Examples with Role org.apache.activemq.artemis.core.security.Role used on opensource projects

Search in sources :

Example 11 with Role

use of org.apache.activemq.artemis.core.security.Role in project activemq-artemis by apache.

the class SimpleJNDIClientTest method testRemoteCFWithTCPUserPassword.

@Test
public void testRemoteCFWithTCPUserPassword() throws Exception {
    // setup user and role on broker
    ((ActiveMQJAASSecurityManager) liveService.getSecurityManager()).getConfiguration().addUser("myUser", "myPassword");
    ((ActiveMQJAASSecurityManager) liveService.getSecurityManager()).getConfiguration().addRole("myUser", "consumeCreateRole");
    Role consumeCreateRole = new Role("consumeCreateRole", false, true, true, true, true, true, true, true, true, true);
    Set<Role> consumerCreateRoles = new HashSet<>();
    consumerCreateRoles.add(consumeCreateRole);
    liveService.getSecurityRepository().addMatch("test.queue", consumerCreateRoles);
    Hashtable<String, String> props = new Hashtable<>();
    props.put(Context.INITIAL_CONTEXT_FACTORY, "org.apache.activemq.artemis.jndi.ActiveMQInitialContextFactory");
    // user and password set on URL
    props.put("connectionFactory.myConnectionFactory", "tcp://127.0.0.1:61616?user=myUser&password=myPassword");
    Context ctx = new InitialContext(props);
    // create a connection factory
    ActiveMQConnectionFactory connectionFactory = (ActiveMQConnectionFactory) ctx.lookup("myConnectionFactory");
    Assert.assertEquals("ensure user is set", "myUser", connectionFactory.getUser());
    Assert.assertEquals("ensure password is set", "myPassword", connectionFactory.getPassword());
    // Connect to broker to verify credentials are used with connection
    Connection connection = connectionFactory.createConnection();
    connection.start();
    Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
    javax.jms.Queue queue = session.createQueue("test.queue");
    try {
        try {
            MessageProducer producer = session.createProducer(queue);
            producer.send(session.createTextMessage("test Msg"));
            Assert.fail("Sending message should throw a JMSSecurityException");
        } catch (JMSSecurityException e) {
        // expected
        }
        MessageConsumer consumer = session.createConsumer(queue);
    } finally {
        connection.close();
    }
}
Also used : Context(javax.naming.Context) InitialContext(javax.naming.InitialContext) MessageConsumer(javax.jms.MessageConsumer) Hashtable(java.util.Hashtable) JMSSecurityException(javax.jms.JMSSecurityException) Connection(javax.jms.Connection) InitialContext(javax.naming.InitialContext) Role(org.apache.activemq.artemis.core.security.Role) ActiveMQConnectionFactory(org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory) Queue(javax.jms.Queue) MessageProducer(javax.jms.MessageProducer) HashSet(java.util.HashSet) Session(javax.jms.Session) Test(org.junit.Test)

Example 12 with Role

use of org.apache.activemq.artemis.core.security.Role in project activemq-artemis by apache.

the class FileConfigurationTest method testDefaults.

@Override
@Test
public void testDefaults() {
    // Check they match the values from the test file
    Assert.assertEquals("SomeNameForUseOnTheApplicationServer", conf.getName());
    Assert.assertEquals(false, conf.isPersistenceEnabled());
    Assert.assertEquals(true, conf.isClustered());
    Assert.assertEquals(12345, conf.getScheduledThreadPoolMaxSize());
    Assert.assertEquals(54321, conf.getThreadPoolMaxSize());
    Assert.assertEquals(false, conf.isSecurityEnabled());
    Assert.assertEquals(5423, conf.getSecurityInvalidationInterval());
    Assert.assertEquals(true, conf.isWildcardRoutingEnabled());
    Assert.assertEquals(new SimpleString("Giraffe"), conf.getManagementAddress());
    Assert.assertEquals(new SimpleString("Whatever"), conf.getManagementNotificationAddress());
    Assert.assertEquals("Frog", conf.getClusterUser());
    Assert.assertEquals("Wombat", conf.getClusterPassword());
    Assert.assertEquals(false, conf.isJMXManagementEnabled());
    Assert.assertEquals("gro.qtenroh", conf.getJMXDomain());
    Assert.assertEquals(true, conf.isMessageCounterEnabled());
    Assert.assertEquals(5, conf.getMessageCounterMaxDayHistory());
    Assert.assertEquals(123456, conf.getMessageCounterSamplePeriod());
    Assert.assertEquals(12345, conf.getConnectionTTLOverride());
    Assert.assertEquals(98765, conf.getTransactionTimeout());
    Assert.assertEquals(56789, conf.getTransactionTimeoutScanPeriod());
    Assert.assertEquals(10111213, conf.getMessageExpiryScanPeriod());
    Assert.assertEquals(8, conf.getMessageExpiryThreadPriority());
    Assert.assertEquals(127, conf.getIDCacheSize());
    Assert.assertEquals(true, conf.isPersistIDCache());
    Assert.assertEquals(true, conf.isPersistDeliveryCountBeforeDelivery());
    Assert.assertEquals("pagingdir", conf.getPagingDirectory());
    Assert.assertEquals("somedir", conf.getBindingsDirectory());
    Assert.assertEquals(false, conf.isCreateBindingsDir());
    Assert.assertEquals(true, conf.isAmqpUseCoreSubscriptionNaming());
    Assert.assertEquals("max concurrent io", 17, conf.getPageMaxConcurrentIO());
    Assert.assertEquals("somedir2", conf.getJournalDirectory());
    Assert.assertEquals(false, conf.isCreateJournalDir());
    Assert.assertEquals(JournalType.NIO, conf.getJournalType());
    Assert.assertEquals(10000, conf.getJournalBufferSize_NIO());
    Assert.assertEquals(1000, conf.getJournalBufferTimeout_NIO());
    Assert.assertEquals(56546, conf.getJournalMaxIO_NIO());
    Assert.assertEquals(9876, conf.getJournalFileOpenTimeout());
    Assert.assertEquals(false, conf.isJournalSyncTransactional());
    Assert.assertEquals(true, conf.isJournalSyncNonTransactional());
    Assert.assertEquals(12345678, conf.getJournalFileSize());
    Assert.assertEquals(100, conf.getJournalMinFiles());
    Assert.assertEquals(123, conf.getJournalCompactMinFiles());
    Assert.assertEquals(33, conf.getJournalCompactPercentage());
    Assert.assertEquals(true, conf.isGracefulShutdownEnabled());
    Assert.assertEquals(12345, conf.getGracefulShutdownTimeout());
    Assert.assertEquals(true, conf.isPopulateValidatedUser());
    Assert.assertEquals(98765, conf.getConnectionTtlCheckInterval());
    Assert.assertEquals(1234567, conf.getConfigurationFileRefreshPeriod());
    Assert.assertEquals("127.0.0.1", conf.getNetworkCheckList());
    Assert.assertEquals("some-nick", conf.getNetworkCheckNIC());
    Assert.assertEquals(123, conf.getNetworkCheckPeriod());
    Assert.assertEquals(321, conf.getNetworkCheckTimeout());
    Assert.assertEquals("ping-four", conf.getNetworkCheckPingCommand());
    Assert.assertEquals("ping-six", conf.getNetworkCheckPing6Command());
    Assert.assertEquals("largemessagesdir", conf.getLargeMessagesDirectory());
    Assert.assertEquals(95, conf.getMemoryWarningThreshold());
    Assert.assertEquals(2, conf.getIncomingInterceptorClassNames().size());
    Assert.assertTrue(conf.getIncomingInterceptorClassNames().contains("org.apache.activemq.artemis.tests.unit.core.config.impl.TestInterceptor1"));
    Assert.assertTrue(conf.getIncomingInterceptorClassNames().contains("org.apache.activemq.artemis.tests.unit.core.config.impl.TestInterceptor2"));
    Assert.assertEquals(2, conf.getConnectorConfigurations().size());
    TransportConfiguration tc = conf.getConnectorConfigurations().get("connector1");
    Assert.assertNotNull(tc);
    Assert.assertEquals("org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnectorFactory", tc.getFactoryClassName());
    Assert.assertEquals("mylocal", tc.getParams().get("localAddress"));
    Assert.assertEquals("99", tc.getParams().get("localPort"));
    Assert.assertEquals("localhost1", tc.getParams().get("host"));
    Assert.assertEquals("5678", tc.getParams().get("port"));
    tc = conf.getConnectorConfigurations().get("connector2");
    Assert.assertNotNull(tc);
    Assert.assertEquals("org.apache.activemq.artemis.core.remoting.impl.invm.InVMConnectorFactory", tc.getFactoryClassName());
    Assert.assertEquals("5", tc.getParams().get("serverId"));
    Assert.assertEquals(2, conf.getAcceptorConfigurations().size());
    for (TransportConfiguration ac : conf.getAcceptorConfigurations()) {
        if (ac.getFactoryClassName().equals("org.apache.activemq.artemis.core.remoting.impl.netty.NettyAcceptorFactory")) {
            Assert.assertEquals("456", ac.getParams().get("tcpNoDelay"));
            Assert.assertEquals("44", ac.getParams().get("connectionTtl"));
            Assert.assertEquals("92", ac.getParams().get(TransportConstants.CONNECTIONS_ALLOWED));
        } else {
            Assert.assertEquals("org.apache.activemq.artemis.core.remoting.impl.invm.InVMAcceptorFactory", ac.getFactoryClassName());
            Assert.assertEquals("0", ac.getParams().get("serverId"));
            Assert.assertEquals("87", ac.getParams().get(org.apache.activemq.artemis.core.remoting.impl.invm.TransportConstants.CONNECTIONS_ALLOWED));
        }
    }
    Assert.assertEquals(2, conf.getBroadcastGroupConfigurations().size());
    for (BroadcastGroupConfiguration bc : conf.getBroadcastGroupConfigurations()) {
        UDPBroadcastEndpointFactory udpBc = (UDPBroadcastEndpointFactory) bc.getEndpointFactory();
        if (bc.getName().equals("bg1")) {
            Assert.assertEquals("bg1", bc.getName());
            Assert.assertEquals(10999, udpBc.getLocalBindPort());
            Assert.assertEquals("192.168.0.120", udpBc.getGroupAddress());
            Assert.assertEquals(11999, udpBc.getGroupPort());
            Assert.assertEquals(12345, bc.getBroadcastPeriod());
            Assert.assertEquals("connector1", bc.getConnectorInfos().get(0));
        } else {
            Assert.assertEquals("bg2", bc.getName());
            Assert.assertEquals(12999, udpBc.getLocalBindPort());
            Assert.assertEquals("192.168.0.121", udpBc.getGroupAddress());
            Assert.assertEquals(13999, udpBc.getGroupPort());
            Assert.assertEquals(23456, bc.getBroadcastPeriod());
            Assert.assertEquals("connector2", bc.getConnectorInfos().get(0));
        }
    }
    Assert.assertEquals(2, conf.getDiscoveryGroupConfigurations().size());
    DiscoveryGroupConfiguration dc = conf.getDiscoveryGroupConfigurations().get("dg1");
    Assert.assertEquals("dg1", dc.getName());
    Assert.assertEquals("192.168.0.120", ((UDPBroadcastEndpointFactory) dc.getBroadcastEndpointFactory()).getGroupAddress());
    assertEquals("172.16.8.10", ((UDPBroadcastEndpointFactory) dc.getBroadcastEndpointFactory()).getLocalBindAddress());
    Assert.assertEquals(11999, ((UDPBroadcastEndpointFactory) dc.getBroadcastEndpointFactory()).getGroupPort());
    Assert.assertEquals(12345, dc.getRefreshTimeout());
    dc = conf.getDiscoveryGroupConfigurations().get("dg2");
    Assert.assertEquals("dg2", dc.getName());
    Assert.assertEquals("192.168.0.121", ((UDPBroadcastEndpointFactory) dc.getBroadcastEndpointFactory()).getGroupAddress());
    assertEquals("172.16.8.11", ((UDPBroadcastEndpointFactory) dc.getBroadcastEndpointFactory()).getLocalBindAddress());
    Assert.assertEquals(12999, ((UDPBroadcastEndpointFactory) dc.getBroadcastEndpointFactory()).getGroupPort());
    Assert.assertEquals(23456, dc.getRefreshTimeout());
    Assert.assertEquals(3, conf.getDivertConfigurations().size());
    for (DivertConfiguration dic : conf.getDivertConfigurations()) {
        if (dic.getName().equals("divert1")) {
            Assert.assertEquals("divert1", dic.getName());
            Assert.assertEquals("routing-name1", dic.getRoutingName());
            Assert.assertEquals("address1", dic.getAddress());
            Assert.assertEquals("forwarding-address1", dic.getForwardingAddress());
            Assert.assertEquals("speed > 88", dic.getFilterString());
            Assert.assertEquals("org.foo.Transformer", dic.getTransformerConfiguration().getClassName());
            Assert.assertEquals(true, dic.isExclusive());
        } else if (dic.getName().equals("divert2")) {
            Assert.assertEquals("divert2", dic.getName());
            Assert.assertEquals("routing-name2", dic.getRoutingName());
            Assert.assertEquals("address2", dic.getAddress());
            Assert.assertEquals("forwarding-address2", dic.getForwardingAddress());
            Assert.assertEquals("speed < 88", dic.getFilterString());
            Assert.assertEquals("org.foo.Transformer2", dic.getTransformerConfiguration().getClassName());
            Assert.assertEquals(false, dic.isExclusive());
        } else {
            Assert.assertEquals("divert3", dic.getName());
            Assert.assertEquals("org.foo.DivertTransformer3", dic.getTransformerConfiguration().getClassName());
            Assert.assertEquals("divertTransformerValue1", dic.getTransformerConfiguration().getProperties().get("divertTransformerKey1"));
            Assert.assertEquals("divertTransformerValue2", dic.getTransformerConfiguration().getProperties().get("divertTransformerKey2"));
        }
    }
    Assert.assertEquals(3, conf.getBridgeConfigurations().size());
    for (BridgeConfiguration bc : conf.getBridgeConfigurations()) {
        if (bc.getName().equals("bridge1")) {
            Assert.assertEquals("bridge1", bc.getName());
            Assert.assertEquals("queue1", bc.getQueueName());
            Assert.assertEquals("minLargeMessageSize", 4194304, bc.getMinLargeMessageSize());
            assertEquals("check-period", 31, bc.getClientFailureCheckPeriod());
            assertEquals("connection time-to-live", 370, bc.getConnectionTTL());
            Assert.assertEquals("bridge-forwarding-address1", bc.getForwardingAddress());
            Assert.assertEquals("sku > 1", bc.getFilterString());
            Assert.assertEquals("org.foo.BridgeTransformer", bc.getTransformerConfiguration().getClassName());
            Assert.assertEquals(3, bc.getRetryInterval());
            Assert.assertEquals(0.2, bc.getRetryIntervalMultiplier(), 0.0001);
            assertEquals("max retry interval", 10002, bc.getMaxRetryInterval());
            Assert.assertEquals(2, bc.getReconnectAttempts());
            Assert.assertEquals(true, bc.isUseDuplicateDetection());
            Assert.assertEquals("connector1", bc.getStaticConnectors().get(0));
            Assert.assertEquals(null, bc.getDiscoveryGroupName());
            Assert.assertEquals(444, bc.getProducerWindowSize());
            Assert.assertEquals(1073741824, bc.getConfirmationWindowSize());
        } else if (bc.getName().equals("bridge2")) {
            Assert.assertEquals("bridge2", bc.getName());
            Assert.assertEquals("queue2", bc.getQueueName());
            Assert.assertEquals("bridge-forwarding-address2", bc.getForwardingAddress());
            Assert.assertEquals(null, bc.getFilterString());
            Assert.assertEquals(null, bc.getTransformerConfiguration());
            Assert.assertEquals(null, bc.getStaticConnectors());
            Assert.assertEquals("dg1", bc.getDiscoveryGroupName());
            Assert.assertEquals(568320, bc.getProducerWindowSize());
        } else {
            Assert.assertEquals("bridge3", bc.getName());
            Assert.assertEquals("org.foo.BridgeTransformer3", bc.getTransformerConfiguration().getClassName());
            Assert.assertEquals("bridgeTransformerValue1", bc.getTransformerConfiguration().getProperties().get("bridgeTransformerKey1"));
            Assert.assertEquals("bridgeTransformerValue2", bc.getTransformerConfiguration().getProperties().get("bridgeTransformerKey2"));
        }
    }
    Assert.assertEquals(2, conf.getClusterConfigurations().size());
    HAPolicyConfiguration pc = conf.getHAPolicyConfiguration();
    assertNotNull(pc);
    assertTrue(pc instanceof LiveOnlyPolicyConfiguration);
    LiveOnlyPolicyConfiguration lopc = (LiveOnlyPolicyConfiguration) pc;
    assertNotNull(lopc.getScaleDownConfiguration());
    assertEquals(lopc.getScaleDownConfiguration().getGroupName(), "boo!");
    assertEquals(lopc.getScaleDownConfiguration().getDiscoveryGroup(), "dg1");
    for (ClusterConnectionConfiguration ccc : conf.getClusterConfigurations()) {
        if (ccc.getName().equals("cluster-connection1")) {
            Assert.assertEquals("cluster-connection1", ccc.getName());
            Assert.assertEquals("clusterConnectionConf minLargeMessageSize", 321, ccc.getMinLargeMessageSize());
            assertEquals("check-period", 331, ccc.getClientFailureCheckPeriod());
            assertEquals("connection time-to-live", 3370, ccc.getConnectionTTL());
            Assert.assertEquals("queues1", ccc.getAddress());
            Assert.assertEquals(3, ccc.getRetryInterval());
            Assert.assertEquals(true, ccc.isDuplicateDetection());
            Assert.assertEquals(MessageLoadBalancingType.ON_DEMAND, ccc.getMessageLoadBalancingType());
            Assert.assertEquals(1, ccc.getMaxHops());
            Assert.assertEquals(123, ccc.getCallTimeout());
            Assert.assertEquals(123, ccc.getCallFailoverTimeout());
            assertEquals("multiplier", 0.25, ccc.getRetryIntervalMultiplier(), 0.00001);
            assertEquals("max retry interval", 10000, ccc.getMaxRetryInterval());
            assertEquals(72, ccc.getReconnectAttempts());
            Assert.assertEquals("connector1", ccc.getStaticConnectors().get(0));
            Assert.assertEquals("connector2", ccc.getStaticConnectors().get(1));
            Assert.assertEquals(null, ccc.getDiscoveryGroupName());
            Assert.assertEquals(222, ccc.getProducerWindowSize());
        } else {
            Assert.assertEquals("cluster-connection2", ccc.getName());
            Assert.assertEquals("queues2", ccc.getAddress());
            Assert.assertEquals(4, ccc.getRetryInterval());
            Assert.assertEquals(456, ccc.getCallTimeout());
            Assert.assertEquals(456, ccc.getCallFailoverTimeout());
            Assert.assertEquals(false, ccc.isDuplicateDetection());
            Assert.assertEquals(MessageLoadBalancingType.STRICT, ccc.getMessageLoadBalancingType());
            Assert.assertEquals(2, ccc.getMaxHops());
            Assert.assertEquals(Collections.emptyList(), ccc.getStaticConnectors());
            Assert.assertEquals("dg1", ccc.getDiscoveryGroupName());
            Assert.assertEquals(333, ccc.getProducerWindowSize());
        }
    }
    assertEquals(2, conf.getAddressesSettings().size());
    assertTrue(conf.getAddressesSettings().get("a1") != null);
    assertTrue(conf.getAddressesSettings().get("a2") != null);
    assertEquals("a1.1", conf.getAddressesSettings().get("a1").getDeadLetterAddress().toString());
    assertEquals("a1.2", conf.getAddressesSettings().get("a1").getExpiryAddress().toString());
    assertEquals(1, conf.getAddressesSettings().get("a1").getRedeliveryDelay());
    assertEquals(856686592L, conf.getAddressesSettings().get("a1").getMaxSizeBytes());
    assertEquals(81738173872337L, conf.getAddressesSettings().get("a1").getPageSizeBytes());
    assertEquals(10, conf.getAddressesSettings().get("a1").getPageCacheMaxSize());
    assertEquals(4, conf.getAddressesSettings().get("a1").getMessageCounterHistoryDayLimit());
    assertEquals(10, conf.getAddressesSettings().get("a1").getSlowConsumerThreshold());
    assertEquals(5, conf.getAddressesSettings().get("a1").getSlowConsumerCheckPeriod());
    assertEquals(SlowConsumerPolicy.NOTIFY, conf.getAddressesSettings().get("a1").getSlowConsumerPolicy());
    assertEquals(true, conf.getAddressesSettings().get("a1").isAutoCreateJmsQueues());
    assertEquals(true, conf.getAddressesSettings().get("a1").isAutoDeleteJmsQueues());
    assertEquals(true, conf.getAddressesSettings().get("a1").isAutoCreateJmsTopics());
    assertEquals(true, conf.getAddressesSettings().get("a1").isAutoDeleteJmsTopics());
    assertEquals(false, conf.getAddressesSettings().get("a1").isDefaultPurgeOnNoConsumers());
    assertEquals(5, conf.getAddressesSettings().get("a1").getDefaultMaxConsumers());
    assertEquals(RoutingType.ANYCAST, conf.getAddressesSettings().get("a1").getDefaultQueueRoutingType());
    assertEquals(RoutingType.MULTICAST, conf.getAddressesSettings().get("a1").getDefaultAddressRoutingType());
    assertEquals("a2.1", conf.getAddressesSettings().get("a2").getDeadLetterAddress().toString());
    assertEquals("a2.2", conf.getAddressesSettings().get("a2").getExpiryAddress().toString());
    assertEquals(5, conf.getAddressesSettings().get("a2").getRedeliveryDelay());
    assertEquals(932489234928324L, conf.getAddressesSettings().get("a2").getMaxSizeBytes());
    assertEquals(7126716262626L, conf.getAddressesSettings().get("a2").getPageSizeBytes());
    assertEquals(20, conf.getAddressesSettings().get("a2").getPageCacheMaxSize());
    assertEquals(8, conf.getAddressesSettings().get("a2").getMessageCounterHistoryDayLimit());
    assertEquals(20, conf.getAddressesSettings().get("a2").getSlowConsumerThreshold());
    assertEquals(15, conf.getAddressesSettings().get("a2").getSlowConsumerCheckPeriod());
    assertEquals(SlowConsumerPolicy.KILL, conf.getAddressesSettings().get("a2").getSlowConsumerPolicy());
    assertEquals(false, conf.getAddressesSettings().get("a2").isAutoCreateJmsQueues());
    assertEquals(false, conf.getAddressesSettings().get("a2").isAutoDeleteJmsQueues());
    assertEquals(false, conf.getAddressesSettings().get("a2").isAutoCreateJmsTopics());
    assertEquals(false, conf.getAddressesSettings().get("a2").isAutoDeleteJmsTopics());
    assertEquals(true, conf.getAddressesSettings().get("a2").isDefaultPurgeOnNoConsumers());
    assertEquals(15, conf.getAddressesSettings().get("a2").getDefaultMaxConsumers());
    assertEquals(RoutingType.MULTICAST, conf.getAddressesSettings().get("a2").getDefaultQueueRoutingType());
    assertEquals(RoutingType.ANYCAST, conf.getAddressesSettings().get("a2").getDefaultAddressRoutingType());
    assertTrue(conf.getResourceLimitSettings().containsKey("myUser"));
    assertEquals(104, conf.getResourceLimitSettings().get("myUser").getMaxConnections());
    assertEquals(13, conf.getResourceLimitSettings().get("myUser").getMaxQueues());
    assertEquals(2, conf.getQueueConfigurations().size());
    assertEquals("queue1", conf.getQueueConfigurations().get(0).getName());
    assertEquals("address1", conf.getQueueConfigurations().get(0).getAddress());
    assertEquals("color='red'", conf.getQueueConfigurations().get(0).getFilterString());
    assertEquals(false, conf.getQueueConfigurations().get(0).isDurable());
    assertEquals("queue2", conf.getQueueConfigurations().get(1).getName());
    assertEquals("address2", conf.getQueueConfigurations().get(1).getAddress());
    assertEquals("color='blue'", conf.getQueueConfigurations().get(1).getFilterString());
    assertEquals(false, conf.getQueueConfigurations().get(1).isDurable());
    verifyAddresses();
    Map<String, Set<Role>> roles = conf.getSecurityRoles();
    assertEquals(2, roles.size());
    assertTrue(roles.containsKey("a1"));
    assertTrue(roles.containsKey("a2"));
    Role a1Role = roles.get("a1").toArray(new Role[1])[0];
    assertFalse(a1Role.isSend());
    assertFalse(a1Role.isConsume());
    assertFalse(a1Role.isCreateDurableQueue());
    assertFalse(a1Role.isDeleteDurableQueue());
    assertTrue(a1Role.isCreateNonDurableQueue());
    assertFalse(a1Role.isDeleteNonDurableQueue());
    assertFalse(a1Role.isManage());
    Role a2Role = roles.get("a2").toArray(new Role[1])[0];
    assertFalse(a2Role.isSend());
    assertFalse(a2Role.isConsume());
    assertFalse(a2Role.isCreateDurableQueue());
    assertFalse(a2Role.isDeleteDurableQueue());
    assertFalse(a2Role.isCreateNonDurableQueue());
    assertTrue(a2Role.isDeleteNonDurableQueue());
    assertFalse(a2Role.isManage());
    assertEquals(1234567, conf.getGlobalMaxSize());
    assertEquals(37, conf.getMaxDiskUsage());
    assertEquals(123, conf.getDiskScanPeriod());
    assertEquals(333, conf.getCriticalAnalyzerCheckPeriod());
    assertEquals(777, conf.getCriticalAnalyzerTimeout());
    assertEquals(false, conf.isCriticalAnalyzer());
    assertEquals(CriticalAnalyzerPolicy.HALT, conf.getCriticalAnalyzerPolicy());
    assertEquals(false, conf.isJournalDatasync());
}
Also used : ClusterConnectionConfiguration(org.apache.activemq.artemis.core.config.ClusterConnectionConfiguration) HashSet(java.util.HashSet) Set(java.util.Set) BridgeConfiguration(org.apache.activemq.artemis.core.config.BridgeConfiguration) SimpleString(org.apache.activemq.artemis.api.core.SimpleString) TransportConfiguration(org.apache.activemq.artemis.api.core.TransportConfiguration) DiscoveryGroupConfiguration(org.apache.activemq.artemis.api.core.DiscoveryGroupConfiguration) SimpleString(org.apache.activemq.artemis.api.core.SimpleString) Role(org.apache.activemq.artemis.core.security.Role) HAPolicyConfiguration(org.apache.activemq.artemis.core.config.HAPolicyConfiguration) LiveOnlyPolicyConfiguration(org.apache.activemq.artemis.core.config.ha.LiveOnlyPolicyConfiguration) DivertConfiguration(org.apache.activemq.artemis.core.config.DivertConfiguration) BroadcastGroupConfiguration(org.apache.activemq.artemis.api.core.BroadcastGroupConfiguration) UDPBroadcastEndpointFactory(org.apache.activemq.artemis.api.core.UDPBroadcastEndpointFactory) Test(org.junit.Test)

Example 13 with Role

use of org.apache.activemq.artemis.core.security.Role in project activemq-artemis by apache.

the class ActiveMQSecurityManagerImpl method validateUserAndRole.

@Override
public boolean validateUserAndRole(final String user, final String password, final Set<Role> roles, final CheckType checkType) {
    if (validateUser(user, password)) {
        String defaultUser = configuration.getDefaultUser();
        List<String> availableRoles = configuration.getRole(user == null ? defaultUser : user);
        if (availableRoles == null) {
            return false;
        }
        for (String availableRole : availableRoles) {
            if (roles != null) {
                for (Role role : roles) {
                    if (role.getName().equals(availableRole) && checkType.hasRole(role)) {
                        return true;
                    }
                }
            }
        }
    }
    return false;
}
Also used : Role(org.apache.activemq.artemis.core.security.Role)

Example 14 with Role

use of org.apache.activemq.artemis.core.security.Role in project activemq-artemis by apache.

the class SecurityNotificationTest method testSECURITY_PERMISSION_VIOLATION.

@Test
public void testSECURITY_PERMISSION_VIOLATION() throws Exception {
    SimpleString queue = RandomUtil.randomSimpleString();
    SimpleString address = RandomUtil.randomSimpleString();
    // guest can not create queue
    Role role = new Role("roleCanNotCreateQueue", true, true, false, true, false, true, true, true, true, true);
    Set<Role> roles = new HashSet<>();
    roles.add(role);
    server.getSecurityRepository().addMatch(address.toString(), roles);
    ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
    securityManager.getConfiguration().addRole("guest", "roleCanNotCreateQueue");
    SecurityNotificationTest.flush(notifConsumer);
    ServerLocator locator = createInVMNonHALocator();
    ClientSessionFactory sf = createSessionFactory(locator);
    ClientSession guestSession = sf.createSession("guest", "guest", false, true, true, false, 1);
    try {
        guestSession.createQueue(address, queue, true);
        Assert.fail("session creation must fail and a notification of security violation must be sent");
    } catch (Exception e) {
    }
    ClientMessage[] notifications = SecurityNotificationTest.consumeMessages(1, notifConsumer);
    Assert.assertEquals(SECURITY_PERMISSION_VIOLATION.toString(), notifications[0].getObjectProperty(ManagementHelper.HDR_NOTIFICATION_TYPE).toString());
    Assert.assertEquals("guest", notifications[0].getObjectProperty(ManagementHelper.HDR_USER).toString());
    Assert.assertEquals(address.toString(), notifications[0].getObjectProperty(ManagementHelper.HDR_ADDRESS).toString());
    Assert.assertEquals(CheckType.CREATE_DURABLE_QUEUE.toString(), notifications[0].getObjectProperty(ManagementHelper.HDR_CHECK_TYPE).toString());
    guestSession.close();
}
Also used : Role(org.apache.activemq.artemis.core.security.Role) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) ClientSession(org.apache.activemq.artemis.api.core.client.ClientSession) SimpleString(org.apache.activemq.artemis.api.core.SimpleString) ClientSessionFactory(org.apache.activemq.artemis.api.core.client.ClientSessionFactory) ClientMessage(org.apache.activemq.artemis.api.core.client.ClientMessage) ServerLocator(org.apache.activemq.artemis.api.core.client.ServerLocator) ActiveMQException(org.apache.activemq.artemis.api.core.ActiveMQException) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 15 with Role

use of org.apache.activemq.artemis.core.security.Role in project activemq-artemis by apache.

the class SecurityNotificationTest method setUp.

// Package protected ---------------------------------------------
// Protected -----------------------------------------------------
@Override
@Before
public void setUp() throws Exception {
    super.setUp();
    Configuration config = createDefaultInVMConfig().setSecurityEnabled(true);
    server = addServer(ActiveMQServers.newActiveMQServer(config, false));
    server.start();
    notifQueue = RandomUtil.randomSimpleString();
    ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
    securityManager.getConfiguration().addUser("admin", "admin");
    securityManager.getConfiguration().addUser("guest", "guest");
    securityManager.getConfiguration().setDefaultUser("guest");
    Role role = new Role("notif", true, true, true, true, true, true, true, true, true, true);
    Set<Role> roles = new HashSet<>();
    roles.add(role);
    server.getSecurityRepository().addMatch(ActiveMQDefaultConfiguration.getDefaultManagementNotificationAddress().toString(), roles);
    securityManager.getConfiguration().addRole("admin", "notif");
    ServerLocator locator = createInVMNonHALocator();
    ClientSessionFactory sf = createSessionFactory(locator);
    adminSession = sf.createSession("admin", "admin", false, true, true, false, 1);
    adminSession.start();
    adminSession.createTemporaryQueue(ActiveMQDefaultConfiguration.getDefaultManagementNotificationAddress(), notifQueue);
    notifConsumer = adminSession.createConsumer(notifQueue);
}
Also used : Role(org.apache.activemq.artemis.core.security.Role) Configuration(org.apache.activemq.artemis.core.config.Configuration) ActiveMQDefaultConfiguration(org.apache.activemq.artemis.api.config.ActiveMQDefaultConfiguration) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) ClientSessionFactory(org.apache.activemq.artemis.api.core.client.ClientSessionFactory) ServerLocator(org.apache.activemq.artemis.api.core.client.ServerLocator) HashSet(java.util.HashSet) Before(org.junit.Before)

Aggregations

Role (org.apache.activemq.artemis.core.security.Role)86 HashSet (java.util.HashSet)72 ActiveMQJAASSecurityManager (org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)49 Test (org.junit.Test)46 ActiveMQServer (org.apache.activemq.artemis.core.server.ActiveMQServer)35 ClientSession (org.apache.activemq.artemis.api.core.client.ClientSession)33 ClientSessionFactory (org.apache.activemq.artemis.api.core.client.ClientSessionFactory)33 Set (java.util.Set)30 SimpleString (org.apache.activemq.artemis.api.core.SimpleString)26 ActiveMQException (org.apache.activemq.artemis.api.core.ActiveMQException)24 ClientProducer (org.apache.activemq.artemis.api.core.client.ClientProducer)20 TransportConfiguration (org.apache.activemq.artemis.api.core.TransportConfiguration)15 ActiveMQSecurityException (org.apache.activemq.artemis.api.core.ActiveMQSecurityException)14 Before (org.junit.Before)11 Configuration (org.apache.activemq.artemis.core.config.Configuration)9 HashMap (java.util.HashMap)7 ClientConsumer (org.apache.activemq.artemis.api.core.client.ClientConsumer)7 Session (javax.jms.Session)5 ActiveMQResourceAdapter (org.apache.activemq.artemis.ra.ActiveMQResourceAdapter)5 Connection (javax.jms.Connection)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial