activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From clebertsuco...@apache.org
Subject [1/2] activemq-artemis git commit: Set default password properly in security manager
Date Wed, 08 Jul 2015 15:51:17 GMT
Repository: activemq-artemis
Updated Branches:
  refs/heads/master f72c18352 -> 5b75f59bd


Set default password properly in security manager

The current Security Manager implementation was returning the username
instead of the default password when validating  the default user.

This patch returns the correct value and cleans up the validate method.


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/19dc0594
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/19dc0594
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/19dc0594

Branch: refs/heads/master
Commit: 19dc0594e5724b1232c11b3c3bf754abd0e70c54
Parents: f72c183
Author: Martyn Taylor <mtaylor@redhat.com>
Authored: Tue Jul 7 15:18:02 2015 +0100
Committer: Martyn Taylor <mtaylor@redhat.com>
Committed: Wed Jul 8 16:25:11 2015 +0100

----------------------------------------------------------------------
 .../security/ActiveMQSecurityManagerImpl.java   | 28 +++++++++++++-------
 .../impl/ActiveMQSecurityManagerImplTest.java   |  5 ++--
 2 files changed, 21 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/19dc0594/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManagerImpl.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManagerImpl.java
b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManagerImpl.java
index a6f4774..c3bd1a2 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManagerImpl.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManagerImpl.java
@@ -23,6 +23,7 @@ import org.apache.activemq.artemis.core.config.impl.SecurityConfiguration;
 import org.apache.activemq.artemis.core.security.CheckType;
 import org.apache.activemq.artemis.core.security.Role;
 import org.apache.activemq.artemis.core.security.User;
+import org.apache.activemq.artemis.core.server.ActiveMQServerLogger;
 
 /**
  * A basic implementation of the ActiveMQSecurityManager. This can be used within an appserver
and be deployed by
@@ -32,6 +33,8 @@ public class ActiveMQSecurityManagerImpl implements ActiveMQSecurityManager
 {
    private final SecurityConfiguration configuration;
 
+   private ActiveMQServerLogger logger = ActiveMQServerLogger.LOGGER;
+
    public ActiveMQSecurityManagerImpl()
    {
       configuration = new SecurityConfiguration();
@@ -44,19 +47,24 @@ public class ActiveMQSecurityManagerImpl implements ActiveMQSecurityManager
 
    // Public ---------------------------------------------------------------------
 
-   public boolean validateUser(final String user, final String password)
+   public boolean validateUser(final String username, final String password)
    {
-      if (user == null && configuration.getDefaultUser() == null)
+      if (username != null)
       {
-         return false;
+         User user = configuration.getUser(username);
+         return user != null && user.isValid(username, password);
+      }
+      else if (username == null && password == null)
+      {
+         return configuration.getDefaultUser() != null;
+      }
+      else // the only possible case here is user == null, password != null
+      {
+         logger.debug("Validating default user against a provided password.  This happens
when username=null, password!=null");
+         String defaultUsername = configuration.getDefaultUser();
+         User defaultUser = configuration.getUser(defaultUsername);
+         return defaultUser != null && defaultUser.isValid(defaultUsername, password);
       }
-
-      String defaultUser = configuration.getDefaultUser();
-      User theUser = configuration.getUser(user == null ? defaultUser : user);
-
-      boolean ok = theUser != null && theUser.isValid(user == null ? defaultUser
: user, password == null ? defaultUser
-                                                                                        
                : password);
-      return ok;
    }
 
    public boolean validateUserAndRole(final String user,

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/19dc0594/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/security/impl/ActiveMQSecurityManagerImplTest.java
----------------------------------------------------------------------
diff --git a/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/security/impl/ActiveMQSecurityManagerImplTest.java
b/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/security/impl/ActiveMQSecurityManagerImplTest.java
index 08e8d80..c729d27 100644
--- a/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/security/impl/ActiveMQSecurityManagerImplTest.java
+++ b/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/security/impl/ActiveMQSecurityManagerImplTest.java
@@ -57,11 +57,12 @@ public class ActiveMQSecurityManagerImplTest extends ActiveMQTestBase
    @Test
    public void testDefaultSecurity()
    {
-      securityManager.getConfiguration().addUser("guest", "guest");
+      securityManager.getConfiguration().addUser("guest", "password");
       securityManager.getConfiguration().addRole("guest", "guest");
       securityManager.getConfiguration().setDefaultUser("guest");
       Assert.assertTrue(securityManager.validateUser(null, null));
-      Assert.assertTrue(securityManager.validateUser("guest", "guest"));
+      Assert.assertTrue(securityManager.validateUser("guest", "password"));
+      Assert.assertFalse(securityManager.validateUser(null, "wrongpass"));
       HashSet<Role> roles = new HashSet<Role>();
       roles.add(new Role("guest", true, true, true, true, true, true, true));
       Assert.assertTrue(securityManager.validateUserAndRole(null, null, roles, CheckType.CREATE_DURABLE_QUEUE));


Mime
View raw message