activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jstrac...@apache.org
Subject svn commit: r377991 - in /incubator/activemq/trunk/activemq-core/src: main/java/org/apache/activemq/broker/ main/java/org/apache/activemq/security/ test/java/org/apache/activemq/security/ test/resources/ test/resources/org/apache/activemq/security/
Date Wed, 15 Feb 2006 11:48:21 GMT
Author: jstrachan
Date: Wed Feb 15 03:48:17 2006
New Revision: 377991

URL: http://svn.apache.org/viewcvs?rev=377991&view=rev
Log:
added a BrokerPlugin mechanism to allow users to customize the Broker interceptor stack

Added:
    incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerPlugin.java
  (with props)
    incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassAuthenticationPlugin.java
  (with props)
    incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java
  (with props)
    incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthorizationPlugin.java
  (with props)
    incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
  (with props)
    incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml
  (with props)
Modified:
    incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerService.java
    incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java
    incubator/activemq/trunk/activemq-core/src/test/resources/login.config

Added: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerPlugin.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerPlugin.java?rev=377991&view=auto
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerPlugin.java
(added)
+++ incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerPlugin.java
Wed Feb 15 03:48:17 2006
@@ -0,0 +1,32 @@
+/**
+ *
+ * Copyright 2005-2006 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.broker;
+
+/**
+ * Represents a plugin into a Broker
+ * 
+ * @version $Revision$
+ */
+public interface BrokerPlugin {
+
+    /**
+     * Installs the plugin into the interceptor chain of the broker, returning the new
+     * intercepted broker to use.
+     */
+    public Broker installPlugin(Broker broker);
+    
+}

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerPlugin.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerPlugin.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerPlugin.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerService.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerService.java?rev=377991&r1=377990&r2=377991&view=diff
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerService.java
(original)
+++ incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/BrokerService.java
Wed Feb 15 03:48:17 2006
@@ -112,6 +112,7 @@
     private URI vmConnectorURI;
     private PolicyMap destinationPolicy;
     private AtomicBoolean started = new AtomicBoolean(false);
+    private BrokerPlugin[] plugins;
 
     /**
      * Adds a new transport connector for the given bind address
@@ -677,6 +678,17 @@
         this.destinationPolicy = policyMap;
     }
 
+    public BrokerPlugin[] getPlugins() {
+        return plugins;
+    }
+
+    /**
+     * Sets a number of broker plugins to install such as for security authentication or
authorization
+     */
+    public void setPlugins(BrokerPlugin[] plugins) {
+        this.plugins = plugins;
+    }
+
     // Implementation methods
     // -------------------------------------------------------------------------
     /**
@@ -875,6 +887,12 @@
         broker = new CompositeDestinationBroker(broker);
         if (isPopulateJMSXUserID()) {
             broker = new UserIDBroker(broker);
+        }
+        if (plugins != null) {
+            for (int i = 0; i < plugins.length; i++) {
+                BrokerPlugin plugin = plugins[i];
+                broker = plugin.installPlugin(broker);
+            }
         }
         return broker;
     }

Added: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassAuthenticationPlugin.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassAuthenticationPlugin.java?rev=377991&view=auto
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassAuthenticationPlugin.java
(added)
+++ incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassAuthenticationPlugin.java
Wed Feb 15 03:48:17 2006
@@ -0,0 +1,87 @@
+/**
+ *
+ * Copyright 2005-2006 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.security;
+
+import org.apache.activemq.broker.Broker;
+import org.apache.activemq.broker.BrokerPlugin;
+
+import java.net.URL;
+
+/**
+ * Adds a JAAS based authentication security plugin
+ * 
+ * @org.apache.xbean.XBean description="Provides a JAAS based authentication plugin"
+ * 
+ * @version $Revision$
+ */
+public class JassAuthenticationPlugin implements BrokerPlugin {
+
+    private String configuration = "activemq-domain";
+    private boolean discoverLoginConfig = true;
+
+    public Broker installPlugin(Broker broker) {
+        initialiseJaas();
+        return new JaasAuthenticationBroker(broker, configuration);
+    }
+
+
+    // Properties
+    // -------------------------------------------------------------------------
+    public String getConfiguration() {
+        return configuration;
+    }
+
+    /**
+     * Sets the JAAS configuration domain name used
+     */
+    public void setConfiguration(String jaasConfiguration) {
+        this.configuration = jaasConfiguration;
+    }
+
+
+    public boolean isDiscoverLoginConfig() {
+        return discoverLoginConfig;
+    }
+
+    /**
+     * Enables or disables the auto-discovery of the login.config file for JAAS to initialize
itself. 
+     * This flag is enabled by default such that if the <b>java.security.auth.login.config</b>
system property
+     * is not defined then it is set to the location of the <b>login.config</b>
file on the classpath.
+     */
+    public void setDiscoverLoginConfig(boolean discoverLoginConfig) {
+        this.discoverLoginConfig = discoverLoginConfig;
+    }
+
+    // Implementation methods
+    // -------------------------------------------------------------------------
+    protected void initialiseJaas() {
+        if (discoverLoginConfig) {
+            String path = System.getProperty("java.security.auth.login.config");
+            if (path == null) {
+                //URL resource = Thread.currentThread().getContextClassLoader().getResource("login.config");
+                URL resource = null;
+                if (resource == null) {
+                    resource = getClass().getClassLoader().getResource("login.config");
+                }
+                if (resource != null) {
+                    path = resource.getFile();
+                    System.setProperty("java.security.auth.login.config", path);
+                }
+            }
+        }
+    }
+}

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassAuthenticationPlugin.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassAuthenticationPlugin.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassAuthenticationPlugin.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java?rev=377991&view=auto
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java
(added)
+++ incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java
Wed Feb 15 03:48:17 2006
@@ -0,0 +1,62 @@
+/**
+ *
+ * Copyright 2005-2006 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.security;
+
+import org.apache.activemq.broker.Broker;
+import org.apache.activemq.broker.BrokerPlugin;
+
+import java.util.Map;
+
+/**
+ * A simple authentication plugin
+ *  
+ * @org.apache.xbean.XBean element="simpleAuthenticationPlugin" description="Provides a simple
authentication
+ * plugin configured with a map of user-passwords and a map of user-groups"
+ * 
+ * @version $Revision$
+ */
+public class SimpleAuthenticationPlugin implements BrokerPlugin {
+    private Map userPasswords;
+    private Map userGroups;
+
+    public Broker installPlugin(Broker broker) {
+        return new SimpleAuthenticationBroker(broker, userPasswords, userGroups);
+    }
+
+    public Map getUserGroups() {
+        return userGroups;
+    }
+
+    /**
+     * Sets the groups a user is in. The key is the user name and the value is a Set of groups
+     */
+    public void setUserGroups(Map userGroups) {
+        this.userGroups = userGroups;
+    }
+
+    public Map getUserPasswords() {
+        return userPasswords;
+    }
+
+    /**
+     * Sets the map indexed by user name with the value the password
+     */
+    public void setUserPasswords(Map userPasswords) {
+        this.userPasswords = userPasswords;
+    }
+
+}

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthenticationPlugin.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthorizationPlugin.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthorizationPlugin.java?rev=377991&view=auto
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthorizationPlugin.java
(added)
+++ incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthorizationPlugin.java
Wed Feb 15 03:48:17 2006
@@ -0,0 +1,65 @@
+/**
+ *
+ * Copyright 2005-2006 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.security;
+
+import org.apache.activemq.broker.Broker;
+import org.apache.activemq.broker.BrokerPlugin;
+import org.apache.activemq.filter.DestinationMap;
+
+/**
+ * A simple authorization plugin
+ * 
+ * @org.apache.xbean.XBean element="simpleAuthorizationPlugin" description="Provides a simple
authorization
+ * plugin where each ACL is a destination map of destinations to role names"
+ *
+ * @version $Revision$
+ */
+public class SimpleAuthorizationPlugin implements BrokerPlugin {
+
+    private DestinationMap writeACLs;
+    private DestinationMap readACLs;
+    private DestinationMap adminACLs;
+
+    public Broker installPlugin(Broker broker) {
+        return new SimpleAuthorizationBroker(broker, writeACLs, readACLs, adminACLs);
+    }
+
+    public DestinationMap getAdminACLs() {
+        return adminACLs;
+    }
+
+    public void setAdminACLs(DestinationMap adminACLs) {
+        this.adminACLs = adminACLs;
+    }
+
+    public DestinationMap getReadACLs() {
+        return readACLs;
+    }
+
+    public void setReadACLs(DestinationMap readACLs) {
+        this.readACLs = readACLs;
+    }
+
+    public DestinationMap getWriteACLs() {
+        return writeACLs;
+    }
+
+    public void setWriteACLs(DestinationMap writeACLs) {
+        this.writeACLs = writeACLs;
+    }
+
+}

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthorizationPlugin.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthorizationPlugin.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/SimpleAuthorizationPlugin.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java?rev=377991&view=auto
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
(added)
+++ incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
Wed Feb 15 03:48:17 2006
@@ -0,0 +1,168 @@
+/**
+ *
+ * Copyright 2005-2006 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.security;
+
+import org.apache.activemq.JmsTestSupport;
+import org.apache.activemq.command.ActiveMQDestination;
+
+import javax.jms.Connection;
+import javax.jms.JMSException;
+import javax.jms.Message;
+import javax.jms.MessageConsumer;
+import javax.jms.Session;
+import javax.jms.TextMessage;
+
+/**
+ * 
+ * @version $Revision$
+ */
+public class SecurityTestSupport extends JmsTestSupport {
+
+    public ActiveMQDestination destination;
+
+    public void testUserReceiveFails() throws JMSException {
+        doReceive(true);
+    }
+
+    public void testInvalidAuthentication() throws JMSException {
+        try {
+            // No user id
+            Connection c = factory.createConnection();
+            connections.add(c);
+            c.start();
+            fail("Expected exception.");
+        }
+        catch (JMSException e) {
+        }
+
+        try {
+            // Bad password
+            Connection c = factory.createConnection("user", "krap");
+            connections.add(c);
+            c.start();
+            fail("Expected exception.");
+        }
+        catch (JMSException e) {
+        }
+
+        try {
+            // Bad userid
+            Connection c = factory.createConnection("userkrap", null);
+            connections.add(c);
+            c.start();
+            fail("Expected exception.");
+        }
+        catch (JMSException e) {
+        }
+    }
+
+    public void testUserReceiveSucceeds() throws JMSException {
+        doReceive(false);
+    }
+
+    public void testGuestReceiveSucceeds() throws JMSException {
+        doReceive(false);
+    }
+
+    public void testGuestReceiveFails() throws JMSException {
+        doReceive(true);
+    }
+
+    public void testUserSendSucceeds() throws JMSException {
+        doSend(false);
+    }
+
+    public void testUserSendFails() throws JMSException {
+        doSend(true);
+    }
+
+    public void testGuestSendFails() throws JMSException {
+        doSend(true);
+    }
+
+    public void testGuestSendSucceeds() throws JMSException {
+        doSend(false);
+    }
+
+    /**
+     * @throws JMSException
+     */
+    public void doSend(boolean fail) throws JMSException {
+
+        Connection adminConnection = factory.createConnection("system", "manager");
+        connections.add(adminConnection);
+
+        adminConnection.start();
+        Session adminSession = adminConnection.createSession(false, Session.AUTO_ACKNOWLEDGE);
+        MessageConsumer consumer = adminSession.createConsumer(destination);
+
+        Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
+        try {
+            sendMessages(session, destination, 1);
+        }
+        catch (JMSException e) {
+            // If test is expected to fail, the cause must only be a
+            // SecurityException
+            // otherwise rethrow the exception
+            if (!fail || !(e.getCause() instanceof SecurityException)) {
+                throw e;
+            }
+        }
+
+        Message m = consumer.receive(1000);
+        if (fail)
+            assertNull(m);
+        else {
+            assertNotNull(m);
+            assertEquals("0", ((TextMessage) m).getText());
+            assertNull(consumer.receiveNoWait());
+        }
+
+    }
+
+    /**
+     * @throws JMSException
+     */
+    public void doReceive(boolean fail) throws JMSException {
+
+        connection.start();
+        Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
+        MessageConsumer consumer = null;
+        try {
+            consumer = session.createConsumer(destination);
+            if (fail)
+                fail("Expected failure due to security constraint.");
+        }
+        catch (JMSException e) {
+            if (fail && e.getCause() instanceof SecurityException)
+                return;
+            throw e;
+        }
+
+        Connection adminConnection = factory.createConnection("system", "manager");
+        connections.add(adminConnection);
+        Session adminSession = adminConnection.createSession(false, Session.AUTO_ACKNOWLEDGE);
+        sendMessages(adminSession, destination, 1);
+
+        Message m = consumer.receive(1000);
+        assertNotNull(m);
+        assertEquals("0", ((TextMessage) m).getText());
+        assertNull(consumer.receiveNoWait());
+
+    }
+
+}

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java?rev=377991&r1=377990&r2=377991&view=diff
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java
(original)
+++ incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java
Wed Feb 15 03:48:17 2006
@@ -16,32 +16,20 @@
  */
 package org.apache.activemq.security;
 
-import java.io.IOException;
-import java.net.URL;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.HashSet;
-
-import javax.jms.Connection;
-import javax.jms.JMSException;
-import javax.jms.Message;
-import javax.jms.MessageConsumer;
-import javax.jms.Session;
-import javax.jms.TextMessage;
-
-import junit.framework.Test;
-
-import org.apache.activemq.JmsTestSupport;
 import org.apache.activemq.broker.Broker;
+import org.apache.activemq.broker.BrokerPlugin;
 import org.apache.activemq.broker.BrokerService;
-import org.apache.activemq.command.ActiveMQDestination;
 import org.apache.activemq.command.ActiveMQQueue;
 import org.apache.activemq.command.ActiveMQTopic;
 import org.apache.activemq.filter.DestinationMap;
 import org.apache.activemq.jaas.GroupPrincipal;
-import org.apache.activemq.security.JaasAuthenticationBroker;
-import org.apache.activemq.security.SimpleAuthenticationBroker;
-import org.apache.activemq.security.SimpleAuthorizationBroker;
+
+import java.net.URL;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.HashSet;
+
+import junit.framework.Test;
 
 /**
  * Tests that the broker allows/fails access to destinations based on the
@@ -49,22 +37,18 @@
  *
  * @version $Revision$
  */
-public class SimpleSecurityBrokerSystemTest extends JmsTestSupport {
+public class SimpleSecurityBrokerSystemTest extends SecurityTestSupport {
 
     static final GroupPrincipal guests = new GroupPrincipal("guests");
     static final GroupPrincipal users = new GroupPrincipal("users");
     static final GroupPrincipal admins = new GroupPrincipal("admins");
 
-    public ActiveMQDestination destination;
-    public SecurityFactory authorizationFactory;
-    public SecurityFactory authenticationFactory;
+    public BrokerPlugin authorizationPlugin;
+    public BrokerPlugin authenticationPlugin;
 
-    interface SecurityFactory {
-        public  Broker create(Broker broker);
-    }
 
-    class SimpleAuthorizationFactory implements SecurityFactory {
-        public  Broker create(Broker broker) {
+    class SimpleAuthorizationFactory implements BrokerPlugin {
+        public  Broker installPlugin(Broker broker) {
 
             DestinationMap readAccess = new DestinationMap();
             readAccess.put(new ActiveMQQueue(">"), admins);
@@ -104,8 +88,8 @@
         }
     }
 
-    class SimpleAuthenticationFactory implements SecurityFactory {
-        public  Broker create(Broker broker) {
+    class SimpleAuthenticationFactory implements BrokerPlugin {
+        public  Broker installPlugin(Broker broker) {
 
             HashMap u = new HashMap();
             u.put("system", "manager");
@@ -136,15 +120,6 @@
         System.out.println("Path to login config: "+path);
     }
 
