Apache
/
activemq
mirror of https://github.com/apache/activemq.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

apply code cleanup patch from https://issues.apache.org/jira/browse/AMQ-3322 

git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1176580 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Timothy A. Bish 2011-09-27 19:59:07 +00:00
parent bef9984b21
commit 3dbc9c9548
18 changed files with 175 additions and 187 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
activemq-core/src/main/java/org/apache/activemq/broker/region/policy/PolicyMap.java
View File

@ -20,6 +20,7 @@ import java.util.List;
import org.apache.activemq.command.ActiveMQDestination;
import org.apache.activemq.filter.DestinationMap;
import org.apache.activemq.filter.DestinationMapEntry;
/**
* Represents a destination based configuration of policies so that individual
@ -59,7 +60,7 @@ public class PolicyMap extends DestinationMap {
this.defaultEntry = defaultEntry;
}
protected Class getEntryClass() {
protected Class<? extends DestinationMapEntry> getEntryClass() {
return PolicyEntry.class;
}
}

13
activemq-core/src/main/java/org/apache/activemq/filter/DefaultDestinationMapEntry.java
View File

@ -18,19 +18,20 @@ package org.apache.activemq.filter;
/**
* A default entry in a DestinationMap which holds a single value.
*
*
* @org.apache.xbean.XBean element="destinationEntry"
*
*
*
*
*/
@SuppressWarnings("rawtypes")
public class DefaultDestinationMapEntry extends DestinationMapEntry {
private Object value;
private DestinationMapEntry value;
public Object getValue() {
public DestinationMapEntry getValue() {
return value;
}
public void setValue(Object value) {
public void setValue(DestinationMapEntry value) {
this.value = value;
}

24
activemq-core/src/main/java/org/apache/activemq/filter/DestinationMap.java
View File

@ -17,7 +17,6 @@
package org.apache.activemq.filter;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.SortedSet;
@ -35,8 +34,8 @@ import org.apache.activemq.command.ActiveMQDestination;
* pretty fast. <br>
* Looking up of a value could return a single value or a List of matching
* values if a wildcard or composite destination is used.
*
*
*
*
*/
public class DestinationMap {
protected static final String ANY_DESCENDENT = DestinationFilter.ANY_DESCENDENT;
@ -52,11 +51,12 @@ public class DestinationMap {
* destinations this is typically a List of one single value, for wildcards
* or composite destinations this will typically be a List of matching
* values.
*
*
* @param key the destination to lookup
* @return a List of matching values or an empty list if there are no
* matching values.
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
public synchronized Set get(ActiveMQDestination key) {
if (key.isComposite()) {
ActiveMQDestination[] destinations = key.getCompositeDestinations();
@ -136,10 +136,10 @@ public class DestinationMap {
* A helper method to allow the destination map to be populated from a
* dependency injection framework such as Spring
*/
protected void setEntries(List entries) {
for (Iterator iter = entries.iterator(); iter.hasNext();) {
Object element = (Object)iter.next();
Class type = getEntryClass();
@SuppressWarnings({ "rawtypes" })
protected void setEntries(List<DestinationMapEntry> entries) {
for (Object element : entries) {
Class<? extends DestinationMapEntry> type = getEntryClass();
if (type.isInstance(element)) {
DestinationMapEntry entry = (DestinationMapEntry)element;
put(entry.getDestination(), entry.getValue());
@ -155,10 +155,12 @@ public class DestinationMap {
* restrict the type of allowed entries to make a type safe destination map
* for custom policies.
*/
protected Class getEntryClass() {
@SuppressWarnings({ "rawtypes" })
protected Class<? extends DestinationMapEntry> getEntryClass() {
return DestinationMapEntry.class;
}
@SuppressWarnings({ "rawtypes", "unchecked" })
protected Set findWildcardMatches(ActiveMQDestination key) {
String[] paths = key.getDestinationPaths();
Set answer = new HashSet();
@ -170,6 +172,7 @@ public class DestinationMap {
* @param key
* @return
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
public Set removeAll(ActiveMQDestination key) {
Set rc = new HashSet();
if (key.isComposite()) {
@ -188,10 +191,11 @@ public class DestinationMap {
* Returns the value which matches the given destination or null if there is
* no matching value. If there are multiple values, the results are sorted
* and the last item (the biggest) is returned.
*
*
* @param destination the destination to find the value for
* @return the largest matching value or null if no value matches
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
public Object chooseValue(ActiveMQDestination destination) {
Set set = get(destination);
if (set == null || set.isEmpty()) {

6
activemq-core/src/main/java/org/apache/activemq/filter/DestinationMapEntry.java
View File

@ -27,13 +27,13 @@ import org.apache.activemq.command.*;
*
* @org.apache.xbean.XBean
*/
public abstract class DestinationMapEntry implements Comparable {
public abstract class DestinationMapEntry<T> implements Comparable<T> {
private ActiveMQDestination destination;
public int compareTo(Object that) {
if (that instanceof DestinationMapEntry) {
DestinationMapEntry thatEntry = (DestinationMapEntry)that;
DestinationMapEntry<?> thatEntry = (DestinationMapEntry<?>)that;
return ActiveMQDestination.compare(destination, thatEntry.destination);
} else if (that == null) {
return 1;
@ -84,7 +84,7 @@ public abstract class DestinationMapEntry implements Comparable {
}
}
public Object getValue() {
public Comparable<T> getValue() {
return this;
}
}

63
activemq-core/src/main/java/org/apache/activemq/filter/DestinationMapNode.java
View File

@ -20,24 +20,23 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* An implementation class used to implement {@link DestinationMap}
*
*
*
*
*/
public class DestinationMapNode implements DestinationNode {
protected static final String ANY_CHILD = DestinationMap.ANY_CHILD;
protected static final String ANY_DESCENDENT = DestinationMap.ANY_DESCENDENT;
// we synchornize at the DestinationMap level
// we synchronize at the DestinationMap level
private DestinationMapNode parent;
private List values = new ArrayList();
private Map childNodes = new HashMap();
private List<Object> values = new ArrayList<Object>();
private Map<String, DestinationNode> childNodes = new HashMap<String, DestinationNode>();
private String path = "Root";
// private DestinationMapNode anyChild;
private int pathLength;
@ -55,14 +54,14 @@ public class DestinationMapNode implements DestinationNode {
* Returns the child node for the given named path or null if it does not
* exist
*/
public DestinationMapNode getChild(String path) {
return (DestinationMapNode)childNodes.get(path);
public DestinationNode getChild(String path) {
return childNodes.get(path);
}
/**
* Returns the child nodes
*/
public Collection getChildren() {
public Collection<DestinationNode> getChildren() {
return childNodes.values();
}
@ -84,18 +83,10 @@ public class DestinationMapNode implements DestinationNode {
return answer;
}
/**
* Returns the node which represents all children (i.e. the * node)
*/
// public DestinationMapNode getAnyChildNode() {
// if (anyChild == null) {
// anyChild = createChildNode();
// }
// return anyChild;
// }
/**
* Returns a mutable List of the values available at this node in the tree
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
public List getValues() {
return values;
}
@ -103,6 +94,7 @@ public class DestinationMapNode implements DestinationNode {
/**
* Returns a mutable List of the values available at this node in the tree
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
public List removeValues() {
ArrayList v = new ArrayList(values);
// parent.getAnyChildNode().getValues().removeAll(v);
@ -111,22 +103,22 @@ public class DestinationMapNode implements DestinationNode {
return v;
}
@SuppressWarnings({ "rawtypes", "unchecked" })
public Set removeDesendentValues() {
Set answer = new HashSet();
removeDesendentValues(answer);
return answer;
}
@SuppressWarnings({ "rawtypes", "unchecked" })
protected void removeDesendentValues(Set answer) {
// if (anyChild != null) {
// anyChild.removeDesendentValues(answer);
// }
answer.addAll(removeValues());
}
/**
* Returns a list of all the values from this node down the tree
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
public Set getDesendentValues() {
Set answer = new HashSet();
appendDescendantValues(answer);
@ -137,12 +129,6 @@ public class DestinationMapNode implements DestinationNode {
if (idx >= paths.length) {
values.add(value);
} else {
// if (idx == paths.length - 1) {
// getAnyChildNode().getValues().add(value);
// }
// else {
// getAnyChildNode().add(paths, idx + 1, value);
// }
getChildOrCreate(paths[idx]).add(paths, idx + 1, value);
}
}
@ -152,17 +138,11 @@ public class DestinationMapNode implements DestinationNode {
values.remove(value);
pruneIfEmpty();
} else {
// if (idx == paths.length - 1) {
// getAnyChildNode().getValues().remove(value);
// }
// else {
// getAnyChildNode().remove(paths, idx + 1, value);
// }
getChildOrCreate(paths[idx]).remove(paths, ++idx, value);
}
}
public void removeAll(Set answer, String[] paths, int startIndex) {
public void removeAll(Set<DestinationNode> answer, String[] paths, int startIndex) {
DestinationNode node = this;
int size = paths.length;
for (int i = startIndex; i < size && node != null; i++) {
@ -188,20 +168,14 @@ public class DestinationMapNode implements DestinationNode {
}
@SuppressWarnings({ "rawtypes", "unchecked" })
public void appendDescendantValues(Set answer) {
answer.addAll(values);
// lets add all the children too
Iterator iter = childNodes.values().iterator();
while (iter.hasNext()) {
DestinationNode child = (DestinationNode)iter.next();
for(DestinationNode child : childNodes.values()) {
child.appendDescendantValues(answer);
}
// TODO???
// if (anyChild != null) {
// anyChild.appendDescendantValues(answer);
// }
}
/**
@ -214,11 +188,12 @@ public class DestinationMapNode implements DestinationNode {
/**
* Matches any entries in the map containing wildcards
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
public void appendMatchingWildcards(Set answer, String[] paths, int idx) {
if (idx - 1 > pathLength) {
return;
}
DestinationMapNode wildCardNode = getChild(ANY_CHILD);
DestinationNode wildCardNode = getChild(ANY_CHILD);
if (wildCardNode != null) {
wildCardNode.appendMatchingValues(answer, paths, idx + 1);
}
@ -228,7 +203,7 @@ public class DestinationMapNode implements DestinationNode {
}
}
public void appendMatchingValues(Set answer, String[] paths, int startIndex) {
public void appendMatchingValues(Set<DestinationNode> answer, String[] paths, int startIndex) {
DestinationNode node = this;
boolean couldMatchAny = true;
int size = paths.length;

16
activemq-core/src/main/java/org/apache/activemq/filter/DestinationNode.java
View File

@ -25,21 +25,21 @@ import java.util.Set;
*
*/
public interface DestinationNode {
void appendMatchingValues(Set answer, String[] paths, int startIndex);
void appendMatchingValues(Set<DestinationNode> answer, String[] paths, int startIndex);
void appendMatchingWildcards(Set answer, String[] paths, int startIndex);
void appendMatchingWildcards(Set<DestinationNode> answer, String[] paths, int startIndex);
void appendDescendantValues(Set answer);
void appendDescendantValues(Set<DestinationNode> answer);
Collection getDesendentValues();
Collection<DestinationNode> getDesendentValues();
DestinationNode getChild(String path);
Collection getValues();
Collection<DestinationNode> getValues();
Collection getChildren();
Collection<DestinationNode> getChildren();
Collection removeDesendentValues();
Collection<DestinationNode> removeDesendentValues();
Collection removeValues();
Collection<DestinationNode> removeValues();
}

24
activemq-core/src/main/java/org/apache/activemq/security/AuthorizationEntry.java
View File

@ -29,10 +29,11 @@ import org.apache.activemq.filter.DestinationMapEntry;
* Represents an entry in a {@link DefaultAuthorizationMap} for assigning
* different operations (read, write, admin) of user roles to a specific
* destination or a hierarchical wildcard area of destinations.
*
*
* @org.apache.xbean.XBean
*
*
*/
@SuppressWarnings("rawtypes")
public class AuthorizationEntry extends DestinationMapEntry {
private Set<Object> readACLs = emptySet();
@ -109,21 +110,18 @@ public class AuthorizationEntry extends DestinationMapEntry {
Set<Object> answer = new HashSet<Object>();
StringTokenizer iter = new StringTokenizer(roles, ",");
while (iter.hasMoreTokens()) {
String name = iter.nextToken().trim();
Class[] paramClass = new Class[1];
paramClass[0] = String.class;
Object[] param = new Object[1];
param[0] = name;
String name = iter.nextToken().trim();
Object[] param = new Object[]{name};
try {
Class cls = Class.forName(groupClass);
Class<?> cls = Class.forName(groupClass);
Constructor[] constructors = cls.getConstructors();
Constructor<?>[] constructors = cls.getConstructors();
int i;
for (i = 0; i < constructors.length; i++) {
Class[] paramTypes = constructors[i].getParameterTypes();
if (paramTypes.length != 0 && paramTypes[0].equals(paramClass[0])) {
Class<?>[] paramTypes = constructors[i].getParameterTypes();
if (paramTypes.length != 0 && paramTypes[0].equals(String.class)) {
break;
}
}
@ -135,8 +133,8 @@ public class AuthorizationEntry extends DestinationMapEntry {
Method[] methods = cls.getMethods();
i = 0;
for (i = 0; i < methods.length; i++) {
Class[] paramTypes = methods[i].getParameterTypes();
if (paramTypes.length != 0 && methods[i].getName().equals("setName") && paramTypes[0].equals(paramClass[0])) {
Class<?>[] paramTypes = methods[i].getParameterTypes();
if (paramTypes.length != 0 && methods[i].getName().equals("setName") && paramTypes[0].equals(String.class)) {
break;
}
}

20
activemq-core/src/main/java/org/apache/activemq/security/CachedLDAPAuthorizationMap.java
View File

@ -19,6 +19,7 @@ package org.apache.activemq.security;
import org.apache.activemq.command.ActiveMQDestination;
import org.apache.activemq.command.ActiveMQQueue;
import org.apache.activemq.command.ActiveMQTopic;
import org.apache.activemq.filter.DestinationMapEntry;
import org.apache.activemq.jaas.GroupPrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -32,7 +33,6 @@ import javax.naming.directory.*;
import javax.naming.event.*;
import java.util.*;
/**
* A {@link DefaultAuthorizationMap} implementation which uses LDAP to initialize and update
*
@ -97,10 +97,9 @@ public class CachedLDAPAuthorizationMap extends DefaultAuthorizationMap implemen
return context;
}
HashMap<ActiveMQDestination, AuthorizationEntry> entries = new HashMap<ActiveMQDestination, AuthorizationEntry>();
@SuppressWarnings("rawtypes")
public void query() throws Exception {
try {
context = open();
@ -111,14 +110,14 @@ public class CachedLDAPAuthorizationMap extends DefaultAuthorizationMap implemen
final SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration results = context.search("ou=Destination,ou=ActiveMQ," + baseDn, "(|(cn=admin)(cn=write)(cn=read))", constraints);
NamingEnumeration<?> results = context.search("ou=Destination,ou=ActiveMQ," + baseDn, "(|(cn=admin)(cn=write)(cn=read))", constraints);
while (results.hasMore()) {
SearchResult result = (SearchResult) results.next();
AuthorizationEntry entry = getEntry(result.getNameInNamespace());
applyACL(entry, result);
}
setEntries(new ArrayList(entries.values()));
setEntries(new ArrayList<DestinationMapEntry>(entries.values()));
updated();
}
@ -175,8 +174,8 @@ public class CachedLDAPAuthorizationMap extends DefaultAuthorizationMap implemen
// find members
Attribute cn = result.getAttributes().get("cn");
Attribute member = result.getAttributes().get("member");
NamingEnumeration memberEnum = member.getAll();
HashSet members = new HashSet();
NamingEnumeration<?> memberEnum = member.getAll();
HashSet<Object> members = new HashSet<Object>();
while (memberEnum.hasMoreElements()) {
String elem = (String) memberEnum.nextElement();
members.add(new GroupPrincipal(elem.replaceAll("cn=", "")));
@ -229,7 +228,6 @@ public class CachedLDAPAuthorizationMap extends DefaultAuthorizationMap implemen
public void objectAdded(NamingEvent namingEvent) {
LOG.debug("Adding object: " + namingEvent.getNewBinding());
SearchResult result = (SearchResult)namingEvent.getNewBinding();
String cn = null;
if (!isPriviledge(result)) return;
AuthorizationEntry entry = getEntry(result.getName());
if (entry != null) {
@ -253,11 +251,11 @@ public class CachedLDAPAuthorizationMap extends DefaultAuthorizationMap implemen
String[] cns = result.getName().split(",");
if (!isPriviledge(result)) return;
if (cns[0].equalsIgnoreCase("cn=admin")) {
entry.setAdminACLs(new HashSet());
entry.setAdminACLs(new HashSet<Object>());
} else if (cns[0].equalsIgnoreCase("cn=write")) {
entry.setWriteACLs(new HashSet());
entry.setWriteACLs(new HashSet<Object>());
} else if (cns[0].equalsIgnoreCase("cn=read")) {
entry.setReadACLs(new HashSet());
entry.setReadACLs(new HashSet<Object>());
} else {
LOG.warn("Policy not removed! Unknown privilege " + result.getName());
}

17
activemq-core/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java
View File

@ -23,15 +23,16 @@ import java.util.Set;
import org.apache.activemq.command.ActiveMQDestination;
import org.apache.activemq.filter.DestinationMap;
import org.apache.activemq.filter.DestinationMapEntry;
/**
* Represents a destination based configuration of policies so that individual
* destinations or wildcard hierarchies of destinations can be configured using
* different policies. Each entry in the map represents the authorization ACLs
* for each operation.
*
*
* @org.apache.xbean.XBean element="authorizationMap"
*
*
*/
public class DefaultAuthorizationMap extends DestinationMap implements AuthorizationMap {
@ -42,7 +43,8 @@ public class DefaultAuthorizationMap extends DestinationMap implements Authoriza
public DefaultAuthorizationMap() {
}
public DefaultAuthorizationMap(List authorizationEntries) {
@SuppressWarnings("rawtypes")
public DefaultAuthorizationMap(List<DestinationMapEntry> authorizationEntries) {
setAuthorizationEntries(authorizationEntries);
}
@ -124,10 +126,11 @@ public class DefaultAuthorizationMap extends DestinationMap implements Authoriza
/**
* Sets the individual entries on the authorization map
*
*
* @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthorizationEntry"
*/
public void setAuthorizationEntries(List entries) {
@SuppressWarnings("rawtypes")
public void setAuthorizationEntries(List<DestinationMapEntry> entries) {
super.setEntries(entries);
}
@ -139,10 +142,12 @@ public class DefaultAuthorizationMap extends DestinationMap implements Authoriza
this.defaultEntry = defaultEntry;
}
protected Class<AuthorizationEntry> getEntryClass() {
@SuppressWarnings("rawtypes")
protected Class<? extends DestinationMapEntry> getEntryClass() {
return AuthorizationEntry.class;
}
@SuppressWarnings("unchecked")
protected Set<AuthorizationEntry> getAllEntries(ActiveMQDestination destination) {
Set<AuthorizationEntry> entries = get(destination);
if (defaultEntry != null) {

8
activemq-core/src/main/java/org/apache/activemq/security/JaasCertificateAuthenticationBroker.java
View File

@ -19,7 +19,6 @@ package org.apache.activemq.security;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
@ -89,10 +88,9 @@ public class JaasCertificateAuthenticationBroker extends BrokerFilter {
String dnName = "";
for (Iterator iter = subject.getPrincipals().iterator(); iter.hasNext();) {
Principal nextPrincipal = (Principal)iter.next();
if (nextPrincipal instanceof UserPrincipal) {
dnName = ((UserPrincipal)nextPrincipal).getName();
for (Principal principal : subject.getPrincipals()) {
if (principal instanceof UserPrincipal) {
dnName = ((UserPrincipal)principal).getName();
break;
}
}

40
activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java
View File

@ -42,7 +42,7 @@ import org.slf4j.LoggerFactory;
/**
* An {@link AuthorizationMap} which uses LDAP
*
*
* @org.apache.xbean.XBean
* @author ngcutura
*/
@ -115,25 +115,25 @@ public class LDAPAuthorizationMap implements AuthorizationMap {
writeAttribute = "uniqueMember";
}
public LDAPAuthorizationMap(Map options) {
initialContextFactory = (String)options.get(INITIAL_CONTEXT_FACTORY);
connectionURL = (String)options.get(CONNECTION_URL);
connectionUsername = (String)options.get(CONNECTION_USERNAME);
connectionPassword = (String)options.get(CONNECTION_PASSWORD);
connectionProtocol = (String)options.get(CONNECTION_PROTOCOL);
authentication = (String)options.get(AUTHENTICATION);
public LDAPAuthorizationMap(Map<String,String> options) {
initialContextFactory = options.get(INITIAL_CONTEXT_FACTORY);
connectionURL = options.get(CONNECTION_URL);
connectionUsername = options.get(CONNECTION_USERNAME);
connectionPassword = options.get(CONNECTION_PASSWORD);
connectionProtocol = options.get(CONNECTION_PROTOCOL);
authentication = options.get(AUTHENTICATION);
adminBase = (String)options.get(ADMIN_BASE);
adminAttribute = (String)options.get(ADMIN_ATTRIBUTE);
readBase = (String)options.get(READ_BASE);
readAttribute = (String)options.get(READ_ATTRIBUTE);
writeBase = (String)options.get(WRITE_BASE);
writeAttribute = (String)options.get(WRITE_ATTRIBUTE);
adminBase = options.get(ADMIN_BASE);
adminAttribute = options.get(ADMIN_ATTRIBUTE);
readBase = options.get(READ_BASE);
readAttribute = options.get(READ_ATTRIBUTE);
writeBase = options.get(WRITE_BASE);
writeAttribute = options.get(WRITE_ATTRIBUTE);
String topicSearchMatching = (String)options.get(TOPIC_SEARCH_MATCHING);
String topicSearchSubtree = (String)options.get(TOPIC_SEARCH_SUBTREE);
String queueSearchMatching = (String)options.get(QUEUE_SEARCH_MATCHING);
String queueSearchSubtree = (String)options.get(QUEUE_SEARCH_SUBTREE);
String topicSearchMatching = options.get(TOPIC_SEARCH_MATCHING);
String topicSearchSubtree = options.get(TOPIC_SEARCH_SUBTREE);
String queueSearchMatching = options.get(QUEUE_SEARCH_MATCHING);
String queueSearchSubtree = options.get(QUEUE_SEARCH_SUBTREE);
topicSearchMatchingFormat = new MessageFormat(topicSearchMatching);
queueSearchMatchingFormat = new MessageFormat(queueSearchMatching);
topicSearchSubtreeBool = Boolean.valueOf(topicSearchSubtree).booleanValue();
@ -413,7 +413,7 @@ public class LDAPAuthorizationMap implements AuthorizationMap {
try {
Set<GroupPrincipal> roles = new HashSet<GroupPrincipal>();
Set<String> acls = new HashSet<String>();
NamingEnumeration results = context.search(destinationBase, roleBase, constraints);
NamingEnumeration<?> results = context.search(destinationBase, roleBase, constraints);
while (results.hasMore()) {
SearchResult result = (SearchResult)results.next();
Attributes attrs = result.getAttributes();
@ -445,7 +445,7 @@ public class LDAPAuthorizationMap implements AuthorizationMap {
if (attr == null) {
return values;
}
NamingEnumeration e = attr.getAll();
NamingEnumeration<?> e = attr.getAll();
while (e.hasMore()) {
String value = (String)e.next();
values.add(value);

34
activemq-core/src/main/java/org/apache/activemq/security/SecurityContext.java
View File

@ -16,6 +16,7 @@
*/
package org.apache.activemq.security;
import java.security.Principal;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
@ -26,8 +27,8 @@ import org.apache.activemq.command.ActiveMQDestination;
/**
* Used to cache up authorizations so that subsequent requests are faster.
*
*
*
*
*/
public abstract class SecurityContext {
@ -37,9 +38,8 @@ public abstract class SecurityContext {
return true;
}
@SuppressWarnings("unchecked")
public Set<?> getPrincipals() {
return Collections.EMPTY_SET;
public Set<Principal> getPrincipals() {
return Collections.emptySet();
}
};
@ -53,20 +53,20 @@ public abstract class SecurityContext {
}
public boolean isInOneOf(Set<?> allowedPrincipals) {
Iterator allowedIter = allowedPrincipals.iterator();
HashSet<?> userPrincipals = new HashSet<Object>(getPrincipals());
while (allowedIter.hasNext()) {
Iterator userIter = userPrincipals.iterator();
Object allowedPrincipal = allowedIter.next();
while (userIter.hasNext()) {
if (allowedPrincipal.equals(userIter.next()))
return true;
}
}
return false;
Iterator<?> allowedIter = allowedPrincipals.iterator();
HashSet<?> userPrincipals = new HashSet<Object>(getPrincipals());
while (allowedIter.hasNext()) {
Iterator<?> userIter = userPrincipals.iterator();
Object allowedPrincipal = allowedIter.next();
while (userIter.hasNext()) {
if (allowedPrincipal.equals(userIter.next()))
return true;
}
}
return false;
}
public abstract Set<?> getPrincipals();
public abstract Set<Principal> getPrincipals();
public String getUserName() {
return userName;

25
activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthenticationBroker.java
View File

@ -16,6 +16,7 @@
*/
package org.apache.activemq.security;
import java.security.Principal;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
@ -30,24 +31,24 @@ import org.apache.activemq.jaas.GroupPrincipal;
/**
* Handles authenticating a users against a simple user name/password map.
*
*
*
*
*/
public class SimpleAuthenticationBroker extends BrokerFilter {
private boolean anonymousAccessAllowed = false;
private String anonymousUser;
private String anonymousGroup;
private final Map userPasswords;
private final Map userGroups;
private final Map<String,String> userPasswords;
private final Map<String,Set<Principal>> userGroups;
private final CopyOnWriteArrayList<SecurityContext> securityContexts = new CopyOnWriteArrayList<SecurityContext>();
public SimpleAuthenticationBroker(Broker next, Map userPasswords, Map userGroups) {
public SimpleAuthenticationBroker(Broker next, Map<String,String> userPasswords, Map<String,Set<Principal>> userGroups) {
super(next);
this.userPasswords = userPasswords;
this.userGroups = userGroups;
}
public void setAnonymousAccessAllowed(boolean anonymousAccessAllowed) {
this.anonymousAccessAllowed = anonymousAccessAllowed;
}
@ -62,28 +63,28 @@ public class SimpleAuthenticationBroker extends BrokerFilter {
public void addConnection(ConnectionContext context, ConnectionInfo info) throws Exception {
SecurityContext s = context.getSecurityContext();
SecurityContext s = context.getSecurityContext();
if (s == null) {
// Check the username and password.
if (anonymousAccessAllowed && info.getUserName() == null && info.getPassword() == null) {
info.setUserName(anonymousUser);
s = new SecurityContext(info.getUserName()) {
public Set getPrincipals() {
Set groups = new HashSet();
public Set<Principal> getPrincipals() {
Set<Principal> groups = new HashSet<Principal>();
groups.add(new GroupPrincipal(anonymousGroup));
return groups;
}
};
} else {
String pw = (String) userPasswords.get(info.getUserName());
String pw = userPasswords.get(info.getUserName());
if (pw == null || !pw.equals(info.getPassword())) {
throw new SecurityException(
"User name [" + info.getUserName() + "] or password is invalid.");
}
final Set groups = (Set) userGroups.get(info.getUserName());
final Set<Principal> groups = userGroups.get(info.getUserName());
s = new SecurityContext(info.getUserName()) {
public Set<?> getPrincipals() {
public Set<Principal> getPrincipals() {
return groups;
}
};

