Search in sources :

Example 1 with JaasCallbackHandler

use of org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler in project activemq-artemis by apache.

the class TextFileCertificateLoginModuleTest method loginTest.

private void loginTest(String usersFiles, String groupsFile) throws LoginException {
    HashMap<String, String> options = new HashMap<>();
    options.put("org.apache.activemq.jaas.textfiledn.user", usersFiles);
    options.put("org.apache.activemq.jaas.textfiledn.role", groupsFile);
    options.put("reload", "true");
    JaasCallbackHandler[] callbackHandlers = new JaasCallbackHandler[NUMBER_SUBJECTS];
    Subject[] subjects = new Subject[NUMBER_SUBJECTS];
    for (int i = 0; i < callbackHandlers.length; i++) {
        callbackHandlers[i] = getJaasCertificateCallbackHandler("DN=TEST_USER_" + (i + 1));
    }
    long startTime = System.currentTimeMillis();
    for (int outer = 0; outer < 500; outer++) {
        for (int i = 0; i < NUMBER_SUBJECTS; i++) {
            Subject subject = doAuthenticate(options, callbackHandlers[i]);
            subjects[i] = subject;
        }
    }
    long endTime = System.currentTimeMillis();
    long timeTaken = endTime - startTime;
    for (int i = 0; i < NUMBER_SUBJECTS; i++) {
        ActiveMQServerLogger.LOGGER.info("subject is: " + subjects[i].getPrincipals().toString());
    }
    ActiveMQServerLogger.LOGGER.info(usersFiles + ": Time taken is " + timeTaken);
}
Also used : HashMap(java.util.HashMap) JaasCallbackHandler(org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler) Subject(javax.security.auth.Subject)

Example 2 with JaasCallbackHandler

use of org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler in project activemq-artemis by apache.

the class TextFileCertificateLoginModuleTest method getJaasCertificateCallbackHandler.

private JaasCallbackHandler getJaasCertificateCallbackHandler(String user) {
    JMXPrincipal principal = new JMXPrincipal(user);
    X509Certificate cert = new StubX509Certificate(principal);
    return new JaasCallbackHandler(null, null, null) {

        @Override
        public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
            for (Callback callback : callbacks) {
                if (callback instanceof CertificateCallback) {
                    CertificateCallback certCallback = (CertificateCallback) callback;
                    certCallback.setCertificates(new X509Certificate[] { cert });
                } else {
                    throw new UnsupportedCallbackException(callback);
                }
            }
        }
    };
}
Also used : CertificateCallback(org.apache.activemq.artemis.spi.core.security.jaas.CertificateCallback) Callback(javax.security.auth.callback.Callback) JMXPrincipal(javax.management.remote.JMXPrincipal) CertificateCallback(org.apache.activemq.artemis.spi.core.security.jaas.CertificateCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) X509Certificate(javax.security.cert.X509Certificate) JaasCallbackHandler(org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler)

Example 3 with JaasCallbackHandler

use of org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler in project activemq-artemis by apache.

the class CertificateLoginModuleTest method loginWithCredentials.

private void loginWithCredentials(String userName, Set<String> rolesNames) throws LoginException {
    loginModule = new StubCertificateLoginModule(userName, new HashSet<>(rolesNames));
    JaasCallbackHandler callbackHandler = new JaasCallbackHandler(null, null, null);
    loginModule.initialize(subject, callbackHandler, null, new HashMap<String, Object>());
    loginModule.login();
    loginModule.commit();
}
Also used : JaasCallbackHandler(org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler) HashSet(java.util.HashSet)

Example 4 with JaasCallbackHandler

use of org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler in project activemq-artemis by apache.

the class PropertiesLoginModuleRaceConditionTest method before.

@Before
public void before() throws FileNotFoundException, IOException {
    createUsers();
    createGroups();
    options = new HashMap<>();
    // Used to simplify reproduction of the
    options.put("reload", "true");
    // race condition
    options.put("org.apache.activemq.jaas.properties.user", USERS_FILE);
    options.put("org.apache.activemq.jaas.properties.role", ROLES_FILE);
    options.put("baseDir", temp.getRoot().getAbsolutePath());
    errors = new ArrayBlockingQueue<>(processorCount());
    pool = Executors.newFixedThreadPool(processorCount(), ActiveMQThreadFactory.defaultThreadFactory());
    callback = new JaasCallbackHandler(USERNAME, PASSWORD, null);
}
Also used : JaasCallbackHandler(org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler) Before(org.junit.Before)

Example 5 with JaasCallbackHandler

use of org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler in project activemq-artemis by apache.

the class ActiveMQJAASSecurityManager method getAuthenticatedSubject.

private Subject getAuthenticatedSubject(final String user, final String password, final RemotingConnection remotingConnection) throws LoginException {
    LoginContext lc;
    ClassLoader currentLoader = Thread.currentThread().getContextClassLoader();
    ClassLoader thisLoader = this.getClass().getClassLoader();
    try {
        if (thisLoader != currentLoader) {
            Thread.currentThread().setContextClassLoader(thisLoader);
        }
        if (certificateConfigurationName != null && certificateConfigurationName.length() > 0 && getCertsFromConnection(remotingConnection) != null) {
            lc = new LoginContext(certificateConfigurationName, null, new JaasCallbackHandler(user, password, remotingConnection), certificateConfiguration);
        } else {
            lc = new LoginContext(configurationName, null, new JaasCallbackHandler(user, password, remotingConnection), configuration);
        }
        lc.login();
        return lc.getSubject();
    } finally {
        if (thisLoader != currentLoader) {
            Thread.currentThread().setContextClassLoader(currentLoader);
        }
    }
}
Also used : LoginContext(javax.security.auth.login.LoginContext) JaasCallbackHandler(org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler)

Aggregations

JaasCallbackHandler (org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler)5 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 JMXPrincipal (javax.management.remote.JMXPrincipal)1 Subject (javax.security.auth.Subject)1 Callback (javax.security.auth.callback.Callback)1 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1 LoginContext (javax.security.auth.login.LoginContext)1 X509Certificate (javax.security.cert.X509Certificate)1 CertificateCallback (org.apache.activemq.artemis.spi.core.security.jaas.CertificateCallback)1 Before (org.junit.Before)1