mirror of https://github.com/apache/activemq.git
Fixing ReloadableProperties so that the groups file will be properly reloaded on file modification. Added a test to verify. Thanks to Nanchang Yang for providing the fix.
This commit is contained in:
parent
e2b4ca2c59
commit
2788bd5584
|
@ -73,6 +73,7 @@ public class PropertiesLoader {
|
||||||
return other instanceof FileNameKey && this.absPath.equals(((FileNameKey) other).absPath);
|
return other instanceof FileNameKey && this.absPath.equals(((FileNameKey) other).absPath);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public int hashCode() {
|
public int hashCode() {
|
||||||
return this.absPath.hashCode();
|
return this.absPath.hashCode();
|
||||||
}
|
}
|
||||||
|
@ -113,6 +114,7 @@ public class PropertiesLoader {
|
||||||
return baseDir;
|
return baseDir;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public String toString() {
|
public String toString() {
|
||||||
return "PropsFile=" + absPath;
|
return "PropsFile=" + absPath;
|
||||||
}
|
}
|
||||||
|
|
|
@ -50,6 +50,7 @@ public class ReloadableProperties {
|
||||||
try {
|
try {
|
||||||
load(key.file(), props);
|
load(key.file(), props);
|
||||||
invertedProps = null;
|
invertedProps = null;
|
||||||
|
invertedValueProps = null;
|
||||||
if (key.isDebug()) {
|
if (key.isDebug()) {
|
||||||
LOG.debug("Load of: " + key);
|
LOG.debug("Load of: " + key);
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
*/
|
*/
|
||||||
package org.apache.activemq.jaas;
|
package org.apache.activemq.jaas;
|
||||||
|
|
||||||
|
import java.io.File;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
|
|
||||||
|
@ -29,6 +30,8 @@ import javax.security.auth.login.FailedLoginException;
|
||||||
import javax.security.auth.login.LoginContext;
|
import javax.security.auth.login.LoginContext;
|
||||||
import javax.security.auth.login.LoginException;
|
import javax.security.auth.login.LoginException;
|
||||||
|
|
||||||
|
import org.apache.commons.io.FileUtils;
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
import junit.framework.TestCase;
|
||||||
|
|
||||||
|
|
||||||
|
@ -36,7 +39,7 @@ import junit.framework.TestCase;
|
||||||
* @version $Rev: $ $Date: $
|
* @version $Rev: $ $Date: $
|
||||||
*/
|
*/
|
||||||
public class PropertiesLoginModuleTest extends TestCase {
|
public class PropertiesLoginModuleTest extends TestCase {
|
||||||
|
|
||||||
static {
|
static {
|
||||||
String path = System.getProperty("java.security.auth.login.config");
|
String path = System.getProperty("java.security.auth.login.config");
|
||||||
if (path == null) {
|
if (path == null) {
|
||||||
|
@ -49,19 +52,7 @@ public class PropertiesLoginModuleTest extends TestCase {
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testLogin() throws LoginException {
|
public void testLogin() throws LoginException {
|
||||||
LoginContext context = new LoginContext("PropertiesLogin", new CallbackHandler() {
|
LoginContext context = new LoginContext("PropertiesLogin", new UserPassHandler("first", "secret"));
|
||||||
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
|
|
||||||
for (int i = 0; i < callbacks.length; i++) {
|
|
||||||
if (callbacks[i] instanceof NameCallback) {
|
|
||||||
((NameCallback) callbacks[i]).setName("first");
|
|
||||||
} else if (callbacks[i] instanceof PasswordCallback) {
|
|
||||||
((PasswordCallback) callbacks[i]).setPassword("secret".toCharArray());
|
|
||||||
} else {
|
|
||||||
throw new UnsupportedCallbackException(callbacks[i]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
context.login();
|
context.login();
|
||||||
|
|
||||||
Subject subject = context.getSubject();
|
Subject subject = context.getSubject();
|
||||||
|
@ -75,20 +66,55 @@ public class PropertiesLoginModuleTest extends TestCase {
|
||||||
assertEquals("Should have zero principals", 0, subject.getPrincipals().size());
|
assertEquals("Should have zero principals", 0, subject.getPrincipals().size());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void testLoginReload() throws Exception {
|
||||||
|
File targetPropDir = new File("target/loginReloadTest");
|
||||||
|
File sourcePropDir = new File("src/test/resources");
