From 6d52f20eddec2a05aa15f7c227e3803e2730fa22 Mon Sep 17 00:00:00 2001 From: Justin Bertram Date: Thu, 14 Oct 2021 15:47:58 -0500 Subject: [PATCH] ARTEMIS-3530 space in role list breaks user listing --- .../apache/activemq/cli/test/ArtemisTest.java | 41 +++++++++++++++++++ .../activemq/artemis/utils/StringUtil.java | 5 ++- .../activemq/artemis/util/StringUtilTest.java | 11 +++++ .../PropertiesLoginModuleConfigurator.java | 2 +- 4 files changed, 56 insertions(+), 3 deletions(-) diff --git a/artemis-cli/src/test/java/org/apache/activemq/cli/test/ArtemisTest.java b/artemis-cli/src/test/java/org/apache/activemq/cli/test/ArtemisTest.java index 0b444633ac..f16cb2a0a6 100644 --- a/artemis-cli/src/test/java/org/apache/activemq/cli/test/ArtemisTest.java +++ b/artemis-cli/src/test/java/org/apache/activemq/cli/test/ArtemisTest.java @@ -34,6 +34,7 @@ import javax.xml.transform.TransformerFactory; import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; import java.io.BufferedReader; +import java.io.BufferedWriter; import java.io.ByteArrayInputStream; import java.io.File; import java.io.IOException; @@ -704,6 +705,46 @@ public class ArtemisTest extends CliTestBase { stopServer(); } + @Test + public void testListUserWithMultipleRolesWithSpaces() throws Exception { + try { + Run.setEmbedded(true); + File instance1 = new File(temporaryFolder.getRoot(), "instance_user"); + System.setProperty("java.security.auth.login.config", instance1.getAbsolutePath() + "/etc/login.config"); + Artemis.main("create", instance1.getAbsolutePath(), "--silent", "--no-autotune", "--no-web", "--no-amqp-acceptor", "--no-mqtt-acceptor", "--no-stomp-acceptor", "--no-hornetq-acceptor", "--security-manager", "jaas"); + System.setProperty("artemis.instance", instance1.getAbsolutePath()); + Object result = Artemis.internalExecute("run"); + server = ((Pair) result).getB(); + ActiveMQServerControl activeMQServerControl = server.getActiveMQServerControl(); + + File userFile = new File(instance1.getAbsolutePath() + "/etc/artemis-users.properties"); + BufferedWriter writer = Files.newBufferedWriter(Paths.get(userFile.getPath())); + writer.write(""); + writer.write("user1 = pass1"); + writer.newLine(); + writer.write("user2 = pass2"); + writer.flush(); + writer.close(); + File roleFile = new File(instance1.getAbsolutePath() + "/etc/artemis-roles.properties"); + writer = Files.newBufferedWriter(Paths.get(roleFile.getPath())); + writer.write(""); + writer.write("role1 = user1, user2"); // the space here is what breaks the parsing + writer.newLine(); + writer.write("role2 = user2"); + writer.flush(); + writer.close(); + + String jsonResult = activeMQServerControl.listUser(""); + contains(JsonUtil.readJsonArray(jsonResult), "user2", "role1"); + contains(JsonUtil.readJsonArray(jsonResult), "user2", "role2"); + checkRole("user2", roleFile, false, "role1", "role2"); + assertTrue(checkPassword("user1", "pass1", userFile, false)); + assertTrue(checkPassword("user2", "pass2", userFile, false)); + } finally { + stopServer(); + } + } + @Test public void testProperReloadWhenAddingUserViaManagementJAAS() throws Exception { testProperReloadWhenAddingUserViaManagement(false); diff --git a/artemis-core-client/src/main/java/org/apache/activemq/artemis/utils/StringUtil.java b/artemis-core-client/src/main/java/org/apache/activemq/artemis/utils/StringUtil.java index 878057b37c..29dbe01a38 100644 --- a/artemis-core-client/src/main/java/org/apache/activemq/artemis/utils/StringUtil.java +++ b/artemis-core-client/src/main/java/org/apache/activemq/artemis/utils/StringUtil.java @@ -17,7 +17,6 @@ package org.apache.activemq.artemis.utils; import java.util.ArrayList; -import java.util.Arrays; import java.util.Collection; import java.util.Iterator; import java.util.List; @@ -54,7 +53,9 @@ public class StringUtil { public static List splitStringList(String strList, String delimit) { ArrayList list = new ArrayList<>(); if (strList != null && !strList.isEmpty()) { - list.addAll(Arrays.asList(strList.split(delimit))); + for (String string : strList.split(delimit)) { + list.add(string.trim()); + } } return list; } diff --git a/artemis-core-client/src/test/java/org/apache/activemq/artemis/util/StringUtilTest.java b/artemis-core-client/src/test/java/org/apache/activemq/artemis/util/StringUtilTest.java index 324e24de20..d1022e102c 100644 --- a/artemis-core-client/src/test/java/org/apache/activemq/artemis/util/StringUtilTest.java +++ b/artemis-core-client/src/test/java/org/apache/activemq/artemis/util/StringUtilTest.java @@ -53,4 +53,15 @@ public class StringUtilTest extends Assert { String result2 = StringUtil.joinStringList(result, ","); assertEquals(listStr, result2); } + + @Test + public void testSplitStringListWithSpaces() throws Exception { + String listStr = "white, blue, yellow, green"; + List result = StringUtil.splitStringList(listStr, ","); + assertEquals(4, result.size()); + assertEquals("white", result.get(0)); + assertEquals("blue", result.get(1)); + assertEquals("yellow", result.get(2)); + assertEquals("green", result.get(3)); + } } diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/PropertiesLoginModuleConfigurator.java b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/PropertiesLoginModuleConfigurator.java index 21c238a948..17bb978767 100644 --- a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/PropertiesLoginModuleConfigurator.java +++ b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/PropertiesLoginModuleConfigurator.java @@ -197,7 +197,7 @@ public class PropertiesLoginModuleConfigurator implements UserManagement { //each roleList may be a comma separated list String[] items = roleList.split(","); for (String item : items) { - if (item.equals(username)) { + if (item.trim().equals(username)) { roles.add(role); } }