git-svn-id: https://svn.apache.org/repos/asf/incubator/activemq/trunk@476099 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jonas B. Lim 2006-11-17 10:24:04 +00:00
parent e582e2fd40
commit 9dcd00823b
4 changed files with 213 additions and 1 deletions

View File

@ -0,0 +1,64 @@
/**
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.activemq.security;
/**
* A helper object used to configure simple authentiaction plugin
*
* @org.apache.xbean.XBean
*
* @version $Revision
*/
public class AuthenticationUser {
String username;
String password;
String group;
public AuthenticationUser(String username, String password, String group) {
this.username = username;
this.password = password;
this.group = group;
}
public String getGroup() {
return group;
}
public void setGroup(String group) {
this.group = group;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
}

View File

@ -17,6 +17,16 @@
*/
package org.apache.activemq.security;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import org.apache.activemq.jaas.GroupPrincipal;
import org.apache.activemq.broker.Broker;
import org.apache.activemq.broker.BrokerPlugin;
@ -26,7 +36,7 @@ import java.util.Map;
* A simple authentication plugin
*
* @org.apache.xbean.XBean element="simpleAuthenticationPlugin" description="Provides a simple authentication
* plugin configured with a map of user-passwords and a map of user-groups"
* plugin configured with a map of user-passwords and a map of user-groups or a list of authentication users"
*
* @version $Revision$
*/
@ -34,6 +44,12 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
private Map userPasswords;
private Map userGroups;
public SimpleAuthenticationPlugin() {}
public SimpleAuthenticationPlugin(List users) {
setUsers(users);
}
public Broker installPlugin(Broker broker) {
return new SimpleAuthenticationBroker(broker, userPasswords, userGroups);
}
@ -42,6 +58,27 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
return userGroups;
}
/**
* Sets individual users for authentication
*
* @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthenticationUser"
*/
public void setUsers(List users) {
userPasswords = new HashMap();
userGroups = new HashMap();
for (Iterator it = users.iterator(); it.hasNext();) {
AuthenticationUser user = (AuthenticationUser)it.next();
userPasswords.put(user.getUsername(), user.getPassword());
Set groups = new HashSet();
StringTokenizer iter = new StringTokenizer(user.getGroup(), ",");
while (iter.hasMoreTokens()) {
String name = iter.nextToken().trim();
groups.add(new GroupPrincipal(name));
}
userGroups.put(user.getUsername(), groups);
}
}
/**
* Sets the groups a user is in. The key is the user name and the value is a Set of groups
*/

View File

@ -0,0 +1,52 @@
/**
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.activemq.security;
import java.net.URI;
import junit.framework.Test;
import org.apache.activemq.broker.BrokerFactory;
import org.apache.activemq.broker.BrokerService;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
public class SimpleAuthenticationPluginTest extends SecurityTestSupport {
private static final Log log = LogFactory.getLog(XBeanSecurityTest.class);
public static Test suite() {
return suite(XBeanSecurityTest.class);
}
public static void main(String[] args) {
junit.textui.TestRunner.run(suite());
}
protected BrokerService createBroker() throws Exception {
return createBroker("org/apache/activemq/security/simple-auth-broker.xml");
}
protected BrokerService createBroker(String uri) throws Exception {
log.info("Loading broker configuration from the classpath with URI: " + uri);
return BrokerFactory.createBroker(new URI("xbean:" + uri));
}
}

View File

@ -0,0 +1,59 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- this file can only be parsed using the xbean-spring library -->
<!-- START SNIPPET: example -->
<beans>
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
<broker useJmx="false" persistent="false" xmlns="http://activemq.org/config/1.0" populateJMSXUserID="true">
<plugins>
<simpleAuthenticationPlugin>
<users>
<authenticationUser username="system" password="manager"
group="users,admins"/>
<authenticationUser username="user" password="password"
group="users"/>
<authenticationUser username="guest" password="password" group="guests"/>
</users>
</simpleAuthenticationPlugin>
<!-- lets configure a destination based authorization mechanism -->
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry queue="USERS.>" read="users" write="users" admin="users" />
<authorizationEntry queue="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
<authorizationEntry topic=">" read="admins" write="admins" admin="admins" />
<authorizationEntry topic="USERS.>" read="users" write="users" admin="users" />
<authorizationEntry topic="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
<authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users" write="guests,users" admin="guests,users"/>
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
</broker>
</beans>