activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jstrac...@apache.org
Subject svn commit: r378006 - in /incubator/activemq/trunk/activemq-core/src: main/java/org/apache/activemq/security/ test/java/org/apache/activemq/security/ test/resources/org/apache/activemq/security/
Date Wed, 15 Feb 2006 13:33:53 GMT
Author: jstrachan
Date: Wed Feb 15 05:33:52 2006
New Revision: 378006

URL: http://svn.apache.org/viewcvs?rev=378006&view=rev
Log:
added a pure XBean based authorization and authentication mechanism

Added:
    incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java
  (with props)
    incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleAuthorizationMapTest.java
  (with props)
    incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/XBeanSecurityTest.java
  (with props)
Modified:
    incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/AuthorizationEntry.java
    incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/AuthorizationPlugin.java
    incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java
    incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassCredentialCallback.java
    incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
    incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java
    incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml

Modified: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/AuthorizationEntry.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/AuthorizationEntry.java?rev=378006&r1=378005&r2=378006&view=diff
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/AuthorizationEntry.java
(original)
+++ incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/AuthorizationEntry.java
Wed Feb 15 05:33:52 2006
@@ -17,9 +17,12 @@
 package org.apache.activemq.security;
 
 import org.apache.activemq.filter.DestinationMapEntry;
+import org.apache.activemq.jaas.GroupPrincipal;
 
 import java.util.Collections;
+import java.util.HashSet;
 import java.util.Set;
+import java.util.StringTokenizer;
 
 /**
  * Represents an entry in a {@link DefaultAuthorizationMap} for assigning
@@ -60,4 +63,27 @@
         this.writeACLs = writeACLs;
     }
 
+    // helper methods for easier configuration in Spring
+    // -------------------------------------------------------------------------
+    public void setAdmin(String roles) {
+        setAdminACLs(parseACLs(roles));
+    }
+
+    public void setRead(String roles) {
+        setReadACLs(parseACLs(roles));
+    }
+
+    public void setWrite(String roles) {
+        setWriteACLs(parseACLs(roles));
+    }
+
+    protected Set parseACLs(String roles) {
+        Set answer = new HashSet();
+        StringTokenizer iter = new StringTokenizer(roles, ",");
+        while (iter.hasMoreTokens()) {
+            String name = iter.nextToken().trim();
+            answer.add(new GroupPrincipal(name));
+        }
+        return answer;
+    }
 }

Modified: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/AuthorizationPlugin.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/AuthorizationPlugin.java?rev=378006&r1=378005&r2=378006&view=diff
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/AuthorizationPlugin.java
(original)
+++ incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/AuthorizationPlugin.java
Wed Feb 15 05:33:52 2006
@@ -29,28 +29,28 @@
  */
 public class AuthorizationPlugin implements BrokerPlugin {
 
-    private AuthorizationMap authorizationMap;
+    private AuthorizationMap map;
 
     public AuthorizationPlugin() {
     }
 
-    public AuthorizationPlugin(AuthorizationMap authorizationMap) {
-        this.authorizationMap = authorizationMap;
+    public AuthorizationPlugin(AuthorizationMap map) {
+        this.map = map;
     }
 
     public Broker installPlugin(Broker broker) {
-        if (authorizationMap == null) {
-            throw new IllegalArgumentException("You must configure an 'authorizationMap'");
+        if (map == null) {
+            throw new IllegalArgumentException("You must configure a 'map' property");
         }
-        return new AuthorizationBroker(broker, authorizationMap);
+        return new AuthorizationBroker(broker, map);
     }
 
-    public AuthorizationMap getAuthorizationMap() {
-        return authorizationMap;
+    public AuthorizationMap getMap() {
+        return map;
     }
 
-    public void setAuthorizationMap(AuthorizationMap authorizationMap) {
-        this.authorizationMap = authorizationMap;
+    public void setMap(AuthorizationMap map) {
+        this.map = map;
     }
 
 }

Modified: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java?rev=378006&r1=378005&r2=378006&view=diff
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java
(original)
+++ incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java
Wed Feb 15 05:33:52 2006
@@ -46,10 +46,8 @@
 
     
     public Set getAdminACLs(ActiveMQDestination destination) {
+        Set entries = getAllEntries(destination);
         Set answer = new HashSet();
-        Set entries = get(destination);
-        entries.add(defaultEntry);
-        
         // now lets go through each entry adding individual 
         for (Iterator iter = entries.iterator(); iter.hasNext();) {
             AuthorizationEntry entry = (AuthorizationEntry) iter.next();
@@ -59,9 +57,8 @@
     }
 
     public Set getReadACLs(ActiveMQDestination destination) {
+        Set entries = getAllEntries(destination);
         Set answer = new HashSet();
-        Set entries = get(destination);
-        entries.add(defaultEntry);
         
         // now lets go through each entry adding individual 
         for (Iterator iter = entries.iterator(); iter.hasNext();) {
@@ -72,9 +69,8 @@
     }
 
     public Set getWriteACLs(ActiveMQDestination destination) {
+        Set entries = getAllEntries(destination);
         Set answer = new HashSet();
-        Set entries = get(destination);
-        entries.add(defaultEntry);
         
         // now lets go through each entry adding individual 
         for (Iterator iter = entries.iterator(); iter.hasNext();) {
@@ -112,4 +108,13 @@
     protected Class getEntryClass() {
         return AuthorizationEntry.class;
     }
+    protected Set getAllEntries(ActiveMQDestination destination) {
+        Set entries = get(destination);
+        if (defaultEntry != null) {
+        entries.add(defaultEntry);
+        }
+        return entries;
+    }
+
+
 }

Modified: incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassCredentialCallback.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassCredentialCallback.java?rev=378006&r1=378005&r2=378006&view=diff
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassCredentialCallback.java
(original)
+++ incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/JassCredentialCallback.java
Wed Feb 15 05:33:52 2006
@@ -39,10 +39,23 @@
 
     public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
         for (int i = 0; i < callbacks.length; i++) {
-            if (callbacks[i] instanceof PasswordCallback) {
-                ((PasswordCallback) callbacks[i]).setPassword(password.toCharArray());
-            } else if (callbacks[i] instanceof NameCallback) {
-                ((NameCallback) callbacks[i]).setName(username);
+            Callback callback = callbacks[i];
+            if (callback instanceof PasswordCallback) {
+                PasswordCallback passwordCallback = (PasswordCallback) callback;
+                if (password == null) {
+                    passwordCallback.setPassword(null);
+                }
+                else {
+                    passwordCallback.setPassword(password.toCharArray());
+                }
+            } else if (callback instanceof NameCallback) {
+                NameCallback nameCallback = (NameCallback) callback;
+                if (username == null) {
+                    nameCallback.setName(null);
+                }
+                else {
+                    nameCallback.setName(username);
+                }
             }
         }
     }

Added: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java?rev=378006&view=auto
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java
(added)
+++ incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java
Wed Feb 15 05:33:52 2006
@@ -0,0 +1,65 @@
+/**
+ *
+ * Copyright 2005-2006 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.security;
+
+import org.apache.activemq.command.ActiveMQQueue;
+import org.apache.activemq.jaas.GroupPrincipal;
+
+import java.util.*;
+import java.util.Set;
+
+import junit.framework.TestCase;
+
+/**
+ * 
+ * @version $Revision$
+ */
+public class AuthorizationMapTest extends TestCase {
+    static final GroupPrincipal guests = new GroupPrincipal("guests");
+    static final GroupPrincipal users = new GroupPrincipal("users");
+    static final GroupPrincipal admins = new GroupPrincipal("admins");
+
+    public void testAuthorizationMap() {
+        AuthorizationMap map = createAuthorizationMap();
+
+        Set readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR"));
+        assertEquals("set size: " + readACLs, 2, readACLs.size());
+        assertTrue("Contains users group", readACLs.contains(admins));
+        assertTrue("Contains users group", readACLs.contains(users));
+    }
+
+    protected AuthorizationMap createAuthorizationMap() {
+        DefaultAuthorizationMap answer = new DefaultAuthorizationMap();
+
+        List entries = new ArrayList();
+
+        AuthorizationEntry entry = new AuthorizationEntry();
+        entry.setQueue(">");
+        entry.setRead("admins");
+        entries.add(entry);
+
+        entry = new AuthorizationEntry();
+        entry.setQueue("USERS.>");
+        entry.setRead("users");
+        entries.add(entry);
+
+        answer.setAuthorizationEntries(entries);
+
+        return answer;
+    }
+
+}

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java?rev=378006&r1=378005&r2=378006&view=diff
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
(original)
+++ incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SecurityTestSupport.java
Wed Feb 15 05:33:52 2006
@@ -18,6 +18,8 @@
 
 import org.apache.activemq.JmsTestSupport;
 import org.apache.activemq.command.ActiveMQDestination;
+import org.apache.activemq.command.ActiveMQQueue;
+import org.apache.activemq.command.ActiveMQTopic;
 
 import javax.jms.Connection;
 import javax.jms.JMSException;
@@ -165,4 +167,60 @@
 
