[210474][api][breaking] Deny save password function missing

https://bugs.eclipse.org/bugs/show_bug.cgi?id=210474

rse/plugins/org.eclipse.rse.core/src/org/eclipse/rse/core/PasswordPersistenceManager.java

@@ -18,6 +18,7 @@
  * Martin Oberhuber (Wind River) - [186640] Add IRSESystemType.testProperty()
  * Martin Oberhuber (Wind River) - [218655][api] Provide SystemType enablement info in non-UI
  * Martin Oberhuber (Wind River) - [cleanup] Add API "since" Javadoc tags
+ * David Dykstal (IBM) - [210474] Deny save password function missing
  ********************************************************************************/
 
 package org.eclipse.rse.core;
@@ -29,6 +30,7 @@ import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import org.eclipse.core.resources.ResourcesPlugin;
 import org.eclipse.core.runtime.CoreException;
@@ -59,6 +61,7 @@ public class PasswordPersistenceManager {
 	// Add return codes
 	public static final int RC_OK = 0;
 	public static final int RC_ALREADY_EXISTS = 1;
+	public static final int RC_DENIED = 2;
 	public static final int RC_ERROR = -1;
 
 	// Default System Type, on a lookup if the specified system type and hostname is not found
@@ -163,9 +166,7 @@ public class PasswordPersistenceManager {
 	}
 
 	/*
-	 * initialization
-	 * 		- read password file
-	 *  	- load IPasswordEncryptionProvider instances
+	 * initialization - register system types
 	 */
 	private void initExtensions()
 	{
@@ -186,37 +187,50 @@ public class PasswordPersistenceManager {
 		remove(info.getSystemType(), info.getHostname(), info.getUserId());
 	}
 
-	/**
-	 * Remove the entry from the keyring that matches the hostname, userid and
-	 * system type parameters.
-	 * @param systemtype the systemType
-	 * @param hname the connection name
-	 * @param userid the user id
+    /**
+	 * Removes all passwords for a host name for a given system type.
+	 * Use the default system type explicitly to remove those entries.
+	 * @param systemType The system type of the host
+	 * @param hostName The IP address of the host in canonical format
+	 * @return the number of passwords removed from the keyring
 	 */
-	public void remove(IRSESystemType systemtype, String hname, String userid)
-	{
-		String hostname = hname;//RSEUIPlugin.getQualifiedHostName(hname);
-		// Convert userid to upper case if required
-		if (!isUserIDCaseSensitive(systemtype))
-		{
-			userid = userid.toUpperCase();
-		}
-
-		Map passwords = getPasswordMap(systemtype);
-
-		if (passwords != null)
-		{
-			if (removePassword(passwords, hostname, userid))
-			{
-				savePasswordMap(systemtype.getId(), passwords);
+	public int remove(IRSESystemType systemType, String hostName) {
+		Map passwords = getPasswordMap(systemType);
+		int numberRemoved = 0;
+		if (passwords != null) {
+			String hostPrefix = hostName + "//"; //$NON-NLS-1$
+			Set keys = passwords.keySet();
+			for (Iterator z = keys.iterator(); z.hasNext();) {
+				String key = (String) z.next();
+				if (key.startsWith(hostPrefix)) {
+					z.remove(); // safely removes the key and the entry from the map
+					numberRemoved++;
+				}
+			}
+			if (numberRemoved > 0) {
+				savePasswordMap(systemType.getId(), passwords);
 			}
 		}
-		else
-		{
-			// yantzi: RSE6.2 check for default system type entry with this hostname and user ID
-			if (!DEFAULT_SYSTEM_TYPE.equals(systemtype))
-			{
-				remove(DEFAULT_SYSTEM_TYPE, hostname, userid);
+		return numberRemoved;
+	}
+    
+	/**
+	 * Removes all entries from the keyring that match the hostname, userid, and system type.
+	 * Use the default system type explicitly to remove those entries.
+	 * @param systemType the systemType
+	 * @param hostName the connection name
+	 * @param userid the user id
+	 */
+	public void remove(IRSESystemType systemType, String hostName, String userid) {
+		String hostname = hostName;//RSEUIPlugin.getQualifiedHostName(hname);
+		// Convert userid to upper case if required
+		if (!isUserIDCaseSensitive(systemType)) {
+			userid = userid.toUpperCase();
+		}
+		Map passwords = getPasswordMap(systemType);
+		if (passwords != null) {
+			if (removePassword(passwords, hostname, userid)) {
+				savePasswordMap(systemType.getId(), passwords);
 			}
 		}
 	}
@@ -247,102 +261,69 @@ public class PasswordPersistenceManager {
 	}
 
