Attachment #216745 for bug #379787

Lines 20-25 Link Here

(-)src/org/eclipse/rse/core/PasswordPersistenceManager.java (-37 / +90 lines)
20	* Martin Oberhuber (Wind River) - [cleanup] Add API "since" Javadoc tags	20	* Martin Oberhuber (Wind River) - [cleanup] Add API "since" Javadoc tags
21	* David Dykstal (IBM) - [210474] Deny save password function missing	21	* David Dykstal (IBM) - [210474] Deny save password function missing
22	* David Dykstal (IBM) - [225320] Use equinox secure storage for passwords	22	* David Dykstal (IBM) - [225320] Use equinox secure storage for passwords
		23	* David Dykstal (IBM) - [379787] add test API to prevent secure storage access while running JUnit tests
23	********************************************************************************/	24	********************************************************************************/
24		25
25	package org.eclipse.rse.core;	26	package org.eclipse.rse.core;
Lines 302-307 Link Here
302		303
303	private String mapLocation = null;	304	private String mapLocation = null;
304	private RegisteredSystemType[] systemTypes;	305	private RegisteredSystemType[] systemTypes;
		306
		307	/**
		308	* Used to allow access to secure preference nodes.
		309	* The default is true meaning that access is allowed.
		310	* Used for testing only.
		311	*/
		312	private boolean isSecureStorageAccessAllowed = true;
305		313
306	/**	314	/**
307	* Singleton so this is a private constructor	315	* Singleton so this is a private constructor
Lines 382-388 Link Here
382		390
383	/**	391	/**
384	* Returns the preferences node that matches the system type.	392	* Returns the preferences node that matches the system type.
385	* It will not return null but will create the node if it does not exist.	393	* It will return null only if secure storage access is not allowed.
		394	* If secure storage access is allowed then
		395	* it will not return null but will create the node if it does not exist.
386	* If the node does not previous exist then an attempt will be made	396	* If the node does not previous exist then an attempt will be made
387	* to migrate the values from the old map form to this newly created node	397	* to migrate the values from the old map form to this newly created node
388	* of the secure preferences tree.	398	* of the secure preferences tree.
Lines 390-403 Link Here
390	* @return the matching secure preferences node.	400	* @return the matching secure preferences node.
391	*/	401	*/
392	private ISecurePreferences getNode(IRSESystemType systemType) {	402	private ISecurePreferences getNode(IRSESystemType systemType) {
393	String id = systemType.getId();
394	ISecurePreferences preferences = SecurePreferencesFactory.getDefault();
395	ISecurePreferences rseNode = preferences.node("org.eclipse.rse.core.security"); //$NON-NLS-1$
396	ISecurePreferences systemTypeNode = null;	403	ISecurePreferences systemTypeNode = null;
397	if (!rseNode.nodeExists(id)) {	404	if (isSecureStorageAccessAllowed) {
398	migrateMap(rseNode, id);	405	String id = systemType.getId();
		406	ISecurePreferences preferences = SecurePreferencesFactory.getDefault();
		407	ISecurePreferences rseNode = preferences.node("org.eclipse.rse.core.security"); //$NON-NLS-1$
		408	if (!rseNode.nodeExists(id)) {
		409	migrateMap(rseNode, id);
		410	}
		411	systemTypeNode = rseNode.node(id);
399	}	412	}
400	systemTypeNode = rseNode.node(id);
401	return systemTypeNode;	413	return systemTypeNode;
402	}	414	}
403		415
Lines 473-492 Link Here
473	* @return the number of passwords removed.	485	* @return the number of passwords removed.
474	*/	486	*/
475	private int removePassword(IRSESystemType systemType, String hostName, String userId) {	487	private int removePassword(IRSESystemType systemType, String hostName, String userId) {
		488	int passwordsRemoved = 0;
476	ISecurePreferences passwords = getNode(systemType);	489	ISecurePreferences passwords = getNode(systemType);
477	boolean respectCase = isUserIDCaseSensitive(systemType);	490	if (passwords != null) {
478	String keys[] = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, false);	491	boolean respectCase = isUserIDCaseSensitive(systemType);
479	if (keys.length == 0) {	492	String keys[] = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, false);
480	keys = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, true);	493	if (keys.length == 0) {
481	}	494	keys = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, true);
482	for (int i = 0; i < keys.length; i++) {	495	}
483	String key = keys[i];	496	for (int i = 0; i < keys.length; i++) {
484	basicRemove(passwords, key);	497	String key = keys[i];
485	}	498	basicRemove(passwords, key);
486	if (keys.length > 0) {	499	}
487	basicSave(passwords);	500	if (keys.length > 0) {
		501	basicSave(passwords);
		502	}
		503	passwordsRemoved = keys.length;
488	}	504	}
489	return keys.length;	505	return passwordsRemoved;
490	}	506	}
491		507
492	/**	508	/**
Lines 502-515 Link Here
502	private String findPassword(IRSESystemType systemType, String hostName, String userId) {	518	private String findPassword(IRSESystemType systemType, String hostName, String userId) {
503	String password = null;	519	String password = null;
504	ISecurePreferences passwords = getNode(systemType);	520	ISecurePreferences passwords = getNode(systemType);
505	boolean respectCase = isUserIDCaseSensitive(systemType);	521	if (passwords != null) {
506	String keys[] = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, false);	522	boolean respectCase = isUserIDCaseSensitive(systemType);
507	if (keys.length == 0) {	523	String keys[] = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, false);
508	keys = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, true);	524	if (keys.length == 0) {
509	}	525	keys = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, true);
510	if (keys.length > 0) {	526	}
511	String key = keys[0];	527	if (keys.length > 0) {
512	password = basicGet(passwords, key);	528	String key = keys[0];
		529	password = basicGet(passwords, key);
		530	}
513	}	531	}
514	return password;	532	return password;
515	}	533	}
Lines 525-533 Link Here
525	*/	543	*/
526	private void updatePassword(IRSESystemType systemType, String hostName, String userId, String password) {	544	private void updatePassword(IRSESystemType systemType, String hostName, String userId, String password) {
527	ISecurePreferences passwords = getNode(systemType);	545	ISecurePreferences passwords = getNode(systemType);
528	String key = getKey(hostName, userId);	546	if (passwords != null) {
529	basicPut(passwords, key, password);	547	String key = getKey(hostName, userId);
530	basicSave(passwords);	548	basicPut(passwords, key, password);
		549	basicSave(passwords);
		550	}
531	}	551	}
532		552
533	/**	553	/**
Lines 546-551 Link Here
546	}	566	}
547		567
548	/**	568	/**
		569	* Disables secure storage access from this {@link PasswordPersistenceManager}.
		570	* This is not API but for testing purposes only.
		571	* @noreference This method is not intended to be referenced by clients.
		572	* @since org.eclipse.rse.core 3.4
		573	*/
		574	public void disableSecureStorageAccess() {
		575	isSecureStorageAccessAllowed = false;
		576	}
		577
		578	/**
		579	* Enable secure storage access from this {@link PasswordPersistenceManager}.
		580	* This is not API but for testing purposes only.
		581	* @noreference This method is not intended to be referenced by clients.
		582	* @since org.eclipse.rse.core 3.4
		583	*/
		584	public void enableSecureStorageAccess() {
		585	isSecureStorageAccessAllowed = true;
		586	}
		587
		588	/**
		589	* Test if secure storage access is allowed.
		590	* This is not API but for testing purposes only.
		591	* @noreference This method is not intended to be referenced by clients.
		592	* @since org.eclipse.rse.core 3.4
		593	* @return true if it is allowed
		594	*/
		595	public boolean isSecureStorageAccessAllowed() {
		596	return isSecureStorageAccessAllowed;
		597	}
		598
		599	/**
549	* Add a password to the password database.	600	* Add a password to the password database.
550	* This will not update the entry for the default system type	601	* This will not update the entry for the default system type
551	* @param info The signon information to store	602	* @param info The signon information to store
Lines 729-741 Link Here
729	for (int i = 0; i < systemTypes.length; i++) {	780	for (int i = 0; i < systemTypes.length; i++) {
730	IRSESystemType systemType = systemTypes[i];	781	IRSESystemType systemType = systemTypes[i];
731	ISecurePreferences node = getNode(systemType);	782	ISecurePreferences node = getNode(systemType);
732	String[] keys = node.keys();	783	if (node != null) {
733	for (int j = 0; j < keys.length; j++) {	784	String[] keys = node.keys();
734	String key = keys[j];	785	for (int j = 0; j < keys.length; j++) {
735	String hostName = getHostNameFromKey(key);	786	String key = keys[j];
736	String userId = getUserIdFromKey(key);	787	String hostName = getHostNameFromKey(key);
737	SystemSignonInformation info = new SystemSignonInformation(hostName, userId, systemType);	788	String userId = getUserIdFromKey(key);
738	savedUserIDs.add(info);	789	SystemSignonInformation info = new SystemSignonInformation(hostName, userId, systemType);
		790	savedUserIDs.add(info);
		791	}
739	}	792	}
740	}	793	}
741	return savedUserIDs;	794	return savedUserIDs;




 *
 * Contributors:
 * David Dykstal (IBM) - [210474] Deny save password function missing
 * David Dykstal (IBM) - [379787] update tests to handle lack of secure storage access
 ********************************************************************************/

package org.eclipse.rse.tests.core.passwords;


/**
 * Tests for {@link PasswordPersistenceManager}.
 * Test various aspects of mnemonic generation and assignment.
 */
public class PasswordsTest extends RSECoreTestCase {
	
	/* (non-Javadoc)
	 * @see org.eclipse.rse.tests.core.RSECoreTestCase#setUp()
	 */

		int result = ppm.add(info, true, true);
		assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);
		SystemSignonInformation returnedInfo = ppm.find(systemType, hostAddress, userId);
		if (ppm.isSecureStorageAccessAllowed()) {
			assertNotNull(returnedInfo);
			assertEquals("passwords are not equal", password, returnedInfo.getPassword());
			assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());
		} else {
			assertNull(returnedInfo);
		}

		// remove the password for the system type
		ppm.remove(systemType, hostAddress, userId); // removes only the entry for the system type
		returnedInfo = ppm.find(systemType, hostAddress, userId, true);
		if (ppm.isSecureStorageAccessAllowed()) {
			assertNotNull(returnedInfo);
			assertEquals("passwords are not equal", password, returnedInfo.getPassword());
			assertEquals("system type not what was expected", defaultSystemType, returnedInfo.getSystemType());
		} else {
			assertNull(returnedInfo);
		}
		returnedInfo = ppm.find(systemType, hostAddress, userId, false);
		assertNull("signon info was found but should not be", returnedInfo);


		result = ppm.add(info, true, false);
		assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);
		returnedInfo = ppm.find(systemType, hostAddress, userId);
		if (ppm.isSecureStorageAccessAllowed()) {
			assertNotNull(returnedInfo);
			assertEquals("passwords are not equal", password, returnedInfo.getPassword());
			assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());
		} else {
			assertNull(returnedInfo);
		}
		returnedInfo = ppm.find(defaultSystemType, hostAddress, userId);
		assertNull("signon info was found but should not be", returnedInfo);


		int result = ppm.add(info, true, true);
		assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);
		SystemSignonInformation returnedInfo = ppm.find(systemType, hostAddress, userId);
		if (ppm.isSecureStorageAccessAllowed()) {
			assertNotNull(returnedInfo);
			assertEquals("passwords are not equal", password, returnedInfo.getPassword());
			assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());
		} else {
			assertNull(returnedInfo);
		}

		// change the preference for this system type, should erase all the passwords, including the default system type
		RSEPreferencesManager.setDenyPasswordSave(systemType, hostAddress, true);

		PasswordPersistenceManager ppm = PasswordPersistenceManager.getInstance();
		ppm.add(new SystemSignonInformation("LOUDHOST.mycompany.com", "thatguy", "abc", systemType), true, false);
		SystemSignonInformation foundInfo = ppm.find(systemType, "LOUDHOST.mycompany.com", "thatguy");
		if (ppm.isSecureStorageAccessAllowed()) {
			assertNotNull(foundInfo);
			assertEquals(foundInfo.getPassword(), "abc");
			foundInfo = ppm.find(systemType, "loudhost.mycompany.com", "thatguy");
			assertNotNull(foundInfo);
			assertEquals(foundInfo.getPassword(), "abc");
			foundInfo = ppm.find(systemType, "loudhost.MyCompany.com", "thatguy");
			assertNotNull(foundInfo);
			assertEquals(foundInfo.getPassword(), "abc");
		} else {
			assertNull(foundInfo);
		}
	}
	
	public void testBadArgs() {

Return to bug 379787

Lines 6-11 Link Here

(-)src/org/eclipse/rse/tests/core/passwords/PasswordsTest.java (-18 / +42 lines)
6	*	6	*
7	* Contributors:	7	* Contributors:
8	* David Dykstal (IBM) - [210474] Deny save password function missing	8	* David Dykstal (IBM) - [210474] Deny save password function missing
		9	* David Dykstal (IBM) - [379787] update tests to handle lack of secure storage access
9	********************************************************************************/	10	********************************************************************************/
10		11
11	package org.eclipse.rse.tests.core.passwords;	12	package org.eclipse.rse.tests.core.passwords;
Lines 19-28 Link Here
19		20
20	/**	21	/**
21	* Tests for {@link PasswordPersistenceManager}.	22	* Tests for {@link PasswordPersistenceManager}.
22	* Test various aspects of mnemonic generation and assignment.
23	*/	23	*/
24	public class PasswordsTest extends RSECoreTestCase {	24	public class PasswordsTest extends RSECoreTestCase {
25		25
26	/* (non-Javadoc)	26	/* (non-Javadoc)
27	* @see org.eclipse.rse.tests.core.RSECoreTestCase#setUp()	27	* @see org.eclipse.rse.tests.core.RSECoreTestCase#setUp()
28	*/	28	*/
Lines 56-69 Link Here
56	int result = ppm.add(info, true, true);	56	int result = ppm.add(info, true, true);
57	assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);	57	assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);
58	SystemSignonInformation returnedInfo = ppm.find(systemType, hostAddress, userId);	58	SystemSignonInformation returnedInfo = ppm.find(systemType, hostAddress, userId);
59	assertEquals("passwords are not equal", password, returnedInfo.getPassword());	59	if (ppm.isSecureStorageAccessAllowed()) {
60	assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());	60	assertNotNull(returnedInfo);
		61	assertEquals("passwords are not equal", password, returnedInfo.getPassword());
		62	assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());
		63	} else {
		64	assertNull(returnedInfo);
		65	}
61		66
62	// remove the password for the system type	67	// remove the password for the system type
63	ppm.remove(systemType, hostAddress, userId); // removes only the entry for the system type	68	ppm.remove(systemType, hostAddress, userId); // removes only the entry for the system type
64	returnedInfo = ppm.find(systemType, hostAddress, userId, true);	69	returnedInfo = ppm.find(systemType, hostAddress, userId, true);
65	assertEquals("passwords are not equal", password, returnedInfo.getPassword());	70	if (ppm.isSecureStorageAccessAllowed()) {
66	assertEquals("system type not what was expected", defaultSystemType, returnedInfo.getSystemType());	71	assertNotNull(returnedInfo);
		72	assertEquals("passwords are not equal", password, returnedInfo.getPassword());
		73	assertEquals("system type not what was expected", defaultSystemType, returnedInfo.getSystemType());
		74	} else {
		75	assertNull(returnedInfo);
		76	}
67	returnedInfo = ppm.find(systemType, hostAddress, userId, false);	77	returnedInfo = ppm.find(systemType, hostAddress, userId, false);
68	assertNull("signon info was found but should not be", returnedInfo);	78	assertNull("signon info was found but should not be", returnedInfo);
69		79
Lines 78-85 Link Here
78	result = ppm.add(info, true, false);	88	result = ppm.add(info, true, false);
79	assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);	89	assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);
80	returnedInfo = ppm.find(systemType, hostAddress, userId);	90	returnedInfo = ppm.find(systemType, hostAddress, userId);
81	assertEquals("passwords are not equal", password, returnedInfo.getPassword());	91	if (ppm.isSecureStorageAccessAllowed()) {
82	assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());	92	assertNotNull(returnedInfo);
		93	assertEquals("passwords are not equal", password, returnedInfo.getPassword());
		94	assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());
		95	} else {
		96	assertNull(returnedInfo);
		97	}
83	returnedInfo = ppm.find(defaultSystemType, hostAddress, userId);	98	returnedInfo = ppm.find(defaultSystemType, hostAddress, userId);
84	assertNull("signon info was found but should not be", returnedInfo);	99	assertNull("signon info was found but should not be", returnedInfo);
85		100
Lines 109-116 Link Here
109	int result = ppm.add(info, true, true);	124	int result = ppm.add(info, true, true);
110	assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);	125	assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);
111	SystemSignonInformation returnedInfo = ppm.find(systemType, hostAddress, userId);	126	SystemSignonInformation returnedInfo = ppm.find(systemType, hostAddress, userId);
112	assertEquals("passwords are not equal", password, returnedInfo.getPassword());	127	if (ppm.isSecureStorageAccessAllowed()) {
113	assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());	128	assertNotNull(returnedInfo);
		129	assertEquals("passwords are not equal", password, returnedInfo.getPassword());
		130	assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());
		131	} else {
		132	assertNull(returnedInfo);
		133	}
114		134
115	// change the preference for this system type, should erase all the passwords, including the default system type	135	// change the preference for this system type, should erase all the passwords, including the default system type
116	RSEPreferencesManager.setDenyPasswordSave(systemType, hostAddress, true);	136	RSEPreferencesManager.setDenyPasswordSave(systemType, hostAddress, true);
Lines 176-189 Link Here
176	PasswordPersistenceManager ppm = PasswordPersistenceManager.getInstance();	196	PasswordPersistenceManager ppm = PasswordPersistenceManager.getInstance();
177	ppm.add(new SystemSignonInformation("LOUDHOST.mycompany.com", "thatguy", "abc", systemType), true, false);	197	ppm.add(new SystemSignonInformation("LOUDHOST.mycompany.com", "thatguy", "abc", systemType), true, false);
178	SystemSignonInformation foundInfo = ppm.find(systemType, "LOUDHOST.mycompany.com", "thatguy");	198	SystemSignonInformation foundInfo = ppm.find(systemType, "LOUDHOST.mycompany.com", "thatguy");
179	assertNotNull(foundInfo);	199	if (ppm.isSecureStorageAccessAllowed()) {
180	assertEquals(foundInfo.getPassword(), "abc");	200	assertNotNull(foundInfo);
181	foundInfo = ppm.find(systemType, "loudhost.mycompany.com", "thatguy");	201	assertEquals(foundInfo.getPassword(), "abc");
182	assertNotNull(foundInfo);	202	foundInfo = ppm.find(systemType, "loudhost.mycompany.com", "thatguy");
183	assertEquals(foundInfo.getPassword(), "abc");	203	assertNotNull(foundInfo);
184	foundInfo = ppm.find(systemType, "loudhost.MyCompany.com", "thatguy");	204	assertEquals(foundInfo.getPassword(), "abc");
185	assertNotNull(foundInfo);	205	foundInfo = ppm.find(systemType, "loudhost.MyCompany.com", "thatguy");
186	assertEquals(foundInfo.getPassword(), "abc");	206	assertNotNull(foundInfo);
		207	assertEquals(foundInfo.getPassword(), "abc");
		208	} else {
		209	assertNull(foundInfo);
		210	}
187	}	211	}
188		212
189	public void testBadArgs() {	213	public void testBadArgs() {