Example 1 with MysqlOldPasswordPlugin
use of com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin in project JavaSegundasQuintas by ecteruel.
the class ConnectionRegressionTest method testOldPasswordPlugin.
@Test
public void testOldPasswordPlugin() throws Exception {
assumeTrue(versionMeetsMinimum(5, 5, 7) && !versionMeetsMinimum(5, 7, 5), "testOldPasswordPlugin was skipped: This test only run for 5.5.7 - 5.7.4 server versions.");
Connection testConn = null;
try {
this.stmt.executeUpdate("SET @current_secure_auth = @@global.secure_auth");
this.stmt.executeUpdate("SET GLOBAL secure_auth= off");
createUser("'bug64983user1'@'%'", "IDENTIFIED WITH mysql_old_password");
this.stmt.executeUpdate("SET PASSWORD FOR 'bug64983user1'@'%' = OLD_PASSWORD('pwd')");
this.stmt.executeUpdate("GRANT ALL on *.* TO 'bug64983user1'@'%'");
createUser("'bug64983user2'@'%'", "IDENTIFIED WITH mysql_old_password");
this.stmt.executeUpdate("SET PASSWORD FOR 'bug64983user2'@'%' = OLD_PASSWORD('')");
this.stmt.executeUpdate("GRANT ALL ON *.* TO 'bug64983user2'@'%'");
createUser("'bug64983user3'@'%'", "IDENTIFIED WITH mysql_old_password");
this.stmt.executeUpdate("GRANT ALL ON *.* TO 'bug64983user3'@'%'");
this.stmt.executeUpdate("flush privileges");
Properties props = new Properties();
props.setProperty(PropertyKey.sslMode.getKeyName(), "DISABLED");
props.setProperty(PropertyKey.allowPublicKeyRetrieval.getKeyName(), "true");
// connect with default plugin
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user1");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "pwd");
testConn = getConnectionWithProps(props);
ResultSet testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user1", testRs.getString(1).split("@")[0]);
testConn.close();
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user2");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "");
testConn = getConnectionWithProps(props);
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user2", testRs.getString(1).split("@")[0]);
testConn.close();
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user3");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "");
testConn = getConnectionWithProps(props);
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user3", testRs.getString(1).split("@")[0]);
testConn.close();
// connect with MysqlOldPasswordPlugin plugin
props.setProperty(PropertyKey.defaultAuthenticationPlugin.getKeyName(), MysqlOldPasswordPlugin.class.getName());
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user1");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "pwd");
testConn = getConnectionWithProps(props);
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user1", testRs.getString(1).split("@")[0]);
testConn.close();
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user2");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "");
testConn = getConnectionWithProps(props);
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user2", testRs.getString(1).split("@")[0]);
testConn.close();
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user3");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "");
testConn = getConnectionWithProps(props);
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user3", testRs.getString(1).split("@")[0]);
// changeUser
((JdbcConnection) testConn).changeUser("bug64983user1", "pwd");
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user1", testRs.getString(1).split("@")[0]);
((JdbcConnection) testConn).changeUser("bug64983user2", "");
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user2", testRs.getString(1).split("@")[0]);
((JdbcConnection) testConn).changeUser("bug64983user3", "");
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user3", testRs.getString(1).split("@")[0]);
} finally {
try {
this.stmt.executeUpdate("SET GLOBAL secure_auth = @current_secure_auth");
if (testConn != null) {
testConn.close();
}
} catch (Exception ex) {
System.err.println("Exception during cleanup:");
ex.printStackTrace();
}
}
}
Also used :
MysqlOldPasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin)
ReplicationConnection(com.mysql.cj.jdbc.ha.ReplicationConnection)
MysqlPooledConnection(com.mysql.cj.jdbc.MysqlPooledConnection)
SuspendableXAConnection(com.mysql.cj.jdbc.SuspendableXAConnection)
Connection(java.sql.Connection)
XAConnection(javax.sql.XAConnection)
PooledConnection(javax.sql.PooledConnection)
MysqlXAConnection(com.mysql.cj.jdbc.MysqlXAConnection)
JdbcConnection(com.mysql.cj.jdbc.JdbcConnection)
MysqlConnection(com.mysql.cj.MysqlConnection)
ResultSet(java.sql.ResultSet)
JdbcConnection(com.mysql.cj.jdbc.JdbcConnection)
Properties(java.util.Properties)
SQLFeatureNotSupportedException(java.sql.SQLFeatureNotSupportedException)
SQLTransientException(java.sql.SQLTransientException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
XAException(javax.transaction.xa.XAException)
SocketException(java.net.SocketException)
SQLClientInfoException(java.sql.SQLClientInfoException)
SQLException(java.sql.SQLException)
SocketTimeoutException(java.net.SocketTimeoutException)
IOException(java.io.IOException)
PasswordExpiredException(com.mysql.cj.exceptions.PasswordExpiredException)
ExecutionException(java.util.concurrent.ExecutionException)
TimeoutException(java.util.concurrent.TimeoutException)
SQLNonTransientConnectionException(java.sql.SQLNonTransientConnectionException)
CommunicationsException(com.mysql.cj.jdbc.exceptions.CommunicationsException)
CertificateException(java.security.cert.CertificateException)
ClosedOnExpiredPasswordException(com.mysql.cj.exceptions.ClosedOnExpiredPasswordException)
PropertyNotModifiableException(com.mysql.cj.exceptions.PropertyNotModifiableException)
Test(org.junit.jupiter.api.Test)
Example 2 with MysqlOldPasswordPlugin
use of com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin in project aws-mysql-jdbc by awslabs.
the class NativeAuthenticationProvider method loadAuthenticationPlugins.
/**
* Fill the authentication plugins map.
*
* Starts by filling the map with instances of the built-in authentication plugins. Then creates instances of plugins listed in the "authenticationPlugins"
* connection property and adds them to the map too.
*
* The key for the map entry is got by {@link AuthenticationPlugin#getProtocolPluginName()} thus it is possible to replace built-in plugins with custom
* implementations. To do it, the custom plugin should return one of the values "mysql_native_password", "mysql_clear_password", "sha256_password",
* "caching_sha2_password", "mysql_old_password", "authentication_ldap_sasl_client" or "authentication_kerberos_client" from its own getProtocolPluginName()
* method.
*/
@SuppressWarnings("unchecked")
private void loadAuthenticationPlugins() {
// default plugin
RuntimeProperty<String> defaultAuthenticationPluginProp = this.propertySet.getStringProperty(PropertyKey.defaultAuthenticationPlugin);
String defaultAuthenticationPluginValue = defaultAuthenticationPluginProp.getValue();
if (defaultAuthenticationPluginValue == null || "".equals(defaultAuthenticationPluginValue.trim())) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.BadDefaultAuthenticationPlugin", new Object[] { defaultAuthenticationPluginValue }), getExceptionInterceptor());
}
// disabled plugins
String disabledPlugins = this.propertySet.getStringProperty(PropertyKey.disabledAuthenticationPlugins).getValue();
List<String> disabledAuthenticationPlugins;
if (disabledPlugins != null && !"".equals(disabledPlugins)) {
disabledAuthenticationPlugins = StringUtils.split(disabledPlugins, ",", true);
} else {
disabledAuthenticationPlugins = Collections.EMPTY_LIST;
}
this.authenticationPlugins = new HashMap<>();
List<AuthenticationPlugin<NativePacketPayload>> pluginsToInit = new LinkedList<>();
// built-in plugins
pluginsToInit.add(new Sha256PasswordPlugin());
pluginsToInit.add(new CachingSha2PasswordPlugin());
pluginsToInit.add(new MysqlOldPasswordPlugin());
pluginsToInit.add(new AuthenticationLdapSaslClientPlugin());
pluginsToInit.add(new AuthenticationKerberosClient());
pluginsToInit.add(new AuthenticationOciClient());
final boolean useAwsIam = this.propertySet.getBooleanProperty(PropertyKey.useAwsIam).getValue();
if (useAwsIam) {
try {
Class.forName("software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider");
} catch (ClassNotFoundException ex) {
throw ExceptionFactory.createException(Messages.getString("AuthenticationAwsIamPlugin.MissingSDK"));
}
final String host = this.protocol.getSocketConnection().getHost();
final int port = this.protocol.getSocketConnection().getPort();
final AwsIamAuthenticationTokenHelper tokenHelper = new AwsIamAuthenticationTokenHelper(host, port, this.propertySet.getStringProperty(PropertyKey.logger).getStringValue());
pluginsToInit.add(new AwsIamAuthenticationPlugin(tokenHelper));
pluginsToInit.add(new AwsIamClearAuthenticationPlugin(tokenHelper));
final String defaultPluginClassName = this.propertySet.getStringProperty(PropertyKey.defaultAuthenticationPlugin).getPropertyDefinition().getDefaultValue();
if (defaultAuthenticationPluginValue.equals(defaultPluginClassName)) {
defaultAuthenticationPluginValue = AwsIamAuthenticationPlugin.class.getName();
}
} else {
pluginsToInit.add(new MysqlNativePasswordPlugin());
pluginsToInit.add(new MysqlClearPasswordPlugin());
}
// plugins from authenticationPluginClasses connection parameter
String authenticationPluginClasses = this.propertySet.getStringProperty(PropertyKey.authenticationPlugins).getValue();
if (authenticationPluginClasses != null && !"".equals(authenticationPluginClasses.trim())) {
List<String> pluginsToCreate = StringUtils.split(authenticationPluginClasses, ",", true);
for (String className : pluginsToCreate) {
try {
pluginsToInit.add((AuthenticationPlugin<NativePacketPayload>) Class.forName(className).newInstance());
} catch (Throwable t) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.BadAuthenticationPlugin", new Object[] { className }), t, this.exceptionInterceptor);
}
}
}
// add plugin instances
boolean defaultFound = false;
for (AuthenticationPlugin<NativePacketPayload> plugin : pluginsToInit) {
String pluginProtocolName = plugin.getProtocolPluginName();
String pluginClassName = plugin.getClass().getName();
boolean disabledByProtocolName = disabledAuthenticationPlugins.contains(pluginProtocolName);
boolean disabledByClassName = disabledAuthenticationPlugins.contains(pluginClassName);
if (disabledByProtocolName || disabledByClassName) {
// check if the default plugin is disabled
if (!defaultFound && (defaultAuthenticationPluginValue.equals(pluginProtocolName) || defaultAuthenticationPluginValue.equals(pluginClassName))) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.BadDisabledAuthenticationPlugin", new Object[] { disabledByClassName ? pluginClassName : pluginProtocolName }), getExceptionInterceptor());
}
} else {
this.authenticationPlugins.put(pluginProtocolName, plugin);
if (!defaultFound && (defaultAuthenticationPluginValue.equals(pluginProtocolName) || defaultAuthenticationPluginValue.equals(pluginClassName))) {
this.clientDefaultAuthenticationPluginName = pluginProtocolName;
this.clientDefaultAuthenticationPluginExplicitelySet = defaultAuthenticationPluginProp.isExplicitlySet();
defaultFound = true;
}
}
}
// check if the default plugin is listed
if (!defaultFound) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.DefaultAuthenticationPluginIsNotListed", new Object[] { defaultAuthenticationPluginValue }), getExceptionInterceptor());
}
}
Also used :
MysqlOldPasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin)
AuthenticationKerberosClient(com.mysql.cj.protocol.a.authentication.AuthenticationKerberosClient)
WrongArgumentException(com.mysql.cj.exceptions.WrongArgumentException)
AuthenticationLdapSaslClientPlugin(com.mysql.cj.protocol.a.authentication.AuthenticationLdapSaslClientPlugin)
Sha256PasswordPlugin(com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin)
AuthenticationOciClient(com.mysql.cj.protocol.a.authentication.AuthenticationOciClient)
MysqlClearPasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlClearPasswordPlugin)
AwsIamAuthenticationTokenHelper(com.mysql.cj.protocol.a.authentication.AwsIamAuthenticationTokenHelper)
LinkedList(java.util.LinkedList)
AwsIamClearAuthenticationPlugin(com.mysql.cj.protocol.a.authentication.AwsIamClearAuthenticationPlugin)
AuthenticationPlugin(com.mysql.cj.protocol.AuthenticationPlugin)
AwsIamClearAuthenticationPlugin(com.mysql.cj.protocol.a.authentication.AwsIamClearAuthenticationPlugin)
AwsIamAuthenticationPlugin(com.mysql.cj.protocol.a.authentication.AwsIamAuthenticationPlugin)
AwsIamAuthenticationPlugin(com.mysql.cj.protocol.a.authentication.AwsIamAuthenticationPlugin)
CachingSha2PasswordPlugin(com.mysql.cj.protocol.a.authentication.CachingSha2PasswordPlugin)
MysqlNativePasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlNativePasswordPlugin)
Example 3 with MysqlOldPasswordPlugin
use of com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin in project aws-mysql-jdbc by awslabs.
the class ConnectionRegressionTest method testOldPasswordPlugin.
@Test
public void testOldPasswordPlugin() throws Exception {
assumeTrue(versionMeetsMinimum(5, 5, 7) && !versionMeetsMinimum(5, 7, 5), "testOldPasswordPlugin was skipped: This test only run for 5.5.7 - 5.7.4 server versions.");
Connection testConn = null;
try {
this.stmt.executeUpdate("SET @current_secure_auth = @@global.secure_auth");
this.stmt.executeUpdate("SET GLOBAL secure_auth= off");
createUser("'bug64983user1'@'%'", "IDENTIFIED WITH mysql_old_password");
this.stmt.executeUpdate("SET PASSWORD FOR 'bug64983user1'@'%' = OLD_PASSWORD('pwd')");
this.stmt.executeUpdate("GRANT ALL on *.* TO 'bug64983user1'@'%'");
createUser("'bug64983user2'@'%'", "IDENTIFIED WITH mysql_old_password");
this.stmt.executeUpdate("SET PASSWORD FOR 'bug64983user2'@'%' = OLD_PASSWORD('')");
this.stmt.executeUpdate("GRANT ALL ON *.* TO 'bug64983user2'@'%'");
createUser("'bug64983user3'@'%'", "IDENTIFIED WITH mysql_old_password");
this.stmt.executeUpdate("GRANT ALL ON *.* TO 'bug64983user3'@'%'");
this.stmt.executeUpdate("flush privileges");
Properties props = new Properties();
props.setProperty(PropertyKey.sslMode.getKeyName(), SslMode.DISABLED.name());
props.setProperty(PropertyKey.allowPublicKeyRetrieval.getKeyName(), "true");
// connect with default plugin
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user1");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "pwd");
testConn = getConnectionWithProps(props);
ResultSet testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user1", testRs.getString(1).split("@")[0]);
testConn.close();
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user2");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "");
testConn = getConnectionWithProps(props);
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user2", testRs.getString(1).split("@")[0]);
testConn.close();
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user3");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "");
testConn = getConnectionWithProps(props);
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user3", testRs.getString(1).split("@")[0]);
testConn.close();
// connect with MysqlOldPasswordPlugin plugin
props.setProperty(PropertyKey.defaultAuthenticationPlugin.getKeyName(), MysqlOldPasswordPlugin.class.getName());
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user1");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "pwd");
testConn = getConnectionWithProps(props);
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user1", testRs.getString(1).split("@")[0]);
testConn.close();
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user2");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "");
testConn = getConnectionWithProps(props);
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user2", testRs.getString(1).split("@")[0]);
testConn.close();
props.setProperty(PropertyKey.USER.getKeyName(), "bug64983user3");
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "");
testConn = getConnectionWithProps(props);
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user3", testRs.getString(1).split("@")[0]);
// changeUser
((JdbcConnection) testConn).changeUser("bug64983user1", "pwd");
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user1", testRs.getString(1).split("@")[0]);
