From 3bd757820d295d1bf98c2dccbae18421f8b47a0b Mon Sep 17 00:00:00 2001
From: Matthew Swift <matthew.swift@forgerock.com>
Date: Wed, 15 Jun 2011 21:54:27 +0000
Subject: [PATCH] Fix OPENDJ-202: All bind request APIs should take byte or char arrays for passwords
---
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/ByteString.java | 7
opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/ConnectionFactoryProvider.java | 10
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableGenericBindRequestImpl.java | 14
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SimpleBindRequest.java | 14 +
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/BindClientImpl.java | 11
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiablePlainSASLBindRequestImpl.java | 11
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SimpleBindRequestImpl.java | 18
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestImpl.java | 18
opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestTestCase.java | 10
opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPWriter.java | 1
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequest.java | 14 +
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableSimpleBindRequestImpl.java | 14
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestImpl.java | 19 +
opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestTestCase.java | 9
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequest.java | 14 +
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestImpl.java | 22 +
opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPReader.java | 3
opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/RequestTestCase.java | 1
opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/util/StaticUtils.java | 43 +++
opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestTestCase.java | 8
opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/ConnectionFactoryTestCase.java | 9
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableCRAMMD5SASLBindRequestImpl.java | 11
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/asn1/ASN1Writer.java | 30 ++
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableGSSAPISASLBindRequestImpl.java | 11
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/Requests.java | 172 ++++++++++++++-
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequest.java | 14 +
opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/GenericBindRequestTestCase.java | 13
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequestImpl.java | 21 +
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableDigestMD5SASLBindRequestImpl.java | 11
opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestTestCase.java | 9
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestImpl.java | 19 +
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequest.java | 13 +
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SASLBindClientImpl.java | 3
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequest.java | 14 +
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/asn1/AbstractASN1Writer.java | 22 ++
35 files changed, 488 insertions(+), 145 deletions(-)
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPReader.java b/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPReader.java
index 11968b0..2ba51f4 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPReader.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPReader.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2009 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package com.forgerock.opendj.ldap;
@@ -397,7 +398,7 @@
final int protocolVersion = (int) reader.readInteger();
final String authName = reader.readOctetStringAsString();
final byte authType = reader.peekType();
- final ByteString authBytes = reader.readOctetString(authType);
+ final byte[] authBytes = reader.readOctetString(authType).toByteArray();
final GenericBindRequest request = Requests.newGenericBindRequest(
authName, authType, authBytes);
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPWriter.java b/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPWriter.java
index 39b8110..7b1d9a1 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPWriter.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPWriter.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2009-2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package com.forgerock.opendj.ldap;
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/util/StaticUtils.java b/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/util/StaticUtils.java
index e993cbf..734c62e 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/util/StaticUtils.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/util/StaticUtils.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2009-2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package com.forgerock.opendj.util;
@@ -33,6 +34,9 @@
import static org.forgerock.opendj.ldap.CoreMessages.ERR_HEX_DECODE_INVALID_LENGTH;
import java.lang.reflect.InvocationTargetException;
+import java.nio.ByteBuffer;
+import java.nio.CharBuffer;
+import java.nio.charset.Charset;
import java.text.ParseException;
import java.util.*;
import java.util.concurrent.Executors;
@@ -68,6 +72,11 @@
*/
public static final String EOL = System.getProperty("line.separator");
+ /**
+ * A zero-length byte array.
+ */
+ public static final byte[] EMPTY_BYTES = new byte[0];
+
// The name of the time zone for universal coordinated time (UTC).
private static final String TIME_ZONE_UTC = "UTC";
@@ -1363,6 +1372,26 @@
/**
* Construct a byte array containing the UTF-8 encoding of the provided
+ * character array.
+ *
+ * @param chars
+ * The character array to convert to a UTF-8 byte array.
+ * @return A byte array containing the UTF-8 encoding of the provided
+ * character array.
+ */
+ public static byte[] getBytes(final char[] chars)
+ {
+ final Charset utf8 = Charset.forName("UTF-8");
+ final ByteBuffer buffer = utf8.encode(CharBuffer.wrap(chars));
+ final byte[] bytes = new byte[buffer.remaining()];
+ buffer.get(bytes);
+ return bytes;
+ }
+
+
+
+ /**
+ * Construct a byte array containing the UTF-8 encoding of the provided
* string. This is significantly faster than calling
* {@link String#getBytes(String)} for ASCII strings.
*
@@ -2247,6 +2276,20 @@
/**
+ * Returns a copy of the provided byte array.
+ *
+ * @param bytes
+ * The byte array to be copied.
+ * @return A copy of the provided byte array.
+ */
+ public static byte[] copyOfBytes(final byte[] bytes)
+ {
+ return Arrays.copyOf(bytes, bytes.length);
+ }
+
+
+
+ /**
* Retrieves the printable ASCII representation of the provided byte.
*
* @param b
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/asn1/ASN1Writer.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/asn1/ASN1Writer.java
index 723286a..9c997b0 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/asn1/ASN1Writer.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/asn1/ASN1Writer.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2006-2009 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.asn1;
@@ -245,6 +246,21 @@
* The type tag of the element.
* @param value
* The byte array containing the octet string data.
+ * @return A reference to this ASN.1 writer.
+ * @throws IOException
+ * If an error occurs while writing the element.
+ */
+ ASN1Writer writeOctetString(byte type, byte[] value) throws IOException;
+
+
+
+ /**
+ * Writes an octet string element using the provided type tag.
+ *
+ * @param type
+ * The type tag of the element.
+ * @param value
+ * The byte array containing the octet string data.
* @param offset
* The offset in the byte array.
* @param length
@@ -295,6 +311,20 @@
*
* @param value
* The byte array containing the octet string data.
+ * @return A reference to this ASN.1 writer.
+ * @throws IOException
+ * If an error occurs while writing the element.
+ */
+ ASN1Writer writeOctetString(byte[] value) throws IOException;
+
+
+
+ /**
+ * Writes an octet string element using the Universal Octet String ASN.1 type
+ * tag.
+ *
+ * @param value
+ * The byte array containing the octet string data.
* @param offset
* The offset in the byte array.
* @param length
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/asn1/AbstractASN1Writer.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/asn1/AbstractASN1Writer.java
index fb3b9cd..2bc4029 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/asn1/AbstractASN1Writer.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/asn1/AbstractASN1Writer.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2006-2009 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.asn1;
@@ -106,6 +107,27 @@
/**
* {@inheritDoc}
*/
+ public ASN1Writer writeOctetString(byte type, byte[] value)
+ throws IOException
+ {
+ return writeOctetString(type, value, 0, value.length);
+ }
+
+
+
+ /**
+ * {@inheritDoc}
+ */
+ public ASN1Writer writeOctetString(byte[] value) throws IOException
+ {
+ return writeOctetString(value, 0, value.length);
+ }
+
+
+
+ /**
+ * {@inheritDoc}
+ */
public ASN1Writer writeOctetString(final byte[] value, final int offset,
final int length) throws IOException
{
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/ByteString.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/ByteString.java
index bd2953e..9985b16 100755
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/ByteString.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/ByteString.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2009-2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap;
@@ -157,11 +158,7 @@
*/
public static ByteString valueOf(final char[] chars)
{
- Charset utf8 = Charset.forName("UTF-8");
- ByteBuffer buffer = utf8.encode(CharBuffer.wrap(chars));
- byte[] bytes = new byte[buffer.remaining()];
- buffer.get(bytes);
- return wrap(bytes);
+ return wrap(StaticUtils.getBytes(chars));
}
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/BindClientImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/BindClientImpl.java
index 1d8c7a6..8396e18 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/BindClientImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/BindClientImpl.java
@@ -23,13 +23,13 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
-import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.ConnectionSecurityLayer;
import org.forgerock.opendj.ldap.ErrorResultException;
import org.forgerock.opendj.ldap.controls.Control;
@@ -56,9 +56,9 @@
*/
BindClientImpl(final BindRequest initialBindRequest)
{
- this.nextBindRequest = new GenericBindRequestImpl(initialBindRequest
- .getName(), initialBindRequest.getAuthenticationType(), ByteString
- .empty(), this);
+ this.nextBindRequest = new GenericBindRequestImpl(
+ initialBindRequest.getName(),
+ initialBindRequest.getAuthenticationType(), new byte[0], this);
for (final Control control : initialBindRequest.getControls())
{
this.nextBindRequest.addControl(control);
@@ -141,8 +141,7 @@
* The authentication value to be used in the next bind request.