29
activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java
View File

@ -16,6 +16,7 @@
*/
package org.apache.activemq.security;
import java.security.Principal;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
@ -30,17 +31,17 @@ import org.apache.activemq.jaas.GroupPrincipal;
/**
* A simple authentication plugin
*
*
* @org.apache.xbean.XBean element="simpleAuthenticationPlugin"
* description="Provides a simple authentication plugin
* configured with a map of user-passwords and a map of
* user-groups or a list of authentication users"
*
*
*
*
*/
public class SimpleAuthenticationPlugin implements BrokerPlugin {
private Map<String, String> userPasswords;
private Map<String, Set<GroupPrincipal>> userGroups;
private Map<String, Set<Principal>> userGroups;
private static final String DEFAULT_ANONYMOUS_USER = "anonymous";
private static final String DEFAULT_ANONYMOUS_GROUP = "anonymous";
private String anonymousUser = DEFAULT_ANONYMOUS_USER;
@ -50,7 +51,7 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
public SimpleAuthenticationPlugin() {
}
public SimpleAuthenticationPlugin(List users) {
public SimpleAuthenticationPlugin(List<?> users) {
setUsers(users);
}
@ -62,22 +63,22 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
return broker;
}
public Map<String, Set<GroupPrincipal>> getUserGroups() {
public Map<String, Set<Principal>> getUserGroups() {
return userGroups;
}
/**
* Sets individual users for authentication
*
*
* @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthenticationUser"
*/
public void setUsers(List users) {
public void setUsers(List<?> users) {
userPasswords = new HashMap<String, String>();
userGroups = new HashMap<String, Set<GroupPrincipal>>();
for (Iterator it = users.iterator(); it.hasNext();) {
userGroups = new HashMap<String, Set<Principal>>();
for (Iterator<?> it = users.iterator(); it.hasNext();) {
AuthenticationUser user = (AuthenticationUser)it.next();
userPasswords.put(user.getUsername(), user.getPassword());
Set<GroupPrincipal> groups = new HashSet<GroupPrincipal>();
Set<Principal> groups = new HashSet<Principal>();
StringTokenizer iter = new StringTokenizer(user.getGroups(), ",");
while (iter.hasMoreTokens()) {
String name = iter.nextToken().trim();
@ -86,8 +87,8 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
userGroups.put(user.getUsername(), groups);
}
}
public void setAnonymousAccessAllowed(boolean anonymousAccessAllowed) {
this.anonymousAccessAllowed = anonymousAccessAllowed;
}
@ -104,7 +105,7 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
* Sets the groups a user is in. The key is the user name and the value is a
* Set of groups
*/
public void setUserGroups(Map<String, Set<GroupPrincipal>> userGroups) {
public void setUserGroups(Map<String, Set<Principal>> userGroups) {
this.userGroups = userGroups;
}

4
activemq-core/src/test/java/org/apache/activemq/filter/DummyPolicyEntry.java
View File

@ -21,7 +21,7 @@ package org.apache.activemq.filter;
*
*
*/
public class DummyPolicyEntry extends DestinationMapEntry {
public class DummyPolicyEntry extends DestinationMapEntry<String> {
private String description;
@ -33,7 +33,7 @@ public class DummyPolicyEntry extends DestinationMapEntry {
this.description = description;
}
public Object getValue() {
public Comparable<String> getValue() {
return description;
}

17
activemq-core/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java
View File

@ -22,11 +22,12 @@ import java.util.Set;
import junit.framework.TestCase;
import org.apache.activemq.command.ActiveMQQueue;
import org.apache.activemq.filter.DestinationMapEntry;
import org.apache.activemq.jaas.GroupPrincipal;
/**
*
*
*
*
*/
public class AuthorizationMapTest extends TestCase {
static final GroupPrincipal GUESTS = new GroupPrincipal("guests");
@ -37,7 +38,7 @@ public class AuthorizationMapTest extends TestCase {
public void testAuthorizationMap() {
AuthorizationMap map = createAuthorizationMap();
Set readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR"));
Set<?> readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR"));
assertEquals("set size: " + readACLs, 2, readACLs.size());
assertTrue("Contains users group", readACLs.contains(ADMINS));
assertTrue("Contains users group", readACLs.contains(USERS));
@ -47,21 +48,22 @@ public class AuthorizationMapTest extends TestCase {
public void testAuthorizationMapWithTempDest() {
AuthorizationMap map = createAuthorizationMapWithTempDest();
Set readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR"));
Set<?> readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR"));
assertEquals("set size: " + readACLs, 2, readACLs.size());
assertTrue("Contains users group", readACLs.contains(ADMINS));
assertTrue("Contains users group", readACLs.contains(USERS));
Set tempAdminACLs = map.getTempDestinationAdminACLs();
Set<?> tempAdminACLs = map.getTempDestinationAdminACLs();
assertEquals("set size: " + tempAdminACLs, 1, tempAdminACLs.size());
assertTrue("Contains users group", tempAdminACLs.contains(TEMP_DESTINATION_ADMINS));
}
@SuppressWarnings("rawtypes")
protected AuthorizationMap createAuthorizationMap() {
DefaultAuthorizationMap answer = new DefaultAuthorizationMap();
List<AuthorizationEntry> entries = new ArrayList<AuthorizationEntry>();
List<DestinationMapEntry> entries = new ArrayList<DestinationMapEntry>();
AuthorizationEntry entry = new AuthorizationEntry();
entry.setGroupClass("org.apache.activemq.jaas.GroupPrincipal");
@ -88,10 +90,11 @@ public class AuthorizationMapTest extends TestCase {
return answer;
}
@SuppressWarnings("rawtypes")
protected AuthorizationMap createAuthorizationMapWithTempDest() {
DefaultAuthorizationMap answer = new DefaultAuthorizationMap();
List<AuthorizationEntry> entries = new ArrayList<AuthorizationEntry>();
List<DestinationMapEntry> entries = new ArrayList<DestinationMapEntry>();
AuthorizationEntry entry = new AuthorizationEntry();
entry.setQueue(">");

16
activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java
View File

@ -17,9 +17,12 @@
package org.apache.activemq.security;
import java.net.URL;
import java.security.Principal;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import junit.framework.Test;
import org.apache.activemq.CombinationTestSupport;
@ -28,7 +31,6 @@ import org.apache.activemq.broker.BrokerPlugin;
import org.apache.activemq.broker.BrokerService;
import org.apache.activemq.command.ActiveMQQueue;
import org.apache.activemq.command.ActiveMQTopic;
import org.apache.activemq.command.MessageSendTest;
import org.apache.activemq.filter.DestinationMap;
import org.apache.activemq.jaas.GroupPrincipal;
import org.slf4j.Logger;
@ -37,8 +39,8 @@ import org.slf4j.LoggerFactory;
/**
* Tests that the broker allows/fails access to destinations based on the
* security policy installed on the broker.
*
*
*
*
*/
public class SimpleSecurityBrokerSystemTest extends SecurityTestSupport {
@ -113,10 +115,10 @@ public class SimpleSecurityBrokerSystemTest extends SecurityTestSupport {
u.put("user", "password");
u.put("guest", "password");
HashMap<String, HashSet<Object>> groups = new HashMap<String, HashSet<Object>>();
groups.put("system", new HashSet<Object>(Arrays.asList(new Object[] {ADMINS, USERS})));
groups.put("user", new HashSet<Object>(Arrays.asList(new Object[] {USERS})));
groups.put("guest", new HashSet<Object>(Arrays.asList(new Object[] {GUESTS})));
Map<String, Set<Principal>> groups = new HashMap<String, Set<Principal>>();
groups.put("system", new HashSet<Principal>(Arrays.asList(new Principal[] {ADMINS, USERS})));
groups.put("user", new HashSet<Principal>(Arrays.asList(new Principal[] {USERS})));
groups.put("guest", new HashSet<Principal>(Arrays.asList(new Principal[] {GUESTS})));
return new SimpleAuthenticationBroker(broker, u, groups);
}

3
activemq-core/src/test/java/org/apache/activemq/security/StubSecurityContext.java
View File

@ -17,6 +17,7 @@
package org.apache.activemq.security;
import java.security.Principal;
import java.util.Set;
public class StubSecurityContext extends SecurityContext {
@ -24,7 +25,7 @@ public class StubSecurityContext extends SecurityContext {
super("");
}
public Set<?> getPrincipals() {
public Set<Principal> getPrincipals() {
return null;
}
}