|
||||||
|
File usersFile = new File(targetPropDir, "users.properties");
|
||||||
|
File groupsFile = new File(targetPropDir, "groups.properties");
|
||||||
|
|
||||||
|
//Set up initial properties
|
||||||
|
FileUtils.copyFile(new File(sourcePropDir, "users.properties"), usersFile);
|
||||||
|
FileUtils.copyFile(new File(sourcePropDir, "groups.properties"), groupsFile);
|
||||||
|
|
||||||
|
LoginContext context = new LoginContext("PropertiesLoginReload",
|
||||||
|
new UserPassHandler("first", "secret"));
|
||||||
|
context.login();
|
||||||
|
Subject subject = context.getSubject();
|
||||||
|
|
||||||
|
//test initial principals
|
||||||
|
assertEquals("Should have three principals", 3, subject.getPrincipals().size());
|
||||||
|
assertEquals("Should have one user principal", 1, subject.getPrincipals(UserPrincipal.class).size());
|
||||||
|
assertEquals("Should have two group principals", 2, subject.getPrincipals(GroupPrincipal.class).size());
|
||||||
|
|
||||||
|
context.logout();
|
||||||
|
|
||||||
|
assertEquals("Should have zero principals", 0, subject.getPrincipals().size());
|
||||||
|
|
||||||
|
//Modify the file and test that the properties are reloaded
|
||||||
|
Thread.sleep(1000);
|
||||||
|
FileUtils.copyFile(new File(sourcePropDir, "usersReload.properties"), usersFile);
|
||||||
|
FileUtils.copyFile(new File(sourcePropDir, "groupsReload.properties"), groupsFile);
|
||||||
|
FileUtils.touch(usersFile);
|
||||||
|
FileUtils.touch(groupsFile);
|
||||||
|
|
||||||
|
//Use new password to verify users file was reloaded
|
||||||
|
context = new LoginContext("PropertiesLoginReload", new UserPassHandler("first", "secrets"));
|
||||||
|
context.login();
|
||||||
|
subject = context.getSubject();
|
||||||
|
|
||||||
|
//Check that the principals changed
|
||||||
|
assertEquals("Should have three principals", 2, subject.getPrincipals().size());
|
||||||
|
assertEquals("Should have one user principal", 1, subject.getPrincipals(UserPrincipal.class).size());
|
||||||
|
assertEquals("Should have one group principals", 1, subject.getPrincipals(GroupPrincipal.class).size());
|
||||||
|
|
||||||
|
context.logout();
|
||||||
|
|
||||||
|
assertEquals("Should have zero principals", 0, subject.getPrincipals().size());
|
||||||
|
}
|
||||||
|
|
||||||
public void testBadUseridLogin() throws Exception {
|
public void testBadUseridLogin() throws Exception {
|
||||||
LoginContext context = new LoginContext("PropertiesLogin", new CallbackHandler() {
|
LoginContext context = new LoginContext("PropertiesLogin", new UserPassHandler("BAD", "secret"));
|
||||||
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
|
|
||||||
for (int i = 0; i < callbacks.length; i++) {
|
|
||||||
if (callbacks[i] instanceof NameCallback) {
|
|
||||||
((NameCallback) callbacks[i]).setName("BAD");
|
|
||||||
} else if (callbacks[i] instanceof PasswordCallback) {
|
|
||||||
((PasswordCallback) callbacks[i]).setPassword("secret".toCharArray());
|
|
||||||
} else {
|
|
||||||
throw new UnsupportedCallbackException(callbacks[i]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
try {
|
try {
|
||||||
context.login();
|
context.login();
|
||||||
fail("Should have thrown a FailedLoginException");
|
fail("Should have thrown a FailedLoginException");
|
||||||
|
@ -98,19 +124,8 @@ public class PropertiesLoginModuleTest extends TestCase {
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testBadPWLogin() throws Exception {
|
public void testBadPWLogin() throws Exception {
|
||||||
LoginContext context = new LoginContext("PropertiesLogin", new CallbackHandler() {
|
LoginContext context = new LoginContext("PropertiesLogin", new UserPassHandler("first", "BAD"));
|
||||||
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
|
|
||||||
for (int i = 0; i < callbacks.length; i++) {
|
|
||||||
if (callbacks[i] instanceof NameCallback) {
|
|
||||||
((NameCallback) callbacks[i]).setName("first");
|
|
||||||
} else if (callbacks[i] instanceof PasswordCallback) {
|
|
||||||
((PasswordCallback) callbacks[i]).setPassword("BAD".toCharArray());
|
|
||||||
} else {
|
|
||||||
throw new UnsupportedCallbackException(callbacks[i]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
try {
|
try {
|
||||||
context.login();
|
context.login();
|
||||||
fail("Should have thrown a FailedLoginException");
|
fail("Should have thrown a FailedLoginException");
|
||||||
|
@ -118,4 +133,28 @@ public class PropertiesLoginModuleTest extends TestCase {
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static class UserPassHandler implements CallbackHandler {
|
||||||
|
|
||||||
|
private final String user;
|
||||||
|
private final String pass;
|
||||||
|
|
||||||
|
public UserPassHandler(final String user, final String pass) {
|
||||||
|
this.user = user;
|
||||||
|
this.pass = pass;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
|
||||||
|
for (int i = 0; i < callbacks.length; i++) {
|
||||||
|
if (callbacks[i] instanceof NameCallback) {
|
||||||
|
((NameCallback) callbacks[i]).setName(user);
|
||||||
|
} else if (callbacks[i] instanceof PasswordCallback) {
|
||||||
|
((PasswordCallback) callbacks[i]).setPassword(pass.toCharArray());
|
||||||
|
} else {
|
||||||
|
throw new UnsupportedCallbackException(callbacks[i]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,20 @@
|
||||||
|
## ---------------------------------------------------------------------------
|
||||||
|
## Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
|
## contributor license agreements. See the NOTICE file distributed with
|
||||||
|
## this work for additional information regarding copyright ownership.
|
||||||
|
## The ASF licenses this file to You under the Apache License, Version 2.0
|
||||||
|
## (the "License"); you may not use this file except in compliance with
|
||||||
|
## the License. You may obtain a copy of the License at
|
||||||
|
##
|
||||||
|
## http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
##
|
||||||
|
## Unless required by applicable law or agreed to in writing, software
|
||||||
|
## distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
## See the License for the specific language governing permissions and
|
||||||
|
## limitations under the License.
|
||||||
|
## ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
programmers=first
|
||||||
|
accounting=second
|
||||||
|
|
|
@ -21,6 +21,15 @@ PropertiesLogin {
|
||||||
org.apache.activemq.jaas.properties.group="groups.properties";
|
org.apache.activemq.jaas.properties.group="groups.properties";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
PropertiesLoginReload {
|
||||||
|
org.apache.activemq.jaas.PropertiesLoginModule required
|
||||||
|
debug=true
|
||||||
|
reload=true
|
||||||
|
baseDir="target/loginReloadTest/"
|
||||||
|
org.apache.activemq.jaas.properties.user="users.properties"
|
||||||
|
org.apache.activemq.jaas.properties.group="groups.properties";
|
||||||
|
};
|
||||||
|
|
||||||
LDAPLogin {
|
LDAPLogin {
|
||||||
org.apache.activemq.jaas.LDAPLoginModule required
|
org.apache.activemq.jaas.LDAPLoginModule required
|
||||||
debug=true
|
debug=true
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
## ---------------------------------------------------------------------------
|
||||||
|
## Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
|
## contributor license agreements. See the NOTICE file distributed with
|
||||||
|
## this work for additional information regarding copyright ownership.
|
||||||
|
## The ASF licenses this file to You under the Apache License, Version 2.0
|
||||||
|
## (the "License"); you may not use this file except in compliance with
|
||||||
|
## the License. You may obtain a copy of the License at
|
||||||
|
##
|
||||||
|
## http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
##
|
||||||
|
## Unless required by applicable law or agreed to in writing, software
|
||||||
|
## distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
## See the License for the specific language governing permissions and
|
||||||
|
## limitations under the License.
|
||||||
|
## ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
#different password than users.properties
|
||||||
|
first=secrets
|
||||||
|
second=password
|
||||||
|
|
Loading…
Reference in New Issue