This closes #61 Security Manager change
This commit is contained in:
commit
5b75f59bd6
|
@ -23,6 +23,7 @@ import org.apache.activemq.artemis.core.config.impl.SecurityConfiguration;
|
||||||
import org.apache.activemq.artemis.core.security.CheckType;
|
import org.apache.activemq.artemis.core.security.CheckType;
|
||||||
import org.apache.activemq.artemis.core.security.Role;
|
import org.apache.activemq.artemis.core.security.Role;
|
||||||
import org.apache.activemq.artemis.core.security.User;
|
import org.apache.activemq.artemis.core.security.User;
|
||||||
|
import org.apache.activemq.artemis.core.server.ActiveMQServerLogger;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A basic implementation of the ActiveMQSecurityManager. This can be used within an appserver and be deployed by
|
* A basic implementation of the ActiveMQSecurityManager. This can be used within an appserver and be deployed by
|
||||||
|
@ -32,6 +33,8 @@ public class ActiveMQSecurityManagerImpl implements ActiveMQSecurityManager
|
||||||
{
|
{
|
||||||
private final SecurityConfiguration configuration;
|
private final SecurityConfiguration configuration;
|
||||||
|
|
||||||
|
private ActiveMQServerLogger logger = ActiveMQServerLogger.LOGGER;
|
||||||
|
|
||||||
public ActiveMQSecurityManagerImpl()
|
public ActiveMQSecurityManagerImpl()
|
||||||
{
|
{
|
||||||
configuration = new SecurityConfiguration();
|
configuration = new SecurityConfiguration();
|
||||||
|
@ -44,19 +47,24 @@ public class ActiveMQSecurityManagerImpl implements ActiveMQSecurityManager
|
||||||
|
|
||||||
// Public ---------------------------------------------------------------------
|
// Public ---------------------------------------------------------------------
|
||||||
|
|
||||||
public boolean validateUser(final String user, final String password)
|
public boolean validateUser(final String username, final String password)
|
||||||
{
|
{
|
||||||
if (user == null && configuration.getDefaultUser() == null)
|
if (username != null)
|
||||||
{
|
{
|
||||||
return false;
|
User user = configuration.getUser(username);
|
||||||
|
return user != null && user.isValid(username, password);
|
||||||
|
}
|
||||||
|
else if (username == null && password == null)
|
||||||
|
{
|
||||||
|
return configuration.getDefaultUser() != null;
|
||||||
|
}
|
||||||
|
else // the only possible case here is user == null, password != null
|
||||||
|
{
|
||||||
|
logger.debug("Validating default user against a provided password. This happens when username=null, password!=null");
|
||||||
|
String defaultUsername = configuration.getDefaultUser();
|
||||||
|
User defaultUser = configuration.getUser(defaultUsername);
|
||||||
|
return defaultUser != null && defaultUser.isValid(defaultUsername, password);
|
||||||
}
|
}
|
||||||
|
|
||||||
String defaultUser = configuration.getDefaultUser();
|
|
||||||
User theUser = configuration.getUser(user == null ? defaultUser : user);
|
|
||||||
|
|
||||||
boolean ok = theUser != null && theUser.isValid(user == null ? defaultUser : user, password == null ? defaultUser
|
|
||||||
: password);
|
|
||||||
return ok;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean validateUserAndRole(final String user,
|
public boolean validateUserAndRole(final String user,
|
||||||
|
|
|
@ -57,11 +57,12 @@ public class ActiveMQSecurityManagerImplTest extends ActiveMQTestBase
|
||||||
@Test
|
@Test
|
||||||
public void testDefaultSecurity()
|
public void testDefaultSecurity()
|
||||||
{
|
{
|
||||||
securityManager.getConfiguration().addUser("guest", "guest");
|
securityManager.getConfiguration().addUser("guest", "password");
|
||||||
securityManager.getConfiguration().addRole("guest", "guest");
|
securityManager.getConfiguration().addRole("guest", "guest");
|
||||||
securityManager.getConfiguration().setDefaultUser("guest");
|
securityManager.getConfiguration().setDefaultUser("guest");
|
||||||
Assert.assertTrue(securityManager.validateUser(null, null));
|
Assert.assertTrue(securityManager.validateUser(null, null));
|
||||||
Assert.assertTrue(securityManager.validateUser("guest", "guest"));
|
Assert.assertTrue(securityManager.validateUser("guest", "password"));
|
||||||
|
Assert.assertFalse(securityManager.validateUser(null, "wrongpass"));
|
||||||
HashSet<Role> roles = new HashSet<Role>();
|
HashSet<Role> roles = new HashSet<Role>();
|
||||||
roles.add(new Role("guest", true, true, true, true, true, true, true));
|
roles.add(new Role("guest", true, true, true, true, true, true, true));
|
||||||
Assert.assertTrue(securityManager.validateUserAndRole(null, null, roles, CheckType.CREATE_DURABLE_QUEUE));
|
Assert.assertTrue(securityManager.validateUserAndRole(null, null, roles, CheckType.CREATE_DURABLE_QUEUE));
|
||||||
|
|
Loading…
Reference in New Issue