Apache
/
activemq
mirror of https://github.com/apache/activemq.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

https://issues.apache.org/jira/browse/AMQ-3883 - allow arbitrary group principal class to be used by authorization map 

git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1459834 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Bosanac Dejan 2013-03-22 15:08:51 +00:00
parent fafd12dfd4
commit 9027d49516
3 changed files with 57 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationEntry.java
View File

@ -111,45 +111,8 @@ public class AuthorizationEntry extends DestinationMapEntry {
Set<Object> answer = new HashSet<Object>(); Set<Object> answer = new HashSet<Object>();
StringTokenizer iter = new StringTokenizer(roles, ","); StringTokenizer iter = new StringTokenizer(roles, ",");
while (iter.hasMoreTokens()) { while (iter.hasMoreTokens()) {
String name = iter.nextToken().trim(); String name = iter.nextToken().trim();
Object[] param = new Object[]{name}; DefaultAuthorizationMap.createGroupPrincipal(name, getGroupClass());
try {
Class<?> cls = Class.forName(groupClass);
Constructor<?>[] constructors = cls.getConstructors();
int i;
for (i = 0; i < constructors.length; i++) {
Class<?>[] paramTypes = constructors[i].getParameterTypes();
if (paramTypes.length != 0 && paramTypes[0].equals(String.class)) {
break;
}
}
if (i < constructors.length) {
Object instance = constructors[i].newInstance(param);
answer.add(instance);
} else {
Object instance = cls.newInstance();
Method[] methods = cls.getMethods();
i = 0;
for (i = 0; i < methods.length; i++) {
Class<?>[] paramTypes = methods[i].getParameterTypes();
if (paramTypes.length != 0 && methods[i].getName().equals("setName") && paramTypes[0].equals(String.class)) {
break;
}
}
if (i < methods.length) {
methods[i].invoke(instance, param);
answer.add(instance);
} else {
throw new NoSuchMethodException();
}
}
} catch (Exception e) {
throw e;
}
} }
return answer; return answer;
} }

49
activemq-broker/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java
View File

@ -16,6 +16,8 @@
*/ */
package org.apache.activemq.security; package org.apache.activemq.security;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.util.HashSet; import java.util.HashSet;
import java.util.Iterator; import java.util.Iterator;
import java.util.List; import java.util.List;
@ -40,6 +42,8 @@ public class DefaultAuthorizationMap extends DestinationMap implements Authoriza
private TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry; private TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry;
private String groupClass = "org.apache.activemq.jaas.GroupPrincipal";
public DefaultAuthorizationMap() { public DefaultAuthorizationMap() {
} }
@ -186,4 +190,49 @@ public class DefaultAuthorizationMap extends DestinationMap implements Authoriza
return entries; return entries;
} }
public String getGroupClass() {
return groupClass;
}
public void setGroupClass(String groupClass) {
this.groupClass = groupClass;
}
public static Object createGroupPrincipal(String name, String groupClass) throws Exception {
Object[] param = new Object[]{name};
Class<?> cls = Class.forName(groupClass);
Constructor<?>[] constructors = cls.getConstructors();
int i;
Object instance;
for (i = 0; i < constructors.length; i++) {
Class<?>[] paramTypes = constructors[i].getParameterTypes();
if (paramTypes.length != 0 && paramTypes[0].equals(String.class)) {
break;
}
}
if (i < constructors.length) {
instance = constructors[i].newInstance(param);
} else {
instance = cls.newInstance();
Method[] methods = cls.getMethods();
i = 0;
for (i = 0; i < methods.length; i++) {
Class<?>[] paramTypes = methods[i].getParameterTypes();
if (paramTypes.length != 0 && methods[i].getName().equals("setName") && paramTypes[0].equals(String.class)) {
break;
}
}
if (i < methods.length) {
methods[i].invoke(instance, param);
} else {
throw new NoSuchMethodException();
}
}
return instance;
}
} }

11
activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
View File

@ -272,10 +272,7 @@ public class SimpleCachedLDAPAuthorizationMap extends DefaultAuthorizationMap {
* {@link DestinationType#TEMP} or if the policy entry DN is malformed * {@link DestinationType#TEMP} or if the policy entry DN is malformed
*/ */
protected AuthorizationEntry getEntry(LdapName dn, DestinationType destinationType) { protected AuthorizationEntry getEntry(LdapName dn, DestinationType destinationType) {
AuthorizationEntry entry = null; AuthorizationEntry entry = null;
switch (destinationType) { switch (destinationType) {
case TEMP: case TEMP:
// handle temp entry // handle temp entry
@ -405,7 +402,13 @@ public class SimpleCachedLDAPAuthorizationMap extends DefaultAuthorizationMap {
+ memberDn + " under entry " + result.getNameInNamespace()); + memberDn + " under entry " + result.getNameInNamespace());
} else if (principalName != null){ } else if (principalName != null){
if (group && !user) { if (group && !user) {
members.add(new GroupPrincipal(principalName)); try {
members.add(createGroupPrincipal(principalName, getGroupClass()));
} catch (Exception e) {
NamingException ne = new NamingException("Can't create a group " + principalName + " of class " + getGroupClass());
ne.initCause(e);
throw ne;
}
} else if (!group && user) { } else if (!group && user) {
members.add(new UserPrincipal(principalName)); members.add(new UserPrincipal(principalName));
} }