@Override public Set<Role> getSecurity(final String addressMatch) { return server.getSecurityRepository().getMatch(addressMatch); }
@Override public void addSecurity(final String addressMatch, final Set<Role> roles) { server.getSecurityRepository().addMatch(addressMatch, roles); }
static void removeRole(ActiveMQServer server, String match, String roleName) { if (server != null) { final Set<Role> roles = server.getSecurityRepository().getMatch(match); final Set<Role> newRoles = new HashSet<Role>(); for (final Role role : roles) { if (!roleName.equals(role.getName())) { newRoles.add(role); } } server.getSecurityRepository().addMatch(match, newRoles); } }
static void removeRole(ActiveMQServer server, String match, String roleName) { if (server != null) { final Set<Role> roles = server.getSecurityRepository().getMatch(match); final Set<Role> newRoles = new HashSet<Role>(); for (final Role role : roles) { if (!roleName.equals(role.getName())) { newRoles.add(role); } } server.getSecurityRepository().addMatch(match, newRoles); } }
@Override protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException { final ActiveMQServer server = getServer(context, operation); if(server != null) { final PathAddress address = PathAddress.pathAddress(operation.require(ModelDescriptionConstants.OP_ADDR)); final String match = address.getLastElement().getValue(); server.getSecurityRepository().addMatch(match, new HashSet<Role>()); } }
@Override protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException { final ActiveMQServer server = getServer(context, operation); if(server != null) { final PathAddress address = PathAddress.pathAddress(operation.require(ModelDescriptionConstants.OP_ADDR)); final String match = address.getLastElement().getValue(); server.getSecurityRepository().addMatch(match, new HashSet<Role>()); } }
@Override public void setSecurityConfig(final Set<Role> defConfig) throws Exception { getActiveMQServer().getSecurityRepository().removeMatch("#"); getActiveMQServer().getSecurityRepository().addMatch("#", defConfig); }
@Override public void configureSecurityForDestination(final String destName, final boolean isQueue, final Set<Role> roles) throws Exception { if (roles != null) { getActiveMQServer().getSecurityRepository().addMatch(destName, roles); } else { getActiveMQServer().getSecurityRepository().removeMatch(destName); } }
@Override public Set<Role> getSecurityConfig() throws Exception { return getActiveMQServer().getSecurityRepository().getMatch("*"); }
private Set<Role> getSecurityRoles(EmbeddedActiveMQ embeddedActiveMQ, String address) { return embeddedActiveMQ.getActiveMQServer().getSecurityRepository().getMatch(address); }
@Override public void removeSecuritySettings(final String addressMatch) throws Exception { checkStarted(); clearIO(); try { server.getSecurityRepository().removeMatch(addressMatch); storageManager.deleteSecurityRoles(new SimpleString(addressMatch)); } finally { blockOnIO(); } }
@Override protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException { final ActiveMQServer server = getServer(context, operation); if(server != null) { final PathAddress address = PathAddress.pathAddress(operation.require(ModelDescriptionConstants.OP_ADDR)); final String match = address.getLastElement().getValue(); server.getSecurityRepository().removeMatch(match); } }
@Override protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException { final ActiveMQServer server = getServer(context, operation); if(server != null) { final PathAddress address = PathAddress.pathAddress(operation.require(ModelDescriptionConstants.OP_ADDR)); final String match = address.getLastElement().getValue(); server.getSecurityRepository().removeMatch(match); } }
@Override public String getRolesAsJSON(final String addressMatch) throws Exception { checkStarted(); clearIO(); try { JsonArrayBuilder json = JsonLoader.createArrayBuilder(); Set<Role> roles = server.getSecurityRepository().getMatch(addressMatch); for (Role role : roles) { json.add(role.toJson()); } return json.build().toString(); } finally { blockOnIO(); } }
@Override protected void revertUpdateToRuntime(OperationContext context, ModelNode operation, String attributeName, ModelNode valueToRestore, ModelNode valueToRevert, Set<Role> handback) throws OperationFailedException { if (handback != null) { final ActiveMQServer server = getActiveMQServer(context, operation); if(server != null) { final PathAddress address = PathAddress.pathAddress(operation.require(ModelDescriptionConstants.OP_ADDR)); final String match = address.getElement(address.size() - 2).getValue(); server.getSecurityRepository().addMatch(match, handback); } } } }
@Override protected void revertUpdateToRuntime(OperationContext context, ModelNode operation, String attributeName, ModelNode valueToRestore, ModelNode valueToRevert, Set<Role> handback) throws OperationFailedException { if (handback != null) { final ActiveMQServer server = getActiveMQServer(context, operation); if(server != null) { final PathAddress address = PathAddress.pathAddress(operation.require(ModelDescriptionConstants.OP_ADDR)); final String match = address.getElement(address.size() - 2).getValue(); server.getSecurityRepository().addMatch(match, handback); } } } }
@Override protected void configureBrokerSecurity(ActiveMQServer server) { server.getConfiguration().setSecurityEnabled(isSecurityEnabled()); ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager(); securityManager.setConfigurationName("Krb5Plus"); securityManager.setConfiguration(null); final String roleName = "ALLOW_ALL"; Role role = new Role(roleName, true, true, true, true, true, true, true, true, true, true); Set<Role> roles = new HashSet<>(); roles.add(role); server.getSecurityRepository().addMatch(getQueueName().toString(), roles); }
@Override public Object[] getRoles(final String addressMatch) throws Exception { checkStarted(); checkStarted(); clearIO(); try { Set<Role> roles = server.getSecurityRepository().getMatch(addressMatch); Object[] objRoles = new Object[roles.size()]; int i = 0; for (Role role : roles) { objRoles[i++] = new Object[]{role.getName(), CheckType.SEND.hasRole(role), CheckType.CONSUME.hasRole(role), CheckType.CREATE_DURABLE_QUEUE.hasRole(role), CheckType.DELETE_DURABLE_QUEUE.hasRole(role), CheckType.CREATE_NON_DURABLE_QUEUE.hasRole(role), CheckType.DELETE_NON_DURABLE_QUEUE.hasRole(role), CheckType.MANAGE.hasRole(role)}; } return objRoles; } finally { blockOnIO(); } }
/** * @return */ protected ActiveMQJAASSecurityManager installSecurity(TestableServer server) { ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getServer().getSecurityManager(); securityManager.getConfiguration().addUser("a", "b"); Role role = new Role("arole", true, true, true, true, true, true, true, true, true, true); Set<Role> roles = new HashSet<>(); roles.add(role); server.getServer().getSecurityRepository().addMatch("#", roles); securityManager.getConfiguration().addRole("a", "arole"); return securityManager; } }
@Before @Override public void setUp() throws Exception { super.setUp(); ((ActiveMQJAASSecurityManager) server.getSecurityManager()).getConfiguration().addUser("guest", "guest"); ((ActiveMQJAASSecurityManager) server.getSecurityManager()).getConfiguration().setDefaultUser("guest"); ((ActiveMQJAASSecurityManager) server.getSecurityManager()).getConfiguration().addRole("guest", "allowAll"); Role role = new Role("allowAll", true, true, true, true, true, true, true, true, true, true); Set<Role> roles = new HashSet<>(); roles.add(role); server.getSecurityRepository().addMatch("#", roles); ServerLocator locator = ServerLocatorImpl.newLocator("tcp://localhost:61616"); factory = locator.createSessionFactory(); clientSession = factory.createSession(); }