Examples with NamedAddressSpace org.apache.qpid.server.model.NamedAddressSpace used on opensource projects

Search in sources :

Example 36 with NamedAddressSpace

use of org.apache.qpid.server.model.NamedAddressSpace in project qpid-broker-j by apache.

the class ServerSessionDelegate method exchangeUnbind.

@Override
public void exchangeUnbind(ServerSession session, ExchangeUnbind method) {
    NamedAddressSpace addressSpace = getAddressSpace(session);
    if (!method.hasQueue()) {
        exception(session, method, ExecutionErrorCode.ILLEGAL_ARGUMENT, "queue not set");
    } else if (nameNullOrEmpty(method.getExchange())) {
        exception(session, method, ExecutionErrorCode.INVALID_ARGUMENT, "Unbind not allowed for default exchange");
    } else if (!method.hasBindingKey()) {
        exception(session, method, ExecutionErrorCode.ILLEGAL_ARGUMENT, "binding-key not set");
    } else {
        Queue<?> queue = getQueue(addressSpace, method.getQueue());
        Exchange<?> exchange = getExchange(addressSpace, method.getExchange());
        if (queue == null) {
            exception(session, method, ExecutionErrorCode.NOT_FOUND, "Queue: '" + method.getQueue() + "' not found");
        } else if (exchange == null) {
            exception(session, method, ExecutionErrorCode.NOT_FOUND, "Exchange: '" + method.getExchange() + "' not found");
        } else {
            try {
                if (exchange.hasBinding(method.getBindingKey(), queue)) {
                    exchange.deleteBinding(method.getBindingKey(), queue);
                }
            } catch (AccessControlException e) {
                exception(session, method, ExecutionErrorCode.UNAUTHORIZED_ACCESS, e.getMessage());
            }
        }
    }
}
Also used : NamedAddressSpace(org.apache.qpid.server.model.NamedAddressSpace) AccessControlException(java.security.AccessControlException)

Example 37 with NamedAddressSpace

use of org.apache.qpid.server.model.NamedAddressSpace in project qpid-broker-j by apache.

the class OAuth2InteractiveAuthenticator method getAuthenticationHandler.

@Override
public AuthenticationHandler getAuthenticationHandler(final HttpServletRequest request, final HttpManagementConfiguration configuration) {
    final Port<?> port = configuration.getPort(request);
    if (configuration.getAuthenticationProvider(request) instanceof OAuth2AuthenticationProvider) {
        final OAuth2AuthenticationProvider oauth2Provider = (OAuth2AuthenticationProvider) configuration.getAuthenticationProvider(request);
        final Map<String, String> requestParameters;
        try {
            requestParameters = getRequestParameters(request);
        } catch (IllegalArgumentException e) {
            return new FailedAuthenticationHandler(400, "Some request parameters are included more than once " + request, e);
        }
        String error = requestParameters.get("error");
        if (error != null) {
            int responseCode = decodeErrorAsResponseCode(error);
            String errorDescription = requestParameters.get("error_description");
            if (responseCode == 403) {
                LOGGER.debug("Resource owner denies the access request");
                return new FailedAuthenticationHandler(responseCode, "Resource owner denies the access request");
            } else {
                LOGGER.warn("Authorization endpoint failed, error : '{}', error description '{}'", error, errorDescription);
                return new FailedAuthenticationHandler(responseCode, String.format("Authorization request failed :'%s'", error));
            }
        }
        final String authorizationCode = requestParameters.get("code");
        if (authorizationCode == null) {
            final String authorizationRedirectURL = buildAuthorizationRedirectURL(request, oauth2Provider);
            return response -> {
                final NamedAddressSpace addressSpace = configuration.getPort(request).getAddressSpace(request.getServerName());
                LOGGER.debug("Sending redirect to authorization endpoint {}", oauth2Provider.getAuthorizationEndpointURI(addressSpace));
                response.sendRedirect(authorizationRedirectURL);
            };
        } else {
            final HttpSession httpSession = request.getSession();
            String state = requestParameters.get("state");
            if (state == null) {
                LOGGER.warn("Deny login attempt with wrong state: {}", state);
                return new FailedAuthenticationHandler(400, "No state set on request with authorization code grant: " + request);
            }
            if (!checkState(request, state)) {
                LOGGER.warn("Deny login attempt with wrong state: {}", state);
                return new FailedAuthenticationHandler(401, "Received request with wrong state: " + state);
            }
            final String redirectUri = (String) httpSession.getAttribute(HttpManagementUtil.getRequestSpecificAttributeName(REDIRECT_URI_SESSION_ATTRIBUTE, request));
            final String originalRequestUri = (String) httpSession.getAttribute(HttpManagementUtil.getRequestSpecificAttributeName(ORIGINAL_REQUEST_URI_SESSION_ATTRIBUTE, request));
            final NamedAddressSpace addressSpace = configuration.getPort(request).getAddressSpace(request.getServerName());
            return new AuthenticationHandler() {

                @Override
                public void handleAuthentication(final HttpServletResponse response) throws IOException {
                    AuthenticationResult authenticationResult = oauth2Provider.authenticateViaAuthorizationCode(authorizationCode, redirectUri, addressSpace);
                    try {
                        Subject subject = createSubject(authenticationResult);
                        authoriseManagement(subject);
                        HttpManagementUtil.saveAuthorisedSubject(request, subject);
                        LOGGER.debug("Successful login. Redirect to original resource {}", originalRequestUri);
                        response.sendRedirect(originalRequestUri);
                    } catch (SecurityException e) {
                        if (e instanceof AccessControlException) {
                            LOGGER.info("User '{}' is not authorised for management", authenticationResult.getMainPrincipal());
                            response.sendError(403, "User is not authorised for management");
                        } else {
                            LOGGER.info("Authentication failed", authenticationResult.getCause());
                            response.sendError(401);
                        }
                    }
                }

                private Subject createSubject(final AuthenticationResult authenticationResult) {
                    SubjectCreator subjectCreator = port.getSubjectCreator(request.isSecure(), request.getServerName());
                    SubjectAuthenticationResult result = subjectCreator.createResultWithGroups(authenticationResult);
                    Subject original = result.getSubject();
                    if (original == null) {
                        throw new SecurityException("Only authenticated users can access the management interface");
                    }
                    Subject subject = HttpManagementUtil.createServletConnectionSubject(request, original);
                    return subject;
                }

                private void authoriseManagement(final Subject subject) {
                    Broker broker = (Broker) oauth2Provider.getParent();
                    HttpManagementUtil.assertManagementAccess(broker, subject);
                }
            };
        }
    } else {
        return null;
    }
}
Also used : HttpManagementUtil(org.apache.qpid.server.management.plugin.HttpManagementUtil) Enumeration(java.util.Enumeration) URISyntaxException(java.net.URISyntaxException) LoggerFactory(org.slf4j.LoggerFactory) HashMap(java.util.HashMap) AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult) SecureRandom(java.security.SecureRandom) HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpRequestInteractiveAuthenticator(org.apache.qpid.server.management.plugin.HttpRequestInteractiveAuthenticator) OAuth2Utils(org.apache.qpid.server.security.auth.manager.oauth2.OAuth2Utils) Map(java.util.Map) URI(java.net.URI) HttpSession(javax.servlet.http.HttpSession) SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult) Logger(org.slf4j.Logger) Port(org.apache.qpid.server.model.Port) OAuth2AuthenticationProvider(org.apache.qpid.server.security.auth.manager.oauth2.OAuth2AuthenticationProvider) Broker(org.apache.qpid.server.model.Broker) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) HttpManagementConfiguration(org.apache.qpid.server.management.plugin.HttpManagementConfiguration) Subject(javax.security.auth.Subject) SubjectCreator(org.apache.qpid.server.security.SubjectCreator) PluggableService(org.apache.qpid.server.plugin.PluggableService) NamedAddressSpace(org.apache.qpid.server.model.NamedAddressSpace) AccessControlException(java.security.AccessControlException) Collections(java.util.Collections) DatatypeConverter(javax.xml.bind.DatatypeConverter) Broker(org.apache.qpid.server.model.Broker) HttpSession(javax.servlet.http.HttpSession) NamedAddressSpace(org.apache.qpid.server.model.NamedAddressSpace) HttpServletResponse(javax.servlet.http.HttpServletResponse) AccessControlException(java.security.AccessControlException) Subject(javax.security.auth.Subject) SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult) AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult) SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult) OAuth2AuthenticationProvider(org.apache.qpid.server.security.auth.manager.oauth2.OAuth2AuthenticationProvider) SubjectCreator(org.apache.qpid.server.security.SubjectCreator)

Example 38 with NamedAddressSpace

use of org.apache.qpid.server.model.NamedAddressSpace in project qpid-broker-j by apache.

the class OAuth2InteractiveAuthenticator method buildAuthorizationRedirectURL.

private String buildAuthorizationRedirectURL(final HttpServletRequest request, final OAuth2AuthenticationProvider oauth2Provider) {
    final String redirectUri = getRedirectUri(request);
    final String originalRequestUri = getOriginalRequestUri(request);
    NamedAddressSpace addressSpace = HttpManagementUtil.getPort(request).getAddressSpace(request.getServerName());
    final URI authorizationEndpointURI = oauth2Provider.getAuthorizationEndpointURI(addressSpace);
    final String authorizationEndpoint = authorizationEndpointURI.toString();
    final HttpSession httpSession = request.getSession();
    httpSession.setAttribute(HttpManagementUtil.getRequestSpecificAttributeName(REDIRECT_URI_SESSION_ATTRIBUTE, request), redirectUri);
    httpSession.setAttribute(HttpManagementUtil.getRequestSpecificAttributeName(ORIGINAL_REQUEST_URI_SESSION_ATTRIBUTE, request), originalRequestUri);
    Map<String, String> queryArgs = new HashMap<>();
    queryArgs.put("client_id", oauth2Provider.getClientId());
    queryArgs.put("redirect_uri", redirectUri);
    queryArgs.put("response_type", "code");
    queryArgs.put("state", createState(request));
    if (oauth2Provider.getScope() != null) {
        queryArgs.put("scope", oauth2Provider.getScope());
    }
    StringBuilder urlBuilder = new StringBuilder(authorizationEndpoint);
    String query = authorizationEndpointURI.getQuery();
    if (query == null) {
        urlBuilder.append("?");
    } else if (query.length() > 0) {
        urlBuilder.append("&");
    }
    urlBuilder.append(OAuth2Utils.buildRequestQuery(queryArgs));
    return urlBuilder.toString();
}
Also used : HashMap(java.util.HashMap) HttpSession(javax.servlet.http.HttpSession) NamedAddressSpace(org.apache.qpid.server.model.NamedAddressSpace) URI(java.net.URI)

Example 39 with NamedAddressSpace

use of org.apache.qpid.server.model.NamedAddressSpace in project qpid-broker-j by apache.

the class VirtualHostAliasTest method testPatternMatching.

public void testPatternMatching() {
    final Map<String, Object> attributes = new HashMap<>();
    attributes.put(VirtualHostAlias.NAME, "matcher");
    attributes.put(VirtualHostAlias.TYPE, PatternMatchingAlias.TYPE_NAME);
    attributes.put(PatternMatchingAlias.PATTERN, "orange|pink.*");
    attributes.put(PatternMatchingAlias.VIRTUAL_HOST_NODE, _vhosts.get("purple").getParent());
    _port.createChild(VirtualHostAlias.class, attributes);
    NamedAddressSpace addressSpace = _port.getAddressSpace("orange");
    assertNotNull(addressSpace);
    assertEquals(_vhosts.get("purple"), addressSpace);
    addressSpace = _port.getAddressSpace("pink");
    assertNotNull(addressSpace);
    assertEquals(_vhosts.get("purple"), addressSpace);
    addressSpace = _port.getAddressSpace("pinker");
    assertNotNull(addressSpace);
    assertEquals(_vhosts.get("purple"), addressSpace);
    addressSpace = _port.getAddressSpace("o.*");
    assertNull(addressSpace);
}
Also used : HashMap(java.util.HashMap) NamedAddressSpace(org.apache.qpid.server.model.NamedAddressSpace)

Example 40 with NamedAddressSpace

use of org.apache.qpid.server.model.NamedAddressSpace in project qpid-broker-j by apache.

the class VirtualHostAliasTest method testDefaultAliases_HostNameAlias.

public void testDefaultAliases_HostNameAlias() {
    // 127.0.0.1 should always resolve and thus return the default vhost
    NamedAddressSpace addressSpace = _port.getAddressSpace("127.0.0.1");
    assertNotNull(addressSpace);
    assertEquals(_vhosts.get("black"), addressSpace);
}
Also used : NamedAddressSpace(org.apache.qpid.server.model.NamedAddressSpace)

Aggregations

NamedAddressSpace (org.apache.qpid.server.model.NamedAddressSpace)42 AccessControlException (java.security.AccessControlException)22 HashMap (java.util.HashMap)12 MessageSource (org.apache.qpid.server.message.MessageSource)8 AbstractConfiguredObject (org.apache.qpid.server.model.AbstractConfiguredObject)8 Queue (org.apache.qpid.server.model.Queue)6 Collection (java.util.Collection)5 LinkedHashMap (java.util.LinkedHashMap)5 Map (java.util.Map)5 Symbol (org.apache.qpid.server.protocol.v1_0.type.Symbol)5 ConcurrentLinkedQueue (java.util.concurrent.ConcurrentLinkedQueue)4 IllegalConfigurationException (org.apache.qpid.server.configuration.IllegalConfigurationException)4 MessageDestination (org.apache.qpid.server.message.MessageDestination)4 AmqpPort (org.apache.qpid.server.model.port.AmqpPort)4 ArrayList (java.util.ArrayList)3 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)3 Exchange (org.apache.qpid.server.model.Exchange)3 BaseSource (org.apache.qpid.server.protocol.v1_0.type.BaseSource)3 Source (org.apache.qpid.server.protocol.v1_0.type.messaging.Source)3 AmqpError (org.apache.qpid.server.protocol.v1_0.type.transport.AmqpError)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial