfuscator.encode(value); >+ } catch (Exception e) { >+ LOG.error("Failed to obfuscate property value: [" + value + "]", e); >+ throw new IllegalArgumentException("Failed to obfuscate property value: [" + value + "]", e); > } > } > >+ /** >+ * Overriden to not leak the unobfuscated value in the toString() method, output of which >+ * might end up in logs, etc. >+ */ >+ @Override >+ protected void appendToStringInternals(StringBuilder str) { >+ str.append(", obfuscated-value=").append(getObfuscatedStringValue()); >+ str.append(", override=").append(getOverride()); >+ }; >+ > private void writeObject(ObjectOutputStream str) throws IOException { >- obfuscate(); > str.defaultWriteObject(); > } > > private void readObject(ObjectInputStream str) throws IOException, ClassNotFoundException { > str.defaultReadObject(); >- deobfuscate(); >+ initClearTextValue(); > } > } >diff --git a/modules/core/domain/src/main/java/org/rhq/core/domain/configuration/PropertySimple.java b/modules/core/domain/src/main/java/org/rhq/core/domain/configuration/PropertySimple.java >index 8edc331..dd7aebd 100644 >--- a/modules/core/domain/src/main/java/org/rhq/core/domain/configuration/PropertySimple.java >+++ b/modules/core/domain/src/main/java/org/rhq/core/domain/configuration/PropertySimple.java >@@ -55,7 +55,7 @@ public class PropertySimple extends Property implements Serializable { > * clients from being able to view the current value of PASSWORD properties. The value is made obscure enough to > * make the chances of it being the same as the property's unmasked value next to nil. > */ >- private static final String MASKED_VALUE = "_._._[MaSKeD]_._._"; >+ public static final String MASKED_VALUE = "_._._[MaSKeD]_._._"; > > @Column(name = "string_value", length = MAX_VALUE_LENGTH) > private String stringValue;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=599182">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 840512
:
598471
|
598520
| 599182 |
599552