https://issues.apache.org/jira/browse/AMQ-3883 - allow arbitrary group principal class to be used by authorization map

git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1459834 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Bosanac Dejan 2013-03-22 15:08:51 +00:00
parent fafd12dfd4
commit 9027d49516
3 changed files with 57 additions and 42 deletions

View File

@ -111,45 +111,8 @@ public class AuthorizationEntry extends DestinationMapEntry {
Set<Object> answer = new HashSet<Object>();
StringTokenizer iter = new StringTokenizer(roles, ",");
while (iter.hasMoreTokens()) {
String name = iter.nextToken().trim();
Object[] param = new Object[]{name};
try {
Class<?> cls = Class.forName(groupClass);
Constructor<?>[] constructors = cls.getConstructors();
int i;
for (i = 0; i < constructors.length; i++) {
Class<?>[] paramTypes = constructors[i].getParameterTypes();
if (paramTypes.length != 0 && paramTypes[0].equals(String.class)) {
break;
}
}
if (i < constructors.length) {
Object instance = constructors[i].newInstance(param);
answer.add(instance);
} else {
Object instance = cls.newInstance();
Method[] methods = cls.getMethods();
i = 0;
for (i = 0; i < methods.length; i++) {
Class<?>[] paramTypes = methods[i].getParameterTypes();
if (paramTypes.length != 0 && methods[i].getName().equals("setName") && paramTypes[0].equals(String.class)) {
break;
}
}
if (i < methods.length) {
methods[i].invoke(instance, param);
answer.add(instance);
} else {
throw new NoSuchMethodException();
}
}
} catch (Exception e) {
throw e;
}
DefaultAuthorizationMap.createGroupPrincipal(name, getGroupClass());
}
return answer;
}

View File

@ -16,6 +16,8 @@
*/
package org.apache.activemq.security;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
@ -40,6 +42,8 @@ public class DefaultAuthorizationMap extends DestinationMap implements Authoriza
private TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry;
private String groupClass = "org.apache.activemq.jaas.GroupPrincipal";
public DefaultAuthorizationMap() {
}
@ -186,4 +190,49 @@ public class DefaultAuthorizationMap extends DestinationMap implements Authoriza
return entries;
}
public String getGroupClass() {
return groupClass;
}
public void setGroupClass(String groupClass) {
this.groupClass = groupClass;
}
public static Object createGroupPrincipal(String name, String groupClass) throws Exception {
Object[] param = new Object[]{name};
Class<?> cls = Class.forName(groupClass);
Constructor<?>[] constructors = cls.getConstructors();
int i;
Object instance;
for (i = 0; i < constructors.length; i++) {
Class<?>[] paramTypes = constructors[i].getParameterTypes();
if (paramTypes.length != 0 && paramTypes[0].equals(String.class)) {
break;
}
}
if (i < constructors.length) {
instance = constructors[i].newInstance(param);
} else {
instance = cls.newInstance();
Method[] methods = cls.getMethods();
i = 0;
for (i = 0; i < methods.length; i++) {
Class<?>[] paramTypes = methods[i].getParameterTypes();
if (paramTypes.length != 0 && methods[i].getName().equals("setName") && paramTypes[0].equals(String.class)) {
break;
}
}
if (i < methods.length) {
methods[i].invoke(instance, param);
} else {
throw new NoSuchMethodException();
}
}
return instance;
}
}

View File

@ -272,10 +272,7 @@ public class SimpleCachedLDAPAuthorizationMap extends DefaultAuthorizationMap {
* {@link DestinationType#TEMP} or if the policy entry DN is malformed
*/
protected AuthorizationEntry getEntry(LdapName dn, DestinationType destinationType) {
AuthorizationEntry entry = null;
switch (destinationType) {
case TEMP:
// handle temp entry
@ -405,7 +402,13 @@ public class SimpleCachedLDAPAuthorizationMap extends DefaultAuthorizationMap {
+ memberDn + " under entry " + result.getNameInNamespace());
} else if (principalName != null){
if (group && !user) {
members.add(new GroupPrincipal(principalName));
try {
members.add(createGroupPrincipal(principalName, getGroupClass()));
} catch (Exception e) {
NamingException ne = new NamingException("Can't create a group " + principalName + " of class " + getGroupClass());
ne.initCause(e);
throw ne;
}
} else if (!group && user) {
members.add(new UserPrincipal(principalName));
}