 	/**
-	 * Add a new persisted password to the password database.  This method assumes
-	 * the encrypted password is already stored in the SystemSignonInformation
-	 * parameter.
-	 * 
+	 * Add a password to the password database.
+	 * This will not update the entry for the default system type
 	 * @param info The signon information to store
 	 * @param overwrite Whether to overwrite any existing entry
-	 * 
 	 * @return
 	 * 	RC_OK if the password was successfully stored
 	 *  RC_ALREADY_EXISTS if the password already exists and overwrite was false
 	 */
-	public int add(SystemSignonInformation info, boolean overwrite)
-	{
+	public int add(SystemSignonInformation info, boolean overwrite) {
 		return add(info, overwrite, false);
 	}
 
 	/**
-	 * Add a new persisted password to the password database.  This method assumes
-	 * the encrypted password is already stored in the SystemSignonInformation
-	 * parameter.
-	 * 
+	 * Add a password to the password database.
 	 * @param info The signon information to store
-	 * @param overwrite Whether to overwrite any existing entry
-	 * @param updateDefault Whether or not to update the default entry for the specified hostname / user ID if one exists.
-	 * 
+	 * @param overwrite If true then overwrite the existing entry for this systemtype, hostname, and userid.
+	 * @param updateDefault if true then set the entry for the default systemtype, hostname, and user ID, according to the overwrite setting.
 	 * @return
-	 * 	RC_OK if the password was successfully stored
-	 *  RC_ALREADY_EXISTS if the password already exists and overwrite was false
+	 * RC_OK if the password was successfully stored.
+	 * RC_ALREADY_EXISTS if the password already exists and overwrite was false
+	 * RC_DENIED if passwords may not be saved for this system type and host
 	 */
-	public int add(SystemSignonInformation info, boolean overwrite, boolean updateDefault)
-	{
-		IRSESystemType systemtype = info.getSystemType();
-
-		// Convert userid to upper case if required
-		if (!isUserIDCaseSensitive(systemtype))
-		{
-			info.setUserId(info.getUserId().toUpperCase());
-		}
-
-		String hostname = info.getHostname();
-		String userid = info.getUserId();
-		Map passwords = getPasswordMap(systemtype);
-		String passwordKey = getPasswordKey(hostname, userid);
-
-		if (passwords != null)
-		{
-			String password = getPassword(passwords, hostname, userid);
-
-			if (password != null)
-			{
-				if (!overwrite)
-				{
-					return RC_ALREADY_EXISTS;
-				}
-				else
-				{
-					removePassword(passwords, hostname, userid);
+	public int add(SystemSignonInformation info, boolean overwrite, boolean updateDefault) {
+		int result = RC_OK;
+		IRSESystemType systemType = info.getSystemType();
+		String hostName = info.getHostname();
+		String userId = info.getUserId();
+		String newPassword = info.getPassword();
+		boolean deny = RSEPreferencesManager.getDenyPasswordSave(systemType, hostName);
+		if (!deny) {
+			if (!isUserIDCaseSensitive(systemType)) {
+				userId = userId.toUpperCase();
+				info.setUserId(userId);
+			}
+			if (updateDefault) {
+				if (systemType != DEFAULT_SYSTEM_TYPE) {
+					SystemSignonInformation newInfo = new SystemSignonInformation(hostName, userId, newPassword, DEFAULT_SYSTEM_TYPE);
+					result = add(newInfo, overwrite, false);
 				}
 			}
-			else if (updateDefault)
-			{
-				// yantzi: 6.2, check if default exists for the specified hostname / user ID
-				Map defaultPasswords = getPasswordMap(DEFAULT_SYSTEM_TYPE);
-				if (defaultPasswords != null)
-				{
-					String defaultPassword = (String) defaultPasswords.get(passwordKey);
-					if (defaultPassword != null)
-					{
-						if (!overwrite)
-						{
-							return RC_ALREADY_EXISTS;
-						}
-						else
-						{
-							defaultPasswords.remove(passwordKey);
-							passwords = defaultPasswords;
-							systemtype = DEFAULT_SYSTEM_TYPE;
-						}
-					}
+			Map passwords = getPasswordMap(systemType);
+			if (passwords == null) {
+				passwords = new HashMap(5);
+			}
+			String oldPassword = getPassword(passwords, hostName, userId);
+			if (oldPassword != null) {
+				if (overwrite) {
+					removePassword(passwords, hostName, userId);
+				} else {
+					result = RC_ALREADY_EXISTS;
 				}
 			}
+			if (result == RC_OK) {
+				String passwordKey = getPasswordKey(hostName, userId);
+				passwords.put(passwordKey, newPassword);
+				savePasswordMap(systemType.getId(), passwords);
+			}
+		} else {
+			result = RC_DENIED;
 		}
-		else
-		{
-			// password map did not exists yet so create a new one
-			passwords = new HashMap(5);
-		}
-
-		passwords.put(passwordKey, info.getPassword());
-
-		savePasswordMap(systemtype.getId(), passwords);
-
-		return RC_OK;
+		return result;
 	}
-
-
+	
 	/*
 	 * Retrieve the password map from the keyring for the specified system type
 	 */
@@ -405,7 +386,10 @@ public class PasswordPersistenceManager {
 	}
 
 	/**
-	 * Find the persisted password for the specified systemtype, hostname and userid.
+	 * Find the password for the specified systemtype, hostname and userid.
+	 * If one is not found then the default system type is used.
+	 * The system type in the signon information returned may not be the same as the system type
+	 * specfied in the argument.
 	 */
 	public SystemSignonInformation find(IRSESystemType systemtype, String hostname, String userid)
 	{
@@ -563,13 +547,13 @@ public class PasswordPersistenceManager {
 		return buffer.toString();
 	}
 
-	private static String getHostnameFromPasswordKey(String passwordKey)
+	private String getHostnameFromPasswordKey(String passwordKey)
 	{
 		int sepIndex = passwordKey.indexOf("//"); //$NON-NLS-1$
 		return passwordKey.substring(0,sepIndex);
 	}
 
-	private static String getUserIdFromPasswordKey(String passwordKey)
+	private String getUserIdFromPasswordKey(String passwordKey)
 	{
 		int sepIndex = passwordKey.indexOf("//"); //$NON-NLS-1$
 		return passwordKey.substring(sepIndex + 2, passwordKey.length());

rse/plugins/org.eclipse.rse.core/src/org/eclipse/rse/core/RSEPreferencesManager.java

@@ -10,12 +10,14 @@
  * Martin Oberhuber (Wind River) - [177523] Unify singleton getter methods
  * David Dykstal (IBM) - [197167] adding notification and waiting for RSE model
  * Martin Oberhuber (Wind River) - [cleanup] Add API "since" Javadoc tags
+ * David Dykstal (IBM) - [210474] Deny save password function missing
  ********************************************************************************/
 package org.eclipse.rse.core;
 
 import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.Hashtable;
+import java.util.Locale;
 import java.util.SortedSet;
 import java.util.StringTokenizer;
 import java.util.TreeSet;
@@ -471,6 +473,63 @@ public class RSEPreferencesManager {
 		return result;
 	}
 
+	/**
+	 * Sets the preference for a particular system type and host address that causes passwords
+	 * not to be savable. The default for this attribute is false - that is, passwords are savable for
+	 * all system types and hosts.
+	 * @param systemType The system type of this preference.
+	 * @param hostAddress The host address of this preference
+	 * @param deny true if save of passwords is to be denied. false is save is to be allowed.
+	 * If true then all passwords that have been saved for this system type and host address are removed.
+	 * All passwords saved for the default system type and host address are also removed.
+	 * @return the number of passwords removed if deny was set to true
+	 * @since org.eclipse.rse.core 3.0
+	 */
+	public static int setDenyPasswordSave(IRSESystemType systemType, String hostAddress, boolean deny) {
+		int result = 0;
+		Preferences preferences = RSECorePlugin.getDefault().getPluginPreferences();
+		String preferenceName = getPasswordSavePreferenceName(systemType, hostAddress);
+		preferences.setValue(preferenceName, deny);
+		if (deny) {
+			result = PasswordPersistenceManager.getInstance().remove(systemType, hostAddress);
+			result += PasswordPersistenceManager.getInstance().remove(PasswordPersistenceManager.DEFAULT_SYSTEM_TYPE, hostAddress);
+		}
+		return result;
+	}
+
+	/**
+	 * Retrieves the preference for a particular system type and host address that determines if passwords
+	 * can be saved. The default for this attribute is false, that is, save is not denied, 
+	 * thus passwords are savable.
+	 * @param systemType
+	 * @param hostAddress
+	 * @return true if saving of passwords is denied. false if saving is allowed.
+	 * @since org.eclipse.rse.core 3.0
+	 */
+	public static boolean getDenyPasswordSave(IRSESystemType systemType, String hostAddress) {
+		Preferences preferences = RSECorePlugin.getDefault().getPluginPreferences();
+		String preferenceName = getPasswordSavePreferenceName(systemType, hostAddress);
+		boolean result = preferences.getBoolean(preferenceName);
+		return result;
+	}
+
+	/**
+	 * Retrieves the "denyPasswordSave" preference name of a particular host address. 
+	 * @param systemType The system type we are concerned with
+	 * @param hostAddress The host address, typically an IP address.
+	 * @return the name associated with this preference.
+	 * This name is of the form {systemTypeId}___{hostAddress}___DENY_PASSWORD_SAVE.
+	 */
+	private static String getPasswordSavePreferenceName(IRSESystemType systemType, String hostAddress) {
+		StringBuffer b = new StringBuffer(100);
+		b.append(systemType.getId());
+		b.append("___"); //$NON-NLS-1$
+		b.append(hostAddress.toUpperCase(Locale.US)); // should use US locale for IP names and addresses
+		b.append("___DENY_PASSWORD_SAVE"); //$NON-NLS-1$
+		String preferenceName = b.toString();
+		return preferenceName;
+	}
+
 	/*
 	 * Having this method private disables instance creation.
 	 */