-    class JaasAuthenticationFactory implements SecurityFactory {
-        public  Broker create(Broker broker) {
-            return new JaasAuthenticationBroker(broker, "activemq-test-domain");
-        }
-        public String toString() {
-            return "JassAuthenticationBroker";
-        }
-    }
-
     public static Test suite() {
         return suite(SimpleSecurityBrokerSystemTest.class);
     }
@@ -154,24 +129,18 @@
     }
 
     public void initCombos() {
-        addCombinationValues("authorizationFactory", new Object[] {
+        addCombinationValues("authorizationPlugin", new Object[] {
                 new SimpleAuthorizationFactory(),
         });
-        addCombinationValues("authenticationFactory", new Object[] {
+        addCombinationValues("authenticationPlugin", new Object[] {
                 new SimpleAuthenticationFactory(),
-                new JaasAuthenticationFactory(),
+                new JassAuthenticationPlugin(),
         });
     }
 
     protected BrokerService createBroker() throws Exception {
-        BrokerService broker = new BrokerService() {
-            protected Broker addInterceptors(Broker broker) throws IOException {
-                broker = super.addInterceptors(broker);
-                broker = authorizationFactory.create(broker);
-                broker = authenticationFactory.create(broker);
-                return broker;
-            }
-        };
+        BrokerService broker = new BrokerService();
+        broker.setPlugins(new BrokerPlugin[] {authorizationPlugin, authenticationPlugin});
         broker.setPersistent(false);
         return broker;
     }
@@ -186,44 +155,10 @@
                 new ActiveMQTopic("GUEST.BAR"),
         });
     }
-    public void testUserReceiveFails() throws JMSException {
-        doReceive(true);
-    }
-
-
     public void initCombosForTestInvalidAuthentication() {
         addCombinationValues("userName", new Object[] {"user"});
         addCombinationValues("password", new Object[] {"password"});
     }
-    public void testInvalidAuthentication() throws JMSException {
-        try {
-            // No user id
-            Connection c= factory.createConnection();
-            connections.add(c);
-            c.start();
-            fail("Expected exception.");
-        } catch (JMSException e) {
-        }
-
-        try {
-            // Bad password
-            Connection c = factory.createConnection("user", "krap");
-            connections.add(c);
-            c.start();
-            fail("Expected exception.");
-        } catch (JMSException e) {
-        }
-
-        try {
-            // Bad userid
-            Connection c = factory.createConnection("userkrap", null);
-            connections.add(c);
-            c.start();
-            fail("Expected exception.");
-        } catch (JMSException e) {
-        }
-    }
-
     public void initCombosForTestUserReceiveSucceeds() {
         addCombinationValues("userName", new Object[] {"user"});
         addCombinationValues("password", new Object[] {"password"});
@@ -232,11 +167,6 @@
                 new ActiveMQTopic("USERS.FOO"),
         });
     }
-    public void testUserReceiveSucceeds() throws JMSException {
-        doReceive(false);
-    }
-
-
     public void initCombosForTestGuestReceiveSucceeds() {
         addCombinationValues("userName", new Object[] {"guest"});
         addCombinationValues("password", new Object[] {"password"});
@@ -245,10 +175,6 @@
                 new ActiveMQTopic("GUEST.BAR"),
         });
     }
-    public void testGuestReceiveSucceeds() throws JMSException {
-        doReceive(false);
-    }
-
     public void initCombosForTestGuestReceiveFails() {
         addCombinationValues("userName", new Object[] {"guest"});
         addCombinationValues("password", new Object[] {"password"});
@@ -259,11 +185,6 @@
                 new ActiveMQTopic("USERS.FOO"),
         });
     }
-    public void testGuestReceiveFails() throws JMSException {
-        doReceive(true);
-    }
-
-
     public void initCombosForTestUserSendSucceeds() {
         addCombinationValues("userName", new Object[] {"user"});
         addCombinationValues("password", new Object[] {"password"});
@@ -274,10 +195,6 @@
                 new ActiveMQTopic("GUEST.BAR"),
         });
     }
-    public void testUserSendSucceeds() throws JMSException {
-        doSend(false);
-    }
-
     public void initCombosForTestUserSendFails() {
         addCombinationValues("userName", new Object[] {"user"});
         addCombinationValues("password", new Object[] {"password"});
@@ -286,11 +203,6 @@
                 new ActiveMQTopic("TEST"),
         });
     }
-    public void testUserSendFails() throws JMSException {
-        doSend(true);
-    }
-
-
     public void initCombosForTestGuestSendFails() {
         addCombinationValues("userName", new Object[] {"guest"});
         addCombinationValues("password", new Object[] {"password"});
@@ -301,10 +213,6 @@
                 new ActiveMQTopic("USERS.FOO"),
         });
     }
-    public void testGuestSendFails() throws JMSException {
-        doSend(true);
-    }
-
     public void initCombosForTestGuestSendSucceeds() {
         addCombinationValues("userName", new Object[] {"guest"});
         addCombinationValues("password", new Object[] {"password"});
@@ -312,72 +220,5 @@
                 new ActiveMQQueue("GUEST.BAR"),
                 new ActiveMQTopic("GUEST.BAR"),
         });
-    }
-    public void testGuestSendSucceeds() throws JMSException {
-        doSend(false);
-    }
-
-    /**
-     * @throws JMSException
-     */
-    public void doSend(boolean fail) throws JMSException {
-
-        Connection adminConnection = factory.createConnection("system", "manager");
-        connections.add(adminConnection);
-
-        adminConnection.start();
-        Session adminSession = adminConnection.createSession(false, Session.AUTO_ACKNOWLEDGE);
-        MessageConsumer consumer = adminSession.createConsumer(destination);
-
-        Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
-        try {
-            sendMessages(session, destination, 1);
-        } catch (JMSException e) {
-            // If test is expected to fail, the cause must only be a SecurityException
-            // otherwise rethrow the exception
-            if (!fail || !(e.getCause() instanceof SecurityException)) {
-            	throw e;
-            }
-        }
-
-        Message m = consumer.receive(1000);
-        if(fail)
-            assertNull(m);
-        else {
-            assertNotNull(m);
-            assertEquals("0", ((TextMessage)m).getText());
-            assertNull(consumer.receiveNoWait());
-        }
-
-    }
-
-    /**
-     * @throws JMSException
-     */
-    public void doReceive(boolean fail) throws JMSException {
-
-        connection.start();
-        Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
-        MessageConsumer consumer=null;
-        try {
-            consumer = session.createConsumer(destination);
-            if( fail )
-                fail("Expected failure due to security constraint.");
-        } catch (JMSException e) {
-            if (fail && e.getCause() instanceof SecurityException)
-                return;
-            throw e;
-        }
-
-        Connection adminConnection = factory.createConnection("system", "manager");
-        connections.add(adminConnection);
-        Session adminSession = adminConnection.createSession(false, Session.AUTO_ACKNOWLEDGE);
-        sendMessages(adminSession, destination, 1);
-
-        Message m = consumer.receive(1000);
-        assertNotNull(m);
-        assertEquals("0", ((TextMessage)m).getText());
-        assertNull(consumer.receiveNoWait());
-
     }
 }

Modified: incubator/activemq/trunk/activemq-core/src/test/resources/login.config
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/test/resources/login.config?rev=377991&r1=377990&r2=377991&view=diff
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/test/resources/login.config (original)
+++ incubator/activemq/trunk/activemq-core/src/test/resources/login.config Wed Feb 15 03:48:17
2006
@@ -1,4 +1,4 @@
-activemq-test-domain {
+activemq-domain {
     org.apache.activemq.jaas.PropertiesLoginModule required
         debug=true
         org.apache.activemq.jaas.properties.user="org/apache/activemq/security/users.properties"

Added: incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml?rev=377991&view=auto
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml
(added)
+++ incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml
Wed Feb 15 03:48:17 2006
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2005-2006 The Apache Software Foundation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+    http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+-->
+
+<!-- this file can only be parsed using the xbean-spring library -->
+<!-- START SNIPPET: xbean -->
+<beans xmlns="http://activemq.org/config/1.0">
+
+  <broker useJmx="false" persistent="false">
+
+    <plugins>
+      <!--  use JAAS to authenticate using the login.config file on the classpath to configure
JAAS -->
+      <jassAuthenticationPlugin configuration="activemq-domain"/>
+    </plugins>
+  </broker>
+
+</beans>
+<!-- END SNIPPET: xbean -->

Propchange: incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml



Mime
View raw message