Skip to content
Browse files

Require SASL authentication for all operations

Change-Id: Ifcc3f284c43f95e94db732c6a884779912d4a7fd
Reviewed-on: http://review.couchbase.org/12899
Tested-by: Sergey Avseyev <sergey.avseyev@gmail.com>
Reviewed-by: Matt Ingenthron <matt@couchbase.com>
  • Loading branch information...
1 parent 74149fc commit 471a198bf6ee763d7f9f7d7ec04f566555151bdb @avsej avsej committed with ingenthr Feb 2, 2012
View
16 src/main/java/org/couchbase/mock/memcached/MemcachedConnection.java
@@ -33,8 +33,16 @@
private BinaryCommand command;
private final ByteBuffer input;
private final Queue<ByteBuffer> output;
+ private boolean authenticated;
+ private final MemcachedServer server;
public MemcachedConnection(MemcachedServer server) throws IOException {
+ this.server = server;
+ if (server.getBucket().getPassword().length() > 0) {
+ authenticated = false;
+ } else {
+ authenticated = true;
+ }
header = new byte[24];
input = ByteBuffer.wrap(header);
protocolHandler = server.getProtocolHandler();
@@ -83,4 +91,12 @@ public ByteBuffer getOutputBuffer() {
void shutdown() {
throw new UnsupportedOperationException("Not yet implemented");
}
+
+ void setAuthenticated(boolean state) {
+ authenticated = state;
+ }
+
+ public boolean isAuthenticated() {
+ return authenticated;
+ }
}
View
9 src/main/java/org/couchbase/mock/memcached/MemcachedServer.java
@@ -286,7 +286,14 @@ public Bucket getBucket()
public void execute(BinaryCommand cmd, MemcachedConnection client)
throws IOException {
try {
- executors[cmd.getComCode().cc()].execute(cmd, this, client);
+ if (client.isAuthenticated()
+ || cmd.getComCode() == ComCode.SASL_AUTH
+ || cmd.getComCode() == ComCode.SASL_LIST_MECHS
+ || cmd.getComCode() == ComCode.SASL_STEP) {
+ executors[cmd.getComCode().cc()].execute(cmd, this, client);
+ } else {
+ client.sendResponse(new BinaryResponse(cmd, ErrorCode.AUTH_ERROR));
+ }
} catch (AccessControlException ex) {
client.sendResponse(new BinaryResponse(cmd, ErrorCode.NOT_MY_VBUCKET));
}
View
1 src/main/java/org/couchbase/mock/memcached/SaslCommandExecutor.java
@@ -40,6 +40,7 @@ public void execute(BinaryCommand cmd, MemcachedServer server, MemcachedConnecti
Bucket bucket = server.getBucket();
if (bucket.getName().equals(clientin[1]) && bucket.getPassword().equals(clientin[2])) {
client.sendResponse(new BinarySaslResponse(cmd, "Authenticated"));
+ client.setAuthenticated(true);
} else {
client.sendResponse(new BinarySaslResponse(cmd, ErrorCode.AUTH_ERROR));
}

0 comments on commit 471a198

Please sign in to comment.
Something went wrong with that request. Please try again.