You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by de...@apache.org on 2013/03/22 16:08:51 UTC
svn commit: r1459834 - in
/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security:
AuthorizationEntry.java DefaultAuthorizationMap.java
SimpleCachedLDAPAuthorizationMap.java
Author: dejanb
Date: Fri Mar 22 15:08:51 2013
New Revision: 1459834
URL: http://svn.apache.org/r1459834
Log:
https://issues.apache.org/jira/browse/AMQ-3883 - allow arbitrary group principal class to be used by authorization map
Modified:
activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationEntry.java
activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java
activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationEntry.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationEntry.java?rev=1459834&r1=1459833&r2=1459834&view=diff
==============================================================================
--- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationEntry.java (original)
+++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationEntry.java Fri Mar 22 15:08:51 2013
@@ -111,45 +111,8 @@ public class AuthorizationEntry extends
Set<Object> answer = new HashSet<Object>();
StringTokenizer iter = new StringTokenizer(roles, ",");
while (iter.hasMoreTokens()) {
-
String name = iter.nextToken().trim();
- Object[] param = new Object[]{name};
-
- try {
- Class<?> cls = Class.forName(groupClass);
-
- Constructor<?>[] constructors = cls.getConstructors();
- int i;
- for (i = 0; i < constructors.length; i++) {
- Class<?>[] paramTypes = constructors[i].getParameterTypes();
- if (paramTypes.length != 0 && paramTypes[0].equals(String.class)) {
- break;
- }
- }
- if (i < constructors.length) {
- Object instance = constructors[i].newInstance(param);
- answer.add(instance);
- } else {
- Object instance = cls.newInstance();
- Method[] methods = cls.getMethods();
- i = 0;
- for (i = 0; i < methods.length; i++) {
- Class<?>[] paramTypes = methods[i].getParameterTypes();
- if (paramTypes.length != 0 && methods[i].getName().equals("setName") && paramTypes[0].equals(String.class)) {
- break;
- }
- }
-
- if (i < methods.length) {
- methods[i].invoke(instance, param);
- answer.add(instance);
- } else {
- throw new NoSuchMethodException();
- }
- }
- } catch (Exception e) {
- throw e;
- }
+ DefaultAuthorizationMap.createGroupPrincipal(name, getGroupClass());
}
return answer;
}
Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java?rev=1459834&r1=1459833&r2=1459834&view=diff
==============================================================================
--- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java (original)
+++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/DefaultAuthorizationMap.java Fri Mar 22 15:08:51 2013
@@ -16,6 +16,8 @@
*/
package org.apache.activemq.security;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Method;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
@@ -40,6 +42,8 @@ public class DefaultAuthorizationMap ext
private TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry;
+ private String groupClass = "org.apache.activemq.jaas.GroupPrincipal";
+
public DefaultAuthorizationMap() {
}
@@ -186,4 +190,49 @@ public class DefaultAuthorizationMap ext
return entries;
}
+ public String getGroupClass() {
+ return groupClass;
+ }
+
+ public void setGroupClass(String groupClass) {
+ this.groupClass = groupClass;
+ }
+
+ public static Object createGroupPrincipal(String name, String groupClass) throws Exception {
+ Object[] param = new Object[]{name};
+
+ Class<?> cls = Class.forName(groupClass);
+
+ Constructor<?>[] constructors = cls.getConstructors();
+ int i;
+ Object instance;
+ for (i = 0; i < constructors.length; i++) {
+ Class<?>[] paramTypes = constructors[i].getParameterTypes();
+ if (paramTypes.length != 0 && paramTypes[0].equals(String.class)) {
+ break;
+ }
+ }
+ if (i < constructors.length) {
+ instance = constructors[i].newInstance(param);
+ } else {
+ instance = cls.newInstance();
+ Method[] methods = cls.getMethods();
+ i = 0;
+ for (i = 0; i < methods.length; i++) {
+ Class<?>[] paramTypes = methods[i].getParameterTypes();
+ if (paramTypes.length != 0 && methods[i].getName().equals("setName") && paramTypes[0].equals(String.class)) {
+ break;
+ }
+ }
+
+ if (i < methods.length) {
+ methods[i].invoke(instance, param);
+ } else {
+ throw new NoSuchMethodException();
+ }
+ }
+
+ return instance;
+ }
+
}
Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java?rev=1459834&r1=1459833&r2=1459834&view=diff
==============================================================================
--- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java (original)
+++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java Fri Mar 22 15:08:51 2013
@@ -272,10 +272,7 @@ public class SimpleCachedLDAPAuthorizati
* {@link DestinationType#TEMP} or if the policy entry DN is malformed
*/
protected AuthorizationEntry getEntry(LdapName dn, DestinationType destinationType) {
-
AuthorizationEntry entry = null;
-
-
switch (destinationType) {
case TEMP:
// handle temp entry
@@ -405,7 +402,13 @@ public class SimpleCachedLDAPAuthorizati
+ memberDn + " under entry " + result.getNameInNamespace());
} else if (principalName != null){
if (group && !user) {
- members.add(new GroupPrincipal(principalName));
+ try {
+ members.add(createGroupPrincipal(principalName, getGroupClass()));
+ } catch (Exception e) {
+ NamingException ne = new NamingException("Can't create a group " + principalName + " of class " + getGroupClass());
+ ne.initCause(e);
+ throw ne;
+ }
} else if (!group && user) {
members.add(new UserPrincipal(principalName));
}