Examples with Role org.apache.activemq.artemis.core.security.Role used on opensource projects

Search in sources :

Example 76 with Role

use of org.apache.activemq.artemis.core.security.Role in project activemq-artemis by apache.

the class FileConfigurationTest method testSecurityRoleMapping.

@Test
public void testSecurityRoleMapping() throws Exception {
    FileConfiguration fc = new FileConfiguration();
    FileDeploymentManager deploymentManager = new FileDeploymentManager("securityRoleMappings.xml");
    deploymentManager.addDeployable(fc);
    deploymentManager.readConfiguration();
    Map<String, Set<Role>> securityRoles = fc.getSecurityRoles();
    Set<Role> roles = securityRoles.get("#");
    // cn=mygroup,dc=local,dc=com = amq1
    Role testRole1 = new Role("cn=mygroup,dc=local,dc=com", false, false, false, false, true, false, false, false, false, false);
    // myrole1 = amq1 + amq2
    Role testRole2 = new Role("myrole1", false, false, false, false, true, true, false, false, false, false);
    // myrole3 = amq3 + amq4
    Role testRole3 = new Role("myrole3", false, false, true, true, false, false, false, false, false, false);
    // myrole4 = amq5 + amq!@#$%^&*() + amq6
    Role testRole4 = new Role("myrole4", true, true, false, false, false, false, false, true, true, true);
    // myrole5 = amq4 = amq3 + amq4
    Role testRole5 = new Role("myrole5", false, false, true, true, false, false, false, false, false, false);
    Role testRole6 = new Role("amq1", false, false, false, false, true, false, false, false, false, false);
    Role testRole7 = new Role("amq2", false, false, false, false, false, true, false, false, false, false);
    Role testRole8 = new Role("amq3", false, false, true, false, false, false, false, false, false, false);
    Role testRole9 = new Role("amq4", false, false, true, true, false, false, false, false, false, false);
    Role testRole10 = new Role("amq5", false, false, false, false, false, false, false, false, true, true);
    Role testRole11 = new Role("amq6", false, true, false, false, false, false, false, true, false, false);
    Role testRole12 = new Role("amq7", false, false, false, false, false, false, true, false, false, false);
    Role testRole13 = new Role("amq!@#$%^&*()", true, false, false, false, false, false, false, false, false, false);
    assertEquals(13, roles.size());
    assertTrue(roles.contains(testRole1));
    assertTrue(roles.contains(testRole2));
    assertTrue(roles.contains(testRole3));
    assertTrue(roles.contains(testRole4));
    assertTrue(roles.contains(testRole5));
    assertTrue(roles.contains(testRole6));
    assertTrue(roles.contains(testRole7));
    assertTrue(roles.contains(testRole8));
    assertTrue(roles.contains(testRole9));
    assertTrue(roles.contains(testRole10));
    assertTrue(roles.contains(testRole11));
    assertTrue(roles.contains(testRole12));
    assertTrue(roles.contains(testRole13));
}
Also used : Role(org.apache.activemq.artemis.core.security.Role) HashSet(java.util.HashSet) Set(java.util.Set) SimpleString(org.apache.activemq.artemis.api.core.SimpleString) FileDeploymentManager(org.apache.activemq.artemis.core.config.FileDeploymentManager) Test(org.junit.Test)

Example 77 with Role

use of org.apache.activemq.artemis.core.security.Role in project activemq-artemis by apache.

the class JAASSecurityManagerTest method testLoginClassloading.

@Test
public void testLoginClassloading() throws Exception {
    ClassLoader existingLoader = Thread.currentThread().getContextClassLoader();
    System.out.println("loader: " + existingLoader);
    try {
        if (usingNewLoader) {
            URLClassLoader simulatedLoader = new URLClassLoader(new URL[] { tmpDir.getRoot().toURI().toURL() }, null);
            Thread.currentThread().setContextClassLoader(simulatedLoader);
        }
        ActiveMQJAASSecurityManager securityManager = new ActiveMQJAASSecurityManager("PropertiesLogin");
        String result = securityManager.validateUser("first", "secret", null);
        assertNotNull(result);
        assertEquals("first", result);
        Role role = new Role("programmers", true, true, true, true, true, true, true, true, true, true);
        Set<Role> roles = new HashSet<>();
        roles.add(role);
        result = securityManager.validateUserAndRole("first", "secret", roles, CheckType.SEND, "someaddress", null);
        assertNotNull(result);
        assertEquals("first", result);
    } finally {
        Thread.currentThread().setContextClassLoader(existingLoader);
    }
}
Also used : Role(org.apache.activemq.artemis.core.security.Role) URLClassLoader(java.net.URLClassLoader) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) URLClassLoader(java.net.URLClassLoader) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 78 with Role

use of org.apache.activemq.artemis.core.security.Role in project activemq-artemis by apache.

the class DualAuthenticationTest method setUp.

