Return-Path: X-Original-To: apmail-activemq-commits-archive@www.apache.org Delivered-To: apmail-activemq-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 756DB10C85 for ; Tue, 27 Aug 2013 11:49:11 +0000 (UTC) Received: (qmail 66669 invoked by uid 500); 27 Aug 2013 11:49:11 -0000 Delivered-To: apmail-activemq-commits-archive@activemq.apache.org Received: (qmail 66586 invoked by uid 500); 27 Aug 2013 11:49:07 -0000 Mailing-List: contact commits-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@activemq.apache.org Delivered-To: mailing list commits@activemq.apache.org Received: (qmail 66579 invoked by uid 99); 27 Aug 2013 11:49:05 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Aug 2013 11:49:05 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Aug 2013 11:48:58 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 95FB523888A6; Tue, 27 Aug 2013 11:48:35 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1517794 - in /activemq/trunk: activemq-broker/src/main/java/org/apache/activemq/broker/ activemq-broker/src/main/java/org/apache/activemq/broker/region/ activemq-broker/src/main/java/org/apache/activemq/security/ activemq-runtime-config/ a... Date: Tue, 27 Aug 2013 11:48:35 -0000 To: commits@activemq.apache.org From: gtully@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20130827114835.95FB523888A6@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: gtully Date: Tue Aug 27 11:48:34 2013 New Revision: 1517794 URL: http://svn.apache.org/r1517794 Log: https://issues.apache.org/jira/browse/AMQ-4682 - support updates to authorizationPlugin/map/authorizationMap Added: activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/AuthorizationTest.java (with props) activemq/trunk/activemq-runtime-config/src/test/resources/groups.properties (with props) activemq/trunk/activemq-runtime-config/src/test/resources/login.config activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users-guests.xml (with props) activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users.xml (with props) activemq/trunk/activemq-runtime-config/src/test/resources/users.properties (with props) Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/BrokerService.java activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/region/CompositeDestinationInterceptor.java activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationBroker.java activemq/trunk/activemq-runtime-config/pom.xml activemq/trunk/activemq-runtime-config/src/main/java/org/apache/activemq/plugin/RuntimeConfigurationBroker.java activemq/trunk/activemq-runtime-config/src/main/resources/binding.xjb activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/RuntimeConfigTestSupport.java activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/VirtualDestTest.java activemq/trunk/activemq-spring/src/main/java/org/apache/activemq/security/XBeanAuthorizationEntry.java Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/BrokerService.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/BrokerService.java?rev=1517794&r1=1517793&r2=1517794&view=diff ============================================================================== --- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/BrokerService.java (original) +++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/BrokerService.java Tue Aug 27 11:48:34 2013 @@ -173,7 +173,7 @@ public class BrokerService implements Se private boolean useMirroredQueues = false; private boolean useTempMirroredQueues = true; private BrokerId brokerId; - private DestinationInterceptor[] destinationInterceptors; + private volatile DestinationInterceptor[] destinationInterceptors; private ActiveMQDestination[] destinations; private PListStore tempDataStore; private int persistenceThreadPriority = Thread.MAX_PRIORITY; Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/region/CompositeDestinationInterceptor.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/region/CompositeDestinationInterceptor.java?rev=1517794&r1=1517793&r2=1517794&view=diff ============================================================================== --- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/region/CompositeDestinationInterceptor.java (original) +++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/region/CompositeDestinationInterceptor.java Tue Aug 27 11:48:34 2013 @@ -27,7 +27,7 @@ import org.apache.activemq.command.Activ */ public class CompositeDestinationInterceptor implements DestinationInterceptor { - private DestinationInterceptor[] interceptors; + private volatile DestinationInterceptor[] interceptors; public CompositeDestinationInterceptor(final DestinationInterceptor[] interceptors) { this.interceptors = interceptors; Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationBroker.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationBroker.java?rev=1517794&r1=1517793&r2=1517794&view=diff ============================================================================== --- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationBroker.java (original) +++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationBroker.java Tue Aug 27 11:48:34 2013 @@ -39,13 +39,17 @@ import org.apache.activemq.command.Produ */ public class AuthorizationBroker extends BrokerFilter implements SecurityAdminMBean { - private final AuthorizationMap authorizationMap; + private volatile AuthorizationMap authorizationMap; public AuthorizationBroker(Broker next, AuthorizationMap authorizationMap) { super(next); this.authorizationMap = authorizationMap; } + public void setAuthorizationMap(AuthorizationMap map) { + authorizationMap = map; + } + protected SecurityContext checkSecurityContext(ConnectionContext context) throws SecurityException { final SecurityContext securityContext = context.getSecurityContext(); if (securityContext == null) { @@ -130,7 +134,7 @@ public class AuthorizationBroker extends allowedACLs = authorizationMap.getTempDestinationReadACLs(); } - if (!securityContext.isBrokerContext() && allowedACLs != null && !securityContext.isInOneOf(allowedACLs)) { + if (!securityContext.isBrokerContext() && (allowedACLs == null || !securityContext.isInOneOf(allowedACLs))) { throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to read from: " + info.getDestination()); } securityContext.getAuthorizedReadDests().put(info.getDestination(), info.getDestination()); Modified: activemq/trunk/activemq-runtime-config/pom.xml URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/pom.xml?rev=1517794&r1=1517793&r2=1517794&view=diff ============================================================================== --- activemq/trunk/activemq-runtime-config/pom.xml (original) +++ activemq/trunk/activemq-runtime-config/pom.xml Tue Aug 27 11:48:34 2013 @@ -54,7 +54,7 @@ org.apache.activemq - activemq-kahadb-store + activemq-jaas org.apache.activemq @@ -154,6 +154,26 @@ + + maven-surefire-plugin + + always + + + org.apache.activemq.default.directory.prefix + target/ + + + log4j.configuration + file:target/test-classes/log4j.properties + + + + **/*Test.* + + + + Modified: activemq/trunk/activemq-runtime-config/src/main/java/org/apache/activemq/plugin/RuntimeConfigurationBroker.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/src/main/java/org/apache/activemq/plugin/RuntimeConfigurationBroker.java?rev=1517794&r1=1517793&r2=1517794&view=diff ============================================================================== --- activemq/trunk/activemq-runtime-config/src/main/java/org/apache/activemq/plugin/RuntimeConfigurationBroker.java (original) +++ activemq/trunk/activemq-runtime-config/src/main/java/org/apache/activemq/plugin/RuntimeConfigurationBroker.java Tue Aug 27 11:48:34 2013 @@ -38,6 +38,7 @@ import javax.xml.parsers.DocumentBuilder import javax.xml.parsers.ParserConfigurationException; import javax.xml.validation.Schema; import javax.xml.validation.SchemaFactory; +import org.apache.activemq.broker.Broker; import org.apache.activemq.broker.BrokerFilter; import org.apache.activemq.broker.ConnectionContext; import org.apache.activemq.broker.jmx.ManagementContext; @@ -45,15 +46,29 @@ import org.apache.activemq.broker.region import org.apache.activemq.broker.region.Destination; import org.apache.activemq.broker.region.DestinationInterceptor; import org.apache.activemq.broker.region.RegionBroker; +import org.apache.activemq.broker.region.virtual.CompositeQueue; +import org.apache.activemq.broker.region.virtual.CompositeTopic; import org.apache.activemq.broker.region.virtual.VirtualDestination; +import org.apache.activemq.broker.region.virtual.VirtualDestinationInterceptor; +import org.apache.activemq.broker.region.virtual.VirtualTopic; import org.apache.activemq.command.ActiveMQDestination; +import org.apache.activemq.filter.DestinationMapEntry; +import org.apache.activemq.network.NetworkConnector; import org.apache.activemq.plugin.jmx.RuntimeConfigurationView; -import org.apache.activemq.schema.core.Broker; -import org.apache.activemq.schema.core.CompositeQueue; -import org.apache.activemq.schema.core.CompositeTopic; -import org.apache.activemq.schema.core.NetworkConnector; -import org.apache.activemq.schema.core.VirtualDestinationInterceptor; -import org.apache.activemq.schema.core.VirtualTopic; +import org.apache.activemq.schema.core.DtoAuthorizationEntry; +import org.apache.activemq.schema.core.DtoAuthorizationMap; +import org.apache.activemq.schema.core.DtoAuthorizationPlugin; +import org.apache.activemq.schema.core.DtoBroker; +import org.apache.activemq.schema.core.DtoCompositeQueue; +import org.apache.activemq.schema.core.DtoCompositeTopic; +import org.apache.activemq.schema.core.DtoNetworkConnector; +import org.apache.activemq.schema.core.DtoVirtualDestinationInterceptor; +import org.apache.activemq.schema.core.DtoVirtualTopic; +import org.apache.activemq.security.AuthorizationBroker; +import org.apache.activemq.security.AuthorizationMap; +import org.apache.activemq.security.TempDestinationAuthorizationEntry; +import org.apache.activemq.security.XBeanAuthorizationEntry; +import org.apache.activemq.security.XBeanAuthorizationMap; import org.apache.activemq.spring.Utils; import org.apache.activemq.util.IntrospectionSupport; import org.slf4j.Logger; @@ -67,18 +82,18 @@ public class RuntimeConfigurationBroker public static final Logger LOG = LoggerFactory.getLogger(RuntimeConfigurationBroker.class); public static final String objectNamePropsAppendage = ",service=RuntimeConfiguration,name=Plugin"; + private final ReentrantReadWriteLock addDestinationBarrier = new ReentrantReadWriteLock(); private long checkPeriod; private long lastModified = -1; private Resource configToMonitor; - private Broker currentConfiguration; + private DtoBroker currentConfiguration; private Runnable monitorTask; private ConcurrentLinkedQueue destinationInterceptorUpdateWork = new ConcurrentLinkedQueue(); - private final ReentrantReadWriteLock addDestinationBarrier = new ReentrantReadWriteLock(); private ObjectName objectName; private String infoString; private Schema schema; - public RuntimeConfigurationBroker(org.apache.activemq.broker.Broker next) { + public RuntimeConfigurationBroker(Broker next) { super(next); } @@ -122,7 +137,7 @@ public class RuntimeConfigurationBroker } private void unregisterMbean() { - if (objectName != null) { + if (objectName != null) { try { getBrokerService().getManagementContext().unregisterMBean(objectName); } catch (JMException ignored) { @@ -200,9 +215,8 @@ public class RuntimeConfigurationBroker } } - private void applyModifications(Resource configToMonitor) { - Broker changed = loadConfiguration(configToMonitor); + DtoBroker changed = loadConfiguration(configToMonitor); if (changed != null && !currentConfiguration.equals(changed)) { LOG.info("change in " + configToMonitor + " at: " + new Date(lastModified)); LOG.debug("current:" + currentConfiguration); @@ -214,14 +228,17 @@ public class RuntimeConfigurationBroker } } - private void processSelectiveChanges(Broker currentConfiguration, Broker modifiedConfiguration) { + private void processSelectiveChanges(DtoBroker currentConfiguration, DtoBroker modifiedConfiguration) { - for (Class upDatable : new Class[]{Broker.NetworkConnectors.class, Broker.DestinationInterceptors.class}) { - processChanges(currentConfiguration, modifiedConfiguration, upDatable); + for (Class upDatable : new Class[]{ + DtoBroker.NetworkConnectors.class, + DtoBroker.DestinationInterceptors.class, + DtoBroker.Plugins.class}) { + processChanges(currentConfiguration, modifiedConfiguration, upDatable); } } - private void processChanges(Broker currentConfiguration, Broker modifiedConfiguration, Class upDatable) { + private void processChanges(DtoBroker currentConfiguration, DtoBroker modifiedConfiguration, Class upDatable) { List current = filter(currentConfiguration, upDatable); List modified = filter(modifiedConfiguration, upDatable); @@ -263,10 +280,9 @@ public class RuntimeConfigurationBroker for (; modIndex < modification.size() && currentIndex < current.size(); modIndex++, currentIndex++) { Object existing = current.get(currentIndex); Object candidate = modification.get(modIndex); - if (! existing.equals(candidate)) { + if (!existing.equals(candidate)) { info("modification to:" + existing + " , with: " + candidate); - remove(existing); - addNew(candidate); + modify(existing, candidate); } } @@ -279,10 +295,59 @@ public class RuntimeConfigurationBroker } } + private void modify(Object existing, Object candidate) { + if (candidate instanceof DtoAuthorizationPlugin) { + try { + // replace authorization map - need exclusive write lock to total broker + AuthorizationBroker authorizationBroker = + (AuthorizationBroker) getBrokerService().getBroker().getAdaptor(AuthorizationBroker.class); + + authorizationBroker.setAuthorizationMap(fromDto(filter(candidate, DtoAuthorizationPlugin.Map.class))); + } catch (Exception e) { + info("failed to apply modified AuthorizationMap to AuthorizationBroker", e); + } + } else { + remove(existing); + addNew(candidate); + } + } + + private AuthorizationMap fromDto(List map) { + XBeanAuthorizationMap xBeanAuthorizationMap = new XBeanAuthorizationMap(); + for (Object o : map) { + if (o instanceof DtoAuthorizationPlugin.Map) { + DtoAuthorizationPlugin.Map dtoMap = (DtoAuthorizationPlugin.Map) o; + List entries = new LinkedList(); + // revisit - would like to map getAuthorizationMap to generic getContents + for (Object authMap : filter(dtoMap.getAuthorizationMap(), DtoAuthorizationMap.AuthorizationEntries.class)) { + for (Object entry : filter(getContents(authMap), DtoAuthorizationEntry.class)) { + entries.add(fromDto(entry, new XBeanAuthorizationEntry())); + } + } + xBeanAuthorizationMap.setAuthorizationEntries(entries); + try { + xBeanAuthorizationMap.afterPropertiesSet(); + } catch (Exception e) { + info("failed to update xBeanAuthorizationMap auth entries:", e); + } + + for (Object entry : filter(dtoMap.getAuthorizationMap(), DtoAuthorizationMap.TempDestinationAuthorizationEntry.class)) { + // another restriction - would like to be getContents + DtoAuthorizationMap.TempDestinationAuthorizationEntry dtoEntry = (DtoAuthorizationMap.TempDestinationAuthorizationEntry) entry; + xBeanAuthorizationMap.setTempDestinationAuthorizationEntry(fromDto(dtoEntry.getTempDestinationAuthorizationEntry(), new TempDestinationAuthorizationEntry())); + } + + } else { + info("No support for updates to: " + o); + } + } + return xBeanAuthorizationMap; + } + private void remove(Object o) { - if (o instanceof NetworkConnector) { - NetworkConnector toRemove = (NetworkConnector) o; - for (org.apache.activemq.network.NetworkConnector existingCandidate : + if (o instanceof DtoNetworkConnector) { + DtoNetworkConnector toRemove = (DtoNetworkConnector) o; + for (NetworkConnector existingCandidate : getBrokerService().getNetworkConnectors()) { if (configMatch(toRemove, existingCandidate)) { if (getBrokerService().removeNetworkConnector(existingCandidate)) { @@ -295,13 +360,13 @@ public class RuntimeConfigurationBroker } } } - } else if (o instanceof VirtualDestinationInterceptor) { + } else if (o instanceof DtoVirtualDestinationInterceptor) { // whack it destinationInterceptorUpdateWork.add(new Runnable() { public void run() { List interceptorsList = new ArrayList(); for (DestinationInterceptor candidate : getBrokerService().getDestinationInterceptors()) { - if (!(candidate instanceof org.apache.activemq.broker.region.virtual.VirtualDestinationInterceptor)) { + if (!(candidate instanceof VirtualDestinationInterceptor)) { interceptorsList.add(candidate); } } @@ -316,7 +381,7 @@ public class RuntimeConfigurationBroker } } - private boolean configMatch(NetworkConnector dto, org.apache.activemq.network.NetworkConnector candidate) { + private boolean configMatch(DtoNetworkConnector dto, NetworkConnector candidate) { TreeMap dtoProps = new TreeMap(); IntrospectionSupport.getProperties(dto, dtoProps, null); @@ -333,11 +398,11 @@ public class RuntimeConfigurationBroker } private void addNew(Object o) { - if (o instanceof NetworkConnector) { - NetworkConnector networkConnector = (NetworkConnector) o; + if (o instanceof DtoNetworkConnector) { + DtoNetworkConnector networkConnector = (DtoNetworkConnector) o; if (networkConnector.getUri() != null) { try { - org.apache.activemq.network.NetworkConnector nc = + NetworkConnector nc = getBrokerService().addNetworkConnector(networkConnector.getUri()); Properties properties = new Properties(); IntrospectionSupport.getProperties(networkConnector, properties, null); @@ -350,18 +415,18 @@ public class RuntimeConfigurationBroker info("Failed to add new networkConnector " + networkConnector, e); } } - } else if (o instanceof VirtualDestinationInterceptor) { - final VirtualDestinationInterceptor dto = (VirtualDestinationInterceptor) o; + } else if (o instanceof DtoVirtualDestinationInterceptor) { + final DtoVirtualDestinationInterceptor dto = (DtoVirtualDestinationInterceptor) o; destinationInterceptorUpdateWork.add(new Runnable() { public void run() { boolean updatedExistingInterceptor = false; for (DestinationInterceptor destinationInterceptor : getBrokerService().getDestinationInterceptors()) { - if (destinationInterceptor instanceof org.apache.activemq.broker.region.virtual.VirtualDestinationInterceptor) { + if (destinationInterceptor instanceof VirtualDestinationInterceptor) { // update existing