((JdbcConnection) testConn).changeUser("bug64983user2", "");
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user2", testRs.getString(1).split("@")[0]);
((JdbcConnection) testConn).changeUser("bug64983user3", "");
testRs = testConn.createStatement().executeQuery("SELECT USER()");
testRs.next();
assertEquals("bug64983user3", testRs.getString(1).split("@")[0]);
} finally {
try {
this.stmt.executeUpdate("SET GLOBAL secure_auth = @current_secure_auth");
if (testConn != null) {
testConn.close();
}
} catch (Exception ex) {
System.err.println("Exception during cleanup:");
ex.printStackTrace();
}
}
}
Also used :
MysqlOldPasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin)
ReplicationConnection(com.mysql.cj.jdbc.ha.ReplicationConnection)
MysqlPooledConnection(com.mysql.cj.jdbc.MysqlPooledConnection)
SuspendableXAConnection(com.mysql.cj.jdbc.SuspendableXAConnection)
Connection(java.sql.Connection)
XAConnection(javax.sql.XAConnection)
PooledConnection(javax.sql.PooledConnection)
MysqlXAConnection(com.mysql.cj.jdbc.MysqlXAConnection)
JdbcConnection(com.mysql.cj.jdbc.JdbcConnection)
MysqlConnection(com.mysql.cj.MysqlConnection)
ResultSet(java.sql.ResultSet)
JdbcConnection(com.mysql.cj.jdbc.JdbcConnection)
Properties(java.util.Properties)
SQLFeatureNotSupportedException(java.sql.SQLFeatureNotSupportedException)
SQLTransientException(java.sql.SQLTransientException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
XAException(javax.transaction.xa.XAException)
SocketException(java.net.SocketException)
SQLClientInfoException(java.sql.SQLClientInfoException)
SQLException(java.sql.SQLException)
SocketTimeoutException(java.net.SocketTimeoutException)
IOException(java.io.IOException)
PasswordExpiredException(com.mysql.cj.exceptions.PasswordExpiredException)
ExecutionException(java.util.concurrent.ExecutionException)
TimeoutException(java.util.concurrent.TimeoutException)
SQLNonTransientConnectionException(java.sql.SQLNonTransientConnectionException)
CommunicationsException(com.mysql.cj.jdbc.exceptions.CommunicationsException)
CertificateException(java.security.cert.CertificateException)
ClosedOnExpiredPasswordException(com.mysql.cj.exceptions.ClosedOnExpiredPasswordException)
PropertyNotModifiableException(com.mysql.cj.exceptions.PropertyNotModifiableException)
Test(org.junit.jupiter.api.Test)
Example 4 with MysqlOldPasswordPlugin
use of com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin in project JavaSegundasQuintas by ecteruel.
the class NativeAuthenticationProvider method loadAuthenticationPlugins.
/**
* Fill the authentication plugins map.
*
* Starts by filling the map with instances of the built-in authentication plugins. Then creates instances of plugins listed in the "authenticationPlugins"
* connection property and adds them to the map too.
*
* The key for the map entry is got by {@link AuthenticationPlugin#getProtocolPluginName()} thus it is possible to replace built-in plugins with custom
* implementations. To do it, the custom plugin should return one of the values "mysql_native_password", "mysql_clear_password", "sha256_password",
* "caching_sha2_password", "mysql_old_password", "authentication_ldap_sasl_client" or "authentication_kerberos_client" from its own getProtocolPluginName()
* method.
*/
@SuppressWarnings("unchecked")
private void loadAuthenticationPlugins() {
// default plugin
RuntimeProperty<String> defaultAuthenticationPluginProp = this.propertySet.getStringProperty(PropertyKey.defaultAuthenticationPlugin);
String defaultAuthenticationPluginValue = defaultAuthenticationPluginProp.getValue();
if (defaultAuthenticationPluginValue == null || "".equals(defaultAuthenticationPluginValue.trim())) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.BadDefaultAuthenticationPlugin", new Object[] { defaultAuthenticationPluginValue }), getExceptionInterceptor());
}
// disabled plugins
String disabledPlugins = this.propertySet.getStringProperty(PropertyKey.disabledAuthenticationPlugins).getValue();
List<String> disabledAuthenticationPlugins;
if (disabledPlugins != null && !"".equals(disabledPlugins)) {
disabledAuthenticationPlugins = StringUtils.split(disabledPlugins, ",", true);
} else {
disabledAuthenticationPlugins = Collections.EMPTY_LIST;
}
this.authenticationPlugins = new HashMap<>();
List<AuthenticationPlugin<NativePacketPayload>> pluginsToInit = new LinkedList<>();
// built-in plugins
pluginsToInit.add(new MysqlNativePasswordPlugin());
pluginsToInit.add(new MysqlClearPasswordPlugin());
pluginsToInit.add(new Sha256PasswordPlugin());
pluginsToInit.add(new CachingSha2PasswordPlugin());
pluginsToInit.add(new MysqlOldPasswordPlugin());
pluginsToInit.add(new AuthenticationLdapSaslClientPlugin());
pluginsToInit.add(new AuthenticationKerberosClient());
pluginsToInit.add(new AuthenticationOciClient());
// plugins from authenticationPluginClasses connection parameter
String authenticationPluginClasses = this.propertySet.getStringProperty(PropertyKey.authenticationPlugins).getValue();
if (authenticationPluginClasses != null && !"".equals(authenticationPluginClasses.trim())) {
List<String> pluginsToCreate = StringUtils.split(authenticationPluginClasses, ",", true);
for (String className : pluginsToCreate) {
try {
pluginsToInit.add((AuthenticationPlugin<NativePacketPayload>) Class.forName(className).newInstance());
} catch (Throwable t) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.BadAuthenticationPlugin", new Object[] { className }), t, this.exceptionInterceptor);
}
}
}
// add plugin instances
boolean defaultFound = false;
for (AuthenticationPlugin<NativePacketPayload> plugin : pluginsToInit) {
String pluginProtocolName = plugin.getProtocolPluginName();
String pluginClassName = plugin.getClass().getName();
boolean disabledByProtocolName = disabledAuthenticationPlugins.contains(pluginProtocolName);
boolean disabledByClassName = disabledAuthenticationPlugins.contains(pluginClassName);
if (disabledByProtocolName || disabledByClassName) {
// check if the default plugin is disabled
if (!defaultFound && (defaultAuthenticationPluginValue.equals(pluginProtocolName) || defaultAuthenticationPluginValue.equals(pluginClassName))) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.BadDisabledAuthenticationPlugin", new Object[] { disabledByClassName ? pluginClassName : pluginProtocolName }), getExceptionInterceptor());
}
} else {
this.authenticationPlugins.put(pluginProtocolName, plugin);
if (!defaultFound && (defaultAuthenticationPluginValue.equals(pluginProtocolName) || defaultAuthenticationPluginValue.equals(pluginClassName))) {
this.clientDefaultAuthenticationPluginName = pluginProtocolName;
this.clientDefaultAuthenticationPluginExplicitelySet = defaultAuthenticationPluginProp.isExplicitlySet();
defaultFound = true;
}
}
}
// check if the default plugin is listed
if (!defaultFound) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.DefaultAuthenticationPluginIsNotListed", new Object[] { defaultAuthenticationPluginValue }), getExceptionInterceptor());
}
}
Also used :
MysqlClearPasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlClearPasswordPlugin)
MysqlOldPasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin)
AuthenticationOciClient(com.mysql.cj.protocol.a.authentication.AuthenticationOciClient)
AuthenticationKerberosClient(com.mysql.cj.protocol.a.authentication.AuthenticationKerberosClient)
WrongArgumentException(com.mysql.cj.exceptions.WrongArgumentException)
LinkedList(java.util.LinkedList)
AuthenticationPlugin(com.mysql.cj.protocol.AuthenticationPlugin)
AuthenticationLdapSaslClientPlugin(com.mysql.cj.protocol.a.authentication.AuthenticationLdapSaslClientPlugin)
Sha256PasswordPlugin(com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin)
MysqlNativePasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlNativePasswordPlugin)
CachingSha2PasswordPlugin(com.mysql.cj.protocol.a.authentication.CachingSha2PasswordPlugin)
Example 5 with MysqlOldPasswordPlugin
use of com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin in project ABC by RuiPinto96274.
the class NativeAuthenticationProvider method loadAuthenticationPlugins.
