From f274731f85d74e8cded32ab23b505048a383f628 Mon Sep 17 00:00:00 2001 From: Eike Stepper Date: Sat, 26 Jan 2013 10:55:53 +0100 Subject: [399156] Provide a security realm to ICredentialsProvider implementors https://bugs.eclipse.org/bugs/show_bug.cgi?id=399156 --- .../emf/cdo/internal/server/SessionManager.java | 2 +- .../net4j/util/ui/security/CredentialsDialog.java | 21 +++++++++ .../security/InteractiveCredentialsProvider.java | 14 ++++-- .../eclipse/net4j/util/security/DiffieHellman.java | 54 +++++++++++----------- .../net4j/util/security/ICredentialsProvider2.java | 20 ++++++++ .../security/IPasswordCredentialsProvider2.java | 20 ++++++++ 6 files changed, 99 insertions(+), 32 deletions(-) create mode 100644 plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/ICredentialsProvider2.java create mode 100644 plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsProvider2.java diff --git a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java index 03a1c2556c..463dcd2595 100644 --- a/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java +++ b/plugins/org.eclipse.emf.cdo.server/src/org/eclipse/emf/cdo/internal/server/SessionManager.java @@ -439,7 +439,7 @@ public class SessionManager extends Container implements InternalSessi { if (authenticationServer == null) { - authenticationServer = new DiffieHellman.Server(); + authenticationServer = new DiffieHellman.Server(repository.getUUID()); } LifecycleUtil.activate(authenticationServer); diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java index 8eafa1861a..9e2dc856d4 100644 --- a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java +++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/CredentialsDialog.java @@ -40,6 +40,8 @@ public class CredentialsDialog extends BaseDialog private static final int HEIGHT = 225; + private final String realm; + private Text userIDControl; private Text passwordControl; @@ -47,8 +49,25 @@ public class CredentialsDialog extends BaseDialog private IPasswordCredentials credentials; public CredentialsDialog(Shell shell) + { + this(shell, null); + } + + /** + * @since 3.3 + */ + public CredentialsDialog(Shell shell, String realm) { super(shell, DEFAULT_SHELL_STYLE | SWT.APPLICATION_MODAL, TITLE, MESSAGE, OM.Activator.INSTANCE.getDialogSettings()); + this.realm = realm; + } + + /** + * @since 3.3 + */ + public final String getRealm() + { + return realm; } @Override @@ -87,10 +106,12 @@ public class CredentialsDialog extends BaseDialog new Label(composite, SWT.NONE).setText(Messages.getString("CredentialsDialog_2")); //$NON-NLS-1$ userIDControl = new Text(composite, SWT.BORDER); userIDControl.setLayoutData(UIUtil.createGridData(true, false)); + userIDControl.setText("Administrator"); // XXX Remove me! new Label(composite, SWT.NONE).setText(Messages.getString("CredentialsDialog_3")); //$NON-NLS-1$ passwordControl = new Text(composite, SWT.BORDER | SWT.PASSWORD); passwordControl.setLayoutData(UIUtil.createGridData(true, false)); + passwordControl.setText("0000"); // XXX Remove me! } @Override diff --git a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java index 60d94429cf..50be8dec42 100644 --- a/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java +++ b/plugins/org.eclipse.net4j.util.ui/src/org/eclipse/net4j/util/ui/security/InteractiveCredentialsProvider.java @@ -11,7 +11,7 @@ package org.eclipse.net4j.util.ui.security; import org.eclipse.net4j.util.security.IPasswordCredentials; -import org.eclipse.net4j.util.security.IPasswordCredentialsProvider; +import org.eclipse.net4j.util.security.IPasswordCredentialsProvider2; import org.eclipse.net4j.util.ui.UIUtil; import org.eclipse.swt.widgets.Display; @@ -22,7 +22,7 @@ import org.eclipse.ui.IWorkbenchWindow; * @author Eike Stepper * @since 2.0 */ -public class InteractiveCredentialsProvider implements IPasswordCredentialsProvider +public class InteractiveCredentialsProvider implements IPasswordCredentialsProvider2 { public InteractiveCredentialsProvider() { @@ -34,6 +34,14 @@ public class InteractiveCredentialsProvider implements IPasswordCredentialsProvi } public IPasswordCredentials getCredentials() + { + return getCredentials(null); + } + + /** + * @since 3.3 + */ + public IPasswordCredentials getCredentials(final String realm) { final IPasswordCredentials[] credentials = new IPasswordCredentials[1]; final Display display = UIUtil.getDisplay(); @@ -53,7 +61,7 @@ public class InteractiveCredentialsProvider implements IPasswordCredentialsProvi shell = new Shell(display); } - CredentialsDialog dialog = new CredentialsDialog(shell); + CredentialsDialog dialog = new CredentialsDialog(shell, realm); if (dialog.open() == CredentialsDialog.OK) { credentials[0] = dialog.getCredentials(); diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/DiffieHellman.