bug fix when handling old data.

if a new hash is returned for getHashedPassword(), the config dialog won't work git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@15392 71c3de6d-444a-0410-be80-ed276b4c234a

bug fix when handling old data.
if a new hash is returned for getHashedPassword(), the config dialog won't work git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@15392 71c3de6d-444a-0410-be80-ed276b4c234a
73def412 · kohsuke · c7b327fa · 73def412 · 73def412
2 changed file
--- a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
+++ b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
@@ -275,7 +275,7 @@ public class HudsonPrivateSecurityRealm extends SecurityRealm implements ModelOb
        /**
         * Hashed password.
         */
-        private final String passwordHash;
+        private /*almost final*/ String passwordHash;

        /**
         * @deprecated Scrambled password.
@@ -302,11 +302,6 @@ public class HudsonPrivateSecurityRealm extends SecurityRealm implements ModelOb
        }

        public String getPassword() {
-            if (password != null) {
-                // Data loaded from old style config.. encode password now
-                // but don't force update now to allow room for downgrading
-                return PASSWORD_ENCODER.encodePassword(Scrambler.descramble(password),null);
-            }
            return passwordHash;
        }

@@ -346,6 +341,13 @@ public class HudsonPrivateSecurityRealm extends SecurityRealm implements ModelOb
        public UserPropertyDescriptor getDescriptor() {
            return DETAILS_DESCRIPTOR;
        }
+
+        private Object readResolve() {
+            // If we are being read back in from an older version
+            if (password!=null && passwordHash==null)
+                passwordHash = PASSWORD_ENCODER.encodePassword(Scrambler.descramble(password),null);
+            return this;
+        }
    }

    public static final UserPropertyDescriptor DETAILS_DESCRIPTOR = new UserPropertyDescriptor(Details.class) {

--- a/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
+++ b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
@@ -4,6 +4,7 @@ import org.jvnet.hudson.test.Bug;
 import org.jvnet.hudson.test.HudsonTestCase;
 import org.jvnet.hudson.test.recipes.LocalData;
 import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;

 /**
 * @author Kohsuke Kawaguchi
@@ -16,13 +17,22 @@ public class HudsonPrivateSecurityRealmTest extends HudsonTestCase {
    @Bug(2381)
    @LocalData
    public void testDataCompatibilityWith1_282() throws Exception {
-        new WebClient().login("alice","alice");
+        // make sure we can login with the same password as before
+        WebClient wc = new WebClient().login("alice", "alice");

        try {
+            // verify the sanity that the password is really used
            // this should fail
            new WebClient().login("bob","bob");
        } catch (FailingHttpStatusCodeException e) {
            assertEquals(401,e.getStatusCode());
        }
+
+        // resubmit the config and this should force the data store to be rewritten
+        HtmlPage p = wc.goTo("user/alice/configure");
+        submit(p.getFormByName("config"));
+
+        // verify that we can still login
+        new WebClient().login("alice", "alice");
    }
 }