interceptor - final org.apache.activemq.broker.region.virtual.VirtualDestinationInterceptor virtualDestinationInterceptor = - (org.apache.activemq.broker.region.virtual.VirtualDestinationInterceptor) destinationInterceptor; + final VirtualDestinationInterceptor virtualDestinationInterceptor = + (VirtualDestinationInterceptor) destinationInterceptor; virtualDestinationInterceptor.setVirtualDestinations(fromDto(dto)); info("applied updates to: " + virtualDestinationInterceptor); @@ -371,8 +436,8 @@ public class RuntimeConfigurationBroker if (!updatedExistingInterceptor) { // add - org.apache.activemq.broker.region.virtual.VirtualDestinationInterceptor virtualDestinationInterceptor = - new org.apache.activemq.broker.region.virtual.VirtualDestinationInterceptor(); + VirtualDestinationInterceptor virtualDestinationInterceptor = + new VirtualDestinationInterceptor(); virtualDestinationInterceptor.setVirtualDestinations(fromDto(dto)); List interceptorsList = new ArrayList(); @@ -381,8 +446,10 @@ public class RuntimeConfigurationBroker DestinationInterceptor[] destinationInterceptors = interceptorsList.toArray(new DestinationInterceptor[]{}); getBrokerService().setDestinationInterceptors(destinationInterceptors); - ((CompositeDestinationInterceptor) ((RegionBroker) getBrokerService().getRegionBroker()).getDestinationInterceptor()).setInterceptors(destinationInterceptors); + RegionBroker regionBroker = (RegionBroker) getBrokerService().getRegionBroker(); + ((CompositeDestinationInterceptor) regionBroker.getDestinationInterceptor()).setInterceptors(destinationInterceptors); info("applied new: " + interceptorsList); + Thread.dumpStack(); } } }); @@ -391,17 +458,17 @@ public class RuntimeConfigurationBroker } } - private VirtualDestination[] fromDto(VirtualDestinationInterceptor virtualDestinationInterceptor) { + private VirtualDestination[] fromDto(DtoVirtualDestinationInterceptor virtualDestinationInterceptor) { List answer = new ArrayList(); - for (Object vd : filter(virtualDestinationInterceptor, VirtualDestinationInterceptor.VirtualDestinations.class)) { - for (Object vt : filter(vd, VirtualTopic.class)) { - answer.add(fromDto(vt, new org.apache.activemq.broker.region.virtual.VirtualTopic())); + for (Object vd : filter(virtualDestinationInterceptor, DtoVirtualDestinationInterceptor.VirtualDestinations.class)) { + for (Object vt : filter(vd, DtoVirtualTopic.class)) { + answer.add(fromDto(vt, new VirtualTopic())); } - for (Object vt : filter(vd, CompositeTopic.class)) { - answer.add(fromDto(vt, new org.apache.activemq.broker.region.virtual.CompositeTopic())); + for (Object vt : filter(vd, DtoCompositeTopic.class)) { + answer.add(fromDto(vt, new CompositeTopic())); } - for (Object vt : filter(vd, CompositeQueue.class)) { - answer.add(fromDto(vt, new org.apache.activemq.broker.region.virtual.CompositeQueue())); + for (Object vt : filter(vd, DtoCompositeQueue.class)) { + answer.add(fromDto(vt, new CompositeQueue())); } } VirtualDestination[] array = new VirtualDestination[answer.size()]; @@ -409,7 +476,7 @@ public class RuntimeConfigurationBroker return array; } - private VirtualDestination fromDto(Object dto, VirtualDestination instance) { + private T fromDto(Object dto, T instance) { Properties properties = new Properties(); IntrospectionSupport.getProperties(dto, properties, null); LOG.trace("applying props: " + properties + ", to " + instance.getClass().getSimpleName()); @@ -436,11 +503,11 @@ public class RuntimeConfigurationBroker return result; } - private Broker loadConfiguration(Resource configToMonitor) { - Broker jaxbConfig = null; + private DtoBroker loadConfiguration(Resource configToMonitor) { + DtoBroker jaxbConfig = null; if (configToMonitor != null) { try { - JAXBContext context = JAXBContext.newInstance(Broker.class); + JAXBContext context = JAXBContext.newInstance(DtoBroker.class); Unmarshaller unMarshaller = context.createUnmarshaller(); unMarshaller.setSchema(getSchema()); @@ -451,8 +518,8 @@ public class RuntimeConfigurationBroker Document doc = db.parse(configToMonitor.getInputStream()); Node brokerRootNode = doc.getElementsByTagName("broker").item(0); - JAXBElement brokerJAXBElement = - unMarshaller.unmarshal(brokerRootNode, Broker.class); + JAXBElement brokerJAXBElement = + unMarshaller.unmarshal(brokerRootNode, DtoBroker.class); jaxbConfig = brokerJAXBElement.getValue(); // if we can parse we can track mods @@ -480,10 +547,6 @@ public class RuntimeConfigurationBroker return schema; } - public void setCheckPeriod(long checkPeriod) { - this.checkPeriod = checkPeriod; - } - public long