Example 76 with ActiveMQJAASSecurityManager
use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.
the class ActiveMQMessageHandlerSecurityTest method testSimpleMessageReceivedOnQueueWithSecuritySucceeds.
@Test
public void testSimpleMessageReceivedOnQueueWithSecuritySucceeds() throws Exception {
ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
securityManager.getConfiguration().addUser("testuser", "testpassword");
securityManager.getConfiguration().addRole("testuser", "arole");
Role role = new Role("arole", false, true, false, false, false, false, false, false, false, false);
Set<Role> roles = new HashSet<>();
roles.add(role);
server.getSecurityRepository().addMatch(MDBQUEUEPREFIXED, roles);
ActiveMQResourceAdapter qResourceAdapter = newResourceAdapter();
MyBootstrapContext ctx = new MyBootstrapContext();
qResourceAdapter.start(ctx);
ActiveMQActivationSpec spec = new ActiveMQActivationSpec();
spec.setResourceAdapter(qResourceAdapter);
spec.setUseJNDI(false);
spec.setDestinationType("javax.jms.Queue");
spec.setDestination(MDBQUEUE);
spec.setUser("testuser");
spec.setPassword("testpassword");
spec.setSetupAttempts(0);
qResourceAdapter.setConnectorClassName(INVM_CONNECTOR_FACTORY);
CountDownLatch latch = new CountDownLatch(1);
DummyMessageEndpoint endpoint = new DummyMessageEndpoint(latch);
DummyMessageEndpointFactory endpointFactory = new DummyMessageEndpointFactory(endpoint, false);
qResourceAdapter.endpointActivation(endpointFactory, spec);
Binding binding = server.getPostOffice().getBinding(MDBQUEUEPREFIXEDSIMPLE);
assertEquals(((LocalQueueBinding) binding).getQueue().getConsumerCount(), 15);
qResourceAdapter.endpointDeactivation(endpointFactory, spec);
qResourceAdapter.stop();
}
Also used :
Role(org.apache.activemq.artemis.core.security.Role)
LocalQueueBinding(org.apache.activemq.artemis.core.postoffice.impl.LocalQueueBinding)
Binding(org.apache.activemq.artemis.core.postoffice.Binding)
LocalQueueBinding(org.apache.activemq.artemis.core.postoffice.impl.LocalQueueBinding)
ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)
ActiveMQResourceAdapter(org.apache.activemq.artemis.ra.ActiveMQResourceAdapter)
ActiveMQActivationSpec(org.apache.activemq.artemis.ra.inflow.ActiveMQActivationSpec)
CountDownLatch(java.util.concurrent.CountDownLatch)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 77 with ActiveMQJAASSecurityManager
use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.
the class FileBrokerTest method startWithoutJMS.
@Test
public void startWithoutJMS() throws Exception {
ServerDTO serverDTO = new ServerDTO();
serverDTO.configuration = "broker-nojms.xml";
FileBroker broker = null;
try {
broker = new FileBroker(serverDTO, new ActiveMQJAASSecurityManager());
broker.start();
JMSServerManagerImpl jmsServerManager = (JMSServerManagerImpl) broker.getComponents().get("jms");
Assert.assertNull(jmsServerManager);
ActiveMQServerImpl activeMQServer = (ActiveMQServerImpl) broker.getComponents().get("core");
Assert.assertNotNull(activeMQServer);
Assert.assertTrue(activeMQServer.isStarted());
Assert.assertTrue(broker.isStarted());
} finally {
assert broker != null;
broker.stop();
}
}
Also used :
FileBroker(org.apache.activemq.artemis.integration.FileBroker)
ServerDTO(org.apache.activemq.artemis.dto.ServerDTO)
JMSServerManagerImpl(org.apache.activemq.artemis.jms.server.impl.JMSServerManagerImpl)
ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)
ActiveMQServerImpl(org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl)
Test(org.junit.Test)
Example 78 with ActiveMQJAASSecurityManager
use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.
the class FileBrokerTest method testConfigFileReload.
@Test
public void testConfigFileReload() throws Exception {
ServerDTO serverDTO = new ServerDTO();
serverDTO.configuration = "broker-reload.xml";
FileBroker broker = null;
String path = null;
try {
SecurityConfiguration securityConfiguration = new SecurityConfiguration();
securityConfiguration.addUser("myUser", "myPass");
securityConfiguration.addRole("myUser", "guest");
ActiveMQJAASSecurityManager securityManager = new ActiveMQJAASSecurityManager(InVMLoginModule.class.getName(), securityConfiguration);
broker = new FileBroker(serverDTO, securityManager);
broker.start();
ActiveMQServerImpl activeMQServer = (ActiveMQServerImpl) broker.getComponents().get("core");
Assert.assertNotNull(activeMQServer);
Assert.assertTrue(activeMQServer.isStarted());
Assert.assertTrue(broker.isStarted());
File file = new File(activeMQServer.getConfiguration().getConfigurationUrl().toURI());
path = file.getPath();
Assert.assertNotNull(activeMQServer.getConfiguration().getConfigurationUrl());
Thread.sleep(activeMQServer.getConfiguration().getConfigurationFileRefreshPeriod() * 2);
ServerLocator locator = ActiveMQClient.createServerLocator("tcp://localhost:61616");
ClientSessionFactory sf = locator.createSessionFactory();
ClientSession session = sf.createSession("myUser", "myPass", false, true, false, false, 0);
ClientProducer producer = session.createProducer("DLQ");
producer.send(session.createMessage(true));
replacePatternInFile(path, "guest", "X");
Thread.sleep(activeMQServer.getConfiguration().getConfigurationFileRefreshPeriod() * 2);
try {
producer.send(session.createMessage(true));
fail("Should throw a security exception");
} catch (Exception e) {
}
locator.close();
} finally {
assert broker != null;
broker.stop();
if (path != null) {
replacePatternInFile(path, "X", "guest");
}
}
}
Also used :
FileBroker(org.apache.activemq.artemis.integration.FileBroker)
ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)
InVMLoginModule(org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule)
ActiveMQServerImpl(org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl)
IOException(java.io.IOException)
ServerDTO(org.apache.activemq.artemis.dto.ServerDTO)
ClientSession(org.apache.activemq.artemis.api.core.client.ClientSession)
SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration)
ClientSessionFactory(org.apache.activemq.artemis.api.core.client.ClientSessionFactory)
File(java.io.File)
ClientProducer(org.apache.activemq.artemis.api.core.client.ClientProducer)
ServerLocator(org.apache.activemq.artemis.api.core.client.ServerLocator)
Test(org.junit.Test)
Example 79 with ActiveMQJAASSecurityManager
use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.
the class JAASSecurityManagerTest method testLoginClassloading.
@Test
public void testLoginClassloading() throws Exception {
ClassLoader existingLoader = Thread.currentThread().getContextClassLoader();
System.out.println("loader: " + existingLoader);
try {
if (usingNewLoader) {
URLClassLoader simulatedLoader = new URLClassLoader(new URL[] { tmpDir.getRoot().toURI().toURL() }, null);
Thread.currentThread().setContextClassLoader(simulatedLoader);
}
ActiveMQJAASSecurityManager securityManager = new ActiveMQJAASSecurityManager("PropertiesLogin");
String result = securityManager.validateUser("first", "secret", null);
assertNotNull(result);
assertEquals("first", result);
Role role = new Role("programmers", true, true, true, true, true, true, true, true, true, true);
Set<Role> roles = new HashSet<>();
roles.add(role);
result = securityManager.validateUserAndRole("first", "secret", roles, CheckType.SEND, "someaddress", null);
assertNotNull(result);
assertEquals("first", result);
} finally {
Thread.currentThread().setContextClassLoader(existingLoader);
}
}
Also used :
Role(org.apache.activemq.artemis.core.security.Role)
URLClassLoader(java.net.URLClassLoader)
ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)
URLClassLoader(java.net.URLClassLoader)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 80 with ActiveMQJAASSecurityManager
use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.
the class DualAuthenticationTest method setUp.
@Override
@Before
public void setUp() throws Exception {
super.setUp();
Map<String, Object> params = new HashMap<>();
params.put(TransportConstants.SSL_ENABLED_PROP_NAME, true);
params.put(TransportConstants.KEYSTORE_PATH_PROP_NAME, SERVER_SIDE_KEYSTORE);
params.put(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME, PASSWORD);
params.put(TransportConstants.TRUSTSTORE_PATH_PROP_NAME, SERVER_SIDE_TRUSTSTORE);
params.put(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME, PASSWORD);
params.put(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME, true);
params.put(TransportConstants.PORT_PROP_NAME, "61617");
ConfigurationImpl config = createBasicConfig();
config.addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY, params));
config.addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY));
config.setSecurityEnabled(true);
ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager("DualAuthenticationPropertiesLogin", "DualAuthenticationCertLogin");
server = addServer(ActiveMQServers.newActiveMQServer(config, ManagementFactory.getPlatformMBeanServer(), securityManager, false));
HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
Role sendRole = new Role("producers", true, false, true, false, true, false, false, false, false, false);
Role receiveRole = new Role("consumers", false, true, false, false, false, false, false, false, false, false);
Set<Role> roles = new HashSet<>();
roles.add(sendRole);
roles.add(receiveRole);
securityRepository.addMatch(DualAuthenticationTest.QUEUE.toString(), roles);
server.start();
waitForServerToStart(server);
tc = new TransportConfiguration(NETTY_CONNECTOR_FACTORY);
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)
TransportConfiguration(org.apache.activemq.artemis.api.core.TransportConfiguration)
SimpleString(org.apache.activemq.artemis.api.core.SimpleString)
Role(org.apache.activemq.artemis.core.security.Role)
ConfigurationImpl(org.apache.activemq.artemis.core.config.impl.ConfigurationImpl)
ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)
HashSet(java.util.HashSet)
Before(org.junit.Before)
Aggregations
ActiveMQJAASSecurityManager (org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)91
ActiveMQServer (org.apache.activemq.artemis.core.server.ActiveMQServer)50
Role (org.apache.activemq.artemis.core.security.Role)49
Test (org.junit.Test)48
HashSet (java.util.HashSet)47
ClientSessionFactory (org.apache.activemq.artemis.api.core.client.ClientSessionFactory)42
ClientSession (org.apache.activemq.artemis.api.core.client.ClientSession)40
ActiveMQException (org.apache.activemq.artemis.api.core.ActiveMQException)30
Set (java.util.Set)27
SimpleString (org.apache.activemq.artemis.api.core.SimpleString)23
TransportConfiguration (org.apache.activemq.artemis.api.core.TransportConfiguration)23
ClientProducer (org.apache.activemq.artemis.api.core.client.ClientProducer)21
SecurityConfiguration (org.apache.activemq.artemis.core.config.impl.SecurityConfiguration)21
InVMLoginModule (org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule)19
Configuration (org.apache.activemq.artemis.core.config.Configuration)18
ActiveMQSecurityException (org.apache.activemq.artemis.api.core.ActiveMQSecurityException)16
HashMap (java.util.HashMap)14
Before (org.junit.Before)13
ActiveMQSecurityManager (org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)10
ActiveMQServerImpl (org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl)9
