From 1406d40ac34fedb0be2e5bc5998844a46ff15760 Mon Sep 17 00:00:00 2001 From: Robert Gemmell Date: Mon, 23 Feb 2015 17:32:10 +0000 Subject: [PATCH] AMQ-5608: dont NPE during authentication attempt if no users were defined for the SimpleAuthenticationPlugin https://issues.apache.org/jira/browse/AMQ-5608 --- .../security/SimpleAuthenticationPlugin.java | 8 +-- ...SimpleAuthenticationPluginNoUsersTest.java | 59 ++++++++++++++++ .../security/simple-auth-broker-no-users.xml | 69 +++++++++++++++++++ 3 files changed, 132 insertions(+), 4 deletions(-) create mode 100644 activemq-unit-tests/src/test/java/org/apache/activemq/security/SimpleAuthenticationPluginNoUsersTest.java create mode 100644 activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-broker-no-users.xml diff --git a/activemq-broker/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java b/activemq-broker/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java index a334a98c00..fb0d2e8731 100644 --- a/activemq-broker/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java +++ b/activemq-broker/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java @@ -40,8 +40,8 @@ import org.apache.activemq.jaas.GroupPrincipal; * */ public class SimpleAuthenticationPlugin implements BrokerPlugin { - private Map userPasswords; - private Map> userGroups; + private Map userPasswords = new HashMap(); + private Map> userGroups = new HashMap>(); private static final String DEFAULT_ANONYMOUS_USER = "anonymous"; private static final String DEFAULT_ANONYMOUS_GROUP = "anonymous"; private String anonymousUser = DEFAULT_ANONYMOUS_USER; @@ -73,8 +73,8 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin { * @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthenticationUser" */ public void setUsers(List users) { - userPasswords = new HashMap(); - userGroups = new HashMap>(); + userPasswords.clear(); + userGroups.clear(); for (Iterator it = users.iterator(); it.hasNext();) { AuthenticationUser user = (AuthenticationUser)it.next(); userPasswords.put(user.getUsername(), user.getPassword()); diff --git a/activemq-unit-tests/src/test/java/org/apache/activemq/security/SimpleAuthenticationPluginNoUsersTest.java b/activemq-unit-tests/src/test/java/org/apache/activemq/security/SimpleAuthenticationPluginNoUsersTest.java new file mode 100644 index 0000000000..dc35cc1a77 --- /dev/null +++ b/activemq-unit-tests/src/test/java/org/apache/activemq/security/SimpleAuthenticationPluginNoUsersTest.java @@ -0,0 +1,59 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.activemq.security; + +import java.net.URI; + +import javax.jms.Connection; +import javax.jms.JMSSecurityException; + +import org.apache.activemq.broker.BrokerFactory; +import org.apache.activemq.broker.BrokerService; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class SimpleAuthenticationPluginNoUsersTest extends SecurityTestSupport { + + private static final Logger LOG = LoggerFactory.getLogger(SimpleAuthenticationPluginNoUsersTest.class); + + @Override + protected void setUp() throws Exception { + setAutoFail(true); + super.setUp(); + } + + @Override + protected BrokerService createBroker() throws Exception { + return createBroker("org/apache/activemq/security/simple-auth-broker-no-users.xml"); + } + + protected BrokerService createBroker(String uri) throws Exception { + LOG.info("Loading broker configuration from the classpath with URI: " + uri); + return BrokerFactory.createBroker(new URI("xbean:" + uri)); + } + + public void testConnectionStartThrowsJMSSecurityException() throws Exception { + + Connection connection = factory.createConnection("user", "password"); + try { + connection.start(); + fail("Should throw JMSSecurityException"); + } catch (JMSSecurityException jmsEx) { + //expected + } + } +} diff --git a/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-broker-no-users.xml b/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-broker-no-users.xml new file mode 100644 index 0000000000..b4485f0bc5 --- /dev/null +++ b/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-broker-no-users.xml @@ -0,0 +1,69 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +