activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chir...@apache.org
Subject svn commit: r1161620 - in /activemq/activemq-apollo/trunk: apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/ apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/
Date Thu, 25 Aug 2011 16:08:00 GMT
Author: chirino
Date: Thu Aug 25 16:07:59 2011
New Revision: 1161620

URL: http://svn.apache.org/viewvc?rev=1161620&view=rev
Log:
Better JAAS configuration.  Don't succeed a login just because it it passed the socket address
module.  Also avoid hitting the other login modules if it fails the socket address module.

Modified:
    activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileGroupLoginModule.scala
    activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/GuestLoginModule.scala
    activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SocketAddressLoginModule.scala
    activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/login.config

Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileGroupLoginModule.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileGroupLoginModule.scala?rev=1161620&r1=1161619&r2=1161620&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileGroupLoginModule.scala
(original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileGroupLoginModule.scala
Thu Aug 25 16:07:59 2011
@@ -96,9 +96,7 @@ class FileGroupLoginModule extends Login
     debug("Initialized file=%s, match=%s", file, match_kind)
   }
 
-  def login: Boolean = {
-    false
-  }
+  def login = false
 
   def commit: Boolean = {
 

Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/GuestLoginModule.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/GuestLoginModule.scala?rev=1161620&r1=1161619&r2=1161620&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/GuestLoginModule.scala
(original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/GuestLoginModule.scala
Thu Aug 25 16:07:59 2011
@@ -74,7 +74,7 @@ class GuestLoginModule extends LoginModu
       val callback = new NameCallback("Username: ")
       callback_handler.handle(Array(callback))
       if( callback.getName!=null && callback.getName.size>=0 ) {
-        throw new LoginException("User supplied a user name, not a guest")
+        return false;
       }
     } catch {
       case ioe: IOException =>
@@ -85,9 +85,7 @@ class GuestLoginModule extends LoginModu
     try {
       val callback = new PasswordCallback("Password: ", false)
       callback_handler.handle(Array(callback))
-      if( callback.getPassword!=null && callback.getPassword.size>=0 ) {
-        throw new LoginException("User supplied a password, not a guest")
-      }
+      return false;
     } catch {
       case ioe: IOException =>
         throw new LoginException(ioe.getMessage())

Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SocketAddressLoginModule.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SocketAddressLoginModule.scala?rev=1161620&r1=1161619&r2=1161620&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SocketAddressLoginModule.scala
(original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SocketAddressLoginModule.scala
Thu Aug 25 16:07:59 2011
@@ -128,7 +128,7 @@ class SocketAddressLoginModule extends L
         }
     }
 
-    return true
+    return false
   }
 
   def matches(file:File, address:SocketAddress):Boolean = {

Modified: activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/login.config
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/login.config?rev=1161620&r1=1161619&r2=1161620&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/login.config
(original)
+++ activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/login.config
Thu Aug 25 16:07:59 2011
@@ -22,7 +22,7 @@ apollo {
   // The black-list.txt is a text file that contains a new line separated IP address
   // which are not allowed to connect to this server.
   //
-  org.apache.activemq.apollo.broker.security.SocketAddressLoginModule required
+  org.apache.activemq.apollo.broker.security.SocketAddressLoginModule requisite
     // Uncomment to use a while list of allowed address that can connect to us
     // white_list_file="white-list.txt"
     black_list_file="black-list.txt"



Mime
View raw message