You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by sh...@apache.org on 2011/10/21 03:20:13 UTC
svn commit: r1187150 [18/43] - in /qpid/branches/QPID-2519: ./ bin/ cpp/
cpp/bindings/ cpp/bindings/qmf/python/ cpp/bindings/qmf/ruby/
cpp/bindings/qmf/tests/ cpp/bindings/qmf2/ cpp/bindings/qmf2/examples/cpp/
cpp/bindings/qmf2/python/ cpp/bindings/qmf...
Modified: qpid/branches/QPID-2519/doc/book/src/Cheat-Sheet-for-configuring-Queue-Options.xml
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/doc/book/src/Cheat-Sheet-for-configuring-Queue-Options.xml?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/doc/book/src/Cheat-Sheet-for-configuring-Queue-Options.xml (original)
+++ qpid/branches/QPID-2519/doc/book/src/Cheat-Sheet-for-configuring-Queue-Options.xml Fri Oct 21 01:19:00 2011
@@ -65,16 +65,6 @@
</itemizedlist>
</para></listitem>
</itemizedlist>
-
- <para>
- The 0.10 C++ Broker supports the following additional Queue configuration options:
- </para>
- <itemizedlist>
- <listitem><para>
- <xref linkend="producer-flow-control"/>
- </para></listitem>
- </itemizedlist>
-
<section role="h3" id="CheatSheetforconfiguringQueueOptions-ApplyingQueueSizingConstraints"><title>
Applying Queue Sizing Constraints
</title>
Modified: qpid/branches/QPID-2519/doc/book/src/Configure-Java-Qpid-to-use-a-SSL-connection.xml
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/doc/book/src/Configure-Java-Qpid-to-use-a-SSL-connection.xml?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/doc/book/src/Configure-Java-Qpid-to-use-a-SSL-connection.xml (original)
+++ qpid/branches/QPID-2519/doc/book/src/Configure-Java-Qpid-to-use-a-SSL-connection.xml Fri Oct 21 01:19:00 2011
@@ -51,8 +51,8 @@
<ssl>
<enabled>true</enabled>
<sslOnly>true</sslOnly>
- <keyStorePath>/path/to/keystore.ks</keyStorePath>
- <keyStorePassword>keystorepass</keyStorePassword>
+ <keystorePath>/path/to/keystore.ks</keystorePath>
+ <keystorePassword>keystorepass</keystorePassword>
</ssl>
</programlisting>
Modified: qpid/branches/QPID-2519/doc/book/src/Programming-In-Apache-Qpid.xml
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/doc/book/src/Programming-In-Apache-Qpid.xml?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/doc/book/src/Programming-In-Apache-Qpid.xml (original)
+++ qpid/branches/QPID-2519/doc/book/src/Programming-In-Apache-Qpid.xml Fri Oct 21 01:19:00 2011
@@ -1722,7 +1722,7 @@ try {
<row>
<entry>
- <literal>username</literal>
+ username
</entry>
<entry>
string
@@ -1733,7 +1733,7 @@ try {
</row>
<row>
<entry>
- <literal>password</literal>
+ password
</entry>
<entry>
string
@@ -1744,22 +1744,35 @@ try {
</row>
<row>
<entry>
- <literal>sasl_mechanisms</literal>
+ sasl-mechanism
</entry>
<entry>
string
</entry>
<entry>
- The specific SASL mechanisms to use with the python
+ The specific SASL mechanism to use with the c++
+ client when authenticating to the broker. Only a
+ single value can be specified at present. [C++ only].
+ </entry>
+ </row>
+ <row>
+ <entry>
+ sasl_mechanisms
+ </entry>
+ <entry>
+ string
+ </entry>
+ <entry>
+ The specific SASL mechanism to use with the python
client when authenticating to the broker. The value
- is a space separated list.
+ is a space separated list in order of preference. [Python only].
</entry>
</row>
<row>
<entry>
- <literal>reconnect</literal>
+ reconnect
</entry>
<entry>
boolean
@@ -1770,7 +1783,7 @@ try {
</row>
<row>
<entry>
- <literal>reconnect_timeout</literal>
+ <literal>reconnect_timeout [Python]</literal> <literal>reconnect-timeout [C++]</literal>
</entry>
<entry>
integer
@@ -1781,7 +1794,7 @@ try {
</row>
<row>
<entry>
- <literal>reconnect_limit</literal>
+ <literal>reconnect_limit [Python]</literal> <literal>reconnect-limit [C++]</literal>
</entry>
<entry>
integer
@@ -1792,7 +1805,7 @@ try {
</row>
<row>
<entry>
- <literal>reconnect_interval_min</literal>
+ <literal>reconnect_interval_min [Python]</literal> <literal>reconnect-interval-min [C++]</literal>
</entry>
<entry>
integer representing time in seconds
@@ -1803,7 +1816,7 @@ try {
</row>
<row>
<entry>
- <literal>reconnect_interval_max</literal>
+ <literal>reconnect_interval_max [Python]</literal> <literal>reconnect-interval-max [C++]</literal>
</entry>
<entry>
integer representing time in seconds
@@ -1814,7 +1827,7 @@ try {
</row>
<row>
<entry>
- <literal>reconnect_interval</literal>
+ <literal>reconnect_interval [Python]</literal> <literal>reconnect-interval [C++]</literal>
</entry>
<entry>
integer representing time in seconds
@@ -1826,7 +1839,7 @@ try {
<row>
<entry>
- <literal>heartbeat</literal>
+ heartbeat
</entry>
<entry>
integer representing time in seconds
@@ -1839,7 +1852,7 @@ try {
</row>
<row>
<entry>
- <literal>protocol</literal>
+ protocol
</entry>
<entry>
string
@@ -1850,7 +1863,7 @@ try {
</row>
<row>
<entry>
- <literal>tcp-nodelay</literal>
+ tcp-nodelay
</entry>
<entry>
boolean
@@ -3443,8 +3456,9 @@ log4j.appender.console.layout.Conversion
<entry>qpid.amqp.version</entry>
<entry>string</entry>
<entry>0-10</entry>
- <entry><para>Sets the AMQP version to be used - currently supports one of {0-8,0-9,0-91,0-10}.</para><para>The client will begin negotiation at the specified version and only negotiate downwards if the Broker does not support the specified version.</para></entry>
- </row>
+ <entry>Sets the AMQP version to be used - currently supports one of {0-8,0-9,0-91,0-10}</entry>
+ </row>
+
<row>
<entry>qpid.heartbeat</entry>
<entry>int</entry>
@@ -3609,20 +3623,15 @@ log4j.appender.console.layout.Conversion
<entry>qpid.transport</entry>
<entry>string</entry>
<entry>org.apache.qpid.transport.network.io.IoNetworkTransport</entry>
- <entry><para>The transport implementation to be used.</para><para>A user could specify an alternative transport mechanism that implements the <varname>org.apache.qpid.transport.network.NetworkTransport</varname> interface.</para></entry>
- </row>
- <row>
- <entry>qpid.sync_op_timeout</entry>
- <entry>long</entry>
- <entry>60000</entry>
- <entry><para>The length of time (in milliseconds) to wait for a synchronous operation to complete.</para><para>For compatibility with older clients, the synonym <varname>amqj.default_syncwrite_timeout</varname> is supported.</para></entry>
- </row>
+ <entry><para>The transport implementation to be used.</para><para>A user could specify an alternative transport mechanism that implements the <varname>org.apache.qpid.transport.network.NetworkTransport</varname> interface.</para></entry>
+ </row>
+
<row>
<entry>amqj.tcp_nodelay</entry>
<entry>boolean</entry>
<entry>false</entry>
- <entry><para>Sets the TCP_NODELAY property of the underlying socket.</para><para>This could also be set per connection as well (see connection paramters).</para></entry>
- </row>
+ <entry><para>Sets the TCP_NODELAY property of the underlying socket.</para><para>This could also be set per connection as well (see connection paramters).</para></entry>
+ </row>
</tbody>
</tgroup>
</table>
Modified: qpid/branches/QPID-2519/doc/book/src/Qpid-Java-FAQ.xml
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/doc/book/src/Qpid-Java-FAQ.xml?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/doc/book/src/Qpid-Java-FAQ.xml (original)
+++ qpid/branches/QPID-2519/doc/book/src/Qpid-Java-FAQ.xml Fri Oct 21 01:19:00 2011
@@ -736,6 +736,35 @@ amqj.logging.level
</para>
<!--h3--></section>
+ <section role="h3" id="QpidJavaFAQ-HowdoIuseanInVMBrokerformyowntests-3F"><title>
+ How do I
+ use an InVM Broker for my own tests?
+ </title>
+
+ <para>
+ I would take a look at the testPassiveTTL in
+ <ulink url="https://svn.apache.org/repos/asf/qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/queue/TimeToLiveTest.java">TimeToLiveTest.java</ulink>
+ </para><para>
+ The setUp and tearDown methods show how to correctly start up a
+ broker for InVM testing. If you write your tests using a file for
+ the JNDI you can then very easily swap between running your tests
+ InVM and against a real broker.
+ </para><para>
+ See our <xref linkend="How-to-Use-JNDI"/> on how to confgure it
+ </para><para>
+ Basically though you just need to set two System Properites:
+ </para><para>
+ java.naming.factory.initial =
+ org.apache.qpid.jndi.PropertiesFileInitialContextFactory
+ java.naming.provider.url = <your JNDI file>
+ </para><para>
+ and call getInitialContext() in your code.
+ </para><para>
+ You will of course need to have the broker libraries on your
+ class path for this to run.
+ </para>
+<!--h3--></section>
+
<section role="h3" id="QpidJavaFAQ-HowcanIinspectthecontentsofmyMessageStore-3F"><title>
How
can I inspect the contents of my MessageStore?
@@ -878,6 +907,31 @@ java.lang.NullPointerException
</para>
<!--h3--></section>
+ <section role="h3" id="QpidJavaFAQ-Clientkeepsthrowing-27Serverdidnotrespondinatimelyfashion-27-5Cerrorcode408-3ARequestTimeout-5C."><title>
+ Client keeps throwing 'Server did not respond in a timely
+ fashion' [error code 408: Request Timeout].
+ </title>
+
+ <para>
+ Certain operations wait for a response from the Server. One such
+ operations is commit. If the server does not respond to the
+ commit request within a set time a Request Timeout [error code:
+ 408] exception is thrown (Server did not respond in a timely
+ fashion). This is to ensure that a server that has hung does not
+ cause the client process to be come unresponsive.
+ </para><para>
+ However, it is possible that the server just needs a long time to
+ process a give request. For example, sending a large persistent
+ message when using a persistent store will take some time to a)
+ Transfer accross the network and b) to be fully written to disk.
+ </para><para>
+ These situations require that the default timeout value be
+ increased. A cilent <xref linkend="qpid_System-Properties"/> 'amqj.default_syncwrite_timeout' can be set
+ on the client to increase the wait time. The default in 0.5 is
+ 30000 (30s).
+ </para>
+<!--h3--></section>
+
<section role="h3" id="QpidJavaFAQ-CanauseTCPKEEPALIVEorAMQPheartbeatingtokeepmyconnectionopen-3F"><title>
Can a use TCP_KEEPALIVE or AMQP heartbeating to keep my
connection open?
Modified: qpid/branches/QPID-2519/doc/book/src/Security.xml
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/doc/book/src/Security.xml?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/doc/book/src/Security.xml (original)
+++ qpid/branches/QPID-2519/doc/book/src/Security.xml Fri Oct 21 01:19:00 2011
@@ -1,25 +1,5 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
-<!--
-
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
-
--->
<section id="chap-Messaging_User_Guide-Security">
<title>Security</title>
<para>
Modified: qpid/branches/QPID-2519/doc/book/src/System-Properties.xml
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/doc/book/src/System-Properties.xml?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/doc/book/src/System-Properties.xml (original)
+++ qpid/branches/QPID-2519/doc/book/src/System-Properties.xml Fri Oct 21 01:19:00 2011
@@ -135,7 +135,7 @@
<varlistentry>
- <term>qpid.sync_op_timeout</term>
+ <term>amqj.default_syncwrite_timeout</term>
<listitem>
<variablelist>
<varlistentry>
@@ -144,11 +144,12 @@
</varlistentry>
<varlistentry>
<term>Default</term>
- <listitem><para>60000</para></listitem>
+ <listitem><para>30000</para></listitem>
</varlistentry>
</variablelist>
- <para>The length of time (in milliseconds) to wait for a synchronous operation to complete.
- For compatibility with older clients, the synonym amqj.default_syncwrite_timeout is supported.</para>
+ <para> The number length of time in millisecond to wait
+ for a synchronous write to complete.
+ </para>
</listitem>
</varlistentry>
@@ -192,7 +193,7 @@
<varlistentry>
- <term>amqj.tcp_nodelay</term>
+ <term>amqj.tcpNoDelay</term>
<listitem>
<variablelist>
<varlistentry>
@@ -210,6 +211,65 @@
</varlistentry>
<varlistentry>
+ <term>amqj.sendBufferSize</term>
+ <listitem>
+ <variablelist>
+ <varlistentry>
+ <term>integer</term>
+ <listitem><para>Boolean</para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Default</term>
+ <listitem><para>32768</para></listitem>
+ </varlistentry>
+ </variablelist>
+ <para>This is the default buffer sized created by Mina.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>amqj.receiveBufferSize</term>
+ <listitem>
+ <variablelist>
+ <varlistentry>
+ <term>Type</term>
+ <listitem><para>integer</para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Default</term>
+ <listitem><para>32768</para></listitem>
+ </varlistentry>
+ </variablelist>
+ <para>This is the default buffer sized created by Mina.
+ </para>
+ </listitem>
+ </varlistentry>
+
+
+ <varlistentry>
+ <term>amqj.protocolprovider.class</term>
+ <listitem>
+ <variablelist>
+ <varlistentry>
+ <term>Type</term>
+ <listitem><para>String</para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Default</term>
+ <listitem><para>org.apache.qpid.server.protocol.AMQPFastProtocolHandler</para></listitem>
+ </varlistentry>
+ </variablelist>
+ <para> This specifies the default IoHandlerAdapter that
+ represents the InVM broker. The IoHandlerAdapter must have
+ a constructor that takes a single Integer that represents
+ the InVM port number.
+ </para>
+ </listitem>
+ </varlistentry>
+
+
+ <varlistentry>
<term>amqj.protocol.logging.level</term>
<listitem>
<variablelist>
Modified: qpid/branches/QPID-2519/doc/website/README.txt
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/doc/website/README.txt?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/doc/website/README.txt (original)
+++ qpid/branches/QPID-2519/doc/website/README.txt Fri Oct 21 01:19:00 2011
@@ -1,10 +1,26 @@
-To edit the website, check out the /site repo area:
+This is the source directory for creating web pages for the Qpid web
+site.
- svn co https://svn.apache.org/repos/asf/qpid/site
+The template used for all pages (template.html), stylesheet
+(style.css), and images are in the ./template directory.
-The HTML files for the site reside in the docs directory, where a README
-can be found to describe the process of adding new content.
+The tools directory contains a very simple Python script (wrap) that
+combines a template and content to create static html pages. Content
+should be written in XHTML, with one <div/> element at the root - see
+./content/home.html for an example.
-It is no longer necessary to generate the main website pages, the live files
-are now edited directly, and are deployed to the web server after check in.
+Use wrap like this:
+$ tools/wrap template/template.html content/<filename> build/<filename>
+
+Content for the main pages should be check into the content
+directory. Content for documentation is created in the ../book
+directory.
+
+To publish generated content, check out the website repo:
+
+$ svn co https://svn.apache.org/repos/asf/qpid/site/docs
+
+Copy generated content (NOT the source!) into the website repo, add it
+using $ svn add, and commit it. When it is committed, it appears on
+the website.
Propchange: qpid/branches/QPID-2519/dotnet/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,8 @@
+*.pidb
+build
+dotnet.userprefs
+_ReSharper.Qpid.NET
+Qpid.NET.resharper
+Qpid.NET.resharper.user
+Qpid.NET.suo
+bin
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Buffer/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,3 @@
+*.pidb
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Buffer.Tests/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Client/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,3 @@
+*.pidb
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Client.Tests/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,3 @@
+*.pidb
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Client.Transport.Socket.Blocking/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Codec/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,3 @@
+*.pidb
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Common/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,5 @@
+bin,generated,*.pidb
+generated
+Qpid.Common.pidb
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Common.Tests/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Integration.Tests/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Messaging/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,3 @@
+*.pidb
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Sasl/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/Qpid.Sasl.Tests/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/TopicListener/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/TopicPublisher/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/addins/ExcelAddIn/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/addins/ExcelAddInMessageProcessor/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/addins/ExcelAddInProducer/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/client/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,3 @@
+_UpgradeReport_Files
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/demo/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/examples/direct/example-direct-Listener/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/examples/direct/example-direct-producer/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/examples/fanout/example-fanout-Listener/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/examples/fanout/example-fanout-Producer/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/examples/pub-sub/example-pub-sub-Listener/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/examples/pub-sub/example-pub-sub-Publisher/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/examples/request-response/example-request-response-Client/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/examples/request-response/example-request-response-Server/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/perftest/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/test/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/wcf/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/wcf/demo/wcfBookingClient/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/wcf/demo/wcfBookingServer/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/wcf/demo/wcfHelloClient/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/wcf/demo/wcfHelloServer/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Propchange: qpid/branches/QPID-2519/dotnet/client-010/wcf/demo/wcfRPC/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -0,0 +1,2 @@
+bin
+obj
Modified: qpid/branches/QPID-2519/extras/qmf/setup.py
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/extras/qmf/setup.py?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/extras/qmf/setup.py (original)
+++ qpid/branches/QPID-2519/extras/qmf/setup.py Fri Oct 21 01:19:00 2011
@@ -20,10 +20,10 @@
from distutils.core import setup
setup(name="qpid-qmf",
- version="0.13",
+ version="0.9",
author="Apache Qpid",
author_email="dev@qpid.apache.org",
- packages=["qmf"],
+ packages=["qmf", "qmf2", "qmf2.tests"],
package_dir={"": "src/py"},
url="http://qpid.apache.org/",
license="Apache Software License",
Modified: qpid/branches/QPID-2519/extras/qmf/src/py/qmf/console.py
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/extras/qmf/src/py/qmf/console.py?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/extras/qmf/src/py/qmf/console.py (original)
+++ qpid/branches/QPID-2519/extras/qmf/src/py/qmf/console.py Fri Oct 21 01:19:00 2011
@@ -107,8 +107,8 @@ class Console:
# BrokerURL
#===================================================================================================
class BrokerURL(URL):
- def __init__(self, *args, **kwargs):
- URL.__init__(self, *args, **kwargs)
+ def __init__(self, text):
+ URL.__init__(self, text)
if self.port is None:
if self.scheme == URL.AMQPS:
self.port = 5671
@@ -122,7 +122,7 @@ class BrokerURL(URL):
self.authPass = str(self.password)
def name(self):
- return str(self)
+ return self.host + ":" + str(self.port)
def match(self, host, port):
return socket.getaddrinfo(self.host, self.port)[0][4] == socket.getaddrinfo(host, port)[0][4]
@@ -359,8 +359,8 @@ class Object(object):
for arg in method.arguments:
if arg.dir.find("I") != -1:
count += 1
- if count != len(args) + len(kwargs):
- raise Exception("Incorrect number of arguments: expected %d, got %d" % (count, len(args) + len(kwargs)))
+ if count != len(args):
+ raise Exception("Incorrect number of arguments: expected %d, got %d" % (count, len(args)))
if self._agent.isV2:
#
@@ -372,10 +372,7 @@ class Object(object):
argMap = {}
for arg in method.arguments:
if arg.dir.find("I") != -1:
- if aIdx < len(args):
- argMap[arg.name] = args[aIdx]
- else:
- argMap[arg.name] = kwargs[arg.name]
+ argMap[arg.name] = args[aIdx]
aIdx += 1
call['_arguments'] = argMap
@@ -442,10 +439,6 @@ class Object(object):
else:
sync = True
- # Remove special "meta" kwargs before handing to _sendMethodRequest() to process
- if "_timeout" in kwargs: del kwargs["_timeout"]
- if "_async" in kwargs: del kwargs["_async"]
-
seq = self._sendMethodRequest(name, args, kwargs, sync, timeout)
if seq:
if not sync:
@@ -645,10 +638,7 @@ class Session:
Will raise an exception if the session is not managing the connection and
the connection setup to the broker fails.
"""
- if isinstance(target, BrokerURL):
- url = target
- else:
- url = BrokerURL(target)
+ url = BrokerURL(target)
broker = Broker(self, url.host, url.port, mechanisms, url.authName, url.authPass,
ssl = url.scheme == URL.AMQPS, connTimeout=timeout)
@@ -1221,22 +1211,11 @@ class Session:
try:
agentName = ah["qmf.agent"]
values = content["_values"]
-
- if '_timestamp' in values:
- timestamp = values["_timestamp"]
- else:
- timestamp = values['timestamp']
-
- if '_heartbeat_interval' in values:
- interval = values['_heartbeat_interval']
- else:
- interval = values['heartbeat_interval']
-
+ timestamp = values["_timestamp"]
+ interval = values["_heartbeat_interval"]
epoch = 0
if '_epoch' in values:
epoch = values['_epoch']
- elif 'epoch' in values:
- epoch = values['epoch']
except Exception,e:
return
@@ -2349,19 +2328,18 @@ class Broker(Thread):
def getUrl(self):
""" """
- return BrokerURL(host=self.host, port=self.port)
+ return "%s:%d" % (self.host, self.port)
def getFullUrl(self, noAuthIfGuestDefault=True):
""" """
+ ssl = ""
if self.ssl:
- scheme = "amqps"
- else:
- scheme = "amqp"
+ ssl = "s"
+ auth = "%s/%s@" % (self.authUser, self.authPass)
if self.authUser == "" or \
(noAuthIfGuestDefault and self.authUser == "guest" and self.authPass == "guest"):
- return BrokerURL(scheme=scheme, host=self.host, port=(self.port or 5672))
- else:
- return BrokerURL(scheme=scheme, user=self.authUser, password=self.authPass, host=self.host, port=(self.port or 5672))
+ auth = ""
+ return "amqp%s://%s%s:%d" % (ssl, auth, self.host, self.port or 5672)
def __repr__(self):
if self.connected:
@@ -2438,7 +2416,7 @@ class Broker(Thread):
if uid.__class__ == tuple and len(uid) == 2:
self.saslUser = uid[1]
else:
