Return-Path: Delivered-To: apmail-activemq-commits-archive@www.apache.org Received: (qmail 71318 invoked from network); 12 Apr 2011 13:25:57 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 12 Apr 2011 13:25:57 -0000 Received: (qmail 1668 invoked by uid 500); 12 Apr 2011 13:25:57 -0000 Delivered-To: apmail-activemq-commits-archive@activemq.apache.org Received: (qmail 1636 invoked by uid 500); 12 Apr 2011 13:25:57 -0000 Mailing-List: contact commits-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@activemq.apache.org Delivered-To: mailing list commits@activemq.apache.org Received: (qmail 1629 invoked by uid 99); 12 Apr 2011 13:25:57 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 12 Apr 2011 13:25:57 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 12 Apr 2011 13:25:55 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 41C3C2388A3B; Tue, 12 Apr 2011 13:25:35 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1091401 - in /activemq/trunk: ./ activemq-core/ activemq-core/src/main/java/org/apache/activemq/security/ activemq-core/src/test/java/org/apache/activemq/security/ activemq-core/src/test/resources/org/apache/activemq/security/ activemq-jaa... Date: Tue, 12 Apr 2011 13:25:35 -0000 To: commits@activemq.apache.org From: dejanb@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20110412132535.41C3C2388A3B@eris.apache.org> Author: dejanb Date: Tue Apr 12 13:25:34 2011 New Revision: 1091401 URL: http://svn.apache.org/viewvc?rev=1091401&view=rev Log: https://issues.apache.org/jira/browse/AMQ-826 - ldap based authorization - making tests work again, upgrading to apache ds 1.5.7, fixing ldif Added: activemq/trunk/activemq-jaas/src/test/resources/test.ldif Modified: activemq/trunk/activemq-core/pom.xml activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif activemq/trunk/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java activemq/trunk/pom.xml Modified: activemq/trunk/activemq-core/pom.xml URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/pom.xml?rev=1091401&r1=1091400&r2=1091401&view=diff ============================================================================== --- activemq/trunk/activemq-core/pom.xml (original) +++ activemq/trunk/activemq-core/pom.xml Tue Apr 12 13:25:34 2011 @@ -255,10 +255,19 @@ org.apache.directory.server - apacheds-core - 1.0.0 + apacheds-core-integ + ${directory-version} test + + + org.apache.directory.server + apacheds-server-integ + ${directory-version} + test + + + org.jmock jmock-junit4 @@ -457,10 +466,6 @@ **/SSHTunnelNetworkReconnectTest.* - - - **/LDAPAuthorizationMapTest.* - **/FailoverConsumerTest.* Modified: activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java?rev=1091401&r1=1091400&r2=1091401&view=diff ============================================================================== --- activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java (original) +++ activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java Tue Apr 12 13:25:34 2011 @@ -99,8 +99,8 @@ public class LDAPAuthorizationMap implem connectionProtocol = "s"; authentication = "simple"; - topicSearchMatchingFormat = new MessageFormat("uid={0},ou=topics,ou=destinations,o=ActiveMQ,dc=example,dc=com"); - queueSearchMatchingFormat = new MessageFormat("uid={0},ou=queues,ou=destinations,o=ActiveMQ,dc=example,dc=com"); + topicSearchMatchingFormat = new MessageFormat("uid={0},ou=topics,ou=destinations,o=ActiveMQ,ou=system"); + queueSearchMatchingFormat = new MessageFormat("uid={0},ou=queues,ou=destinations,o=ActiveMQ,ou=system"); adminBase = "(cn=admin)"; adminAttribute = "uniqueMember"; @@ -352,7 +352,8 @@ public class LDAPAuthorizationMap implem } for (Iterator iter = acls.iterator(); iter.hasNext();) { String roleName = iter.next(); - roles.add(new GroupPrincipal(roleName)); + String[] components = roleName.split("=", 2); + roles.add(new GroupPrincipal(components[components.length - 1])); } return roles; } catch (NamingException e) { Modified: activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java?rev=1091401&r1=1091400&r2=1091401&view=diff ============================================================================== --- activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java (original) +++ activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java Tue Apr 12 13:25:34 2011 @@ -16,64 +16,59 @@ */ package org.apache.activemq.security; -import java.util.HashSet; -import java.util.Properties; -import java.util.Set; - -import javax.naming.Context; -import javax.naming.NameClassPair; -import javax.naming.NamingEnumeration; -import javax.naming.directory.DirContext; -import javax.naming.directory.InitialDirContext; - import junit.framework.TestCase; import org.apache.activemq.command.ActiveMQDestination; import org.apache.activemq.command.ActiveMQQueue; import org.apache.activemq.command.ActiveMQTopic; import org.apache.activemq.jaas.GroupPrincipal; -import org.apache.directory.server.core.configuration.StartupConfiguration; -import org.apache.directory.server.core.jndi.CoreContextFactory; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; +import org.apache.directory.server.annotations.CreateLdapServer; +import org.apache.directory.server.annotations.CreateTransport; +import org.apache.directory.server.core.annotations.ApplyLdifFiles; +import org.apache.directory.server.core.integ.AbstractLdapTestUnit; +import org.apache.directory.server.core.integ.FrameworkRunner; +import org.apache.directory.server.ldap.LdapServer; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; + +import javax.naming.NameClassPair; +import javax.naming.NamingEnumeration; +import javax.naming.directory.DirContext; +import java.util.HashSet; +import java.util.Set; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; /** * This test assumes setup like in file 'AMQauth.ldif'. Contents of this file is * attached below in comments. * * @author ngcutura - * + * + * */ -public class LDAPAuthorizationMapTest extends TestCase { - private LDAPAuthorizationMap authMap; - - protected void setUp() throws Exception { - super.setUp(); +@RunWith( FrameworkRunner.class ) +@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP")}) +@ApplyLdifFiles( + "org/apache/activemq/security/AMQauth.ldif" +) +public class LDAPAuthorizationMapTest extends AbstractLdapTestUnit { + private static LDAPAuthorizationMap authMap; - startLdapServer(); + public static LdapServer ldapServer; + @Before + public void setup() throws Exception { authMap = new LDAPAuthorizationMap(); + authMap.setConnectionURL("ldap://localhost:1024"); } - protected void startLdapServer() throws Exception { - ApplicationContext factory = new ClassPathXmlApplicationContext("org/apache/activemq/security/ldap-spring.xml"); - StartupConfiguration cfg = (StartupConfiguration) factory.getBean("configuration"); - Properties env = (Properties) factory.getBean("environment"); - - env.setProperty(Context.PROVIDER_URL, ""); - env.setProperty(Context.INITIAL_CONTEXT_FACTORY, CoreContextFactory.class.getName()); - env.putAll(cfg.toJndiEnvironment()); - - new InitialDirContext(env); - } - - protected void tearDown() throws Exception { - super.tearDown(); - } - + @Test public void testOpen() throws Exception { DirContext ctx = authMap.open(); HashSet set = new HashSet(); - NamingEnumeration list = ctx.list("ou=destinations,o=ActiveMQ,dc=example,dc=com"); + NamingEnumeration list = ctx.list("ou=destinations,o=ActiveMQ,ou=system"); while (list.hasMore()) { NameClassPair ncp = (NameClassPair) list.next(); set.add(ncp.getName()); @@ -86,6 +81,7 @@ public class LDAPAuthorizationMapTest ex * Test method for * 'org.apache.activemq.security.LDAPAuthorizationMap.getAdminACLs(ActiveMQDestination)' */ + @Test public void testGetAdminACLs() { ActiveMQDestination q1 = new ActiveMQQueue("queue1"); Set aclsq1 = authMap.getAdminACLs(q1); @@ -102,6 +98,7 @@ public class LDAPAuthorizationMapTest ex * Test method for * 'org.apache.activemq.security.LDAPAuthorizationMap.getReadACLs(ActiveMQDestination)' */ + @Test public void testGetReadACLs() { ActiveMQDestination q1 = new ActiveMQQueue("queue1"); Set aclsq1 = authMap.getReadACLs(q1); @@ -118,6 +115,7 @@ public class LDAPAuthorizationMapTest ex * Test method for * 'org.apache.activemq.security.LDAPAuthorizationMap.getWriteACLs(ActiveMQDestination)' */ + @Test public void testGetWriteACLs() { ActiveMQDestination q1 = new ActiveMQQueue("queue1"); Set aclsq1 = authMap.getWriteACLs(q1); Modified: activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif?rev=1091401&r1=1091400&r2=1091401&view=diff ============================================================================== --- activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif (original) +++ activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif Tue Apr 12 13:25:34 2011 @@ -16,23 +16,18 @@ ## --------------------------------------------------------------------------- version: 1 -dn: dc=example,dc=com -objectClass: top -objectClass: domain -objectClass: extensibleObject -dc: example -dn: o=ActiveMQ,dc=example,dc=com +dn: o=ActiveMQ,ou=system objectclass: organization objectclass: top o: ActiveMQ -dn: ou=users,o=ActiveMQ,dc=example,dc=com +dn: ou=users,o=ActiveMQ,ou=system objectclass: organizationalUnit objectclass: top ou: users -dn: uid=ngcutura,ou=users,o=ActiveMQ,dc=example,dc=com +dn: uid=ngcutura,ou=users,o=ActiveMQ,ou=system objectclass: inetOrgPerson objectclass: organizationalPerson objectclass: person @@ -42,71 +37,75 @@ sn: Cutura uid: ngcutura userpassword:: e3NoYX0wZE9sTGxnU2ZRT3NSaFR5OGx3NUM3K1hlSkE9 -dn: cn=roles,uid=ngcutura,ou=users,o=ActiveMQ,dc=example,dc=com +dn: cn=roles,uid=ngcutura,ou=users,o=ActiveMQ,ou=system objectclass: groupOfUniqueNames objectclass: top cn: roles -uniquemember: aa +uniquemember: uid=ngcutura -dn: ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: ou=destinations,o=ActiveMQ,ou=system objectclass: organizationalUnit objectclass: top ou: destinations -dn: ou=topics,ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: ou=topics,ou=destinations,o=ActiveMQ,ou=system objectclass: organizationalUnit objectclass: top ou: topics -dn: uid=topic1,ou=topics,ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: uid=topic1,ou=topics,ou=destinations,o=ActiveMQ,ou=system objectclass: uidObject objectclass: top +objectclass: applicationProcess uid: topic1 +cn: topic1 -dn: cn=admin,uid=topic1,ou=topics,ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: cn=admin,uid=topic1,ou=topics,ou=destinations,o=ActiveMQ,ou=system objectclass: groupOfUniqueNames objectclass: top cn: admin -uniquemember: role1 +uniquemember: uid=role1 -dn: cn=read,uid=topic1,ou=topics,ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: cn=read,uid=topic1,ou=topics,ou=destinations,o=ActiveMQ,ou=system objectclass: groupOfUniqueNames objectclass: top cn: read -uniquemember: role2 +uniquemember: uid=role2 -dn: cn=write,uid=topic1,ou=topics,ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: cn=write,uid=topic1,ou=topics,ou=destinations,o=ActiveMQ,ou=system objectclass: groupOfUniqueNames objectclass: top cn: write -uniquemember: role3 +uniquemember: uid=role3 -dn: ou=queues,ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: ou=queues,ou=destinations,o=ActiveMQ,ou=system objectclass: organizationalUnit objectclass: top ou: queues -dn: uid=queue1,ou=queues,ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: uid=queue1,ou=queues,ou=destinations,o=ActiveMQ,ou=system +objectclass: applicationProcess objectclass: uidObject objectclass: top uid: queue1 +cn: queue1 -dn: cn=read,uid=queue1,ou=queues,ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: cn=read,uid=queue1,ou=queues,ou=destinations,o=ActiveMQ,ou=system objectclass: groupOfUniqueNames objectclass: top cn: read -uniquemember: role1 +uniquemember: uid=role1 -dn: cn=write,uid=queue1,ou=queues,ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: cn=write,uid=queue1,ou=queues,ou=destinations,o=ActiveMQ,ou=system objectclass: groupOfUniqueNames objectclass: top cn: write -uniquemember: role1 -uniquemember: role2 +uniquemember: uid=role1 +uniquemember: uid=role2 -dn: cn=admin,uid=queue1,ou=queues,ou=destinations,o=ActiveMQ,dc=example,dc=com +dn: cn=admin,uid=queue1,ou=queues,ou=destinations,o=ActiveMQ,ou=system objectclass: groupOfUniqueNames objectclass: top cn: admin -uniquemember: role1 +uniquemember: uid=role1 Modified: activemq/trunk/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java?rev=1091401&r1=1091400&r2=1091401&view=diff ============================================================================== --- activemq/trunk/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java (original) +++ activemq/trunk/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java Tue Apr 12 13:25:34 2011 @@ -16,47 +16,37 @@ */ package org.apache.activemq.jaas; -import static org.junit.Assert.assertTrue; - -import java.io.IOException; -import java.net.URL; -import java.util.HashSet; -import java.util.Hashtable; +import org.apache.directory.server.core.integ.AbstractLdapTestUnit; +import org.apache.directory.server.core.integ.FrameworkRunner; +import org.apache.directory.server.integ.ServerIntegrationUtils; +import org.apache.directory.server.ldap.LdapServer; +import org.apache.directory.server.annotations.CreateLdapServer; +import org.apache.directory.server.annotations.CreateTransport; +import org.apache.directory.server.core.annotations.ApplyLdifFiles; +import org.junit.Test; +import org.junit.runner.RunWith; import javax.naming.Context; import javax.naming.NameClassPair; import javax.naming.NamingEnumeration; import javax.naming.directory.DirContext; import javax.naming.directory.InitialDirContext; -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.NameCallback; -import javax.security.auth.callback.PasswordCallback; -import javax.security.auth.callback.UnsupportedCallbackException; +import javax.security.auth.callback.*; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; +import java.io.IOException; +import java.net.URL; +import java.util.HashSet; +import java.util.Hashtable; -import org.apache.directory.server.core.integ.Level; -import org.apache.directory.server.core.integ.annotations.ApplyLdifs; -import org.apache.directory.server.core.integ.annotations.CleanupLevel; -import org.apache.directory.server.integ.SiRunner; -import org.junit.Test; -import org.junit.runner.RunWith; - -import org.apache.directory.server.ldap.LdapServer; +import static org.junit.Assert.assertTrue; -@RunWith ( SiRunner.class ) -@CleanupLevel ( Level.CLASS ) -@ApplyLdifs( { - "dn: uid=first,ou=system\n" + - "uid: first\n" + - "userPassword: secret\n" + - "objectClass: account\n" + - "objectClass: simpleSecurityObject\n" + - "objectClass: top\n" -} +@RunWith ( FrameworkRunner.class ) +@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP")}) +@ApplyLdifFiles( + "test.ldif" ) -public class LDAPLoginModuleTest { +public class LDAPLoginModuleTest extends AbstractLdapTestUnit { static { String path = System.getProperty("java.security.auth.login.config"); @@ -69,8 +59,9 @@ public class LDAPLoginModuleTest { } } - private static final String BASE = "ou=system"; + private static final String BASE = "o=ActiveMQ,ou=system"; public static LdapServer ldapServer; + private static final String FILTER = "(objectclass=*)"; private static final String PRINCIPAL = "uid=admin,ou=system"; Added: activemq/trunk/activemq-jaas/src/test/resources/test.ldif URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-jaas/src/test/resources/test.ldif?rev=1091401&view=auto ============================================================================== --- activemq/trunk/activemq-jaas/src/test/resources/test.ldif (added) +++ activemq/trunk/activemq-jaas/src/test/resources/test.ldif Tue Apr 12 13:25:34 2011 @@ -0,0 +1,23 @@ +## --------------------------------------------------------------------------- +## Licensed to the Apache Software Foundation (ASF) under one or more +## contributor license agreements. See the NOTICE file distributed with +## this work for additional information regarding copyright ownership. +## The ASF licenses this file to You under the Apache License, Version 2.0 +## (the "License"); you may not use this file except in compliance with +## the License. You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## --------------------------------------------------------------------------- + +dn: uid=first,ou=system +uid: first +userPassword: secret +objectClass: account +objectClass: simpleSecurityObject +objectClass: top \ No newline at end of file Modified: activemq/trunk/pom.xml URL: http://svn.apache.org/viewvc/activemq/trunk/pom.xml?rev=1091401&r1=1091400&r2=1091401&view=diff ============================================================================== --- activemq/trunk/pom.xml (original) +++ activemq/trunk/pom.xml Tue Apr 12 13:25:34 2011 @@ -57,7 +57,7 @@ 1.1 1.5.4 1.0 - 1.5.5 + 1.5.7 1.0 0.1.8 1.7.2.2 @@ -67,7 +67,7 @@ 2.1.v20100127 1.2 2.5.1 - 4.5 + 4.8.1 2.0 2.2.0 1.2.14