Example 1 with HostnameFirewallRule
use of org.apache.qpid.server.security.access.firewall.HostnameFirewallRule in project qpid-broker-j by apache.
the class HostnameFirewallRuleTest method testSingleHostname.
public void testSingleHostname() throws Exception {
String hostnameInRule = "hostnameInRule";
InetAddress addressWithMatchingHostname = mock(InetAddress.class);
when(addressWithMatchingHostname.getCanonicalHostName()).thenReturn(hostnameInRule);
_HostnameFirewallRule = new HostnameFirewallRule(hostnameInRule);
assertFalse(_HostnameFirewallRule.matches(_addressNotInRule));
assertTrue(_HostnameFirewallRule.matches(addressWithMatchingHostname));
}
Also used :
HostnameFirewallRule(org.apache.qpid.server.security.access.firewall.HostnameFirewallRule)
InetAddress(java.net.InetAddress)
Example 2 with HostnameFirewallRule
use of org.apache.qpid.server.security.access.firewall.HostnameFirewallRule in project qpid-broker-j by apache.
the class HostnameFirewallRuleTest method testEqualsAndHashCode.
public void testEqualsAndHashCode() {
String hostname1 = "hostname1";
String hostname2 = "hostname2";
HostnameFirewallRule rule = new HostnameFirewallRule(hostname1, hostname2);
HostnameFirewallRule equalRule = new HostnameFirewallRule(hostname1, hostname2);
assertTrue(rule.equals(rule));
assertTrue(rule.equals(equalRule));
assertTrue(equalRule.equals(rule));
assertTrue(rule.hashCode() == equalRule.hashCode());
assertFalse("Different hostnames should cause rules to be unequal", rule.equals(new HostnameFirewallRule(hostname1, "different-hostname")));
}
Also used :
HostnameFirewallRule(org.apache.qpid.server.security.access.firewall.HostnameFirewallRule)
Example 3 with HostnameFirewallRule
use of org.apache.qpid.server.security.access.firewall.HostnameFirewallRule in project qpid-broker-j by apache.
the class HostnameFirewallRuleTest method testSingleHostnameWildcard.
public void testSingleHostnameWildcard() throws Exception {
String hostnameInRule = ".*FOO.*";
InetAddress addressWithMatchingHostname = mock(InetAddress.class);
when(addressWithMatchingHostname.getCanonicalHostName()).thenReturn("xxFOOxx");
_HostnameFirewallRule = new HostnameFirewallRule(hostnameInRule);
assertFalse(_HostnameFirewallRule.matches(_addressNotInRule));
assertTrue(_HostnameFirewallRule.matches(addressWithMatchingHostname));
}
Also used :
HostnameFirewallRule(org.apache.qpid.server.security.access.firewall.HostnameFirewallRule)
InetAddress(java.net.InetAddress)
Example 4 with HostnameFirewallRule
use of org.apache.qpid.server.security.access.firewall.HostnameFirewallRule in project qpid-broker-j by apache.
the class MessagingACLTest method configureACL.
private void configureACL(String... rules) throws Exception {
EventLoggerProvider eventLoggerProvider = mock(EventLoggerProvider.class);
EventLogger eventLogger = mock(EventLogger.class);
when(eventLoggerProvider.getEventLogger()).thenReturn(eventLogger);
List<AclRule> aclRules = new ArrayList<>();
try (StringReader stringReader = new StringReader(Arrays.stream(rules).collect(Collectors.joining(LINE_SEPARATOR)))) {
RuleSet ruleSet = AclFileParser.parse(stringReader, eventLoggerProvider);
final List<Rule> parsedRules = ruleSet.getAllRules();
for (final Rule rule : parsedRules) {
aclRules.add(new AclRule() {
@Override
public String getIdentity() {
return rule.getIdentity();
}
@Override
public ObjectType getObjectType() {
return rule.getAction().getObjectType();
}
@Override
public LegacyOperation getOperation() {
return rule.getAction().getOperation();
}
@Override
public Map<ObjectProperties.Property, String> getAttributes() {
Map<ObjectProperties.Property, String> attributes = new HashMap<>(rule.getAction().getProperties().asPropertyMap());
FirewallRule firewallRule = rule.getAclAction().getFirewallRule();
if (firewallRule != null) {
if (firewallRule instanceof HostnameFirewallRule) {
attributes.put(ObjectProperties.Property.FROM_HOSTNAME, "127.0.0.1");
} else if (firewallRule instanceof NetworkFirewallRule) {
// tests use only 127.0.0.1 at the moment
attributes.put(ObjectProperties.Property.FROM_NETWORK, "127.0.0.1");
}
}
return attributes;
}
@Override
public RuleOutcome getOutcome() {
return rule.getRuleOutcome();
}
});
}
}
configureACL(aclRules.toArray(new AclRule[aclRules.size()]));
}
Also used :
NetworkFirewallRule(org.apache.qpid.server.security.access.firewall.NetworkFirewallRule)
RuleSet(org.apache.qpid.server.security.access.config.RuleSet)
LegacyOperation(org.apache.qpid.server.security.access.config.LegacyOperation)
EventLoggerProvider(org.apache.qpid.server.logging.EventLoggerProvider)
EventLogger(org.apache.qpid.server.logging.EventLogger)
ArrayList(java.util.ArrayList)
ObjectProperties(org.apache.qpid.server.security.access.config.ObjectProperties)
ObjectType(org.apache.qpid.server.security.access.config.ObjectType)
HostnameFirewallRule(org.apache.qpid.server.security.access.firewall.HostnameFirewallRule)
StringReader(java.io.StringReader)
RuleOutcome(org.apache.qpid.server.security.access.plugins.RuleOutcome)
AclRule(org.apache.qpid.server.security.access.plugins.AclRule)
AclRule(org.apache.qpid.server.security.access.plugins.AclRule)
NetworkFirewallRule(org.apache.qpid.server.security.access.firewall.NetworkFirewallRule)
Rule(org.apache.qpid.server.security.access.config.Rule)
FirewallRule(org.apache.qpid.server.security.access.firewall.FirewallRule)
HostnameFirewallRule(org.apache.qpid.server.security.access.firewall.HostnameFirewallRule)
Map(java.util.Map)
HashMap(java.util.HashMap)
NetworkFirewallRule(org.apache.qpid.server.security.access.firewall.NetworkFirewallRule)
FirewallRule(org.apache.qpid.server.security.access.firewall.FirewallRule)
HostnameFirewallRule(org.apache.qpid.server.security.access.firewall.HostnameFirewallRule)
Example 5 with HostnameFirewallRule
use of org.apache.qpid.server.security.access.firewall.HostnameFirewallRule in project qpid-broker-j by apache.
the class HostnameFirewallRuleTest method testMultipleHostnames.
public void testMultipleHostnames() throws Exception {
String[] hostnamesInRule = new String[] { "hostnameInRule1", "hostnameInRule2" };
_HostnameFirewallRule = new HostnameFirewallRule(hostnamesInRule);
assertFalse(_HostnameFirewallRule.matches(_addressNotInRule));
for (String hostnameInRule : hostnamesInRule) {
InetAddress addressWithMatchingHostname = mock(InetAddress.class);
when(addressWithMatchingHostname.getCanonicalHostName()).thenReturn(hostnameInRule);
assertTrue(_HostnameFirewallRule.matches(addressWithMatchingHostname));
}
}
Also used :
HostnameFirewallRule(org.apache.qpid.server.security.access.firewall.HostnameFirewallRule)
InetAddress(java.net.InetAddress)
Aggregations
HostnameFirewallRule (org.apache.qpid.server.security.access.firewall.HostnameFirewallRule)5
InetAddress (java.net.InetAddress)3
StringReader (java.io.StringReader)1
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
Map (java.util.Map)1
EventLogger (org.apache.qpid.server.logging.EventLogger)1
EventLoggerProvider (org.apache.qpid.server.logging.EventLoggerProvider)1
LegacyOperation (org.apache.qpid.server.security.access.config.LegacyOperation)1
ObjectProperties (org.apache.qpid.server.security.access.config.ObjectProperties)1
ObjectType (org.apache.qpid.server.security.access.config.ObjectType)1
Rule (org.apache.qpid.server.security.access.config.Rule)1
RuleSet (org.apache.qpid.server.security.access.config.RuleSet)1
FirewallRule (org.apache.qpid.server.security.access.firewall.FirewallRule)1
NetworkFirewallRule (org.apache.qpid.server.security.access.firewall.NetworkFirewallRule)1
AclRule (org.apache.qpid.server.security.access.plugins.AclRule)1
RuleOutcome (org.apache.qpid.server.security.access.plugins.RuleOutcome)1
