Search in sources :

Example 6 with AuthenticatedPrincipal

use of org.apache.qpid.server.security.auth.AuthenticatedPrincipal in project qpid-broker-j by apache.

the class AbstractConfiguredObject method attributeSet.

protected void attributeSet(String attributeName, Object oldAttributeValue, Object newAttributeValue) {
    final AuthenticatedPrincipal currentUser = AuthenticatedPrincipal.getCurrentUser();
    if (currentUser != null) {
        _attributes.put(LAST_UPDATED_BY, currentUser.getName());
        _lastUpdatedBy = currentUser.getName();
    }
    final Date currentTime = new Date();
    _attributes.put(LAST_UPDATED_TIME, currentTime);
    _lastUpdatedTime = currentTime;
    synchronized (_changeListeners) {
        List<ConfigurationChangeListener> copy = new ArrayList<ConfigurationChangeListener>(_changeListeners);
        for (ConfigurationChangeListener listener : copy) {
            listener.attributeSet(this, attributeName, oldAttributeValue, newAttributeValue);
        }
    }
}
Also used : CopyOnWriteArrayList(java.util.concurrent.CopyOnWriteArrayList) ArrayList(java.util.ArrayList) Date(java.util.Date) AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal)

Example 7 with AuthenticatedPrincipal

use of org.apache.qpid.server.security.auth.AuthenticatedPrincipal in project qpid-broker-j by apache.

the class VirtualHostTest method mockAuthenticatedPrincipal.

private Principal mockAuthenticatedPrincipal(final String principalName) {
    final Principal principal = mock(Principal.class);
    when(principal.getName()).thenReturn(principalName);
    return new AuthenticatedPrincipal(principal);
}
Also used : Principal(java.security.Principal) AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal) AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal)

Example 8 with AuthenticatedPrincipal

use of org.apache.qpid.server.security.auth.AuthenticatedPrincipal in project qpid-broker-j by apache.

the class UserPreferencesTest method setUp.

@Before
public void setUp() throws Exception {
    _configuredObject = mock(ConfiguredObject.class);
    _preferenceStore = mock(PreferenceStore.class);
    _preferenceTaskExecutor = new CurrentThreadTaskExecutor();
    _preferenceTaskExecutor.start();
    _userPreferences = new UserPreferencesImpl(_preferenceTaskExecutor, _configuredObject, _preferenceStore, Collections.<Preference>emptyList());
    _groupPrincipal = new GroupPrincipal(MYGROUP, (GroupProvider) null);
    _owner = new AuthenticatedPrincipal(new UsernamePrincipal(MYUSER, null));
    _subject = new Subject(true, Sets.newHashSet(_owner, _groupPrincipal), Collections.emptySet(), Collections.emptySet());
    _testId = UUID.randomUUID();
}
Also used : UsernamePrincipal(org.apache.qpid.server.security.auth.UsernamePrincipal) GroupPrincipal(org.apache.qpid.server.security.group.GroupPrincipal) CurrentThreadTaskExecutor(org.apache.qpid.server.configuration.updater.CurrentThreadTaskExecutor) ConfiguredObject(org.apache.qpid.server.model.ConfiguredObject) GroupProvider(org.apache.qpid.server.model.GroupProvider) PreferenceStore(org.apache.qpid.server.store.preferences.PreferenceStore) Subject(javax.security.auth.Subject) AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal) Before(org.junit.Before)

Example 9 with AuthenticatedPrincipal

use of org.apache.qpid.server.security.auth.AuthenticatedPrincipal in project qpid-broker-j by apache.

the class BrokerImplTest method testPurgeUser.

@Test
public void testPurgeUser() throws Exception {
    final String testUsername = "testUser";
    final String testPassword = "testPassword";
    // setup broker
    Map<String, Object> brokerAttributes = new HashMap<>();
    brokerAttributes.put("name", "Broker");
    brokerAttributes.put(Broker.MODEL_VERSION, BrokerModel.MODEL_VERSION);
    brokerAttributes.put(Broker.DURABLE, true);
    _brokerImpl = new BrokerImpl(brokerAttributes, _systemConfig);
    _brokerImpl.open();
    // setup auth provider with testuser
    final Map<String, Object> authProviderAttributes = new HashMap<>();
    authProviderAttributes.put(ConfiguredObject.NAME, "testAuthProvider");
    authProviderAttributes.put(ConfiguredObject.TYPE, "Simple");
    SimpleAuthenticationManager authenticationProvider = new SimpleAuthenticationManager(authProviderAttributes, _brokerImpl);
    authenticationProvider.create();
    authenticationProvider.addUser(testUsername, testPassword);
    // setup preference owned by testuser
    final Map<String, Object> preferenceAttributes = new HashMap<>();
    UUID preferenceId = UUID.randomUUID();
    preferenceAttributes.put(Preference.ID_ATTRIBUTE, preferenceId);
    preferenceAttributes.put(Preference.NAME_ATTRIBUTE, "testPref");
    preferenceAttributes.put(Preference.TYPE_ATTRIBUTE, "X-testPrefType");
    preferenceAttributes.put(Preference.VALUE_ATTRIBUTE, Collections.EMPTY_MAP);
    Subject testUserSubject = new Subject();
    testUserSubject.getPrincipals().add(new AuthenticatedPrincipal(new UsernamePrincipal(testUsername, authenticationProvider)));
    testUserSubject.setReadOnly();
    final Collection<Preference> preferences = Collections.singleton(PreferenceFactory.fromAttributes(_brokerImpl, preferenceAttributes));
    Subject.doAs(testUserSubject, new PrivilegedAction<Void>() {

        @Override
        public Void run() {
            try {
                _brokerImpl.getUserPreferences().updateOrAppend(preferences).get(10, TimeUnit.SECONDS);
            } catch (InterruptedException | ExecutionException | TimeoutException e) {
                e.printStackTrace();
                fail("Failed to put preference:");
            }
            return null;
        }
    });
    // test pre-conditions
    Collection<Preference> preferencesBeforePurge = getPreferencesAs(testUserSubject);
    assertEquals("Unexpected number of preferences before userPurge", (long) 1, (long) preferencesBeforePurge.size());
    assertEquals("Unexpected preference before userPurge", preferenceId, preferencesBeforePurge.iterator().next().getId());
    assertTrue("User was not valid before userPurge", authenticationProvider.getUsers().containsKey(testUsername));
    _brokerImpl.purgeUser(authenticationProvider, testUsername);
    // test post-conditions
    Collection<Preference> preferencesAfterPurge = getPreferencesAs(testUserSubject);
    assertEquals("Preferences were not deleted during userPurge", Collections.EMPTY_SET, preferencesAfterPurge);
    assertEquals("User was not deleted from authentication Provider", Collections.EMPTY_MAP, authenticationProvider.getUsers());
    verify(_preferenceStore).replace(Collections.singleton(preferenceId), Collections.EMPTY_SET);
}
Also used : HashMap(java.util.HashMap) Subject(javax.security.auth.Subject) AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal) UsernamePrincipal(org.apache.qpid.server.security.auth.UsernamePrincipal) BrokerImpl(org.apache.qpid.server.model.BrokerImpl) Preference(org.apache.qpid.server.model.preferences.Preference) ConfiguredObject(org.apache.qpid.server.model.ConfiguredObject) SimpleAuthenticationManager(org.apache.qpid.server.security.auth.manager.SimpleAuthenticationManager) UUID(java.util.UUID) Test(org.junit.Test)

Example 10 with AuthenticatedPrincipal

use of org.apache.qpid.server.security.auth.AuthenticatedPrincipal in project qpid-broker-j by apache.

the class ServerSessionTest method testOverlargeMessageTest.

@Test
public void testOverlargeMessageTest() throws Exception {
    final Broker<?> broker = mock(Broker.class);
    when(broker.getContextValue(eq(Long.class), eq(Broker.CHANNEL_FLOW_CONTROL_ENFORCEMENT_TIMEOUT))).thenReturn(0l);
    AmqpPort port = createMockPort();
    final AMQPConnection_0_10 modelConnection = mock(AMQPConnection_0_10.class);
    when(modelConnection.getCategoryClass()).thenReturn(Connection.class);
    when(modelConnection.getTypeClass()).thenReturn(AMQPConnection_0_10.class);
    when(modelConnection.closeAsync()).thenReturn(Futures.immediateFuture(null));
    when(modelConnection.getAddressSpace()).thenReturn(_virtualHost);
    when(modelConnection.getContextProvider()).thenReturn(_virtualHost);
    when(modelConnection.getBroker()).thenReturn(broker);
    when(modelConnection.getEventLogger()).thenReturn(mock(EventLogger.class));
    when(modelConnection.getContextValue(Long.class, Session.PRODUCER_AUTH_CACHE_TIMEOUT)).thenReturn(Session.PRODUCER_AUTH_CACHE_TIMEOUT_DEFAULT);
    when(modelConnection.getContextValue(Integer.class, Session.PRODUCER_AUTH_CACHE_SIZE)).thenReturn(Session.PRODUCER_AUTH_CACHE_SIZE_DEFAULT);
    when(modelConnection.getContextValue(Long.class, Connection.MAX_UNCOMMITTED_IN_MEMORY_SIZE)).thenReturn(Connection.DEFAULT_MAX_UNCOMMITTED_IN_MEMORY_SIZE);
    when(modelConnection.getChildExecutor()).thenReturn(_taskExecutor);
    when(modelConnection.getModel()).thenReturn(BrokerModel.getInstance());
    when(modelConnection.getPort()).thenReturn(port);
    final AuthenticatedPrincipal principal = new AuthenticatedPrincipal(new UsernamePrincipal(getTestName(), mock(AuthenticationProvider.class)));
    final Subject subject = new Subject(false, Collections.singleton(principal), Collections.emptySet(), Collections.emptySet());
    when(modelConnection.getSubject()).thenReturn(subject);
    when(modelConnection.getMaxMessageSize()).thenReturn(1024l);
    when(modelConnection.getCreatedTime()).thenReturn(new Date());
    ServerConnection connection = new ServerConnection(1, broker, port, Transport.TCP, modelConnection);
    connection.setVirtualHost(_virtualHost);
    final List<Method> invokedMethods = new ArrayList<>();
    ServerSession session = new ServerSession(connection, new ServerSessionDelegate(), new Binary(getTestName().getBytes()), 0) {

        @Override
        public void invoke(final Method m) {
            invokedMethods.add(m);
        }
    };
    Session_0_10 modelSession = new Session_0_10(modelConnection, 1, session, getTestName());
    session.setModelObject(modelSession);
    ServerSessionDelegate delegate = new ServerSessionDelegate();
    MessageTransfer xfr = new MessageTransfer();
    byte[] body1 = new byte[2048];
    xfr.setBody(QpidByteBuffer.wrap(body1));
    delegate.messageTransfer(session, xfr);
    assertFalse("No methods invoked - expecting at least 1", invokedMethods.isEmpty());
    Method firstInvoked = invokedMethods.get(0);
    final boolean condition = firstInvoked instanceof ExecutionException;
    assertTrue("First invoked method not execution error", condition);
    assertEquals(ExecutionErrorCode.RESOURCE_LIMIT_EXCEEDED, ((ExecutionException) firstInvoked).getErrorCode());
    invokedMethods.clear();
    // test the boundary condition
    byte[] body = new byte[1024];
    xfr.setBody(QpidByteBuffer.wrap(body));
    delegate.messageTransfer(session, xfr);
    assertTrue("Methods invoked when not expecting any", invokedMethods.isEmpty());
}
Also used : EventLogger(org.apache.qpid.server.logging.EventLogger) ArrayList(java.util.ArrayList) Method(org.apache.qpid.server.protocol.v0_10.transport.Method) Subject(javax.security.auth.Subject) Date(java.util.Date) AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal) UsernamePrincipal(org.apache.qpid.server.security.auth.UsernamePrincipal) AmqpPort(org.apache.qpid.server.model.port.AmqpPort) Binary(org.apache.qpid.server.protocol.v0_10.transport.Binary) ExecutionException(org.apache.qpid.server.protocol.v0_10.transport.ExecutionException) MessageTransfer(org.apache.qpid.server.protocol.v0_10.transport.MessageTransfer) Test(org.junit.Test)

Aggregations

AuthenticatedPrincipal (org.apache.qpid.server.security.auth.AuthenticatedPrincipal)27 Subject (javax.security.auth.Subject)12 UsernamePrincipal (org.apache.qpid.server.security.auth.UsernamePrincipal)11 Principal (java.security.Principal)7 ConfiguredObject (org.apache.qpid.server.model.ConfiguredObject)7 Before (org.junit.Before)6 Test (org.junit.Test)6 Date (java.util.Date)5 EventLogger (org.apache.qpid.server.logging.EventLogger)5 SubjectCreator (org.apache.qpid.server.security.SubjectCreator)5 ArrayList (java.util.ArrayList)4 AmqpPort (org.apache.qpid.server.model.port.AmqpPort)4 AMQPConnection (org.apache.qpid.server.transport.AMQPConnection)4 HashMap (java.util.HashMap)3 HashSet (java.util.HashSet)3 Broker (org.apache.qpid.server.model.Broker)3 GenericPrincipal (org.apache.qpid.server.model.preferences.GenericPrincipal)3 TransportFrame (org.apache.qpid.server.protocol.v1_0.framing.TransportFrame)3 SubjectAuthenticationResult (org.apache.qpid.server.security.auth.SubjectAuthenticationResult)3 URISyntaxException (java.net.URISyntaxException)2