activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From clebertsuco...@apache.org
Subject [2/2] activemq-artemis git commit: ARTEMIS-270 Supply RemotingConnection for authorization
Date Tue, 20 Oct 2015 22:23:48 GMT
ARTEMIS-270 Supply RemotingConnection for authorization


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/aa7696e3
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/aa7696e3
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/aa7696e3

Branch: refs/heads/master
Commit: aa7696e3293ffe99f5d856dd18c0f5e19573fa31
Parents: 7dc839c
Author: Julian Scheid <julians37@gmail.com>
Authored: Tue Oct 20 23:06:04 2015 +0200
Committer: Clebert Suconic <clebertsuconic@apache.org>
Committed: Tue Oct 20 18:23:41 2015 -0400

----------------------------------------------------------------------
 .../artemis/core/protocol/openwire/OpenWireConnection.java  | 5 +++++
 .../apache/activemq/artemis/core/security/SecurityAuth.java | 3 +++
 .../artemis/core/security/impl/SecurityStoreImpl.java       | 2 +-
 .../artemis/spi/core/security/ActiveMQSecurityManager2.java | 6 ++++--
 .../artemis/tests/integration/security/SecurityTest.java    | 9 ++++++++-
 5 files changed, 21 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/aa7696e3/artemis-protocols/artemis-openwire-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/openwire/OpenWireConnection.java
----------------------------------------------------------------------
diff --git a/artemis-protocols/artemis-openwire-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/openwire/OpenWireConnection.java
b/artemis-protocols/artemis-openwire-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/openwire/OpenWireConnection.java
index 25a985d..4f1f0f6 100644
--- a/artemis-protocols/artemis-openwire-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/openwire/OpenWireConnection.java
+++ b/artemis-protocols/artemis-openwire-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/openwire/OpenWireConnection.java
@@ -426,6 +426,11 @@ public class OpenWireConnection implements RemotingConnection, CommandVisitor,
S
    }
 
    @Override
+   public RemotingConnection getRemotingConnection() {
+      return this;
+   }
+
+   @Override
    public Connection getTransportConnection() {
       return this.transportConnection;
    }

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/aa7696e3/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/SecurityAuth.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/SecurityAuth.java
b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/SecurityAuth.java
index 1325e39..e7d4bb2 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/SecurityAuth.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/SecurityAuth.java
@@ -17,10 +17,13 @@
 
 package org.apache.activemq.artemis.core.security;
 
+import org.apache.activemq.artemis.spi.core.protocol.RemotingConnection;
+
 public interface SecurityAuth {
 
    String getUsername();
 
    String getPassword();
 
+   RemotingConnection getRemotingConnection();
 }

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/aa7696e3/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
index a12ff4f..d3c7d03 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
@@ -163,7 +163,7 @@ public class SecurityStoreImpl implements SecurityStore, HierarchicalRepositoryC
          final boolean validated;
          if (securityManager instanceof ActiveMQSecurityManager2) {
             final ActiveMQSecurityManager2 securityManager2 = (ActiveMQSecurityManager2)
securityManager;
-            validated = securityManager2.validateUserAndRole(user, session.getPassword(),
roles, checkType, saddress);
+            validated = securityManager2.validateUserAndRole(user, session.getPassword(),
roles, checkType, saddress, session.getRemotingConnection());
          }
          else {
             validated = securityManager.validateUserAndRole(user, session.getPassword(),
roles, checkType);

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/aa7696e3/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManager2.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManager2.java
b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManager2.java
index 1e3cb10..72b4121 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManager2.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManager2.java
@@ -20,6 +20,7 @@ import java.util.Set;
 
 import org.apache.activemq.artemis.core.security.CheckType;
 import org.apache.activemq.artemis.core.security.Role;
+import org.apache.activemq.artemis.spi.core.protocol.RemotingConnection;
 
 /**
  * Used to validate whether a user is authorized to connect to the
@@ -43,7 +44,8 @@ public interface ActiveMQSecurityManager2 extends ActiveMQSecurityManager
{
     * @param roles     the user's roles
     * @param checkType which permission to validate
     * @param address   the address for which to perform authorization
+    * @param connection   the user's connection
     * @return true if the user is valid and they have the correct roles for the given destination
address
     */
-   boolean validateUserAndRole(String user, String password, Set<Role> roles, CheckType
checkType, String address);
-}
\ No newline at end of file
+   boolean validateUserAndRole(String user, String password, Set<Role> roles, CheckType
checkType, String address, RemotingConnection connection);
+}

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/aa7696e3/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/SecurityTest.java
----------------------------------------------------------------------
diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/SecurityTest.java
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/SecurityTest.java
index 269c3db..b45ce45 100644
--- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/SecurityTest.java
+++ b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/SecurityTest.java
@@ -33,6 +33,7 @@ import org.apache.activemq.artemis.api.core.client.ClientSession;
 import org.apache.activemq.artemis.api.core.client.ClientSessionFactory;
 import org.apache.activemq.artemis.api.core.client.ServerLocator;
 import org.apache.activemq.artemis.core.config.Configuration;
+import org.apache.activemq.artemis.core.remoting.impl.invm.InVMConnection;
 import org.apache.activemq.artemis.core.security.CheckType;
 import org.apache.activemq.artemis.core.security.Role;
 import org.apache.activemq.artemis.core.server.ActiveMQServer;
@@ -40,6 +41,7 @@ import org.apache.activemq.artemis.core.server.ActiveMQServers;
 import org.apache.activemq.artemis.core.server.Queue;
 import org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl;
 import org.apache.activemq.artemis.core.settings.HierarchicalRepository;
+import org.apache.activemq.artemis.spi.core.protocol.RemotingConnection;
 import org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager;
 import org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager2;
 import org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManagerImpl;
@@ -1470,7 +1472,12 @@ public class SecurityTest extends ActiveMQTestBase {
                final String password,
                final Set<Role> requiredRoles,
                final CheckType checkType,
-               final String address) {
+               final String address,
+               final RemotingConnection connection) {
+
+               if (!(connection.getTransportConnection() instanceof InVMConnection)) {
+                  return false;
+               }
 
                if ((username.equals("foo") || username.equals("bar") || username.equals("all"))
&&
                    password.equals("frobnicate")) {


Mime
View raw message