Example 11 with ActiveMQSecurityManager
use of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager in project activemq-artemis by apache.
the class ActiveMQServers method newActiveMQServer.
public static ActiveMQServer newActiveMQServer(final Configuration config, final MBeanServer mbeanServer, final boolean enablePersistence) {
ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager(InVMLoginModule.class.getName(), new SecurityConfiguration());
ActiveMQServer server = ActiveMQServers.newActiveMQServer(config, mbeanServer, securityManager, enablePersistence);
return server;
}
Also used :
ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)
InVMLoginModule(org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule)
SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration)
ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)
Example 12 with ActiveMQSecurityManager
use of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager in project activemq-artemis by apache.
the class CriticalCrashTest method createServer.
ActiveMQServer createServer(String folder) throws Exception {
final AtomicBoolean blocked = new AtomicBoolean(false);
Configuration conf = createConfig(folder);
ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager(InVMLoginModule.class.getName(), new SecurityConfiguration());
conf.setPersistenceEnabled(true);
ActiveMQServer server = new ActiveMQServerImpl(conf, securityManager) {
@Override
protected StorageManager createStorageManager() {
JournalStorageManager storageManager = new JournalStorageManager(conf, getCriticalAnalyzer(), executorFactory, scheduledPool, ioExecutorFactory, shutdownOnCriticalIO) {
@Override
public void readLock() {
super.readLock();
if (blocked.get()) {
while (true) {
try {
System.out.println("Blocking forever");
Thread.sleep(1000);
} catch (Throwable ignored) {
}
}
}
}
@Override
public void storeMessage(Message message) throws Exception {
super.storeMessage(message);
blocked.set(true);
}
};
this.getCriticalAnalyzer().add(storageManager);
return storageManager;
}
};
return server;
}
Also used :
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
ActiveMQServer(org.apache.activemq.artemis.core.server.ActiveMQServer)
Configuration(org.apache.activemq.artemis.core.config.Configuration)
SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration)
Message(org.apache.activemq.artemis.api.core.Message)
ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)
InVMLoginModule(org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule)
SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration)
ActiveMQServerImpl(org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl)
ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)
JournalStorageManager(org.apache.activemq.artemis.core.persistence.impl.journal.JournalStorageManager)
Example 13 with ActiveMQSecurityManager
use of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager in project activemq-artemis by apache.
the class SecurityTest method testCustomSecurityManager.
@Test
public void testCustomSecurityManager() throws Exception {
final Configuration configuration = createDefaultInVMConfig().setSecurityEnabled(true);
final ActiveMQSecurityManager customSecurityManager = new ActiveMQSecurityManager() {
@Override
public boolean validateUser(final String username, final String password) {
return (username.equals("foo") || username.equals("bar") || username.equals("all")) && password.equals("frobnicate");
}
@Override
public boolean validateUserAndRole(final String username, final String password, final Set<Role> requiredRoles, final CheckType checkType) {
if ((username.equals("foo") || username.equals("bar") || username.equals("all")) && password.equals("frobnicate")) {
if (username.equals("all")) {
return true;
} else if (username.equals("foo")) {
return checkType == CheckType.CONSUME || checkType == CheckType.CREATE_NON_DURABLE_QUEUE;
} else if (username.equals("bar")) {
return checkType == CheckType.SEND || checkType == CheckType.CREATE_NON_DURABLE_QUEUE;
} else {
return false;
}
} else {
return false;
}
}
};
final ActiveMQServer server = addServer(new ActiveMQServerImpl(configuration, customSecurityManager));
server.start();
final ServerLocator locator = createInVMNonHALocator();
locator.setBlockOnNonDurableSend(true).setBlockOnDurableSend(true);
final ClientSessionFactory factory = createSessionFactory(locator);
ClientSession adminSession = factory.createSession("all", "frobnicate", false, true, true, false, -1);
final String queueName = "test.queue";
adminSession.createQueue(queueName, queueName, false);
// Wrong user name
try {
factory.createSession("baz", "frobnicate", false, true, true, false, -1);
Assert.fail("should throw exception");
} catch (ActiveMQSecurityException se) {
// ok
} catch (ActiveMQException e) {
fail("Invalid Exception type:" + e.getType());
}
// Wrong password
try {
factory.createSession("foo", "xxx", false, true, true, false, -1);
Assert.fail("should throw exception");
} catch (ActiveMQSecurityException se) {
// ok
} catch (ActiveMQException e) {
fail("Invalid Exception type:" + e.getType());
}
// Correct user and password, allowed to send but not receive
{
final ClientSession session = factory.createSession("foo", "frobnicate", false, true, true, false, -1);
checkUserReceiveNoSend(queueName, session, adminSession);
}
// Correct user and password, allowed to receive but not send
{
final ClientSession session = factory.createSession("bar", "frobnicate", false, true, true, false, -1);
checkUserSendNoReceive(queueName, session);
}
}
Also used :
ActiveMQServer(org.apache.activemq.artemis.core.server.ActiveMQServer)
Set(java.util.Set)
HashSet(java.util.HashSet)
TransportConfiguration(org.apache.activemq.artemis.api.core.TransportConfiguration)
Configuration(org.apache.activemq.artemis.core.config.Configuration)
ActiveMQException(org.apache.activemq.artemis.api.core.ActiveMQException)
CheckType(org.apache.activemq.artemis.core.security.CheckType)
ClientSession(org.apache.activemq.artemis.api.core.client.ClientSession)
SimpleString(org.apache.activemq.artemis.api.core.SimpleString)
ClientSessionFactory(org.apache.activemq.artemis.api.core.client.ClientSessionFactory)
ActiveMQServerImpl(org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl)
ActiveMQSecurityException(org.apache.activemq.artemis.api.core.ActiveMQSecurityException)
ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)
ServerLocator(org.apache.activemq.artemis.api.core.client.ServerLocator)
Test(org.junit.Test)
Example 14 with ActiveMQSecurityManager
use of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager in project activemq-artemis by apache.
the class DualAuthenticationTest method setUp.
@Override
@Before
public void setUp() throws Exception {
super.setUp();
Map<String, Object> params = new HashMap<>();
params.put(TransportConstants.SSL_ENABLED_PROP_NAME, true);
params.put(TransportConstants.KEYSTORE_PATH_PROP_NAME, SERVER_SIDE_KEYSTORE);
params.put(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME, PASSWORD);
params.put(TransportConstants.TRUSTSTORE_PATH_PROP_NAME, SERVER_SIDE_TRUSTSTORE);
params.put(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME, PASSWORD);
params.put(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME, true);
params.put(TransportConstants.PORT_PROP_NAME, "61617");
ConfigurationImpl config = createBasicConfig();
config.addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY, params));
config.addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY));
config.setSecurityEnabled(true);
ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager("DualAuthenticationPropertiesLogin", "DualAuthenticationCertLogin");
server = addServer(ActiveMQServers.newActiveMQServer(config, ManagementFactory.getPlatformMBeanServer(), securityManager, false));
HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
Role sendRole = new Role("producers", true, false, true, false, true, false, false, false, false, false);
Role receiveRole = new Role("consumers", false, true, false, false, false, false, false, false, false, false);
Set<Role> roles = new HashSet<>();
roles.add(sendRole);
roles.add(receiveRole);
securityRepository.addMatch(DualAuthenticationTest.QUEUE.toString(), roles);
server.start();
waitForServerToStart(server);
tc = new TransportConfiguration(NETTY_CONNECTOR_FACTORY);
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)
TransportConfiguration(org.apache.activemq.artemis.api.core.TransportConfiguration)
SimpleString(org.apache.activemq.artemis.api.core.SimpleString)
Role(org.apache.activemq.artemis.core.security.Role)
ConfigurationImpl(org.apache.activemq.artemis.core.config.impl.ConfigurationImpl)
ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)
HashSet(java.util.HashSet)
Before(org.junit.Before)
Example 15 with ActiveMQSecurityManager
use of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager in project activemq-artemis by apache.
the class ActiveMQTestBase method createInVMFailoverServer.
protected ActiveMQServer createInVMFailoverServer(final boolean realFiles, final Configuration configuration, final int pageSize, final int maxAddressSize, final Map<String, AddressSettings> settings, NodeManager nodeManager, final int id) {
ActiveMQServer server;
ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager(InVMLoginModule.class.getName(), new SecurityConfiguration());
configuration.setPersistenceEnabled(realFiles);
server = addServer(new InVMNodeManagerServer(configuration, ManagementFactory.getPlatformMBeanServer(), securityManager, nodeManager));
try {
server.setIdentity("Server " + id);
for (Map.Entry<String, AddressSettings> setting : settings.entrySet()) {
server.getAddressSettingsRepository().addMatch(setting.getKey(), setting.getValue());
}
AddressSettings defaultSetting = new AddressSettings();
defaultSetting.setPageSizeBytes(pageSize);
defaultSetting.setMaxSizeBytes(maxAddressSize);
server.getAddressSettingsRepository().addMatch("#", defaultSetting);
return server;
} finally {
addServer(server);
}
}
Also used :
ActiveMQServer(org.apache.activemq.artemis.core.server.ActiveMQServer)
AddressSettings(org.apache.activemq.artemis.core.settings.impl.AddressSettings)
ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)
InVMLoginModule(org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule)
SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration)
SimpleString(org.apache.activemq.artemis.api.core.SimpleString)
ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)
Map(java.util.Map)
HashMap(java.util.HashMap)
Aggregations
ActiveMQSecurityManager (org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)16
ActiveMQJAASSecurityManager (org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)10
SecurityConfiguration (org.apache.activemq.artemis.core.config.impl.SecurityConfiguration)8
ActiveMQServer (org.apache.activemq.artemis.core.server.ActiveMQServer)8
InVMLoginModule (org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule)8
SimpleString (org.apache.activemq.artemis.api.core.SimpleString)7
Configuration (org.apache.activemq.artemis.core.config.Configuration)7
ActiveMQServerImpl (org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl)7
TransportConfiguration (org.apache.activemq.artemis.api.core.TransportConfiguration)6
HashMap (java.util.HashMap)5
HashSet (java.util.HashSet)5
Set (java.util.Set)5
Map (java.util.Map)3
ActiveMQException (org.apache.activemq.artemis.api.core.ActiveMQException)3
ActiveMQSecurityException (org.apache.activemq.artemis.api.core.ActiveMQSecurityException)3
Message (org.apache.activemq.artemis.api.core.Message)3
ClientSession (org.apache.activemq.artemis.api.core.client.ClientSession)3
ClientSessionFactory (org.apache.activemq.artemis.api.core.client.ClientSessionFactory)3
ServerLocator (org.apache.activemq.artemis.api.core.client.ServerLocator)3
CheckType (org.apache.activemq.artemis.core.security.CheckType)3
