Ask Your Question
0

Please confirm if the fix is fine..

asked 2014-09-29 04:18:52 -0700

harshawasthi90 gravatar image

Problem If a lot of REST calls are made asynchronously then some of them fail returing 401 error. For synchronous calls there is no problem.

I found the problem in UerConfig.java. In this class MessageDigest object is used as a static class variable.
So on in the hash method of UerConfig.java when the diget method of MessageDigest object was called it returned different values for different threads( which should have been same for all threads.).
So what is feel is that sometimes the threads are changing the state of MessageDigest obj before the thread has performed its function in hash method, as the object is shared by all the threads.

Fix:
I made the MessageDigest obj a local variable in hash method of UserConfig.java. Which resolved the problem and elimanated the 401, for each thread now has its own MessageDigest object.

Code
private static String hash(byte[] salt, String message) {
if (message == null) {
log.warn("Password hash requested but empty or no password provided");
return message;
}
if (salt == null || salt.length == 0) {
log.warn("Password hash requested but empty or no salt provided");
return message;
}

MessageDigest messageDigest = null;
try {
messageDigest = MessageDigest.getInstance("SHA-384");
} catch (NoSuchAlgorithmException e) {
log.error("MessageDigest algorithm does not exist");
return null;
}
HexEncode.bytesToHexString(messageDigest.digest(concatenate(salt, message)));
}

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-04-08 04:29:53 -0700

Robert Varga gravatar image

I can't find UserConfig.java in the ODL sources. The best way of answering your question is to turn it into a patch and submit to the appropriate project's repository via git.opendaylight.org .

edit flag offensive delete publish link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

[hide preview]

Question Tools

Follow
1 follower

Stats

Asked: 2014-09-29 04:18:52 -0700

Seen: 663 times

Last updated: Apr 08 '16