Skip to content

Commit

Permalink
Release the server credentials through the dispose() method on IWindo…
Browse files Browse the repository at this point in the history 
…wsSecurityContext.
  • Loading branch information
@malaporte
malaporte committed Sep 8, 2015
1 parent 4e913f1 commit 5c66567
Show file tree
Hide file tree
Showing 10 changed files with 43 additions and 34 deletions.
2 changes: 1 addition & 1 deletion Source/JNA/waffle-jna/src/main/java/waffle/windows/auth/impl/WindowsAuthProviderImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ public IWindowsSecurityContext acceptSecurityToken(final String connectionId, fi
pfClientContextAttr, null);

sc = new WindowsSecurityContextImpl();
sc.setCredentialsHandle(serverCredential.getHandle());
sc.setCredentialsHandle(serverCredential);
sc.setSecurityPackage(securityPackage);
sc.setSecurityContext(phNewServerContext);

Expand Down
35 changes: 22 additions & 13 deletions Source/JNA/waffle-jna/src/main/java/waffle/windows/auth/impl/WindowsSecurityContextImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@

import com.sun.jna.platform.win32.Secur32;
import com.sun.jna.platform.win32.Sspi;
import com.sun.jna.platform.win32.Sspi.CredHandle;
import com.sun.jna.platform.win32.Sspi.CtxtHandle;
import com.sun.jna.platform.win32.Sspi.SecBufferDesc;
import com.sun.jna.platform.win32.Win32Exception;
Expand All @@ -36,25 +35,25 @@
public class WindowsSecurityContextImpl implements IWindowsSecurityContext {

/** The principal name. */
private String principalName;
private String principalName;

/** The security package. */
private String securityPackage;
private String securityPackage;

/** The token. */
private SecBufferDesc token;
private SecBufferDesc token;

/** The ctx. */
private CtxtHandle ctx;
private CtxtHandle ctx;

/** The attr. */
private IntByReference attr;
private IntByReference attr;

/** The credentials. */
private CredHandle credentials;
private IWindowsCredentialsHandle credentials;

/** The continue flag. */
private boolean continueFlag;
private boolean continueFlag;

/*
* (non-Javadoc)
Expand Down Expand Up @@ -107,17 +106,23 @@ public byte[] getToken() {
* @return Windows security context.
*/
public static IWindowsSecurityContext getCurrent(final String securityPackage, final String targetName) {
final IWindowsCredentialsHandle credentialsHandle = WindowsCredentialsHandleImpl.getCurrent(securityPackage);
IWindowsCredentialsHandle credentialsHandle = WindowsCredentialsHandleImpl.getCurrent(securityPackage);
credentialsHandle.initialize();
try {
final WindowsSecurityContextImpl ctx = new WindowsSecurityContextImpl();
ctx.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
ctx.setCredentialsHandle(credentialsHandle.getHandle());
ctx.setCredentialsHandle(credentialsHandle);
ctx.setSecurityPackage(securityPackage);
ctx.initialize(null, null, targetName);

// Starting from here ctx 'owns' the credentials handle
credentialsHandle = null;

return ctx;
} finally {
credentialsHandle.dispose();
if (credentialsHandle != null) {
credentialsHandle.dispose();
}
}
}

Expand All @@ -134,7 +139,7 @@ public void initialize(final CtxtHandle continueCtx, final SecBufferDesc continu
int rc;
do {
this.token = new SecBufferDesc(Sspi.SECBUFFER_TOKEN, tokenSize);
rc = Secur32.INSTANCE.InitializeSecurityContext(this.credentials, continueCtx, targetName,
rc = Secur32.INSTANCE.InitializeSecurityContext(this.credentials.getHandle(), continueCtx, targetName,
Sspi.ISC_REQ_CONNECTION, 0, Sspi.SECURITY_NATIVE_DREP, continueToken, 0, this.ctx, this.token,
this.attr, null);
switch (rc) {
Expand All @@ -160,6 +165,10 @@ public void initialize(final CtxtHandle continueCtx, final SecBufferDesc continu
@Override
public void dispose() {
WindowsSecurityContextImpl.dispose(this.ctx);

if (this.credentials != null) {
this.credentials.dispose();
}
}

/**
Expand Down Expand Up @@ -214,7 +223,7 @@ public CtxtHandle getHandle() {
* @param handle
* the new credentials handle
*/
public void setCredentialsHandle(final CredHandle handle) {
public void setCredentialsHandle(final IWindowsCredentialsHandle handle) {
this.credentials = handle;
}

Expand Down
4 changes: 2 additions & 2 deletions Source/JNA/waffle-tests/src/test/java/waffle/servlet/NegotiateSecurityFilterTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ public void testChallengePOST() throws IOException, ServletException {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
final SimpleHttpRequest request = new SimpleHttpRequest();
Expand Down Expand Up @@ -173,7 +173,7 @@ public void testNegotiate() throws IOException, ServletException {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// filter chain
Expand Down
6 changes: 3 additions & 3 deletions Source/JNA/waffle-tests/src/test/java/waffle/windows/auth/WindowsAuthProviderTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ public void testAcceptSecurityToken() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, targetName);
// accept on the server
Expand Down Expand Up @@ -232,7 +232,7 @@ public void testSecurityContextsExpire() throws InterruptedException {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// accept on the server
Expand Down Expand Up @@ -277,7 +277,7 @@ public void testAcceptAndImpersonateSecurityToken() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, targetName);
// accept on the server
Expand Down
4 changes: 2 additions & 2 deletions Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/MixedAuthenticatorTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ public void testChallengePOST() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
final SimpleHttpRequest request = new SimpleHttpRequest();
Expand Down Expand Up @@ -166,7 +166,7 @@ public void testNegotiate() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// negotiate
Expand Down
6 changes: 3 additions & 3 deletions Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/NegotiateAuthenticatorTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ public void testChallengePOST() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
final SimpleHttpRequest request = new SimpleHttpRequest();
Expand Down Expand Up @@ -164,7 +164,7 @@ public void testNegotiate() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// negotiate
Expand Down Expand Up @@ -227,7 +227,7 @@ public void testPOSTEmpty() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// negotiate
Expand Down
4 changes: 2 additions & 2 deletions Source/JNA/waffle-tomcat7/src/test/java/waffle/apache/MixedAuthenticatorTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,7 @@ public void testChallengePOST() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
final SimpleHttpRequest request = new SimpleHttpRequest();
Expand Down Expand Up @@ -188,7 +188,7 @@ public void testNegotiate() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// negotiate
Expand Down
6 changes: 3 additions & 3 deletions Source/JNA/waffle-tomcat7/src/test/java/waffle/apache/NegotiateAuthenticatorTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ public void testChallengePOST() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
final SimpleHttpRequest request = new SimpleHttpRequest();
Expand Down Expand Up @@ -183,7 +183,7 @@ public void testNegotiate() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// negotiate
Expand Down Expand Up @@ -246,7 +246,7 @@ public void testPOSTEmpty() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// negotiate
Expand Down
4 changes: 2 additions & 2 deletions Source/JNA/waffle-tomcat8/src/test/java/waffle/apache/MixedAuthenticatorTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@ public void testChallengePOST() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
final SimpleHttpRequest request = new SimpleHttpRequest();
Expand Down Expand Up @@ -190,7 +190,7 @@ public void testNegotiate() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// negotiate
Expand Down
6 changes: 3 additions & 3 deletions Source/JNA/waffle-tomcat8/src/test/java/waffle/apache/NegotiateAuthenticatorTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ public void testChallengePOST() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
final SimpleHttpRequest request = new SimpleHttpRequest();
Expand Down Expand Up @@ -183,7 +183,7 @@ public void testNegotiate() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// negotiate
Expand Down Expand Up @@ -246,7 +246,7 @@ public void testPOSTEmpty() {
// initial client security context
clientContext = new WindowsSecurityContextImpl();
clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
clientContext.setCredentialsHandle(clientCredentials.getHandle());
clientContext.setCredentialsHandle(clientCredentials);
clientContext.setSecurityPackage(securityPackage);
clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
// negotiate
Expand Down

0 comments on commit 5c66567

Please sign in to comment.