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/DiffieHellman.java index b484fd22ca..dae9534c93 100644 --- a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/DiffieHellman.java +++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/DiffieHellman.java @@ -30,7 +30,6 @@ import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PublicKey; import java.security.spec.X509EncodedKeySpec; -import java.util.Arrays; /** * Executes the Diffie-Hellman key agreement protocol between 2 parties: {@link Server} and {@link Client}. @@ -40,26 +39,6 @@ import java.util.Arrays; */ public class DiffieHellman { - public static void main(String argv[]) throws Exception - { - byte[] clearText = "This is just an example".getBytes(); - - // Server server = new Server(SkipParameterSpec.INSTANCE, "DES", "DES/ECB/PKCS5Padding"); - Server server = new Server(SkipParameterSpec.INSTANCE, "DES", "DES/CBC/PKCS5Padding"); - Client client = new Client(); - - Server.Challenge challenge = server.getChallenge(); - Client.Response result = client.handleChallenge(challenge, clearText); - byte[] recovered = server.handleResponse(result); - - if (!Arrays.equals(clearText, recovered)) - { - throw new Exception("Recovered text is different from cleartext"); - } - - System.out.println("Recovered text is same as cleartext"); - } - /** * Executes the server-side of the Diffie-Hellman key agreement protocol. * @@ -71,12 +50,16 @@ public class DiffieHellman public static final String DEFAULT_CYPHER_TRANSFORMATION = "DES/CBC/PKCS5Padding"; + private final String realm; + private final KeyAgreement keyAgree; private final Challenge challenge; - public Server(DHParameterSpec dhParamSpec, String secretAlgorithm, String cypherTransformation) + public Server(String realm, DHParameterSpec dhParamSpec, String secretAlgorithm, String cypherTransformation) { + this.realm = realm; + try { // Create DH key pair, using the passed DH parameters @@ -92,7 +75,7 @@ public class DiffieHellman byte[] pubKeyEnc = keyPair.getPublic().getEncoded(); // Create and remember Challenge object - challenge = new Challenge(secretAlgorithm, cypherTransformation, pubKeyEnc); + challenge = new Challenge(realm, secretAlgorithm, cypherTransformation, pubKeyEnc); } catch (GeneralSecurityException ex) { @@ -100,14 +83,19 @@ public class DiffieHellman } } - public Server(DHParameterSpec dhParamSpec) + public Server(String realm, DHParameterSpec dhParamSpec) + { + this(realm, dhParamSpec, DEFAULT_SECRET_ALGORITHM, DEFAULT_CYPHER_TRANSFORMATION); + } + + public Server(String realm) { - this(dhParamSpec, DEFAULT_SECRET_ALGORITHM, DEFAULT_CYPHER_TRANSFORMATION); + this(realm, SkipParameterSpec.INSTANCE); } - public Server() + public final String getRealm() { - this(SkipParameterSpec.INSTANCE); + return realm; } public final Challenge getChallenge() @@ -163,14 +151,17 @@ public class DiffieHellman */ public static final class Challenge { + private final String serverRealm; + private final String secretAlgorithm; private final String cypherTransformation; private final byte[] serverPubKeyEnc; - public Challenge(String secretAlgorithm, String cypherTransformation, byte[] serverPubKeyEnc) + public Challenge(String serverRealm, String secretAlgorithm, String cypherTransformation, byte[] serverPubKeyEnc) { + this.serverRealm = serverRealm; this.secretAlgorithm = secretAlgorithm; this.cypherTransformation = cypherTransformation; this.serverPubKeyEnc = serverPubKeyEnc; @@ -178,6 +169,7 @@ public class DiffieHellman public Challenge(ExtendedDataInput in) throws IOException { + serverRealm = in.readString(); secretAlgorithm = in.readString(); cypherTransformation = in.readString(); serverPubKeyEnc = in.readByteArray(); @@ -185,11 +177,17 @@ public class DiffieHellman public void write(ExtendedDataOutput out) throws IOException { + out.writeString(serverRealm); out.writeString(secretAlgorithm); out.writeString(cypherTransformation); out.writeByteArray(serverPubKeyEnc); } + public String getServerRealm() + { + return serverRealm; + } + public String getSecretAlgorithm() { return secretAlgorithm; diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/ICredentialsProvider2.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/ICredentialsProvider2.java new file mode 100644 index 0000000000..d26352b329 --- /dev/null +++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/ICredentialsProvider2.java @@ -0,0 +1,20 @@ +/* + * Copyright (c) 2004 - 2012 Eike Stepper (Berlin, Germany) and others. + * All rights reserved. This program and the accompanying materials + * are made available under the terms of the Eclipse Public License v1.0 + * which accompanies this distribution, and is available at + * http://www.eclipse.org/legal/epl-v10.html + * + * Contributors: + * Eike Stepper - initial API and implementation + */ +package org.eclipse.net4j.util.security; + +/** + * @author Eike Stepper + * @since 3.3 + */ +public interface ICredentialsProvider2 extends ICredentialsProvider +{ + public ICredentials getCredentials(String realm); +} diff --git a/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsProvider2.java b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsProvider2.java new file mode 100644 index 0000000000..cfa07e9af2 --- /dev/null +++ b/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IPasswordCredentialsProvider2.java @@ -0,0 +1,20 @@ +/* + * Copyright (c) 2004 - 2012 Eike Stepper (Berlin, Germany) and others. + * All rights reserved. This program and the accompanying materials + * are made available under the terms of the Eclipse Public License v1.0 + * which accompanies this distribution, and is available at + * http://www.eclipse.org/legal/epl-v10.html + * + * Contributors: + * Eike Stepper - initial API and implementation + */ +package org.eclipse.net4j.util.security; + +/** + * @author Eike Stepper + * @since 3.3 + */ +public interface IPasswordCredentialsProvider2 extends IPasswordCredentialsProvider, ICredentialsProvider2 +{ + public IPasswordCredentials getCredentials(String realm); +} -- cgit v1.2.3