rse/plugins/org.eclipse.rse.core/src/org/eclipse/rse/core/subsystems/AbstractConnectorService.java

@@ -1,5 +1,5 @@
 /********************************************************************************
- * Copyright (c) 2002, 2007 IBM Corporation and others. All rights reserved.
+ * Copyright (c) 2002, 2008 IBM Corporation and others. All rights reserved.
  * This program and the accompanying materials are made available under the terms
  * of the Eclipse Public License v1.0 which accompanies this distribution, and is 
  * available at http://www.eclipse.org/legal/epl-v10.html
@@ -16,6 +16,7 @@
  * David Dykstal (IBM) - 142806: refactoring persistence framework
  * Martin Oberhuber (Wind River) - [185750] Remove IConnectorService.getHostType() 
  * David Dykstal (IBM) - [189483] fix spelling in initialize/uninitialize method signatures
+ * David Dykstal (IBM) - [210474] Deny save password function missing
  ********************************************************************************/
 package org.eclipse.rse.core.subsystems;
 
@@ -25,6 +26,8 @@ import java.util.List;
 import java.util.Vector;
 
 import org.eclipse.core.runtime.IProgressMonitor;
+import org.eclipse.rse.core.IRSESystemType;
+import org.eclipse.rse.core.RSEPreferencesManager;
 import org.eclipse.rse.core.model.IHost;
 import org.eclipse.rse.core.model.IRSEPersistableContainer;
 import org.eclipse.rse.core.model.RSEModelObject;
@@ -476,5 +479,29 @@ public abstract class AbstractConnectorService extends RSEModelObject implements
 	 */
 	protected void postConnect() {
 	}
+	
+    /* (non-Javadoc)
+	 * @see com.ibm.etools.systems.subsystems.ISystem#setDenyPasswordSave(boolean)
+	 */
+	public final int setDenyPasswordSave(boolean deny) {
+		IHost host = getHost();
+		String hostAddress = host.getHostName();
+		IRSESystemType systemType = host.getSystemType();
+		int result = RSEPreferencesManager.setDenyPasswordSave(systemType, hostAddress, deny);
+		return result;
+	}
+
+	/* (non-Javadoc)
+	 * @see com.ibm.etools.systems.subsystems.ISystem#getDenyPasswordSave()
+	 */
+	public final boolean getDenyPasswordSave() {
+		IHost host = getHost();
+		String hostAddress = host.getHostName();
+		IRSESystemType systemType = host.getSystemType();
+		boolean result = RSEPreferencesManager.getDenyPasswordSave(systemType, hostAddress);
+		return result;
+	}
+
+	
 
 }

rse/plugins/org.eclipse.rse.core/src/org/eclipse/rse/core/subsystems/AbstractDelegatingConnectorService.java

@@ -1,5 +1,5 @@
 /********************************************************************************
- * Copyright (c) 2007 IBM Corporation. All rights reserved.
+ * Copyright (c) 2007, 2008 IBM Corporation. All rights reserved.
  * This program and the accompanying materials are made available under the terms
  * of the Eclipse Public License v1.0 which accompanies this distribution, and is 
  * available at http://www.eclipse.org/legal/epl-v10.html
@@ -12,6 +12,7 @@
  * David Dykstal (IBM) - 168977: refactoring IConnectorService and ServerLauncher hierarchies
  * David Dykstal (IBM) - 142806: refactoring persistence framework
  * Martin Oberhuber (Wind River) - [185750] Remove IConnectorService.getHostType() 
+ * David Dykstal (IBM) - [210474] Deny save password function missing
  ********************************************************************************/
 package org.eclipse.rse.core.subsystems;
 
@@ -782,6 +783,28 @@ public abstract class AbstractDelegatingConnectorService implements IDelegatingC
 		return IRSEPersistableContainer.NO_CHILDREN;
 	}
 	
+	/* (non-Javadoc)
+	 * @see org.eclipse.rse.core.subsystems.IConnectorService#setDenyPasswordSave(boolean)
+	 */
+	public int setDenyPasswordSave(boolean deny) {
+		int n = 0;
+		IConnectorService connectorService = getRealConnectorService();
+		if (connectorService != null) {
+			n = connectorService.setDenyPasswordSave(deny);
+		}
+		return n;
+	}
 	
+	/* (non-Javadoc)
+	 * @see org.eclipse.rse.core.subsystems.IConnectorService#getDenyPasswordSave()
+	 */
+	public boolean getDenyPasswordSave() {
+		boolean result = false;
+		IConnectorService connectorService = getRealConnectorService();
+		if (connectorService != null) {
+			result = connectorService.getDenyPasswordSave();
+		}
+		return result;
+	}
 
 }

rse/plugins/org.eclipse.rse.core/src/org/eclipse/rse/core/subsystems/AuthenticatingConnectorService.java

@@ -1,5 +1,5 @@
 /********************************************************************************
- * Copyright (c) 2007 IBM Corporation and others. All rights reserved.
+ * Copyright (c) 2007, 2008 IBM Corporation and others. All rights reserved.
  * This program and the accompanying materials are made available under the terms
  * of the Eclipse Public License v1.0 which accompanies this distribution, and is 
  * available at http://www.eclipse.org/legal/epl-v10.html
@@ -9,6 +9,7 @@
  * Martin Oberhuber (Wind River) - [175262] IHost.getSystemType() should return IRSESystemType 
  * Martin Oberhuber (Wind River) - [184095] Replace systemTypeName by IRSESystemType
  * Martin Oberhuber (Wind River) - [177523] Unify singleton getter methods
+ * David Dykstal (IBM) - [210474] Deny save password function missing
  ********************************************************************************/
 package org.eclipse.rse.core.subsystems;
 
@@ -143,7 +144,7 @@ public abstract class AuthenticatingConnectorService extends AbstractConnectorSe
 		ICredentials credentials = credentialsProvider.getCredentials();
 		if (credentials instanceof SystemSignonInformation) {
 			SystemSignonInformation signonInformation = (SystemSignonInformation) credentials;
-			PasswordPersistenceManager.getInstance().add(signonInformation, true, true);
+			PasswordPersistenceManager.getInstance().add(signonInformation, true, false);
 		}
 	}
 

rse/plugins/org.eclipse.rse.core/src/org/eclipse/rse/core/subsystems/IConnectorService.java

@@ -16,6 +16,7 @@
  * Martin Oberhuber (Wind River) - [185750] Remove IConnectorService.getHostType()
  * Martin Oberhuber (Wind River) - [187218] Fix error reporting for connect()
  * Martin Oberhuber (Wind River) - [cleanup] Add API "since" Javadoc tags
+ * David Dykstal (IBM) - [210474] Deny save password function missing
  ********************************************************************************/
 
 package org.eclipse.rse.core.subsystems;
@@ -384,4 +385,28 @@ public interface IConnectorService extends IRSEModelObject {
 	 */
 	boolean requiresUserId();
 
+	/**
+	 * Sets the attribute for this connector service instance that denies a password to be saved.
+	 * If the attribute has never been set it defaults to false. 
+	 * If set to true, it will clear any saved passwords for this system and not allow any further
+	 * passwords to be stored.
+	 * This property of a system is persistent from session to session, but is not sharable.
+	 * @param deny 
+	 * If true, forget any saved passwords and do not allow any others to be saved.
+	 * If false, allow passwords to be saved in the keychain.
+	 * @return the number of saved passwords removed by this operation.
+	 * This will always be zero if "deny" is false.
+	 * @since org.eclipse.rse.core 3.0
+	 */
+	public int setDenyPasswordSave(boolean deny);
+
+	/**
+	 * Retrieves the value of the "DENY_PASSWORD_SAVE" property of this connector service.
+	 * If the value has never been set, this will return false.
+	 * @return true if password saving is denied.
+	 * @since org.eclipse.rse.core 3.0
+	 */
+	public boolean getDenyPasswordSave();
+
+
 }

rse/plugins/org.eclipse.rse.ui/UI/org/eclipse/rse/ui/dialogs/SystemPasswordPromptDialog.java

@@ -1,5 +1,5 @@
 /********************************************************************************
- * Copyright (c) 2002, 2007 IBM Corporation and others. All rights reserved.
+ * Copyright (c) 2002, 2008 IBM Corporation and others. All rights reserved.
  * This program and the accompanying materials are made available under the terms
  * of the Eclipse Public License v1.0 which accompanies this distribution, and is 
  * available at http://www.eclipse.org/legal/epl-v10.html
@@ -14,6 +14,7 @@
  * David Dykstal (IBM) - moved SystemPreferencesManager to a new package
  * David Dykstal (IBM) - 168977: refactoring IConnectorService and ServerLauncher hierarchies
  * Martin Oberhuber (Wind River) - [184095] Replace systemTypeName by IRSESystemType
+ * David Dykstal (IBM) - [210474] Deny save password function missing
  ********************************************************************************/
 
 package org.eclipse.rse.ui.dialogs;
@@ -216,7 +217,7 @@ public final class SystemPasswordPromptDialog extends SystemPromptDialog impleme
 
 		// Save signon information checkbox
 		// DY:  align password checkbox with entry fields
-		if (connectorService.supportsPassword()) {
+		if (connectorService.supportsPassword() && !connectorService.getDenyPasswordSave()) {
 			SystemWidgetHelpers.createLabel(composite_prompts, ""); //$NON-NLS-1$
 			savePasswordCB = SystemWidgetHelpers.createCheckBox(composite_prompts, 1, this, SystemResources.RESID_PASSWORD_SAVE_LABEL, SystemResources.RESID_PASSWORD_SAVE_TOOLTIP);
 			savePasswordCB.setSelection(savePassword);

rse/plugins/org.eclipse.rse.ui/subsystems/org/eclipse/rse/ui/subsystems/StandardCredentialsProvider.java

@@ -1,5 +1,5 @@
 /********************************************************************************
- * Copyright (c) 2007 IBM Corporation and others. All rights reserved.
+ * Copyright (c) 2007, 2008 IBM Corporation and others. All rights reserved.
  * This program and the accompanying materials are made available under the terms
  * of the Eclipse Public License v1.0 which accompanies this distribution, and is 
  * available at http://www.eclipse.org/legal/epl-v10.html
@@ -9,6 +9,7 @@
  * Martin Oberhuber (Wind River) - [175262] IHost.getSystemType() should return IRSESystemType 
  * Martin Oberhuber (Wind River) - [184095] Replace systemTypeName by IRSESystemType
  * Martin Oberhuber (Wind River) - [186748] Move ISubSystemConfigurationAdapter from UI/rse.core.subsystems.util
+ * David Dykstal (IBM) - [210474] Deny save password function missing
  ********************************************************************************/
 package org.eclipse.rse.ui.subsystems;
 
@@ -303,7 +304,7 @@ public class StandardCredentialsProvider extends AbstractCredentialsProvider {
 		SystemSignonInformation signonInformation = new SystemSignonInformation(hostName, matchingUserId, password, systemType);
 		setSignonInformation(signonInformation);
 		if (persist) { // if password should be persisted, then add to disk
-			PasswordPersistenceManager.getInstance().add(signonInformation, true, true);
+			PasswordPersistenceManager.getInstance().add(signonInformation, true, false);
 		} else { // otherwise, remove from both memory and disk
 			PasswordPersistenceManager.getInstance().remove(systemType, hostName, userId);
 		}

rse/tests/org.eclipse.rse.tests/src/org/eclipse/rse/tests/core/passwords/PasswordsTest.java

