mirror of https://github.com/apache/activemq.git
applied patch for http://issues.apache.org/activemq/browse/AMQ-1010
git-svn-id: https://svn.apache.org/repos/asf/incubator/activemq/trunk@476099 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
e582e2fd40
commit
9dcd00823b
|
@ -0,0 +1,64 @@
|
|||
/**
|
||||
*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
* contributor license agreements. See the NOTICE file distributed with
|
||||
* this work for additional information regarding copyright ownership.
|
||||
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
* (the "License"); you may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.apache.activemq.security;
|
||||
|
||||
|
||||
/**
|
||||
* A helper object used to configure simple authentiaction plugin
|
||||
*
|
||||
* @org.apache.xbean.XBean
|
||||
*
|
||||
* @version $Revision
|
||||
*/
|
||||
public class AuthenticationUser {
|
||||
|
||||
String username;
|
||||
String password;
|
||||
String group;
|
||||
|
||||
|
||||
|
||||
public AuthenticationUser(String username, String password, String group) {
|
||||
this.username = username;
|
||||
this.password = password;
|
||||
this.group = group;
|
||||
}
|
||||
|
||||
|
||||
public String getGroup() {
|
||||
return group;
|
||||
}
|
||||
public void setGroup(String group) {
|
||||
this.group = group;
|
||||
}
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
public String getUsername() {
|
||||
return username;
|
||||
}
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
|
@ -17,6 +17,16 @@
|
|||
*/
|
||||
package org.apache.activemq.security;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.StringTokenizer;
|
||||
|
||||
import org.apache.activemq.jaas.GroupPrincipal;
|
||||
|
||||
import org.apache.activemq.broker.Broker;
|
||||
import org.apache.activemq.broker.BrokerPlugin;
|
||||
|
||||
|
@ -26,7 +36,7 @@ import java.util.Map;
|
|||
* A simple authentication plugin
|
||||
*
|
||||
* @org.apache.xbean.XBean element="simpleAuthenticationPlugin" description="Provides a simple authentication
|
||||
* plugin configured with a map of user-passwords and a map of user-groups"
|
||||
* plugin configured with a map of user-passwords and a map of user-groups or a list of authentication users"
|
||||
*
|
||||
* @version $Revision$
|
||||
*/
|
||||
|
@ -34,6 +44,12 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
|
|||
private Map userPasswords;
|
||||
private Map userGroups;
|
||||
|
||||
public SimpleAuthenticationPlugin() {}
|
||||
|
||||
public SimpleAuthenticationPlugin(List users) {
|
||||
setUsers(users);
|
||||
}
|
||||
|
||||
public Broker installPlugin(Broker broker) {
|
||||
return new SimpleAuthenticationBroker(broker, userPasswords, userGroups);
|
||||
}
|
||||
|
@ -42,6 +58,27 @@ public class SimpleAuthenticationPlugin implements BrokerPlugin {
|
|||
return userGroups;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets individual users for authentication
|
||||
*
|
||||
* @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthenticationUser"
|
||||
*/
|
||||
public void setUsers(List users) {
|
||||
userPasswords = new HashMap();
|
||||
userGroups = new HashMap();
|
||||
for (Iterator it = users.iterator(); it.hasNext();) {
|
||||
AuthenticationUser user = (AuthenticationUser)it.next();
|
||||
userPasswords.put(user.getUsername(), user.getPassword());
|
||||
Set groups = new HashSet();
|
||||
StringTokenizer iter = new StringTokenizer(user.getGroup(), ",");
|
||||
while (iter.hasMoreTokens()) {
|
||||
String name = iter.nextToken().trim();
|
||||
groups.add(new GroupPrincipal(name));
|
||||
}
|
||||
userGroups.put(user.getUsername(), groups);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the groups a user is in. The key is the user name and the value is a Set of groups
|
||||
*/
|
||||
|
|
|
@ -0,0 +1,52 @@
|
|||
/**
|
||||
*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
* contributor license agreements. See the NOTICE file distributed with
|
||||
* this work for additional information regarding copyright ownership.
|
||||
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
* (the "License"); you may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.apache.activemq.security;
|
||||
|
||||
import java.net.URI;
|
||||
|
||||
import junit.framework.Test;
|
||||
|
||||
import org.apache.activemq.broker.BrokerFactory;
|
||||
import org.apache.activemq.broker.BrokerService;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
public class SimpleAuthenticationPluginTest extends SecurityTestSupport {
|
||||
|
||||
private static final Log log = LogFactory.getLog(XBeanSecurityTest.class);
|
||||
|
||||
public static Test suite() {
|
||||
return suite(XBeanSecurityTest.class);
|
||||
}
|
||||
|
||||
public static void main(String[] args) {
|
||||
junit.textui.TestRunner.run(suite());
|
||||
}
|
||||
|
||||
|
||||
protected BrokerService createBroker() throws Exception {
|
||||
return createBroker("org/apache/activemq/security/simple-auth-broker.xml");
|
||||
}
|
||||
|
||||
protected BrokerService createBroker(String uri) throws Exception {
|
||||
log.info("Loading broker configuration from the classpath with URI: " + uri);
|
||||
return BrokerFactory.createBroker(new URI("xbean:" + uri));
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -0,0 +1,59 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
|
||||
<!-- this file can only be parsed using the xbean-spring library -->
|
||||
<!-- START SNIPPET: example -->
|
||||
<beans>
|
||||
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
|
||||
|
||||
<broker useJmx="false" persistent="false" xmlns="http://activemq.org/config/1.0" populateJMSXUserID="true">
|
||||
|
||||
<plugins>
|
||||
<simpleAuthenticationPlugin>
|
||||
<users>
|
||||
<authenticationUser username="system" password="manager"
|
||||
group="users,admins"/>
|
||||
<authenticationUser username="user" password="password"
|
||||
group="users"/>
|
||||
<authenticationUser username="guest" password="password" group="guests"/>
|
||||
</users>
|
||||
</simpleAuthenticationPlugin>
|
||||
|
||||
|
||||
<!-- lets configure a destination based authorization mechanism -->
|
||||
<authorizationPlugin>
|
||||
<map>
|
||||
<authorizationMap>
|
||||
<authorizationEntries>
|
||||
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
|
||||
<authorizationEntry queue="USERS.>" read="users" write="users" admin="users" />
|
||||
<authorizationEntry queue="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
|
||||
|
||||
<authorizationEntry topic=">" read="admins" write="admins" admin="admins" />
|
||||
<authorizationEntry topic="USERS.>" read="users" write="users" admin="users" />
|
||||
<authorizationEntry topic="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
|
||||
|
||||
<authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users" write="guests,users" admin="guests,users"/>
|
||||
</authorizationEntries>
|
||||
</authorizationMap>
|
||||
</map>
|
||||
</authorizationPlugin>
|
||||
</plugins>
|
||||
</broker>
|
||||
|
||||
</beans>
|
Loading…
Reference in New Issue