@Override
@Before
public void setUp() throws Exception {
    super.setUp();
    Map<String, Object> params = new HashMap<>();
    params.put(TransportConstants.SSL_ENABLED_PROP_NAME, true);
    params.put(TransportConstants.KEYSTORE_PATH_PROP_NAME, SERVER_SIDE_KEYSTORE);
    params.put(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME, PASSWORD);
    params.put(TransportConstants.TRUSTSTORE_PATH_PROP_NAME, SERVER_SIDE_TRUSTSTORE);
    params.put(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME, PASSWORD);
    params.put(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME, true);
    params.put(TransportConstants.PORT_PROP_NAME, "61617");
    ConfigurationImpl config = createBasicConfig();
    config.addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY, params));
    config.addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY));
    config.setSecurityEnabled(true);
    ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager("DualAuthenticationPropertiesLogin", "DualAuthenticationCertLogin");
    server = addServer(ActiveMQServers.newActiveMQServer(config, ManagementFactory.getPlatformMBeanServer(), securityManager, false));
    HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
    Role sendRole = new Role("producers", true, false, true, false, true, false, false, false, false, false);
    Role receiveRole = new Role("consumers", false, true, false, false, false, false, false, false, false, false);
    Set<Role> roles = new HashSet<>();
    roles.add(sendRole);
    roles.add(receiveRole);
    securityRepository.addMatch(DualAuthenticationTest.QUEUE.toString(), roles);
    server.start();
    waitForServerToStart(server);
    tc = new TransportConfiguration(NETTY_CONNECTOR_FACTORY);
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) TransportConfiguration(org.apache.activemq.artemis.api.core.TransportConfiguration) SimpleString(org.apache.activemq.artemis.api.core.SimpleString) Role(org.apache.activemq.artemis.core.security.Role) ConfigurationImpl(org.apache.activemq.artemis.core.config.impl.ConfigurationImpl) ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager) HashSet(java.util.HashSet) Before(org.junit.Before)

Example 79 with Role

use of org.apache.activemq.artemis.core.security.Role in project activemq-artemis by apache.

the class LegacyLDAPSecuritySettingPlugin method objectRemoved.

/**
 * Handler for removed policy entries in the directory.
 *
 * @param namingEvent the removed entry event that occurred
 */
public void objectRemoved(NamingEvent namingEvent) {
    try {
        LdapName ldapName = new LdapName(namingEvent.getOldBinding().getName());
        String match = null;
        for (Rdn rdn : ldapName.getRdns()) {
            if (rdn.getType().equals("uid")) {
                match = rdn.getValue().toString();
            }
        }
        Set<Role> roles = securityRepository.getMatch(match);
        List<Role> rolesToRemove = new ArrayList<>();
        for (Rdn rdn : ldapName.getRdns()) {
            if (rdn.getValue().equals(writePermissionValue)) {
                logger.debug("Removing write permission");
                for (Role role : roles) {
                    if (role.isSend()) {
                        rolesToRemove.add(role);
                    }
                }
            } else if (rdn.getValue().equals(readPermissionValue)) {
                logger.debug("Removing read permission");
                for (Role role : roles) {
                    if (role.isConsume()) {
                        rolesToRemove.add(role);
                    }
                }
            } else if (rdn.getValue().equals(adminPermissionValue)) {
                logger.debug("Removing admin permission");
                for (Role role : roles) {
                    if (role.isCreateDurableQueue() || role.isCreateNonDurableQueue() || role.isDeleteDurableQueue() || role.isDeleteNonDurableQueue()) {
                        rolesToRemove.add(role);
                    }
                }
            }
            for (Role roleToRemove : rolesToRemove) {
                roles.remove(roleToRemove);
            }
        }
    } catch (NamingException e) {
        ActiveMQServerLogger.LOGGER.failedToProcessEvent(e);
    }
}
Also used : Role(org.apache.activemq.artemis.core.security.Role) ArrayList(java.util.ArrayList) NamingException(javax.naming.NamingException) Rdn(javax.naming.ldap.Rdn) LdapName(javax.naming.ldap.LdapName)

Example 80 with Role

use of org.apache.activemq.artemis.core.security.Role in project activemq-artemis by apache.

the class ServerLargeMessageTest method testSendServerMessageWithValidatedUser.

@Test
public void testSendServerMessageWithValidatedUser() throws Exception {
    ActiveMQJAASSecurityManager securityManager = new ActiveMQJAASSecurityManager("PropertiesLogin");
    ActiveMQServer server = addServer(ActiveMQServers.newActiveMQServer(createDefaultInVMConfig().setSecurityEnabled(true), ManagementFactory.getPlatformMBeanServer(), securityManager, false));
    server.getConfiguration().setPopulateValidatedUser(true);
    Role role = new Role("programmers", true, true, true, true, true, true, true, true, true, true);
    Set<Role> roles = new HashSet<>();
    roles.add(role);
    server.getSecurityRepository().addMatch("#", roles);
    server.start();
    ServerLocator locator = createInVMNonHALocator();
    ClientSessionFactory sf = createSessionFactory(locator);
    try {
        ClientSession session = sf.createSession("first", "secret", false, true, true, false, 0);
        ClientMessage clientMessage = session.createMessage(false);
        clientMessage.setBodyInputStream(ActiveMQTestBase.createFakeLargeStream(ActiveMQClient.DEFAULT_MIN_LARGE_MESSAGE_SIZE));
        session.createQueue("A", RoutingType.ANYCAST, "A");
        ClientProducer prod = session.createProducer("A");
        prod.send(clientMessage);
        session.commit();
        session.start();
        ClientConsumer cons = session.createConsumer("A");
        ClientMessage msg = cons.receive(5000);
        assertEquals("first", msg.getValidatedUserID());
    } finally {
        sf.close();
        locator.close();
        server.stop();
    }
}
Also used : Role(org.apache.activemq.artemis.core.security.Role) ActiveMQServer(org.apache.activemq.artemis.core.server.ActiveMQServer) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) ClientSession(org.apache.activemq.artemis.api.core.client.ClientSession) ClientSessionFactory(org.apache.activemq.artemis.api.core.client.ClientSessionFactory) ClientMessage(org.apache.activemq.artemis.api.core.client.ClientMessage) ClientConsumer(org.apache.activemq.artemis.api.core.client.ClientConsumer) ClientProducer(org.apache.activemq.artemis.api.core.client.ClientProducer) ServerLocator(org.apache.activemq.artemis.api.core.client.ServerLocator) HashSet(java.util.HashSet) Test(org.junit.Test) SecurityTest(org.apache.activemq.artemis.tests.integration.security.SecurityTest)

Aggregations

Role (org.apache.activemq.artemis.core.security.Role)86 HashSet (java.util.HashSet)72 ActiveMQJAASSecurityManager (org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)49 Test (org.junit.Test)46 ActiveMQServer (org.apache.activemq.artemis.core.server.ActiveMQServer)35 ClientSession (org.apache.activemq.artemis.api.core.client.ClientSession)33 ClientSessionFactory (org.apache.activemq.artemis.api.core.client.ClientSessionFactory)33 Set (java.util.Set)30 SimpleString (org.apache.activemq.artemis.api.core.SimpleString)26 ActiveMQException (org.apache.activemq.artemis.api.core.ActiveMQException)24 ClientProducer (org.apache.activemq.artemis.api.core.client.ClientProducer)20 TransportConfiguration (org.apache.activemq.artemis.api.core.TransportConfiguration)15 ActiveMQSecurityException (org.apache.activemq.artemis.api.core.ActiveMQSecurityException)14 Before (org.junit.Before)11 Configuration (org.apache.activemq.artemis.core.config.Configuration)9 HashMap (java.util.HashMap)7 ClientConsumer (org.apache.activemq.artemis.api.core.client.ClientConsumer)7 Session (javax.jms.Session)5 ActiveMQResourceAdapter (org.apache.activemq.artemis.ra.ActiveMQResourceAdapter)5 Connection (javax.jms.Connection)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial