You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by Ramsub <ra...@cisco.com> on 2008/01/03 23:58:09 UTC

Issue with custom security plugin

I'm developing a custom security plugin for my application. My idea is an 
implementation a kind of ACL, ie to allow only known clients. Code will
scrunitize the ipaddr of the client and will only allow the known ones. I'm
using version activemq4.1.0 and running into the following issue. 

- I intercept my embedded broker for addConnection; look at the ipaddr and
dont call addConnection until it's from known addr. But, still, connections
are being made from all clients. In fact, I even, added 'removeConnection',
which still doesn't work. I also intercepted 'addSession', and still the
same issue. 

Here's the relevant code snip: 

public class MGSecBroker extends BrokerFilter { 
    private static final Logger logger =
Logger.getLogger(MGSecPlugin.class); 

    public MGSecBroker (Broker next) { 
       super(next); 
        
    } 

    public void addConnection(ConnectionContext context, ConnectionInfo
info) throws Exception { 
        String ipaddr = context.getConnection().getRemoteAddress(); 
        System.out.println("IPADDR from: " + ipaddr); 
        String subStr = ipaddr.substring(1,10); 
        if (subStr.equals("127.0.0.1")) { 
            System.out.println("blocking..."); 
            Throwable error = new Throwable("You're not allowed"); 
            super.removeConnection(context, info, error); 
        } else { 
            System.out.println("Connection is allowed"); 
            super.addConnection(context, info); 
        } 
    } 

public class MGSecPlugin implements BrokerPlugin { 
    private static final Logger logger =
Logger.getLogger(MGSecPlugin.class); 

    public Broker installPlugin(Broker broker) { 
            return new MGSecBroker(broker); 
    } 
} 


public class MGEmbedBroker implements Runnable { 
        public MGEmbedBroker() { 
             broker = new BrokerService(); 
             broker.setUseJmx(true); 
             broker.setPersistent(false); 
             broker.setPlugins(new BrokerPlugin[] { new MGSecPlugin ()} ); 
} 

I see that broker is getting intercepted and "blocking" gets printed, but in
fact, connections are being made from clients. Could you let me know what
I'm missing here? 
-rama
-- 
View this message in context: http://www.nabble.com/Issue-with-custom-security-plugin-tp14607193s2354p14607193.html
Sent from the ActiveMQ - Dev mailing list archive at Nabble.com.