* @return A reference to this bind client.
*/
- final BindClient setNextAuthenticationValue(
- final ByteString authenticationValue)
+ final BindClient setNextAuthenticationValue(final byte[] authenticationValue)
{
nextBindRequest.setAuthenticationValue(authenticationValue);
return this;
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequest.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequest.java
index 1602c46..dbf600d 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequest.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequest.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
@@ -32,7 +33,6 @@
import java.util.List;
import org.forgerock.i18n.LocalizedIllegalArgumentException;
-import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.DecodeException;
import org.forgerock.opendj.ldap.DecodeOptions;
import org.forgerock.opendj.ldap.ErrorResultException;
@@ -133,10 +133,14 @@
/**
* Returns the password of the user that the client wishes to bind as.
+ * <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * returned password byte array, allowing applications to overwrite the
+ * password after it has been used.
*
* @return The password of the user that the client wishes to bind as.
*/
- ByteString getPassword();
+ byte[] getPassword();
@@ -172,6 +176,10 @@
/**
* Sets the password of the user that the client wishes to bind as.
+ * <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * provided password byte array, allowing applications to overwrite the
+ * password after it has been used.
*
* @param password
* The password of the user that the client wishes to bind as, which
@@ -182,7 +190,7 @@
* @throws NullPointerException
* If {@code password} was {@code null}.
*/
- CRAMMD5SASLBindRequest setPassword(ByteString password)
+ CRAMMD5SASLBindRequest setPassword(byte[] password)
throws UnsupportedOperationException, NullPointerException;
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestImpl.java
index 6fcadb0..1ec5200 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestImpl.java
@@ -23,12 +23,14 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
+import static com.forgerock.opendj.util.StaticUtils.copyOfBytes;
import static org.forgerock.opendj.ldap.ErrorResultException.newErrorResult;
import javax.security.auth.callback.NameCallback;
@@ -44,6 +46,7 @@
import org.forgerock.opendj.ldap.responses.BindResult;
import org.forgerock.opendj.ldap.responses.Responses;
+import com.forgerock.opendj.util.StaticUtils;
import com.forgerock.opendj.util.Validator;
@@ -69,7 +72,7 @@
super(initialBindRequest);
this.authenticationID = initialBindRequest.getAuthenticationID();
- this.password = initialBindRequest.getPassword();
+ this.password = ByteString.wrap(initialBindRequest.getPassword());
try
{
@@ -153,12 +156,12 @@
private String authenticationID;
- private ByteString password;
+ private byte[] password;
CRAMMD5SASLBindRequestImpl(final String authenticationID,
- final ByteString password)
+ final byte[] password)
{
Validator.ensureNotNull(authenticationID, password);
this.authenticationID = authenticationID;
@@ -182,7 +185,7 @@
{
super(cramMD5SASLBindRequest);
this.authenticationID = cramMD5SASLBindRequest.getAuthenticationID();
- this.password = cramMD5SASLBindRequest.getPassword();
+ this.password = copyOfBytes(cramMD5SASLBindRequest.getPassword());
}
@@ -211,7 +214,7 @@
/**
* {@inheritDoc}
*/
- public ByteString getPassword()
+ public byte[] getPassword()
{
return password;
}
@@ -244,7 +247,7 @@
/**
* {@inheritDoc}
*/
- public CRAMMD5SASLBindRequest setPassword(final ByteString password)
+ public CRAMMD5SASLBindRequest setPassword(final byte[] password)
throws NullPointerException
{
Validator.ensureNotNull(password);
@@ -261,7 +264,7 @@
throws NullPointerException
{
Validator.ensureNotNull(password);
- this.password = ByteString.valueOf(password);
+ this.password = StaticUtils.getBytes(password);
return this;
}
@@ -279,7 +282,7 @@
builder.append(", authenticationID=");
builder.append(authenticationID);
builder.append(", password=");
- builder.append(password);
+ builder.append(ByteString.wrap(password));
builder.append(", controls=");
builder.append(getControls());
builder.append(")");
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequest.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequest.java
index 472d9f4..9bb5305 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequest.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequest.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
@@ -33,7 +34,6 @@
import java.util.Map;
import org.forgerock.i18n.LocalizedIllegalArgumentException;
-import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.DecodeException;
import org.forgerock.opendj.ldap.DecodeOptions;
import org.forgerock.opendj.ldap.ErrorResultException;
@@ -323,10 +323,14 @@
/**
* Returns the password of the user that the client wishes to bind as.
+ * <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * returned password byte array, allowing applications to overwrite the
+ * password after it has been used.
*
* @return The password of the user that the client wishes to bind as.
*/
- ByteString getPassword();
+ byte[] getPassword();
@@ -485,6 +489,10 @@
/**
* Sets the password of the user that the client wishes to bind as.
+ * <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * provided password byte array, allowing applications to overwrite the
+ * password after it has been used.
*
* @param password
* The password of the user that the client wishes to bind as, which
@@ -495,7 +503,7 @@
* @throws NullPointerException
* If {@code password} was {@code null}.
*/
- DigestMD5SASLBindRequest setPassword(ByteString password)
+ DigestMD5SASLBindRequest setPassword(byte[] password)
throws UnsupportedOperationException, NullPointerException;
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestImpl.java
index 3dae736..66cdaa6 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestImpl.java
@@ -23,12 +23,14 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
+import static com.forgerock.opendj.util.StaticUtils.copyOfBytes;
import static com.forgerock.opendj.util.StaticUtils.getExceptionMessage;
import static com.forgerock.opendj.util.StaticUtils.joinCollection;
import static org.forgerock.opendj.ldap.CoreMessages.ERR_SASL_PROTOCOL_ERROR;
@@ -51,6 +53,7 @@
import org.forgerock.opendj.ldap.ResultCode;
import org.forgerock.opendj.ldap.responses.BindResult;
+import com.forgerock.opendj.util.StaticUtils;
import com.forgerock.opendj.util.Validator;
@@ -77,7 +80,7 @@
super(initialBindRequest);
this.authenticationID = initialBindRequest.getAuthenticationID();
- this.password = initialBindRequest.getPassword();
+ this.password = ByteString.wrap(initialBindRequest.getPassword());
this.realm = initialBindRequest.getRealm();
// Create property map containing all the parameters.
@@ -299,13 +302,13 @@
private String authenticationID;
private String authorizationID = null;
- private ByteString password;
+ private byte[] password;
private String realm = null;
DigestMD5SASLBindRequestImpl(final String authenticationID,
- final ByteString password)
+ final byte[] password)
{
Validator.ensureNotNull(authenticationID, password);
this.authenticationID = authenticationID;
@@ -340,7 +343,7 @@
this.authenticationID = digestMD5SASLBindRequest.getAuthenticationID();
this.authorizationID = digestMD5SASLBindRequest.getAuthorizationID();
- this.password = digestMD5SASLBindRequest.getPassword();
+ this.password = copyOfBytes(digestMD5SASLBindRequest.getPassword());
this.realm = digestMD5SASLBindRequest.getRealm();
}
@@ -459,7 +462,7 @@
* {@inheritDoc}
*/
@Override
- public ByteString getPassword()
+ public byte[] getPassword()
{
return password;
}
@@ -580,7 +583,7 @@
* {@inheritDoc}
*/
@Override
- public DigestMD5SASLBindRequest setPassword(final ByteString password)
+ public DigestMD5SASLBindRequest setPassword(final byte[] password)
throws NullPointerException
{
Validator.ensureNotNull(password);
@@ -598,7 +601,7 @@
throws NullPointerException
{
Validator.ensureNotNull(password);
- this.password = ByteString.valueOf(password);
+ this.password = StaticUtils.getBytes(password);
return this;
}
@@ -645,7 +648,7 @@
builder.append(", realm=");
builder.append(realm);
builder.append(", password=");
- builder.append(password);
+ builder.append(ByteString.wrap(password));
builder.append(", controls=");
builder.append(getControls());
builder.append(")");
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequest.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequest.java
index a981e7f..9a1df37 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequest.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequest.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
@@ -35,7 +36,6 @@
import javax.security.auth.Subject;
import org.forgerock.i18n.LocalizedIllegalArgumentException;
-import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.DecodeException;
import org.forgerock.opendj.ldap.DecodeOptions;
import org.forgerock.opendj.ldap.ErrorResultException;
@@ -270,11 +270,15 @@
/**
* Returns the password of the user that the client wishes to bind as.
* <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * returned password byte array, allowing applications to overwrite the
+ * password after it has been used.
+ * <p>
* <b>NOTE</b>: this will not be used if a {@code Subject} is specified.
*
* @return The password of the user that the client wishes to bind as.
*/
- ByteString getPassword();
+ byte[] getPassword();
@@ -431,6 +435,10 @@
/**
* Sets the password of the user that the client wishes to bind as.
* <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * provided password byte array, allowing applications to overwrite the
+ * password after it has been used.
+ * <p>
* <b>NOTE</b>: this will not be used if a {@code Subject} is specified.
*
* @param password
@@ -442,7 +450,7 @@
* @throws NullPointerException
* If {@code password} was {@code null}.
*/
- GSSAPISASLBindRequest setPassword(ByteString password)
+ GSSAPISASLBindRequest setPassword(byte[] password)
throws UnsupportedOperationException, NullPointerException;
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestImpl.java
index 86f741d..07d3e6b 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestImpl.java
@@ -23,12 +23,14 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
+import static com.forgerock.opendj.util.StaticUtils.copyOfBytes;
import static com.forgerock.opendj.util.StaticUtils.getExceptionMessage;
import static com.forgerock.opendj.util.StaticUtils.joinCollection;
import static org.forgerock.opendj.ldap.CoreMessages.*;
@@ -176,8 +178,10 @@
}
else
{
- this.subject = kerberos5Login(initialBindRequest.getAuthenticationID(),
- initialBindRequest.getPassword(), initialBindRequest.getRealm(),
+ this.subject = kerberos5Login(
+ initialBindRequest.getAuthenticationID(),
+ ByteString.wrap(initialBindRequest.getPassword()),
+ initialBindRequest.getRealm(),
initialBindRequest.getKDCAddress());
}
@@ -369,7 +373,7 @@
// Ignored if subject is non-null.
private String authenticationID = null;
- private ByteString password = null;
+ private byte[] password = null;
private String realm = null;
private String kdcAddress = null;
@@ -389,7 +393,7 @@
GSSAPISASLBindRequestImpl(final String authenticationID,
- final ByteString password)
+ final byte[] password)
{
Validator.ensureNotNull(authenticationID, password);
this.authenticationID = authenticationID;
@@ -415,7 +419,7 @@
this.subject = gssapiSASLBindRequest.getSubject();
this.authenticationID = gssapiSASLBindRequest.getAuthenticationID();
- this.password = gssapiSASLBindRequest.getPassword();
+ this.password = copyOfBytes(gssapiSASLBindRequest.getPassword());
this.realm = gssapiSASLBindRequest.getRealm();
this.kdcAddress = gssapiSASLBindRequest.getKDCAddress();
@@ -554,7 +558,7 @@
* {@inheritDoc}
*/
@Override
- public ByteString getPassword()
+ public byte[] getPassword()
{
return password;
}
@@ -684,7 +688,7 @@
* {@inheritDoc}
*/
@Override
- public GSSAPISASLBindRequest setPassword(final ByteString password)
+ public GSSAPISASLBindRequest setPassword(final byte[] password)
throws NullPointerException
{
Validator.ensureNotNull(password);
@@ -702,7 +706,7 @@
throws NullPointerException
{
Validator.ensureNotNull(password);
- this.password = ByteString.valueOf(password);
+ this.password = StaticUtils.getBytes(password);
return this;
}
@@ -772,7 +776,7 @@
builder.append(", realm=");
builder.append(realm);
builder.append(", password=");
- builder.append(password);
+ builder.append(ByteString.wrap(password));
}
builder.append(", controls=");
builder.append(getControls());
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequest.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequest.java
index 32880eb..997fae7 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequest.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequest.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2009 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
@@ -70,10 +71,14 @@
/**
* Returns the authentication information for this bind request. The content
* is defined by the authentication mechanism.
+ * <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * returned byte array, allowing applications to overwrite any sensitive data
+ * such as passwords after it has been used.
*
* @return The authentication information.
*/
- ByteString getAuthenticationValue();
+ byte[] getAuthenticationValue();
@@ -121,6 +126,10 @@
/**
* Sets the authentication information for this generic bind request in a form
* defined by the authentication mechanism.
+ * <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * returned byte array, allowing applications to overwrite any sensitive data
+ * such as passwords after it has been used.
*
* @param bytes
* The authentication information for this generic bind request in a
@@ -132,7 +141,7 @@
* @throws NullPointerException
* If {@code bytes} was {@code null}.
*/
- GenericBindRequest setAuthenticationValue(ByteString bytes)
+ GenericBindRequest setAuthenticationValue(byte[] bytes)
throws UnsupportedOperationException, NullPointerException;
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequestImpl.java
index d87dac2..6eb51ef 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/GenericBindRequestImpl.java
@@ -23,12 +23,15 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
+import static com.forgerock.opendj.util.StaticUtils.copyOfBytes;
+
import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.ErrorResultException;
@@ -46,7 +49,7 @@
private String name;
- private ByteString authenticationValue;
+ private byte[] authenticationValue;
private byte authenticationType;
@@ -56,7 +59,7 @@
* Creates a new generic bind request using a generic bind client.
*/
GenericBindRequestImpl(final String name, final byte authenticationType,
- final ByteString authenticationValue)
+ final byte[] authenticationValue)
{
this.name = name;
this.authenticationType = authenticationType;
@@ -73,7 +76,7 @@
* package.
*/
GenericBindRequestImpl(final String name, final byte authenticationType,
- final ByteString authenticationValue, final BindClient bindClient)
+ final byte[] authenticationValue, final BindClient bindClient)
{
this.name = name;
this.authenticationType = authenticationType;
@@ -98,8 +101,10 @@
{
super(genericBindRequest);
this.name = genericBindRequest.getName();
- this.authenticationType = genericBindRequest.getAuthenticationType();
- this.authenticationValue = genericBindRequest.getAuthenticationValue();
+ this.authenticationType = genericBindRequest
+ .getAuthenticationType();
+ this.authenticationValue = copyOfBytes(genericBindRequest
+ .getAuthenticationValue());
this.bindClient = null; // Create a new bind client each time.
}
@@ -134,7 +139,7 @@
/**
* {@inheritDoc}
*/
- public ByteString getAuthenticationValue()
+ public byte[] getAuthenticationValue()
{
return authenticationValue;
}
@@ -167,7 +172,7 @@
/**
* {@inheritDoc}
*/
- public GenericBindRequest setAuthenticationValue(final ByteString bytes)
+ public GenericBindRequest setAuthenticationValue(final byte[] bytes)
throws UnsupportedOperationException, NullPointerException
{
Validator.ensureNotNull(bytes);
@@ -202,7 +207,7 @@
builder.append(", authenticationType=");
builder.append(getAuthenticationType());
builder.append(", authenticationValue=");
- builder.append(getAuthenticationValue());
+ builder.append(ByteString.wrap(getAuthenticationValue()));
builder.append(", controls=");
builder.append(getControls());
builder.append(")");
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequest.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequest.java
index db9932e..c212e90 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequest.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequest.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
@@ -32,7 +33,6 @@
import java.util.List;
import org.forgerock.i18n.LocalizedIllegalArgumentException;
-import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.DecodeException;
import org.forgerock.opendj.ldap.DecodeOptions;
import org.forgerock.opendj.ldap.ErrorResultException;
@@ -140,10 +140,14 @@
/**
* Returns the password of the user that the client wishes to bind as.
+ * <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * returned password byte array, allowing applications to overwrite the
+ * password after it has been used.
*
* @return The password of the user that the client wishes to bind as.
*/
- ByteString getPassword();
+ byte[] getPassword();
@@ -201,6 +205,10 @@
/**
* Sets the password of the user that the client wishes to bind as.
+ * <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * provided password byte array, allowing applications to overwrite the
+ * password after it has been used.
*
* @param password
* The password of the user that the client wishes to bind as, which
@@ -211,7 +219,7 @@
* @throws NullPointerException
* If {@code password} was {@code null}.
*/
- PlainSASLBindRequest setPassword(ByteString password)
+ PlainSASLBindRequest setPassword(byte[] password)
throws UnsupportedOperationException, NullPointerException;
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestImpl.java
index 3732b8a..8ef08ef 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestImpl.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
@@ -43,6 +44,7 @@
import org.forgerock.opendj.ldap.ResultCode;
import org.forgerock.opendj.ldap.responses.BindResult;
+import com.forgerock.opendj.util.StaticUtils;
import com.forgerock.opendj.util.Validator;
@@ -68,7 +70,7 @@
super(initialBindRequest);
this.authenticationID = initialBindRequest.getAuthenticationID();
- this.password = initialBindRequest.getPassword();
+ this.password = ByteString.wrap(initialBindRequest.getPassword());
try
{
@@ -139,12 +141,12 @@
private String authenticationID;
private String authorizationID;
- private ByteString password;
+ private byte[] password;
PlainSASLBindRequestImpl(final String authenticationID,
- final ByteString password)
+ final byte[] password)
{
Validator.ensureNotNull(authenticationID, password);
this.authenticationID = authenticationID;
@@ -169,7 +171,7 @@
super(plainSASLBindRequest);
this.authenticationID = plainSASLBindRequest.getAuthenticationID();
this.authorizationID = plainSASLBindRequest.getAuthorizationID();
- this.password = plainSASLBindRequest.getPassword();
+ this.password = StaticUtils.copyOfBytes(plainSASLBindRequest.getPassword());
}
@@ -196,7 +198,7 @@
- public ByteString getPassword()
+ public byte[] getPassword()
{
return password;
}
@@ -230,7 +232,7 @@
- public PlainSASLBindRequest setPassword(final ByteString password)
+ public PlainSASLBindRequest setPassword(final byte[] password)
{
Validator.ensureNotNull(password);
this.password = password;
@@ -246,7 +248,7 @@
throws NullPointerException
{
Validator.ensureNotNull(password);
- this.password = ByteString.valueOf(password);
+ this.password = StaticUtils.getBytes(password);
return this;
}
@@ -266,7 +268,7 @@
builder.append(", authorizationID=");
builder.append(authorizationID);
builder.append(", password=");
- builder.append(password);
+ builder.append(ByteString.wrap(password));
builder.append(", controls=");
builder.append(getControls());
builder.append(")");
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/Requests.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/Requests.java
index 7a26ba4..e2d3687 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/Requests.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/Requests.java
@@ -23,12 +23,15 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.getBytes;
import static org.forgerock.opendj.ldap.CoreMessages.WARN_READ_LDIF_RECORD_CHANGE_RECORD_WRONG_TYPE;
import javax.net.ssl.SSLContext;
@@ -300,6 +303,30 @@
* of the user, or "u:" followed by a user ID string, but other forms
* are permitted.
* @param password
+ * The password of the user that the client wishes to bind as.
+ * @return The new CRAM-MD5 SASL bind request.
+ * @throws NullPointerException
+ * If {@code authenticationID} or {@code password} was {@code null}.
+ */
+ public static CRAMMD5SASLBindRequest newCRAMMD5SASLBindRequest(
+ final String authenticationID, final byte[] password)
+ throws NullPointerException
+ {
+ return new CRAMMD5SASLBindRequestImpl(authenticationID, password);
+ }
+
+
+
+ /**
+ * Creates a new CRAM-MD5 SASL bind request having the provided authentication
+ * ID and password.
+ *
+ * @param authenticationID
+ * The authentication ID of the user. The authentication ID usually
+ * has the form "dn:" immediately followed by the distinguished name
+ * of the user, or "u:" followed by a user ID string, but other forms
+ * are permitted.
+ * @param password
* The password of the user that the client wishes to bind as. The
* password will be converted to a UTF-8 octet string.
* @return The new CRAM-MD5 SASL bind request.
@@ -307,10 +334,10 @@
* If {@code authenticationID} or {@code password} was {@code null}.
*/
public static CRAMMD5SASLBindRequest newCRAMMD5SASLBindRequest(
- final String authenticationID, final ByteString password)
+ final String authenticationID, final char[] password)
throws NullPointerException
{
- return new CRAMMD5SASLBindRequestImpl(authenticationID, password);
+ return new CRAMMD5SASLBindRequestImpl(authenticationID, getBytes(password));
}
@@ -364,6 +391,30 @@
* of the user, or "u:" followed by a user ID string, but other forms
* are permitted.
* @param password
+ * The password of the user that the client wishes to bind as.
+ * @return The new DIGEST-MD5 SASL bind request.
+ * @throws NullPointerException
+ * If {@code authenticationID} or {@code password} was {@code null}.
+ */
+ public static DigestMD5SASLBindRequest newDigestMD5SASLBindRequest(
+ final String authenticationID, final byte[] password)
+ throws NullPointerException
+ {
+ return new DigestMD5SASLBindRequestImpl(authenticationID, password);
+ }
+
+
+
+ /**
+ * Creates a new DIGEST-MD5 SASL bind request having the provided
+ * authentication ID and password, but no realm or authorization ID.
+ *
+ * @param authenticationID
+ * The authentication ID of the user. The authentication ID usually
+ * has the form "dn:" immediately followed by the distinguished name
+ * of the user, or "u:" followed by a user ID string, but other forms
+ * are permitted.
+ * @param password
* The password of the user that the client wishes to bind as. The
* password will be converted to a UTF-8 octet string.
* @return The new DIGEST-MD5 SASL bind request.
@@ -371,10 +422,11 @@
* If {@code authenticationID} or {@code password} was {@code null}.
*/
public static DigestMD5SASLBindRequest newDigestMD5SASLBindRequest(
- final String authenticationID, final ByteString password)
+ final String authenticationID, final char[] password)
throws NullPointerException
{
- return new DigestMD5SASLBindRequestImpl(authenticationID, password);
+ return new DigestMD5SASLBindRequestImpl(authenticationID,
+ getBytes(password));
}
@@ -406,7 +458,7 @@
* If {@code authenticationValue} was {@code null}.
*/
public static GenericBindRequest newGenericBindRequest(
- final byte authenticationType, final ByteString authenticationValue)
+ final byte authenticationType, final byte[] authenticationValue)
throws NullPointerException
{
Validator.ensureNotNull(authenticationValue);
@@ -438,7 +490,7 @@
* If {@code name} or {@code authenticationValue} was {@code null}.
*/
public static GenericBindRequest newGenericBindRequest(final String name,
- final byte authenticationType, final ByteString authenticationValue)
+ final byte authenticationType, final byte[] authenticationValue)
throws NullPointerException
{
Validator.ensureNotNull(name, authenticationValue);
@@ -502,6 +554,30 @@
* of the user, or "u:" followed by a user ID string, but other forms
* are permitted.
* @param password
+ * The password of the user that the client wishes to bind as.
+ * @return The new GSSAPI SASL bind request.
+ * @throws NullPointerException
+ * If {@code authenticationID} or {@code password} was {@code null}.
+ */
+ public static GSSAPISASLBindRequest newGSSAPISASLBindRequest(
+ final String authenticationID, final byte[] password)
+ throws NullPointerException
+ {
+ return new GSSAPISASLBindRequestImpl(authenticationID, password);
+ }
+
+
+
+ /**
+ * Creates a new GSSAPI SASL bind request having the provided authentication
+ * ID and password, but no realm, KDC address, or authorization ID.
+ *
+ * @param authenticationID
+ * The authentication ID of the user. The authentication ID usually
+ * has the form "dn:" immediately followed by the distinguished name
+ * of the user, or "u:" followed by a user ID string, but other forms
+ * are permitted.
+ * @param password
* The password of the user that the client wishes to bind as. The
* password will be converted to a UTF-8 octet string.
* @return The new GSSAPI SASL bind request.
@@ -509,10 +585,10 @@
* If {@code authenticationID} or {@code password} was {@code null}.
*/
public static GSSAPISASLBindRequest newGSSAPISASLBindRequest(
- final String authenticationID, final ByteString password)
+ final String authenticationID, final char[] password)
throws NullPointerException
{
- return new GSSAPISASLBindRequestImpl(authenticationID, password);
+ return new GSSAPISASLBindRequestImpl(authenticationID, getBytes(password));
}
@@ -714,6 +790,30 @@
* of the user, or "u:" followed by a user ID string, but other forms
* are permitted.
* @param password
+ * The password of the user that the client wishes to bind as.
+ * @return The new Plain SASL bind request.
+ * @throws NullPointerException
+ * If {@code authenticationID} or {@code password} was {@code null}.
+ */
+ public static PlainSASLBindRequest newPlainSASLBindRequest(
+ final String authenticationID, final byte[] password)
+ throws NullPointerException
+ {
+ return new PlainSASLBindRequestImpl(authenticationID, password);
+ }
+
+
+
+ /**
+ * Creates a new Plain SASL bind request having the provided authentication ID
+ * and password, but no authorization ID.
+ *
+ * @param authenticationID
+ * The authentication ID of the user. The authentication ID usually
+ * has the form "dn:" immediately followed by the distinguished name
+ * of the user, or "u:" followed by a user ID string, but other forms
+ * are permitted.
+ * @param password
* The password of the user that the client wishes to bind as. The
* password will be converted to a UTF-8 octet string.
* @return The new Plain SASL bind request.
@@ -721,10 +821,10 @@
* If {@code authenticationID} or {@code password} was {@code null}.
*/
public static PlainSASLBindRequest newPlainSASLBindRequest(
- final String authenticationID, final ByteString password)
+ final String authenticationID, final char[] password)
throws NullPointerException
{
- return new PlainSASLBindRequestImpl(authenticationID, password);
+ return new PlainSASLBindRequestImpl(authenticationID, getBytes(password));
}
@@ -811,7 +911,7 @@
*/
public static SimpleBindRequest newSimpleBindRequest()
{
- return new SimpleBindRequestImpl("", ByteString.empty());
+ return new SimpleBindRequestImpl("", EMPTY_BYTES);
}
@@ -837,10 +937,40 @@
* If {@code name} or {@code password} was {@code null}.
*/
public static SimpleBindRequest newSimpleBindRequest(final String name,
+ final byte[] password) throws NullPointerException
+ {
+ Validator.ensureNotNull(name, password);
+ return new SimpleBindRequestImpl(name, password);
+ }
+
+
+
+ /**
+ * Creates a new simple bind request having the provided name and password
+ * suitable for name/password authentication. The name will be decoded using
+ * the default schema.
+ * <p>
+ * The LDAP protocol defines the Bind name to be a distinguished name, however
+ * some LDAP implementations have relaxed this constraint and allow other
+ * identities to be used, such as the user's email address.
+ *
+ * @param name
+ * The name of the Directory object that the client wishes to bind
+ * as, which may be empty.
+ * @param password
+ * The password of the Directory object that the client wishes to
+ * bind as, which may be empty indicating that an unauthenticated
+ * bind is to be performed. The password will be converted to a UTF-8
+ * octet string.
+ * @return The new simple bind request.
+ * @throws NullPointerException
+ * If {@code name} or {@code password} was {@code null}.
+ */
+ public static SimpleBindRequest newSimpleBindRequest(final String name,
final char[] password) throws NullPointerException
{
Validator.ensureNotNull(name, password);
- return new SimpleBindRequestImpl(name, ByteString.valueOf(password));
+ return new SimpleBindRequestImpl(name, getBytes(password));
}
@@ -995,6 +1125,9 @@
/**
* Creates an unmodifiable CRAM MD5 SASL bind request of the provided request.
+ * <p>
+ * The returned bind request creates defensive copies of the password in order
+ * to maintain immutability.
*
* @param request
* The CRAM MD5 SASL bind request to be copied.
@@ -1038,6 +1171,9 @@
/**
* Creates an unmodifiable digest MD5 SASL bind request of the provided
* request.
+ * <p>
+ * The returned bind request creates defensive copies of the password in order
+ * to maintain immutability.
*
* @param request
* The digest MD5 SASL bind request to be copied.
@@ -1080,6 +1216,9 @@
/**
* Creates an unmodifiable generic bind request of the provided request.
+ * <p>
+ * The returned bind request creates defensive copies of the authentication
+ * value in order to maintain immutability.
*
* @param request
* The generic bind request to be copied.
@@ -1122,6 +1261,9 @@
/**
* Creates an unmodifiable GSSAPI SASL bind request of the provided request.
+ * <p>
+ * The returned bind request creates defensive copies of the password in order
+ * to maintain immutability.
*
* @param request
* The GSSAPI SASL bind request to be copied.
@@ -1207,6 +1349,9 @@
/**
* Creates an unmodifiable plain SASL bind request of the provided request.
+ * <p>
+ * The returned bind request creates defensive copies of the password in order
+ * to maintain immutability.
*
* @param request
* The plain SASL bind request to be copied.
@@ -1249,6 +1394,9 @@
/**
* Creates an unmodifiable simple bind request of the provided request.
+ * <p>
+ * The returned bind request creates defensive copies of the password in order
+ * to maintain immutability.
*
* @param request
* The simple bind request to be copied.
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SASLBindClientImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SASLBindClientImpl.java
index a7fbff0..551edc6 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SASLBindClientImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SASLBindClientImpl.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2009 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
@@ -270,6 +271,6 @@
throw new RuntimeException("Error encoding SaslCredentials");
}
- return setNextAuthenticationValue(builder.toByteString());
+ return setNextAuthenticationValue(builder.toByteString().toByteArray());
}
}
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SimpleBindRequest.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SimpleBindRequest.java
index ab91c96..f4ae287 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SimpleBindRequest.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SimpleBindRequest.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2009-2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
@@ -31,7 +32,6 @@
import java.util.List;
-import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.DecodeException;
import org.forgerock.opendj.ldap.DecodeOptions;
import org.forgerock.opendj.ldap.ErrorResultException;
@@ -105,11 +105,15 @@
* Returns the password of the Directory object that the client wishes to bind
* as. The password may be empty (but never {@code null}) when used for of
* anonymous or unauthenticated binds.
+ * <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * returned password byte array, allowing applications to overwrite the
+ * password after it has been used.
*
* @return The password of the Directory object that the client wishes to bind
* as.
*/
- ByteString getPassword();
+ byte[] getPassword();
@@ -142,6 +146,10 @@
* Sets the password of the Directory object that the client wishes to bind
* as. The password may be empty (but never {@code null}) when used for of
* anonymous or unauthenticated binds.
+ * <p>
+ * Unless otherwise indicated, implementations will store a reference to the
+ * provided password byte array, allowing applications to overwrite the
+ * password after it has been used.
*
* @param password
* The password of the Directory object that the client wishes to
@@ -153,7 +161,7 @@
* @throws NullPointerException
* If {@code password} was {@code null}.
*/
- SimpleBindRequest setPassword(ByteString password)
+ SimpleBindRequest setPassword(byte[] password)
throws UnsupportedOperationException, NullPointerException;
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SimpleBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SimpleBindRequestImpl.java
index a0cd942..1462dc8 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SimpleBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/SimpleBindRequestImpl.java
@@ -23,17 +23,19 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
-import static com.forgerock.opendj.ldap.LDAPConstants.TYPE_AUTHENTICATION_SIMPLE;
+import static com.forgerock.opendj.ldap.LDAPConstants.*;
import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.ErrorResultException;
+import com.forgerock.opendj.util.StaticUtils;
import com.forgerock.opendj.util.Validator;
@@ -44,7 +46,7 @@
final class SimpleBindRequestImpl extends
AbstractBindRequest<SimpleBindRequest> implements SimpleBindRequest
{
- private ByteString password = ByteString.empty();
+ private byte[] password = new byte[0];
private String name = "".intern();
@@ -64,7 +66,7 @@
* @throws NullPointerException
* If {@code name} or {@code password} was {@code null}.
*/
- SimpleBindRequestImpl(final String name, final ByteString password)
+ SimpleBindRequestImpl(final String name, final byte[] password)
throws NullPointerException
{
this.name = name;
@@ -87,7 +89,7 @@
{
super(simpleBindRequest);
this.name = simpleBindRequest.getName();
- this.password = simpleBindRequest.getPassword();
+ this.password = StaticUtils.copyOfBytes(simpleBindRequest.getPassword());
}
@@ -121,7 +123,7 @@
/**
* {@inheritDoc}
*/
- public ByteString getPassword()
+ public byte[] getPassword()
{
return password;
}
@@ -144,7 +146,7 @@
/**
* {@inheritDoc}
*/
- public SimpleBindRequest setPassword(final ByteString password)
+ public SimpleBindRequest setPassword(final byte[] password)
throws UnsupportedOperationException, NullPointerException
{
Validator.ensureNotNull(password);
@@ -161,7 +163,7 @@
throws UnsupportedOperationException, NullPointerException
{
Validator.ensureNotNull(password);
- this.password = ByteString.valueOf(password);
+ this.password = StaticUtils.getBytes(password);
return this;
}
@@ -178,7 +180,7 @@
builder.append(getName());
builder.append(", authentication=simple");
builder.append(", password=");
- builder.append(getPassword());
+ builder.append(ByteString.wrap(getPassword()));
builder.append(", controls=");
builder.append(getControls());
builder.append(")");
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableCRAMMD5SASLBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableCRAMMD5SASLBindRequestImpl.java
index 0fe8b13..e3fecd5 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableCRAMMD5SASLBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableCRAMMD5SASLBindRequestImpl.java
@@ -23,12 +23,14 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
import org.forgerock.i18n.LocalizedIllegalArgumentException;
-import org.forgerock.opendj.ldap.ByteString;
+
+import com.forgerock.opendj.util.StaticUtils;
/**
* Unmodifiable CRAM-MD5 SASL bind request implementation.
@@ -47,8 +49,9 @@
}
@Override
- public ByteString getPassword() {
- return impl.getPassword();
+ public byte[] getPassword() {
+ // Defensive copy.
+ return StaticUtils.copyOfBytes(impl.getPassword());
}
@Override
@@ -58,7 +61,7 @@
}
@Override
- public CRAMMD5SASLBindRequest setPassword(ByteString password)
+ public CRAMMD5SASLBindRequest setPassword(byte[] password)
throws UnsupportedOperationException, NullPointerException {
throw new UnsupportedOperationException();
}
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableDigestMD5SASLBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableDigestMD5SASLBindRequestImpl.java
index 8ad7431..9fb6308 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableDigestMD5SASLBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableDigestMD5SASLBindRequestImpl.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
@@ -32,7 +33,8 @@
import java.util.Map;
import org.forgerock.i18n.LocalizedIllegalArgumentException;
-import org.forgerock.opendj.ldap.ByteString;
+
+import com.forgerock.opendj.util.StaticUtils;
/**
* Unmodifiable digest-MD5 SASL bind request implementation.
@@ -89,8 +91,9 @@
}
@Override
- public ByteString getPassword() {
- return impl.getPassword();
+ public byte[] getPassword() {
+ // Defensive copy.
+ return StaticUtils.copyOfBytes(impl.getPassword());
}
@Override
@@ -140,7 +143,7 @@
}
@Override
- public DigestMD5SASLBindRequest setPassword(ByteString password)
+ public DigestMD5SASLBindRequest setPassword(byte[] password)
throws UnsupportedOperationException, NullPointerException {
throw new UnsupportedOperationException();
}
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableGSSAPISASLBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableGSSAPISASLBindRequestImpl.java
index a74491c..fd81ff0 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableGSSAPISASLBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableGSSAPISASLBindRequestImpl.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
@@ -34,7 +35,8 @@
import javax.security.auth.Subject;
import org.forgerock.i18n.LocalizedIllegalArgumentException;
-import org.forgerock.opendj.ldap.ByteString;
+
+import com.forgerock.opendj.util.StaticUtils;
/**
* Unmodifiable GSSAPI SASL bind request implementation.
@@ -90,8 +92,9 @@
}
@Override
- public ByteString getPassword() {
- return impl.getPassword();
+ public byte[] getPassword() {
+ // Defensive copy.
+ return StaticUtils.copyOfBytes(impl.getPassword());
}
@Override
@@ -145,7 +148,7 @@
}
@Override
- public GSSAPISASLBindRequest setPassword(ByteString password)
+ public GSSAPISASLBindRequest setPassword(byte[] password)
throws UnsupportedOperationException, NullPointerException {
throw new UnsupportedOperationException();
}
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableGenericBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableGenericBindRequestImpl.java
index 0bde1b6..85cbdc5 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableGenericBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableGenericBindRequestImpl.java
@@ -23,11 +23,16 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
-import org.forgerock.opendj.ldap.ByteString;
+
+
+import com.forgerock.opendj.util.StaticUtils;
+
+
/**
* Unmodifiable generic bind request implementation.
@@ -40,8 +45,9 @@
super(impl);
}
- public ByteString getAuthenticationValue() {
- return impl.getAuthenticationValue();
+ public byte[] getAuthenticationValue() {
+ // Defensive copy.
+ return StaticUtils.copyOfBytes(impl.getAuthenticationValue());
}
public GenericBindRequest setAuthenticationType(byte type)
@@ -49,7 +55,7 @@
throw new UnsupportedOperationException();
}
- public GenericBindRequest setAuthenticationValue(ByteString bytes)
+ public GenericBindRequest setAuthenticationValue(byte[] bytes)
throws UnsupportedOperationException, NullPointerException {
throw new UnsupportedOperationException();
}
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiablePlainSASLBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiablePlainSASLBindRequestImpl.java
index bcc01b1..421614f 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiablePlainSASLBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiablePlainSASLBindRequestImpl.java
@@ -23,12 +23,14 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
import org.forgerock.i18n.LocalizedIllegalArgumentException;
-import org.forgerock.opendj.ldap.ByteString;
+
+import com.forgerock.opendj.util.StaticUtils;
/**
* Unmodifiable plain SASL bind request implementation.
@@ -52,8 +54,9 @@
}
@Override
- public ByteString getPassword() {
- return impl.getPassword();
+ public byte[] getPassword() {
+ // Defensive copy.
+ return StaticUtils.copyOfBytes(impl.getPassword());
}
@Override
@@ -70,7 +73,7 @@
}
@Override
- public PlainSASLBindRequest setPassword(ByteString password)
+ public PlainSASLBindRequest setPassword(byte[] password)
throws UnsupportedOperationException, NullPointerException {
throw new UnsupportedOperationException();
}
diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableSimpleBindRequestImpl.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableSimpleBindRequestImpl.java
index 8860a9c..d78a0ee 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableSimpleBindRequestImpl.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/requests/UnmodifiableSimpleBindRequestImpl.java
@@ -23,11 +23,16 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
-import org.forgerock.opendj.ldap.ByteString;
+
+
+import com.forgerock.opendj.util.StaticUtils;
+
+
/**
* Unmodifiable simple bind request implementation.
@@ -40,8 +45,9 @@
super(impl);
}
- public ByteString getPassword() {
- return impl.getPassword();
+ public byte[] getPassword() {
+ // Defensive copy.
+ return StaticUtils.copyOfBytes(impl.getPassword());
}
public SimpleBindRequest setName(String name)
@@ -49,7 +55,7 @@
throw new UnsupportedOperationException();
}
- public SimpleBindRequest setPassword(ByteString password)
+ public SimpleBindRequest setPassword(byte[] password)
throws UnsupportedOperationException, NullPointerException {
throw new UnsupportedOperationException();
}
diff --git a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/ConnectionFactoryTestCase.java b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/ConnectionFactoryTestCase.java
index 4ef9978..63677e9 100644
--- a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/ConnectionFactoryTestCase.java
+++ b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/ConnectionFactoryTestCase.java
@@ -160,7 +160,7 @@
factories[3][0] = new AuthenticatedConnectionFactory(
new LDAPConnectionFactory("localhost", TestCaseUtils.getLdapPort()),
Requests.newCRAMMD5SASLBindRequest("id:user",
- ByteString.valueOf("password")));
+ "password".toCharArray()));
// LDAPConnectionFactory with default options
factories[4][0] = new LDAPConnectionFactory("localhost",
@@ -189,8 +189,7 @@
factories[6][0] = new AuthenticatedConnectionFactory(
new LDAPConnectionFactory(new InetSocketAddress("127.0.0.1",
TestCaseUtils.getLdapPort()), options), Requests
- .newDigestMD5SASLBindRequest("id:user",
- ByteString.valueOf("password"))
+ .newDigestMD5SASLBindRequest("id:user", "password".toCharArray())
.addQOP(DigestMD5SASLBindRequest.QOP_AUTH_CONF)
.setCipher(DigestMD5SASLBindRequest.CIPHER_LOW));
@@ -282,8 +281,8 @@
// Use the handler to get the result asynchronously.
final CountDownLatch latch = new CountDownLatch(1);
final MyResultHandler handler = new MyResultHandler(latch);
- final FutureResult<AsynchronousConnection> future = factory
- .getAsynchronousConnection(handler);
+ factory.getAsynchronousConnection(handler);
+
// Since we don't have anything to do, we would rather
// be notified by the latch when the other thread calls our handler.
latch.await(); // should do a timed wait rather?
diff --git a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestTestCase.java b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestTestCase.java
index 8b201b3..587aa6a 100644
--- a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestTestCase.java
+++ b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestTestCase.java
@@ -23,13 +23,16 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
-import org.forgerock.opendj.ldap.ByteString;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.getBytes;
+
import org.forgerock.opendj.ldap.requests.CRAMMD5SASLBindRequest;
import org.forgerock.opendj.ldap.requests.Requests;
import org.testng.annotations.DataProvider;
@@ -45,8 +48,8 @@
public Object[][] getCRAMMD5SASLBindRequests() throws Exception
{
final CRAMMD5SASLBindRequest[] requests = {
- Requests.newCRAMMD5SASLBindRequest("id1", ByteString.empty()),
- Requests.newCRAMMD5SASLBindRequest("id2", ByteString.valueOf("test")) };
+ Requests.newCRAMMD5SASLBindRequest("id1", EMPTY_BYTES),
+ Requests.newCRAMMD5SASLBindRequest("id2", getBytes("test")) };
final Object[][] objArray = new Object[requests.length][1];
for (int i = 0; i < requests.length; i++)
{
diff --git a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestTestCase.java b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestTestCase.java
index 0f03d5d..876b5ae 100644
--- a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestTestCase.java
+++ b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestTestCase.java
@@ -23,23 +23,26 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.getBytes;
import static org.testng.Assert.assertEquals;
import java.util.Arrays;
-import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.requests.DigestMD5SASLBindRequest;
import org.forgerock.opendj.ldap.requests.Requests;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
+
/**
* Tests Digest MD5 SASL requests.
*/
@@ -49,9 +52,8 @@
public Object[][] getDigestMD5SASLBindRequests() throws Exception
{
final DigestMD5SASLBindRequest[] requests = {
- Requests.newDigestMD5SASLBindRequest("id1", ByteString.empty()),
- Requests.newDigestMD5SASLBindRequest("id2", ByteString
- .valueOf("password")) };
+ Requests.newDigestMD5SASLBindRequest("id1", EMPTY_BYTES),
+ Requests.newDigestMD5SASLBindRequest("id2", getBytes("password")) };
final Object[][] objArray = new Object[requests.length][1];
for (int i = 0; i < requests.length; i++)
{
diff --git a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestTestCase.java b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestTestCase.java
index 93c62a8..62fc204 100644
--- a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestTestCase.java
+++ b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestTestCase.java
@@ -23,17 +23,19 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.getBytes;
import static org.testng.Assert.assertEquals;
import java.util.Arrays;
-import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.requests.BindRequest;
import org.forgerock.opendj.ldap.requests.GSSAPISASLBindRequest;
import org.forgerock.opendj.ldap.requests.Requests;
@@ -49,9 +51,9 @@
public Object[][] getGSSAPISASLBindRequests() throws Exception
{
final GSSAPISASLBindRequest[] requests = {
- Requests.newGSSAPISASLBindRequest("id1", ByteString.empty()),
+ Requests.newGSSAPISASLBindRequest("id1", EMPTY_BYTES),
Requests
- .newGSSAPISASLBindRequest("id2", ByteString.valueOf("password")) };
+ .newGSSAPISASLBindRequest("id2", getBytes("password")) };
final Object[][] objArray = new Object[requests.length][1];
for (int i = 0; i < requests.length; i++)
{
diff --git a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/GenericBindRequestTestCase.java b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/GenericBindRequestTestCase.java
index 90e5559..92b2ef4 100644
--- a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/GenericBindRequestTestCase.java
+++ b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/GenericBindRequestTestCase.java
@@ -23,13 +23,16 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
-import org.forgerock.opendj.ldap.ByteString;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.getBytes;
+
import org.forgerock.opendj.ldap.requests.GenericBindRequest;
import org.forgerock.opendj.ldap.requests.Requests;
import org.testng.annotations.DataProvider;
@@ -48,13 +51,11 @@
{
final GenericBindRequest[] requests = {
Requests.newGenericBindRequest(LDAPConstants.TYPE_AUTHENTICATION_SASL,
- ByteString.empty()),
+ EMPTY_BYTES),
Requests.newGenericBindRequest(
- LDAPConstants.TYPE_AUTHENTICATION_SIMPLE, ByteString
- .valueOf("password")),
+ LDAPConstants.TYPE_AUTHENTICATION_SIMPLE, getBytes("password")),
Requests.newGenericBindRequest("username",
- LDAPConstants.TYPE_AUTHENTICATION_SIMPLE, ByteString
- .valueOf("password")) };
+ LDAPConstants.TYPE_AUTHENTICATION_SIMPLE, getBytes("password")) };
final Object[][] objArray = new Object[requests.length][1];
for (int i = 0; i < requests.length; i++)
{
diff --git a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestTestCase.java b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestTestCase.java
index 7411450..8c95570 100644
--- a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestTestCase.java
+++ b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestTestCase.java
@@ -23,13 +23,16 @@
*
*
* Copyright 2010 Sun Microsystems, Inc.
+ * Portions copyright 2011 ForgeRock AS
*/
package org.forgerock.opendj.ldap.requests;
-import org.forgerock.opendj.ldap.ByteString;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.getBytes;
+
import org.forgerock.opendj.ldap.requests.PlainSASLBindRequest;
import org.forgerock.opendj.ldap.requests.Requests;
import org.testng.annotations.DataProvider;
@@ -45,8 +48,8 @@
public Object[][] getPlainSASLBindRequests() throws Exception
{
final PlainSASLBindRequest[] requests = {
- Requests.newPlainSASLBindRequest("id1", ByteString.empty()),
- Requests.newPlainSASLBindRequest("id2", ByteString.valueOf("password")) };
+ Requests.newPlainSASLBindRequest("id1", EMPTY_BYTES),
+ Requests.newPlainSASLBindRequest("id2", getBytes("password")) };
final Object[][] objArray = new Object[requests.length][1];
for (int i = 0; i < requests.length; i++)
{
diff --git a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/RequestTestCase.java b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/RequestTestCase.java
index a8980d1..03be493 100644
--- a/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/RequestTestCase.java
+++ b/opendj3/opendj-ldap-sdk/src/test/java/org/forgerock/opendj/ldap/requests/RequestTestCase.java
@@ -129,7 +129,6 @@
/**
* Creates the test requests.
*
- * @param <T>
* @return
* @throws Exception
*/
diff --git a/opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/ConnectionFactoryProvider.java b/opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/ConnectionFactoryProvider.java
index e9bdd2b..f63cc74 100644
--- a/opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/ConnectionFactoryProvider.java
+++ b/opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/ConnectionFactoryProvider.java
@@ -604,20 +604,20 @@
{
bindRequest = Requests.newDigestMD5SASLBindRequest(
getAuthID(DigestMD5SASLBindRequest.SASL_MECHANISM_NAME),
- ByteString.valueOf(getPassword())).setAuthorizationID(getAuthzID())
+ getPassword()).setAuthorizationID(getAuthzID())
.setRealm(getRealm());
}
else if (mech.equals(CRAMMD5SASLBindRequest.SASL_MECHANISM_NAME))
{
bindRequest = Requests.newCRAMMD5SASLBindRequest(
- getAuthID(CRAMMD5SASLBindRequest.SASL_MECHANISM_NAME), ByteString
- .valueOf(getPassword()));
+ getAuthID(CRAMMD5SASLBindRequest.SASL_MECHANISM_NAME),
+ getPassword());
}
else if (mech.equals(GSSAPISASLBindRequest.SASL_MECHANISM_NAME))
{
bindRequest = Requests.newGSSAPISASLBindRequest(
getAuthID(GSSAPISASLBindRequest.SASL_MECHANISM_NAME),
- ByteString.valueOf(getPassword())).setKDCAddress(getKDC()).setRealm(
+ getPassword()).setKDCAddress(getKDC()).setRealm(
getRealm()).setAuthorizationID(getAuthzID());
}
else if (mech.equals(ExternalSASLBindRequest.SASL_MECHANISM_NAME))
@@ -641,7 +641,7 @@
{
bindRequest = Requests.newPlainSASLBindRequest(
getAuthID(PlainSASLBindRequest.SASL_MECHANISM_NAME),
- ByteString.valueOf(getPassword())).setAuthorizationID(getAuthzID());
+ getPassword()).setAuthorizationID(getAuthzID());
}
else
{
--
Gitblit v1.10.0