- self.saslUser = self.authUser
+ self.saslUser = None
# prevent topic queues from filling up (and causing the agents to
# disconnect) by discarding the oldest queued messages when full.
Modified: qpid/branches/QPID-2519/extras/sasl/bootstrap
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/extras/sasl/bootstrap?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/extras/sasl/bootstrap (original)
+++ qpid/branches/QPID-2519/extras/sasl/bootstrap Fri Oct 21 01:19:00 2011
@@ -22,7 +22,7 @@ aclocal -I m4
autoheader
libtoolize --automake
-automake --add-missing
+automake
autoconf
if [ "$1" = "-build" -o "$1" = "--build" ] ; then
Modified: qpid/branches/QPID-2519/extras/sasl/configure.ac
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/extras/sasl/configure.ac?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/extras/sasl/configure.ac (original)
+++ qpid/branches/QPID-2519/extras/sasl/configure.ac Fri Oct 21 01:19:00 2011
@@ -23,6 +23,7 @@ AC_CONFIG_HEADERS([config.h])
AC_PROG_CC_STDC
AM_PROG_CC_C_O
AC_PROG_CXX
+AC_USE_SYSTEM_EXTENSIONS
AC_LANG([C++])
# Check for optional use of help2man
Modified: qpid/branches/QPID-2519/extras/sasl/python/Makefile.am
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/extras/sasl/python/Makefile.am?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/extras/sasl/python/Makefile.am (original)
+++ qpid/branches/QPID-2519/extras/sasl/python/Makefile.am Fri Oct 21 01:19:00 2011
@@ -29,7 +29,8 @@ BUILT_SOURCES = $(generated_file_list)
$(generated_file_list): python.i $(top_srcdir)/src/saslwrapper.i
$(SWIG) -c++ -python -Wall -I/usr/include $(INCLUDES) -o saslwrapper.cpp $(srcdir)/python.i
-pyexec_PYTHON = saslwrapper.py
+pylibdir = $(PYTHON_LIB)
+python_PYTHON = saslwrapper.py
pyexec_LTLIBRARIES = _saslwrapper.la
_saslwrapper_la_LDFLAGS = -avoid-version -module -shared
Modified: qpid/branches/QPID-2519/extras/sasl/ruby/Makefile.am
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/extras/sasl/ruby/Makefile.am?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/extras/sasl/ruby/Makefile.am (original)
+++ qpid/branches/QPID-2519/extras/sasl/ruby/Makefile.am Fri Oct 21 01:19:00 2011
@@ -35,7 +35,7 @@ rubylibarch_LTLIBRARIES = saslwrapper.la
saslwrapper_la_LDFLAGS = -avoid-version -module -shared ".$(RUBY_DLEXT)"
saslwrapper_la_LIBADD = $(RUBY_LIBS) $(top_builddir)/src/libsaslwrapper.la -lsasl2
-saslwrapper_la_CXXFLAGS = $(INCLUDES) -I$(RUBY_INC) -I$(RUBY_INC_ARCH) -fno-strict-aliasing
+saslwrapper_la_CXXFLAGS = $(INCLUDES) -I$(RUBY_INC) -I$(RUBY_INC_ARCH)
nodist_saslwrapper_la_SOURCES = saslwrapper.cpp
CLEANFILES = $(generated_file_list)
Modified: qpid/branches/QPID-2519/extras/sasl/src/Makefile.am
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/extras/sasl/src/Makefile.am?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/extras/sasl/src/Makefile.am (original)
+++ qpid/branches/QPID-2519/extras/sasl/src/Makefile.am Fri Oct 21 01:19:00 2011
@@ -24,7 +24,6 @@ nobase_include_HEADERS = ../include/sasl
lib_LTLIBRARIES = libsaslwrapper.la
libsaslwrapper_la_SOURCES = cyrus/saslwrapper.cpp
-libsaslwrapper_la_CXXFLAGS = -fno-strict-aliasing
# Library Version Information:
#
Modified: qpid/branches/QPID-2519/gentools/build.xml
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/gentools/build.xml?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/gentools/build.xml (original)
+++ qpid/branches/QPID-2519/gentools/build.xml Fri Oct 21 01:19:00 2011
@@ -25,7 +25,7 @@
<property name="java.target" value="1.5"/>
<target name="compile">
- <javac srcdir="${src}" source="${java.source}" target="${java.target}" fork="true" debug="on" includeantruntime="false">
+ <javac srcdir="${src}" source="${java.source}" target="${java.target}" fork="true" debug="on">
<classpath>
<fileset dir="${src}/../lib">
<include name="**/*.jar"/>
Propchange: qpid/branches/QPID-2519/java/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Fri Oct 21 01:19:00 2011
@@ -1,4 +1,3 @@
-build.overrides
blaze.ipr
blaze.iws
build
Propchange: qpid/branches/QPID-2519/java/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Oct 21 01:19:00 2011
@@ -2,6 +2,4 @@
/qpid/branches/0.5.x-dev/qpid/java:886720-886722,887145,892761,894875,916304,916325,930288,931179
/qpid/branches/java-broker-0-10/qpid/java:795950-829653
/qpid/branches/java-network-refactor/qpid/java:805429-821809
-/qpid/branches/qpid-2935/qpid/java:1061302-1072333
/qpid/trunk/qpid:796646-796653
-/qpid/trunk/qpid/java:1072051-1185907
Propchange: qpid/branches/QPID-2519/java/broker/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Oct 21 01:19:00 2011
@@ -2,5 +2,4 @@
/qpid/branches/java-broker-0-10/qpid/java/broker:795950-829653
/qpid/branches/java-network-refactor/qpid/java/broker:805429-821809
/qpid/branches/jmx_mc_gsoc09/qpid/java/broker:787599
-/qpid/branches/qpid-2935/qpid/java/broker:1061302-1072333
-/qpid/trunk/qpid/java/broker:742626,743015,743028-743029,743304,743306,743311,743357,744113,747363,747367,747369-747370,747376,747783,747868-747870,747875,748561,748591,748641,748680,748686,749149,749282,749285,749315,749340,749572,753219-753220,753253,754934,754958,755256,757258,757270,758730,759097,760919,761721,762365,762992,763959,764026,764109,764140,764790,1072051-1185907
+/qpid/trunk/qpid/java/broker:742626,743015,743028-743029,743304,743306,743311,743357,744113,747363,747367,747369-747370,747376,747783,747868-747870,747875,748561,748591,748641,748680,748686,749149,749282,749285,749315,749340,749572,753219-753220,753253,754934,754958,755256,757258,757270,758730,759097,760919,761721,762365,762992,763959,764026,764109,764140,764790
Modified: qpid/branches/QPID-2519/java/broker-plugins/access-control/MANIFEST.MF
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/java/broker-plugins/access-control/MANIFEST.MF?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/java/broker-plugins/access-control/MANIFEST.MF (original)
+++ qpid/branches/QPID-2519/java/broker-plugins/access-control/MANIFEST.MF Fri Oct 21 01:19:00 2011
@@ -35,7 +35,6 @@ Import-Package: org.apache.qpid,
org.apache.log4j;version=1.0.0,
javax.management;version=1.0.0,
javax.management.openmbean;version=1.0.0,
- javax.security.auth;version=1.0.0,
org.osgi.util.tracker;version=1.0.0,
org.osgi.framework;version=1.3
Private-Package: org.apache.qpid.server.security.access.config,
Modified: qpid/branches/QPID-2519/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java (original)
+++ qpid/branches/QPID-2519/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java Fri Oct 21 01:19:00 2011
@@ -18,24 +18,20 @@
*/
package org.apache.qpid.server.security.access.config;
-import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.EnumMap;
import java.util.HashMap;
-import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
-import java.util.Set;
import java.util.SortedMap;
import java.util.TreeMap;
import java.util.WeakHashMap;
-import javax.security.auth.Subject;
-
import org.apache.commons.lang.BooleanUtils;
import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
import org.apache.qpid.exchange.ExchangeDefaults;
import org.apache.qpid.server.logging.actors.CurrentActor;
import org.apache.qpid.server.security.Result;
@@ -49,132 +45,147 @@ import org.apache.qpid.server.security.a
* Models the rule configuration for the access control plugin.
*
* The access control rule definitions are loaded from an external configuration file, passed in as the
- * target to the {@link load(ConfigurationFile)} method. The file specified
+ * target to the {@link load(ConfigurationFile)} method. The file specified
*/
public class RuleSet
{
+ private static final Logger _logger = Logger.getLogger(RuleSet.class);
+
private static final String AT = "@";
- private static final String SLASH = "/";
+ private static final String SLASH = "/";
- public static final String DEFAULT_ALLOW = "defaultallow";
- public static final String DEFAULT_DENY = "defaultdeny";
- public static final String TRANSITIVE = "transitive";
- public static final String EXPAND = "expand";
+ public static final String DEFAULT_ALLOW = "defaultallow";
+ public static final String DEFAULT_DENY = "defaultdeny";
+ public static final String TRANSITIVE = "transitive";
+ public static final String EXPAND = "expand";
public static final String AUTONUMBER = "autonumber";
public static final String CONTROLLED = "controlled";
public static final String VALIDATE = "validate";
-
+
public static final List<String> CONFIG_PROPERTIES = Arrays.asList(
DEFAULT_ALLOW, DEFAULT_DENY, TRANSITIVE, EXPAND, AUTONUMBER, CONTROLLED
);
-
+
private static final Integer _increment = 10;
-
- private final Map<String, List<String>> _aclGroups = new HashMap<String, List<String>>();
+
+ private final Map<String, List<String>> _groups = new HashMap<String, List<String>>();
private final SortedMap<Integer, Rule> _rules = new TreeMap<Integer, Rule>();
- private final Map<Subject, Map<Operation, Map<ObjectType, List<Rule>>>> _cache =
- new WeakHashMap<Subject, Map<Operation, Map<ObjectType, List<Rule>>>>();
+ private final Map<String, Map<Operation, Map<ObjectType, List<Rule>>>> _cache =
+ new WeakHashMap<String, Map<Operation, Map<ObjectType, List<Rule>>>>();
private final Map<String, Boolean> _config = new HashMap<String, Boolean>();
-
+
public RuleSet()
{
// set some default configuration properties
configure(DEFAULT_DENY, Boolean.TRUE);
configure(TRANSITIVE, Boolean.TRUE);
}
-
+
/**
- * Clear the contents, including acl groups, rules and configuration.
+ * Clear the contents, invluding groups, rules and configuration.
*/
public void clear()
{
_rules.clear();
_cache.clear();
_config.clear();
- _aclGroups.clear();
+ _groups.clear();
}
-
+
public int getRuleCount()
{
return _rules.size();
}
-
- /**
- * Filtered rules list based on a subject and operation.
- *
- * Allows only enabled rules with identity equal to all, the same, or a group with identity as a member,
- * and operation is either all or the same operation.
- */
- public List<Rule> getRules(final Subject subject, final Operation operation, final ObjectType objectType)
- {
- final Map<ObjectType, List<Rule>> objects = getObjectToRuleCache(subject, operation);
+
+ /**
+ * Filtered rules list based on an identity and operation.
+ *
+ * Allows only enabled rules with identity equal to all, the same, or a group with identity as a member,
+ * and operation is either all or the same operation.
+ */
+ public List<Rule> getRules(String identity, Operation operation, ObjectType objectType)
+ {
+ // Lookup identity in cache and create empty operation map if required
+ Map<Operation, Map<ObjectType, List<Rule>>> operations = _cache.get(identity);
+ if (operations == null)
+ {
+ operations = new EnumMap<Operation, Map<ObjectType, List<Rule>>>(Operation.class);
+ _cache.put(identity, operations);
+ }
+
+ // Lookup operation and create empty object type map if required
+ Map<ObjectType, List<Rule>> objects = operations.get(operation);
+ if (objects == null)
+ {
+ objects = new EnumMap<ObjectType, List<Rule>>(ObjectType.class);
+ operations.put(operation, objects);
+ }
// Lookup object type rules for the operation
if (!objects.containsKey(objectType))
{
- final Set<Principal> principals = subject.getPrincipals();
boolean controlled = false;
List<Rule> filtered = new LinkedList<Rule>();
for (Rule rule : _rules.values())
{
- final Action ruleAction = rule.getAction();
if (rule.isEnabled()
- && (ruleAction.getOperation() == Operation.ALL || ruleAction.getOperation() == operation)
- && (ruleAction.getObjectType() == ObjectType.ALL || ruleAction.getObjectType() == objectType))
+ && (rule.getAction().getOperation() == Operation.ALL || rule.getAction().getOperation() == operation)
+ && (rule.getAction().getObjectType() == ObjectType.ALL || rule.getAction().getObjectType() == objectType))
{
controlled = true;
- if (isRelevant(principals,rule))
+ if (rule.getIdentity().equalsIgnoreCase(Rule.ALL)
+ || rule.getIdentity().equalsIgnoreCase(identity)
+ || (_groups.containsKey(rule.getIdentity()) && _groups.get(rule.getIdentity()).contains(identity)))
{
filtered.add(rule);
}
}
}
-
+
// Return null if there are no rules at all for this operation and object type
if (filtered.isEmpty() && controlled == false)
{
filtered = null;
}
-
+
// Save the rules we selected
objects.put(objectType, filtered);
}
-
+
// Return the cached rules
- return objects.get(objectType);
- }
-
-
+ return objects.get(objectType);
+ }
+
public boolean isValidNumber(Integer number)
{
return !_rules.containsKey(number);
}
-
+
public void grant(Integer number, String identity, Permission permission, Operation operation)
{
Action action = new Action(operation);
addRule(number, identity, permission, action);
}
-
+
public void grant(Integer number, String identity, Permission permission, Operation operation, ObjectType object, ObjectProperties properties)
{
Action action = new Action(operation, object, properties);
addRule(number, identity, permission, action);
}
-
+
public boolean ruleExists(String identity, Action action)
{
- for (Rule rule : _rules.values())
- {
- if (rule.getIdentity().equals(identity) && rule.getAction().equals(action))
- {
- return true;
- }
- }
- return false;
+ for (Rule rule : _rules.values())
+ {
+ if (rule.getIdentity().equals(identity) && rule.getAction().equals(action))
+ {
+ return true;
+ }
+ }
+ return false;
}
-
+
private Permission noLog(Permission permission)
{
switch (permission)
@@ -192,17 +203,15 @@ public class RuleSet
// TODO make this work when group membership is not known at file parse time
public void addRule(Integer number, String identity, Permission permission, Action action)
{
- _cache.clear();
-
- if (!action.isAllowed())
- {
- throw new IllegalArgumentException("Action is not allowd: " + action);
- }
+ if (!action.isAllowed())
+ {
+ throw new IllegalArgumentException("Action is not allowd: " + action);
+ }
if (ruleExists(identity, action))
{
return;
}
-
+
// expand actions - possibly multiply number by
if (isSet(EXPAND))
{
@@ -225,8 +234,8 @@ public class RuleSet
return;
}
}
-
- // transitive action dependencies
+
+ // transitive action dependencies
if (isSet(TRANSITIVE))
{
if (action.getOperation() == Operation.CREATE && action.getObjectType() == ObjectType.QUEUE)
@@ -235,10 +244,10 @@ public class RuleSet
exchProperties.setName(ExchangeDefaults.DEFAULT_EXCHANGE_NAME);
exchProperties.put(ObjectProperties.Property.ROUTING_KEY, action.getProperties().get(ObjectProperties.Property.NAME));
addRule(null, identity, noLog(permission), new Action(Operation.BIND, ObjectType.EXCHANGE, exchProperties));
- if (action.getProperties().isSet(ObjectProperties.Property.AUTO_DELETE))
- {
- addRule(null, identity, noLog(permission), new Action(Operation.DELETE, ObjectType.QUEUE, action.getProperties()));
- }
+ if (action.getProperties().isSet(ObjectProperties.Property.AUTO_DELETE))
+ {
+ addRule(null, identity, noLog(permission), new Action(Operation.DELETE, ObjectType.QUEUE, action.getProperties()));
+ }
}
else if (action.getOperation() == Operation.DELETE && action.getObjectType() == ObjectType.QUEUE)
{
@@ -252,9 +261,9 @@ public class RuleSet
addRule(null, identity, noLog(permission), new Action(Operation.ACCESS, ObjectType.VIRTUALHOST));
}
}
-
+
// set rule number if needed
- Rule rule = new Rule(number, identity, action, permission);
+ Rule rule = new Rule(number, identity, action, permission);
if (rule.getNumber() == null)
{
if (_rules.isEmpty())
@@ -266,36 +275,34 @@ public class RuleSet
rule.setNumber(_rules.lastKey() + _increment);
}
}
-
+
// save rule
_cache.remove(identity);
_rules.put(rule.getNumber(), rule);
- }
-
+ }
+
public void enableRule(int ruleNumber)
{
_rules.get(Integer.valueOf(ruleNumber)).enable();
}
-
+
public void disableRule(int ruleNumber)
{
_rules.get(Integer.valueOf(ruleNumber)).disable();
}
-
+
public boolean addGroup(String group, List<String> constituents)
{
- _cache.clear();
-
- if (_aclGroups.containsKey(group))
+ if (_groups.containsKey(group))
{
// cannot redefine
return false;
}
else
{
- _aclGroups.put(group, new ArrayList<String>());
+ _groups.put(group, new ArrayList<String>());
}
-
+
for (String name : constituents)
{
if (name.equalsIgnoreCase(group))
@@ -303,17 +310,17 @@ public class RuleSet
// recursive definition
return false;
}
-
+
if (!checkName(name))
{
// invalid name
return false;
}
-
- if (_aclGroups.containsKey(name))
+
+ if (_groups.containsKey(name))
{
// is a group
- _aclGroups.get(group).addAll(_aclGroups.get(name));
+ _groups.get(group).addAll(_groups.get(name));
}
else
{
@@ -323,12 +330,12 @@ public class RuleSet
// invalid username
return false;
}
- _aclGroups.get(group).add(name);
+ _groups.get(group).add(name);
}
}
return true;
}
-
+
/** Return true if the name is well-formed (contains legal characters). */
protected boolean checkName(String name)
{
@@ -342,79 +349,79 @@ public class RuleSet
}
return true;
}
-
+
/** Returns true if a username has the name[@domain][/realm] format */
protected boolean isvalidUserName(String name)
- {
- // check for '@' and '/' in namne
- int atPos = name.indexOf(AT);
- int slashPos = name.indexOf(SLASH);
- boolean atFound = atPos != StringUtils.INDEX_NOT_FOUND && atPos == name.lastIndexOf(AT);
- boolean slashFound = slashPos != StringUtils.INDEX_NOT_FOUND && slashPos == name.lastIndexOf(SLASH);
-
- // must be at least one character after '@' or '/'
- if (atFound && atPos > name.length() - 2)
- {
- return false;
- }
- if (slashFound && slashPos > name.length() - 2)
- {
- return false;
- }
-
- // must be at least one character between '@' and '/'
- if (atFound && slashFound)
- {
- return (atPos < (slashPos - 1));
- }
-
- // otherwise all good
- return true;
+ {
+ // check for '@' and '/' in namne
+ int atPos = name.indexOf(AT);
+ int slashPos = name.indexOf(SLASH);
+ boolean atFound = atPos != StringUtils.INDEX_NOT_FOUND && atPos == name.lastIndexOf(AT);
+ boolean slashFound = slashPos != StringUtils.INDEX_NOT_FOUND && slashPos == name.lastIndexOf(SLASH);
+
+ // must be at least one character after '@' or '/'
+ if (atFound && atPos > name.length() - 2)
+ {
+ return false;
+ }
+ if (slashFound && slashPos > name.length() - 2)
+ {
+ return false;
+ }
+
+ // must be at least one character between '@' and '/'
+ if (atFound && slashFound)
+ {
+ return (atPos < (slashPos - 1));
+ }
+
+ // otherwise all good
+ return true;
}
- // C++ broker authorise function prototype
+ // C++ broker authorise function prototype
// virtual bool authorise(const std::string& id, const Action& action, const ObjectType& objType,
- // const std::string& name, std::map<Property, std::string>* params=0);
-
- // Possibly add a String name paramater?
+ // const std::string& name, std::map<Property, std::string>* params=0);
+
+ // Possibly add a String name paramater?
/**
* Check the authorisation granted to a particular identity for an operation on an object type with
* specific properties.
*
- * Looks up the entire ruleset, which may be cached, for the user and operation and goes through the rules
+ * Looks up the entire ruleset, whcih may be cached, for the user and operation and goes through the rules
* in order to find the first one that matches. Either defers if there are no rules, returns the result of
* the first match found, or denies access if there are no matching rules. Normally, it would be expected
* to have a default deny or allow rule at the end of an access configuration however.
*/
- public Result check(Subject subject, Operation operation, ObjectType objectType, ObjectProperties properties)
+ public Result check(String identity, Operation operation, ObjectType objectType, ObjectProperties properties)
{
// Create the action to check
Action action = new Action(operation, objectType, properties);
- // get the list of rules relevant for this request
- List<Rule> rules = getRules(subject, operation, objectType);
- if (rules == null)
- {
- if (isSet(CONTROLLED))
- {
- // Abstain if there are no rules for this operation
+ // get the list of rules relevant for this request
+ List<Rule> rules = getRules(identity, operation, objectType);
+ if (rules == null)
+ {
+ if (isSet(CONTROLLED))
+ {
+ // Abstain if there are no rules for this operation
return Result.ABSTAIN;
- }
- else
- {
- return getDefault();
- }
- }
-
- // Iterate through a filtered set of rules dealing with this identity and operation
+ }
+ else
+ {
+ return getDefault();
+ }
+ }
+
+ // Iterate through a filtered set of rules dealing with this identity and operation
for (Rule current : rules)
- {
- // Check if action matches
+ {
+ // Check if action matches
if (action.matches(current.getAction()))
{
Permission permission = current.getPermission();
-
+
switch (permission)
{
case ALLOW_LOG:
@@ -432,15 +439,15 @@ public class RuleSet
return Result.DENIED;
}
}
-
+
// Defer to the next plugin of this type, if it exists
- return Result.DEFER;
+ return Result.DEFER;
}
-
- /** Default deny. */
- public Result getDefault()
- {
- if (isSet(DEFAULT_ALLOW))
+
+ /** Default deny. */
+ public Result getDefault()
+ {
+ if (isSet(DEFAULT_ALLOW))
{
return Result.ALLOWED;
}
@@ -449,19 +456,19 @@ public class RuleSet
return Result.DENIED;
}
return Result.ABSTAIN;
- }
-
- /**
- * Check if a configuration property is set.
- */
- protected boolean isSet(String key)
- {
- return BooleanUtils.isTrue(_config.get(key));
- }
+ }
+
+ /**
+ * Check if a configuration property is set.
+ */
+ protected boolean isSet(String key)
+ {
+ return BooleanUtils.isTrue(_config.get(key));
+ }
/**
* Configure properties for the plugin instance.
- *
+ *
* @param properties
*/
public void configure(Map<String, Boolean> properties)
@@ -471,7 +478,7 @@ public class RuleSet
/**
* Configure a single property for the plugin instance.
- *
+ *
* @param key
* @param value
*/
@@ -479,48 +486,4 @@ public class RuleSet
{
_config.put(key, value);
}
-
- private boolean isRelevant(final Set<Principal> principals, final Rule rule)
- {
- if (rule.getIdentity().equalsIgnoreCase(Rule.ALL))
- {
- return true;
- }
- else
- {
- for (Iterator<Principal> iterator = principals.iterator(); iterator.hasNext();)
- {
- final Principal principal = iterator.next();
-
- if (rule.getIdentity().equalsIgnoreCase(principal.getName())
- || (_aclGroups.containsKey(rule.getIdentity()) && _aclGroups.get(rule.getIdentity()).contains(principal.getName())))
- {
- return true;
- }
- }
- }
-
- return false;
- }
-
- private Map<ObjectType, List<Rule>> getObjectToRuleCache(final Subject subject, final Operation operation)
- {
- // Lookup identity in cache and create empty operation map if required
- Map<Operation, Map<ObjectType, List<Rule>>> operations = _cache.get(subject);
- if (operations == null)
- {
- operations = new EnumMap<Operation, Map<ObjectType, List<Rule>>>(Operation.class);
- _cache.put(subject, operations);
- }
-
- // Lookup operation and create empty object type map if required
- Map<ObjectType, List<Rule>> objects = operations.get(operation);
- if (objects == null)
- {
- objects = new EnumMap<ObjectType, List<Rule>>(ObjectType.class);
- operations.put(operation, objects);
- }
- return objects;
- }
-
}
Modified: qpid/branches/QPID-2519/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/AccessControl.java
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/AccessControl.java?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/AccessControl.java (original)
+++ qpid/branches/QPID-2519/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/AccessControl.java Fri Oct 21 01:19:00 2011
@@ -20,7 +20,7 @@
*/
package org.apache.qpid.server.security.access.plugins;
-import javax.security.auth.Subject;
+import java.security.Principal;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.log4j.Logger;
@@ -89,19 +89,20 @@ public class AccessControl extends Abstr
/**
* Check if an operation is authorised by asking the configuration object about the access
- * control rules granted to the current thread's {@link Subject}. If there is no current
+ * control rules granted to the current thread's {@link Principal}. If there is no current
* user the plugin will abstain.
*/
public Result authorise(Operation operation, ObjectType objectType, ObjectProperties properties)
{
- final Subject subject = SecurityManager.getThreadSubject();
- // Abstain if there is no subject/principal associated with this thread
- if (subject == null || subject.getPrincipals().size() == 0)
+ Principal principal = SecurityManager.getThreadPrincipal();
+
+ // Abstain if there is no user associated with this thread
+ if (principal == null)
{
return Result.ABSTAIN;
}
-
- return _ruleSet.check(subject, operation, objectType, properties);
+
+ return _ruleSet.check(principal.getName(), operation, objectType, properties);
}
public void configure(ConfigurationPlugin config)
Modified: qpid/branches/QPID-2519/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/AccessControlTest.java
URL: http://svn.apache.org/viewvc/qpid/branches/QPID-2519/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/AccessControlTest.java?rev=1187150&r1=1187149&r2=1187150&view=diff
==============================================================================
--- qpid/branches/QPID-2519/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/AccessControlTest.java (original)
+++ qpid/branches/QPID-2519/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/AccessControlTest.java Fri Oct 21 01:19:00 2011
@@ -1,172 +1,195 @@
/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
package org.apache.qpid.server.security.access.plugins;
-import java.util.Arrays;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileWriter;
+import java.io.PrintWriter;
import junit.framework.TestCase;
-import org.apache.qpid.server.configuration.plugins.ConfigurationPlugin;
-import org.apache.qpid.server.logging.UnitTestMessageLogger;
-import org.apache.qpid.server.logging.actors.CurrentActor;
-import org.apache.qpid.server.logging.actors.TestLogActor;
-import org.apache.qpid.server.security.Result;
-import org.apache.qpid.server.security.SecurityManager;
-import org.apache.qpid.server.security.access.ObjectProperties;
-import org.apache.qpid.server.security.access.ObjectType;
-import org.apache.qpid.server.security.access.Operation;
-import org.apache.qpid.server.security.access.Permission;
-import org.apache.qpid.server.security.access.config.Rule;
+import org.apache.commons.configuration.ConfigurationException;
+import org.apache.qpid.server.security.access.config.ConfigurationFile;
+import org.apache.qpid.server.security.access.config.PlainConfiguration;
import org.apache.qpid.server.security.access.config.RuleSet;
-import org.apache.qpid.server.security.auth.sasl.TestPrincipalUtils;
/**
- * Unit test for ACL V2 plugin.
- *
- * This unit test tests the AccessControl class and it collaboration with {@link RuleSet},
- * {@link SecurityManager} and {@link CurrentActor}. The ruleset is configured programmatically,
- * rather than from an external file.
+ * These tests check that the ACL file parsing works correctly.
*
- * @see RuleSetTest
+ * For each message that can be returned in a {@link ConfigurationException}, an ACL file is created that should trigger this
+ * particular message.
*/
public class AccessControlTest extends TestCase
{
- private AccessControl _plugin = null; // Class under test
- private final UnitTestMessageLogger messageLogger = new UnitTestMessageLogger();
-
- protected void setUp() throws Exception
+ public void writeACLConfig(String...aclData) throws Exception
{
- super.setUp();
-
- final RuleSet rs = new RuleSet();
- rs.addGroup("aclGroup1", Arrays.asList(new String[] {"member1", "member2"}));
-
- // Rule expressed with username
- rs.grant(0, "user1", Permission.ALLOW, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
- // Rule expressed with a acl group
- rs.grant(1, "aclGroup1", Permission.ALLOW, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
- // Rule expressed with an external group
- rs.grant(2, "extGroup1", Permission.DENY, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
- // Catch all rule
- rs.grant(3, Rule.ALL, Permission.DENY_LOG, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
-
- _plugin = (AccessControl) AccessControl.FACTORY.newInstance(createConfiguration(rs));
-
- SecurityManager.setThreadSubject(null);
+ File acl = File.createTempFile(getClass().getName() + getName(), "acl");
+ acl.deleteOnExit();
- CurrentActor.set(new TestLogActor(messageLogger));
+ // Write ACL file
+ PrintWriter aclWriter = new PrintWriter(new FileWriter(acl));
+ for (String line : aclData)
+ {
+ aclWriter.println(line);
+ }
+ aclWriter.close();
+
+ // Load ruleset
+ ConfigurationFile configFile = new PlainConfiguration(acl);
+ RuleSet ruleSet = configFile.load();
}
- protected void tearDown() throws Exception
+ public void testMissingACLConfig() throws Exception
{
- super.tearDown();
- SecurityManager.setThreadSubject(null);
+ try
+ {
+ // Load ruleset
+ ConfigurationFile configFile = new PlainConfiguration(new File("doesnotexist"));
+ RuleSet ruleSet = configFile.load();
+
+ fail("fail");
+ }
+ catch (ConfigurationException ce)
+ {
+ assertEquals(String.format(PlainConfiguration.CONFIG_NOT_FOUND_MSG, "doesnotexist"), ce.getMessage());
+ assertTrue(ce.getCause() instanceof FileNotFoundException);
+ assertEquals("doesnotexist (No such file or directory)", ce.getCause().getMessage());
+ }
}
- /**
- * ACL plugin must always abstain if there is no subject attached to the thread.
- */
- public void testNoSubjectAlwaysAbstains()
+ public void testACLFileSyntaxContinuation() throws Exception
{
- SecurityManager.setThreadSubject(null);
+ try
+ {
+ writeACLConfig("ACL ALLOW ALL \\ ALL");
+ fail("fail");
+ }
+ catch (ConfigurationException ce)
+ {
+ assertEquals(String.format(PlainConfiguration.PREMATURE_CONTINUATION_MSG, 1), ce.getMessage());
+ }
+ }
- final Result result = _plugin.authorise(Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
- assertEquals(Result.ABSTAIN, result);
+ public void testACLFileSyntaxTokens() throws Exception
+ {
+ try
+ {
+ writeACLConfig("ACL unparsed ALL ALL");
+ fail("fail");
+ }
+ catch (ConfigurationException ce)
+ {
+ assertEquals(String.format(PlainConfiguration.PARSE_TOKEN_FAILED_MSG, 1), ce.getMessage());
+ assertTrue(ce.getCause() instanceof IllegalArgumentException);
+ assertEquals("Not a valid permission: unparsed", ce.getCause().getMessage());
+ }
}
- /**
- * Tests that an allow rule expressed with a username allows an operation performed by a thread running
- * with the same username.
- */
- public void testUsernameAllowsOperation()
+ public void testACLFileSyntaxNotEnoughGroup() throws Exception
{
- SecurityManager.setThreadSubject(TestPrincipalUtils.createTestSubject("user1"));
+ try
+ {
+ writeACLConfig("GROUP blah");
+ fail("fail");
+ }
+ catch (ConfigurationException ce)
+ {
+ assertEquals(String.format(PlainConfiguration.NOT_ENOUGH_GROUP_MSG, 1), ce.getMessage());
+ }
+ }
- final Result result = _plugin.authorise(Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
- assertEquals(Result.ALLOWED, result);
+ public void testACLFileSyntaxNotEnoughACL() throws Exception
+ {
+ try
+ {
+ writeACLConfig("ACL ALLOW");
+ fail("fail");
+ }
+ catch (ConfigurationException ce)
+ {
+ assertEquals(String.format(PlainConfiguration.NOT_ENOUGH_ACL_MSG, 1), ce.getMessage());
+ }
}
- /**
- * Tests that an allow rule expressed with an <b>ACL groupname</b> allows an operation performed by a thread running
- * by a user who belongs to the same group..
- */
- public void testAclGroupMembershipAllowsOperation()
+ public void testACLFileSyntaxNotEnoughConfig() throws Exception
{
- SecurityManager.setThreadSubject(TestPrincipalUtils.createTestSubject("member1"));
+ try
+ {
+ writeACLConfig("CONFIG");
+ fail("fail");
+ }
+ catch (ConfigurationException ce)
+ {
+ assertEquals(String.format(PlainConfiguration.NOT_ENOUGH_TOKENS_MSG, 1), ce.getMessage());
+ }
+ }
- final Result result = _plugin.authorise(Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
- assertEquals(Result.ALLOWED, result);
+ public void testACLFileSyntaxNotEnough() throws Exception
+ {
+ try
+ {
+ writeACLConfig("INVALID");
+ fail("fail");
+ }
+ catch (ConfigurationException ce)
+ {
+ assertEquals(String.format(PlainConfiguration.NOT_ENOUGH_TOKENS_MSG, 1), ce.getMessage());
+ }
}
- /**
- * Tests that a deny rule expressed with an <b>External groupname</b> denies an operation performed by a thread running
- * by a user who belongs to the same group.
- */
- public void testExternalGroupMembershipDeniesOperation()
+ public void testACLFileSyntaxPropertyKeyOnly() throws Exception
{
- SecurityManager.setThreadSubject(TestPrincipalUtils.createTestSubject("user3", "extGroup1"));
-
- final Result result = _plugin.authorise(Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
- assertEquals(Result.DENIED, result);
+ try
+ {
+ writeACLConfig("ACL ALLOW adk CREATE QUEUE name");
+ fail("fail");
+ }
+ catch (ConfigurationException ce)
+ {
+ assertEquals(String.format(PlainConfiguration.PROPERTY_KEY_ONLY_MSG, 1), ce.getMessage());
+ }
}
- /**
- * Tests that the catch all deny denies the operation and logs with the logging actor.
- */
- public void testCatchAllRuleDeniesUnrecognisedUsername()
+ public void testACLFileSyntaxPropertyNoEquals() throws Exception
{
- SecurityManager.setThreadSubject(TestPrincipalUtils.createTestSubject("unknown", "unkgroup1", "unkgroup2"));
-
- assertEquals("Expecting zero messages before test", 0, messageLogger.getLogMessages().size());
- final Result result = _plugin.authorise(Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
- assertEquals(Result.DENIED, result);
-
- assertEquals("Expecting one message before test", 1, messageLogger.getLogMessages().size());
- assertTrue("Logged message does not contain expected string", messageLogger.messageContains(0, "ACL-1002"));
+ try
+ {
+ writeACLConfig("ACL ALLOW adk CREATE QUEUE name test");
+ fail("fail");
+ }
+ catch (ConfigurationException ce)
+ {
+ assertEquals(String.format(PlainConfiguration.PROPERTY_NO_EQUALS_MSG, 1), ce.getMessage());
+ }
}
-
- /**
- * Creates a configuration plugin for the {@link AccessControl} plugin.
- */
- private ConfigurationPlugin createConfiguration(final RuleSet rs)
- {
- final ConfigurationPlugin cp = new ConfigurationPlugin()
- {
- public AccessControlConfiguration getConfiguration(final String plugin)
- {
- return new AccessControlConfiguration()
- {
- public RuleSet getRuleSet()
- {
- return rs;
- }
- };
- }
-
- public String[] getElementsProcessed()
- {
- throw new UnsupportedOperationException();
- }
- };
- return cp;
+ public void testACLFileSyntaxPropertyNoValue() throws Exception
+ {
+ try
+ {
+ writeACLConfig("ACL ALLOW adk CREATE QUEUE name =");
+ fail("fail");
+ }
+ catch (ConfigurationException ce)
+ {
+ assertEquals(String.format(PlainConfiguration.PROPERTY_NO_VALUE_MSG, 1), ce.getMessage());
+ }
}
}
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:commits-subscribe@qpid.apache.org