Examples with ConnectionLimitException org.apache.qpid.server.security.limit.ConnectionLimitException used on opensource projects

Example 6 with ConnectionLimitException

use of org.apache.qpid.server.security.limit.ConnectionLimitException in project qpid-broker-j by apache.

the class ServerConnectionDelegate method connectionOpen.

@Override
public void connectionOpen(ServerConnection sconn, ConnectionOpen open) {
    assertState(sconn, ConnectionState.AWAIT_OPEN);
    NamedAddressSpace addressSpace;
    String vhostName;
    if (open.hasVirtualHost()) {
        vhostName = open.getVirtualHost();
    } else {
        vhostName = "";
    }
    AmqpPort port = sconn.getPort();
    addressSpace = port.getAddressSpace(vhostName);
    if (addressSpace != null) {
        if (!addressSpace.isActive()) {
            sconn.setState(ServerConnection.State.CLOSING);
            final String redirectHost = addressSpace.getRedirectHost(port);
            if (redirectHost == null) {
                sconn.sendConnectionClose(ConnectionCloseCode.CONNECTION_FORCED, "Virtual host '" + vhostName + "' is not active");
            } else {
                sconn.invoke(new ConnectionRedirect(redirectHost, new ArrayList<Object>()));
            }
            return;
        }
        try {
            final AMQPConnection_0_10 amqpConnection = sconn.getAmqpConnection();
            sconn.setVirtualHost(addressSpace);
            if (!addressSpace.authoriseCreateConnection(amqpConnection)) {
                sconn.setState(ServerConnection.State.CLOSING);
                sconn.sendConnectionClose(ConnectionCloseCode.CONNECTION_FORCED, "Connection not authorized");
                return;
            }
        } catch (AccessControlException | VirtualHostUnavailableException e) {
            sconn.setState(ServerConnection.State.CLOSING);
            sconn.sendConnectionClose(ConnectionCloseCode.CONNECTION_FORCED, e.getMessage());
            return;
        } catch (ConnectionLimitException e) {
            LOGGER.debug("User connection limit exceeded", e);
            sconn.setState(ServerConnection.State.CLOSING);
            sconn.sendConnectionClose(ConnectionCloseCode.CONNECTION_FORCED, e.getMessage());
        }
        sconn.setState(ServerConnection.State.OPEN);
        _state = ConnectionState.OPEN;
        sconn.invoke(new ConnectionOpenOk(Collections.emptyList()));
    } else {
        sconn.setState(ServerConnection.State.CLOSING);
        sconn.sendConnectionClose(ConnectionCloseCode.INVALID_PATH, "Unknown virtualhost '" + vhostName + "'");
    }
}

Example 7 with ConnectionLimitException

use of org.apache.qpid.server.security.limit.ConnectionLimitException in project qpid-broker-j by apache.

the class RuleSetTest method runRegistration.

private int runRegistration(RuleSet ruleSet, int threadCount) {
    final AtomicInteger positive = new AtomicInteger(threadCount);
    final Thread[] threads = new Thread[threadCount];
    for (int i = 0; i < threads.length; i++) {
        threads[i] = new Thread(() -> {
            try {
                ruleSet.register(newConnection());
            } catch (ConnectionLimitException e) {
                positive.decrementAndGet();
            }
        });
    }
    try {
        Arrays.stream(threads).forEach(Thread::start);
        for (final Thread thread : threads) {
            thread.join(300000L);
        }
    } catch (InterruptedException e) {
        Arrays.stream(threads).forEach(Thread::interrupt);
        return -1;
    }
    return positive.get();
}

Example 8 with ConnectionLimitException

use of org.apache.qpid.server.security.limit.ConnectionLimitException in project qpid-broker-j by apache.

the class RuleSetTest method testConnectionFrequencyLimit2.

private void testConnectionFrequencyLimit2(RuleSet ruleSet) {
    assertNotNull(ruleSet);
    ConnectionSlot connection1 = null;
    ConnectionSlot connection2 = null;
    try {
        connection1 = ruleSet.register(newConnection());
        connection2 = ruleSet.register(newConnection());
    } catch (ConnectionLimitException e) {
        fail("An exception is not expected");
    }
    assertNotNull(connection1);
    assertNotNull(connection2);
    try {
        ruleSet.register(newConnection());
        fail("An exception is expected here");
    } catch (ConnectionLimitException e) {
        assertTrue(Pattern.matches("User user breaks connection frequency limit 2 per \\d+ s on port amqp", e.getMessage()));
    }
    connection1.free();
    connection2.free();
    try {
        ruleSet.register(newConnection());
        fail("An exception is expected here");
    } catch (ConnectionLimitException e) {
        assertTrue(Pattern.matches("User user breaks connection frequency limit 2 per \\d+ s on port amqp", e.getMessage()));
    }
}

Example 9 with ConnectionLimitException

use of org.apache.qpid.server.security.limit.ConnectionLimitException in project qpid-broker-j by apache.

the class AMQPConnection_0_8Impl method receiveConnectionOpen.

@Override
public void receiveConnectionOpen(AMQShortString virtualHostName, AMQShortString capabilities, boolean insist) {
    LOGGER.debug("RECV ConnectionOpen[virtualHost: {}, capabilities: {}, insist: {}]", virtualHostName, capabilities, insist);
    assertState(ConnectionState.AWAIT_OPEN);
    String virtualHostStr = AMQShortString.toString(virtualHostName);
    if ((virtualHostStr != null) && virtualHostStr.charAt(0) == '/') {
        virtualHostStr = virtualHostStr.substring(1);
    }
    final NamedAddressSpace addressSpace = ((AmqpPort) getPort()).getAddressSpace(virtualHostStr);
    if (addressSpace == null) {
        sendConnectionClose(ErrorCodes.NOT_FOUND, "Unknown virtual host: '" + virtualHostName + "'", 0);
        return;
    }
    // Check virtualhost access
    if (!addressSpace.isActive()) {
        final String redirectHost = addressSpace.getRedirectHost(getPort());
        if (redirectHost != null) {
            sendConnectionClose(0, new AMQFrame(0, new ConnectionRedirectBody(getProtocolVersion(), AMQShortString.valueOf(redirectHost), null)));
        } else {
            sendConnectionClose(ErrorCodes.CONNECTION_FORCED, "Virtual host '" + addressSpace.getName() + "' is not active", 0);
        }
        return;
    }
    try {
        addressSpace.registerConnection(this);
        setAddressSpace(addressSpace);
        if (addressSpace.authoriseCreateConnection(this)) {
            final MethodRegistry methodRegistry = getMethodRegistry();
            final AMQMethodBody responseBody = methodRegistry.createConnectionOpenOkBody(virtualHostName);
            writeFrame(responseBody.generateFrame(0));
            _state = ConnectionState.OPEN;
        } else {
            sendConnectionClose(ErrorCodes.ACCESS_REFUSED, "Connection refused", 0);
        }
    } catch (AccessControlException | VirtualHostUnavailableException e) {
        sendConnectionClose(ErrorCodes.ACCESS_REFUSED, e.getMessage(), 0);
    } catch (ConnectionLimitException e) {
        LOGGER.debug("User connection limit exceeded", e);
        sendConnectionClose(ErrorCodes.RESOURCE_ERROR, e.getMessage(), 0);
    }
}

Example 10 with ConnectionLimitException

use of org.apache.qpid.server.security.limit.ConnectionLimitException in project qpid-broker-j by apache.

the class AMQPConnection_1_0Impl method receiveOpenInternal.

private void receiveOpenInternal(final NamedAddressSpace addressSpace) {
    if (!addressSpace.isActive()) {
        final Error err = new Error();
        populateConnectionRedirect(addressSpace, err);
        closeConnection(err);
        return;
    }
    final Principal authenticatedPrincipal = getAuthorizedPrincipal();
    if (authenticatedPrincipal == null) {
        closeConnection(AmqpError.NOT_ALLOWED, "Connection has not been authenticated");
        return;
    }
    try {
        addressSpace.registerConnection(this);
        setAddressSpace(addressSpace);
        if (!addressSpace.authoriseCreateConnection(this)) {
            closeConnection(AmqpError.NOT_ALLOWED, "Connection refused");
        } else {
            switch(_connectionState) {
                case AWAIT_OPEN:
                    sendOpen(_channelMax, _maxFrameSize);
                    _connectionState = ConnectionState.OPENED;
                    break;
                case CLOSE_SENT:
                case CLOSED:
                    // already sent our close - probably due to an error
                    break;
                default:
                    throw new ConnectionScopedRuntimeException(String.format("Unexpected state %s during connection open.", _connectionState));
            }
        }
    } catch (VirtualHostUnavailableException | AccessControlException e) {
        closeConnection(AmqpError.NOT_ALLOWED, e.getMessage());
    } catch (SoleConnectionEnforcementPolicyException e) {
        handleSoleConnectionEnforcement(addressSpace, e);
    } catch (ConnectionLimitException e) {
        LOGGER.debug("User connection limit exceeded", e);
        closeConnection(AmqpError.RESOURCE_LIMIT_EXCEEDED, e.getMessage());
    }
}