From 5e608e44fafcac466488a3182190ec18ee4624e7 Mon Sep 17 00:00:00 2001
From: Jean-Noel Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Thu, 19 Sep 2013 13:04:58 +0000
Subject: [PATCH] OPENDJ-1149 (CR-2334) Passwords should not be held in memory for the lifetime of a client connection

---
 opends/src/server/org/opends/server/extensions/ExternalSASLMechanismHandler.java |   20 +++++++-------------
 1 files changed, 7 insertions(+), 13 deletions(-)

diff --git a/opends/src/server/org/opends/server/extensions/ExternalSASLMechanismHandler.java b/opends/src/server/org/opends/server/extensions/ExternalSASLMechanismHandler.java
index 4f7bc71..6e71243 100644
--- a/opends/src/server/org/opends/server/extensions/ExternalSASLMechanismHandler.java
+++ b/opends/src/server/org/opends/server/extensions/ExternalSASLMechanismHandler.java
@@ -23,16 +23,15 @@
  *
  *
  *      Copyright 2006-2009 Sun Microsystems, Inc.
+ *      Portions copyright 2013 ForgeRock AS
  */
 package org.opends.server.extensions;
-import org.opends.messages.Message;
-
-
 
 import java.security.cert.Certificate;
 import java.util.ArrayList;
 import java.util.List;
 
+import org.opends.messages.Message;
 import org.opends.server.admin.server.ConfigurationChangeListener;
 import org.opends.server.admin.std.server.ExternalSASLMechanismHandlerCfg;
 import org.opends.server.admin.std.server.SASLMechanismHandlerCfg;
@@ -42,19 +41,16 @@
 import org.opends.server.config.ConfigException;
 import org.opends.server.core.BindOperation;
 import org.opends.server.core.DirectoryServer;
-
-import static org.opends.server.config.ConfigConstants.*;
-import static org.opends.server.loggers.debug.DebugLogger.*;
 import org.opends.server.loggers.debug.DebugTracer;
 import org.opends.server.protocols.ldap.LDAPClientConnection;
 import org.opends.server.types.*;
-import static org.opends.messages.ExtensionMessages.*;
 
+import static org.opends.messages.ExtensionMessages.*;
+import static org.opends.server.config.ConfigConstants.*;
+import static org.opends.server.loggers.debug.DebugLogger.*;
 import static org.opends.server.util.ServerConstants.*;
 import static org.opends.server.util.StaticUtils.*;
 
-
-
 /**
  * This class provides an implementation of a SASL mechanism that relies on some
  * form of authentication that has already been done outside the LDAP layer.  At
@@ -347,10 +343,8 @@
     }
 
 
-    AuthenticationInfo authInfo =
-         new AuthenticationInfo(userEntry, SASL_MECHANISM_EXTERNAL,
-             bindOperation.getSASLCredentials(),
-             DirectoryServer.isRootDN(userEntry.getDN()));
+    AuthenticationInfo authInfo = new AuthenticationInfo(userEntry,
+        SASL_MECHANISM_EXTERNAL, DirectoryServer.isRootDN(userEntry.getDN()));
     bindOperation.setAuthenticationInfo(authInfo);
     bindOperation.setResultCode(ResultCode.SUCCESS);
   }

--
Gitblit v1.10.0