directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject [directory-fortress-core] branch master updated: never output unmasked pw to user (even in tests)
Date Fri, 07 Aug 2020 13:30:01 GMT
This is an automated email from the ASF dual-hosted git repository.

smckinney pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/directory-fortress-core.git


The following commit(s) were added to refs/heads/master by this push:
     new 3ec03ac  never output unmasked pw to user (even in tests)
3ec03ac is described below

commit 3ec03ac9a44bee52d0e65924a350d5ef1e7f9c97
Author: Shawn McKinney <smckinney@symas.com>
AuthorDate: Fri Aug 7 08:29:54 2020 -0500

    never output unmasked pw to user (even in tests)
---
 .../directory/fortress/core/AccessMgrConsole.java  |  8 ++-
 .../directory/fortress/core/AdminMgrConsole.java   | 81 ++++++++++------------
 .../fortress/core/DelegatedAccessMgrConsole.java   |  8 ++-
 3 files changed, 46 insertions(+), 51 deletions(-)

diff --git a/src/test/java/org/apache/directory/fortress/core/AccessMgrConsole.java b/src/test/java/org/apache/directory/fortress/core/AccessMgrConsole.java
index 5da1a55..b308057 100755
--- a/src/test/java/org/apache/directory/fortress/core/AccessMgrConsole.java
+++ b/src/test/java/org/apache/directory/fortress/core/AccessMgrConsole.java
@@ -19,6 +19,7 @@
  */
 package org.apache.directory.fortress.core;
 
+import java.io.Console;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Comparator;
@@ -149,8 +150,9 @@ class AccessMgrConsole
             ReaderUtil.clearScreen();
             System.out.println("Enter userId:");
             String userId = ReaderUtil.readLn();
+            Console console = System.console();
             System.out.println("Enter password:");
-            String password = ReaderUtil.readLn();
+            String password = new String ( console.readPassword() );
             session = am.authenticate(userId, password);
             System.out.println("Authentication successful for userId [" + userId + "]");
             System.out.println("session [" + session + "]");
@@ -172,7 +174,9 @@ class AccessMgrConsole
             System.out.println("Enter userId:");
             String userId = ReaderUtil.readLn();
             System.out.println("Enter password:");
-            String password = ReaderUtil.readLn();
+            Console console = System.console();
+            String password = new String ( console.readPassword() );
+
             User inUser = new User(userId, password);
             List<RoleConstraint> constraints = new ArrayList();
             RoleConstraint constraint = getRuntimeConstraint( inUser );
diff --git a/src/test/java/org/apache/directory/fortress/core/AdminMgrConsole.java b/src/test/java/org/apache/directory/fortress/core/AdminMgrConsole.java
index 179fcbd..b538aae 100755
--- a/src/test/java/org/apache/directory/fortress/core/AdminMgrConsole.java
+++ b/src/test/java/org/apache/directory/fortress/core/AdminMgrConsole.java
@@ -19,6 +19,7 @@
  */
 package org.apache.directory.fortress.core;
 
+import java.io.Console;
 import java.lang.annotation.Annotation;
 import java.lang.reflect.Field;
 import java.util.Enumeration;
@@ -436,36 +437,37 @@ class AdminMgrConsole
         try
         {
             ReaderUtil.clearScreen();
-            System.out.println("Enter userId:");
-            ue.setUserId(ReaderUtil.readLn());
-            System.out.println("Enter user's common name (cn):");
-            String cn = ReaderUtil.readLn();
-            System.out.println("Enter user's surname (sn):");
+            Console console = System.console();
+            console.printf("Enter userId:" + "\n" );
+            ue.setUserId ( console.readLine() );
+            console.printf( ue.getUserId() + "\n" );
+            console.printf( "Enter user's common name (cn):" + "\n" );
+            ue.setCn( ReaderUtil.readLn() );
+            console.printf( "Enter user's surname (sn):" + "\n" );
             String sn = ReaderUtil.readLn();
             ue.setSn(sn);
-            ue.setCn(cn);
-            System.out.println("Enter pw");
-            ue.setPassword(ReaderUtil.readLn());
-            System.out.println("Enter User's description field");
+            console.printf( "Enter pw" + "\n" );
+            ue.setPassword(new String ( console.readPassword() ) );
+            console.printf( "Enter User's description field" + "\n" );
             ue.setDescription(ReaderUtil.readLn());
-            System.out.println("Enter organization unit, blank for default");
+            console.printf( "Enter organization unit, blank for default" + "\n" );
             ue.setOu(ReaderUtil.readLn());
 
-            System.out.println("Do you want to set temporal constraints on User - Y or NULL
to skip");
+            console.printf( "Do you want to set temporal constraints on User - Y or NULL
to skip" + "\n" );
             String choice = ReaderUtil.readLn();
-            if (choice != null && choice.equalsIgnoreCase("Y"))
+            if ( choice != null && choice.equalsIgnoreCase("Y" ) )
             {
                 enterTemporal(ue);
             }
 
-            System.out.println("Do you want to set posix account attributes on User - Y or
NULL to skip");
+            console.printf( "Do you want to set posix account attributes on User - Y or NULL
to skip" + "\n" );
             choice = ReaderUtil.readLn();
-            if (choice != null && choice.equalsIgnoreCase("Y"))
+            if (choice != null && choice.equalsIgnoreCase("Y") )
             {
                 enterPosixAccount( ue );
             }
 
