Example 1 with SoleConnectionEnforcementPolicyException
use of org.apache.qpid.server.protocol.v1_0.type.extensions.soleconn.SoleConnectionEnforcementPolicyException in project qpid-broker-j by apache.
the class AMQPConnection_1_0Impl method handleSoleConnectionEnforcement.
private void handleSoleConnectionEnforcement(final NamedAddressSpace addressSpace, final SoleConnectionEnforcementPolicyException e) {
if (isClosing()) {
return;
}
if (e.getPolicy() == SoleConnectionEnforcementPolicy.REFUSE_CONNECTION) {
LOGGER.debug("Closing newly open connection: {}", e.getMessage());
_properties.put(Symbol.valueOf("amqp:connection-establishment-failed"), true);
final Error error = new Error(AmqpError.INVALID_FIELD, String.format("Connection closed due to sole-connection-enforcement-policy '%s'", e.getPolicy()));
error.setInfo(Collections.singletonMap(Symbol.valueOf("invalid-field"), Symbol.valueOf("container-id")));
closeConnection(error);
getEventLogger().message(ResourceLimitMessages.REJECTED("Opening", "connection", String.format("container '%s'", e.getContainerID()), e.getMessage()));
} else if (e.getPolicy() == SoleConnectionEnforcementPolicy.CLOSE_EXISTING) {
final Error error = new Error(AmqpError.RESOURCE_LOCKED, String.format("Connection closed due to sole-connection-enforcement-policy '%s'", e.getPolicy()));
error.setInfo(Collections.singletonMap(Symbol.valueOf("sole-connection-enforcement"), true));
final EventLogger logger = getEventLogger();
final List<ListenableFuture<Void>> rescheduleFutures = new ArrayList<>();
for (final AMQPConnection_1_0<?> connection : e.getExistingConnections()) {
if (!connection.isClosing()) {
LOGGER.debug("Closing existing connection '{}': {}", connection.getName(), e.getMessage());
rescheduleFutures.add(connection.doOnIOThreadAsync(() -> connection.close(error)));
logger.message(ResourceLimitMessages.INFO(String.format("Closing existing connection '%s'", connection.getName()), e.getMessage()));
}
}
doAfter(allAsList(rescheduleFutures), () -> doOnIOThreadAsync(() -> receiveOpenInternal(addressSpace)));
}
}
Also used :
EventLogger(org.apache.qpid.server.logging.EventLogger)
ConnectionError(org.apache.qpid.server.protocol.v1_0.type.transport.ConnectionError)
AmqpError(org.apache.qpid.server.protocol.v1_0.type.transport.AmqpError)
Error(org.apache.qpid.server.protocol.v1_0.type.transport.Error)
Futures.allAsList(com.google.common.util.concurrent.Futures.allAsList)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 2 with SoleConnectionEnforcementPolicyException
use of org.apache.qpid.server.protocol.v1_0.type.extensions.soleconn.SoleConnectionEnforcementPolicyException in project qpid-broker-j by apache.
the class ProtocolEngine_1_0_0Test method setUp.
@Before
public void setUp() throws Exception {
_networkConnection = mock(ServerNetworkConnection.class);
when(_networkConnection.getLocalAddress()).thenReturn(new InetSocketAddress(0));
when(_networkConnection.getSelectedHost()).thenReturn("localhost");
_broker = mock(Broker.class);
when(_broker.getModel()).thenReturn(BrokerModel.getInstance());
when(_broker.getNetworkBufferSize()).thenReturn(256 * 1026);
final TaskExecutor taskExecutor = new TaskExecutorImpl();
taskExecutor.start();
when(_broker.getChildExecutor()).thenReturn(taskExecutor);
when(_broker.getTaskExecutor()).thenReturn(taskExecutor);
when(_broker.getId()).thenReturn(UUID.randomUUID());
when(_broker.getEventLogger()).thenReturn(new EventLogger());
when(((Broker) _broker).getCategoryClass()).thenReturn(Broker.class);
_port = mock(AmqpPort.class);
when(_port.getChildExecutor()).thenReturn(taskExecutor);
when(_port.getCategoryClass()).thenReturn(Port.class);
when(_port.getModel()).thenReturn(BrokerModel.getInstance());
final SubjectCreator subjectCreator = mock(SubjectCreator.class);
_authenticationProvider = mock(AuthenticationProvider.class);
when(_port.getAuthenticationProvider()).thenReturn(_authenticationProvider);
_virtualHost = mock(VirtualHost.class);
when(_virtualHost.getChildExecutor()).thenReturn(taskExecutor);
when(_virtualHost.getModel()).thenReturn(BrokerModel.getInstance());
when(_virtualHost.getState()).thenReturn(State.ACTIVE);
when(_virtualHost.isActive()).thenReturn(true);
final ArgumentCaptor<AMQPConnection> connectionCaptor = ArgumentCaptor.forClass(AMQPConnection.class);
doAnswer(new Answer() {
@Override
public Object answer(final InvocationOnMock invocation) throws Throwable {
_connection = connectionCaptor.getValue();
throw new SoleConnectionEnforcementPolicyException(null, Collections.emptySet(), "abc1");
}
}).when(_virtualHost).registerConnection(connectionCaptor.capture());
when(_virtualHost.getPrincipal()).thenReturn(mock(VirtualHostPrincipal.class));
when(_port.getAddressSpace(anyString())).thenReturn(_virtualHost);
when(_port.getSubjectCreator(anyBoolean(), anyString())).thenReturn(subjectCreator);
final ArgumentCaptor<Principal> userCaptor = ArgumentCaptor.forClass(Principal.class);
when(subjectCreator.createSubjectWithGroups(userCaptor.capture())).then(new Answer<Subject>() {
@Override
public Subject answer(final InvocationOnMock invocation) throws Throwable {
Subject subject = new Subject();
subject.getPrincipals().add(userCaptor.getValue());
return subject;
}
});
final ByteBufferSender sender = mock(ByteBufferSender.class);
when(_networkConnection.getSender()).thenReturn(sender);
AMQPDescribedTypeRegistry registry = AMQPDescribedTypeRegistry.newInstance().registerTransportLayer().registerMessagingLayer().registerTransactionLayer().registerSecurityLayer();
_frameWriter = new FrameWriter(registry, new ByteBufferSender() {
@Override
public boolean isDirectBufferPreferred() {
return false;
}
@Override
public void send(final QpidByteBuffer msg) {
_protocolEngine_1_0_0.received(msg);
}
@Override
public void flush() {
}
@Override
public void close() {
}
});
}
Also used :
ByteBufferSender(org.apache.qpid.server.transport.ByteBufferSender)
InetSocketAddress(java.net.InetSocketAddress)
VirtualHostPrincipal(org.apache.qpid.server.virtualhost.VirtualHostPrincipal)
AmqpPort(org.apache.qpid.server.model.port.AmqpPort)
ServerNetworkConnection(org.apache.qpid.server.transport.ServerNetworkConnection)
TaskExecutorImpl(org.apache.qpid.server.configuration.updater.TaskExecutorImpl)
AMQPDescribedTypeRegistry(org.apache.qpid.server.protocol.v1_0.type.codec.AMQPDescribedTypeRegistry)
Broker(org.apache.qpid.server.model.Broker)
SoleConnectionEnforcementPolicyException(org.apache.qpid.server.protocol.v1_0.type.extensions.soleconn.SoleConnectionEnforcementPolicyException)
EventLogger(org.apache.qpid.server.logging.EventLogger)
AuthenticationProvider(org.apache.qpid.server.model.AuthenticationProvider)
Subject(javax.security.auth.Subject)
FrameWriter(org.apache.qpid.server.protocol.v1_0.codec.FrameWriter)
Mockito.doAnswer(org.mockito.Mockito.doAnswer)
Answer(org.mockito.stubbing.Answer)
TaskExecutor(org.apache.qpid.server.configuration.updater.TaskExecutor)
AMQPConnection(org.apache.qpid.server.transport.AMQPConnection)
InvocationOnMock(org.mockito.invocation.InvocationOnMock)
ConfiguredObject(org.apache.qpid.server.model.ConfiguredObject)
QpidByteBuffer(org.apache.qpid.server.bytebuffer.QpidByteBuffer)
VirtualHost(org.apache.qpid.server.model.VirtualHost)
SubjectCreator(org.apache.qpid.server.security.SubjectCreator)
VirtualHostPrincipal(org.apache.qpid.server.virtualhost.VirtualHostPrincipal)
Principal(java.security.Principal)
AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal)
Before(org.junit.Before)
Example 3 with SoleConnectionEnforcementPolicyException
use of org.apache.qpid.server.protocol.v1_0.type.extensions.soleconn.SoleConnectionEnforcementPolicyException in project qpid-broker-j by apache.
the class AMQPConnection_1_0Impl method receiveOpenInternal.
private void receiveOpenInternal(final NamedAddressSpace addressSpace) {
if (!addressSpace.isActive()) {
final Error err = new Error();
populateConnectionRedirect(addressSpace, err);
closeConnection(err);
return;
}
final Principal authenticatedPrincipal = getAuthorizedPrincipal();
if (authenticatedPrincipal == null) {
closeConnection(AmqpError.NOT_ALLOWED, "Connection has not been authenticated");
return;
}
try {
addressSpace.registerConnection(this);
setAddressSpace(addressSpace);
if (!addressSpace.authoriseCreateConnection(this)) {
closeConnection(AmqpError.NOT_ALLOWED, "Connection refused");
} else {
switch(_connectionState) {
case AWAIT_OPEN:
sendOpen(_channelMax, _maxFrameSize);
_connectionState = ConnectionState.OPENED;
break;
case CLOSE_SENT:
case CLOSED:
// already sent our close - probably due to an error
break;
default:
throw new ConnectionScopedRuntimeException(String.format("Unexpected state %s during connection open.", _connectionState));
}
}
} catch (VirtualHostUnavailableException | AccessControlException e) {
closeConnection(AmqpError.NOT_ALLOWED, e.getMessage());
} catch (SoleConnectionEnforcementPolicyException e) {
handleSoleConnectionEnforcement(addressSpace, e);
} catch (ConnectionLimitException e) {
LOGGER.debug("User connection limit exceeded", e);
closeConnection(AmqpError.RESOURCE_LIMIT_EXCEEDED, e.getMessage());
}
}
Also used :
ConnectionLimitException(org.apache.qpid.server.security.limit.ConnectionLimitException)
VirtualHostUnavailableException(org.apache.qpid.server.virtualhost.VirtualHostUnavailableException)
SoleConnectionEnforcementPolicyException(org.apache.qpid.server.protocol.v1_0.type.extensions.soleconn.SoleConnectionEnforcementPolicyException)
ConnectionScopedRuntimeException(org.apache.qpid.server.util.ConnectionScopedRuntimeException)
ConnectionError(org.apache.qpid.server.protocol.v1_0.type.transport.ConnectionError)
AmqpError(org.apache.qpid.server.protocol.v1_0.type.transport.AmqpError)
Error(org.apache.qpid.server.protocol.v1_0.type.transport.Error)
AccessControlException(java.security.AccessControlException)
Principal(java.security.Principal)
AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal)
Aggregations
Principal (java.security.Principal)2
EventLogger (org.apache.qpid.server.logging.EventLogger)2
SoleConnectionEnforcementPolicyException (org.apache.qpid.server.protocol.v1_0.type.extensions.soleconn.SoleConnectionEnforcementPolicyException)2
AmqpError (org.apache.qpid.server.protocol.v1_0.type.transport.AmqpError)2
ConnectionError (org.apache.qpid.server.protocol.v1_0.type.transport.ConnectionError)2
Error (org.apache.qpid.server.protocol.v1_0.type.transport.Error)2
AuthenticatedPrincipal (org.apache.qpid.server.security.auth.AuthenticatedPrincipal)2
Futures.allAsList (com.google.common.util.concurrent.Futures.allAsList)1
InetSocketAddress (java.net.InetSocketAddress)1
AccessControlException (java.security.AccessControlException)1
ArrayList (java.util.ArrayList)1
List (java.util.List)1
Subject (javax.security.auth.Subject)1
QpidByteBuffer (org.apache.qpid.server.bytebuffer.QpidByteBuffer)1
TaskExecutor (org.apache.qpid.server.configuration.updater.TaskExecutor)1
TaskExecutorImpl (org.apache.qpid.server.configuration.updater.TaskExecutorImpl)1
AuthenticationProvider (org.apache.qpid.server.model.AuthenticationProvider)1
Broker (org.apache.qpid.server.model.Broker)1
ConfiguredObject (org.apache.qpid.server.model.ConfiguredObject)1
VirtualHost (org.apache.qpid.server.model.VirtualHost)1
