activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From clebertsuco...@apache.org
Subject [1/2] activemq-artemis git commit: ARTEMIS-1092 Validated user + AMQP fix
Date Wed, 05 Apr 2017 00:07:36 GMT
Repository: activemq-artemis
Updated Branches:
  refs/heads/master 5adce230a -> 22c6f4034


ARTEMIS-1092 Validated user + AMQP fix

When populate-validated-user = true AMQP messages can cause exceptions.
This feature isn't particularly applicable to AMQP so this commit
eliminates the exception and leaves the AMQP messages untouched
even if populate-validated-user = true. In other words,
populate-validated-user + AMQP is not supported.


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/073a2806
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/073a2806
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/073a2806

Branch: refs/heads/master
Commit: 073a280629e8a29a19f2774e1c55fe58d111c883
Parents: 5adce23
Author: Justin Bertram <jbertram@apache.org>
Authored: Fri Mar 31 10:24:20 2017 -0500
Committer: Justin Bertram <jbertram@apache.org>
Committed: Tue Apr 4 14:46:22 2017 -0500

----------------------------------------------------------------------
 .../activemq/artemis/api/core/Message.java      |  8 +++++
 .../artemis/core/message/impl/CoreMessage.java  | 11 +++++++
 .../artemis/jms/client/ActiveMQMessage.java     |  2 +-
 .../artemis/core/protocol/stomp/StompUtils.java |  4 +--
 .../core/server/impl/ServerSessionImpl.java     |  2 +-
 .../integration/security/SecurityTest.java      | 33 +++++++++++++++++++-
 6 files changed, 55 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/073a2806/artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/Message.java
----------------------------------------------------------------------
diff --git a/artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/Message.java
b/artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/Message.java
index 856e865..e9c4fec 100644
--- a/artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/Message.java
+++ b/artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/Message.java
@@ -314,6 +314,14 @@ public interface Message {
 
    Message setUserID(Object userID);
 
+   default  String getValidatedUserID() {
+      return null;
+   }
+
+   default Message setValidatedUserID(String validatedUserID) {
+      return this;
+   }
+
    /**
     * Returns whether this message is durable or not.
     */

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/073a2806/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/message/impl/CoreMessage.java
----------------------------------------------------------------------
diff --git a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/message/impl/CoreMessage.java
b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/message/impl/CoreMessage.java
index 8f24cc0..215c268 100644
--- a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/message/impl/CoreMessage.java
+++ b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/message/impl/CoreMessage.java
@@ -384,6 +384,17 @@ public class CoreMessage extends RefCountMessage implements ICoreMessage
{
    }
 
    @Override
+   public String getValidatedUserID() {
+      return getStringProperty(Message.HDR_VALIDATED_USER);
+   }
+
+   @Override
+   public CoreMessage setValidatedUserID(String validatedUserID) {
+      putStringProperty(Message.HDR_VALIDATED_USER, SimpleString.toSimpleString(validatedUserID));
+      return this;
+   }
+
+   @Override
    public CoreMessage setMessageID(long messageID) {
       this.messageID = messageID;
       if (messageIDPosition >= 0 && validBuffer) {

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/073a2806/artemis-jms-client/src/main/java/org/apache/activemq/artemis/jms/client/ActiveMQMessage.java
----------------------------------------------------------------------
diff --git a/artemis-jms-client/src/main/java/org/apache/activemq/artemis/jms/client/ActiveMQMessage.java
b/artemis-jms-client/src/main/java/org/apache/activemq/artemis/jms/client/ActiveMQMessage.java
index 64c8f16..f13f602 100644
--- a/artemis-jms-client/src/main/java/org/apache/activemq/artemis/jms/client/ActiveMQMessage.java
+++ b/artemis-jms-client/src/main/java/org/apache/activemq/artemis/jms/client/ActiveMQMessage.java
@@ -588,7 +588,7 @@ public class ActiveMQMessage implements javax.jms.Message {
          if (MessageUtil.JMSXGROUPID.equals(name)) {
             return message.getStringProperty(org.apache.activemq.artemis.api.core.Message.HDR_GROUP_ID);
          } else if (MessageUtil.JMSXUSERID.equals(name)) {
-            return message.getStringProperty(org.apache.activemq.artemis.api.core.Message.HDR_VALIDATED_USER);
+            return message.getValidatedUserID();
          } else {
             return message.getStringProperty(new SimpleString(name));
          }

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/073a2806/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompUtils.java
----------------------------------------------------------------------
diff --git a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompUtils.java
b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompUtils.java
index 7db9d82..b05058b 100644
--- a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompUtils.java
+++ b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompUtils.java
@@ -101,8 +101,8 @@ public class StompUtils {
       if (message.getStringProperty(Message.HDR_CONTENT_TYPE.toString()) != null) {
          command.addHeader(Stomp.Headers.CONTENT_TYPE, message.getStringProperty(Message.HDR_CONTENT_TYPE.toString()));
       }
-      if (message.getStringProperty(Message.HDR_VALIDATED_USER.toString()) != null) {
-         command.addHeader(Stomp.Headers.Message.VALIDATED_USER, message.getStringProperty(Message.HDR_VALIDATED_USER.toString()));
+      if (message.getValidatedUserID() != null) {
+         command.addHeader(Stomp.Headers.Message.VALIDATED_USER, message.getValidatedUserID());
       }
 
       // now let's add all the rest of the message headers

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/073a2806/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ServerSessionImpl.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ServerSessionImpl.java
b/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ServerSessionImpl.java
index ae4c16e..edd7afc 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ServerSessionImpl.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ServerSessionImpl.java
@@ -1307,7 +1307,7 @@ public class ServerSessionImpl implements ServerSession, FailureListener
{
       }
 
       if (server.getConfiguration().isPopulateValidatedUser() && validatedUser !=
null) {
-         message.putStringProperty(Message.HDR_VALIDATED_USER, SimpleString.toSimpleString(validatedUser));
+         message.setValidatedUserID(validatedUser);
       }
 
       SimpleString address = message.getAddressSimpleString();

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/073a2806/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/SecurityTest.java
----------------------------------------------------------------------
diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/SecurityTest.java
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/SecurityTest.java
index 9f71e91..30b2dbc 100644
--- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/SecurityTest.java
+++ b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/SecurityTest.java
@@ -29,6 +29,7 @@ import java.util.Set;
 import org.apache.activemq.artemis.api.core.ActiveMQException;
 import org.apache.activemq.artemis.api.core.ActiveMQExceptionType;
 import org.apache.activemq.artemis.api.core.ActiveMQSecurityException;
+import org.apache.activemq.artemis.api.core.RoutingType;
 import org.apache.activemq.artemis.api.core.SimpleString;
 import org.apache.activemq.artemis.api.core.TransportConfiguration;
 import org.apache.activemq.artemis.api.core.client.ActiveMQClient;
@@ -46,7 +47,6 @@ import org.apache.activemq.artemis.core.security.Role;
 import org.apache.activemq.artemis.core.server.ActiveMQServer;
 import org.apache.activemq.artemis.core.server.ActiveMQServers;
 import org.apache.activemq.artemis.core.server.Queue;
-import org.apache.activemq.artemis.api.core.RoutingType;
 import org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl;
 import org.apache.activemq.artemis.core.server.impl.AddressInfo;
 import org.apache.activemq.artemis.core.settings.HierarchicalRepository;
@@ -110,6 +110,37 @@ public class SecurityTest extends ActiveMQTestBase {
    }
 
    @Test
+   public void testJAASSecurityManagerAuthenticationWithValidateUser() throws Exception {
+      ActiveMQJAASSecurityManager securityManager = new ActiveMQJAASSecurityManager("PropertiesLogin");
+      ActiveMQServer server = addServer(ActiveMQServers.newActiveMQServer(createDefaultInVMConfig().setSecurityEnabled(true),
ManagementFactory.getPlatformMBeanServer(), securityManager, false));
+      server.getConfiguration().setPopulateValidatedUser(true);
+      server.start();
+      Role role = new Role("programmers", true, true, true, true, true, true, true, true,
true, true);
+      Set<Role> roles = new HashSet<>();
+      roles.add(role);
+      server.getSecurityRepository().addMatch("#", roles);
+      ClientSessionFactory cf = createSessionFactory(locator);
+
+      try {
+         ClientSession session = cf.createSession("first", "secret", false, true, true, false,
0);
+         server.createQueue(SimpleString.toSimpleString("address"), RoutingType.ANYCAST,
SimpleString.toSimpleString("queue"), null, true, false);
+         ClientProducer producer = session.createProducer("address");
+         producer.send(session.createMessage(true));
+         session.commit();
+         producer.close();
+         ClientConsumer consumer = session.createConsumer("queue");
+         session.start();
+         ClientMessage message = consumer.receive(1000);
+         assertNotNull(message);
+         assertEquals("first", message.getValidatedUserID());
+         session.close();
+      } catch (ActiveMQException e) {
+         e.printStackTrace();
+         Assert.fail("should not throw exception");
+      }
+   }
+
+   @Test
    public void testJAASSecurityManagerAuthenticationWithCerts() throws Exception {
       ActiveMQJAASSecurityManager securityManager = new ActiveMQJAASSecurityManager("CertLogin");
       ActiveMQServer server = addServer(ActiveMQServers.newActiveMQServer(createDefaultInVMConfig().setSecurityEnabled(true),
ManagementFactory.getPlatformMBeanServer(), securityManager, false));


Mime
View raw message