Examples with ActiveMQJAASSecurityManager org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager used on opensource projects

Search in sources :

Example 11 with ActiveMQJAASSecurityManager

use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.

the class ShutdownOnCriticalIOErrorMoveNextTest method createServer.

ActiveMQServer createServer(String folder) throws Exception {
    final AtomicBoolean blocked = new AtomicBoolean(false);
    Configuration conf = createConfig(folder);
    ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager(InVMLoginModule.class.getName(), new SecurityConfiguration());
    conf.setPersistenceEnabled(true);
    ActiveMQServer server = new ActiveMQServerImpl(conf, securityManager) {

        @Override
        protected StorageManager createStorageManager() {
            JournalStorageManager storageManager = new JournalStorageManager(conf, getCriticalAnalyzer(), executorFactory, scheduledPool, ioExecutorFactory, shutdownOnCriticalIO) {

                @Override
                protected Journal createMessageJournal(Configuration config, IOCriticalErrorListener criticalErrorListener, int fileSize) {
                    return new JournalImpl(ioExecutorFactory, fileSize, config.getJournalMinFiles(), config.getJournalPoolFiles(), config.getJournalCompactMinFiles(), config.getJournalCompactPercentage(), config.getJournalFileOpenTimeout(), journalFF, "activemq-data", "amq", journalFF.getMaxIO(), 0, criticalErrorListener) {

                        @Override
                        protected void moveNextFile(boolean scheduleReclaim) throws Exception {
                            super.moveNextFile(scheduleReclaim);
                            if (blocked.get()) {
                                throw new IllegalStateException("forcibly down");
                            }
                        }
                    };
                }

                @Override
                public void storeMessage(Message message) throws Exception {
                    super.storeMessage(message);
                    blocked.set(true);
                }
            };
            this.getCriticalAnalyzer().add(storageManager);
            return storageManager;
        }
    };
    return server;
}
Also used : IOCriticalErrorListener(org.apache.activemq.artemis.core.io.IOCriticalErrorListener) Configuration(org.apache.activemq.artemis.core.config.Configuration) SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration) Message(org.apache.activemq.artemis.api.core.Message) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) InVMLoginModule(org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule) ActiveMQServerImpl(org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl) JournalStorageManager(org.apache.activemq.artemis.core.persistence.impl.journal.JournalStorageManager) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) ActiveMQServer(org.apache.activemq.artemis.core.server.ActiveMQServer) SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration) ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager) JournalImpl(org.apache.activemq.artemis.core.journal.impl.JournalImpl)

Example 12 with ActiveMQJAASSecurityManager

use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.

the class SecurityFailoverTest method createConfigs.

/**
 * @throws Exception
 */
@Override
protected void createConfigs() throws Exception {
    nodeManager = new InVMNodeManager(false);
    TransportConfiguration liveConnector = getConnectorTransportConfiguration(true);
    TransportConfiguration backupConnector = getConnectorTransportConfiguration(false);
    backupConfig = super.createDefaultInVMConfig().clearAcceptorConfigurations().addAcceptorConfiguration(getAcceptorTransportConfiguration(false)).setSecurityEnabled(true).setHAPolicyConfiguration(new SharedStoreSlavePolicyConfiguration()).addConnectorConfiguration(liveConnector.getName(), liveConnector).addConnectorConfiguration(backupConnector.getName(), backupConnector).addClusterConfiguration(basicClusterConnectionConfig(backupConnector.getName(), liveConnector.getName()));
    backupServer = createTestableServer(backupConfig);
    ActiveMQJAASSecurityManager securityManager = installSecurity(backupServer);
    securityManager.getConfiguration().setDefaultUser(null);
    liveConfig = super.createDefaultInVMConfig().clearAcceptorConfigurations().addAcceptorConfiguration(getAcceptorTransportConfiguration(true)).setSecurityEnabled(true).setHAPolicyConfiguration(new SharedStoreMasterPolicyConfiguration()).addClusterConfiguration(basicClusterConnectionConfig(liveConnector.getName())).addConnectorConfiguration(liveConnector.getName(), liveConnector);
    liveServer = createTestableServer(liveConfig);
    installSecurity(liveServer);
}
Also used : InVMNodeManager(org.apache.activemq.artemis.core.server.impl.InVMNodeManager) SharedStoreSlavePolicyConfiguration(org.apache.activemq.artemis.core.config.ha.SharedStoreSlavePolicyConfiguration) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) SharedStoreMasterPolicyConfiguration(org.apache.activemq.artemis.core.config.ha.SharedStoreMasterPolicyConfiguration) TransportConfiguration(org.apache.activemq.artemis.api.core.TransportConfiguration)

Example 13 with ActiveMQJAASSecurityManager

use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.

the class SecurityNotificationTest method testSECURITY_PERMISSION_VIOLATION.

@Test
public void testSECURITY_PERMISSION_VIOLATION() throws Exception {
    SimpleString queue = RandomUtil.randomSimpleString();
    SimpleString address = RandomUtil.randomSimpleString();
    // guest can not create queue
    Role role = new Role("roleCanNotCreateQueue", true, true, false, true, false, true, true, true, true, true);
    Set<Role> roles = new HashSet<>();
    roles.add(role);
    server.getSecurityRepository().addMatch(address.toString(), roles);
    ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
    securityManager.getConfiguration().addRole("guest", "roleCanNotCreateQueue");
    SecurityNotificationTest.flush(notifConsumer);
    ServerLocator locator = createInVMNonHALocator();
    ClientSessionFactory sf = createSessionFactory(locator);
    ClientSession guestSession = sf.createSession("guest", "guest", false, true, true, false, 1);
    try {
        guestSession.createQueue(address, queue, true);
        Assert.fail("session creation must fail and a notification of security violation must be sent");
    } catch (Exception e) {
    }
    ClientMessage[] notifications = SecurityNotificationTest.consumeMessages(1, notifConsumer);
    Assert.assertEquals(SECURITY_PERMISSION_VIOLATION.toString(), notifications[0].getObjectProperty(ManagementHelper.HDR_NOTIFICATION_TYPE).toString());
    Assert.assertEquals("guest", notifications[0].getObjectProperty(ManagementHelper.HDR_USER).toString());
    Assert.assertEquals(address.toString(), notifications[0].getObjectProperty(ManagementHelper.HDR_ADDRESS).toString());
    Assert.assertEquals(CheckType.CREATE_DURABLE_QUEUE.toString(), notifications[0].getObjectProperty(ManagementHelper.HDR_CHECK_TYPE).toString());
    guestSession.close();
}
Also used : Role(org.apache.activemq.artemis.core.security.Role) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) ClientSession(org.apache.activemq.artemis.api.core.client.ClientSession) SimpleString(org.apache.activemq.artemis.api.core.SimpleString) ClientSessionFactory(org.apache.activemq.artemis.api.core.client.ClientSessionFactory) ClientMessage(org.apache.activemq.artemis.api.core.client.ClientMessage) ServerLocator(org.apache.activemq.artemis.api.core.client.ServerLocator) ActiveMQException(org.apache.activemq.artemis.api.core.ActiveMQException) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 14 with ActiveMQJAASSecurityManager

use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.

the class SecurityNotificationTest method setUp.

// Package protected ---------------------------------------------
// Protected -----------------------------------------------------
@Override
@Before
public void setUp() throws Exception {
    super.setUp();
    Configuration config = createDefaultInVMConfig().setSecurityEnabled(true);
    server = addServer(ActiveMQServers.newActiveMQServer(config, false));
    server.start();
    notifQueue = RandomUtil.randomSimpleString();
    ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
    securityManager.getConfiguration().addUser("admin", "admin");
    securityManager.getConfiguration().addUser("guest", "guest");
    securityManager.getConfiguration().setDefaultUser("guest");
    Role role = new Role("notif", true, true, true, true, true, true, true, true, true, true);
    Set<Role> roles = new HashSet<>();
    roles.add(role);
    server.getSecurityRepository().addMatch(ActiveMQDefaultConfiguration.getDefaultManagementNotificationAddress().toString(), roles);
    securityManager.getConfiguration().addRole("admin", "notif");
    ServerLocator locator = createInVMNonHALocator();
    ClientSessionFactory sf = createSessionFactory(locator);
    adminSession = sf.createSession("admin", "admin", false, true, true, false, 1);
    adminSession.start();
    adminSession.createTemporaryQueue(ActiveMQDefaultConfiguration.getDefaultManagementNotificationAddress(), notifQueue);
    notifConsumer = adminSession.createConsumer(notifQueue);
}
Also used : Role(org.apache.activemq.artemis.core.security.Role) Configuration(org.apache.activemq.artemis.core.config.Configuration) ActiveMQDefaultConfiguration(org.apache.activemq.artemis.api.config.ActiveMQDefaultConfiguration) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) ClientSessionFactory(org.apache.activemq.artemis.api.core.client.ClientSessionFactory) ServerLocator(org.apache.activemq.artemis.api.core.client.ServerLocator) HashSet(java.util.HashSet) Before(org.junit.Before)

Example 15 with ActiveMQJAASSecurityManager

use of org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager in project activemq-artemis by apache.

the class MQTTTestSupport method configureBrokerSecurity.

/**
 * Copied from org.apache.activemq.artemis.tests.integration.amqp.AmqpClientTestSupport#configureBrokerSecurity()
 */
protected void configureBrokerSecurity(ActiveMQServer server) {
    if (isSecurityEnabled()) {
        ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager();
        // User additions
        securityManager.getConfiguration().addUser(noprivUser, noprivPass);
        securityManager.getConfiguration().addRole(noprivUser, "nothing");
        securityManager.getConfiguration().addUser(browseUser, browsePass);
        securityManager.getConfiguration().addRole(browseUser, "browser");
        securityManager.getConfiguration().addUser(guestUser, guestPass);
        securityManager.getConfiguration().addRole(guestUser, "guest");
        securityManager.getConfiguration().addUser(fullUser, fullPass);
        securityManager.getConfiguration().addRole(fullUser, "full");
        // Configure roles
        HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
        HashSet<Role> value = new HashSet<>();
        value.add(new Role("nothing", false, false, false, false, false, false, false, false, false, false));
        value.add(new Role("browser", false, false, false, false, false, false, false, true, false, false));
        value.add(new Role("guest", false, true, false, false, false, false, false, true, false, false));
        value.add(new Role("full", true, true, true, true, true, true, true, true, true, true));
        securityRepository.addMatch(getQueueName(), value);
        server.getConfiguration().setSecurityEnabled(true);
    } else {
        server.getConfiguration().setSecurityEnabled(false);
    }
}
Also used : Role(org.apache.activemq.artemis.core.security.Role) HashSet(java.util.HashSet) Set(java.util.Set) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) HashSet(java.util.HashSet)

Aggregations

ActiveMQJAASSecurityManager (org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)91 ActiveMQServer (org.apache.activemq.artemis.core.server.ActiveMQServer)50 Role (org.apache.activemq.artemis.core.security.Role)49 Test (org.junit.Test)48 HashSet (java.util.HashSet)47 ClientSessionFactory (org.apache.activemq.artemis.api.core.client.ClientSessionFactory)42 ClientSession (org.apache.activemq.artemis.api.core.client.ClientSession)40 ActiveMQException (org.apache.activemq.artemis.api.core.ActiveMQException)30 Set (java.util.Set)27 SimpleString (org.apache.activemq.artemis.api.core.SimpleString)23 TransportConfiguration (org.apache.activemq.artemis.api.core.TransportConfiguration)23 ClientProducer (org.apache.activemq.artemis.api.core.client.ClientProducer)21 SecurityConfiguration (org.apache.activemq.artemis.core.config.impl.SecurityConfiguration)21 InVMLoginModule (org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule)19 Configuration (org.apache.activemq.artemis.core.config.Configuration)18 ActiveMQSecurityException (org.apache.activemq.artemis.api.core.ActiveMQSecurityException)16 HashMap (java.util.HashMap)14 Before (org.junit.Before)13 ActiveMQSecurityManager (org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)10 ActiveMQServerImpl (org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl)9
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial