This commit is contained in:
Dejan Bosanac 2016-01-08 17:05:58 +01:00
parent 43d493e527
commit 5f8a3df5a4
6 changed files with 4 additions and 19 deletions

View File

@ -38,7 +38,6 @@ public abstract class AbstractAuthenticationBroker extends BrokerFilter implemen
next.removeDestination(context, destination, timeout);
for (SecurityContext sc : securityContexts) {
sc.getAuthorizedReadDests().remove(destination);
sc.getAuthorizedWriteDests().remove(destination);
}
}
@ -53,7 +52,6 @@ public abstract class AbstractAuthenticationBroker extends BrokerFilter implemen
public void refresh() {
for (SecurityContext sc : securityContexts) {
sc.getAuthorizedReadDests().clear();
sc.getAuthorizedWriteDests().clear();
}
}

View File

@ -126,6 +126,8 @@ public class AuthorizationBroker extends BrokerFilter implements SecurityAdminMB
throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to remove: " + destination);
}
securityContext.getAuthorizedWriteDests().remove(destination);
super.removeDestination(context, destination, timeout);
}
@ -137,6 +139,8 @@ public class AuthorizationBroker extends BrokerFilter implements SecurityAdminMB
throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to remove: " + info.getDestination());
}
securityContext.getAuthorizedWriteDests().remove(info.getDestination());
super.removeDestinationInfo(context, info);
}
@ -154,7 +158,6 @@ public class AuthorizationBroker extends BrokerFilter implements SecurityAdminMB
if (!securityContext.isBrokerContext() && allowedACLs != null && !securityContext.isInOneOf(allowedACLs) ) {
throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to read from: " + info.getDestination());
}
securityContext.getAuthorizedReadDests().put(info.getDestination(), info.getDestination());
/*
* Need to think about this a little more. We could do per message

View File

@ -56,7 +56,6 @@ public class AuthorizationDestinationFilter extends DestinationFilter {
if (!securityContext.isBrokerContext() && allowedACLs != null && !securityContext.isInOneOf(allowedACLs) ) {
throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to read from: " + destination);
}
securityContext.getAuthorizedReadDests().put(destination, destination);
super.addSubscription(context, sub);
}

View File

@ -47,7 +47,6 @@ public abstract class SecurityContext {
final String userName;
final ConcurrentMap<ActiveMQDestination, ActiveMQDestination> authorizedReadDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>();
final ConcurrentMap<ActiveMQDestination, ActiveMQDestination> authorizedWriteDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>();
public SecurityContext(String userName) {
@ -74,10 +73,6 @@ public abstract class SecurityContext {
return userName;
}
public ConcurrentMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedReadDests() {
return authorizedReadDests;
}
public ConcurrentMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedWriteDests() {
return authorizedWriteDests;
}

View File

@ -72,11 +72,6 @@ public class SubjectSecurityContext extends SecurityContext {
throw notAllowed("isInOneOf");
}
@Override
public ConcurrentMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedReadDests() {
throw notAllowed("getAuthorizedReadDests");
}
@Override
public ConcurrentMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedWriteDests() {
throw notAllowed("getAuthorizedWriteDests");

View File

@ -41,11 +41,6 @@ public class SubjectSecurityContextTest {
ctx.isInOneOf(null);
}
@Test(expected=UnsupportedOperationException.class)
public void testGetAuthorizedReadDests() {
ctx.getAuthorizedReadDests();
}
@Test(expected=UnsupportedOperationException.class)
public void testGetAuthorizedWriteDests() {
ctx.getAuthorizedWriteDests();