From: Patrick Schmitz <pschmitz@berkeley.edu>
Date: Wed, 17 Aug 2011 23:53:49 +0000 (+0000)
Subject: NOJIRA - Slight refactoring of password validation, and improved error message for... 
X-Git-Url: https://git.aero2k.de/?a=commitdiff_plain;h=49e5a74f12ac850c2cfd3bd362a137872309589d;p=tmp%2Fjakarta-migration.git

NOJIRA - Slight refactoring of password validation, and improved error message for invalid passwords. This does NOT represent a functional change, but rather just cleanup. Also added comments to the payloads for account testing to explain the base64binary encoding of password values in payloads. Again, no functional changes.
---

diff --git a/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/5-account-bigbird.xml b/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/5-account-bigbird.xml
index 327ff7f1f..ed2795378 100755
--- a/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/5-account-bigbird.xml
+++ b/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/5-account-bigbird.xml
@@ -7,6 +7,7 @@ xmlns:ns3="http://collectionspace.org/services/hyperjaxb">
   <email>bigbird@cspace.org</email>
   <phone>1234567890</phone>
   <userId>bigbird2010</userId>
+	<!-- Password is bigbird2010 base 64 encoded -->
   <password>YmlnYmlyZDIwMTA=</password>
   <tenants>
     <tenant_id>1</tenant_id>
diff --git a/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/6-account-elmo.xml b/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/6-account-elmo.xml
index 882a6be5d..dc3bf0301 100755
--- a/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/6-account-elmo.xml
+++ b/services/IntegrationTests/src/test/resources/test-data/xmlreplay/security/6-account-elmo.xml
@@ -7,6 +7,7 @@ xmlns:ns3="http://collectionspace.org/services/hyperjaxb">
   <email>elmo@cspace.org</email>
   <phone>1234567890</phone>
   <userId>elmo2010</userId>
+	<!-- Pass word is elmo2010, base64 encoded -->
   <password>ZWxtbzIwMTA=</password>
   <tenants>
     <tenant_id>1</tenant_id>
diff --git a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java
index 16dbf680f..4da749265 100644
--- a/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/security/SecurityUtils.java
@@ -43,6 +43,8 @@ public class SecurityUtils {
 
     private static final Logger logger = LoggerFactory.getLogger(SecurityUtils.class);
     public static final String URI_PATH_SEPARATOR = "/";
+    public static final int MIN_PASSWORD_LENGTH = 8;
+    public static final int MAX_PASSWORD_LENGTH = 24;
 
     /**
      * createPasswordHash creates password has using configured digest algorithm
@@ -65,14 +67,15 @@ public class SecurityUtils {
      * @param password
      */
     public static void validatePassword(String password) {
-        //TODO: externalize password length
         if (password == null) {
             String msg = "Password missing ";
             logger.error(msg);
             throw new IllegalArgumentException(msg);
         }
-        if (password.length() < 8 || password.length() > 24) {
-            String msg = "Password length should be >8 and <24";
+        if (password.length() < MIN_PASSWORD_LENGTH 
+        		|| password.length() > MAX_PASSWORD_LENGTH) {
+            String msg = "Bad password: '"+password+"': length should be >= "
+            		+ MIN_PASSWORD_LENGTH + " and <= " + MAX_PASSWORD_LENGTH;
             logger.error(msg);
             throw new IllegalArgumentException(msg);
         }