mirror of https://github.com/apache/activemq.git
apply code cleanup patch from https://issues.apache.org/jira/browse/AMQ-3322
git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1176580 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
bef9984b21
commit
3dbc9c9548
|
@ -20,6 +20,7 @@ import java.util.List;
|
||||||
|
|
||||||
import org.apache.activemq.command.ActiveMQDestination;
|
import org.apache.activemq.command.ActiveMQDestination;
|
||||||
import org.apache.activemq.filter.DestinationMap;
|
import org.apache.activemq.filter.DestinationMap;
|
||||||
|
import org.apache.activemq.filter.DestinationMapEntry;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Represents a destination based configuration of policies so that individual
|
* Represents a destination based configuration of policies so that individual
|
||||||
|
@ -59,7 +60,7 @@ public class PolicyMap extends DestinationMap {
|
||||||
this.defaultEntry = defaultEntry;
|
this.defaultEntry = defaultEntry;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected Class getEntryClass() {
|
protected Class<? extends DestinationMapEntry> getEntryClass() {
|
||||||
return PolicyEntry.class;
|
return PolicyEntry.class;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,14 +23,15 @@ package org.apache.activemq.filter;
|
||||||
*
|
*
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings("rawtypes")
|
||||||
public class DefaultDestinationMapEntry extends DestinationMapEntry {
|
public class DefaultDestinationMapEntry extends DestinationMapEntry {
|
||||||
private Object value;
|
private DestinationMapEntry value;
|
||||||
|
|
||||||
public Object getValue() {
|
public DestinationMapEntry getValue() {
|
||||||
return value;
|
return value;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setValue(Object value) {
|
public void setValue(DestinationMapEntry value) {
|
||||||
this.value = value;
|
this.value = value;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -17,7 +17,6 @@
|
||||||
package org.apache.activemq.filter;
|
package org.apache.activemq.filter;
|
||||||
|
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Iterator;
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import java.util.SortedSet;
|
import java.util.SortedSet;
|
||||||
|
@ -57,6 +56,7 @@ public class DestinationMap {
|
||||||
* @return a List of matching values or an empty list if there are no
|
* @return a List of matching values or an empty list if there are no
|
||||||
* matching values.
|
* matching values.
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
public synchronized Set get(ActiveMQDestination key) {
|
public synchronized Set get(ActiveMQDestination key) {
|
||||||
if (key.isComposite()) {
|
if (key.isComposite()) {
|
||||||
ActiveMQDestination[] destinations = key.getCompositeDestinations();
|
ActiveMQDestination[] destinations = key.getCompositeDestinations();
|
||||||
|
@ -136,10 +136,10 @@ public class DestinationMap {
|
||||||
* A helper method to allow the destination map to be populated from a
|
* A helper method to allow the destination map to be populated from a
|
||||||
* dependency injection framework such as Spring
|
* dependency injection framework such as Spring
|
||||||
*/
|
*/
|
||||||
protected void setEntries(List entries) {
|
@SuppressWarnings({ "rawtypes" })
|
||||||
for (Iterator iter = entries.iterator(); iter.hasNext();) {
|
protected void setEntries(List<DestinationMapEntry> entries) {
|
||||||
Object element = (Object)iter.next();
|
for (Object element : entries) {
|
||||||
Class type = getEntryClass();
|
Class<? extends DestinationMapEntry> type = getEntryClass();
|
||||||
if (type.isInstance(element)) {
|
if (type.isInstance(element)) {
|
||||||
DestinationMapEntry entry = (DestinationMapEntry)element;
|
DestinationMapEntry entry = (DestinationMapEntry)element;
|
||||||
put(entry.getDestination(), entry.getValue());
|
put(entry.getDestination(), entry.getValue());
|
||||||
|
@ -155,10 +155,12 @@ public class DestinationMap {
|
||||||
* restrict the type of allowed entries to make a type safe destination map
|
* restrict the type of allowed entries to make a type safe destination map
|
||||||
* for custom policies.
|
* for custom policies.
|
||||||
*/
|
*/
|
||||||
protected Class getEntryClass() {
|
@SuppressWarnings({ "rawtypes" })
|
||||||
|
protected Class<? extends DestinationMapEntry> getEntryClass() {
|
||||||
return DestinationMapEntry.class;
|
return DestinationMapEntry.class;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
protected Set findWildcardMatches(ActiveMQDestination key) {
|
protected Set findWildcardMatches(ActiveMQDestination key) {
|
||||||
String[] paths = key.getDestinationPaths();
|
String[] paths = key.getDestinationPaths();
|
||||||
Set answer = new HashSet();
|
Set answer = new HashSet();
|
||||||
|
@ -170,6 +172,7 @@ public class DestinationMap {
|
||||||
* @param key
|
* @param key
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
public Set removeAll(ActiveMQDestination key) {
|
public Set removeAll(ActiveMQDestination key) {
|
||||||
Set rc = new HashSet();
|
Set rc = new HashSet();
|
||||||
if (key.isComposite()) {
|
if (key.isComposite()) {
|
||||||
|
@ -192,6 +195,7 @@ public class DestinationMap {
|
||||||
* @param destination the destination to find the value for
|
* @param destination the destination to find the value for
|
||||||
* @return the largest matching value or null if no value matches
|
* @return the largest matching value or null if no value matches
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
public Object chooseValue(ActiveMQDestination destination) {
|
public Object chooseValue(ActiveMQDestination destination) {
|
||||||
Set set = get(destination);
|
Set set = get(destination);
|
||||||
if (set == null || set.isEmpty()) {
|
if (set == null || set.isEmpty()) {
|
||||||
|
|
|
@ -27,13 +27,13 @@ import org.apache.activemq.command.*;
|
||||||
*
|
*
|
||||||
* @org.apache.xbean.XBean
|
* @org.apache.xbean.XBean
|
||||||
*/
|
*/
|
||||||
public abstract class DestinationMapEntry implements Comparable {
|
public abstract class DestinationMapEntry<T> implements Comparable<T> {
|
||||||
|
|
||||||
private ActiveMQDestination destination;
|
private ActiveMQDestination destination;
|
||||||
|
|
||||||
public int compareTo(Object that) {
|
public int compareTo(Object that) {
|
||||||
if (that instanceof DestinationMapEntry) {
|
if (that instanceof DestinationMapEntry) {
|
||||||
DestinationMapEntry thatEntry = (DestinationMapEntry)that;
|
DestinationMapEntry<?> thatEntry = (DestinationMapEntry<?>)that;
|
||||||
return ActiveMQDestination.compare(destination, thatEntry.destination);
|
return ActiveMQDestination.compare(destination, thatEntry.destination);
|
||||||
} else if (that == null) {
|
} else if (that == null) {
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -84,7 +84,7 @@ public abstract class DestinationMapEntry implements Comparable {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public Object getValue() {
|
