Examples with ActiveMQException org.apache.activemq.artemis.api.core.ActiveMQException used on opensource projects

Example 96 with ActiveMQException

use of org.apache.activemq.artemis.api.core.ActiveMQException in project activemq-artemis by apache.

the class SecurityTest method testCustomSecurityManager2.

@Test
public void testCustomSecurityManager2() throws Exception {
    final Configuration configuration = createDefaultInVMConfig().setSecurityEnabled(true);
    final ActiveMQSecurityManager customSecurityManager = new ActiveMQSecurityManager2() {

        @Override
        public boolean validateUser(final String username, final String password) {
            fail("Unexpected call to overridden method");
            return false;
        }

        @Override
        public boolean validateUser(final String username, final String password, final X509Certificate[] certificates) {
            return (username.equals("foo") || username.equals("bar") || username.equals("all")) && password.equals("frobnicate");
        }

        @Override
        public boolean validateUserAndRole(final String username, final String password, final Set<Role> requiredRoles, final CheckType checkType) {
            fail("Unexpected call to overridden method");
            return false;
        }

        @Override
        public boolean validateUserAndRole(final String username, final String password, final Set<Role> requiredRoles, final CheckType checkType, final String address, final RemotingConnection connection) {
            if (!(connection.getTransportConnection() instanceof InVMConnection)) {
                return false;
            }
            if ((username.equals("foo") || username.equals("bar") || username.equals("all")) && password.equals("frobnicate")) {
                if (username.equals("all")) {
                    return true;
                } else if (username.equals("foo")) {
                    return address.equals("test.queue") && checkType == CheckType.CONSUME;
                } else if (username.equals("bar")) {
                    return address.equals("test.queue") && checkType == CheckType.SEND;
                } else {
                    return false;
                }
            } else {
                return false;
            }
        }
    };
    final ActiveMQServer server = addServer(new ActiveMQServerImpl(configuration, customSecurityManager));
    server.start();
    final ServerLocator locator = createInVMNonHALocator();
    locator.setBlockOnNonDurableSend(true).setBlockOnDurableSend(true);
    final ClientSessionFactory factory = createSessionFactory(locator);
    ClientSession adminSession = factory.createSession("all", "frobnicate", false, true, true, false, -1);
    final String queueName = "test.queue";
    adminSession.createQueue(queueName, queueName, false);
    final String otherQueueName = "other.queue";
    adminSession.createQueue(otherQueueName, otherQueueName, false);
    // Wrong user name
    try {
        factory.createSession("baz", "frobnicate", false, true, true, false, -1);
        Assert.fail("should throw exception");
    } catch (ActiveMQSecurityException se) {
    // ok
    } catch (ActiveMQException e) {
        fail("Invalid Exception type:" + e.getType());
    }
    // Wrong password
    try {
        factory.createSession("foo", "xxx", false, true, true, false, -1);
        Assert.fail("should throw exception");
    } catch (ActiveMQSecurityException se) {
    // ok
    } catch (ActiveMQException e) {
        fail("Invalid Exception type:" + e.getType());
    }
    // Correct user and password, wrong queue for sending
    try {
        final ClientSession session = factory.createSession("foo", "frobnicate", false, true, true, false, -1);
        checkUserReceiveNoSend(otherQueueName, session, adminSession);
        Assert.fail("should throw exception");
    } catch (ActiveMQSecurityException se) {
    // ok
    } catch (ActiveMQException e) {
        fail("Invalid Exception type:" + e.getType());
    }
    // Correct user and password, wrong queue for receiving
    try {
        final ClientSession session = factory.createSession("foo", "frobnicate", false, true, true, false, -1);
        checkUserReceiveNoSend(otherQueueName, session, adminSession);
        Assert.fail("should throw exception");
    } catch (ActiveMQSecurityException se) {
    // ok
    } catch (ActiveMQException e) {
        fail("Invalid Exception type:" + e.getType());
    }
    // Correct user and password, allowed to send but not receive
    {
        final ClientSession session = factory.createSession("foo", "frobnicate", false, true, true, false, -1);
        checkUserReceiveNoSend(queueName, session, adminSession);
    }
    // Correct user and password, allowed to receive but not send
    {
        final ClientSession session = factory.createSession("bar", "frobnicate", false, true, true, false, -1);
        checkUserSendNoReceive(queueName, session);
    }
}

Example 97 with ActiveMQException

use of org.apache.activemq.artemis.api.core.ActiveMQException in project activemq-artemis by apache.

the class SecurityTest method testJAASSecurityManagerAuthorizationNegative.

