You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by ch...@apache.org on 2011/04/25 19:12:02 UTC
svn commit: r1096527 - in /activemq/activemq-apollo/trunk:
apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/
apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/
apollo-stomp/src/main/scala/org/apache/activemq/apollo/s...
Author: chirino
Date: Mon Apr 25 17:12:01 2011
New Revision: 1096527
URL: http://svn.apache.org/viewvc?rev=1096527&view=rev
Log:
Fixes https://issues.apache.org/jira/browse/AMQ-3295 : better logging messages.
Modified:
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/Connection.scala
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/AclAuthorizer.scala
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileUserLoginModule.scala
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/JaasAuthenticator.scala
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SecurityContext.scala
activemq/activemq-apollo/trunk/apollo-stomp/src/main/scala/org/apache/activemq/apollo/stomp/StompProtocolHandler.scala
activemq/activemq-apollo/trunk/apollo-tcp/src/main/java/org/apache/activemq/apollo/transport/tcp/TcpTransport.java
activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/Transport.java
activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/TransportFilter.java
activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/pipe/PipeTransport.java
Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/Connection.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/Connection.scala?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/Connection.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/Connection.scala Mon Apr 25 17:12:01 2011
@@ -109,12 +109,12 @@ class BrokerConnection(var connector: Co
}
protected override def on_transport_connected() = {
- connector.broker.connection_log.info("connected: %s", transport.getRemoteAddress)
+ connector.broker.connection_log.info("connected: local:%s, remote:%s", transport.getLocalAddress, transport.getRemoteAddress)
protocol_handler.on_transport_connected
}
protected override def on_transport_disconnected() = {
- connector.broker.connection_log.info("disconnected: %s", transport.getRemoteAddress)
+ connector.broker.connection_log.info("disconnected: local:%s, remote:%s", transport.getLocalAddress, transport.getRemoteAddress)
protocol_handler.on_transport_disconnected
}
Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/AclAuthorizer.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/AclAuthorizer.scala?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/AclAuthorizer.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/AclAuthorizer.scala Mon Apr 25 17:12:01 2011
@@ -40,7 +40,7 @@ class AclAuthorizer(val default_kinds:Li
def log_result(ctx: SecurityContext, action: String, resource: =>String)(func: =>Boolean):Boolean = {
val rc = func
if( !rc ) {
- info("authorization failed: action:%s, resource:%s, address: %s, principles: %s", action, resource, ctx.remote_address, ctx.principles.map(_.allow).mkString(", ") )
+ info("authorization failed: local:%s, remote:%s, action:%s, resource:%s, principles:%s", ctx.local_address, ctx.remote_address, action, resource, ctx.principles.map(_.allow).mkString(", ") )
}
rc
}
Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/CertificateLoginModule.scala Mon Apr 25 17:12:01 2011
@@ -31,6 +31,7 @@ import org.apache.activemq.apollo.util.{
import java.lang.String
import org.apache.activemq.jaas.{UserPrincipal, CertificateCallback}
import java.util.LinkedList
+import javax.security.auth.spi.LoginModule
/**
* <p>
@@ -50,7 +51,7 @@ object CertificateLoginModule {
*
* @author <a href="http://hiramchirino.com">Hiram Chirino</a>
*/
-class CertificateLoginModule {
+class CertificateLoginModule extends LoginModule {
import CertificateLoginModule._
@@ -90,11 +91,15 @@ class CertificateLoginModule {
case ioe: IOException =>
throw new LoginException(ioe.getMessage())
case uce: UnsupportedCallbackException =>
- throw new LoginException(uce.getMessage() + " Unable to obtain client certificates.")
+ return false;
}
certificates = cert_callback.getCertificates()
- if (certificates == null || certificates.isEmpty) {
+ if( certificates==null ) {
+ return false;
+ }
+
+ if (certificates.isEmpty) {
throw new FailedLoginException("No associated certificates")
}
Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileUserLoginModule.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileUserLoginModule.scala?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileUserLoginModule.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileUserLoginModule.scala Mon Apr 25 17:12:01 2011
@@ -101,7 +101,7 @@ class FileUserLoginModule extends LoginM
case ioe: IOException =>
throw new LoginException(ioe.getMessage())
case uce: UnsupportedCallbackException =>
- throw new LoginException(uce.getMessage() + " not available to obtain information from user")
+ return false;
}
val user = callbacks(0).asInstanceOf[NameCallback].getName()
@@ -115,7 +115,7 @@ class FileUserLoginModule extends LoginM
val password = users.getProperty(user)
if (password == null || !password.equals(new String(tmpPassword))) {
- throw new FailedLoginException("Invalid user id or password")
+ throw new FailedLoginException("Invalid user id or password for user: "+user)
}
principals.add(new UserPrincipal(user))
Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/JaasAuthenticator.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/JaasAuthenticator.scala?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/JaasAuthenticator.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/JaasAuthenticator.scala Mon Apr 25 17:12:01 2011
@@ -102,7 +102,7 @@ class JaasAuthenticator(val config: Auth
true
} catch {
case x: Exception =>
- log.info("authentication failed. address:%s, reason:%s ", security_ctx.remote_address, x.getMessage)
+ log.info("authentication failed: local:%s, remote:%s, reason:%s ", security_ctx.local_address, security_ctx.remote_address, x.getMessage)
false
} finally {
JaasAuthenticator._log.remove
Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SecurityContext.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SecurityContext.scala?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SecurityContext.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SecurityContext.scala Mon Apr 25 17:12:01 2011
@@ -35,7 +35,8 @@ class SecurityContext {
var user:String = _
var password:String = _
- var certificates = Array[X509Certificate]()
+ var certificates:Array[X509Certificate] = _
+ var local_address:String = _
var remote_address:String = _
var login_context:LoginContext = _
Modified: activemq/activemq-apollo/trunk/apollo-stomp/src/main/scala/org/apache/activemq/apollo/stomp/StompProtocolHandler.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/main/scala/org/apache/activemq/apollo/stomp/StompProtocolHandler.scala?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-stomp/src/main/scala/org/apache/activemq/apollo/stomp/StompProtocolHandler.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-stomp/src/main/scala/org/apache/activemq/apollo/stomp/StompProtocolHandler.scala Mon Apr 25 17:12:01 2011
@@ -518,6 +518,7 @@ class StompProtocolHandler extends Proto
case _ => None
}
+ security_context.local_address = connection.transport.getLocalAddress
security_context.remote_address = connection.transport.getRemoteAddress
security_context.user = get(headers, LOGIN).map(decode_header _).getOrElse(null)
security_context.password = get(headers, PASSCODE).map(decode_header _).getOrElse(null)
Modified: activemq/activemq-apollo/trunk/apollo-tcp/src/main/java/org/apache/activemq/apollo/transport/tcp/TcpTransport.java
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-tcp/src/main/java/org/apache/activemq/apollo/transport/tcp/TcpTransport.java?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-tcp/src/main/java/org/apache/activemq/apollo/transport/tcp/TcpTransport.java (original)
+++ activemq/activemq-apollo/trunk/apollo-tcp/src/main/java/org/apache/activemq/apollo/transport/tcp/TcpTransport.java Mon Apr 25 17:12:01 2011
@@ -77,6 +77,12 @@ public class TcpTransport extends JavaBa
}
class CONNECTED extends SocketState {
+
+ public CONNECTED() {
+ localAddress = channel.socket().getLocalSocketAddress().toString();
+ remoteAddress = channel.socket().getRemoteSocketAddress().toString();
+ }
+
void onStop(Runnable onCompleted) {
trace("CONNECTED.onStop");
CANCELING state = new CANCELING();
@@ -165,7 +171,6 @@ public class TcpTransport extends JavaBa
protected URI remoteLocation;
protected URI localLocation;
protected TransportListener listener;
- protected String remoteAddress;
protected ProtocolCodec codec;
protected SocketChannel channel;
@@ -181,6 +186,8 @@ public class TcpTransport extends JavaBa
int max_read_rate;
int max_write_rate;
protected RateLimitingChannel rateLimitingChannel;
+ String localAddress;
+ String remoteAddress;
class RateLimitingChannel implements ReadableByteChannel, WritableByteChannel {
@@ -316,7 +323,6 @@ public class TcpTransport extends JavaBa
}
this.channel.configureBlocking(false);
- this.remoteAddress = channel.socket().getRemoteSocketAddress().toString();
channel.socket().setSoLinger(true, 0);
channel.socket().setTcpNoDelay(true);
@@ -440,8 +446,6 @@ public class TcpTransport extends JavaBa
rateLimitingChannel = new RateLimitingChannel();
schedualRateAllowanceReset();
}
-
- remoteAddress = channel.socket().getRemoteSocketAddress().toString();
listener.onTransportConnected();
}
@@ -566,6 +570,9 @@ public class TcpTransport extends JavaBa
}
}
+ public String getLocalAddress() {
+ return localAddress;
+ }
public String getRemoteAddress() {
return remoteAddress;
Modified: activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/Transport.java
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/Transport.java?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/Transport.java (original)
+++ activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/Transport.java Mon Apr 25 17:12:01 2011
@@ -90,6 +90,11 @@ public interface Transport extends Servi
String getRemoteAddress();
/**
+ * @return the remote address for this connection
+ */
+ String getLocalAddress();
+
+ /**
* Indicates if the transport can handle faults
*
* @return true if fault tolerant
Modified: activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/TransportFilter.java
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/TransportFilter.java?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/TransportFilter.java (original)
+++ activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/TransportFilter.java Mon Apr 25 17:12:01 2011
@@ -147,6 +147,10 @@ public class TransportFilter implements
return next.getRemoteAddress();
}
+ public String getLocalAddress() {
+ return next.getLocalAddress();
+ }
+
/**
* @return
* @see Transport#isFaultTolerant()
Modified: activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/pipe/PipeTransport.java
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/pipe/PipeTransport.java?rev=1096527&r1=1096526&r2=1096527&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/pipe/PipeTransport.java (original)
+++ activemq/activemq-apollo/trunk/apollo-transport/src/main/java/org/apache/activemq/apollo/transport/pipe/PipeTransport.java Mon Apr 25 17:12:01 2011
@@ -190,6 +190,10 @@ public class PipeTransport implements Tr
return readCounter;
}
+ public String getLocalAddress() {
+ return remoteAddress;
+ }
+
public String getRemoteAddress() {
return remoteAddress;
}