public Comparable<T> getValue() {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,7 +20,6 @@ import java.util.ArrayList;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Iterator;
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
@ -34,10 +33,10 @@ public class DestinationMapNode implements DestinationNode {
|
||||||
protected static final String ANY_CHILD = DestinationMap.ANY_CHILD;
|
protected static final String ANY_CHILD = DestinationMap.ANY_CHILD;
|
||||||
protected static final String ANY_DESCENDENT = DestinationMap.ANY_DESCENDENT;
|
protected static final String ANY_DESCENDENT = DestinationMap.ANY_DESCENDENT;
|
||||||
|
|
||||||
// we synchornize at the DestinationMap level
|
// we synchronize at the DestinationMap level
|
||||||
private DestinationMapNode parent;
|
private DestinationMapNode parent;
|
||||||
private List values = new ArrayList();
|
private List<Object> values = new ArrayList<Object>();
|
||||||
private Map childNodes = new HashMap();
|
private Map<String, DestinationNode> childNodes = new HashMap<String, DestinationNode>();
|
||||||
private String path = "Root";
|
private String path = "Root";
|
||||||
// private DestinationMapNode anyChild;
|
// private DestinationMapNode anyChild;
|
||||||
private int pathLength;
|
private int pathLength;
|
||||||
|
@ -55,14 +54,14 @@ public class DestinationMapNode implements DestinationNode {
|
||||||
* Returns the child node for the given named path or null if it does not
|
* Returns the child node for the given named path or null if it does not
|
||||||
* exist
|
* exist
|
||||||
*/
|
*/
|
||||||
public DestinationMapNode getChild(String path) {
|
public DestinationNode getChild(String path) {
|
||||||
return (DestinationMapNode)childNodes.get(path);
|
return childNodes.get(path);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the child nodes
|
* Returns the child nodes
|
||||||
*/
|
*/
|
||||||
public Collection getChildren() {
|
public Collection<DestinationNode> getChildren() {
|
||||||
return childNodes.values();
|
return childNodes.values();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -84,18 +83,10 @@ public class DestinationMapNode implements DestinationNode {
|
||||||
return answer;
|
return answer;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns the node which represents all children (i.e. the * node)
|
|
||||||
*/
|
|
||||||
// public DestinationMapNode getAnyChildNode() {
|
|
||||||
// if (anyChild == null) {
|
|
||||||
// anyChild = createChildNode();
|
|
||||||
// }
|
|
||||||
// return anyChild;
|
|
||||||
// }
|
|
||||||
/**
|
/**
|
||||||
* Returns a mutable List of the values available at this node in the tree
|
* Returns a mutable List of the values available at this node in the tree
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
public List getValues() {
|
public List getValues() {
|
||||||
return values;
|
return values;
|
||||||
}
|
}
|
||||||
|
@ -103,6 +94,7 @@ public class DestinationMapNode implements DestinationNode {
|
||||||
/**
|
/**
|
||||||
* Returns a mutable List of the values available at this node in the tree
|
* Returns a mutable List of the values available at this node in the tree
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
public List removeValues() {
|
public List removeValues() {
|
||||||
ArrayList v = new ArrayList(values);
|
ArrayList v = new ArrayList(values);
|
||||||
// parent.getAnyChildNode().getValues().removeAll(v);
|
// parent.getAnyChildNode().getValues().removeAll(v);
|
||||||
|
@ -111,22 +103,22 @@ public class DestinationMapNode implements DestinationNode {
|
||||||
return v;
|
return v;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
public Set removeDesendentValues() {
|
public Set removeDesendentValues() {
|
||||||
Set answer = new HashSet();
|
Set answer = new HashSet();
|
||||||
removeDesendentValues(answer);
|
removeDesendentValues(answer);
|
||||||
return answer;
|
return answer;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
protected void removeDesendentValues(Set answer) {
|
protected void removeDesendentValues(Set answer) {
|
||||||
// if (anyChild != null) {
|
|
||||||
// anyChild.removeDesendentValues(answer);
|
|
||||||
// }
|
|
||||||
answer.addAll(removeValues());
|
answer.addAll(removeValues());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns a list of all the values from this node down the tree
|
* Returns a list of all the values from this node down the tree
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
public Set getDesendentValues() {
|
public Set getDesendentValues() {
|
||||||
Set answer = new HashSet();
|
Set answer = new HashSet();
|
||||||
appendDescendantValues(answer);
|
appendDescendantValues(answer);
|
||||||
|
@ -137,12 +129,6 @@ public class DestinationMapNode implements DestinationNode {
|
||||||
if (idx >= paths.length) {
|
if (idx >= paths.length) {
|
||||||
values.add(value);
|
values.add(value);
|
||||||
} else {
|
} else {
|
||||||
// if (idx == paths.length - 1) {
|
|
||||||
// getAnyChildNode().getValues().add(value);
|
|
||||||
// }
|
|
||||||
// else {
|
|
||||||
// getAnyChildNode().add(paths, idx + 1, value);
|
|
||||||
// }
|
|
||||||
getChildOrCreate(paths[idx]).add(paths, idx + 1, value);
|
getChildOrCreate(paths[idx]).add(paths, idx + 1, value);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -152,17 +138,11 @@ public class DestinationMapNode implements DestinationNode {
|
||||||
values.remove(value);
|
values.remove(value);
|
||||||
pruneIfEmpty();
|
pruneIfEmpty();
|
||||||
} else {
|
} else {
|
||||||
// if (idx == paths.length - 1) {
|
|
||||||
// getAnyChildNode().getValues().remove(value);
|
|
||||||
// }
|
|
||||||
// else {
|
|
||||||
// getAnyChildNode().remove(paths, idx + 1, value);
|
|
||||||
// }
|
|
||||||
getChildOrCreate(paths[idx]).remove(paths, ++idx, value);
|
getChildOrCreate(paths[idx]).remove(paths, ++idx, value);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public void removeAll(Set answer, String[] paths, int startIndex) {
|
public void removeAll(Set<DestinationNode> answer, String[] paths, int startIndex) {
|
||||||
DestinationNode node = this;
|
DestinationNode node = this;
|
||||||
int size = paths.length;
|
int size = paths.length;
|
||||||
for (int i = startIndex; i < size && node != null; i++) {
|
for (int i = startIndex; i < size && node != null; i++) {
|
||||||
|
@ -188,20 +168,14 @@ public class DestinationMapNode implements DestinationNode {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
public void appendDescendantValues(Set answer) {
|
public void appendDescendantValues(Set answer) {
|
||||||
answer.addAll(values);
|
answer.addAll(values);
|
||||||
|
|
||||||
// lets add all the children too
|
// lets add all the children too
|
||||||
Iterator iter = childNodes.values().iterator();
|
for(DestinationNode child : childNodes.values()) {
|
||||||
while (iter.hasNext()) {
|
|
||||||
DestinationNode child = (DestinationNode)iter.next();
|
|
||||||
child.appendDescendantValues(answer);
|
child.appendDescendantValues(answer);
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO???
|
|
||||||
// if (anyChild != null) {
|
|
||||||
// anyChild.appendDescendantValues(answer);
|
|
||||||
// }
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -214,11 +188,12 @@ public class DestinationMapNode implements DestinationNode {
|
||||||
/**
|
/**
|
||||||
* Matches any entries in the map containing wildcards
|
* Matches any entries in the map containing wildcards
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings({ "rawtypes", "unchecked" })
|
||||||
public void appendMatchingWildcards(Set answer, String[] paths, int idx) {
|
public void appendMatchingWildcards(Set answer, String[] paths, int idx) {
|
||||||
if (idx - 1 > pathLength) {
|
if (idx - 1 > pathLength) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
DestinationMapNode wildCardNode = getChild(ANY_CHILD);
|
DestinationNode wildCardNode = getChild(ANY_CHILD);
|
||||||
if (wildCardNode != null) {
|
if (wildCardNode != null) {
|
||||||
wildCardNode.appendMatchingValues(answer, paths, idx + 1);
|
wildCardNode.appendMatchingValues(answer, paths, idx + 1);
|
||||||
}
|
}
|
||||||
|
@ -228,7 +203,7 @@ public class DestinationMapNode implements DestinationNode {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public void appendMatchingValues(Set answer, String[] paths, int startIndex) {
|
public void appendMatchingValues(Set<DestinationNode> answer, String[] paths, int startIndex) {
|
||||||
DestinationNode node = this;
|
DestinationNode node = this;
|
||||||
boolean couldMatchAny = true;
|
boolean couldMatchAny = true;
|
||||||
int size = paths.length;
|
int size = paths.length;
|
||||||
|
|
|
@ -25,21 +25,21 @@ import java.util.Set;
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public interface DestinationNode {
|
public interface DestinationNode {
|
||||||
void appendMatchingValues(Set answer, String[] paths, int startIndex);
|
void appendMatchingValues(Set<DestinationNode> answer, String[] paths, int startIndex);
|
||||||
|
|
||||||
void appendMatchingWildcards(Set answer, String[] paths, int startIndex);
|
void appendMatchingWildcards(Set<DestinationNode> answer, String[] paths, int startIndex);
|
||||||
|
|
||||||
void appendDescendantValues(Set answer);
|
void appendDescendantValues(Set<DestinationNode> answer);
|
||||||
|
|
||||||
Collection getDesendentValues();
|
Collection<DestinationNode> getDesendentValues();
|
||||||
|
|
||||||
DestinationNode getChild(String path);
|
DestinationNode getChild(String path);
|
||||||
|
|
||||||
Collection getValues();
|
Collection<DestinationNode> getValues();
|
||||||
|
|
||||||
Collection getChildren();
|
Collection<DestinationNode> getChildren();
|
||||||
|
|
||||||
Collection removeDesendentValues();
|
Collection<DestinationNode> removeDesendentValues();
|
||||||
|
|
||||||
Collection removeValues();
|
Collection<DestinationNode> removeValues();
|
||||||
}
|
}
|
||||||
|
|
|
@ -33,6 +33,7 @@ import org.apache.activemq.filter.DestinationMapEntry;
|
||||||
* @org.apache.xbean.XBean
|
* @org.apache.xbean.XBean
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings("rawtypes")
|
||||||
public class AuthorizationEntry extends DestinationMapEntry {
|
public class AuthorizationEntry extends DestinationMapEntry {
|
||||||
|
|
||||||
private Set<Object> readACLs = emptySet();
|
private Set<Object> readACLs = emptySet();
|
||||||
|
@ -109,21 +110,18 @@ public class AuthorizationEntry extends DestinationMapEntry {
|
||||||
Set<Object> answer = new HashSet<Object>();
|
Set<Object> answer = new HashSet<Object>();
|
||||||
StringTokenizer iter = new StringTokenizer(roles, ",");
|
StringTokenizer iter = new StringTokenizer(roles, ",");
|
||||||
while (iter.hasMoreTokens()) {
|
while (iter.hasMoreTokens()) {
|
||||||
String name = iter.nextToken().trim();
|
|
||||||
Class[] paramClass = new Class[1];
|
|
||||||
paramClass[0] = String.class;
|
|
||||||
|
|
||||||
Object[] param = new Object[1];
|
String name = iter.nextToken().trim();
|
||||||
param[0] = name;
|
Object[] param = new Object[]{name};
|
||||||
|
|
||||||
try {
|
try {
|
||||||
Class cls = Class.forName(groupClass);
|
Class<?> cls = Class.forName(groupClass);
|
||||||
|
|
||||||
Constructor[] constructors = cls.getConstructors();
|
Constructor<?>[] constructors = cls.getConstructors();
|
||||||
int i;
|
int i;
|
||||||
for (i = 0; i < constructors.length; i++) {
|
for (i = 0; i < constructors.length; i++) {
|
||||||
Class[] paramTypes = constructors[i].getParameterTypes();
|
Class<?>[] paramTypes = constructors[i].getParameterTypes();
|
||||||
if (paramTypes.length != 0 && paramTypes[0].equals(paramClass[0])) {
|
if (paramTypes.length != 0 && paramTypes[0].equals(String.class)) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -135,8 +133,8 @@ public class AuthorizationEntry extends DestinationMapEntry {
|
||||||
Method[] methods = cls.getMethods();
|
Method[] methods = cls.getMethods();
|
||||||
i = 0;
|
i = 0;
|
||||||
for (i = 0; i < methods.length; i++) {
|
for (i = 0; i < methods.length; i++) {
|
||||||
Class[] paramTypes = methods[i].getParameterTypes();
|
Class<?>[] paramTypes = methods[i].getParameterTypes();
|
||||||
if (paramTypes.length != 0 && methods[i].getName().equals("setName") && paramTypes[0].equals(paramClass[0])) {
|
if (paramTypes.length != 0 && methods[i].getName().equals("setName") && paramTypes[0].equals(String.class)) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,6 +19,7 @@ package org.apache.activemq.security;
|
||||||
import org.apache.activemq.command.ActiveMQDestination;
|
import org.apache.activemq.command.ActiveMQDestination;
|
||||||
import org.apache.activemq.command.ActiveMQQueue;
|
import org.apache.activemq.command.ActiveMQQueue;
|
||||||
import org.apache.activemq.command.ActiveMQTopic;
|
import org.apache.activemq.command.ActiveMQTopic;
|
||||||
|
import org.apache.activemq.filter.DestinationMapEntry;
|
||||||
import org.apache.activemq.jaas.GroupPrincipal;
|
import org.apache.activemq.jaas.GroupPrincipal;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
@ -32,7 +33,6 @@ import javax.naming.directory.*;
|
||||||
import javax.naming.event.*;
|
import javax.naming.event.*;
|
||||||
import java.util.*;
|
import java.util.*;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A {@link DefaultAuthorizationMap} implementation which uses LDAP to initialize and update
|
* A {@link DefaultAuthorizationMap} implementation which uses LDAP to initialize and update
|
||||||
*
|
*
|
||||||
|
@ -97,10 +97,9 @@ public class CachedLDAPAuthorizationMap extends DefaultAuthorizationMap implemen
|
||||||
return context;
|
return context;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
HashMap<ActiveMQDestination, AuthorizationEntry> entries = new HashMap<ActiveMQDestination, AuthorizationEntry>();
|
HashMap<ActiveMQDestination, AuthorizationEntry> entries = new HashMap<ActiveMQDestination, AuthorizationEntry>();
|
||||||
|
|
||||||
|
@SuppressWarnings("rawtypes")
|
||||||
public void query() throws Exception {
|
public void query() throws Exception {
|
||||||
try {
|
try {
|
||||||
context = open();
|
context = open();
|
||||||
|
@ -111,14 +110,14 @@ public class CachedLDAPAuthorizationMap extends DefaultAuthorizationMap implemen
|
||||||
final SearchControls constraints = new SearchControls();
|
final SearchControls constraints = new SearchControls();
|
||||||
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
||||||
|
|
||||||
NamingEnumeration results = context.search("ou=Destination,ou=ActiveMQ," + baseDn, "(|(cn=admin)(cn=write)(cn=read))", constraints);
|
NamingEnumeration<?> results = context.search("ou=Destination,ou=ActiveMQ," + baseDn, "(|(cn=admin)(cn=write)(cn=read))", constraints);
|
||||||
while (results.hasMore()) {
|
while (results.hasMore()) {
|
||||||
SearchResult result = (SearchResult) results.next();
|
SearchResult result = (SearchResult) results.next();
|
||||||
AuthorizationEntry entry = getEntry(result.getNameInNamespace());
|
AuthorizationEntry entry = getEntry(result.getNameInNamespace());
|
||||||
applyACL(entry, result);
|
applyACL(entry, result);
|
||||||
}
|
}
|
||||||
|
|
||||||
setEntries(new ArrayList(entries.values()));
|
setEntries(new ArrayList<DestinationMapEntry>(entries.values()));
|
||||||
updated();
|
updated();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -175,8 +174,8 @@ public class CachedLDAPAuthorizationMap extends DefaultAuthorizationMap implemen
|
||||||
// find members
|
// find members
|
||||||
Attribute cn = result.getAttributes().get("cn");
|
Attribute cn = result.getAttributes().get("cn");
|
||||||
Attribute member = result.getAttributes().get("member");
|
Attribute member = result.getAttributes().get("member");
|
||||||
NamingEnumeration memberEnum = member.getAll();
|
NamingEnumeration<?> memberEnum = member.getAll();
|
||||||
HashSet members = new HashSet();
|
HashSet<Object> members = new HashSet<Object>();
|
||||||
while (memberEnum.hasMoreElements()) {
|
while (memberEnum.hasMoreElements()) {
|
||||||
String elem = (String) memberEnum.nextElement();
|
String elem = (String) memberEnum.nextElement();
|
||||||
members.add(new GroupPrincipal(elem.replaceAll("cn=", "")));
|
members.add(new GroupPrincipal(elem.replaceAll("cn=", "")));
|
||||||
|
@ -229,7 +228,6 @@ public class CachedLDAPAuthorizationMap extends DefaultAuthorizationMap implemen
|
||||||
public void objectAdded(NamingEvent namingEvent) {
|
public void objectAdded(NamingEvent namingEvent) {
|
||||||
LOG.debug("Adding object: " + namingEvent.getNewBinding());
|
LOG.debug("Adding object: " + namingEvent.getNewBinding());
|
||||||
SearchResult result = (SearchResult)namingEvent.getNewBinding();
|
SearchResult result = (SearchResult)namingEvent.getNewBinding();
|
||||||
String cn = null;
|
|
||||||
if (!isPriviledge(result)) return;
|
if (!isPriviledge(result)) return;
|
||||||
AuthorizationEntry entry = getEntry(result.getName());
|
AuthorizationEntry entry = getEntry(result.getName());
|
||||||
if (entry != null) {
|
if (entry != null) {
|
||||||
|
@ -253,11 +251,11 @@ public class CachedLDAPAuthorizationMap extends DefaultAuthorizationMap implemen
|
||||||
String[] cns = result.getName().split(",");
|
String[] cns = result.getName().split(",");
|
||||||
if (!isPriviledge(result)) return;
|
if (!isPriviledge(result)) return;
|
||||||
if (cns[0].equalsIgnoreCase("cn=admin")) {
|
if (cns[0].equalsIgnoreCase("cn=admin")) {
|
||||||
entry.setAdminACLs(new HashSet());
|
entry.setAdminACLs(new HashSet<Object>());
|
||||||
} else if (cns[0].equalsIgnoreCase("cn=write")) {
|
} else if (cns[0].equalsIgnoreCase("cn=write")) {
|
||||||
entry.setWriteACLs(new HashSet());
|
entry.setWriteACLs(new HashSet<Object>());
|
||||||
} else if (cns[0].equalsIgnoreCase("cn=read")) {
|
} else if (cns[0].equalsIgnoreCase("cn=read")) {
|
||||||
entry.setReadACLs(new HashSet());
|
entry.setReadACLs(new HashSet<Object>());
|
||||||
} else {
|
} else {
|
||||||
LOG.warn("Policy not removed! Unknown privilege " + result.getName());
|
LOG.warn("Policy not removed! Unknown privilege " + result.getName());
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,6 +23,7 @@ import java.util.Set;
|
||||||
|
|
||||||
import org.apache.activemq.command.ActiveMQDestination;
|
import org.apache.activemq.command.ActiveMQDestination;
|
||||||
import org.apache.activemq.filter.DestinationMap;
|
import org.apache.activemq.filter.DestinationMap;
|
||||||
|
import org.apache.activemq.filter.DestinationMapEntry;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Represents a destination based configuration of policies so that individual
|
* Represents a destination based configuration of policies so that individual
|
||||||
|
@ -42,7 +43,8 @@ public class DefaultAuthorizationMap extends DestinationMap implements Authoriza
|
||||||
public DefaultAuthorizationMap() {
|
public DefaultAuthorizationMap() {
|
||||||
}
|
}
|
||||||
|
|
||||||
public DefaultAuthorizationMap(List authorizationEntries) {
|
@SuppressWarnings("rawtypes")
|
||||||
|
public DefaultAuthorizationMap(List<DestinationMapEntry> authorizationEntries) {
|
||||||
setAuthorizationEntries(authorizationEntries);
|
setAuthorizationEntries(authorizationEntries);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -127,7 +129,8 @@ public class DefaultAuthorizationMap extends DestinationMap implements Authoriza
|
||||||
*
|
*
|
||||||
* @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthorizationEntry"
|
* @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthorizationEntry"
|
||||||
*/
|
*/
|
||||||
public void setAuthorizationEntries(List entries) {
|
@SuppressWarnings("rawtypes")
|
||||||
|
public void setAuthorizationEntries(List<DestinationMapEntry> entries) {
|
||||||
super.setEntries(entries);
|
super.setEntries(entries);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -139,10 +142,12 @@ public class DefaultAuthorizationMap extends DestinationMap implements Authoriza
|
||||||
this.defaultEntry = defaultEntry;
|
this.defaultEntry = defaultEntry;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected Class<AuthorizationEntry> getEntryClass() {
|
@SuppressWarnings("rawtypes")
|
||||||
|
protected Class<? extends DestinationMapEntry> getEntryClass() {
|
||||||
return AuthorizationEntry.class;
|
return AuthorizationEntry.class;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@SuppressWarnings("unchecked")
|
||||||
protected Set<AuthorizationEntry> getAllEntries(ActiveMQDestination destination) {
|
protected Set<AuthorizationEntry> getAllEntries(ActiveMQDestination destination) {
|
||||||
Set<AuthorizationEntry> entries = get(destination);
|
Set<AuthorizationEntry> entries = get(destination);
|
||||||
if (defaultEntry != null) {
|
if (defaultEntry != null) {
|
||||||
|
|
|
@ -19,7 +19,6 @@ package org.apache.activemq.security;
|
||||||
|
|
||||||
import java.security.Principal;
|
import java.security.Principal;
|
||||||
import java.security.cert.X509Certificate;
|
import java.security.cert.X509Certificate;
|
||||||
import java.util.Iterator;
|
|
||||||
|
|
||||||
import javax.security.auth.Subject;
|
import javax.security.auth.Subject;
|
||||||
import javax.security.auth.callback.CallbackHandler;
|
import javax.security.auth.callback.CallbackHandler;
|
||||||
|
@ -89,10 +88,9 @@ public class JaasCertificateAuthenticationBroker extends BrokerFilter {
|
||||||
|
|
||||||
String dnName = "";
|
String dnName = "";
|
||||||
|
|
||||||
for (Iterator iter = subject.getPrincipals().iterator(); iter.hasNext();) {
|
for (Principal principal : subject.getPrincipals()) {
|
||||||
Principal nextPrincipal = (Principal)iter.next();
|
if (principal instanceof UserPrincipal) {
|
||||||
if (nextPrincipal instanceof UserPrincipal) {
|
dnName = ((UserPrincipal)principal).getName();
|
||||||
dnName = ((UserPrincipal)nextPrincipal).getName();
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -115,25 +115,25 @@ public class LDAPAuthorizationMap implements AuthorizationMap {
|
||||||
writeAttribute = "uniqueMember";
|
writeAttribute = "uniqueMember";
|
||||||
}
|
}
|
||||||
|
|
||||||
public LDAPAuthorizationMap(Map options) {
|
public LDAPAuthorizationMap(Map<String,String> options) {
|
||||||
initialContextFactory = (String)options.get(INITIAL_CONTEXT_FACTORY);
|
initialContextFactory = options.get(INITIAL_CONTEXT_FACTORY);
|
||||||
connectionURL = (String)options.get(CONNECTION_URL);
|
connectionURL = options.get(CONNECTION_URL);
|
||||||
connectionUsername = (String)options.get(CONNECTION_USERNAME);
|
connectionUsername = options.get(CONNECTION_USERNAME);
|
||||||
connectionPassword = (String)options.get(CONNECTION_PASSWORD);
|
connectionPassword = options.get(CONNECTION_PASSWORD);
|
||||||
connectionProtocol = (String)options.get(CONNECTION_PROTOCOL);
|
connectionProtocol = options.get(CONNECTION_PROTOCOL);
|
||||||
authentication = (String)options.get(AUTHENTICATION);
|
authentication = options.get(AUTHENTICATION);
|
||||||
|
|
||||||
adminBase = (String)options.get(ADMIN_BASE);
|
adminBase = options.get(ADMIN_BASE);
|
||||||
adminAttribute = (String)options.get(ADMIN_ATTRIBUTE);
|
adminAttribute = options.get(ADMIN_ATTRIBUTE);
|
||||||
readBase = (String)options.get(READ_BASE);
|
readBase = options.get(READ_BASE);
|
||||||
readAttribute = (String)options.get(READ_ATTRIBUTE);
|
readAttribute = options.get(READ_ATTRIBUTE);
|
||||||
writeBase = (String)options.get(WRITE_BASE);
|
writeBase = options.get(WRITE_BASE);
|
||||||
writeAttribute = (String)options.get(WRITE_ATTRIBUTE);
|
writeAttribute = options.get(WRITE_ATTRIBUTE);
|
||||||
|
|
||||||
String topicSearchMatching = (String)options.get(TOPIC_SEARCH_MATCHING);
|
String topicSearchMatching = options.get(TOPIC_SEARCH_MATCHING);
|
||||||
String topicSearchSubtree = (String)options.get(TOPIC_SEARCH_SUBTREE);
|
String topicSearchSubtree = options.get(TOPIC_SEARCH_SUBTREE);
|
||||||
String queueSearchMatching = (String)options.get(QUEUE_SEARCH_MATCHING);
|
String queueSearchMatching = options.get(QUEUE_SEARCH_MATCHING);
|
||||||
String queueSearchSubtree = (String)options.get(QUEUE_SEARCH_SUBTREE);
|
String queueSearchSubtree = options.get(QUEUE_SEARCH_SUBTREE);
|
||||||
topicSearchMatchingFormat = new MessageFormat(topicSearchMatching);
|
topicSearchMatchingFormat = new MessageFormat(topicSearchMatching);
|
||||||
queueSearchMatchingFormat = new MessageFormat(queueSearchMatching);
|
queueSearchMatchingFormat = new MessageFormat(queueSearchMatching);
|
||||||
topicSearchSubtreeBool = Boolean.valueOf(topicSearchSubtree).booleanValue();
|
topicSearchSubtreeBool = Boolean.valueOf(topicSearchSubtree).booleanValue();
|
||||||
|
@ -413,7 +413,7 @@ public class LDAPAuthorizationMap implements AuthorizationMap {
|
||||||
try {
|
try {
|
||||||
Set<GroupPrincipal> roles = new HashSet<GroupPrincipal>();
|
Set<GroupPrincipal> roles = new HashSet<GroupPrincipal>();
|
||||||
Set<String> acls = new HashSet<String>();
|
Set<String> acls = new HashSet<String>();
|
||||||
NamingEnumeration results = context.search(destinationBase, roleBase, constraints);
|
NamingEnumeration<?> results = context.search(destinationBase, roleBase, constraints);
|
||||||
while (results.hasMore()) {
|
while (results.hasMore()) {
|
||||||
SearchResult result = (SearchResult)results.next();
|
SearchResult result = (SearchResult)results.next();
|
||||||
Attributes attrs = result.getAttributes();
|
Attributes attrs = result.getAttributes();
|
||||||
|
@ -445,7 +445,7 @@ public class LDAPAuthorizationMap implements AuthorizationMap {
|
||||||
if (attr == null) {
|
if (attr == null) {
|
||||||
return values;
|
return values;
|
||||||
}
|
}
|
||||||
NamingEnumeration e = attr.getAll();
|
NamingEnumeration<?> e = attr.getAll();
|
||||||
while (e.hasMore()) {
|
while (e.hasMore()) {
|
||||||
String value = (String)e.next();
|
String value = (String)e.next();
|
||||||
values.add(value);
|
values.add(value);
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
*/
|
*/
|
||||||
package org.apache.activemq.security;
|
package org.apache.activemq.security;
|
||||||
|
|
||||||
|
import java.security.Principal;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
|
@ -37,9 +38,8 @@ public abstract class SecurityContext {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@SuppressWarnings("unchecked")
|
public Set<Principal> getPrincipals() {
|
||||||
public Set<?> getPrincipals() {
|
return Collections.emptySet();
|
||||||
return Collections.EMPTY_SET;
|
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -53,10 +53,10 @@ public abstract class SecurityContext {
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean isInOneOf(Set<?> allowedPrincipals) {
|
public boolean isInOneOf(Set<?> allowedPrincipals) {
|
||||||
Iterator allowedIter = allowedPrincipals.iterator();
|
Iterator<?> allowedIter = allowedPrincipals.iterator();
|
||||||
HashSet<?> userPrincipals = new HashSet<Object>(getPrincipals());
|
HashSet<?> userPrincipals = new HashSet<Object>(getPrincipals());
|
||||||
while (allowedIter.hasNext()) {
|
while (allowedIter.hasNext()) {
|
||||||
Iterator userIter = userPrincipals.iterator();
|
Iterator<?> userIter = userPrincipals.iterator();
|
||||||
Object allowedPrincipal = allowedIter.next();
|
Object allowedPrincipal = allowedIter.next();
|
||||||
while (userIter.hasNext()) {
|
while (userIter.hasNext()) {
|
||||||
if (allowedPrincipal.equals(userIter.next()))
|
if (allowedPrincipal.equals(userIter.next()))
|
||||||
|
@ -66,7 +66,7 @@ public abstract class SecurityContext {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public abstract Set<?> getPrincipals();
|
public abstract Set<Principal> getPrincipals();
|
||||||
|
|
||||||
public String getUserName() {
|
public String getUserName() {
|
||||||
return userName;
|
return userName;
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
*/
|
*/
|
||||||
package org.apache.activemq.security;
|
package org.apache.activemq.security;
|
||||||
|
|
||||||
|
import java.security.Principal;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
@ -38,11 +39,11 @@ public class SimpleAuthenticationBroker extends BrokerFilter {
|
||||||
private boolean anonymousAccessAllowed = false;
|
private boolean anonymousAccessAllowed = false;
|
||||||
private String anonymousUser;
|
private String anonymousUser;
|
||||||
private String anonymousGroup;
|
private String anonymousGroup;
|
||||||
private final Map userPasswords;
|
private final Map<String,String> userPasswords;
|
||||||
private final Map userGroups;
|
private final Map<String,Set<Principal>> userGroups;
|
||||||
private final CopyOnWriteArrayList<SecurityContext> securityContexts = new CopyOnWriteArrayList<SecurityContext>();
|
private final CopyOnWriteArrayList<SecurityContext> securityContexts = new CopyOnWriteArrayList<SecurityContext>();
|
||||||
|
|
||||||
public SimpleAuthenticationBroker(Broker next, Map userPasswords, Map userGroups) {
|
public SimpleAuthenticationBroker(Broker next, Map<String,String> userPasswords, Map<String,Set<Principal>> userGroups) {
|
||||||
super(next);
|
super(next);
|
||||||
this.userPasswords = userPasswords;
|
this.userPasswords = userPasswords;
|
||||||
this.userGroups = userGroups;
|
this.userGroups = userGroups;
|
||||||
|
@ -68,22 +69,22 @@ public class SimpleAuthenticationBroker extends BrokerFilter {
|
||||||
if (anonymousAccessAllowed && info.getUserName() == null && info.getPassword() == null) {
|
if (anonymousAccessAllowed && info.getUserName() == null && info.getPassword() == null) {
|
||||||
info.setUserName(anonymousUser);
|
info.setUserName(anonymousUser);
|
||||||
s = new SecurityContext(info.getUserName()) {
|
s = new SecurityContext(info.getUserName()) {
|
||||||
public Set getPrincipals() {
|
public Set<Principal> getPrincipals() {
|
||||||
Set groups = new HashSet();
|
Set<Principal> groups = new HashSet<Principal>();
|
||||||
groups.add(new GroupPrincipal(anonymousGroup));
|
groups.add(new GroupPrincipal(anonymousGroup));
|
||||||
return groups;
|
return groups;
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
} else {
|
} else {
|
||||||
String pw = (String) userPasswords.get(info.getUserName());
|
String pw = userPasswords.get(info.getUserName());
|
||||||
if (pw == null || !pw.equals(info.getPassword())) {
|
if (pw == null || !pw.equals(info.getPassword())) {
|
||||||
throw new SecurityException(
|
throw new SecurityException(
|
||||||
"User name [" + info.getUserName() + "] or password is invalid.");
|
"User name [" + info.getUserName() + "] or password is invalid.");
|
||||||
}
|
}
|
||||||
|
|
||||||
final Set groups = (Set) userGroups.get(info.getUserName());
|
final Set<Principal> groups = userGroups.get(info.getUserName());
|
||||||
s = new SecurityContext(info.getUserName()) {
|
s = new SecurityContext(info.getUserName()) {
|
||||||
public Set<?> getPrincipals() {
|
public Set<Principal> getPrincipals() {
|
||||||
return groups;
|
return groups;
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
*/
|
*/
|
||||||
package org.apache.activemq.security;
|
package org.apache.activemq.security;
|
||||||
|
|
||||||
|
import java.security.Principal;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
|
@ -40,7 +41,7 @@ import org.apache.activemq.jaas.GroupPrincipal;
|
||||||
*/
|
*/
|
||||||
public class SimpleAuthenticationPlugin implements BrokerPlugin {
|
public class SimpleAuthenticationPlugin implements BrokerPlugin {
|
||||||
private Map<String, String> userPasswords;
|
private Map<String, String> userPasswords;
|
||||||
private Map<String, Set<GroupPrincipal>> userGroups;
|
private Map<String, Set<Principal>> userGroups;
|
||||||
private static final String DEFAULT_ANONYMOUS_USER = "anonymous";
|
private static final String DEFAULT_ANONYMOUS_USER = "anonymous";
|
||||||
private static final String DEFAULT_ANONYMOUS_GROUP = "anonymous";
|
private static final String DEFAULT_ANONYMOUS_GROUP = "anonymous";
|
||||||
private String anonymousUser = DEFAULT_ANONYMOUS_USER;
|
private String anonymousUser = DEFAULT_ANONYMOUS_USER;
|
||||||
|
@ -50,7 +51,7 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
|
||||||
public SimpleAuthenticationPlugin() {
|
public SimpleAuthenticationPlugin() {
|
||||||
}
|
}
|
||||||
|
|
||||||
public SimpleAuthenticationPlugin(List users) {
|
public SimpleAuthenticationPlugin(List<?> users) {
|
||||||
setUsers(users);
|
setUsers(users);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -62,7 +63,7 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
|
||||||
return broker;
|
return broker;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Map<String, Set<GroupPrincipal>> getUserGroups() {
|
public Map<String, Set<Principal>> getUserGroups() {
|
||||||
return userGroups;
|
return userGroups;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -71,13 +72,13 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
|
||||||
*
|
*
|
||||||
* @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthenticationUser"
|
* @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthenticationUser"
|
||||||
*/
|
*/
|
||||||
public void setUsers(List users) {
|
public void setUsers(List<?> users) {
|
||||||
userPasswords = new HashMap<String, String>();
|
userPasswords = new HashMap<String, String>();
|
||||||
userGroups = new HashMap<String, Set<GroupPrincipal>>();
|
userGroups = new HashMap<String, Set<Principal>>();
|
||||||
for (Iterator it = users.iterator(); it.hasNext();) {
|
for (Iterator<?> it = users.iterator(); it.hasNext();) {
|
||||||
AuthenticationUser user = (AuthenticationUser)it.next();
|
AuthenticationUser user = (AuthenticationUser)it.next();
|
||||||
userPasswords.put(user.getUsername(), user.getPassword());
|
userPasswords.put(user.getUsername(), user.getPassword());
|
||||||
Set<GroupPrincipal> groups = new HashSet<GroupPrincipal>();
|
Set<Principal> groups = new HashSet<Principal>();
|
||||||
StringTokenizer iter = new StringTokenizer(user.getGroups(), ",");
|
StringTokenizer iter = new StringTokenizer(user.getGroups(), ",");
|
||||||
while (iter.hasMoreTokens()) {
|
while (iter.hasMoreTokens()) {
|
||||||
String name = iter.nextToken().trim();
|
String name = iter.nextToken().trim();
|
||||||
|
@ -104,7 +105,7 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
|
||||||
* Sets the groups a user is in. The key is the user name and the value is a
|
* Sets the groups a user is in. The key is the user name and the value is a
|
||||||
* Set of groups
|
* Set of groups
|
||||||
*/
|
*/
|
||||||
public void setUserGroups(Map<String, Set<GroupPrincipal>> userGroups) {
|
public void setUserGroups(Map<String, Set<Principal>> userGroups) {
|
||||||
this.userGroups = userGroups;
|
this.userGroups = userGroups;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -21,7 +21,7 @@ package org.apache.activemq.filter;
|
||||||
*
|
*
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public class DummyPolicyEntry extends DestinationMapEntry {
|
public class DummyPolicyEntry extends DestinationMapEntry<String> {
|
||||||
|
|
||||||
private String description;
|
private String description;
|
||||||
|
|
||||||
|
@ -33,7 +33,7 @@ public class DummyPolicyEntry extends DestinationMapEntry {
|
||||||
this.description = description;
|
this.description = description;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Object getValue() {
|
public Comparable<String> getValue() {
|
||||||
return description;
|
return description;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -22,6 +22,7 @@ import java.util.Set;
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
import junit.framework.TestCase;
|
||||||
import org.apache.activemq.command.ActiveMQQueue;
|
import org.apache.activemq.command.ActiveMQQueue;
|
||||||
|
import org.apache.activemq.filter.DestinationMapEntry;
|
||||||
import org.apache.activemq.jaas.GroupPrincipal;
|
import org.apache.activemq.jaas.GroupPrincipal;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -37,7 +38,7 @@ public class AuthorizationMapTest extends TestCase {
|
||||||
public void testAuthorizationMap() {
|
public void testAuthorizationMap() {
|
||||||
AuthorizationMap map = createAuthorizationMap();
|
AuthorizationMap map = createAuthorizationMap();
|
||||||
|
|
||||||
Set readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR"));
|
Set<?> readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR"));
|
||||||
assertEquals("set size: " + readACLs, 2, readACLs.size());
|
assertEquals("set size: " + readACLs, 2, readACLs.size());
|
||||||
assertTrue("Contains users group", readACLs.contains(ADMINS));
|
assertTrue("Contains users group", readACLs.contains(ADMINS));
|
||||||
assertTrue("Contains users group", readACLs.contains(USERS));
|
assertTrue("Contains users group", readACLs.contains(USERS));
|
||||||
|
@ -47,21 +48,22 @@ public class AuthorizationMapTest extends TestCase {
|
||||||
public void testAuthorizationMapWithTempDest() {
|
public void testAuthorizationMapWithTempDest() {
|
||||||
AuthorizationMap map = createAuthorizationMapWithTempDest();
|
AuthorizationMap map = createAuthorizationMapWithTempDest();
|
||||||
|
|
||||||
Set readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR"));
|
Set<?> readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR"));
|
||||||
assertEquals("set size: " + readACLs, 2, readACLs.size());
|
assertEquals("set size: " + readACLs, 2, readACLs.size());
|
||||||
assertTrue("Contains users group", readACLs.contains(ADMINS));
|
assertTrue("Contains users group", readACLs.contains(ADMINS));
|
||||||
assertTrue("Contains users group", readACLs.contains(USERS));
|
assertTrue("Contains users group", readACLs.contains(USERS));
|
||||||
|
|
||||||
Set tempAdminACLs = map.getTempDestinationAdminACLs();
|
Set<?> tempAdminACLs = map.getTempDestinationAdminACLs();
|
||||||
assertEquals("set size: " + tempAdminACLs, 1, tempAdminACLs.size());
|
assertEquals("set size: " + tempAdminACLs, 1, tempAdminACLs.size());
|
||||||
assertTrue("Contains users group", tempAdminACLs.contains(TEMP_DESTINATION_ADMINS));
|
assertTrue("Contains users group", tempAdminACLs.contains(TEMP_DESTINATION_ADMINS));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@SuppressWarnings("rawtypes")
|
||||||
protected AuthorizationMap createAuthorizationMap() {
|
protected AuthorizationMap createAuthorizationMap() {
|
||||||
DefaultAuthorizationMap answer = new DefaultAuthorizationMap();
|
DefaultAuthorizationMap answer = new DefaultAuthorizationMap();
|
||||||
|
|
||||||
List<AuthorizationEntry> entries = new ArrayList<AuthorizationEntry>();
|
List<DestinationMapEntry> entries = new ArrayList<DestinationMapEntry>();
|
||||||
|
|
||||||
AuthorizationEntry entry = new AuthorizationEntry();
|
AuthorizationEntry entry = new AuthorizationEntry();
|
||||||
entry.setGroupClass("org.apache.activemq.jaas.GroupPrincipal");
|
entry.setGroupClass("org.apache.activemq.jaas.GroupPrincipal");
|
||||||
|
@ -88,10 +90,11 @@ public class AuthorizationMapTest extends TestCase {
|
||||||
return answer;
|
return answer;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@SuppressWarnings("rawtypes")
|
||||||
protected AuthorizationMap createAuthorizationMapWithTempDest() {
|
protected AuthorizationMap createAuthorizationMapWithTempDest() {
|
||||||
DefaultAuthorizationMap answer = new DefaultAuthorizationMap();
|
DefaultAuthorizationMap answer = new DefaultAuthorizationMap();
|
||||||
|
|
||||||
List<AuthorizationEntry> entries = new ArrayList<AuthorizationEntry>();
|
List<DestinationMapEntry> entries = new ArrayList<DestinationMapEntry>();
|
||||||
|
|
||||||
AuthorizationEntry entry = new AuthorizationEntry();
|
AuthorizationEntry entry = new AuthorizationEntry();
|
||||||
entry.setQueue(">");
|
entry.setQueue(">");
|
||||||
|
|
|
@ -17,9 +17,12 @@
|
||||||
package org.apache.activemq.security;
|
package org.apache.activemq.security;
|
||||||
|
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
|
import java.security.Principal;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
|
import java.util.Map;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
import junit.framework.Test;
|
import junit.framework.Test;
|
||||||
import org.apache.activemq.CombinationTestSupport;
|
import org.apache.activemq.CombinationTestSupport;
|
||||||
|
@ -28,7 +31,6 @@ import org.apache.activemq.broker.BrokerPlugin;
|
||||||
import org.apache.activemq.broker.BrokerService;
|
import org.apache.activemq.broker.BrokerService;
|
||||||
import org.apache.activemq.command.ActiveMQQueue;
|
import org.apache.activemq.command.ActiveMQQueue;
|
||||||
import org.apache.activemq.command.ActiveMQTopic;
|
import org.apache.activemq.command.ActiveMQTopic;
|
||||||
import org.apache.activemq.command.MessageSendTest;
|
|
||||||
import org.apache.activemq.filter.DestinationMap;
|
import org.apache.activemq.filter.DestinationMap;
|
||||||
import org.apache.activemq.jaas.GroupPrincipal;
|
import org.apache.activemq.jaas.GroupPrincipal;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
|
@ -113,10 +115,10 @@ public class SimpleSecurityBrokerSystemTest extends SecurityTestSupport {
|
||||||
u.put("user", "password");
|
u.put("user", "password");
|
||||||
u.put("guest", "password");
|
u.put("guest", "password");
|
||||||
|
|
||||||
HashMap<String, HashSet<Object>> groups = new HashMap<String, HashSet<Object>>();
|
Map<String, Set<Principal>> groups = new HashMap<String, Set<Principal>>();
|
||||||
groups.put("system", new HashSet<Object>(Arrays.asList(new Object[] {ADMINS, USERS})));
|
groups.put("system", new HashSet<Principal>(Arrays.asList(new Principal[] {ADMINS, USERS})));
|
||||||
groups.put("user", new HashSet<Object>(Arrays.asList(new Object[] {USERS})));
|
groups.put("user", new HashSet<Principal>(Arrays.asList(new Principal[] {USERS})));
|
||||||
groups.put("guest", new HashSet<Object>(Arrays.asList(new Object[] {GUESTS})));
|
groups.put("guest", new HashSet<Principal>(Arrays.asList(new Principal[] {GUESTS})));
|
||||||
|
|
||||||
return new SimpleAuthenticationBroker(broker, u, groups);
|
return new SimpleAuthenticationBroker(broker, u, groups);
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,6 +17,7 @@
|
||||||
|
|
||||||
package org.apache.activemq.security;
|
package org.apache.activemq.security;
|
||||||
|
|
||||||
|
import java.security.Principal;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
public class StubSecurityContext extends SecurityContext {
|
public class StubSecurityContext extends SecurityContext {
|
||||||
|
@ -24,7 +25,7 @@ public class StubSecurityContext extends SecurityContext {
|
||||||
super("");
|
super("");
|
||||||
}
|
}
|
||||||
|
|
||||||
public Set<?> getPrincipals() {
|
public Set<Principal> getPrincipals() {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue