protected String deobfuscate(String value) { try { return value == null ? null : Obfuscator.decode(value); } catch (NumberFormatException nfe) {//detect unobfuscated properties from before patch //Assuming that this was in incorrect state from BZ840512 //logging that we found an unobfuscated value and if it's not part of patch/upgrade contact administrator LOG.error("Failed to deobfuscate property value: [" + value + "]. If this is not part of a patch/upgrade " + "then you should contact System Administrator to have the property details reset."); //Returning plain value to prevent Content Source load failure. On save should be correctly obfuscated return value; } catch (Exception e) { LOG.error("Failed to deobfuscate property value: [" + value + "]", e); throw new IllegalArgumentException("Failed to deobfuscate property value: [" + value + "]", e); } }
/** * Obfuscate the value right before it gets pushed down to the database. */ protected String obfuscate(String value) { try { return value == null ? null : Obfuscator.encode(value); } catch (Exception e) { LOG.error("Failed to obfuscate property value: [" + value + "]", e); throw new IllegalArgumentException("Failed to obfuscate property value: [" + value + "]", e); } }
private Map<String, String> getLdapOptions(Properties conf) throws Exception { Map<String, String> configOptions = new HashMap<String, String>(); configOptions.put(Context.INITIAL_CONTEXT_FACTORY, conf.getProperty(RHQConstants.LDAPFactory)); configOptions.put(Context.PROVIDER_URL, conf.getProperty(RHQConstants.LDAPUrl)); String value = conf.getProperty(SystemSetting.USE_SSL_FOR_LDAP.getInternalName()); boolean ldapSsl = "ssl".equalsIgnoreCase(value); configOptions.put(Context.SECURITY_PROTOCOL, (ldapSsl) ? "ssl" : null); configOptions.put("LoginProperty", conf.getProperty(RHQConstants.LDAPLoginProperty)); configOptions.put("Filter", conf.getProperty(RHQConstants.LDAPFilter)); configOptions.put("GroupFilter", conf.getProperty(RHQConstants.LDAPGroupFilter)); configOptions.put("GroupMemberFilter", conf.getProperty(RHQConstants.LDAPGroupMember)); configOptions.put("BaseDN", conf.getProperty(RHQConstants.LDAPBaseDN)); configOptions.put("BindDN", conf.getProperty(RHQConstants.LDAPBindDN)); configOptions.put("BindPW", Obfuscator.encode(conf.getProperty(RHQConstants.LDAPBindPW))); boolean followReferralsBoolean = Boolean.valueOf(conf.getProperty(SystemSetting.LDAP_FOLLOW_REFERRALS.getInternalName(), "false")); configOptions.put(Context.REFERRAL, followReferralsBoolean ? "follow" : "ignore"); return configOptions; }
@Override public void execute(DatabaseType type, Connection connection) throws SQLException { String sql = "SELECT id, string_value FROM rhq_config_property WHERE dtype = 'obfuscated'"; List<Object[]> results = type.executeSelectSql(connection, sql); for(Object[] row : results) { String value = (String) row[1]; //try to decode the value try { Obfuscator.decode(value); } catch (Exception e) { int id = ((Number) row[0]).intValue(); type.executeSql(connection, "UPDATE rhq_config_property SET string_value = NULL WHERE id = " + id); } } } }
String bindPW = options.get("BindPW"); try { bindPW = Obfuscator.decode(bindPW); } catch (Exception e) { LOG.debug("Failed to decode bindPW, binding using undecoded value [" + bindPW + "]", e);
private void obfuscateAgentInstall(AgentInstall ai) { try { String pw = ai.getSshPassword(); if (pw != null && pw.length() > 0) { ai.setSshPassword(Obfuscator.encode(pw)); } } catch (Exception e) { ai.setSshPassword(""); LOG.debug("Failed to obfuscate password for agent [" + ai.getAgentName() + "]. Will be emptied."); } }
private void deobfuscateAgentInstall(AgentInstall ai) { try { String pw = ai.getSshPassword(); if (pw != null && pw.length() > 0) { ai.setSshPassword(Obfuscator.decode(pw)); } } catch (Exception e) { ai.setSshPassword(""); LOG.debug("Failed to deobfuscate password for agent [" + ai.getAgentName() + "]. Will be emptied."); } }
private void processProperty(PropertyDefinition pd, Property p) throws Exception { switch (pd.type) { case LIST: case MAP: List<PropertyDefinition> childDefs = pd.getChildDefinitions(); List<Property> childProps = p.getChildren(); Map<PropertyDefinition, Property> pairs = matchDefinitionsAndProperties(childDefs, childProps); for (Map.Entry<PropertyDefinition, Property> entry : pairs.entrySet()) { processProperty(entry.getKey(), entry.getValue()); } break; case SIMPLE: if (pd.simpleType == PropertySimpleType.PASSWORD && p.type == PropertyType.SIMPLE) { String sql; if (p.value != null) { String obfuscatedValue = Obfuscator.encode(p.value); sql = "UPDATE rhq_config_property SET string_value = '" + obfuscatedValue + "', dtype = 'obfuscated' WHERE id = " + p.id; } else { sql = "UPDATE rhq_config_property SET dtype='obfuscated' WHERE id = " + p.id; } databaseType.executeSql(connection, sql); } break; } }
String bindPW = (String) options.get("BindPW"); try { bindPW = Obfuscator.decode(bindPW); } catch (Exception e) { log.debug("Failed to decode bindPW, validating using undecoded value [" + bindPW + "]", e);