Apache
/
activemq-artemis
mirror of https://github.com/apache/activemq-artemis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ARTEMIS-3900 Support management allowlist entries with wildcard domain

This commit is contained in:
Domenico Francesco Bruscino 2022-07-21 11:51:04 +02:00 committed by clebertsuconic
parent e44bd5266f
commit d250801fcf
2 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
artemis-server/src/main/java/org/apache/activemq/artemis/core/server/management/JMXAccessControlList.java
View File

@ -83,6 +83,11 @@ public class JMXAccessControlList {
public boolean isInAllowList(ObjectName objectName) { public boolean isInAllowList(ObjectName objectName) {
TreeMap<String, Access> domainMap = allowList.get(objectName.getDomain()); TreeMap<String, Access> domainMap = allowList.get(objectName.getDomain());
if (domainMap == null) {
domainMap = allowList.get(WILDCARD);
}
if (domainMap != null) { if (domainMap != null) {
if (domainMap.containsKey("")) { if (domainMap.containsKey("")) {
return true; return true;

24
artemis-server/src/test/java/org/apache/activemq/artemis/core/server/management/JMXAccessControlListTest.java
View File

@ -60,6 +60,30 @@ public class JMXAccessControlListTest {
Assert.assertTrue(controlList.isInAllowList(new ObjectName("org.myDomain:type=foo"))); Assert.assertTrue(controlList.isInAllowList(new ObjectName("org.myDomain:type=foo")));
} }
@Test
public void testWildcardDomain() throws MalformedObjectNameException {
JMXAccessControlList controlList = new JMXAccessControlList();
controlList.addToAllowList("*", null);
Assert.assertTrue(controlList.isInAllowList(new ObjectName("org.myDomain:*")));
Assert.assertTrue(controlList.isInAllowList(new ObjectName("org.myDomain.foo:*")));
}
@Test
public void testWildcardDomainWithProperty() throws MalformedObjectNameException {
JMXAccessControlList controlList = new JMXAccessControlList();
controlList.addToAllowList("*", "type=foo");
controlList.addToAllowList("org.myDomain.foo", "type=bar");
Assert.assertFalse(controlList.isInAllowList(new ObjectName("org.myDomain:*")));
Assert.assertFalse(controlList.isInAllowList(new ObjectName("org.myDomain.foo:*")));
Assert.assertTrue(controlList.isInAllowList(new ObjectName("org.myDomain.foo:type=bar")));
Assert.assertFalse(controlList.isInAllowList(new ObjectName("org.myDomain.foo:type=foo")));
Assert.assertFalse(controlList.isInAllowList(new ObjectName("org.myDomain.bar:*")));
Assert.assertFalse(controlList.isInAllowList(new ObjectName("org.myDomain:subType=foo")));
Assert.assertTrue(controlList.isInAllowList(new ObjectName("org.myDomain:type=foo")));
Assert.assertTrue(controlList.isInAllowList(new ObjectName("org.myDomain:subType=bar,type=foo")));
}
@Test @Test
public void testBasicRole() throws MalformedObjectNameException { public void testBasicRole() throws MalformedObjectNameException {
JMXAccessControlList controlList = new JMXAccessControlList(); JMXAccessControlList controlList = new JMXAccessControlList();