/**
* Fill the authentication plugins map.
*
* Starts by filling the map with instances of the built-in authentication plugins. Then creates instances of plugins listed in the "authenticationPlugins"
* connection property and adds them to the map too.
*
* The key for the map entry is got by {@link AuthenticationPlugin#getProtocolPluginName()} thus it is possible to replace built-in plugins with custom
* implementations. To do it, the custom plugin should return one of the values "mysql_native_password", "mysql_clear_password", "sha256_password",
* "caching_sha2_password", "mysql_old_password", "authentication_ldap_sasl_client" or "authentication_kerberos_client" from its own getProtocolPluginName()
* method.
*/
@SuppressWarnings("unchecked")
private void loadAuthenticationPlugins() {
// default plugin
RuntimeProperty<String> defaultAuthenticationPluginProp = this.propertySet.getStringProperty(PropertyKey.defaultAuthenticationPlugin);
String defaultAuthenticationPluginValue = defaultAuthenticationPluginProp.getValue();
if (defaultAuthenticationPluginValue == null || "".equals(defaultAuthenticationPluginValue.trim())) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.BadDefaultAuthenticationPlugin", new Object[] { defaultAuthenticationPluginValue }), getExceptionInterceptor());
}
// disabled plugins
String disabledPlugins = this.propertySet.getStringProperty(PropertyKey.disabledAuthenticationPlugins).getValue();
List<String> disabledAuthenticationPlugins;
if (disabledPlugins != null && !"".equals(disabledPlugins)) {
disabledAuthenticationPlugins = StringUtils.split(disabledPlugins, ",", true);
} else {
disabledAuthenticationPlugins = Collections.EMPTY_LIST;
}
this.authenticationPlugins = new HashMap<>();
List<AuthenticationPlugin<NativePacketPayload>> pluginsToInit = new LinkedList<>();
// built-in plugins
pluginsToInit.add(new MysqlNativePasswordPlugin());
pluginsToInit.add(new MysqlClearPasswordPlugin());
pluginsToInit.add(new Sha256PasswordPlugin());
pluginsToInit.add(new CachingSha2PasswordPlugin());
pluginsToInit.add(new MysqlOldPasswordPlugin());
pluginsToInit.add(new AuthenticationLdapSaslClientPlugin());
pluginsToInit.add(new AuthenticationKerberosClient());
pluginsToInit.add(new AuthenticationOciClient());
// plugins from authenticationPluginClasses connection parameter
String authenticationPluginClasses = this.propertySet.getStringProperty(PropertyKey.authenticationPlugins).getValue();
if (authenticationPluginClasses != null && !"".equals(authenticationPluginClasses.trim())) {
List<String> pluginsToCreate = StringUtils.split(authenticationPluginClasses, ",", true);
for (String className : pluginsToCreate) {
try {
pluginsToInit.add((AuthenticationPlugin<NativePacketPayload>) Class.forName(className).newInstance());
} catch (Throwable t) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.BadAuthenticationPlugin", new Object[] { className }), t, this.exceptionInterceptor);
}
}
}
// add plugin instances
boolean defaultFound = false;
for (AuthenticationPlugin<NativePacketPayload> plugin : pluginsToInit) {
String pluginProtocolName = plugin.getProtocolPluginName();
String pluginClassName = plugin.getClass().getName();
boolean disabledByProtocolName = disabledAuthenticationPlugins.contains(pluginProtocolName);
boolean disabledByClassName = disabledAuthenticationPlugins.contains(pluginClassName);
if (disabledByProtocolName || disabledByClassName) {
// check if the default plugin is disabled
if (!defaultFound && (defaultAuthenticationPluginValue.equals(pluginProtocolName) || defaultAuthenticationPluginValue.equals(pluginClassName))) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.BadDisabledAuthenticationPlugin", new Object[] { disabledByClassName ? pluginClassName : pluginProtocolName }), getExceptionInterceptor());
}
} else {
this.authenticationPlugins.put(pluginProtocolName, plugin);
if (!defaultFound && (defaultAuthenticationPluginValue.equals(pluginProtocolName) || defaultAuthenticationPluginValue.equals(pluginClassName))) {
this.clientDefaultAuthenticationPluginName = pluginProtocolName;
this.clientDefaultAuthenticationPluginExplicitelySet = defaultAuthenticationPluginProp.isExplicitlySet();
defaultFound = true;
}
}
}
// check if the default plugin is listed
if (!defaultFound) {
throw ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("AuthenticationProvider.DefaultAuthenticationPluginIsNotListed", new Object[] { defaultAuthenticationPluginValue }), getExceptionInterceptor());
}
}
Also used :
MysqlClearPasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlClearPasswordPlugin)
MysqlOldPasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin)
AuthenticationOciClient(com.mysql.cj.protocol.a.authentication.AuthenticationOciClient)
AuthenticationKerberosClient(com.mysql.cj.protocol.a.authentication.AuthenticationKerberosClient)
WrongArgumentException(com.mysql.cj.exceptions.WrongArgumentException)
LinkedList(java.util.LinkedList)
AuthenticationPlugin(com.mysql.cj.protocol.AuthenticationPlugin)
AuthenticationLdapSaslClientPlugin(com.mysql.cj.protocol.a.authentication.AuthenticationLdapSaslClientPlugin)
Sha256PasswordPlugin(com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin)
MysqlNativePasswordPlugin(com.mysql.cj.protocol.a.authentication.MysqlNativePasswordPlugin)
CachingSha2PasswordPlugin(com.mysql.cj.protocol.a.authentication.CachingSha2PasswordPlugin)
Aggregations
MysqlOldPasswordPlugin (com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin)6
MysqlConnection (com.mysql.cj.MysqlConnection)3
ClosedOnExpiredPasswordException (com.mysql.cj.exceptions.ClosedOnExpiredPasswordException)3
PasswordExpiredException (com.mysql.cj.exceptions.PasswordExpiredException)3
PropertyNotModifiableException (com.mysql.cj.exceptions.PropertyNotModifiableException)3
WrongArgumentException (com.mysql.cj.exceptions.WrongArgumentException)3
JdbcConnection (com.mysql.cj.jdbc.JdbcConnection)3
MysqlPooledConnection (com.mysql.cj.jdbc.MysqlPooledConnection)3
MysqlXAConnection (com.mysql.cj.jdbc.MysqlXAConnection)3
SuspendableXAConnection (com.mysql.cj.jdbc.SuspendableXAConnection)3
CommunicationsException (com.mysql.cj.jdbc.exceptions.CommunicationsException)3
ReplicationConnection (com.mysql.cj.jdbc.ha.ReplicationConnection)3
AuthenticationPlugin (com.mysql.cj.protocol.AuthenticationPlugin)3
AuthenticationKerberosClient (com.mysql.cj.protocol.a.authentication.AuthenticationKerberosClient)3
AuthenticationLdapSaslClientPlugin (com.mysql.cj.protocol.a.authentication.AuthenticationLdapSaslClientPlugin)3
AuthenticationOciClient (com.mysql.cj.protocol.a.authentication.AuthenticationOciClient)3
CachingSha2PasswordPlugin (com.mysql.cj.protocol.a.authentication.CachingSha2PasswordPlugin)3
MysqlClearPasswordPlugin (com.mysql.cj.protocol.a.authentication.MysqlClearPasswordPlugin)3
MysqlNativePasswordPlugin (com.mysql.cj.protocol.a.authentication.MysqlNativePasswordPlugin)3
Sha256PasswordPlugin (com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin)3
