activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dej...@apache.org
Subject svn commit: r831968 - in /activemq/branches/activemq-5.3/activemq-core/src: main/java/org/apache/activemq/network/ test/java/org/apache/activemq/security/ test/resources/ test/resources/org/apache/activemq/security/
Date Mon, 02 Nov 2009 16:46:46 GMT
Author: dejanb
Date: Mon Nov  2 16:46:45 2009
New Revision: 831968

URL: http://svn.apache.org/viewvc?rev=831968&view=rev
Log:
merging 831942: https://issues.apache.org/activemq/browse/AMQ-2474 - Enable broker-to-broker
authentication and authorizarion using SSL certificates and jaasCertificateAuthenticationPlugin

Added:
    activemq/branches/activemq-5.3/activemq-core/src/test/java/org/apache/activemq/security/JaasNetworkTest.java
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/JaasNetworkTest.java
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/broker1.ks
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/broker1.ks
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/broker1.ts
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/broker1.ts
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/broker1.xml
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/broker1.xml
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/broker2.ks
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/broker2.ks
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/broker2.ts
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/broker2.ts
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/broker2.xml
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/broker2.xml
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/client.ks
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/client.ks
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/client.ts
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/client.ts
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/users1.properties
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/users1.properties
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/users2.properties
      - copied unchanged from r831942, activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/users2.properties
Modified:
    activemq/branches/activemq-5.3/activemq-core/src/main/java/org/apache/activemq/network/DemandForwardingBridgeSupport.java
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/login.config
    activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/groups.properties

Modified: activemq/branches/activemq-5.3/activemq-core/src/main/java/org/apache/activemq/network/DemandForwardingBridgeSupport.java
URL: http://svn.apache.org/viewvc/activemq/branches/activemq-5.3/activemq-core/src/main/java/org/apache/activemq/network/DemandForwardingBridgeSupport.java?rev=831968&r1=831967&r2=831968&view=diff
==============================================================================
--- activemq/branches/activemq-5.3/activemq-core/src/main/java/org/apache/activemq/network/DemandForwardingBridgeSupport.java
(original)
+++ activemq/branches/activemq-5.3/activemq-core/src/main/java/org/apache/activemq/network/DemandForwardingBridgeSupport.java
Mon Nov  2 16:46:45 2009
@@ -18,6 +18,7 @@
 
 import java.io.IOException;
 import java.security.GeneralSecurityException;
+import java.security.cert.X509Certificate;
 import java.util.Collection;
 import java.util.List;
 import java.util.Properties;
@@ -70,7 +71,9 @@
 import org.apache.activemq.transport.ResponseCallback;
 import org.apache.activemq.transport.Transport;
 import org.apache.activemq.transport.TransportDisposedIOException;
+import org.apache.activemq.transport.TransportFilter;
 import org.apache.activemq.transport.TransportListener;
+import org.apache.activemq.transport.tcp.SslTransport;
 import org.apache.activemq.util.IdGenerator;
 import org.apache.activemq.util.IntrospectionSupport;
 import org.apache.activemq.util.LongSequenceGenerator;
@@ -285,6 +288,14 @@
                 localConnectionInfo.setClientId(localClientId);
                 localConnectionInfo.setUserName(configuration.getUserName());
                 localConnectionInfo.setPassword(configuration.getPassword());
+                Transport originalTransport = remoteBroker;
+                while (originalTransport instanceof TransportFilter) {
+                    originalTransport = ((TransportFilter)originalTransport).getNext();
+                }
+                if (originalTransport instanceof SslTransport) {
+                    X509Certificate[] peerCerts = ((SslTransport)originalTransport).getPeerCertificates();
+                    localConnectionInfo.setTransportContext(peerCerts);
+                }
                 localBroker.oneway(localConnectionInfo);
 
                 localSessionInfo = new SessionInfo(localConnectionInfo, 1);

Modified: activemq/branches/activemq-5.3/activemq-core/src/test/resources/login.config
URL: http://svn.apache.org/viewvc/activemq/branches/activemq-5.3/activemq-core/src/test/resources/login.config?rev=831968&r1=831967&r2=831968&view=diff
==============================================================================
--- activemq/branches/activemq-5.3/activemq-core/src/test/resources/login.config (original)
+++ activemq/branches/activemq-5.3/activemq-core/src/test/resources/login.config Mon Nov 
2 16:46:45 2009
@@ -29,3 +29,16 @@
 
 };
 
+broker1 {
+    org.apache.activemq.jaas.TextFileCertificateLoginModule required
+        debug=true
+        org.apache.activemq.jaas.textfiledn.user="org/apache/activemq/security/users1.properties"
+        org.apache.activemq.jaas.textfiledn.group="org/apache/activemq/security/groups.properties";
+};
+
+broker2 {
+    org.apache.activemq.jaas.TextFileCertificateLoginModule required
+        debug=true
+        org.apache.activemq.jaas.textfiledn.user="org/apache/activemq/security/users2.properties"
+        org.apache.activemq.jaas.textfiledn.group="org/apache/activemq/security/groups.properties";
+};
\ No newline at end of file

Modified: activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/groups.properties
URL: http://svn.apache.org/viewvc/activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/groups.properties?rev=831968&r1=831967&r2=831968&view=diff
==============================================================================
--- activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/groups.properties
(original)
+++ activemq/branches/activemq-5.3/activemq-core/src/test/resources/org/apache/activemq/security/groups.properties
Mon Nov  2 16:46:45 2009
@@ -15,7 +15,7 @@
 ## limitations under the License.
 ## ---------------------------------------------------------------------------
 
-admins=system,sslclient
-tempDestinationAdmins=system,user,sslclient
-users=system,user,sslclient
+admins=system,sslclient,client,broker1,broker2
+tempDestinationAdmins=system,user,sslclient,client,broker1,broker2
+users=system,user,sslclient,client,broker1,broker2
 guests=guest



Mime
View raw message