     }
 
+    public void initCombosForTestUserReceiveFails() {
+        addCombinationValues("userName", new Object[] { "user" });
+        addCombinationValues("password", new Object[] { "password" });
+        addCombinationValues("destination", new Object[] { new ActiveMQQueue("TEST"), new
ActiveMQTopic("TEST"), new ActiveMQQueue("GUEST.BAR"),
+                new ActiveMQTopic("GUEST.BAR"), });
+    }
+
+    public void initCombosForTestInvalidAuthentication() {
+        addCombinationValues("userName", new Object[] { "user" });
+        addCombinationValues("password", new Object[] { "password" });
+    }
+
+    public void initCombosForTestUserReceiveSucceeds() {
+        addCombinationValues("userName", new Object[] { "user" });
+        addCombinationValues("password", new Object[] { "password" });
+        addCombinationValues("destination", new Object[] { new ActiveMQQueue("USERS.FOO"),
new ActiveMQTopic("USERS.FOO"), });
+    }
+
+    public void initCombosForTestGuestReceiveSucceeds() {
+        addCombinationValues("userName", new Object[] { "guest" });
+        addCombinationValues("password", new Object[] { "password" });
+        addCombinationValues("destination", new Object[] { new ActiveMQQueue("GUEST.BAR"),
new ActiveMQTopic("GUEST.BAR"), });
+    }
+
+    public void initCombosForTestGuestReceiveFails() {
+        addCombinationValues("userName", new Object[] { "guest" });
+        addCombinationValues("password", new Object[] { "password" });
+        addCombinationValues("destination", new Object[] { new ActiveMQQueue("TEST"), new
ActiveMQTopic("TEST"), new ActiveMQQueue("USERS.FOO"),
+                new ActiveMQTopic("USERS.FOO"), });
+    }
+
+    public void initCombosForTestUserSendSucceeds() {
+        addCombinationValues("userName", new Object[] { "user" });
+        addCombinationValues("password", new Object[] { "password" });
+        addCombinationValues("destination", new Object[] { new ActiveMQQueue("USERS.FOO"),
new ActiveMQQueue("GUEST.BAR"), new ActiveMQTopic("USERS.FOO"),
+                new ActiveMQTopic("GUEST.BAR"), });
+    }
+
+    public void initCombosForTestUserSendFails() {
+        addCombinationValues("userName", new Object[] { "user" });
+        addCombinationValues("password", new Object[] { "password" });
+        addCombinationValues("destination", new Object[] { new ActiveMQQueue("TEST"), new
ActiveMQTopic("TEST"), });
+    }
+
+    public void initCombosForTestGuestSendFails() {
+        addCombinationValues("userName", new Object[] { "guest" });
+        addCombinationValues("password", new Object[] { "password" });
+        addCombinationValues("destination", new Object[] { new ActiveMQQueue("TEST"), new
ActiveMQTopic("TEST"), new ActiveMQQueue("USERS.FOO"),
+                new ActiveMQTopic("USERS.FOO"), });
+    }
+
+    public void initCombosForTestGuestSendSucceeds() {
+        addCombinationValues("userName", new Object[] { "guest" });
+        addCombinationValues("password", new Object[] { "password" });
+        addCombinationValues("destination", new Object[] { new ActiveMQQueue("GUEST.BAR"),
new ActiveMQTopic("GUEST.BAR"), });
+    }
 }

Added: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleAuthorizationMapTest.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleAuthorizationMapTest.java?rev=378006&view=auto
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleAuthorizationMapTest.java
(added)
+++ incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleAuthorizationMapTest.java
Wed Feb 15 05:33:52 2006
@@ -0,0 +1,28 @@
+/**
+ *
+ * Copyright 2005-2006 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.security;
+
+/**
+ * 
+ * @version $Revision$
+ */
+public class SimpleAuthorizationMapTest extends AuthorizationMapTest {
+    
+    protected AuthorizationMap createAuthorizationMap() {
+        return SimpleSecurityBrokerSystemTest.createAuthorizationMap();
+    }
+}

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleAuthorizationMapTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleAuthorizationMapTest.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleAuthorizationMapTest.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java?rev=378006&r1=378005&r2=378006&view=diff
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java
(original)
+++ incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java
Wed Feb 15 05:33:52 2006
@@ -28,6 +28,7 @@
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.HashSet;
+import java.util.Set;
 
 import junit.framework.Test;
 
@@ -46,7 +47,27 @@
     public BrokerPlugin authorizationPlugin;
     public BrokerPlugin authenticationPlugin;
 
-    public AuthorizationMap createAuthorizationMap() {
+    static {
+        String path = System.getProperty("java.security.auth.login.config");
+        if (path == null) {
+            URL resource = SimpleSecurityBrokerSystemTest.class.getClassLoader().getResource("login.config");
+            if (resource != null) {
+                path = resource.getFile();
+                System.setProperty("java.security.auth.login.config", path);
+            }
+        }
+        System.out.println("Path to login config: " + path);
+    }
+
+    public static Test suite() {
+        return suite(SimpleSecurityBrokerSystemTest.class);
+    }
+
+    public static void main(String[] args) {
+        junit.textui.TestRunner.run(suite());
+    }
+
+    public static AuthorizationMap createAuthorizationMap() {
         DestinationMap readAccess = new DestinationMap();
         readAccess.put(new ActiveMQQueue(">"), admins);
         readAccess.put(new ActiveMQQueue("USERS.>"), users);
@@ -102,26 +123,6 @@
         }
     }
 
-    static {
-        String path = System.getProperty("java.security.auth.login.config");
-        if (path == null) {
-            URL resource = SimpleSecurityBrokerSystemTest.class.getClassLoader().getResource("login.config");
-            if (resource != null) {
-                path = resource.getFile();
-                System.setProperty("java.security.auth.login.config", path);
-            }
-        }
-        System.out.println("Path to login config: " + path);
-    }
-
-    public static Test suite() {
-        return suite(SimpleSecurityBrokerSystemTest.class);
-    }
-
-    public static void main(String[] args) {
-        junit.textui.TestRunner.run(suite());
-    }
-
     public void initCombos() {
         addCombinationValues("authorizationPlugin", new Object[] { new AuthorizationPlugin(createAuthorizationMap()),
});
         addCombinationValues("authenticationPlugin", new Object[] { new SimpleAuthenticationFactory(),
new JassAuthenticationPlugin(), });
@@ -134,60 +135,5 @@
         return broker;
     }
 
-    public void initCombosForTestUserReceiveFails() {
-        addCombinationValues("userName", new Object[] { "user" });
-        addCombinationValues("password", new Object[] { "password" });
-        addCombinationValues("destination", new Object[] { new ActiveMQQueue("TEST"), new
ActiveMQTopic("TEST"), new ActiveMQQueue("GUEST.BAR"),
-                new ActiveMQTopic("GUEST.BAR"), });
-    }
-
-    public void initCombosForTestInvalidAuthentication() {
-        addCombinationValues("userName", new Object[] { "user" });
-        addCombinationValues("password", new Object[] { "password" });
-    }
-
-    public void initCombosForTestUserReceiveSucceeds() {
-        addCombinationValues("userName", new Object[] { "user" });
-        addCombinationValues("password", new Object[] { "password" });
-        addCombinationValues("destination", new Object[] { new ActiveMQQueue("USERS.FOO"),
new ActiveMQTopic("USERS.FOO"), });
-    }
-
-    public void initCombosForTestGuestReceiveSucceeds() {
-        addCombinationValues("userName", new Object[] { "guest" });
-        addCombinationValues("password", new Object[] { "password" });
-        addCombinationValues("destination", new Object[] { new ActiveMQQueue("GUEST.BAR"),
new ActiveMQTopic("GUEST.BAR"), });
-    }
-
-    public void initCombosForTestGuestReceiveFails() {
-        addCombinationValues("userName", new Object[] { "guest" });
-        addCombinationValues("password", new Object[] { "password" });
-        addCombinationValues("destination", new Object[] { new ActiveMQQueue("TEST"), new
ActiveMQTopic("TEST"), new ActiveMQQueue("USERS.FOO"),
-                new ActiveMQTopic("USERS.FOO"), });
-    }
 
-    public void initCombosForTestUserSendSucceeds() {
-        addCombinationValues("userName", new Object[] { "user" });
-        addCombinationValues("password", new Object[] { "password" });
-        addCombinationValues("destination", new Object[] { new ActiveMQQueue("USERS.FOO"),
new ActiveMQQueue("GUEST.BAR"), new ActiveMQTopic("USERS.FOO"),
-                new ActiveMQTopic("GUEST.BAR"), });
-    }
-
-    public void initCombosForTestUserSendFails() {
-        addCombinationValues("userName", new Object[] { "user" });
-        addCombinationValues("password", new Object[] { "password" });
-        addCombinationValues("destination", new Object[] { new ActiveMQQueue("TEST"), new
ActiveMQTopic("TEST"), });
-    }
-
-    public void initCombosForTestGuestSendFails() {
-        addCombinationValues("userName", new Object[] { "guest" });
-        addCombinationValues("password", new Object[] { "password" });
-        addCombinationValues("destination", new Object[] { new ActiveMQQueue("TEST"), new
ActiveMQTopic("TEST"), new ActiveMQQueue("USERS.FOO"),
-                new ActiveMQTopic("USERS.FOO"), });
-    }
-
-    public void initCombosForTestGuestSendSucceeds() {
-        addCombinationValues("userName", new Object[] { "guest" });
-        addCombinationValues("password", new Object[] { "password" });
-        addCombinationValues("destination", new Object[] { new ActiveMQQueue("GUEST.BAR"),
new ActiveMQTopic("GUEST.BAR"), });
-    }
 }

Added: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/XBeanSecurityTest.java
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/XBeanSecurityTest.java?rev=378006&view=auto
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/XBeanSecurityTest.java
(added)
+++ incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/XBeanSecurityTest.java
Wed Feb 15 05:33:52 2006
@@ -0,0 +1,54 @@
+/**
+ *
+ * Copyright 2005-2006 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.security;
+
+import org.apache.activemq.broker.BrokerFactory;
+import org.apache.activemq.broker.BrokerService;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import java.net.URI;
+
+import junit.framework.Test;
+
+/**
+ * 
+ * @version $Revision$
+ */
+public class XBeanSecurityTest extends SecurityTestSupport {
+
+    private static final Log log = LogFactory.getLog(XBeanSecurityTest.class);
+    
+    public static Test suite() {
+        return suite(XBeanSecurityTest.class);
+    }
+
+    public static void main(String[] args) {
+        junit.textui.TestRunner.run(suite());
+    }
+
+
+    protected BrokerService createBroker() throws Exception {
+        return createBroker("org/apache/activemq/security/jaas-broker.xml");
+    }
+
+    protected BrokerService createBroker(String uri) throws Exception {
+        log.info("Loading broker configuration from the classpath with URI: " + uri);
+        return BrokerFactory.createBroker(new URI("xbean:" + uri));
+    }
+
+}

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/XBeanSecurityTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/XBeanSecurityTest.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/XBeanSecurityTest.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml
URL: http://svn.apache.org/viewcvs/incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml?rev=378006&r1=378005&r2=378006&view=diff
==============================================================================
--- incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml
(original)
+++ incubator/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/jaas-broker.xml
Wed Feb 15 05:33:52 2006
@@ -1,18 +1,18 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-    Copyright 2005-2006 The Apache Software Foundation
-   
-    Licensed under the Apache License, Version 2.0 (the "License");
-    you may not use this file except in compliance with the License.
-    You may obtain a copy of the License at
-   
-    http://www.apache.org/licenses/LICENSE-2.0
-   
-    Unless required by applicable law or agreed to in writing, software
-    distributed under the License is distributed on an "AS IS" BASIS,
-    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-    See the License for the specific language governing permissions and
-    limitations under the License.
+  Copyright 2005-2006 The Apache Software Foundation
+  
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+  
+  http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
 -->
 
 <!-- this file can only be parsed using the xbean-spring library -->
@@ -23,14 +23,25 @@
 
     <plugins>
       <!--  use JAAS to authenticate using the login.config file on the classpath to configure
JAAS -->
-      <jassAuthenticationPlugin configuration="activemq-domain"/>
-      
-      <!--  lets configure a simple authorization mechanism -->
+      <jassAuthenticationPlugin configuration="activemq-domain" />
+
+      <!--  lets configure a destination based authorization mechanism -->
       <authorizationPlugin>
-        <authorizationEntries>
-          <authorizationEntry topic=">" read="" write="" admin=""/>
-          <authorizationEntry queue=">" read="" write="" admin=""/>
-        </authorizationEntries>
+        <map>
+          <authorizationMap>
+            <authorizationEntries>
+              <authorizationEntry queue=">" read="admins" write="admins" admin="admins"
/>
+              <authorizationEntry queue="USERS.>" read="users" write="users" admin="users"
/>
+              <authorizationEntry queue="GUEST.>" read="guests" write="guests,users"
admin="guests,users" />
+              
+              <authorizationEntry topic=">" read="admins" write="admins" admin="admins"
/>
+              <authorizationEntry topic="USERS.>" read="users" write="users" admin="users"
/>
+              <authorizationEntry topic="GUEST.>" read="guests" write="guests,users"
admin="guests,users" />
+              
+              <authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users" write="guests,users"
admin="guests,users"/>
+            </authorizationEntries>
+          </authorizationMap>
+        </map>
       </authorizationPlugin>
     </plugins>
   </broker>



Mime
View raw message