From f10c64fc87fbbaa15f1f5e801326845f3e96daa2 Mon Sep 17 00:00:00 2001
From: gtully <gary.tully@gmail.com>
Date: Fri, 15 Jun 2018 19:55:31 +0100
Subject: [PATCH] ARTEMIS-1942 replace properties removed in error from
 internal config map

---
 .../core/security/jaas/LDAPLoginModule.java   |  6 ++-
 .../security/jaas/LDAPLoginModuleTest.java    | 37 +++++++++++++++++++
 2 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java
index 99648c278b..cc3c824d02 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java
@@ -84,7 +84,6 @@ public class LDAPLoginModule implements LoginModule {
    private static final String SASL_LOGIN_CONFIG_SCOPE = "saslLoginConfigScope";
    private static final String AUTHENTICATE_USER = "authenticateUser";
    private static final String REFERRAL = "referral";
-   private static final String MASK_PASSWORD = "maskPassword";
    private static final String PASSWORD_CODEC = "passwordCodec";
 
    protected DirContext context;
@@ -126,6 +125,9 @@ public class LDAPLoginModule implements LoginModule {
                                        new LDAPLoginProperty(USER_ROLE_NAME, (String) options.get(USER_ROLE_NAME)),
                                        new LDAPLoginProperty(EXPAND_ROLES, (String) options.get(EXPAND_ROLES)),
                                        new LDAPLoginProperty(EXPAND_ROLES_MATCHING, (String) options.get(EXPAND_ROLES_MATCHING)),
+                                       new LDAPLoginProperty(PASSWORD_CODEC, (String) options.get(PASSWORD_CODEC)),
+                                       new LDAPLoginProperty(SASL_LOGIN_CONFIG_SCOPE, (String) options.get(SASL_LOGIN_CONFIG_SCOPE)),
+                                       new LDAPLoginProperty(AUTHENTICATE_USER, (String) options.get(AUTHENTICATE_USER)),
                                        new LDAPLoginProperty(REFERRAL, (String) options.get(REFERRAL))};
 
       if (isLoginPropertySet(AUTHENTICATE_USER)) {
@@ -133,7 +135,7 @@ public class LDAPLoginModule implements LoginModule {
       }
       isRoleAttributeSet = isLoginPropertySet(ROLE_NAME);
       roleAttributeName = getLDAPPropertyValue(ROLE_NAME);
-      codecClass = (String) options.get(PASSWORD_CODEC);
+      codecClass = getLDAPPropertyValue(PASSWORD_CODEC);
    }
 
    private String getPlainPassword(String password) {
diff --git a/artemis-server/src/test/java/org/apache/activemq/artemis/core/security/jaas/LDAPLoginModuleTest.java b/artemis-server/src/test/java/org/apache/activemq/artemis/core/security/jaas/LDAPLoginModuleTest.java
index 75316e67cd..4fbd2c8057 100644
--- a/artemis-server/src/test/java/org/apache/activemq/artemis/core/security/jaas/LDAPLoginModuleTest.java
+++ b/artemis-server/src/test/java/org/apache/activemq/artemis/core/security/jaas/LDAPLoginModuleTest.java
@@ -31,12 +31,15 @@ import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 import java.io.IOException;
+import java.lang.reflect.Field;
+import java.lang.reflect.Modifier;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Hashtable;
 
 import org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler;
 import org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule;
+import org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginProperty;
 import org.apache.directory.server.annotations.CreateLdapServer;
 import org.apache.directory.server.annotations.CreateTransport;
 import org.apache.directory.server.core.annotations.ApplyLdifFiles;
@@ -162,4 +165,38 @@ public class LDAPLoginModuleTest extends AbstractLdapTestUnit {
       // since login failed commit should return false as well
       assertFalse(loginModule.commit());
    }
+
+   @Test
+   public void testPropertyConfigMap() throws Exception {
+      LDAPLoginModule loginModule = new LDAPLoginModule();
+      JaasCallbackHandler callbackHandler = new JaasCallbackHandler(null, null, null);
+
+      Field configMap = null;
+      HashMap<String, Object> options = new HashMap<>();
+      for (Field field: loginModule.getClass().getDeclaredFields()) {
+         if (Modifier.isStatic(field.getModifiers()) && Modifier.isFinal(field.getModifiers()) && field.getType().isAssignableFrom(String.class)) {
+            field.setAccessible(true);
+            options.put((String)field.get(loginModule), "SET");
+         }
+         if (field.getName().equals("config")) {
+            field.setAccessible(true);
+            configMap = field;
+         }
+      }
+      loginModule.initialize(new Subject(), callbackHandler, null, options);
+
+      LDAPLoginProperty[] ldapProps = (LDAPLoginProperty[]) configMap.get(loginModule);
+      for (String key: options.keySet()) {
+         assertTrue("val set: " + key, presentInArray(ldapProps, key));
+      }
+   }
+
+   private boolean presentInArray(LDAPLoginProperty[] ldapProps, String propertyName) {
+      for (LDAPLoginProperty conf : ldapProps) {
+         if (conf.getPropertyName().equals(propertyName) && (conf.getPropertyValue() != null && !"".equals(conf.getPropertyValue())))
+            return true;
+      }
+      return false;
+   }
+
 }