Examples with ConnectionPrincipal org.apache.qpid.server.connection.ConnectionPrincipal used on opensource projects

Search in sources :

Example 1 with ConnectionPrincipal

use of org.apache.qpid.server.connection.ConnectionPrincipal in project qpid-broker-j by apache.

the class AuthenticationResultCacherTest method setUp.

@Before
public void setUp() throws Exception {
    _connection = mock(AMQPConnection.class);
    when(_connection.getRemoteSocketAddress()).thenReturn(new InetSocketAddress("example.com", 9999));
    _subject = new Subject(true, Collections.singleton(new ConnectionPrincipal(_connection)), Collections.emptySet(), Collections.emptySet());
    _authenticationResultCacher = new AuthenticationResultCacher(10, 10 * 60L, 2);
    _loadCallCount = 0;
    _loader = new Callable<AuthenticationResult>() {

        @Override
        public AuthenticationResult call() throws Exception {
            _loadCallCount += 1;
            return _successfulAuthenticationResult;
        }
    };
}
Also used : AMQPConnection(org.apache.qpid.server.transport.AMQPConnection) InetSocketAddress(java.net.InetSocketAddress) ConnectionPrincipal(org.apache.qpid.server.connection.ConnectionPrincipal) Subject(javax.security.auth.Subject) AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult) Before(org.junit.Before)

Example 2 with ConnectionPrincipal

use of org.apache.qpid.server.connection.ConnectionPrincipal in project qpid-broker-j by apache.

the class AbstractMessageLogger method getLogActor.

static String getLogActor() {
    final Subject subject = Subject.getSubject(AccessController.getContext());
    final SessionPrincipal sessionPrincipal = getPrincipal(subject, SessionPrincipal.class);
    String message;
    if (sessionPrincipal != null) {
        message = generateSessionActor(sessionPrincipal.getSession());
    } else {
        final ConnectionPrincipal connPrincipal = getPrincipal(subject, ConnectionPrincipal.class);
        if (connPrincipal != null) {
            message = generateConnectionActor(connPrincipal.getConnection());
        } else {
            final TaskPrincipal taskPrincipal = getPrincipal(subject, TaskPrincipal.class);
            if (taskPrincipal != null) {
                message = generateTaskMessage(taskPrincipal);
            } else {
                final ManagementConnectionPrincipal managementConnection = getPrincipal(subject, ManagementConnectionPrincipal.class);
                if (managementConnection != null) {
                    message = generateManagementConnectionMessage(managementConnection, getPrincipal(subject, AuthenticatedPrincipal.class));
                } else {
                    message = UNKNOWN_ACTOR + " ";
                }
            }
        }
    }
    return message;
}
Also used : TaskPrincipal(org.apache.qpid.server.security.auth.TaskPrincipal) SessionPrincipal(org.apache.qpid.server.connection.SessionPrincipal) ConnectionPrincipal(org.apache.qpid.server.connection.ConnectionPrincipal) ManagementConnectionPrincipal(org.apache.qpid.server.security.auth.ManagementConnectionPrincipal) Subject(javax.security.auth.Subject) ManagementConnectionPrincipal(org.apache.qpid.server.security.auth.ManagementConnectionPrincipal)

Example 3 with ConnectionPrincipal

use of org.apache.qpid.server.connection.ConnectionPrincipal in project qpid-broker-j by apache.

the class ConnectionAndUserPredicate method evaluate.

@Override
public final boolean evaluate(final ILoggingEvent event) {
    String userPrincipalString = "";
    String connectionString = "";
    String remoteContainerName = "";
    final Subject subject = Subject.getSubject(AccessController.getContext());
    final Set<SocketConnectionPrincipal> connectionPrincipals = subject.getPrincipals(SocketConnectionPrincipal.class);
    final Set<AuthenticatedPrincipal> userPrincipals = subject.getPrincipals(AuthenticatedPrincipal.class);
    if (!connectionPrincipals.isEmpty()) {
        final SocketConnectionPrincipal socketConnectionPrincipal = connectionPrincipals.iterator().next();
        connectionString = socketConnectionPrincipal.getName();
        if (socketConnectionPrincipal instanceof ConnectionPrincipal) {
            remoteContainerName = ((ConnectionPrincipal) socketConnectionPrincipal).getConnection().getRemoteContainerName();
            if (remoteContainerName == null) {
                remoteContainerName = "";
            }
        }
    }
    if (!userPrincipals.isEmpty()) {
        userPrincipalString = new GenericPrincipal(userPrincipals.iterator().next()).toExternalForm();
    }
    return _usernamePattern.matcher(userPrincipalString).matches() && _connectionNamePattern.matcher(connectionString).matches() && _remoteContainerIdPattern.matcher(remoteContainerName).matches();
}
Also used : GenericPrincipal(org.apache.qpid.server.model.preferences.GenericPrincipal) SocketConnectionPrincipal(org.apache.qpid.server.security.auth.SocketConnectionPrincipal) SocketConnectionPrincipal(org.apache.qpid.server.security.auth.SocketConnectionPrincipal) ConnectionPrincipal(org.apache.qpid.server.connection.ConnectionPrincipal) Subject(javax.security.auth.Subject) AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal)

Example 4 with ConnectionPrincipal

use of org.apache.qpid.server.connection.ConnectionPrincipal in project qpid-broker-j by apache.

the class AbstractMessageLogger method getActor.

protected String getActor() {
    Subject subject = Subject.getSubject(AccessController.getContext());
    SessionPrincipal sessionPrincipal = getPrincipal(subject, SessionPrincipal.class);
    String message;
    if (sessionPrincipal != null) {
        message = generateSessionMessage(sessionPrincipal.getSession());
    } else {
        ConnectionPrincipal connPrincipal = getPrincipal(subject, ConnectionPrincipal.class);
        if (connPrincipal != null) {
            message = generateConnectionMessage(connPrincipal.getConnection());
        } else {
            TaskPrincipal taskPrincipal = getPrincipal(subject, TaskPrincipal.class);
            if (taskPrincipal != null) {
                message = generateTaskMessage(taskPrincipal);
            } else {
                ManagementConnectionPrincipal managementConnection = getPrincipal(subject, ManagementConnectionPrincipal.class);
                if (managementConnection != null) {
                    message = generateManagementConnectionMessage(managementConnection, getPrincipal(subject, AuthenticatedPrincipal.class));
                } else {
                    message = "<<UNKNOWN>> ";
                }
            }
        }
    }
    return message;
}
Also used : TaskPrincipal(org.apache.qpid.server.security.auth.TaskPrincipal) SessionPrincipal(org.apache.qpid.server.connection.SessionPrincipal) ConnectionPrincipal(org.apache.qpid.server.connection.ConnectionPrincipal) ManagementConnectionPrincipal(org.apache.qpid.server.security.auth.ManagementConnectionPrincipal) Subject(javax.security.auth.Subject) ManagementConnectionPrincipal(org.apache.qpid.server.security.auth.ManagementConnectionPrincipal)

Example 5 with ConnectionPrincipal

use of org.apache.qpid.server.connection.ConnectionPrincipal in project qpid-broker-j by apache.

the class RuleBasedAccessControl method authorise.

/**
 * Check if an operation is authorised by asking the  configuration object about the access
 * control rules granted to the current thread's {@link Subject}. If there is no current
 * user the plugin will abstain.
 */
@Override
public Result authorise(LegacyOperation operation, ObjectType objectType, ObjectProperties properties) {
    InetAddress addressOfClient = null;
    final Subject subject = Subject.getSubject(AccessController.getContext());
    // Abstain if there is no subject/principal associated with this thread
    if (subject == null || subject.getPrincipals().size() == 0) {
        return Result.DEFER;
    }
    Set<ConnectionPrincipal> principals = subject.getPrincipals(ConnectionPrincipal.class);
    if (!principals.isEmpty()) {
        SocketAddress address = principals.iterator().next().getConnection().getRemoteSocketAddress();
        if (address instanceof InetSocketAddress) {
            addressOfClient = ((InetSocketAddress) address).getAddress();
        }
    }
    if (LOGGER.isDebugEnabled()) {
        LOGGER.debug("Checking " + operation + " " + objectType + " " + (addressOfClient == null ? "" : addressOfClient));
    }
    try {
        return _ruleSet.check(subject, operation, objectType, properties, addressOfClient);
    } catch (Exception e) {
        LOGGER.error("Unable to check " + operation + " " + objectType + " " + (addressOfClient == null ? "" : addressOfClient), e);
        return Result.DENIED;
    }
}
Also used : InetSocketAddress(java.net.InetSocketAddress) SocketAddress(java.net.SocketAddress) InetSocketAddress(java.net.InetSocketAddress) InetAddress(java.net.InetAddress) ConnectionPrincipal(org.apache.qpid.server.connection.ConnectionPrincipal) Subject(javax.security.auth.Subject)

Aggregations

ConnectionPrincipal (org.apache.qpid.server.connection.ConnectionPrincipal)11 Subject (javax.security.auth.Subject)9 AMQPConnection (org.apache.qpid.server.transport.AMQPConnection)5 InetSocketAddress (java.net.InetSocketAddress)4 ManagementConnectionPrincipal (org.apache.qpid.server.security.auth.ManagementConnectionPrincipal)4 Test (org.junit.Test)4 InetAddress (java.net.InetAddress)3 ILoggingEvent (ch.qos.logback.classic.spi.ILoggingEvent)2 SessionPrincipal (org.apache.qpid.server.connection.SessionPrincipal)2 TaskPrincipal (org.apache.qpid.server.security.auth.TaskPrincipal)2 SocketAddress (java.net.SocketAddress)1 LogMessage (org.apache.qpid.server.logging.LogMessage)1 LogSubject (org.apache.qpid.server.logging.LogSubject)1 GenericPrincipal (org.apache.qpid.server.model.preferences.GenericPrincipal)1 Result (org.apache.qpid.server.security.Result)1 AuthenticatedPrincipal (org.apache.qpid.server.security.auth.AuthenticatedPrincipal)1 AuthenticationResult (org.apache.qpid.server.security.auth.AuthenticationResult)1 SocketConnectionPrincipal (org.apache.qpid.server.security.auth.SocketConnectionPrincipal)1 Before (org.junit.Before)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial