Lines 1-5
Link Here
|
1 |
/******************************************************************************** |
1 |
/******************************************************************************** |
2 |
* Copyright (c) 2002, 2012 IBM Corporation and others. All rights reserved. |
2 |
* Copyright (c) 2002, 2013 IBM Corporation and others. All rights reserved. |
3 |
* This program and the accompanying materials are made available under the terms |
3 |
* This program and the accompanying materials are made available under the terms |
4 |
* of the Eclipse Public License v1.0 which accompanies this distribution, and is |
4 |
* of the Eclipse Public License v1.0 which accompanies this distribution, and is |
5 |
* available at http://www.eclipse.org/legal/epl-v10.html |
5 |
* available at http://www.eclipse.org/legal/epl-v10.html |
Lines 20-25
Link Here
|
20 |
* Martin Oberhuber (Wind River) - [cleanup] Add API "since" Javadoc tags |
20 |
* Martin Oberhuber (Wind River) - [cleanup] Add API "since" Javadoc tags |
21 |
* David Dykstal (IBM) - [210474] Deny save password function missing |
21 |
* David Dykstal (IBM) - [210474] Deny save password function missing |
22 |
* David Dykstal (IBM) - [225320] Use equinox secure storage for passwords |
22 |
* David Dykstal (IBM) - [225320] Use equinox secure storage for passwords |
|
|
23 |
* David Dykstal (IBM) - [379787] Fix secure storage usage in org.eclipse.rse.tests |
23 |
********************************************************************************/ |
24 |
********************************************************************************/ |
24 |
|
25 |
|
25 |
package org.eclipse.rse.core; |
26 |
package org.eclipse.rse.core; |
Lines 48-53
import org.osgi.framework.Bundle;
Link Here
|
48 |
/** |
49 |
/** |
49 |
* PasswordPersistenceManager manages the saving and retrieving of user IDs / |
50 |
* PasswordPersistenceManager manages the saving and retrieving of user IDs / |
50 |
* passwords to Equinox secure storage for registered system types. |
51 |
* passwords to Equinox secure storage for registered system types. |
|
|
52 |
* <p> |
53 |
* A PasswordPersistenceManager is sensitive to the "rse.enableSecureStoreAccess" property. |
54 |
* If absent it defaults to <code>true</code>. |
55 |
* If present then the value must be <code>true</code> to enable access to the secure store. |
56 |
* The following code disables access to the secure store. |
57 |
* <p> |
58 |
* <code>System.setProperty("rse.enableSecureStoreAccess", "false");</code> |
51 |
* |
59 |
* |
52 |
* @noextend This class is not intended to be subclassed by clients. |
60 |
* @noextend This class is not intended to be subclassed by clients. |
53 |
* @noinstantiate This class is not intended to be instantiated by clients. Use |
61 |
* @noinstantiate This class is not intended to be instantiated by clients. Use |
Lines 382-388
public class PasswordPersistenceManager {
Link Here
|
382 |
|
390 |
|
383 |
/** |
391 |
/** |
384 |
* Returns the preferences node that matches the system type. |
392 |
* Returns the preferences node that matches the system type. |
385 |
* It will not return null but will create the node if it does not exist. |
393 |
* It will only return null if secure store access is disallowed. |
|
|
394 |
* If secure store access is allowed it will create the node if it does not exist. |
386 |
* If the node does not previous exist then an attempt will be made |
395 |
* If the node does not previous exist then an attempt will be made |
387 |
* to migrate the values from the old map form to this newly created node |
396 |
* to migrate the values from the old map form to this newly created node |
388 |
* of the secure preferences tree. |
397 |
* of the secure preferences tree. |
Lines 390-403
public class PasswordPersistenceManager {
Link Here
|
390 |
* @return the matching secure preferences node. |
399 |
* @return the matching secure preferences node. |
391 |
*/ |
400 |
*/ |
392 |
private ISecurePreferences getNode(IRSESystemType systemType) { |
401 |
private ISecurePreferences getNode(IRSESystemType systemType) { |
393 |
String id = systemType.getId(); |
|
|
394 |
ISecurePreferences preferences = SecurePreferencesFactory.getDefault(); |
395 |
ISecurePreferences rseNode = preferences.node("org.eclipse.rse.core.security"); //$NON-NLS-1$ |
396 |
ISecurePreferences systemTypeNode = null; |
402 |
ISecurePreferences systemTypeNode = null; |
397 |
if (!rseNode.nodeExists(id)) { |
403 |
String enableSecureStoreAccess = System.getProperty("rse.enableSecureStoreAccess", "true"); //$NON-NLS-1$//$NON-NLS-2$ |
398 |
migrateMap(rseNode, id); |
404 |
if (enableSecureStoreAccess.equals("true")) { //$NON-NLS-1$ |
|
|
405 |
String id = systemType.getId(); |
406 |
ISecurePreferences preferences = SecurePreferencesFactory.getDefault(); |
407 |
ISecurePreferences rseNode = preferences.node("org.eclipse.rse.core.security"); //$NON-NLS-1$ |
408 |
if (!rseNode.nodeExists(id)) { |
409 |
migrateMap(rseNode, id); |
410 |
} |
411 |
systemTypeNode = rseNode.node(id); |
399 |
} |
412 |
} |
400 |
systemTypeNode = rseNode.node(id); |
|
|
401 |
return systemTypeNode; |
413 |
return systemTypeNode; |
402 |
} |
414 |
} |
403 |
|
415 |
|
Lines 473-492
public class PasswordPersistenceManager {
Link Here
|
473 |
* @return the number of passwords removed. |
485 |
* @return the number of passwords removed. |
474 |
*/ |
486 |
*/ |
475 |
private int removePassword(IRSESystemType systemType, String hostName, String userId) { |
487 |
private int removePassword(IRSESystemType systemType, String hostName, String userId) { |
|
|
488 |
int result = 0; |
476 |
ISecurePreferences passwords = getNode(systemType); |
489 |
ISecurePreferences passwords = getNode(systemType); |
477 |
boolean respectCase = isUserIDCaseSensitive(systemType); |
490 |
if (passwords != null) { |
478 |
String keys[] = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, false); |
491 |
boolean respectCase = isUserIDCaseSensitive(systemType); |
479 |
if (keys.length == 0) { |
492 |
String keys[] = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, false); |
480 |
keys = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, true); |
493 |
if (keys.length == 0) { |
481 |
} |
494 |
keys = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, true); |
482 |
for (int i = 0; i < keys.length; i++) { |
495 |
} |
483 |
String key = keys[i]; |
496 |
for (int i = 0; i < keys.length; i++) { |
484 |
basicRemove(passwords, key); |
497 |
String key = keys[i]; |
485 |
} |
498 |
basicRemove(passwords, key); |
486 |
if (keys.length > 0) { |
499 |
} |
487 |
basicSave(passwords); |
500 |
if (keys.length > 0) { |
|
|
501 |
basicSave(passwords); |
502 |
} |
503 |
result = keys.length; |
488 |
} |
504 |
} |
489 |
return keys.length; |
505 |
return result; |
490 |
} |
506 |
} |
491 |
|
507 |
|
492 |
/** |
508 |
/** |
Lines 502-515
public class PasswordPersistenceManager {
Link Here
|
502 |
private String findPassword(IRSESystemType systemType, String hostName, String userId) { |
518 |
private String findPassword(IRSESystemType systemType, String hostName, String userId) { |
503 |
String password = null; |
519 |
String password = null; |
504 |
ISecurePreferences passwords = getNode(systemType); |
520 |
ISecurePreferences passwords = getNode(systemType); |
505 |
boolean respectCase = isUserIDCaseSensitive(systemType); |
521 |
if (passwords != null) { |
506 |
String keys[] = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, false); |
522 |
boolean respectCase = isUserIDCaseSensitive(systemType); |
507 |
if (keys.length == 0) { |
523 |
String keys[] = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, false); |
508 |
keys = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, true); |
524 |
if (keys.length == 0) { |
509 |
} |
525 |
keys = getMatchingKeys(passwords.keys(), hostName, userId, respectCase, true); |
510 |
if (keys.length > 0) { |
526 |
} |
511 |
String key = keys[0]; |
527 |
if (keys.length > 0) { |
512 |
password = basicGet(passwords, key); |
528 |
String key = keys[0]; |
|
|
529 |
password = basicGet(passwords, key); |
530 |
} |
513 |
} |
531 |
} |
514 |
return password; |
532 |
return password; |
515 |
} |
533 |
} |
Lines 522-533
public class PasswordPersistenceManager {
Link Here
|
522 |
* @param hostName the name of the host we are examining for a password. |
540 |
* @param hostName the name of the host we are examining for a password. |
523 |
* @param userId the user id to find passwords for. |
541 |
* @param userId the user id to find passwords for. |
524 |
* @param password the password to save for this entry. |
542 |
* @param password the password to save for this entry. |
|
|
543 |
* @return RC_OK if the password was updated, RC_DENIED if the password was not updated. |
525 |
*/ |
544 |
*/ |
526 |
private void updatePassword(IRSESystemType systemType, String hostName, String userId, String password) { |
545 |
private int updatePassword(IRSESystemType systemType, String hostName, String userId, String password) { |
|
|
546 |
int result = RC_DENIED; |
527 |
ISecurePreferences passwords = getNode(systemType); |
547 |
ISecurePreferences passwords = getNode(systemType); |
528 |
String key = getKey(hostName, userId); |
548 |
if (passwords != null) { |
529 |
basicPut(passwords, key, password); |
549 |
String key = getKey(hostName, userId); |
530 |
basicSave(passwords); |
550 |
basicPut(passwords, key, password); |
|
|
551 |
basicSave(passwords); |
552 |
result = RC_OK; |
553 |
} |
554 |
return result; |
531 |
} |
555 |
} |
532 |
|
556 |
|
533 |
/** |
557 |
/** |
Lines 551-558
public class PasswordPersistenceManager {
Link Here
|
551 |
* @param info The signon information to store |
575 |
* @param info The signon information to store |
552 |
* @param overwrite Whether to overwrite any existing entry |
576 |
* @param overwrite Whether to overwrite any existing entry |
553 |
* @return |
577 |
* @return |
554 |
* RC_OK if the password was successfully stored |
578 |
* RC_OK if the password was successfully stored |
555 |
* RC_ALREADY_EXISTS if the password already exists and overwrite was false |
579 |
* RC_ALREADY_EXISTS if the password already exists and overwrite was false |
|
|
580 |
* RC_DENIED if passwords may not be saved for this system type and host |
556 |
*/ |
581 |
*/ |
557 |
public int add(SystemSignonInformation info, boolean overwrite) { |
582 |
public int add(SystemSignonInformation info, boolean overwrite) { |
558 |
return add(info, overwrite, false); |
583 |
return add(info, overwrite, false); |
Lines 587-593
public class PasswordPersistenceManager {
Link Here
|
587 |
} |
612 |
} |
588 |
String oldPassword = findPassword(systemType, hostName, userId); |
613 |
String oldPassword = findPassword(systemType, hostName, userId); |
589 |
if (oldPassword == null || (overwrite && !newPassword.equals(oldPassword))) { |
614 |
if (oldPassword == null || (overwrite && !newPassword.equals(oldPassword))) { |
590 |
updatePassword(systemType, hostName, userId, newPassword); |
615 |
result = updatePassword(systemType, hostName, userId, newPassword); |
591 |
} else if (oldPassword != null) { |
616 |
} else if (oldPassword != null) { |
592 |
result = RC_ALREADY_EXISTS; |
617 |
result = RC_ALREADY_EXISTS; |
593 |
} |
618 |
} |
Lines 629-635
public class PasswordPersistenceManager {
Link Here
|
629 |
* @param systemType the IRSESystemType instance to find a password for. |
654 |
* @param systemType the IRSESystemType instance to find a password for. |
630 |
* @param hostName the name of the host we are examining for a password. |
655 |
* @param hostName the name of the host we are examining for a password. |
631 |
* @param userId the user id to find passwords for. |
656 |
* @param userId the user id to find passwords for. |
632 |
* @return the {@link SystemSignonInformation} for the specified criteria. |
657 |
* @return the {@link SystemSignonInformation} for the specified criteria or null if no such password can be found. |
633 |
*/ |
658 |
*/ |
634 |
public SystemSignonInformation find(IRSESystemType systemType, String hostName, String userId) { |
659 |
public SystemSignonInformation find(IRSESystemType systemType, String hostName, String userId) { |
635 |
return find(systemType, hostName, userId, true); |
660 |
return find(systemType, hostName, userId, true); |
Lines 644-650
public class PasswordPersistenceManager {
Link Here
|
644 |
* @param hostName the name of the host we are examining for a password. |
669 |
* @param hostName the name of the host we are examining for a password. |
645 |
* @param userId the user id to find passwords for. |
670 |
* @param userId the user id to find passwords for. |
646 |
* @param checkDefault true if the default system type should be checked if the specified system type is not found |
671 |
* @param checkDefault true if the default system type should be checked if the specified system type is not found |
647 |
* @return the {@link SystemSignonInformation} for the specified criteria. |
672 |
* @return the {@link SystemSignonInformation} for the specified criteria or null if no such password can be found. |
648 |
*/ |
673 |
*/ |
649 |
public SystemSignonInformation find(IRSESystemType systemType, String hostName, String userId, boolean checkDefault) { |
674 |
public SystemSignonInformation find(IRSESystemType systemType, String hostName, String userId, boolean checkDefault) { |
650 |
SystemSignonInformation result = null; |
675 |
SystemSignonInformation result = null; |
Lines 729-741
public class PasswordPersistenceManager {
Link Here
|
729 |
for (int i = 0; i < systemTypes.length; i++) { |
754 |
for (int i = 0; i < systemTypes.length; i++) { |
730 |
IRSESystemType systemType = systemTypes[i]; |
755 |
IRSESystemType systemType = systemTypes[i]; |
731 |
ISecurePreferences node = getNode(systemType); |
756 |
ISecurePreferences node = getNode(systemType); |
732 |
String[] keys = node.keys(); |
757 |
if (node != null) { |
733 |
for (int j = 0; j < keys.length; j++) { |
758 |
String[] keys = node.keys(); |
734 |
String key = keys[j]; |
759 |
for (int j = 0; j < keys.length; j++) { |
735 |
String hostName = getHostNameFromKey(key); |
760 |
String key = keys[j]; |
736 |
String userId = getUserIdFromKey(key); |
761 |
String hostName = getHostNameFromKey(key); |
737 |
SystemSignonInformation info = new SystemSignonInformation(hostName, userId, systemType); |
762 |
String userId = getUserIdFromKey(key); |
738 |
savedUserIDs.add(info); |
763 |
SystemSignonInformation info = new SystemSignonInformation(hostName, userId, systemType); |
|
|
764 |
savedUserIDs.add(info); |
765 |
} |
739 |
} |
766 |
} |
740 |
} |
767 |
} |
741 |
return savedUserIDs; |
768 |
return savedUserIDs; |