Commit Graph

516 Commits

Author SHA1 Message Date
Erwin Dondorp c6874c9acc ARTEMIS-3375 fix for helptext for 'artemis address' 2021-07-04 13:31:53 -05:00
Clebert Suconic bff242bba7 NO-JIRA Small tweaks on PrintData.java 2021-06-11 10:53:48 -04:00
Clebert Suconic 05498c350e ARTEMIS-3261 Remove need to lookup replaceableRecords on the hot path
We known it's a replaceable record as part of the logic, no need to lookup the record type unless it's a reload from the system.
2021-06-09 14:52:06 -04:00
Clebert Suconic 0edf599adc ARTEMIS-3261 Updating logic to use only replaceable records on compacting verification 2021-06-07 13:05:02 -04:00
Justin Bertram 3ca02955bf NO-JIRA make TransferTest more robust, readable 2021-05-27 13:02:10 -05:00
Clebert Suconic 0716189518 ARTEMIS-3309 Improving test reliability 2021-05-27 11:46:48 -04:00
Clebert Suconic a06494db85 ARTEMIS-3297 Moving journal-retention-directory commented out element
Just moving it close to the journal locations, as it was my original intent
2021-05-24 16:49:59 -04:00
Domenico Francesco Bruscino e03c4fe193 ARTEMIS-3309 Add a parameter to limit messages to move or transfer 2021-05-24 14:09:20 -04:00
Clebert Suconic 23a28dc1d8 NO-JIRA Removing comment from PrintData 2021-05-24 10:34:58 -04:00
Clebert Suconic 27c343913f ARTEMIS-3297 Journal Retention Feature 2021-05-18 16:29:18 -04:00
Clebert Suconic fe361d3fae ARTEMIS-3273 Moving verification of directory 2021-05-14 22:20:05 -04:00
Clebert Suconic 909f6f4492 NO-JIRA avoiding println on PrintData for Paged Files 2021-05-05 16:09:23 -04:00
Clebert Suconic b0f8f515c5 ARTEMIS-3273 Recover tool and PrintData enhancements 2021-04-30 18:41:05 -04:00
Clebert Suconic 62395dcd44 ARTEMIS-3261 Fixing tests and allowing configuration to reload data files on start 2021-04-24 21:30:56 -04:00
Clebert Suconic 1392cb5f0b ARTEMIS-3261 Enhance compact to deal with Rollbacks and update records that can be replaced 2021-04-23 15:17:06 -04:00
Domenico Francesco Bruscino b4789a894f ARTEMIS-3221 Migrating to Jakarta EE 8 artifacts 2021-04-09 11:49:59 -04:00
Domenico Francesco Bruscino 78401dcf64 ARTEMIS-3226 Add version output to cli 2021-04-09 11:48:19 -04:00
Clebert Suconic 158a94a836 ARTEMIS-3224 Removing Artemis-tools migration tool from 1.x address model 2021-04-07 10:53:34 -04:00
Domenico Francesco Bruscino 2f851cbbe0 ARTEMIS-3203 Match filter field names with view field names
The filter and the view use different convection for field names, ie the
connection view uses the `sessionID` field name while the connection filter
uses the `SESSION_ID` field name. This commit replace the field names used
by the filter with the field names used by the view preserving the backward
compatibility.
2021-04-01 12:23:00 -05:00
Justin Bertram 186481bbe8 ARTEMIS-3155 differentiate SSL store type and provider
The provider of an SSL key/trust store is different from that store's
type. However, the broker currently doesn't differentiate these and uses
the provider for both. Changing this *may* potentially break existing
users who are setting the provider, but I don't see any way to avoid
that. This is a bug that needs to be fixed in order to support use-cases
like PKCS#11.

Change summary:
 - Added documentation.
 - Consolidated several 2-way SSL tests classes into a single
   parameterized test class. All these classes were essentially the same
   except for a few key test parameters. Consolidating them avoided
   having to update the same code in multiple places.
 - Expanded tests to include different providers & types.
 - Regenerated all SSL artifacts to allow tests to pass with new
   constraints.
 - Improved logging for when SSL handler initialization fails.
2021-03-24 09:08:33 -04:00
gtully d71d54b38a ARTEMIS-3168 - add example using authentication delegation to keycloak, principal conversion for jms clients and oath for the web cosole 2021-03-23 09:51:50 +00:00
Justin Bertram fea5e246e7 ARTEMIS-3166 support disabling configuration file reload 2021-03-17 09:52:13 -05:00
Andy Taylor 9e72460565 ARTEMIS-3129 - added roles needed for the browse tab for clarity
https://issues.apache.org/jira/browse/ARTEMIS-3129
2021-03-02 12:55:45 +01:00
Clebert Suconic 21ee5985ea [maven-release-plugin] prepare for next development iteration 2021-02-11 12:00:04 -05:00
Clebert Suconic 36a771150b [maven-release-plugin] prepare release 2.17.0 2021-02-11 11:59:51 -05:00
Clebert Suconic c0867f0361 [maven-release-plugin] prepare for next development iteration 2021-02-09 12:12:48 -05:00
Clebert Suconic 9b473698e0 [maven-release-plugin] prepare release 2.17.0 2021-02-09 12:12:35 -05:00
Clebert Suconic 6ed1e4c87d [maven-release-plugin] prepare for next development iteration 2021-02-08 15:56:31 -05:00
Clebert Suconic 06b29806ca [maven-release-plugin] prepare release 2.17.0 2021-02-08 15:56:18 -05:00
Domenico Francesco Bruscino 1f825ee424 ARTEMIS-3069 Add option to mask using the configured password-codec 2021-01-15 18:05:59 +01:00
Clebert Suconic a948991fac ARTEMIS-3034 Reverting parameter URL on CLI ConnectionAbstract 2020-12-17 10:03:39 -05:00
Clebert Suconic 02bcb3195f ARTEMIS-3034 CLI Transfer Option 2020-12-16 14:17:04 -05:00
Domenico Francesco Bruscino 7eb22c18db ARTEMIS-3014 Fix JMX RBAC guard 2020-11-30 11:12:25 -06:00
Clebert Suconic 4e7bb97df7 [maven-release-plugin] prepare for next development iteration 2020-11-02 17:45:51 -05:00
Clebert Suconic 9768017530 [maven-release-plugin] prepare release 2.16.0 2020-11-02 17:45:38 -05:00
Clebert Suconic 28919b6ad8 [maven-release-plugin] prepare for next development iteration 2020-10-30 10:16:29 -04:00
Clebert Suconic af5ca9f1e6 [maven-release-plugin] prepare release 2.16.0 2020-10-30 10:16:17 -04:00
franz1981 0c8dd598b7 ARTEMIS-2957 ManagementContext is started twice 2020-10-21 07:33:22 +02:00
Justin Bertram 75e12b5e1d ARTEMIS-2947 Implement SecurityManager that supports replication 2020-10-19 10:07:57 -04:00
Domenico Francesco Bruscino 5f4afd8b5e ARTEMIS-2942 Disable hawtio proxy 2020-10-16 22:08:02 -04:00
Andy Taylor 0ce173dcb5 ARTEMIS-2838 - migrate to HawtIO 2
https://issues.apache.org/jira/browse/ARTEMIS-2838
2020-10-09 09:20:29 +01:00
Clebert Suconic 8fe4bfb29a ARTEMIS-2936 Adding logging.info on when to enable trace on critical analyzer 2020-10-07 10:40:55 -04:00
franz1981 207c2265bf ARTEMIS-2912 Server start exception before activation can cause a zombie broker 2020-09-24 10:26:50 -04:00
Justin Bertram 276a8bb029 ARTEMIS-2893 concurrent user admin actions can corrupt properties
When performing concurrent user admin actions (e.g. resetUser, addUser,
removeUser on ActiveMQServerControl) when using the
PropertiesLoginModule with reload=true the underlying user and role
properties files can get corrupted.

This commit fixes the issue via the following changes:
 - Add synchronization to the management commands
 - Add concurrency controls to underlying file access
 - Change CLI user commands to use remote methods instead of modifying
   the files directly. This avoids potential concurrent changes. This
   change forced me to modify the names of some of the commands'
   parameters to disambiguate them from connection-related parameters.
2020-09-16 10:11:23 -04:00
Clebert Suconic 604b7c2aa6 NO-JIRA fixing CheckTest with a Wait assertion 2020-09-14 15:35:46 -04:00
Justin Bertram 90853409a0 ARTEMIS-2886 optimize security auth
Both authentication and authorization will hit the underlying security
repository (e.g. files, LDAP, etc.). For example, creating a JMS
connection and a consumer will result in 2 hits with the *same*
authentication request. This can cause unwanted (and unnecessary)
resource utilization, especially in the case of networked configuration
like LDAP.

There is already a rudimentary cache for authorization, but it is
cleared *totally* every 10 seconds by default (controlled via the
security-invalidation-interval setting), and it must be populated
initially which still results in duplicate auth requests.

This commit optimizes authentication and authorization via the following
changes:

 - Replace our home-grown cache with Google Guava's cache. This provides
simple caching with both time-based and size-based LRU eviction. See more
at https://github.com/google/guava/wiki/CachesExplained. I also thought
about using Caffeine, but we already have a dependency on Guava and the
cache implementions look to be negligibly different for this use-case.
 - Add caching for authentication. Both successful and unsuccessful
authentication attempts will be cached to spare the underlying security
repository as much as possible. Authenticated Subjects will be cached
and re-used whenever possible.
 - Authorization will used Subjects cached during authentication. If the
required Subject is not in the cache it will be fetched from the
underlying security repo.
 - Caching can be disabled by setting the security-invalidation-interval
to 0.
 - Cache sizes are configurable.
 - Management operations exist to inspect cache sizes at runtime.
2020-08-26 13:36:24 -05:00
Domenico Francesco Bruscino 32bf9680f2 [maven-release-plugin] prepare for next development iteration 2020-08-24 16:03:24 +02:00
Domenico Francesco Bruscino a549fcedde [maven-release-plugin] prepare release 2.15.0 2020-08-24 16:03:12 +02:00
Justin Bertram af7c6882da ARTEMIS-2862 activation failure can cause zombie broker
In certain cases with shared-store HA a broker's activation can fail but
the broker will still be holding the journal lock. This results in a
"zombie" broker which can't actually service clients and prevents the
backup from activating.

This commit adds an ActivationFailureListener to catch activation
failures and stop the broker completely.
2020-08-10 14:16:45 -04:00
Clebert Suconic c551df770c ARTEMIS-2868 Protect Topology Updates from Split Brain on broker shutdown as well 2020-08-07 12:39:20 -04:00