Skip to content

Commit

Permalink
QPID-8219: [Broker-J] Cache authentication results for the same remot…
Browse files Browse the repository at this point in the history 
…e hosts and credentials
  • Loading branch information
@alex-rufous
alex-rufous committed Jul 17, 2018
1 parent 38d5844 commit 4e240ba
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 25 deletions.
17 changes: 16 additions & 1 deletion ...rc/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationResultCacher.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@

package org.apache.qpid.server.security.auth.manager;

import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.AccessController;
Expand Down Expand Up @@ -117,7 +119,20 @@ private String digestCredentials(final String... content)
if (connectionPrincipals != null && !connectionPrincipals.isEmpty())
{
SocketConnectionPrincipal connectionPrincipal = connectionPrincipals.iterator().next();
md.update(connectionPrincipal.getRemoteAddress().toString().getBytes(UTF8));
SocketAddress remoteAddress = connectionPrincipal.getRemoteAddress();
String address;
if (remoteAddress instanceof InetSocketAddress)
{
address = ((InetSocketAddress) remoteAddress).getHostString();
}
else
{
address = remoteAddress.toString();
}
if (address != null)
{
md.update(address.getBytes(UTF8));
}
}

for (String part : content)
Expand Down
51 changes: 27 additions & 24 deletions ...est/java/org/apache/qpid/server/security/auth/manager/AuthenticationResultCacherTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,33 +115,36 @@ public Void run()


@Test
public void testCacheMissDifferentAddress() throws Exception
public void testCacheMissDifferentRemoteAddressHosts() throws Exception
{
Subject.doAs(_subject, new PrivilegedAction<Void>()
{
@Override
public Void run()
{
AuthenticationResult result;
result = _authenticationResultCacher.getOrLoad(new String[]{"credentials"}, _loader);
assertEquals("Unexpected AuthenticationResult", _successfulAuthenticationResult, result);
assertEquals("Unexpected number of loads before cache hit", (long) 1, (long) _loadCallCount);
return null;
}
});
final String credentials = "credentials";
assertGetOrLoad(credentials, _successfulAuthenticationResult, 1);
when(_connection.getRemoteSocketAddress()).thenReturn(new InetSocketAddress("example2.com", 8888));
assertGetOrLoad(credentials, _successfulAuthenticationResult, 2);
}

@Test
public void testCacheHitDifferentRemoteAddressPorts() throws Exception
{
final int expectedHitCount = 1;
final AuthenticationResult expectedResult = _successfulAuthenticationResult;
final String credentials = "credentials";

assertGetOrLoad(credentials, expectedResult, expectedHitCount);
when(_connection.getRemoteSocketAddress()).thenReturn(new InetSocketAddress("example.com", 8888));
Subject.doAs(_subject, new PrivilegedAction<Void>()
{
@Override
public Void run()
{
AuthenticationResult result;
result = _authenticationResultCacher.getOrLoad(new String[]{"credentials"}, _loader);
assertEquals("Unexpected AuthenticationResult", _successfulAuthenticationResult, result);
assertEquals("Unexpected number of loads before cache hit", (long) 2, (long) _loadCallCount);
return null;
}
assertGetOrLoad(credentials, expectedResult, expectedHitCount);
}

private void assertGetOrLoad(final String credentials,
final AuthenticationResult expectedResult,
final int expectedHitCount)
{
Subject.doAs(_subject, (PrivilegedAction<Void>) () -> {
AuthenticationResult result;
result = _authenticationResultCacher.getOrLoad(new String[]{credentials}, _loader);
assertEquals("Unexpected AuthenticationResult", expectedResult, result);
assertEquals("Unexpected number of loads before cache hit", (long)expectedHitCount, (long) _loadCallCount);
return null;
});
}
}

0 comments on commit 4e240ba

Please sign in to comment.