getLastModified() { return lastModified; } @@ -495,4 +558,8 @@ public class RuntimeConfigurationBroker public long getCheckPeriod() { return checkPeriod; } + + public void setCheckPeriod(long checkPeriod) { + this.checkPeriod = checkPeriod; + } } \ No newline at end of file Modified: activemq/trunk/activemq-runtime-config/src/main/resources/binding.xjb URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/src/main/resources/binding.xjb?rev=1517794&r1=1517793&r2=1517794&view=diff ============================================================================== --- activemq/trunk/activemq-runtime-config/src/main/resources/binding.xjb (original) +++ activemq/trunk/activemq-runtime-config/src/main/resources/binding.xjb Tue Aug 27 11:48:34 2013 @@ -4,6 +4,12 @@ + + + + + + @@ -17,6 +23,10 @@ + + + + @@ -25,5 +35,17 @@ + + + + + + + + + + + + Added: activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/AuthorizationTest.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/AuthorizationTest.java?rev=1517794&view=auto ============================================================================== --- activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/AuthorizationTest.java (added) +++ activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/AuthorizationTest.java Tue Aug 27 11:48:34 2013 @@ -0,0 +1,93 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.activemq; + +import javax.jms.JMSException; +import javax.jms.Session; +import org.junit.Test; + + +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +public class AuthorizationTest extends RuntimeConfigTestSupport { + + String configurationSeed = "authorizationTest"; + + @Test + public void testMod() throws Exception { + final String brokerConfig = configurationSeed + "-auth-broker"; + applyNewConfig(brokerConfig, configurationSeed + "-users"); + startBroker(brokerConfig); + assertTrue("broker alive", brokerService.isStarted()); + + assertAllowed("user", "USERS.A"); + assertDenied("user", "GUESTS.A"); + + assertDeniedTemp("guest"); + + applyNewConfig(brokerConfig, configurationSeed + "-users-guests", SLEEP); + + assertAllowed("user", "USERS.A"); + assertAllowed("guest", "GUESTS.A"); + assertDenied("user", "GUESTS.A"); + + assertAllowedTemp("guest"); + } + + private void assertDeniedTemp(String userPass) { + try { + assertAllowedTemp(userPass); + fail("Expected not allowed exception"); + } catch (Exception expected) { + LOG.debug("got:" + expected, expected); + } + } + + private void assertAllowedTemp(String userPass) throws Exception { + ActiveMQConnection connection = new ActiveMQConnectionFactory("vm://localhost").createActiveMQConnection(userPass, userPass); + connection.start(); + try { + Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE); + session.createConsumer(session.createTemporaryQueue()); + } finally { + connection.close(); + } + + } + + private void assertDenied(String userPass, String destination) { + try { + assertAllowed(userPass, destination); + fail("Expected not allowed exception"); + } catch (JMSException expected) { + LOG.debug("got:" + expected, expected); + } + } + + private void assertAllowed(String userPass, String dest) throws JMSException { + ActiveMQConnection connection = new ActiveMQConnectionFactory("vm://localhost").createActiveMQConnection(userPass, userPass); + connection.start(); + try { + Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE); + session.createConsumer(session.createQueue(dest)); + } finally { + connection.close(); + } + } + +} Propchange: activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/AuthorizationTest.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/AuthorizationTest.java ------------------------------------------------------------------------------ svn:keywords = Rev Date Modified: activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/RuntimeConfigTestSupport.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/RuntimeConfigTestSupport.java?rev=1517794&r1=1517793&r2=1517794&view=diff ============================================================================== --- activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/RuntimeConfigTestSupport.java (original) +++ activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/RuntimeConfigTestSupport.java Tue Aug 27 11:48:34 2013 @@ -67,5 +67,6 @@ public class RuntimeConfigTestSupport { @After public void stopBroker() throws Exception { brokerService.stop(); + brokerService.waitUntilStopped(); } } Modified: activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/VirtualDestTest.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/VirtualDestTest.java?rev=1517794&r1=1517793&r2=1517794&view=diff ============================================================================== --- activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/VirtualDestTest.java (original) +++ activemq/trunk/activemq-runtime-config/src/test/java/org/apache/activemq/VirtualDestTest.java Tue Aug 27 11:48:34 2013 @@ -65,7 +65,7 @@ public class VirtualDestTest extends Run // apply again - ensure no change applyNewConfig(brokerConfig, configurationSeed + "-one-vd"); - assertSame("same instance", newValue, (((VirtualDestinationInterceptor) brokerService.getDestinationInterceptors()[0]))); + assertSame("same instance", newValue, brokerService.getDestinationInterceptors()[0]); } @@ -96,7 +96,7 @@ public class VirtualDestTest extends Run // apply again - ensure no change applyNewConfig(brokerConfig, configurationSeed + "-one-vd"); - assertSame("same instance", newValue, (((VirtualDestinationInterceptor) brokerService.getDestinationInterceptors()[0]))); + assertSame("same instance", newValue, brokerService.getDestinationInterceptors()[0]); } @Test @@ -126,7 +126,7 @@ public class VirtualDestTest extends Run // apply again - ensure no change applyNewConfig(brokerConfig, configurationSeed + "-one-vd"); - assertSame("same instance", newValue, (((VirtualDestinationInterceptor) brokerService.getDestinationInterceptors()[0]))); + assertSame("same instance", newValue, brokerService.getDestinationInterceptors()[0]); } @Test @@ -216,13 +216,15 @@ public class VirtualDestTest extends Run connection.start(); Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE); - MessageConsumer consumer = session.createConsumer(session.createQueue("Consumer.A." + topic)); + ActiveMQMessageConsumer consumer = (ActiveMQMessageConsumer) session.createConsumer(session.createQueue("Consumer.A." + topic)); + LOG.info("new consumer for: " + consumer.getDestination()); MessageProducer producer = session.createProducer(session.createTopic(topic)); final String body = "To vt:" + topic; producer.send(session.createTextMessage(body)); + LOG.info("sent to: " + producer.getDestination()); Message message = null; - for (int i=0; i<5 && message == null; i++) { + for (int i=0; i<10 && message == null; i++) { message = consumer.receive(1000); } assertNotNull("got message", message); Added: activemq/trunk/activemq-runtime-config/src/test/resources/groups.properties URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/src/test/resources/groups.properties?rev=1517794&view=auto ============================================================================== --- activemq/trunk/activemq-runtime-config/src/test/resources/groups.properties (added) +++ activemq/trunk/activemq-runtime-config/src/test/resources/groups.properties Tue Aug 27 11:48:34 2013 @@ -0,0 +1,21 @@ +## --------------------------------------------------------------------------- +## Licensed to the Apache Software Foundation (ASF) under one or more +## contributor license agreements. See the NOTICE file distributed with +## this work for additional information regarding copyright ownership. +## The ASF licenses this file to You under the Apache License, Version 2.0 +## (the "License"); you may not use this file except in compliance with +## the License. You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## --------------------------------------------------------------------------- + +admins=system +tempDestinationAdmins=admins +users=system,user +guests=guest Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/groups.properties ------------------------------------------------------------------------------ svn:eol-style = native Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/groups.properties ------------------------------------------------------------------------------ svn:keywords = Rev Date Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/groups.properties ------------------------------------------------------------------------------ svn:mime-type = text/plain Added: activemq/trunk/activemq-runtime-config/src/test/resources/login.config URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/src/test/resources/login.config?rev=1517794&view=auto ============================================================================== --- activemq/trunk/activemq-runtime-config/src/test/resources/login.config (added) +++ activemq/trunk/activemq-runtime-config/src/test/resources/login.config Tue Aug 27 11:48:34 2013 @@ -0,0 +1,22 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +activemq-domain { + org.apache.activemq.jaas.PropertiesLoginModule required + debug=true + org.apache.activemq.jaas.properties.user="users.properties" + org.apache.activemq.jaas.properties.group="groups.properties"; +}; \ No newline at end of file Added: activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users-guests.xml URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users-guests.xml?rev=1517794&view=auto ============================================================================== --- activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users-guests.xml (added) +++ activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users-guests.xml Tue Aug 27 11:48:34 2013 @@ -0,0 +1,57 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users-guests.xml ------------------------------------------------------------------------------ svn:eol-style = native Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users-guests.xml ------------------------------------------------------------------------------ svn:keywords = Rev Date Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users-guests.xml ------------------------------------------------------------------------------ svn:mime-type = text/xml Added: activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users.xml URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users.xml?rev=1517794&view=auto ============================================================================== --- activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users.xml (added) +++ activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users.xml Tue Aug 27 11:48:34 2013 @@ -0,0 +1,55 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users.xml ------------------------------------------------------------------------------ svn:eol-style = native Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users.xml ------------------------------------------------------------------------------ svn:keywords = Rev Date Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/org/apache/activemq/authorizationTest-users.xml ------------------------------------------------------------------------------ svn:mime-type = text/xml Added: activemq/trunk/activemq-runtime-config/src/test/resources/users.properties URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-runtime-config/src/test/resources/users.properties?rev=1517794&view=auto ============================================================================== --- activemq/trunk/activemq-runtime-config/src/test/resources/users.properties (added) +++ activemq/trunk/activemq-runtime-config/src/test/resources/users.properties Tue Aug 27 11:48:34 2013 @@ -0,0 +1,20 @@ +## --------------------------------------------------------------------------- +## Licensed to the Apache Software Foundation (ASF) under one or more +## contributor license agreements. See the NOTICE file distributed with +## this work for additional information regarding copyright ownership. +## The ASF licenses this file to You under the Apache License, Version 2.0 +## (the "License"); you may not use this file except in compliance with +## the License. You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## --------------------------------------------------------------------------- + +system=system +user=user +guest=guest \ No newline at end of file Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/users.properties ------------------------------------------------------------------------------ svn:eol-style = native Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/users.properties ------------------------------------------------------------------------------ svn:keywords = Rev Date Propchange: activemq/trunk/activemq-runtime-config/src/test/resources/users.properties ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: activemq/trunk/activemq-spring/src/main/java/org/apache/activemq/security/XBeanAuthorizationEntry.java URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-spring/src/main/java/org/apache/activemq/security/XBeanAuthorizationEntry.java?rev=1517794&r1=1517793&r2=1517794&view=diff ============================================================================== --- activemq/trunk/activemq-spring/src/main/java/org/apache/activemq/security/XBeanAuthorizationEntry.java (original) +++ activemq/trunk/activemq-spring/src/main/java/org/apache/activemq/security/XBeanAuthorizationEntry.java Tue Aug 27 11:48:34 2013 @@ -79,4 +79,8 @@ public class XBeanAuthorizationEntry ext } } + @Override + public String toString() { + return "XBeanAuthEntry:" + adminRoles + "," + writeRoles + "," + readRoles; + } }