diff --git a/scm-webapp/src/main/java/sonia/scm/ScmServletModule.java b/scm-webapp/src/main/java/sonia/scm/ScmServletModule.java index 738e1fdbbe..5a9da3c222 100644 --- a/scm-webapp/src/main/java/sonia/scm/ScmServletModule.java +++ b/scm-webapp/src/main/java/sonia/scm/ScmServletModule.java @@ -80,6 +80,7 @@ import sonia.scm.resources.ResourceManager; import sonia.scm.resources.ScriptResourceServlet; import sonia.scm.security.CipherHandler; import sonia.scm.security.CipherUtil; +import sonia.scm.security.DefaultKeyGenerator; import sonia.scm.security.EncryptionHandler; import sonia.scm.security.KeyGenerator; import sonia.scm.security.MessageDigestEncryptionHandler; @@ -244,7 +245,9 @@ public class ScmServletModule extends ServletModule bind(ScmConfiguration.class).toInstance(config); bind(PluginLoader.class).toInstance(pluginLoader); bind(PluginManager.class, DefaultPluginManager.class); - bind(KeyGenerator.class).toInstance(cu.getKeyGenerator()); + + // note CipherUtil uses an other generator + bind(KeyGenerator.class).to(DefaultKeyGenerator.class); bind(CipherHandler.class).toInstance(cu.getCipherHandler()); bind(EncryptionHandler.class, MessageDigestEncryptionHandler.class); bindExtProcessor.bindExtensions(binder()); diff --git a/scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryManager.java b/scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryManager.java index 53af57c875..ffa9123050 100644 --- a/scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryManager.java +++ b/scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryManager.java @@ -49,6 +49,7 @@ import sonia.scm.HandlerEvent; import sonia.scm.SCMContextProvider; import sonia.scm.Type; import sonia.scm.config.ScmConfiguration; +import sonia.scm.security.KeyGenerator; import sonia.scm.security.ScmSecurityException; import sonia.scm.util.AssertUtil; import sonia.scm.util.CollectionAppender; @@ -71,7 +72,6 @@ import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; -import java.util.UUID; import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; @@ -100,6 +100,7 @@ public class DefaultRepositoryManager extends AbstractRepositoryManager * * @param configuration * @param contextProvider + * @param keyGenerator * @param securityContextProvider * @param repositoryDAO * @param handlerSet @@ -108,7 +109,7 @@ public class DefaultRepositoryManager extends AbstractRepositoryManager */ @Inject public DefaultRepositoryManager(ScmConfiguration configuration, - SCMContextProvider contextProvider, + SCMContextProvider contextProvider, KeyGenerator keyGenerator, Provider securityContextProvider, RepositoryDAO repositoryDAO, Set handlerSet, Provider> repositoryListenersProvider, @@ -116,6 +117,7 @@ public class DefaultRepositoryManager extends AbstractRepositoryManager { this.configuration = configuration; this.securityContextProvider = securityContextProvider; + this.keyGenerator = keyGenerator; this.repositoryDAO = repositoryDAO; this.repositoryListenersProvider = repositoryListenersProvider; this.repositoryHooksProvider = repositoryHooksProvider; @@ -175,7 +177,7 @@ public class DefaultRepositoryManager extends AbstractRepositoryManager throw new RepositoryAllreadyExistExeption(); } - repository.setId(UUID.randomUUID().toString()); + repository.setId(keyGenerator.createKey()); repository.setCreationDate(System.currentTimeMillis()); if (createRepository) @@ -967,6 +969,9 @@ public class DefaultRepositoryManager extends AbstractRepositoryManager /** Field description */ private Map handlerMap; + /** Field description */ + private KeyGenerator keyGenerator; + /** Field description */ private RepositoryDAO repositoryDAO; diff --git a/scm-webapp/src/main/java/sonia/scm/security/DefaultKeyGenerator.java b/scm-webapp/src/main/java/sonia/scm/security/DefaultKeyGenerator.java new file mode 100644 index 0000000000..60d5d30d25 --- /dev/null +++ b/scm-webapp/src/main/java/sonia/scm/security/DefaultKeyGenerator.java @@ -0,0 +1,94 @@ +/** + * Copyright (c) 2010, Sebastian Sdorra All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. 2. Redistributions in + * binary form must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. 3. Neither the name of SCM-Manager; + * nor the names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * http://bitbucket.org/sdorra/scm-manager + * + */ + + + +package sonia.scm.security; + +//~--- non-JDK imports -------------------------------------------------------- + +import com.google.inject.Singleton; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +//~--- JDK imports ------------------------------------------------------------ + +import java.util.Random; +import java.util.concurrent.atomic.AtomicLong; + +/** + * + * @author Sebastian Sdorra + */ +@Singleton +public class DefaultKeyGenerator implements KeyGenerator +{ + + /** + * the logger for DefaultKeyGenerator + */ + private static final Logger logger = + LoggerFactory.getLogger(DefaultKeyGenerator.class); + + //~--- methods -------------------------------------------------------------- + + /** + * Method description + * + * + * @return + */ + @Override + public String createKey() + { + StringBuilder buffer = new StringBuilder(); + + buffer.append(Long.toHexString(System.currentTimeMillis())); + buffer.append(Long.toHexString(sessionKey.incrementAndGet())); + buffer.append(Integer.toHexString(random.nextInt(999))); + + String key = buffer.toString(); + + if (logger.isTraceEnabled()) + { + logger.trace("create new key {}", key); + } + + return key; + } + + //~--- fields --------------------------------------------------------------- + + /** Field description */ + private AtomicLong sessionKey = new AtomicLong(); + + /** Field description */ + private Random random = new Random(); +} diff --git a/scm-webapp/src/test/java/sonia/scm/repository/DefaultRepositoryManagerTest.java b/scm-webapp/src/test/java/sonia/scm/repository/DefaultRepositoryManagerTest.java index 9ee0445345..6b710709c0 100644 --- a/scm-webapp/src/test/java/sonia/scm/repository/DefaultRepositoryManagerTest.java +++ b/scm-webapp/src/test/java/sonia/scm/repository/DefaultRepositoryManagerTest.java @@ -40,8 +40,9 @@ import com.google.inject.Provider; import org.junit.Test; import sonia.scm.Type; -import sonia.scm.repository.xml.XmlRepositoryDAO; import sonia.scm.config.ScmConfiguration; +import sonia.scm.repository.xml.XmlRepositoryDAO; +import sonia.scm.security.DefaultKeyGenerator; import sonia.scm.store.JAXBStoreFactory; import sonia.scm.store.StoreFactory; import sonia.scm.util.MockUtil; @@ -73,7 +74,7 @@ public class DefaultRepositoryManagerTest extends RepositoryManagerTestBase */ @Test public void getRepositoryFromRequestUriTest() - throws RepositoryException, IOException + throws RepositoryException, IOException { RepositoryManager m = createManager(); @@ -86,9 +87,9 @@ public class DefaultRepositoryManagerTest extends RepositoryManagerTestBase assertEquals("scm-test", m.getFromUri("hg/scm-test").getName()); assertEquals("scm-test", m.getFromUri("/hg/scm-test").getName()); assertEquals("project1/test-1", - m.getFromUri("/git/project1/test-1").getName()); + m.getFromUri("/git/project1/test-1").getName()); assertEquals("project1/test-1", - m.getFromUri("/git/project1/test-1/ka/some/path").getName()); + m.getFromUri("/git/project1/test-1/ka/some/path").getName()); assertNull(m.getFromUri("/git/project1/test-3/ka/some/path")); } @@ -138,8 +139,8 @@ public class DefaultRepositoryManagerTest extends RepositoryManagerTestBase ScmConfiguration configuration = new ScmConfiguration(); return new DefaultRepositoryManager(configuration, contextProvider, - MockUtil.getAdminSecurityContextProvider(), repositoryDAO, - handlerSet, listenerProvider, hookProvider); + new DefaultKeyGenerator(), MockUtil.getAdminSecurityContextProvider(), + repositoryDAO, handlerSet, listenerProvider, hookProvider); } /** @@ -153,7 +154,7 @@ public class DefaultRepositoryManagerTest extends RepositoryManagerTestBase * @throws RepositoryException */ private void createRepository(RepositoryManager m, Repository repository) - throws RepositoryException, IOException + throws RepositoryException, IOException { m.create(repository); } diff --git a/scm-webapp/src/test/java/sonia/scm/security/DefaultKeyGeneratorTest.java b/scm-webapp/src/test/java/sonia/scm/security/DefaultKeyGeneratorTest.java new file mode 100644 index 0000000000..231191714f --- /dev/null +++ b/scm-webapp/src/test/java/sonia/scm/security/DefaultKeyGeneratorTest.java @@ -0,0 +1,172 @@ +/** + * Copyright (c) 2010, Sebastian Sdorra All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. 2. Redistributions in + * binary form must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. 3. Neither the name of SCM-Manager; + * nor the names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * http://bitbucket.org/sdorra/scm-manager + * + */ + + + +package sonia.scm.security; + +//~--- non-JDK imports -------------------------------------------------------- + +import com.google.common.collect.Sets; + +import org.junit.Test; + +import static org.junit.Assert.*; + +//~--- JDK imports ------------------------------------------------------------ + +import java.util.Set; +import java.util.concurrent.Callable; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.concurrent.Future; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; + +/** + * + * @author Sebastian Sdorra + */ +public class DefaultKeyGeneratorTest +{ + + /** + * Method description + * + * + * @throws ExecutionException + * @throws InterruptedException + * @throws TimeoutException + */ + @Test + public void testMultiThreaded() + throws InterruptedException, ExecutionException, TimeoutException + { + final DefaultKeyGenerator generator = new DefaultKeyGenerator(); + + ExecutorService executor = Executors.newFixedThreadPool(30); + + Set>> futureSet = Sets.newHashSet(); + + for (int i = 0; i < 10; i++) + { + Future> future = executor.submit(new Callable>() + { + + @Override + public Set call() + { + Set keys = Sets.newHashSet(); + + for (int i = 0; i < 1000; i++) + { + String key = generator.createKey(); + + if (keys.contains(key)) + { + fail("dublicate key"); + } + + keys.add(key); + } + + return keys; + } + }); + + futureSet.add(future); + } + + executor.shutdown(); + + Set keys = Sets.newHashSet(); + + for (Future> future : futureSet) + { + Set futureKeys = future.get(5, TimeUnit.SECONDS); + + assertNotNull(futureKeys); + assertEquals(1000, futureKeys.size()); + + for (String key : futureKeys) + { + if (keys.contains(key)) + { + fail("dublicate key"); + } + + keys.add(key); + } + } + + assertEquals(10000, keys.size()); + + } + + /** + * Method description + * + */ + @Test + public void testSimple() + { + DefaultKeyGenerator generator = new DefaultKeyGenerator(); + + String key = generator.createKey(); + + assertNotNull(key); + assertTrue(key.length() > 0); + } + + /** + * Method description + * + */ + @Test + public void testUniqueness() + { + DefaultKeyGenerator generator = new DefaultKeyGenerator(); + Set keys = Sets.newHashSet(); + + for (int i = 0; i < 10000; i++) + { + String key = generator.createKey(); + + if (keys.contains(key)) + { + fail("dublicate key"); + } + + keys.add(key); + } + + assertEquals(10000, keys.size()); + } +}