-            System.out.println("Enter Role name (or NULL to skip):");
+            console.printf( "Enter Role name (or NULL to skip):" + "\n" );
             String val = ReaderUtil.readLn();
             for (int i = 0; val != null && val.length() > 0; i++)
             {
@@ -473,48 +475,35 @@ class AdminMgrConsole
                 userRole.setName(val);
                 userRole.setUserId( ue.getUserId() );
                 ue.setRole(userRole);
-                System.out.println("Do you want to set temporal constraints on User - Y or
NULL to skip");
+                console.printf( "Do you want to set temporal constraints on User - Y or NULL
to skip" + "\n");
                 choice = ReaderUtil.readLn();
                 if (choice != null && choice.equalsIgnoreCase("Y"))
                 {
                     enterTemporal(userRole);
                 }
 
-                System.out.println("Enter next name (or NULL if done entering roles):");
+                console.printf( "Enter next name (or NULL if done entering roles):" + "\n");
                 val = ReaderUtil.readLn();
             }
 
-            System.out.println("Enter prop key (or NULL to skip):");
+            console.printf( "Enter prop key (or NULL to skip):" + "\n");
             String key = ReaderUtil.readLn();
             for (int i = 0; key != null && key.length() > 0; i++)
             {
-                System.out.println("Enter prop val:");
+                console.printf( "Enter prop val:" + "\n");
                 val = ReaderUtil.readLn();
                 ue.addProperty(key, val);
-                System.out.println("Enter next prop key (or NULL if done entering properties)");
+                console.printf( "Enter next prop key (or NULL if done entering properties)"
+ "\n");
                 key = ReaderUtil.readLn();
             }
 
-            System.out.println("Enter password policy (or NULL to skip):");
+            console.printf( "Enter password policy (or NULL to skip):" + "\n");
             String policy = ReaderUtil.readLn();
             if( StringUtils.isNotEmpty( policy ))
             {
                 ue.setPwPolicy(policy);
             }
-/*
-            ue.setAddress(new Address());
-            ue.getAddress().setAddress("123 Test Ln");
-            ue.getAddress().setAddress("Suite 1");
-            ue.getAddress().setAddress("c/o resident");
-            ue.getAddress().setCity("TestCity");
-            ue.getAddress().setCountry("US");
-            ue.getAddress().setPostalCode("72113");
-            ue.getAddress().setState("AR");
-            ue.setPhone("111-222-3333");
-            ue.setPhone("222-222-3333");
-            ue.setMobile("333-222-3333");
-            ue.setMobile("444-222-3333");
-*/
+
             User ue2 = am.addUser(ue);
             if( CollectionUtils.isNotEmpty( ue.getRoles() ) )
             {
@@ -523,14 +512,14 @@ class AdminMgrConsole
                     am.assignUser(uRole);
                 }
             }
-            System.out.println("userId [" + ue2.getUserId() + "]");
-            System.out.println("internalId [" + ue2.getInternalId() + "]");
-            System.out.println("user description [" + ue2.getDescription() + "]");
-            System.out.println("user common name [" + ue2.getCn() + "]");
-            System.out.println("user surname [" + ue2.getSn() + "]");
-            System.out.println("organizational unit [" + ue2.getOu() + "]");
-            System.out.println("has been added");
-            System.out.println("ENTER to continue");
+            console.printf("userId [" + ue2.getUserId() + "]" + "\n");
+            console.printf("internalId [" + ue2.getInternalId() + "]" + "\n");
+            console.printf("user description [" + ue2.getDescription() + "]" + "\n");
+            console.printf("user common name [" + ue2.getCn() + "]" + "\n");
+            console.printf("user surname [" + ue2.getSn() + "]" + "\n");
+            console.printf("organizational unit [" + ue2.getOu() + "]" + "\n");
+            console.printf("has been added" + "\n");
+            console.printf("ENTER to continue" + "\n");
         }
         catch (SecurityException e)
         {
@@ -557,9 +546,9 @@ class AdminMgrConsole
             ReaderUtil.clearScreen();
             System.out.println("Enter userId");
             ue.setUserId(ReaderUtil.readLn());
-            System.out.println("Enter pw");
-            ue.setPassword(ReaderUtil.readLn());
-
+            Console console = System.console();
+            console.printf("Enter pw" + "\n" );
+            ue.setPassword(new String ( console.readPassword() ) );
             System.out.println("Do you want to test Admin User update - Y or N");
             String choice = ReaderUtil.readLn();
             if (choice != null && choice.equalsIgnoreCase("Y"))
diff --git a/src/test/java/org/apache/directory/fortress/core/DelegatedAccessMgrConsole.java
b/src/test/java/org/apache/directory/fortress/core/DelegatedAccessMgrConsole.java
index fc4ff11..2e65b66 100755
--- a/src/test/java/org/apache/directory/fortress/core/DelegatedAccessMgrConsole.java
+++ b/src/test/java/org/apache/directory/fortress/core/DelegatedAccessMgrConsole.java
@@ -30,6 +30,7 @@ import org.apache.directory.fortress.core.util.VUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.io.Console;
 import java.util.Collections;
 import java.util.Comparator;
 import java.util.Enumeration;
@@ -166,8 +167,9 @@ class DelegatedAccessMgrConsole
             ReaderUtil.clearScreen();
             System.out.println( "Enter userId:" );
             String userId = ReaderUtil.readLn();
-            System.out.println( "Enter password:" );
-            String password = ReaderUtil.readLn();
+            System.out.println("Enter password:");
+            Console console = System.console();
+            String password = new String ( console.readPassword() );
             session = new Session();
             //((AccessMgr)dAmgr).createSession(session, userId, password);
             ( ( AccessMgr ) dAmgr ).createSession( new User( userId, password ), false );
@@ -293,4 +295,4 @@ class DelegatedAccessMgrConsole
         }
         ReaderUtil.readChar();
     }
-}
\ No newline at end of file
+}


Mime
View raw message