Search in sources :

Example 11 with ActiveMQSecurityManager

use of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager in project activemq-artemis by apache.

the class ActiveMQServers method newActiveMQServer.

public static ActiveMQServer newActiveMQServer(final Configuration config, final MBeanServer mbeanServer, final boolean enablePersistence) {
    ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager(InVMLoginModule.class.getName(), new SecurityConfiguration());
    ActiveMQServer server = ActiveMQServers.newActiveMQServer(config, mbeanServer, securityManager, enablePersistence);
    return server;
}
Also used : ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) InVMLoginModule(org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule) SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration) ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)

Example 12 with ActiveMQSecurityManager

use of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager in project activemq-artemis by apache.

the class CriticalCrashTest method createServer.

ActiveMQServer createServer(String folder) throws Exception {
    final AtomicBoolean blocked = new AtomicBoolean(false);
    Configuration conf = createConfig(folder);
    ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager(InVMLoginModule.class.getName(), new SecurityConfiguration());
    conf.setPersistenceEnabled(true);
    ActiveMQServer server = new ActiveMQServerImpl(conf, securityManager) {

        @Override
        protected StorageManager createStorageManager() {
            JournalStorageManager storageManager = new JournalStorageManager(conf, getCriticalAnalyzer(), executorFactory, scheduledPool, ioExecutorFactory, shutdownOnCriticalIO) {

                @Override
                public void readLock() {
                    super.readLock();
                    if (blocked.get()) {
                        while (true) {
                            try {
                                System.out.println("Blocking forever");
                                Thread.sleep(1000);
                            } catch (Throwable ignored) {
                            }
                        }
                    }
                }

                @Override
                public void storeMessage(Message message) throws Exception {
                    super.storeMessage(message);
                    blocked.set(true);
                }
            };
            this.getCriticalAnalyzer().add(storageManager);
            return storageManager;
        }
    };
    return server;
}
Also used : AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) ActiveMQServer(org.apache.activemq.artemis.core.server.ActiveMQServer) Configuration(org.apache.activemq.artemis.core.config.Configuration) SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration) Message(org.apache.activemq.artemis.api.core.Message) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) InVMLoginModule(org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule) SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration) ActiveMQServerImpl(org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl) ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager) JournalStorageManager(org.apache.activemq.artemis.core.persistence.impl.journal.JournalStorageManager)

Example 13 with ActiveMQSecurityManager

use of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager in project activemq-artemis by apache.

the class SecurityTest method testCustomSecurityManager.

@Test
public void testCustomSecurityManager() throws Exception {
    final Configuration configuration = createDefaultInVMConfig().setSecurityEnabled(true);
    final ActiveMQSecurityManager customSecurityManager = new ActiveMQSecurityManager() {

        @Override
        public boolean validateUser(final String username, final String password) {
            return (username.equals("foo") || username.equals("bar") || username.equals("all")) && password.equals("frobnicate");
        }

        @Override
        public boolean validateUserAndRole(final String username, final String password, final Set<Role> requiredRoles, final CheckType checkType) {
            if ((username.equals("foo") || username.equals("bar") || username.equals("all")) && password.equals("frobnicate")) {
                if (username.equals("all")) {
                    return true;
                } else if (username.equals("foo")) {
                    return checkType == CheckType.CONSUME || checkType == CheckType.CREATE_NON_DURABLE_QUEUE;
                } else if (username.equals("bar")) {
                    return checkType == CheckType.SEND || checkType == CheckType.CREATE_NON_DURABLE_QUEUE;
                } else {
                    return false;
                }
            } else {
                return false;
            }
        }
    };
    final ActiveMQServer server = addServer(new ActiveMQServerImpl(configuration, customSecurityManager));
    server.start();
    final ServerLocator locator = createInVMNonHALocator();
    locator.setBlockOnNonDurableSend(true).setBlockOnDurableSend(true);
    final ClientSessionFactory factory = createSessionFactory(locator);
    ClientSession adminSession = factory.createSession("all", "frobnicate", false, true, true, false, -1);
    final String queueName = "test.queue";
    adminSession.createQueue(queueName, queueName, false);
    // Wrong user name
    try {
        factory.createSession("baz", "frobnicate", false, true, true, false, -1);
        Assert.fail("should throw exception");
    } catch (ActiveMQSecurityException se) {
    // ok
    } catch (ActiveMQException e) {
        fail("Invalid Exception type:" + e.getType());
    }
    // Wrong password
    try {
        factory.createSession("foo", "xxx", false, true, true, false, -1);
        Assert.fail("should throw exception");
    } catch (ActiveMQSecurityException se) {
    // ok
    } catch (ActiveMQException e) {
        fail("Invalid Exception type:" + e.getType());
    }
    // Correct user and password, allowed to send but not receive
    {
        final ClientSession session = factory.createSession("foo", "frobnicate", false, true, true, false, -1);
        checkUserReceiveNoSend(queueName, session, adminSession);
    }
    // Correct user and password, allowed to receive but not send
    {
        final ClientSession session = factory.createSession("bar", "frobnicate", false, true, true, false, -1);
        checkUserSendNoReceive(queueName, session);
    }
}
Also used : ActiveMQServer(org.apache.activemq.artemis.core.server.ActiveMQServer) Set(java.util.Set) HashSet(java.util.HashSet) TransportConfiguration(org.apache.activemq.artemis.api.core.TransportConfiguration) Configuration(org.apache.activemq.artemis.core.config.Configuration) ActiveMQException(org.apache.activemq.artemis.api.core.ActiveMQException) CheckType(org.apache.activemq.artemis.core.security.CheckType) ClientSession(org.apache.activemq.artemis.api.core.client.ClientSession) SimpleString(org.apache.activemq.artemis.api.core.SimpleString) ClientSessionFactory(org.apache.activemq.artemis.api.core.client.ClientSessionFactory) ActiveMQServerImpl(org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl) ActiveMQSecurityException(org.apache.activemq.artemis.api.core.ActiveMQSecurityException) ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager) ServerLocator(org.apache.activemq.artemis.api.core.client.ServerLocator) Test(org.junit.Test)

Example 14 with ActiveMQSecurityManager

use of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager in project activemq-artemis by apache.

the class DualAuthenticationTest method setUp.

@Override
@Before
public void setUp() throws Exception {
    super.setUp();
    Map<String, Object> params = new HashMap<>();
    params.put(TransportConstants.SSL_ENABLED_PROP_NAME, true);
    params.put(TransportConstants.KEYSTORE_PATH_PROP_NAME, SERVER_SIDE_KEYSTORE);
    params.put(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME, PASSWORD);
    params.put(TransportConstants.TRUSTSTORE_PATH_PROP_NAME, SERVER_SIDE_TRUSTSTORE);
    params.put(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME, PASSWORD);
    params.put(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME, true);
    params.put(TransportConstants.PORT_PROP_NAME, "61617");
    ConfigurationImpl config = createBasicConfig();
    config.addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY, params));
    config.addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY));
    config.setSecurityEnabled(true);
    ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager("DualAuthenticationPropertiesLogin", "DualAuthenticationCertLogin");
    server = addServer(ActiveMQServers.newActiveMQServer(config, ManagementFactory.getPlatformMBeanServer(), securityManager, false));
    HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
    Role sendRole = new Role("producers", true, false, true, false, true, false, false, false, false, false);
    Role receiveRole = new Role("consumers", false, true, false, false, false, false, false, false, false, false);
    Set<Role> roles = new HashSet<>();
    roles.add(sendRole);
    roles.add(receiveRole);
    securityRepository.addMatch(DualAuthenticationTest.QUEUE.toString(), roles);
    server.start();
    waitForServerToStart(server);
    tc = new TransportConfiguration(NETTY_CONNECTOR_FACTORY);
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) TransportConfiguration(org.apache.activemq.artemis.api.core.TransportConfiguration) SimpleString(org.apache.activemq.artemis.api.core.SimpleString) Role(org.apache.activemq.artemis.core.security.Role) ConfigurationImpl(org.apache.activemq.artemis.core.config.impl.ConfigurationImpl) ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager) HashSet(java.util.HashSet) Before(org.junit.Before)

Example 15 with ActiveMQSecurityManager

use of org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager in project activemq-artemis by apache.

the class ActiveMQTestBase method createInVMFailoverServer.

protected ActiveMQServer createInVMFailoverServer(final boolean realFiles, final Configuration configuration, final int pageSize, final int maxAddressSize, final Map<String, AddressSettings> settings, NodeManager nodeManager, final int id) {
    ActiveMQServer server;
    ActiveMQSecurityManager securityManager = new ActiveMQJAASSecurityManager(InVMLoginModule.class.getName(), new SecurityConfiguration());
    configuration.setPersistenceEnabled(realFiles);
    server = addServer(new InVMNodeManagerServer(configuration, ManagementFactory.getPlatformMBeanServer(), securityManager, nodeManager));
    try {
        server.setIdentity("Server " + id);
        for (Map.Entry<String, AddressSettings> setting : settings.entrySet()) {
            server.getAddressSettingsRepository().addMatch(setting.getKey(), setting.getValue());
        }
        AddressSettings defaultSetting = new AddressSettings();
        defaultSetting.setPageSizeBytes(pageSize);
        defaultSetting.setMaxSizeBytes(maxAddressSize);
        server.getAddressSettingsRepository().addMatch("#", defaultSetting);
        return server;
    } finally {
        addServer(server);
    }
}
Also used : ActiveMQServer(org.apache.activemq.artemis.core.server.ActiveMQServer) AddressSettings(org.apache.activemq.artemis.core.settings.impl.AddressSettings) ActiveMQJAASSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager) InVMLoginModule(org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule) SecurityConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration) SimpleString(org.apache.activemq.artemis.api.core.SimpleString) ActiveMQSecurityManager(org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager) Map(java.util.Map) HashMap(java.util.HashMap)

Aggregations

ActiveMQSecurityManager (org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager)16 ActiveMQJAASSecurityManager (org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager)10 SecurityConfiguration (org.apache.activemq.artemis.core.config.impl.SecurityConfiguration)8 ActiveMQServer (org.apache.activemq.artemis.core.server.ActiveMQServer)8 InVMLoginModule (org.apache.activemq.artemis.spi.core.security.jaas.InVMLoginModule)8 SimpleString (org.apache.activemq.artemis.api.core.SimpleString)7 Configuration (org.apache.activemq.artemis.core.config.Configuration)7 ActiveMQServerImpl (org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl)7 TransportConfiguration (org.apache.activemq.artemis.api.core.TransportConfiguration)6 HashMap (java.util.HashMap)5 HashSet (java.util.HashSet)5 Set (java.util.Set)5 Map (java.util.Map)3 ActiveMQException (org.apache.activemq.artemis.api.core.ActiveMQException)3 ActiveMQSecurityException (org.apache.activemq.artemis.api.core.ActiveMQSecurityException)3 Message (org.apache.activemq.artemis.api.core.Message)3 ClientSession (org.apache.activemq.artemis.api.core.client.ClientSession)3 ClientSessionFactory (org.apache.activemq.artemis.api.core.client.ClientSessionFactory)3 ServerLocator (org.apache.activemq.artemis.api.core.client.ServerLocator)3 CheckType (org.apache.activemq.artemis.core.security.CheckType)3