Scramble password

jenkinsci · Jun 10, 2012 · 400602b · 400602b
1 parent 95ddcb6
commit 400602b
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 3 deletions.
diff --git a/src/main/java/hudson/plugins/deploy/PasswordProtectedAdapterCargo.java b/src/main/java/hudson/plugins/deploy/PasswordProtectedAdapterCargo.java
@@ -1,5 +1,6 @@
 package hudson.plugins.deploy;
 
+import hudson.util.Scrambler;
 import org.codehaus.cargo.container.property.RemotePropertySet;
 
 /**
@@ -8,15 +9,27 @@
 public abstract class PasswordProtectedAdapterCargo extends DefaultCargoContainerAdapterImpl {
     @Property(RemotePropertySet.USERNAME)
     public final String userName;
-    private final String password;
+    @Deprecated // backward compatibility
+    private String password;
+    private String passwordScrambled;
 
     public PasswordProtectedAdapterCargo(String userName, String password) {
-        this.password = password;
+        this.password = null;
+        this.passwordScrambled = Scrambler.scramble(password);
         this.userName = userName;
     }
 
     @Property(RemotePropertySet.PASSWORD)
     public String getPassword() {
-        return password;
+        return Scrambler.descramble(passwordScrambled);
+    }
+
+    private Object readResolve() {
+        // backward compatibility
+        if(passwordScrambled == null && password != null){
+            passwordScrambled = Scrambler.scramble(password);
+            password = null;
+        }
+        return this;
     }
 }
diff --git a/src/test/java/hudson/plugins/deploy/PasswordProtectedAdapterCargoTest.java b/src/test/java/hudson/plugins/deploy/PasswordProtectedAdapterCargoTest.java
@@ -0,0 +1,23 @@
+package hudson.plugins.deploy;
+
+import hudson.util.XStream2;
+import org.hamcrest.CoreMatchers;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.matchers.JUnitMatchers;
+
+public class PasswordProtectedAdapterCargoTest {
+    @Test
+    public void testDeserializeOldPlainPassword () {
+        String plainPassword = "plain-password";
+        String oldXml = "<hudson.plugins.deploy.glassfish.GlassFish3xAdapter><userName>manager</userName><password>"
+            + plainPassword + "</password><home>/</home><hostname></hostname></hudson.plugins.deploy.glassfish.GlassFish3xAdapter>";
+        XStream2 xs = new XStream2();
+
+        PasswordProtectedAdapterCargo adapter = (PasswordProtectedAdapterCargo)xs.fromXML(oldXml);
+        Assert.assertEquals(plainPassword, adapter.getPassword());
+
+        String newXml = xs.toXML(adapter);
+        Assert.assertThat("Password should be scrambled", newXml, CoreMatchers.not(JUnitMatchers.containsString(plainPassword)));
+    }
+}