@Test
public void testJAASSecurityManagerAuthorizationNegative() throws Exception {
    final SimpleString ADDRESS = new SimpleString("address");
    final SimpleString DURABLE_QUEUE = new SimpleString("durableQueue");
    final SimpleString NON_DURABLE_QUEUE = new SimpleString("nonDurableQueue");
    ActiveMQJAASSecurityManager securityManager = new ActiveMQJAASSecurityManager("PropertiesLogin");
    ActiveMQServer server = addServer(ActiveMQServers.newActiveMQServer(createDefaultInVMConfig().setSecurityEnabled(true), ManagementFactory.getPlatformMBeanServer(), securityManager, false));
    Set<Role> roles = new HashSet<>();
    roles.add(new Role("programmers", false, false, false, false, false, false, false, false, false, false));
    server.getConfiguration().putSecurityRoles("#", roles);
    server.start();
    server.addAddressInfo(new AddressInfo(ADDRESS, RoutingType.ANYCAST));
    server.createQueue(ADDRESS, RoutingType.ANYCAST, DURABLE_QUEUE, null, true, false);
    server.createQueue(ADDRESS, RoutingType.ANYCAST, NON_DURABLE_QUEUE, null, false, false);
    ClientSessionFactory cf = createSessionFactory(locator);
    ClientSession session = addClientSession(cf.createSession("first", "secret", false, true, true, false, 0));
    // CREATE_DURABLE_QUEUE
    try {
        session.createQueue(ADDRESS, DURABLE_QUEUE, true);
        Assert.fail("should throw exception here");
    } catch (ActiveMQException e) {
        assertTrue(e.getMessage().contains("User: first does not have permission='CREATE_DURABLE_QUEUE' for queue durableQueue on address address"));
    }
    // DELETE_DURABLE_QUEUE
    try {
        session.deleteQueue(DURABLE_QUEUE);
        Assert.fail("should throw exception here");
    } catch (ActiveMQException e) {
        assertTrue(e.getMessage().contains("User: first does not have permission='DELETE_DURABLE_QUEUE' for queue durableQueue on address address"));
    }
    // CREATE_NON_DURABLE_QUEUE
    try {
        session.createQueue(ADDRESS, NON_DURABLE_QUEUE, false);
        Assert.fail("should throw exception here");
    } catch (ActiveMQException e) {
        assertTrue(e.getMessage().contains("User: first does not have permission='CREATE_NON_DURABLE_QUEUE' for queue nonDurableQueue on address address"));
    }
    // DELETE_NON_DURABLE_QUEUE
    try {
        session.deleteQueue(NON_DURABLE_QUEUE);
        Assert.fail("should throw exception here");
    } catch (ActiveMQException e) {
        assertTrue(e.getMessage().contains("User: first does not have permission='DELETE_NON_DURABLE_QUEUE' for queue nonDurableQueue on address address"));
    }
    // PRODUCE
    try {
        ClientProducer producer = session.createProducer(ADDRESS);
        producer.send(session.createMessage(true));
        Assert.fail("should throw exception here");
    } catch (ActiveMQException e) {
        assertTrue(e.getMessage().contains("User: first does not have permission='SEND' on address address"));
    }
    // CONSUME
    try {
        ClientConsumer consumer = session.createConsumer(DURABLE_QUEUE);
        Assert.fail("should throw exception here");
    } catch (ActiveMQException e) {
        assertTrue(e.getMessage().contains("User: first does not have permission='CONSUME' for queue durableQueue on address address"));
    }
    // MANAGE
    try {
        ClientProducer producer = session.createProducer(server.getConfiguration().getManagementAddress());
        producer.send(session.createMessage(true));
        Assert.fail("should throw exception here");
    } catch (ActiveMQException e) {
        assertTrue(e.getMessage().contains("User: first does not have permission='MANAGE' on address activemq.management"));
    }
    // BROWSE
    try {
        ClientConsumer browser = session.createConsumer(DURABLE_QUEUE, true);
        Assert.fail("should throw exception here");
    } catch (ActiveMQException e) {
        assertTrue(e.getMessage().contains("User: first does not have permission='BROWSE' for queue durableQueue on address address"));
    }
}

Example 98 with ActiveMQException

use of org.apache.activemq.artemis.api.core.ActiveMQException in project activemq-artemis by apache.

the class SecurityTest method testSendManagementWithoutRole.

@Test
public void testSendManagementWithoutRole() throws Exception {
    ActiveMQServer server = createServer();
    server.start();
    HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
    ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
    securityManager.getConfiguration().addUser("auser", "pass");
    Role role = new Role("arole", false, false, true, false, false, false, false, false, false, false);
    Set<Role> roles = new HashSet<>();
    roles.add(role);
    securityRepository.addMatch(configuration.getManagementAddress().toString(), roles);
    securityManager.getConfiguration().addRole("auser", "arole");
    ClientSessionFactory cf = createSessionFactory(locator);
    ClientSession session = cf.createSession("auser", "pass", false, true, true, false, -1);
    session.createQueue(configuration.getManagementAddress().toString(), SecurityTest.queueA, true);
    ClientProducer cp = session.createProducer(configuration.getManagementAddress());
    cp.send(session.createMessage(false));
    try {
        cp.send(session.createMessage(false));
    } catch (ActiveMQSecurityException se) {
    // ok
    } catch (ActiveMQException e) {
        fail("Invalid Exception type:" + e.getType());
    }
    session.close();
}

Example 99 with ActiveMQException

use of org.apache.activemq.artemis.api.core.ActiveMQException in project activemq-artemis by apache.

the class SecurityTest method testJAASSecurityManagerAuthenticationWithCerts.

protected void testJAASSecurityManagerAuthenticationWithCerts(String clientAuthPropName) throws Exception {
    ActiveMQJAASSecurityManager securityManager = new ActiveMQJAASSecurityManager("CertLogin");
    ActiveMQServer server = addServer(ActiveMQServers.newActiveMQServer(createDefaultInVMConfig().setSecurityEnabled(true), ManagementFactory.getPlatformMBeanServer(), securityManager, false));
    Map<String, Object> params = new HashMap<>();
    params.put(TransportConstants.SSL_ENABLED_PROP_NAME, true);
    params.put(TransportConstants.KEYSTORE_PATH_PROP_NAME, "server-side-keystore.jks");
    params.put(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME, "secureexample");
    params.put(TransportConstants.TRUSTSTORE_PATH_PROP_NAME, "server-side-truststore.jks");
    params.put(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME, "secureexample");
    params.put(clientAuthPropName, true);
    server.getConfiguration().addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY, params));
    server.start();
    TransportConfiguration tc = new TransportConfiguration(NETTY_CONNECTOR_FACTORY);
    tc.getParams().put(TransportConstants.SSL_ENABLED_PROP_NAME, true);
    tc.getParams().put(TransportConstants.TRUSTSTORE_PATH_PROP_NAME, "client-side-truststore.jks");
    tc.getParams().put(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME, "secureexample");
    tc.getParams().put(TransportConstants.KEYSTORE_PATH_PROP_NAME, "client-side-keystore.jks");
    tc.getParams().put(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME, "secureexample");
    ServerLocator locator = addServerLocator(ActiveMQClient.createServerLocatorWithoutHA(tc));
    ClientSessionFactory cf = createSessionFactory(locator);
    try {
        ClientSession session = cf.createSession();
        session.close();
    } catch (ActiveMQException e) {
        e.printStackTrace();
        Assert.fail("should not throw exception");
    }
}

Example 100 with ActiveMQException

use of org.apache.activemq.artemis.api.core.ActiveMQException in project activemq-artemis by apache.

the class SecurityTest method testCreateSessionWithCorrectUserCorrectPass.

@Test
public void testCreateSessionWithCorrectUserCorrectPass() throws Exception {
    ActiveMQServer server = createServer();
    ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
    securityManager.getConfiguration().addUser("newuser", "apass");
    server.start();
    ClientSessionFactory cf = createSessionFactory(locator);
    try {
        ClientSession session = cf.createSession("newuser", "apass", false, true, true, false, -1);
        session.close();
    } catch (ActiveMQException e) {
        Assert.fail("should not throw exception");
    }
}