[jboss-cvs] Picketbox SVN: r310 - in trunk: security-jboss-sx/identity/src/main/java/org/jboss/security/identity/plugins and 12 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Mar 5 11:18:05 EST 2012
Author: anil.saldhana at jboss.com
Date: 2012-03-05 11:18:02 -0500 (Mon, 05 Mar 2012)
New Revision: 310
Modified:
trunk/picketbox/src/main/java/org/picketbox/config/PicketBoxConfiguration.java
trunk/security-jboss-sx/identity/src/main/java/org/jboss/security/identity/plugins/FilePersistenceStrategy.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/JBossJSSESecurityDomain.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsersLoginModule.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/Util.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/otp/JBossTimeBasedOTPLoginModule.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/modules/web/WebXACMLUtil.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/role/Util.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/FilePassword.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/TmpFilePassword.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/util/state/xml/StateMachineParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/util/KeyStoreUtil.java
trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/JBossSecuritySubjectFactoryUnitTestCase.java
Log:
SECURITY-648: files, streams need to be closed
Modified: trunk/picketbox/src/main/java/org/picketbox/config/PicketBoxConfiguration.java
===================================================================
--- trunk/picketbox/src/main/java/org/picketbox/config/PicketBoxConfiguration.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/picketbox/src/main/java/org/picketbox/config/PicketBoxConfiguration.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -54,8 +54,16 @@
{
if(configFileName == null)
throw new ConfigurationFileNullException(ErrorCodes.NULL_ARGUMENT + "configFileName is null");
- InputStream configStream = loadStream(configFileName);
- load(configStream);
+ InputStream configStream = null;
+ try
+ {
+ configStream = loadStream(configFileName);
+ load(configStream);
+ }
+ finally
+ {
+ safeClose(configStream);
+ }
}
/**
@@ -132,4 +140,16 @@
}
return configStream;
}
+ private void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/identity/src/main/java/org/jboss/security/identity/plugins/FilePersistenceStrategy.java
===================================================================
--- trunk/security-jboss-sx/identity/src/main/java/org/jboss/security/identity/plugins/FilePersistenceStrategy.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/identity/src/main/java/org/jboss/security/identity/plugins/FilePersistenceStrategy.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -24,9 +24,10 @@
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
-import java.io.IOException;
+import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
+import java.io.OutputStream;
import org.jboss.security.identity.Identity;
@@ -57,6 +58,7 @@
public Identity persistIdentity(Identity identity)
{
ObjectOutputStream oos = null;
+ FileOutputStream fos = null;
try
{
File file = new File(path + File.separator + identity.getName());
@@ -65,31 +67,20 @@
// identity already exists
return null;
}
- FileOutputStream fos = new FileOutputStream(file);
+ fos = new FileOutputStream(file);
oos = new ObjectOutputStream(fos);
oos.writeObject(identity);
return identity;
}
catch (Exception e)
{
- //TODO
- e.printStackTrace();
+ throw new RuntimeException(e);
}
finally
{
- if (oos != null)
- {
- try
- {
- oos.close();
- }
- catch (IOException e)
- {
- }
- }
+ safeClose(oos);
+ safeClose(fos);
}
-
- return null;
}
/**
@@ -98,33 +89,23 @@
public Identity getIdentity(String name)
{
ObjectInputStream ois = null;
+ FileInputStream fis = null;
try
{
- FileInputStream fis = new FileInputStream(path + File.separator + name);
+ fis = new FileInputStream(path + File.separator + name);
ois = new ObjectInputStream(fis);
Identity identity = (Identity) ois.readObject();
return identity;
}
catch (Exception e)
{
- //TODO
- e.printStackTrace();
+ throw new RuntimeException(e);
}
finally
{
- if (ois != null)
- {
- try
- {
- ois.close();
- }
- catch (IOException e)
- {
- }
- }
+ safeClose(ois);
+ safeClose(fis);
}
-
- return null;
}
/**
@@ -150,4 +131,29 @@
return null;
}
-}
+ private void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+
+ private void safeClose(OutputStream os)
+ {
+ try
+ {
+ if(os != null)
+ {
+ os.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/JBossJSSESecurityDomain.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/JBossJSSESecurityDomain.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/JBossJSSESecurityDomain.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -446,6 +446,7 @@
@SuppressWarnings({"rawtypes", "unchecked"})
private void loadKeyAndTrustStore() throws Exception
{
+ InputStream is = null;
if (keyStorePassword != null)
{
if (keyStoreProvider != null)
@@ -465,13 +466,24 @@
}
else
keyStore = KeyStore.getInstance(keyStoreType);
- InputStream is = null;
- if ((!"PKCS11".equalsIgnoreCase(keyStoreType) || !"PKCS11IMPLKS".equalsIgnoreCase(keyStoreType))
- && keyStoreURL != null)
+ is = null;
+ try
{
- is = keyStoreURL.openStream();
+ if ((!"PKCS11".equalsIgnoreCase(keyStoreType) || !"PKCS11IMPLKS".equalsIgnoreCase(keyStoreType))
+ && keyStoreURL != null)
+ {
+ is = keyStoreURL.openStream();
+ }
+ else
+ throw new RuntimeException(ErrorCodes.WRONG_VALUE + "keyStoreType");
+
+ keyStore.load(is, keyStorePassword);
}
- keyStore.load(is, keyStorePassword);
+ finally
+ {
+ safeClose(is);
+ }
+
String algorithm = null;
if (keyManagerFactoryAlgorithm != null)
algorithm = keyManagerFactoryAlgorithm;
@@ -507,13 +519,23 @@
}
else
trustStore = KeyStore.getInstance(trustStoreType);
- InputStream is = null;
- if ((!"PKCS11".equalsIgnoreCase(trustStoreType) || !"PKCS11IMPLKS".equalsIgnoreCase(trustStoreType))
- && trustStoreURL != null)
+ is = null;
+ try
{
- is = trustStoreURL.openStream();
+ if ((!"PKCS11".equalsIgnoreCase(trustStoreType) || !"PKCS11IMPLKS".equalsIgnoreCase(trustStoreType))
+ && trustStoreURL != null)
+ {
+ is = trustStoreURL.openStream();
+ }
+ else
+ throw new RuntimeException(ErrorCodes.WRONG_VALUE + "trustStoreType");
+
+ trustStore.load(is, trustStorePassword);
}
- trustStore.load(is, trustStorePassword);
+ finally
+ {
+ safeClose(is);
+ }
String algorithm = null;
if (trustManagerFactoryAlgorithm != null)
algorithm = trustManagerFactoryAlgorithm;
@@ -540,4 +562,16 @@
}
}
-}
+ private void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -433,18 +433,63 @@
private void loadSunConfig(URL sunConfig, ArrayList configNames) throws Exception
{
- InputStream is = sunConfig.openStream();
- if (is == null)
- throw new IOException(ErrorCodes.NULL_VALUE + "InputStream is null for: " + sunConfig);
+ InputStream is = null;
+ InputStreamReader configFile = null;
+ try
+ {
+ is = sunConfig.openStream();
+ if (is == null)
+ throw new IOException(ErrorCodes.NULL_VALUE + "InputStream is null for: " + sunConfig);
- InputStreamReader configFile = new InputStreamReader(is);
- boolean trace = log.isTraceEnabled();
- SunConfigParser.doParse(configFile, this, trace);
+ configFile = new InputStreamReader(is);
+ boolean trace = log.isTraceEnabled();
+ SunConfigParser.doParse(configFile, this, trace);
+ }
+ finally
+ {
+ safeClose(configFile);
+ safeClose(is);
+ }
}
private void loadXMLConfig(URL loginConfigURL, ArrayList configNames) throws Exception
{
- StaxBasedConfigParser parser = new StaxBasedConfigParser();
- parser.parse(loginConfigURL.openStream());
- }
+ InputStream is = null;
+ try
+ {
+ is = loginConfigURL.openStream();
+
+ StaxBasedConfigParser parser = new StaxBasedConfigParser();
+ parser.parse(is);
+ }
+ finally
+ {
+ safeClose(is);
+ }
+ }
+
+ private void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+ private void safeClose(InputStreamReader fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -22,6 +22,7 @@
package org.jboss.security.auth.spi;
import java.io.IOException;
+import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.Principal;
@@ -521,4 +522,16 @@
*/
abstract protected String getUsersPassword() throws LoginException;
-}
+ protected void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsersLoginModule.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsersLoginModule.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsersLoginModule.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -143,17 +143,24 @@
throw new IOException(ErrorCodes.NULL_VALUE + "Properties file " + propertiesName + " not found");
super.log.trace("Properties file=" + url);
-
- InputStream is = url.openStream();
- if (is != null)
+ InputStream is = null;
+ try
{
- bundle = new Properties();
- bundle.load(is);
+ is = url.openStream();
+ if (is != null)
+ {
+ bundle = new Properties();
+ bundle.load(is);
+ }
+ else
+ {
+ throw new IOException(ErrorCodes.NULL_VALUE + "Properties file " + propertiesName + " not avilable");
+ }
+ return bundle;
}
- else
+ finally
{
- throw new IOException(ErrorCodes.NULL_VALUE + "Properties file " + propertiesName + " not avilable");
+ safeClose(is);
}
- return bundle;
}
-}
+}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/Util.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/Util.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/Util.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -233,11 +233,11 @@
Properties defaults = new Properties();
if( defaultUrl != null )
{
+ InputStream is = null;
try
{
- InputStream is = defaultUrl.openStream();
+ is = defaultUrl.openStream();
defaults.load(is);
- is.close();
if (trace)
log.trace("Loaded defaults, users="+defaults.keySet());
}
@@ -246,6 +246,10 @@
if (trace)
log.trace("Failed to load defaults", e);
}
+ finally
+ {
+ safeClose(is);
+ }
}
bundle = new Properties(defaults);
@@ -264,8 +268,14 @@
}
if (is != null)
{
- bundle.load(is);
- is.close();
+ try
+ {
+ bundle.load(is);
+ }
+ finally
+ {
+ safeClose(is);
+ }
}
else
{
@@ -351,8 +361,14 @@
}
if (is != null)
{
- bundle.load(is);
- is.close();
+ try
+ {
+ bundle.load(is);
+ }
+ finally
+ {
+ safeClose(is);
+ }
}
else
{
@@ -571,5 +587,18 @@
public static byte[] fromb64(String str) throws NumberFormatException
{
return Base64Utils.fromb64(str);
- }
+ }
+
+ private static void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/otp/JBossTimeBasedOTPLoginModule.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/otp/JBossTimeBasedOTPLoginModule.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/otp/JBossTimeBasedOTPLoginModule.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -195,11 +195,12 @@
//Load the otp-users.properties file
ClassLoader tcl = SecurityActions.getContextClassLoader();
- InputStream is = tcl.getResourceAsStream( "otp-users.properties" );
+ InputStream is = null;
Properties otp = new Properties();
try
{
+ is = tcl.getResourceAsStream( "otp-users.properties" );
otp.load( is );
}
catch (IOException e )
@@ -208,6 +209,10 @@
le.initCause( e );
throw le;
}
+ finally
+ {
+ safeClose(is);
+ }
String seed = otp.getProperty( username );
@@ -318,4 +323,16 @@
}
}
}
+ private void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -23,6 +23,7 @@
import java.io.ByteArrayOutputStream;
import java.io.IOException;
+import java.io.OutputStream;
import java.lang.reflect.Method;
import java.security.Principal;
import java.util.List;
@@ -86,10 +87,20 @@
if(trace)
{
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ ByteArrayOutputStream baos = null;
+ try
+ {
+ baos = new ByteArrayOutputStream();
- requestCtx.marshall(baos);
- log.trace(new String(baos.toByteArray()));
+ requestCtx.marshall(baos);
+ log.trace(new String(baos.toByteArray()));
+ }
+ catch(IOException e)
+ {}
+ finally
+ {
+ safeClose(baos);
+ }
}
return requestCtx;
}
@@ -210,5 +221,17 @@
}
}
return subject;
- }
+ }
+ private void safeClose(OutputStream os)
+ {
+ try
+ {
+ if(os != null)
+ {
+ os.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/modules/web/WebXACMLUtil.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/modules/web/WebXACMLUtil.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/modules/web/WebXACMLUtil.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -22,6 +22,8 @@
package org.jboss.security.authorization.modules.web;
import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
import java.net.URI;
import java.security.Principal;
import java.util.Enumeration;
@@ -62,20 +64,20 @@
@SuppressWarnings("unchecked")
public RequestContext createXACMLRequest(HttpServletRequest request,
RoleGroup callerRoles) throws Exception
- {
+ {
if(request == null)
throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "Http Request is null");
if(callerRoles == null)
throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "roles is null");
String httpMethod = request.getMethod();
String action = "GET".equals(httpMethod) ? "read" : "write";
-
+
//Non-standard uri
String actionURIBase = "urn:oasis:names:tc:xacml:2.0:request-param:attribute:";
-
+
Principal principal = request.getUserPrincipal();
-
-
+
+
RequestContext requestCtx = RequestResponseContextFactory.createRequestCtx();
//Create a subject type
@@ -85,7 +87,7 @@
XACMLConstants.ATTRIBUTEID_SUBJECT_ID,
"jboss.org",
principal.getName()));
-
+
List<Role> rolesList = callerRoles.getRoles();
if(rolesList != null)
{
@@ -126,12 +128,12 @@
"jboss.org",
paramValue));
}
-
-
+
+
//Create an Environment Type (Optional)
EnvironmentType environmentType = new EnvironmentType();
environmentType.getAttribute().add( RequestAttributeFactory.createDateTimeAttributeType(
- XACMLConstants.ATTRIBUTEID_CURRENT_TIME, null));
+ XACMLConstants.ATTRIBUTEID_CURRENT_TIME, null));
//Create a Request Type
RequestType requestType = new RequestType();
@@ -141,14 +143,38 @@
requestType.setEnvironment(environmentType);
requestCtx.setRequest(requestType);
-
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
+
+
if(trace)
{
- requestCtx.marshall(baos);
- log.trace(new String(baos.toByteArray()));
+ ByteArrayOutputStream baos = null;
+ try
+ {
+ baos = new ByteArrayOutputStream();
+ requestCtx.marshall(baos);
+ log.trace(new String(baos.toByteArray()));
+ }
+ catch(IOException e)
+ {
+ }
+ finally
+ {
+ safeClose(baos);
+ }
}
return requestCtx;
- }
+ }
+
+ private void safeClose(OutputStream os)
+ {
+ try
+ {
+ if(os != null)
+ {
+ os.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/role/Util.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/role/Util.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/role/Util.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -120,8 +120,14 @@
}
if (is != null)
{
- bundle.load(is);
- is.close();
+ try
+ {
+ bundle.load(is);
+ }
+ finally
+ {
+ safeClose(is);
+ }
}
else
{
@@ -297,5 +303,17 @@
}
}
}
-
-}
+
+ private static void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/FilePassword.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/FilePassword.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/FilePassword.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -26,6 +26,7 @@
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.io.OutputStream;
import java.io.RandomAccessFile;
import java.net.MalformedURLException;
import java.net.URL;
@@ -77,9 +78,10 @@
else
{
FileOutputStream fos = null;
+ InputStream is = null;
try
{
- InputStream is = url.openStream();
+ is = url.openStream();
passwordFile = File.createTempFile("temp", null);
passwordFile.deleteOnExit();
fos = new FileOutputStream(passwordFile);
@@ -92,14 +94,8 @@
}
finally
{
- try
- {
- if (fos != null)
- fos.close();
- }
- catch (IOException e)
- {
- }
+ safeClose(fos);
+ safeClose(is);
}
}
}
@@ -107,9 +103,10 @@
public char[] toCharArray()
throws IOException
{
- RandomAccessFile raf = new RandomAccessFile(passwordFile, "r");
+ RandomAccessFile raf = null;
try
{
+ raf = new RandomAccessFile(passwordFile, "r");
char[] password = decode(raf);
return password;
}
@@ -119,6 +116,10 @@
log.error("Failed to decode password file: "+passwordFile, e);
throw new IOException(e.getMessage());
}
+ finally
+ {
+ safeClose(raf);
+ }
}
static char[] decode(RandomAccessFile passwordFile)
@@ -158,8 +159,45 @@
passwordFile.writeInt(count);
passwordFile.write(encode);
passwordFile.close();
-
+ }
+
+ private static void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
}
+ private void safeClose(OutputStream os)
+ {
+ try
+ {
+ if(os != null)
+ {
+ os.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+ private void safeClose(RandomAccessFile raf)
+ {
+ try
+ {
+ if(raf != null)
+ {
+ raf.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+
/** Write a password in opaque form to a file for use with the FilePassword
* accessor in conjunction with the JaasSecurityDomain
* {CLASS}org.jboss.security.plugins.FilePassword:password-file
@@ -186,4 +224,4 @@
RandomAccessFile passwordFile = new RandomAccessFile(args[3], "rws");
encode(passwordFile, salt, count, passwordBytes);
}
-}
+}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -92,17 +92,23 @@
*/
public void registerPolicy(String contextID, String type, URL location)
{
+ InputStream is = null;
try
{
if (trace)
log.trace("Registering policy for contextId:" + contextID + " type: " + type + "and location:"
+ location.getPath());
- registerPolicy(contextID, type, location.openStream());
+ is = location.openStream();
+ registerPolicy(contextID, type, is);
}
catch (Exception e)
{
log.debug("Error in registering policy:", e);
}
+ finally
+ {
+ safeClose(is);
+ }
}
/**
@@ -173,4 +179,16 @@
}
}
}
+ private void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/TmpFilePassword.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/TmpFilePassword.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/TmpFilePassword.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -25,6 +25,7 @@
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
+import java.io.InputStream;
import java.io.RandomAccessFile;
import org.jboss.logging.Logger;
@@ -68,25 +69,51 @@
break;
}
}
- FileInputStream fis = new FileInputStream(passwordFile);
- CharArrayWriter writer = new CharArrayWriter();
- int b;
- while( (b = fis.read()) >= 0 )
+ FileInputStream fis = null;
+ CharArrayWriter writer = null;
+ try
{
- if( b == '\r' || b == '\n' )
- continue;
- writer.write(b);
+ fis = new FileInputStream(passwordFile);
+ writer = new CharArrayWriter();
+ int b;
+ while( (b = fis.read()) >= 0 )
+ {
+ if( b == '\r' || b == '\n' )
+ continue;
+ writer.write(b);
+ }
}
- fis.close();
+ finally
+ {
+ safeClose(fis);
+ }
+ try
+ {
+ fis = new FileInputStream(passwordFile);
+ writer = new CharArrayWriter();
+ int b;
+ while( (b = fis.read()) >= 0 )
+ {
+ if( b == '\r' || b == '\n' )
+ continue;
+ writer.write(b);
+ }
+ }
+ finally
+ {
+ safeClose(fis);
+ }
+
char[] password = writer.toCharArray();
writer.reset();
for(int n = 0; n < password.length; n ++)
writer.write('\0');
// Overwrite the password file
+ RandomAccessFile raf = null;
try
{
- RandomAccessFile raf = new RandomAccessFile(passwordFile, "rws");
+ raf = new RandomAccessFile(passwordFile, "rws");
for(int i = 0; i < 10; i ++)
{
raf.seek(0);
@@ -101,6 +128,35 @@
{
log.warn("Failed to zero the password file", e);
}
+ finally
+ {
+ safeClose(raf);
+ }
return password;
}
-}
+
+ private void safeClose(InputStream is)
+ {
+ try
+ {
+ if( is != null)
+ {
+ is.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+ private void safeClose(RandomAccessFile f)
+ {
+ try
+ {
+ if(f != null)
+ {
+ f.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/util/state/xml/StateMachineParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/util/state/xml/StateMachineParser.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/util/state/xml/StateMachineParser.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -72,7 +72,7 @@
@author Dimitris.Andreadis at jboss.org
@version $Revision$
*/
- at SuppressWarnings("unchecked")
+ at SuppressWarnings({"unchecked","rawtypes"})
public class StateMachineParser
{
private static Logger log = Logger.getLogger(StateMachineParser.class);
@@ -80,9 +80,17 @@
public StateMachine parse(URL source) throws Exception
{
// parse the XML document into a DOM structure
- InputStream in = source.openConnection().getInputStream();
- Element root = DOMUtils.parse(in);
-
+ InputStream in = null;
+ Element root = null;
+ try
+ {
+ in = source.openConnection().getInputStream();
+ root = DOMUtils.parse(in);
+ }
+ finally
+ {
+ safeClose(in);
+ }
String description = root.getAttribute("description");
HashMap nameToStateMap = new HashMap();
HashMap nameToTransitionsMap = new HashMap();
@@ -153,4 +161,16 @@
StateMachine sm = new StateMachine(states, startState, description);
return sm;
}
-}
+ private void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -25,8 +25,10 @@
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
+import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
+import java.io.OutputStream;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
@@ -165,6 +167,9 @@
if(encFileDir == null)
throw new SecurityVaultException(ErrorCodes.NULL_VALUE + "Option ENC_FILE_DIR is missing");
+ FileInputStream fis = null, mapFile = null;
+ ObjectInputStream ois = null;
+ ObjectInputStream mapIS = null;
try
{
decodedEncFileDir = StringUtil.getSystemPropertyAsString(encFileDir);
@@ -180,12 +185,12 @@
setUpVault(decodedEncFileDir);
}
- FileInputStream fis = new FileInputStream(decodedEncFileDir + ENCODED_FILE);
- ObjectInputStream ois = new ObjectInputStream(fis);
+ fis = new FileInputStream(decodedEncFileDir + ENCODED_FILE);
+ ois = new ObjectInputStream(fis);
theContent = (Map<String, byte[]>) ois.readObject();
- FileInputStream mapFile = new FileInputStream(decodedEncFileDir + SHARED_KEY_FILE );
- ObjectInputStream mapIS = new ObjectInputStream(mapFile);
+ mapFile = new FileInputStream(decodedEncFileDir + SHARED_KEY_FILE );
+ mapIS = new ObjectInputStream(mapFile);
sharedKeyMap = (Map<String, byte[]>) mapIS.readObject();
}
@@ -193,6 +198,13 @@
{
throw new SecurityVaultException(e);
}
+ finally
+ {
+ safeClose(fis);
+ safeClose(mapFile);
+ safeClose(ois);
+ safeClose(mapIS);
+ }
try
{
@@ -426,18 +438,36 @@
private void writeEncodedFile(String decodedEncFileDir) throws IOException
{
- FileOutputStream fos = new FileOutputStream(decodedEncFileDir + ENCODED_FILE);
- ObjectOutputStream oos = new ObjectOutputStream(fos);
- oos.writeObject(theContent);
- oos.close();
+ FileOutputStream fos = null;
+ ObjectOutputStream oos = null;
+ try
+ {
+ fos = new FileOutputStream(decodedEncFileDir + ENCODED_FILE);
+ oos = new ObjectOutputStream(fos);
+ oos.writeObject(theContent);
+ }
+ finally
+ {
+ safeClose(oos);
+ safeClose(fos);
+ }
}
private void writeSharedKeyFile(String decodedEncFileDir) throws IOException
{
- FileOutputStream fos = new FileOutputStream(decodedEncFileDir + SHARED_KEY_FILE);
- ObjectOutputStream oos = new ObjectOutputStream(fos);
- oos.writeObject(sharedKeyMap);
- oos.close();
+ FileOutputStream fos = null;
+ ObjectOutputStream oos = null;
+ try
+ {
+ fos = new FileOutputStream(decodedEncFileDir + SHARED_KEY_FILE);
+ oos = new ObjectOutputStream(fos);
+ oos.writeObject(sharedKeyMap);
+ }
+ finally
+ {
+ safeClose(oos);
+ safeClose(fos);
+ }
}
private boolean encodedFileExists(String decodedEncFileDir)
@@ -451,4 +481,30 @@
File file = new File(dir);
return file != null && file.exists();
}
+
+ private void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+
+ private void safeClose(OutputStream os)
+ {
+ try
+ {
+ if(os != null)
+ {
+ os.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/util/KeyStoreUtil.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/util/KeyStoreUtil.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/util/KeyStoreUtil.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -26,6 +26,7 @@
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.io.OutputStream;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.Key;
@@ -58,8 +59,16 @@
*/
public static KeyStore getKeyStore(File keyStoreFile, char[] storePass) throws GeneralSecurityException, IOException
{
- FileInputStream fis = new FileInputStream(keyStoreFile);
- return getKeyStore(fis, storePass);
+ FileInputStream fis = null;
+ try
+ {
+ fis = new FileInputStream(keyStoreFile);
+ return getKeyStore(fis, storePass);
+ }
+ finally
+ {
+ safeClose(fis);
+ }
}
/**
@@ -76,8 +85,16 @@
throw new IllegalArgumentException( ErrorCodes.NULL_ARGUMENT + "Null fileURL");
File file = new File(fileURL);
- FileInputStream fis = new FileInputStream(file);
- return getKeyStore(fis, storePass);
+ FileInputStream fis = null;
+ try
+ {
+ fis = new FileInputStream(file);
+ return getKeyStore(fis, storePass);
+ }
+ finally
+ {
+ safeClose(fis);
+ }
}
/**
@@ -93,7 +110,16 @@
if (url == null)
throw new IllegalArgumentException(ErrorCodes.NULL_ARGUMENT + "Null url");
- return getKeyStore(url.openStream(), storePass);
+ InputStream is = null;
+ try
+ {
+ is = url.openStream();
+ return getKeyStore(is, storePass);
+ }
+ finally
+ {
+ safeClose(is);
+ }
}
/**
@@ -179,9 +205,17 @@
keystore.setCertificateEntry(alias, cert);
// Save the new keystore contents
- FileOutputStream out = new FileOutputStream(keystoreFile);
- keystore.store(out, storePass);
- out.close();
+ FileOutputStream out = null;
+ try
+ {
+ out = new FileOutputStream(keystoreFile);
+ keystore.store(out, storePass);
+ out.close();
+ }
+ finally
+ {
+ safeClose(out);
+ }
}
/**
@@ -209,4 +243,29 @@
}
return null;
}
+
+ private static void safeClose(InputStream fis)
+ {
+ try
+ {
+ if(fis != null)
+ {
+ fis.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
+ private static void safeClose(OutputStream os)
+ {
+ try
+ {
+ if(os != null)
+ {
+ os.close();
+ }
+ }
+ catch(Exception e)
+ {}
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/JBossSecuritySubjectFactoryUnitTestCase.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/JBossSecuritySubjectFactoryUnitTestCase.java 2012-02-15 15:58:17 UTC (rev 309)
+++ trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/JBossSecuritySubjectFactoryUnitTestCase.java 2012-03-05 16:18:02 UTC (rev 310)
@@ -27,6 +27,7 @@
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
+import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
@@ -77,8 +78,10 @@
AppConfigurationEntry[] securityDomain()
{
+ Map<String,Object> options = new HashMap<String,Object>();
+ options.put("unauthenticatedIdentity", "guest");
AppConfigurationEntry ace = new AppConfigurationEntry(TestLoginModule2.class.getName(),
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, new HashMap<String, Object>());
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry[] entry = {ace};
return entry;
}
@@ -226,5 +229,12 @@
}
}
}
-
+
+ public void testUnauthenticatedCaller() throws Exception
+ {
+ JBossSecuritySubjectFactory subjectFactory = new JBossSecuritySubjectFactory();
+ Subject subject = subjectFactory.createSubject("securityDomain");
+ assertNotNull(subject);
+ assertTrue(subject.getPrincipals().contains(new SimplePrincipal("guest")));
+ }
}
More information about the jboss-cvs-commits
mailing list