@@ -0,0 +1,133 @@
+/********************************************************************************
+ * Copyright (c) 2008 IBM Corporation and others. All rights reserved.
+ * This program and the accompanying materials are made available under the terms
+ * of the Eclipse Public License v1.0 which accompanies this distribution, and is 
+ * available at http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * David Dykstal (IBM) - [210474] Deny save password function missing
+ ********************************************************************************/
+
+package org.eclipse.rse.tests.core.passwords;
+
+import org.eclipse.rse.core.IRSESystemType;
+import org.eclipse.rse.core.PasswordPersistenceManager;
+import org.eclipse.rse.core.RSEPreferencesManager;
+import org.eclipse.rse.core.model.SystemSignonInformation;
+import org.eclipse.rse.internal.core.RSECoreRegistry;
+import org.eclipse.rse.tests.core.RSECoreTestCase;
+
+/**
+ * Tests for {@link PasswordPersistenceManager}.
+ * Test various aspects of mnemonic generation and assignment.
+ */
+public class PasswordsTest extends RSECoreTestCase {
+	
+	/* (non-Javadoc)
+	 * @see org.eclipse.rse.tests.core.RSECoreTestCase#setUp()
+	 */
+	protected void setUp() throws Exception {
+		super.setUp();
+	}
+	
+	/* (non-Javadoc)
+	 * @see org.eclipse.rse.tests.core.RSECoreTestCase#tearDown()
+	 */
+	protected void tearDown() throws Exception {
+		super.tearDown();
+	}
+	
+	public void testAddRemove() {
+		//-test-author-:DavidDykstal
+		IRSESystemType systemType = RSECoreRegistry.getInstance().getSystemType(IRSESystemType.SYSTEMTYPE_UNIX_ID);
+		IRSESystemType defaultSystemType = PasswordPersistenceManager.DEFAULT_SYSTEM_TYPE;
+		String hostAddress = "somesystem.mycompany.com";
+		boolean deny = RSEPreferencesManager.getDenyPasswordSave(systemType, hostAddress);
+		assertFalse("the initial value of this preference should be false", deny);
+		
+		String password = "password";
+		String userId = "me";
+		SystemSignonInformation info = new SystemSignonInformation(hostAddress, userId, password, systemType);
+		PasswordPersistenceManager ppm = PasswordPersistenceManager.getInstance();
+
+		// save a password
+		int result = ppm.add(info, true, true);
+		assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);
+		SystemSignonInformation returnedInfo = ppm.find(systemType, hostAddress, userId);
+		assertEquals("passwords are not equal", password, returnedInfo.getPassword());
+		assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());
+
+		// remove the password for the system type
+		ppm.remove(systemType, hostAddress, userId); // removes only the entry for the system type
+		returnedInfo = ppm.find(systemType, hostAddress, userId, true);
+		assertEquals("passwords are not equal", password, returnedInfo.getPassword());
+		assertEquals("system type not what was expected", defaultSystemType, returnedInfo.getSystemType());
+		returnedInfo = ppm.find(systemType, hostAddress, userId, false);
+		assertNull("signon info was found but should not be", returnedInfo);
+
+		// remove the password for the default system type
+		ppm.remove(defaultSystemType, hostAddress, userId);
+		returnedInfo = ppm.find(systemType, hostAddress, userId, true);
+		assertNull("signon info was found but should not be", returnedInfo);
+		returnedInfo = ppm.find(systemType, hostAddress, userId, false);
+		assertNull("signon info was found but should not be", returnedInfo);
+
+		// save a password just for the system type
+		result = ppm.add(info, true, false);
+		assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);
+		returnedInfo = ppm.find(systemType, hostAddress, userId);
+		assertEquals("passwords are not equal", password, returnedInfo.getPassword());
+		assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());
+		returnedInfo = ppm.find(defaultSystemType, hostAddress, userId);
+		assertNull("signon info was found but should not be", returnedInfo);
+
+		// remove the password
+		ppm.remove(systemType, hostAddress, userId);
+		returnedInfo = ppm.find(systemType, hostAddress, userId, true);
+		assertNull("signon info was found but should not be", returnedInfo);
+		returnedInfo = ppm.find(systemType, hostAddress, userId, false);
+		assertNull("signon info was found but should not be", returnedInfo);
+	}
+	
+	public void testSaveDenial() {
+		//-test-author-:DavidDykstal
+		IRSESystemType systemType = RSECoreRegistry.getInstance().getSystemType(IRSESystemType.SYSTEMTYPE_UNIX_ID);
+		String hostAddress = "somesystem.mycompany.com";
+		boolean deny = RSEPreferencesManager.getDenyPasswordSave(systemType, hostAddress);
+		assertFalse("the initial value of this preference should be false", deny);
+		
+		String password = "password";
+		String userId = "me";
+		SystemSignonInformation info = new SystemSignonInformation(hostAddress, userId, password, systemType);
+		PasswordPersistenceManager ppm = PasswordPersistenceManager.getInstance();
+
+		// save a password
+		int result = ppm.add(info, true, true);
+		assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_OK, result);
+		SystemSignonInformation returnedInfo = ppm.find(systemType, hostAddress, userId);
+		assertEquals("passwords are not equal", password, returnedInfo.getPassword());
+		assertEquals("system type not what was expected", systemType, returnedInfo.getSystemType());
+
+		// change the preference for this system type, should erase all the passwords, including the default system type
+		RSEPreferencesManager.setDenyPasswordSave(systemType, hostAddress, true);
+		returnedInfo = ppm.find(systemType, hostAddress, userId);
+		assertNull("signon info was found but should not be", returnedInfo);
+		returnedInfo = ppm.find(systemType, hostAddress, userId, true);
+		assertNull("signon info was found but should not be", returnedInfo);
+		returnedInfo = ppm.find(systemType, hostAddress, userId, false);
+		assertNull("signon info was found but should not be", returnedInfo);
+
+		// try to save one
+		result = ppm.add(info, true, true);
+		assertEquals("result of add was not what was expected", PasswordPersistenceManager.RC_DENIED, result);
+
+		// should still not be there
+		returnedInfo = ppm.find(systemType, hostAddress, userId);
+		assertNull("signon info was found but should not be", returnedInfo);
+		returnedInfo = ppm.find(systemType, hostAddress, userId, true);
+		assertNull("signon info was found but should not be", returnedInfo);
+		returnedInfo = ppm.find(systemType, hostAddress, userId, false);
+		assertNull("signon info was found but should not be", returnedInfo);
+	}
+	
+}

rse/tests/org.eclipse.rse.tests/src/org/eclipse/rse/tests/core/passwords/PasswordsTestSuite.java

@@ -0,0 +1,53 @@
+/*******************************************************************************
+ * Copyright (c) 2008 IBM Corporation, and others.
+ * All rights reserved. This program and the accompanying materials 
+ * are made available under the terms of the Eclipse Public License v1.0 
+ * which accompanies this distribution, and is available at 
+ * http://www.eclipse.org/legal/epl-v10.html 
+ * 
+ * Contributors: 
+ * David Dykstal (IBM) - [210474] Deny save password function missing
+ *******************************************************************************/
+package org.eclipse.rse.tests.core.passwords;
+
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.eclipse.rse.tests.framework.DelegatingTestSuiteHolder;
+
+public class PasswordsTestSuite extends DelegatingTestSuiteHolder {
+	/**
+	 * Standard Java application main method. Allows to launch the test
+	 * suite from outside as part of nightly runs, headless runs or other.
+	 * <p><b>Note:</b> Use only <code>junit.textui.TestRunner</code> here as
+	 * it is explicitly supposed to output the test output to the shell the
+	 * test suite has been launched from.
+	 * <p>
+	 * @param args The standard Java application command line parameters passed in.
+	 */
+	public static void main(String[] args) {
+		junit.textui.TestRunner.run(suite());
+	}
+
+	/**
+	 * Combine all test into a suite and returns the test suite instance.
+	 * <p>
+	 * <b>Note: This method must be always called <i><code>suite</code></i> ! Otherwise
+	 * the JUnit plug-in test launcher will fail to detect this class!</b>
+	 * <p>
+	 * @return The test suite instance.
+	 */
+	public static Test suite() {
+		TestSuite suite = new TestSuite("RSE Passwords Test Suite"); //$NON-NLS-1$
+		suite.addTestSuite(PasswordsTest.class);
+		return suite;
+	}
+	
+	/* (non-Javadoc)
+	 * @see org.eclipse.rse.tests.framework.AbstractTestSuiteHolder#getTestSuite()
+	 */
+	public TestSuite getTestSuite() {
+		return (TestSuite)PasswordsTestSuite.suite();
+	}
+
+}

rse/tests/org.eclipse.rse.tests/src/org/eclipse/rse/tests/internal/RSEConnectionManager.java

@@ -15,6 +15,7 @@
  * Martin Oberhuber (Wind River) - [186773] split ISystemRegistryUI from ISystemRegistry
  * David Dykstal (IBM) - [217556] remove service subsystem types
  * Martin Oberhuber (Wind River) - [219086] flush event queue to shield tests from each other
+ * David Dykstal (IBM) - [210474] Deny save password function missing
  *******************************************************************************/
 package org.eclipse.rse.tests.internal;
 
@@ -249,7 +250,7 @@ public class RSEConnectionManager implements IRSEConnectionManager {
 
 				if (userId != null && password != null) {
 					SystemSignonInformation info = new SystemSignonInformation(address, userId, password, systemType);
-					PasswordPersistenceManager.getInstance().add(info, true, true);
+					PasswordPersistenceManager.getInstance().add(info, true, false);
 				}
 				
 				if (daemonPort != null) {