activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dej...@apache.org
Subject svn commit: r1092098 - in /activemq/trunk/activemq-core/src: main/java/org/apache/activemq/security/ test/java/org/apache/activemq/security/ test/resources/org/apache/activemq/security/
Date Thu, 14 Apr 2011 10:27:59 GMT
Author: dejanb
Date: Thu Apr 14 10:27:59 2011
New Revision: 1092098

URL: http://svn.apache.org/viewvc?rev=1092098&view=rev
Log:
https://issues.apache.org/jira/browse/AMQ-826 - ldap based authorization - add support for
temp destinations

Modified:
    activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java
    activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java
    activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPSecurityTest.java
    activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif
    activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-ldap.xml
    activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq.ldif

Modified: activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java?rev=1092098&r1=1092097&r2=1092098&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java
(original)
+++ activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java
Thu Apr 14 10:27:59 2011
@@ -81,6 +81,7 @@ public class LDAPAuthorizationMap implem
     private MessageFormat topicSearchMatchingFormat;
     private MessageFormat queueSearchMatchingFormat;
     private String advisorySearchBase = "uid=ActiveMQ.Advisory,ou=topics,ou=destinations,o=ActiveMQ,dc=example,dc=com";
+    private String tempSearchBase = "uid=ActiveMQ.Temp,ou=topics,ou=destinations,o=ActiveMQ,dc=example,dc=com";
 
     private boolean topicSearchSubtreeBool = true;
     private boolean queueSearchSubtreeBool = true;
@@ -140,18 +141,39 @@ public class LDAPAuthorizationMap implem
     }
 
     public Set<GroupPrincipal> getTempDestinationAdminACLs() {
-        // TODO insert implementation
-        return null;
+        try {
+            context = open();
+        } catch (NamingException e) {
+            LOG.error(e.toString());
+            return new HashSet<GroupPrincipal>();
+        }
+        SearchControls constraints = new SearchControls();
+        constraints.setReturningAttributes(new String[] {adminAttribute});
+        return getACLs(tempSearchBase, constraints, adminBase, adminAttribute);
     }
 
     public Set<GroupPrincipal> getTempDestinationReadACLs() {
-        // TODO insert implementation
-        return null;
+        try {
+            context = open();
+        } catch (NamingException e) {
+            LOG.error(e.toString());
+            return new HashSet<GroupPrincipal>();
+        }
+        SearchControls constraints = new SearchControls();
+        constraints.setReturningAttributes(new String[] {readAttribute});
+        return getACLs(tempSearchBase, constraints, readBase, readAttribute);
     }
 
     public Set<GroupPrincipal> getTempDestinationWriteACLs() {
-        // TODO insert implementation
-        return null;
+        try {
+            context = open();
+        } catch (NamingException e) {
+            LOG.error(e.toString());
+            return new HashSet<GroupPrincipal>();
+        }
+        SearchControls constraints = new SearchControls();
+        constraints.setReturningAttributes(new String[] {writeAttribute});
+        return getACLs(tempSearchBase, constraints, writeBase, writeAttribute);
     }
 
     public Set<GroupPrincipal> getAdminACLs(ActiveMQDestination destination) {
@@ -330,6 +352,14 @@ public class LDAPAuthorizationMap implem
         this.advisorySearchBase = advisorySearchBase;
     }
 
+    public String getTempSearchBase() {
+        return tempSearchBase;
+    }
+
+    public void setTempSearchBase(String tempSearchBase) {
+        this.tempSearchBase = tempSearchBase;
+    }
+
     protected Set<GroupPrincipal> getCompositeACLs(ActiveMQDestination destination,
String roleBase, String roleAttribute) {
         ActiveMQDestination[] dests = destination.getCompositeDestinations();
         Set<GroupPrincipal> acls = new HashSet<GroupPrincipal>();
@@ -376,6 +406,10 @@ public class LDAPAuthorizationMap implem
 
         constraints.setReturningAttributes(new String[] {roleAttribute});
 
+        return getACLs(destinationBase, constraints, roleBase, roleAttribute);
+    }
+
+    protected Set<GroupPrincipal> getACLs(String destinationBase, SearchControls constraints,
String roleBase, String roleAttribute) {
         try {
             Set<GroupPrincipal> roles = new HashSet<GroupPrincipal>();
             Set<String> acls = new HashSet<String>();

Modified: activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java?rev=1092098&r1=1092097&r2=1092098&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java
(original)
+++ activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java
Thu Apr 14 10:27:59 2011
@@ -20,6 +20,7 @@ import junit.framework.TestCase;
 import org.apache.activemq.advisory.AdvisorySupport;
 import org.apache.activemq.command.ActiveMQDestination;
 import org.apache.activemq.command.ActiveMQQueue;
+import org.apache.activemq.command.ActiveMQTempQueue;
 import org.apache.activemq.command.ActiveMQTopic;
 import org.apache.activemq.jaas.GroupPrincipal;
 import org.apache.activemq.spring.ActiveMQConnectionFactory;
@@ -68,6 +69,7 @@ public class LDAPAuthorizationMapTest ex
         authMap.setTopicSearchMatchingFormat(new MessageFormat("uid={0},ou=topics,ou=destinations,o=ActiveMQ,ou=system"));
         authMap.setQueueSearchMatchingFormat(new MessageFormat("uid={0},ou=queues,ou=destinations,o=ActiveMQ,ou=system"));
         authMap.setAdvisorySearchBase("uid=ActiveMQ.Advisory,ou=topics,ou=destinations,o=ActiveMQ,ou=system");
+        authMap.setTempSearchBase("uid=ActiveMQ.Temp,ou=topics,ou=destinations,o=ActiveMQ,ou=system");
     }
 
     @Test
@@ -154,5 +156,13 @@ public class LDAPAuthorizationMapTest ex
         assertTrue(acls.contains(new GroupPrincipal("role3")));
     }
 
+        @Test
+    public void testTemp() {
+        Set acls = authMap.getTempDestinationAdminACLs();
+
+        assertEquals(1, acls.size());
+        assertTrue(acls.contains(new GroupPrincipal("role1")));
+    }
+
 
 }

Modified: activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPSecurityTest.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPSecurityTest.java?rev=1092098&r1=1092097&r2=1092098&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPSecurityTest.java
(original)
+++ activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPSecurityTest.java
Thu Apr 14 10:27:59 2011
@@ -76,4 +76,20 @@ public class LDAPSecurityTest extends Ab
         assertNotNull(msg);
     }
 
+    @Test
+    public void testTempDestinations() throws Exception {
+        ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory("tcp://localhost:61616");
+        Connection conn = factory.createQueueConnection("jdoe", "sunflower");
+        Session sess = conn.createSession(false, Session.AUTO_ACKNOWLEDGE);
+        conn.start();
+        Queue queue = sess.createTemporaryQueue();
+
+        MessageProducer producer = sess.createProducer(queue);
+        MessageConsumer consumer = sess.createConsumer(queue);
+
+        producer.send(sess.createTextMessage("test"));
+        Message msg = consumer.receive(1000);
+        assertNotNull(msg);
+    }
+
 }

Modified: activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif?rev=1092098&r1=1092097&r2=1092098&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif
(original)
+++ activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif
Thu Apr 14 10:27:59 2011
@@ -132,3 +132,28 @@ objectclass: top
 cn: write
 uniquemember: uid=role3
 
+dn: uid=ActiveMQ.Temp,ou=topics,ou=destinations,o=ActiveMQ,ou=system
+objectclass: uidObject
+objectclass: top
+objectclass: applicationProcess
+uid: ActiveMQ.Temp
+cn: ActiveMQ.Temp
+
+dn: cn=admin,uid=ActiveMQ.Temp,ou=topics,ou=destinations,o=ActiveMQ,ou=system
+objectclass: groupOfUniqueNames
+objectclass: top
+cn: admin
+uniquemember: uid=role1
+
+dn: cn=read,uid=ActiveMQ.Temp,ou=topics,ou=destinations,o=ActiveMQ,ou=system
+objectclass: groupOfUniqueNames
+objectclass: top
+cn: read
+uniquemember: uid=role2
+
+dn: cn=write,uid=ActiveMQ.Temp,ou=topics,ou=destinations,o=ActiveMQ,ou=system
+objectclass: groupOfUniqueNames
+objectclass: top
+cn: write
+uniquemember: uid=role3
+

Modified: activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-ldap.xml
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-ldap.xml?rev=1092098&r1=1092097&r2=1092098&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-ldap.xml
(original)
+++ activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-ldap.xml
Thu Apr 14 10:27:59 2011
@@ -54,6 +54,8 @@
                                 value="cn={0},ou=Queue,ou=Destination,ou=ActiveMQ,ou=system"/>
                       <property name="advisorySearchBase"
                                 value="cn=ActiveMQ.Advisory,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system"/>
+                      <property name="tempSearchBase"
+                                value="cn=ActiveMQ.Temp,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system"/>
                       <property name="queueSearchSubtreeBool" value="true"/>
                       <property name="adminBase" value="(cn=admin)"/>
                       <property name="adminAttribute" value="member"/>

Modified: activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq.ldif
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq.ldif?rev=1092098&r1=1092097&r2=1092098&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq.ldif
(original)
+++ activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq.ldif
Thu Apr 14 10:27:59 2011
@@ -151,11 +151,12 @@ member: cn=admins
 #######################
 ## Define advisories ##
 #######################
+
 dn: cn=ActiveMQ.Advisory,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
 cn: ActiveMQ.Advisory
 objectClass: applicationProcess
 objectClass: top
-description: Advisory topic about consumers
+description: Advisory topics
 
 dn: cn=read,cn=ActiveMQ.Advisory,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
 cn: read
@@ -176,4 +177,35 @@ cn: admin
 member: cn=admins
 member: cn=users
 objectClass: groupOfNames
+objectClass: top
+
+######################
+## Define temporary ##
+######################
+
+dn: cn=ActiveMQ.Temp,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
+cn: ActiveMQ.Temp
+objectClass: applicationProcess
+objectClass: top
+description: Temporary destinations
+
+dn: cn=read,cn=ActiveMQ.Temp,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
+cn: read
+member: cn=admins
+member: cn=users
+objectClass: groupOfNames
+objectClass: top
+
+dn: cn=write,cn=ActiveMQ.Temp,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
+cn: write
+member: cn=admins
+member: cn=users
+objectClass: groupOfNames
+objectClass: top
+
+dn: cn=admin,cn=ActiveMQ.Temp,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
+cn: admin
+member: cn=admins
+member: cn=users
+objectClass: groupOfNames
 objectClass: top
\ No newline at end of file



Mime
View raw message