From 3bd757820d295d1bf98c2dccbae18421f8b47a0b Mon Sep 17 00:00:00 2001
From: Matthew Swift <matthew.swift@forgerock.com>
Date: Wed, 15 Jun 2011 21:54:27 +0000
Subject: [PATCH] Fix OPENDJ-202: All bind request APIs should take byte or char arrays for passwords

---
 opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequest.java |   13 +++++++++++--
 1 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequest.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequest.java
index 32880eb..997fae7 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequest.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequest.java
@@ -23,6 +23,7 @@
  *
  *
  *      Copyright 2009 Sun Microsystems, Inc.
+ *      Portions copyright 2011 ForgeRock AS
  */
 
 package org.forgerock.opendj.ldap.requests;
@@ -70,10 +71,14 @@
   /**
    * Returns the authentication information for this bind request. The content
    * is defined by the authentication mechanism.
+   * <p>
+   * Unless otherwise indicated, implementations will store a reference to the
+   * returned byte array, allowing applications to overwrite any sensitive data
+   * such as passwords after it has been used.
    *
    * @return The authentication information.
    */
-  ByteString getAuthenticationValue();
+  byte[] getAuthenticationValue();
 
 
 
@@ -121,6 +126,10 @@
   /**
    * Sets the authentication information for this generic bind request in a form
    * defined by the authentication mechanism.
+   * <p>
+   * Unless otherwise indicated, implementations will store a reference to the
+   * returned byte array, allowing applications to overwrite any sensitive data
+   * such as passwords after it has been used.
    *
    * @param bytes
    *          The authentication information for this generic bind request in a
@@ -132,7 +141,7 @@
    * @throws NullPointerException
    *           If {@code bytes} was {@code null}.
    */
-  GenericBindRequest setAuthenticationValue(ByteString bytes)
+  GenericBindRequest setAuthenticationValue(byte[] bytes)
       throws UnsupportedOperationException, NullPointerException;
 
 

--
Gitblit v1.10.0