use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.
the class SecurityTest method testCreateConsumerWithoutRole.
@Test
public void testCreateConsumerWithoutRole() throws Exception {
ActiveMQServer server = createServer();
server.start();
HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
securityManager.getConfiguration().addUser("auser", "pass");
securityManager.getConfiguration().addUser("guest", "guest");
securityManager.getConfiguration().addRole("guest", "guest");
securityManager.getConfiguration().setDefaultUser("guest");
Role role = new Role("arole", false, false, false, false, false, false, false, false, false, false);
Role sendRole = new Role("guest", true, false, true, false, false, false, false, false, false, false);
Set<Role> roles = new HashSet<>();
roles.add(sendRole);
roles.add(role);
securityRepository.addMatch(SecurityTest.addressA, roles);
securityManager.getConfiguration().addRole("auser", "arole");
ClientSessionFactory cf = createSessionFactory(locator);
ClientSession senSession = cf.createSession(false, true, true);
ClientSession session = cf.createSession("auser", "pass", false, true, true, false, -1);
senSession.createQueue(SecurityTest.addressA, SecurityTest.queueA, true);
ClientProducer cp = senSession.createProducer(SecurityTest.addressA);
cp.send(session.createMessage(false));
try {
session.createConsumer(SecurityTest.queueA);
} catch (ActiveMQSecurityException se) {
// ok
} catch (ActiveMQException e) {
fail("Invalid Exception type:" + e.getType());
}
session.close();
senSession.close();
}
use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.
the class SecurityTest method testDeleteTempQueueWithRole.
@Test
public void testDeleteTempQueueWithRole() throws Exception {
ActiveMQServer server = createServer();
server.start();
HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
securityManager.getConfiguration().addUser("auser", "pass");
Role role = new Role("arole", false, false, false, false, true, true, false, false, false, true);
Set<Role> roles = new HashSet<>();
roles.add(role);
securityRepository.addMatch(SecurityTest.addressA, roles);
securityManager.getConfiguration().addRole("auser", "arole");
ClientSessionFactory cf = createSessionFactory(locator);
ClientSession session = cf.createSession("auser", "pass", false, true, true, false, -1);
session.createQueue(SecurityTest.addressA, SecurityTest.queueA, false);
session.deleteQueue(SecurityTest.queueA);
session.close();
}
use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.
the class SecurityTest method testCreateSessionWithNullUserPass.
@Test
public void testCreateSessionWithNullUserPass() throws Exception {
ActiveMQServer server = createServer();
ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
securityManager.getConfiguration().addUser("guest", "guest");
securityManager.getConfiguration().setDefaultUser("guest");
server.start();
ClientSessionFactory cf = createSessionFactory(locator);
try {
ClientSession session = cf.createSession(false, true, true);
session.close();
} catch (ActiveMQException e) {
Assert.fail("should not throw exception");
}
}
use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.
the class SecurityTest method testCreateTempQueueWithoutRole.
@Test
public void testCreateTempQueueWithoutRole() throws Exception {
ActiveMQServer server = createServer();
server.start();
HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
securityManager.getConfiguration().addUser("auser", "pass");
Role role = new Role("arole", false, false, false, false, false, false, false, false, false, false);
Set<Role> roles = new HashSet<>();
roles.add(role);
securityRepository.addMatch(SecurityTest.addressA, roles);
securityManager.getConfiguration().addRole("auser", "arole");
ClientSessionFactory cf = createSessionFactory(locator);
ClientSession session = cf.createSession("auser", "pass", false, true, true, false, -1);
try {
session.createQueue(SecurityTest.addressA, SecurityTest.queueA, false);
Assert.fail("should throw exception");
} catch (ActiveMQSecurityException se) {
// ok
} catch (ActiveMQException e) {
fail("Invalid Exception type:" + e.getType());
}
session.close();
}
use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.
the class SecurityTest method testSendMessageUpdateRoleCached2.
@Test
public void testSendMessageUpdateRoleCached2() throws Exception {
Configuration configuration = createDefaultInVMConfig().setSecurityEnabled(true).setSecurityInvalidationInterval(0);
ActiveMQServer server = createServer(false, configuration);
server.start();
HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
securityManager.getConfiguration().addUser("auser", "pass");
securityManager.getConfiguration().addUser("guest", "guest");
securityManager.getConfiguration().addRole("guest", "guest");
securityManager.getConfiguration().setDefaultUser("guest");
Role role = new Role("arole", false, false, false, false, false, false, false, false, false, false);
Role sendRole = new Role("guest", true, false, true, false, false, false, false, false, false, false);
Role receiveRole = new Role("receiver", false, true, false, false, false, false, false, false, false, false);
Set<Role> roles = new HashSet<>();
roles.add(sendRole);
roles.add(role);
roles.add(receiveRole);
securityRepository.addMatch(SecurityTest.addressA, roles);
securityManager.getConfiguration().addRole("auser", "arole");
ClientSessionFactory cf = createSessionFactory(locator);
ClientSession senSession = cf.createSession(false, true, true);
ClientSession session = cf.createSession("auser", "pass", false, true, true, false, -1);
senSession.createQueue(SecurityTest.addressA, SecurityTest.queueA, true);
ClientProducer cp = senSession.createProducer(SecurityTest.addressA);
cp.send(session.createMessage(false));
try {
session.createConsumer(SecurityTest.queueA);
} catch (ActiveMQSecurityException se) {
// ok
} catch (ActiveMQException e) {
fail("Invalid Exception type:" + e.getType());
}
securityManager.getConfiguration().addRole("auser", "receiver");
session.createConsumer(SecurityTest.queueA);
// Removing the Role... the check should be cached... but we used
// setSecurityInvalidationInterval(0), so the
// next createConsumer should fail
securityManager.getConfiguration().removeRole("auser", "receiver");
try {
session.createConsumer(SecurityTest.queueA);
} catch (ActiveMQSecurityException se) {
// ok
} catch (ActiveMQException e) {
fail("Invalid Exception type:" + e.getType());
}
session.close();
senSession.close();
}
Aggregations