Commit Graph

272 Commits

Author SHA1 Message Date
Domenico Francesco Bruscino 6f0cb8bfc5 ARTEMIS-3169 Update jetty to 9.4.38 and servlet-api to 3.0 2021-03-09 12:18:27 -06:00
Clebert Suconic 21ee5985ea [maven-release-plugin] prepare for next development iteration 2021-02-11 12:00:04 -05:00
Clebert Suconic 36a771150b [maven-release-plugin] prepare release 2.17.0 2021-02-11 11:59:51 -05:00
Justin Bertram 077087571f ARTEMIS-2943 fix static selector example
The static-selector example was using a multicast queue instead of an
anycast queue which meant that the consumer never actually received any
of the messages. Furthermore, it wasn't actually verifying that it
received the proper messages so there was no failure. This commit
resolves these issues.
2021-02-10 19:26:00 -05:00
Clebert Suconic c0867f0361 [maven-release-plugin] prepare for next development iteration 2021-02-09 12:12:48 -05:00
Clebert Suconic 9b473698e0 [maven-release-plugin] prepare release 2.17.0 2021-02-09 12:12:35 -05:00
Clebert Suconic 6ed1e4c87d [maven-release-plugin] prepare for next development iteration 2021-02-08 15:56:31 -05:00
Clebert Suconic 06b29806ca [maven-release-plugin] prepare release 2.17.0 2021-02-08 15:56:18 -05:00
Ryan Yeats 86a2cad12a ARTEMIS-1884 add plugin API for message level authorization policies 2021-01-25 13:44:36 -06:00
Urs Roesch f491651fdb NO-JIRA: remove duplicate consecutive words
Removes duplicate consecutives words from markdown
documentation files.
2020-11-16 15:19:29 -06:00
Clebert Suconic 4e7bb97df7 [maven-release-plugin] prepare for next development iteration 2020-11-02 17:45:51 -05:00
Clebert Suconic 9768017530 [maven-release-plugin] prepare release 2.16.0 2020-11-02 17:45:38 -05:00
Clebert Suconic 28919b6ad8 [maven-release-plugin] prepare for next development iteration 2020-10-30 10:16:29 -04:00
Clebert Suconic af5ca9f1e6 [maven-release-plugin] prepare release 2.16.0 2020-10-30 10:16:17 -04:00
Robbie Gemmell 7a5f325b72 ARTEMIS-2937: remove a couple of unecessary lines for alt stores, left over by mistake (c&p error) 2020-10-30 11:38:01 +00:00
Robbie Gemmell 1af8be353f ARTEMIS-2937: use more realistic key/truststore and client+broker setup in SSL example, remove non-SSL acceptors 2020-10-29 15:13:38 -04:00
Clebert Suconic dc7eb5c23d ARTEMIS-2937 Broker connection improvements
- Adding a paragraph about addressing and distinct queue names
- Renaming match on peers, senders and receivers as "address-match"
- Changing qpid dispatch test to use a single listener
- Fixing reconnect attemps message
2020-10-29 15:01:51 -04:00
Clebert Suconic 9335cd83ed ARTEMIS-2937 Changing BrokerConnection SSL example to also use SSL on the client 2020-10-29 10:09:36 -04:00
Clebert Suconic bf52134dc0 ARTEMIS-2937 Fixing Tests and some review 2020-10-28 15:08:48 -04:00
Clebert Suconic 12280cdaaa ARTEMIS-2937 DOCS & Examples on AMQP Broker Connection 2020-10-28 11:37:25 -04:00
gtully 583bd3602a ARTEMIS-2888 ARTEMIS-2859 ARTEMIS-2768 - revert new page-store-name addressSetting, when the page store respects the target address and the size is tallied on the target address store, it is no longer neecessary 2020-10-19 14:04:35 +01:00
gtully fa04881c6f ARTEMIS-2888 ARTEMIS-2859 ARTEMIS-2768 - new page-store-name addressSetting to allow wildcard subscriptions share a single page store 2020-09-24 09:39:31 +01:00
Justin Bertram b99401a84f ARTEMIS-2903 support admin objects in JCA RA
Supporting admin objects will allow easier integration with Java EE
application servers. I tested this in Wildfly 18.
2020-09-16 10:10:07 -04:00
Justin Bertram cf92c16339 ARTEMIS-2886 put address/FQQN into new security manager interface
The default JAAS security manager doesn't need the address/FQQN for
authorization, but I'm putting it back into the interface because there
are other use cases which *do* need it.
2020-09-14 15:35:24 -04:00
Justin Bertram 90853409a0 ARTEMIS-2886 optimize security auth
Both authentication and authorization will hit the underlying security
repository (e.g. files, LDAP, etc.). For example, creating a JMS
connection and a consumer will result in 2 hits with the *same*
authentication request. This can cause unwanted (and unnecessary)
resource utilization, especially in the case of networked configuration
like LDAP.

There is already a rudimentary cache for authorization, but it is
cleared *totally* every 10 seconds by default (controlled via the
security-invalidation-interval setting), and it must be populated
initially which still results in duplicate auth requests.

This commit optimizes authentication and authorization via the following
changes:

 - Replace our home-grown cache with Google Guava's cache. This provides
simple caching with both time-based and size-based LRU eviction. See more
at https://github.com/google/guava/wiki/CachesExplained. I also thought
about using Caffeine, but we already have a dependency on Guava and the
cache implementions look to be negligibly different for this use-case.
 - Add caching for authentication. Both successful and unsuccessful
authentication attempts will be cached to spare the underlying security
repository as much as possible. Authenticated Subjects will be cached
and re-used whenever possible.
 - Authorization will used Subjects cached during authentication. If the
required Subject is not in the cache it will be fetched from the
underlying security repo.
 - Caching can be disabled by setting the security-invalidation-interval
to 0.
 - Cache sizes are configurable.
 - Management operations exist to inspect cache sizes at runtime.
2020-08-26 13:36:24 -05:00
Domenico Francesco Bruscino 32bf9680f2 [maven-release-plugin] prepare for next development iteration 2020-08-24 16:03:24 +02:00
Domenico Francesco Bruscino a549fcedde [maven-release-plugin] prepare release 2.15.0 2020-08-24 16:03:12 +02:00
Clebert Suconic 6690ba1d24 [maven-release-plugin] prepare for next development iteration 2020-07-09 12:49:08 -04:00
Clebert Suconic a76f41a7ed [maven-release-plugin] prepare release 2.14.0 2020-07-09 12:48:54 -04:00
Clebert Suconic 6254a70ddc NO-JIRA Fixing some javadoc statements 2020-07-09 12:23:46 -04:00
Clebert Suconic 3d3fda168b NO-JIRA fixing javadoc on SharedStorageStaticCluster.java 2020-07-09 12:00:50 -04:00
Robbie Gemmell 12bc494f72 ARTEMIS-2109: use default 1.8 compiler source/target config as with other examples, newest JDKs no longer target 1.6. Fix SSL example. Allows building on JDK 14+. 2020-06-11 18:50:01 +01:00
brusdev a8c278a80e ARTEMIS-2790 Fix no examples documentation in the bin archive
Move the markdown generator for the examples to artemis-distribution.
2020-06-04 10:15:10 -04:00
Clebert Suconic faa83b2ba6 [maven-release-plugin] prepare for next development iteration 2020-05-16 18:38:47 -04:00
Clebert Suconic 5f49d89264 [maven-release-plugin] prepare release 2.13.0 2020-05-16 18:38:34 -04:00
Clebert Suconic c99fcd501b [maven-release-plugin] prepare for next development iteration 2020-05-15 16:42:54 -04:00
Clebert Suconic 47fafac760 [maven-release-plugin] prepare release 2.13.0 2020-05-15 16:42:41 -04:00
Andy Taylor 8a04ee07de ARTEMIS-2648 - audit logging improvements
https://issues.apache.org/jira/browse/ARTEMIS-2648
2020-05-04 15:19:08 +01:00
Justin Bertram 7bcb67718d NO-JIRA doc fix for Symmetric Cluster example 2020-04-30 09:13:51 -05:00
Justin Bertram 6709883d0e ARTEMIS-2738 implement per-acceptor security domains 2020-04-28 21:45:38 -04:00
Clebert Suconic 11a3e810bb [maven-release-plugin] prepare for next development iteration 2020-04-21 17:06:21 -04:00
Clebert Suconic 30272e0c2f [maven-release-plugin] prepare release 2.12.0 2020-04-21 17:06:08 -04:00
Clebert Suconic d231e2ac63 [maven-release-plugin] prepare for next development iteration 2020-04-16 16:16:41 -04:00
Clebert Suconic 9636f4a3b0 [maven-release-plugin] prepare release 2.12.0 2020-04-16 16:16:28 -04:00
Clebert Suconic f874a02d17 ARTEMIS-2673 PageStore should only be removed when Address is removed
& ARTEMIS-2674 AMQP should use a separate executor for IO
2020-03-23 20:02:17 -04:00
Justin Bertram 72f5a1f5bc NO-JIRA fix up docs for security-ldap example 2020-02-24 13:32:02 -06:00
Christopher L. Shannon (cshannon) 3966e47338 ARTEMIS-2613: Add support for DivertBindings for federated addresses
This will allow federated addresses to create remote consumers based on
the existing of divert bindings and matching queue bindings
2020-02-17 12:15:18 -05:00
Christopher L. Shannon (cshannon) 0b8c33bb0f NO-JIRA: Adding missing module to broker-federation pom 2020-02-11 08:56:08 -05:00
brusdev 832f1e5b92 NO-JIRA Fix federated-address-downstream pom 2020-02-11 08:33:06 +01:00
Justin Bertram 97735ca72c [maven-release-plugin] prepare for next development iteration 2020-01-10 09:00:58 -06:00