You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by rg...@apache.org on 2017/05/30 12:48:51 UTC
[1/2] qpid-broker-j git commit: QPID-7800 - [Java Broker] Refactor
Port classes to remove unnecessary intermediate classes/interfaces
Repository: qpid-broker-j
Updated Branches:
refs/heads/master fed08dabe -> 9baae38e5
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/AMQPConnection_1_0Impl.java
----------------------------------------------------------------------
diff --git a/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/AMQPConnection_1_0Impl.java b/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/AMQPConnection_1_0Impl.java
index c5ba4a4..cd798c7 100644
--- a/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/AMQPConnection_1_0Impl.java
+++ b/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/AMQPConnection_1_0Impl.java
@@ -215,18 +215,16 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
.registerSecurityLayer();
- private Map _properties;
+ private Map<Symbol, Object> _properties;
private boolean _saslComplete;
private SaslNegotiator _saslNegotiator;
private String _localHostname;
private long _desiredIdleTimeout;
- private Error _remoteError;
-
private static final long MINIMUM_SUPPORTED_IDLE_TIMEOUT = 1000L;
- private Map _remoteProperties;
+ private volatile Map<Symbol, Object> _remoteProperties;
private final AtomicBoolean _orderlyClose = new AtomicBoolean(false);
@@ -256,7 +254,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
{
super(broker, network, port, transport, Protocol.AMQP_1_0, id, aggregateTicker);
- _subjectCreator = port.getAuthenticationProvider().getSubjectCreator(transport.isSecure());
+ _subjectCreator = port.getSubjectCreator(transport.isSecure());
_port = port;
@@ -426,7 +424,6 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
default:
closeReceived();
}
- _remoteError = close.getError();
}
private void closeReceived()
@@ -435,14 +432,10 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
for (final Session_1_0 session : sessions)
{
- AccessController.doPrivileged(new PrivilegedAction<Object>()
+ AccessController.doPrivileged((PrivilegedAction<Object>) () ->
{
- @Override
- public Object run()
- {
- session.remoteEnd(new End());
- return null;
- }
+ session.remoteEnd(new End());
+ return null;
}, session.getAccessControllerContext());
}
}
@@ -452,12 +445,14 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
_closedForInput = closed;
}
+ @Override
public void receiveSaslMechanisms(final SaslMechanisms saslMechanisms)
{
LOGGER.info("{} : Unexpected frame sasl-mechanisms", getLogSubject());
closeSaslWithFailure();
}
+ @Override
public void receiveSaslResponse(final SaslResponse saslResponse)
{
final Binary responseBinary = saslResponse.getResponse();
@@ -500,6 +495,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
|| _connectionState == ConnectionState.CLOSE_SENT;
}
+ @Override
public boolean closedForInput()
{
return _closedForInput;
@@ -544,6 +540,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
setClosedForOutput(true);
}
+ @Override
public String getRemoteContainerId()
{
return _remoteContainerId;
@@ -569,12 +566,14 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
}
}
+ @Override
public void receiveSaslOutcome(final SaslOutcome saslOutcome)
{
LOGGER.info("{} : Unexpected frame sasl-outcome", getLogSubject());
closeSaslWithFailure();
}
+ @Override
public void receiveEnd(final short channel, final End end)
{
@@ -596,6 +595,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
closeConnection(AmqpError.INVALID_FIELD, String.format("%s frame received on channel %d which is not mapped", frame.getClass().getSimpleName().toLowerCase(), channel));
}
+ @Override
public void receiveDisposition(final short channel,
final Disposition disposition)
{
@@ -612,6 +612,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
}
+ @Override
public void receiveBegin(final short receivingChannelId, final Begin begin)
{
@@ -661,7 +662,6 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
synchronized (_blockingLock)
{
-
_sessions.add(session);
if (_blocking)
{
@@ -692,6 +692,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
return -1;
}
+ @Override
public void handleError(final Error error)
{
if (!closedForOutput())
@@ -705,6 +706,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
}
+ @Override
public void receiveTransfer(final short channel, final Transfer transfer)
{
assertState(FrameReceivingState.ANY_FRAME);
@@ -719,6 +721,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
}
}
+ @Override
public void receiveFlow(final short channel, final Flow flow)
{
assertState(FrameReceivingState.ANY_FRAME);
@@ -734,6 +737,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
}
+ @Override
public void receiveOpen(final short channel, final Open open)
{
assertState(FrameReceivingState.OPEN_ONLY);
@@ -765,19 +769,16 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
{
_idleTimeout = open.getIdleTimeOut().longValue();
}
- _remoteProperties = open.getProperties();
- if (_remoteProperties != null)
+ _remoteProperties = open.getProperties() == null ? Collections.emptyMap() : Collections.unmodifiableMap(new LinkedHashMap<>(open.getProperties()));
+ if (_remoteProperties.containsKey(Symbol.valueOf("product")))
{
- if (_remoteProperties.containsKey(Symbol.valueOf("product")))
- {
- setClientProduct(_remoteProperties.get(Symbol.valueOf("product")).toString());
- }
- if (_remoteProperties.containsKey(Symbol.valueOf("version")))
- {
- setClientVersion(_remoteProperties.get(Symbol.valueOf("version")).toString());
- }
- setClientId(_remoteContainerId);
+ setClientProduct(_remoteProperties.get(Symbol.valueOf("product")).toString());
+ }
+ if (_remoteProperties.containsKey(Symbol.valueOf("version")))
+ {
+ setClientVersion(_remoteProperties.get(Symbol.valueOf("version")).toString());
}
+ setClientId(_remoteContainerId);
if (_idleTimeout != 0L && _idleTimeout < MINIMUM_SUPPORTED_IDLE_TIMEOUT)
{
closeConnection(ConnectionError.CONNECTION_FORCED,
@@ -791,7 +792,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
{
long desiredIdleTimeout = getDesiredIdleTimeout();
initialiseHeartbeating(_idleTimeout / 2L, desiredIdleTimeout);
- final NamedAddressSpace addressSpace = ((AmqpPort) _port).getAddressSpace(_localHostname);
+ final NamedAddressSpace addressSpace = _port.getAddressSpace(_localHostname);
if (addressSpace == null)
{
closeWithError(AmqpError.NOT_FOUND, "Unknown hostname in connection open: '" + _localHostname + "'");
@@ -846,7 +847,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
private void populateConnectionRedirect(final NamedAddressSpace addressSpace, final Error err)
{
- final String redirectHost = addressSpace.getRedirectHost(((AmqpPort) _port));
+ final String redirectHost = addressSpace.getRedirectHost(_port);
if(redirectHost == null)
{
@@ -900,6 +901,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
}
}
+ @Override
public void receiveDetach(final short channel, final Detach detach)
{
assertState(FrameReceivingState.ANY_FRAME);
@@ -949,6 +951,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
_closedForOutput = closed;
}
+ @Override
public void receiveSaslInit(final SaslInit saslInit)
{
assertState(FrameReceivingState.SASL_INIT_ONLY);
@@ -989,13 +992,13 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
_successfulAuthenticationResult = authenticationResult;
if (challenge == null || challenge.length == 0)
{
- setSubject(_successfulAuthenticationResult.getSubject());
- SaslOutcome outcome = new SaslOutcome();
- outcome.setCode(SaslCode.OK);
- send(new SASLFrame(outcome), null);
- _saslComplete = true;
- _frameReceivingState = FrameReceivingState.AMQP_HEADER;
- disposeSaslNegotiator();
+ setSubject(_successfulAuthenticationResult.getSubject());
+ SaslOutcome outcome = new SaslOutcome();
+ outcome.setCode(SaslCode.OK);
+ send(new SASLFrame(outcome), null);
+ _saslComplete = true;
+ _frameReceivingState = FrameReceivingState.AMQP_HEADER;
+ disposeSaslNegotiator();
}
else
{
@@ -1179,15 +1182,11 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
@Override
public void readerIdle()
{
- AccessController.doPrivileged(new PrivilegedAction<Object>()
+ AccessController.doPrivileged((PrivilegedAction<Object>) () ->
{
- @Override
- public Object run()
- {
- getEventLogger().message(ConnectionMessages.IDLE_CLOSE("", false));
- getNetwork().close();
- return null;
- }
+ getEventLogger().message(ConnectionMessages.IDLE_CLOSE("", false));
+ getNetwork().close();
+ return null;
}, getAccessControllerContext());
}
@@ -1203,64 +1202,61 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
+ @Override
public void received(final QpidByteBuffer msg)
{
- AccessController.doPrivileged(new PrivilegedAction<Object>()
+ AccessController.doPrivileged((PrivilegedAction<Object>) () ->
{
- @Override
- public Object run()
+ updateLastReadTime();
+ try
{
- updateLastReadTime();
- try
+ int remaining;
+
+ do
{
- int remaining;
+ remaining = msg.remaining();
- do
+ switch (_frameReceivingState)
{
- remaining = msg.remaining();
-
- switch (_frameReceivingState)
- {
- case AMQP_OR_SASL_HEADER:
- case AMQP_HEADER:
- if (remaining >= 8)
- {
- processProtocolHeader(msg);
- }
- break;
- case OPEN_ONLY:
- case ANY_FRAME:
- case SASL_INIT_ONLY:
- case SASL_RESPONSE_ONLY:
- _frameHandler.parse(msg);
- break;
- case CLOSED:
- // ignore;
- break;
- }
+ case AMQP_OR_SASL_HEADER:
+ case AMQP_HEADER:
+ if (remaining >= 8)
+ {
+ processProtocolHeader(msg);
+ }
+ break;
+ case OPEN_ONLY:
+ case ANY_FRAME:
+ case SASL_INIT_ONLY:
+ case SASL_RESPONSE_ONLY:
+ _frameHandler.parse(msg);
+ break;
+ case CLOSED:
+ // ignore;
+ break;
+ }
- }
- while (msg.remaining() != remaining);
}
- catch (IllegalArgumentException | IllegalStateException e)
+ while (msg.remaining() != remaining);
+ }
+ catch (IllegalArgumentException | IllegalStateException e)
+ {
+ throw new ConnectionScopedRuntimeException(e);
+ }
+ catch (StoreException e)
+ {
+ if (getAddressSpace().isActive())
{
- throw new ConnectionScopedRuntimeException(e);
+ throw new ServerScopedRuntimeException(e);
}
- catch (StoreException e)
+ else
{
- if (getAddressSpace().isActive())
- {
- throw new ServerScopedRuntimeException(e);
- }
- else
- {
- throw new ConnectionScopedRuntimeException(e);
- }
+ throw new ConnectionScopedRuntimeException(e);
}
- return null;
}
+ return null;
}, getAccessControllerContext());
}
@@ -1272,8 +1268,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
byte[] header = new byte[8];
msg.get(header);
- final AuthenticationProvider authenticationProvider = getPort().getAuthenticationProvider();
- final SubjectCreator subjectCreator = authenticationProvider.getSubjectCreator(getTransport().isSecure());
+ final AuthenticationProvider<?> authenticationProvider = getPort().getAuthenticationProvider();
if(Arrays.equals(header, SASL_HEADER))
{
@@ -1286,7 +1281,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
SaslMechanisms mechanisms = new SaslMechanisms();
ArrayList<Symbol> mechanismsList = new ArrayList<>();
- for (String name : subjectCreator.getMechanisms())
+ for (String name : authenticationProvider.getAvailableMechanisms(getTransport().isSecure()))
{
mechanismsList.add(Symbol.valueOf(name));
}
@@ -1300,7 +1295,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
{
if(!_saslComplete)
{
- final List<String> mechanisms = subjectCreator.getMechanisms();
+ final List<String> mechanisms = authenticationProvider.getAvailableMechanisms(getTransport().isSecure());
if(mechanisms.contains(ExternalAuthenticationManagerImpl.MECHANISM_NAME) && getNetwork().getPeerPrincipal() != null)
{
@@ -1340,6 +1335,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
}
+ @Override
public void closed()
{
try
@@ -1363,6 +1359,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
}
}
+ @Override
public void send(final AMQFrame amqFrame)
{
send(amqFrame, null);
@@ -1370,6 +1367,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
+ @Override
public void send(final AMQFrame amqFrame, ByteBuffer buf)
{
updateLastWriteTime();
@@ -1468,6 +1466,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
_workListener.set(listener);
}
+ @Override
public boolean hasSessionWithName(final byte[] name)
{
return false;
@@ -1490,18 +1489,11 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
default:
cause = AmqpError.INTERNAL_ERROR;
}
- Action<ConnectionHandler> action = new Action<ConnectionHandler>()
- {
- @Override
- public void performAction(final ConnectionHandler object)
- {
- closeConnection(cause, description);
-
- }
- };
+ Action<ConnectionHandler> action = object -> closeConnection(cause, description);
addAsyncTask(action);
}
+ @Override
public void closeSessionAsync(final AMQPSession<?,?> session,
final CloseReason reason, final String message)
{
@@ -1517,24 +1509,18 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
default:
cause = AmqpError.INTERNAL_ERROR;
}
- addAsyncTask(new Action<ConnectionHandler>()
- {
+ addAsyncTask(object -> AccessController.doPrivileged(new PrivilegedAction<Void>() {
@Override
- public void performAction(final ConnectionHandler object)
+ public Void run()
{
- AccessController.doPrivileged(new PrivilegedAction<Void>() {
- @Override
- public Void run()
- {
- ((Session_1_0)session).close(cause, message);
- return null;
- }
- }, ((Session_1_0)session).getAccessControllerContext());
+ ((Session_1_0)session).close(cause, message);
+ return null;
}
- });
+ }, ((Session_1_0)session).getAccessControllerContext()));
}
+ @Override
public void block()
{
synchronized (_blockingLock)
@@ -1542,15 +1528,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
if (!_blocking)
{
_blocking = true;
- doOnIOThreadAsync(
- new Runnable()
- {
- @Override
- public void run()
- {
- doBlock();
- }
- });
+ doOnIOThreadAsync(this::doBlock);
}
}
}
@@ -1563,16 +1541,19 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
}
}
+ @Override
public String getRemoteContainerName()
{
return _remoteContainerId;
}
+ @Override
public Collection<? extends Session_1_0> getSessionModels()
{
return Collections.unmodifiableCollection(_sessions);
}
+ @Override
public void unblock()
{
synchronized (_blockingLock)
@@ -1580,15 +1561,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
if(_blocking)
{
_blocking = false;
- doOnIOThreadAsync(
- new Runnable()
- {
- @Override
- public void run()
- {
- doUnblock();
- }
- });
+ doOnIOThreadAsync(this::doUnblock);
}
}
}
@@ -1719,25 +1692,11 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
final Action<? super ConnectionHandler> asyncAction = _asyncTaskList.poll();
if(asyncAction != null)
{
- return new Runnable()
- {
- @Override
- public void run()
- {
- asyncAction.performAction(AMQPConnection_1_0Impl.this);
- }
- };
+ return () -> asyncAction.performAction(AMQPConnection_1_0Impl.this);
}
else
{
- return new Runnable()
- {
- @Override
- public void run()
- {
-
- }
- };
+ return () -> { };
}
}
else
@@ -1747,16 +1706,12 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
_sessionIterator = _sessionsWithWork.iterator();
}
final AMQPSession<?,?> session = _sessionIterator.next();
- return new Runnable()
+ return () ->
{
- @Override
- public void run()
+ _sessionIterator.remove();
+ if (session.processPending())
{
- _sessionIterator.remove();
- if (session.processPending())
- {
- _sessionsWithWork.add(session);
- }
+ _sessionsWithWork.add(session);
}
};
}
@@ -1764,14 +1719,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
else if(!_asyncTaskList.isEmpty())
{
final Action<? super ConnectionHandler> asyncAction = _asyncTaskList.poll();
- return new Runnable()
- {
- @Override
- public void run()
- {
- asyncAction.performAction(AMQPConnection_1_0Impl.this);
- }
- };
+ return () -> asyncAction.performAction(AMQPConnection_1_0Impl.this);
}
else
{
@@ -1815,7 +1763,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
@Override
public IdentifiedTransaction next()
{
- IdentifiedTransaction txn = null;
+ IdentifiedTransaction txn;
for( ; _index < _openTransactions.length; _index++)
{
if(_openTransactions[_index] != null)
@@ -1857,7 +1805,7 @@ public class AMQPConnection_1_0Impl extends AbstractAMQPConnection<AMQPConnectio
{
final int newSize = maxOpenTransactions < 1024 ? 2*maxOpenTransactions : maxOpenTransactions + 1024;
- _openTransactions = new ServerTransaction[2*maxOpenTransactions];
+ _openTransactions = new ServerTransaction[newSize];
System.arraycopy(openTransactions, 0, _openTransactions, 0, maxOpenTransactions);
}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/type/transport/Open.java
----------------------------------------------------------------------
diff --git a/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/type/transport/Open.java b/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/type/transport/Open.java
index a341de2..5b10b95 100644
--- a/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/type/transport/Open.java
+++ b/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/type/transport/Open.java
@@ -66,7 +66,7 @@ public class Open implements FrameBody
private Symbol[] _desiredCapabilities;
@CompositeTypeField
- private Map _properties;
+ private Map<Symbol,Object> _properties;
public String getContainerId()
{
@@ -158,12 +158,12 @@ public class Open implements FrameBody
_desiredCapabilities = desiredCapabilities;
}
- public Map getProperties()
+ public Map<Symbol,Object> getProperties()
{
return _properties;
}
- public void setProperties(Map properties)
+ public void setProperties(Map<Symbol,Object> properties)
{
_properties = properties;
}
@@ -268,6 +268,7 @@ public class Open implements FrameBody
return builder.toString();
}
+ @Override
public void invoke(short channel, ConnectionHandler conn)
{
conn.receiveOpen(channel, this);
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/amqp-1-0-protocol/src/test/java/org/apache/qpid/server/protocol/v1_0/ProtocolEngine_1_0_0Test.java
----------------------------------------------------------------------
diff --git a/broker-plugins/amqp-1-0-protocol/src/test/java/org/apache/qpid/server/protocol/v1_0/ProtocolEngine_1_0_0Test.java b/broker-plugins/amqp-1-0-protocol/src/test/java/org/apache/qpid/server/protocol/v1_0/ProtocolEngine_1_0_0Test.java
index 065d22b..dfe7a39 100644
--- a/broker-plugins/amqp-1-0-protocol/src/test/java/org/apache/qpid/server/protocol/v1_0/ProtocolEngine_1_0_0Test.java
+++ b/broker-plugins/amqp-1-0-protocol/src/test/java/org/apache/qpid/server/protocol/v1_0/ProtocolEngine_1_0_0Test.java
@@ -72,10 +72,10 @@ import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManag
import org.apache.qpid.server.security.auth.manager.ExternalAuthenticationManagerImpl;
import org.apache.qpid.server.transport.AMQPConnection;
import org.apache.qpid.server.transport.AggregateTicker;
+import org.apache.qpid.server.transport.ByteBufferSender;
import org.apache.qpid.server.transport.ServerNetworkConnection;
import org.apache.qpid.server.virtualhost.VirtualHostPrincipal;
import org.apache.qpid.test.utils.QpidTestCase;
-import org.apache.qpid.server.transport.ByteBufferSender;
public class ProtocolEngine_1_0_0Test extends QpidTestCase
{
@@ -112,6 +112,7 @@ public class ProtocolEngine_1_0_0Test extends QpidTestCase
when(_port.getModel()).thenReturn(BrokerModel.getInstance());
_subjectCreator = mock(SubjectCreator.class);
_authenticationProvider = mock(AuthenticationProvider.class);
+
when(_port.getAuthenticationProvider()).thenReturn(_authenticationProvider);
_virtualHost = mock(VirtualHost.class);
when(_virtualHost.getChildExecutor()).thenReturn(taskExecutor);
@@ -131,7 +132,7 @@ public class ProtocolEngine_1_0_0Test extends QpidTestCase
}).when(_virtualHost).registerConnection(connectionCaptor.capture());
when(_virtualHost.getPrincipal()).thenReturn(mock(VirtualHostPrincipal.class));
when(_port.getAddressSpace(anyString())).thenReturn(_virtualHost);
- when(_authenticationProvider.getSubjectCreator(anyBoolean())).thenReturn(_subjectCreator);
+ when(_port.getSubjectCreator(anyBoolean())).thenReturn(_subjectCreator);
final ArgumentCaptor<Principal> userCaptor = ArgumentCaptor.forClass(Principal.class);
when(_subjectCreator.createSubjectWithGroups(userCaptor.capture())).then(new Answer<Subject>()
@@ -238,14 +239,7 @@ public class ProtocolEngine_1_0_0Test extends QpidTestCase
public void testProtocolEngineWithNoSaslTLSandExternal() throws Exception
{
- final Principal principal = new Principal()
- {
- @Override
- public String getName()
- {
- return "test";
- }
- };
+ final Principal principal = () -> "test";
when(_networkConnection.getPeerPrincipal()).thenReturn(principal);
allowMechanisms(ExternalAuthenticationManagerImpl.MECHANISM_NAME);
@@ -269,6 +263,8 @@ public class ProtocolEngine_1_0_0Test extends QpidTestCase
final AnonymousAuthenticationManager anonymousAuthenticationManager =
(new AnonymousAuthenticationManagerFactory()).create(null, attrs, _broker);
when(_port.getAuthenticationProvider()).thenReturn(anonymousAuthenticationManager);
+ when(_port.getSubjectCreator(anyBoolean())).thenReturn(new SubjectCreator(anonymousAuthenticationManager, Collections.emptyList()));
+
allowMechanisms(AnonymousAuthenticationManager.MECHANISM_NAME);
createEngine(Transport.TCP);
@@ -302,6 +298,6 @@ public class ProtocolEngine_1_0_0Test extends QpidTestCase
private void allowMechanisms(String... mechanisms)
{
- when(_subjectCreator.getMechanisms()).thenReturn(Arrays.asList(mechanisms));
+ when(_authenticationProvider.getAvailableMechanisms(anyBoolean())).thenReturn(Arrays.asList(mechanisms));
}
}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
index c67dbcf..02aa6ef 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
@@ -119,7 +119,6 @@ import org.apache.qpid.server.util.ServerScopedRuntimeException;
@ManagedObject( category = false, type = HttpManagement.PLUGIN_TYPE )
public class HttpManagement extends AbstractPluginAdapter<HttpManagement> implements HttpManagementConfiguration<HttpManagement>, PortManager
{
- private static final String PORT_SERVLET_ATTRIBUTE = "org.apache.qpid.server.model.Port";
private final Logger _logger = LoggerFactory.getLogger(HttpManagement.class);
// 10 minutes by default
@@ -252,26 +251,31 @@ public class HttpManagement extends AbstractPluginAdapter<HttpManagement> implem
return Futures.immediateFuture(null);
}
+ @Override
public int getSessionTimeout()
{
return _sessionTimeout;
}
+ @Override
public String getCorsAllowOrigins()
{
return _corsAllowOrigins;
}
+ @Override
public Set<String> getCorsAllowMethods()
{
return _corsAllowMethods;
}
+ @Override
public String getCorsAllowHeaders()
{
return _corsAllowHeaders;
}
+ @Override
public boolean getCorsAllowCredentials()
{
return _corsAllowCredentials;
@@ -454,7 +458,9 @@ public class HttpManagement extends AbstractPluginAdapter<HttpManagement> implem
httpConnectionFactory.getHttpConfiguration().setSendServerVersion(false);
httpConnectionFactory.getHttpConfiguration().setSendXPoweredBy(false);
HttpConfiguration.Customizer requestAttributeCustomizer =
- (connector, channelConfig, request) -> request.setAttribute(PORT_SERVLET_ATTRIBUTE, port);
+ (connector, httpConfiguration, request) -> HttpManagementUtil.getPortAttributeAction(port)
+ .performAction(request);
+
httpConnectionFactory.getHttpConfiguration().addCustomizer(requestAttributeCustomizer);
httpConnectionFactory.getHttpConfiguration().addCustomizer(new SecureRequestCustomizer());
@@ -801,9 +807,10 @@ public class HttpManagement extends AbstractPluginAdapter<HttpManagement> implem
return Collections.unmodifiableSet(combinationsAsString);
}
- public static HttpPort<?> getPort(final HttpServletRequest request)
+ @Override
+ public HttpPort<?> getPort(final HttpServletRequest request)
{
- return (HttpPort<?>)request.getAttribute(PORT_SERVLET_ATTRIBUTE);
+ return HttpManagementUtil.getPort(request);
}
@Override
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementConfiguration.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementConfiguration.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementConfiguration.java
index 49ff5a0..df75f20 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementConfiguration.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementConfiguration.java
@@ -21,12 +21,14 @@
package org.apache.qpid.server.management.plugin;
import java.util.Set;
+
import javax.servlet.http.HttpServletRequest;
import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.ManagedAttribute;
import org.apache.qpid.server.model.ManagedContextDefault;
import org.apache.qpid.server.model.Plugin;
+import org.apache.qpid.server.model.Port;
public interface HttpManagementConfiguration<X extends HttpManagementConfiguration<X>> extends Plugin<X>
{
@@ -75,4 +77,5 @@ public interface HttpManagementConfiguration<X extends HttpManagementConfigurati
long DEFAULT_PREFERENCE_OPERTAION_TIMEOUT = 10000L;
AuthenticationProvider getAuthenticationProvider(HttpServletRequest request);
+ Port<?> getPort(HttpServletRequest request);
}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementUtil.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementUtil.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementUtil.java
index c25b190..c783da7 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementUtil.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementUtil.java
@@ -45,8 +45,11 @@ import javax.servlet.http.HttpSession;
import org.apache.qpid.server.management.plugin.servlet.ServletConnectionPrincipal;
import org.apache.qpid.server.management.plugin.session.LoginLogoutReporter;
import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.model.Port;
+import org.apache.qpid.server.model.port.HttpPort;
import org.apache.qpid.server.plugin.QpidServiceLoader;
import org.apache.qpid.server.security.access.Operation;
+import org.apache.qpid.server.util.Action;
public class HttpManagementUtil
{
@@ -65,6 +68,9 @@ public class HttpManagementUtil
private static final String ATTR_SUBJECT = "Qpid.subject";
private static final String ATTR_LOG_ACTOR = "Qpid.logActor";
+ private static final String ATTR_PORT = "org.apache.qpid.server.model.Port";
+
+
public static final String ACCEPT_ENCODING_HEADER = "Accept-Encoding";
public static final String CONTENT_ENCODING_HEADER = "Content-Encoding";
public static final String GZIP_CONTENT_ENCODING = "gzip";
@@ -84,7 +90,17 @@ public class HttpManagementUtil
public static String getRequestSpecificAttributeName(String name, HttpServletRequest request)
{
- return name + "." + HttpManagement.getPort(request).getId();
+ return name + "." + getPort(request).getId();
+ }
+
+ static Action<HttpServletRequest> getPortAttributeAction(Port<?> port)
+ {
+ return request -> request.setAttribute(ATTR_PORT, port);
+ }
+
+ public static HttpPort<?> getPort(final HttpServletRequest request)
+ {
+ return (HttpPort<?>)request.getAttribute(ATTR_PORT);
}
public static Broker<?> getBroker(ServletContext servletContext)
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/AnonymousInteractiveAuthenticator.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/AnonymousInteractiveAuthenticator.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/AnonymousInteractiveAuthenticator.java
index 8d473bc..8ef887c 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/AnonymousInteractiveAuthenticator.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/AnonymousInteractiveAuthenticator.java
@@ -33,6 +33,7 @@ import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
import org.apache.qpid.server.management.plugin.HttpManagementUtil;
import org.apache.qpid.server.management.plugin.HttpRequestInteractiveAuthenticator;
import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.plugin.PluggableService;
import org.apache.qpid.server.security.auth.AuthenticationResult;
import org.apache.qpid.server.security.auth.SubjectAuthenticationResult;
@@ -52,6 +53,7 @@ public class AnonymousInteractiveAuthenticator implements HttpRequestInteractive
public AuthenticationHandler getAuthenticationHandler(final HttpServletRequest request,
final HttpManagementConfiguration configuration)
{
+ final Port<?> port = configuration.getPort(request);
if(configuration.getAuthenticationProvider(request) instanceof AnonymousAuthenticationManager)
{
return response ->
@@ -61,7 +63,7 @@ public class AnonymousInteractiveAuthenticator implements HttpRequestInteractive
AuthenticationResult authenticationResult = authenticationProvider.getAnonymousAuthenticationResult();
try
{
- SubjectAuthenticationResult result = authenticationProvider.getSubjectCreator(request.isSecure()).createResultWithGroups(authenticationResult);
+ SubjectAuthenticationResult result = port.getSubjectCreator(request.isSecure()).createResultWithGroups(authenticationResult);
Subject original = result.getSubject();
if (original == null)
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/AnonymousPreemptiveAuthenticator.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/AnonymousPreemptiveAuthenticator.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/AnonymousPreemptiveAuthenticator.java
index 1465e9b..cb6b559 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/AnonymousPreemptiveAuthenticator.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/AnonymousPreemptiveAuthenticator.java
@@ -26,6 +26,7 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
import org.apache.qpid.server.management.plugin.HttpRequestPreemptiveAuthenticator;
import org.apache.qpid.server.model.AuthenticationProvider;
+import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.plugin.PluggableService;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManager;
@@ -40,8 +41,9 @@ public class AnonymousPreemptiveAuthenticator implements HttpRequestPreemptiveAu
public Subject attemptAuthentication(final HttpServletRequest request,
final HttpManagementConfiguration managementConfig)
{
+ final Port<?> port = managementConfig.getPort(request);
final AuthenticationProvider authenticationProvider = managementConfig.getAuthenticationProvider(request);
- SubjectCreator subjectCreator = authenticationProvider.getSubjectCreator(request.isSecure());
+ SubjectCreator subjectCreator = port.getSubjectCreator(request.isSecure());
if(authenticationProvider instanceof AnonymousAuthenticationManager)
{
return subjectCreator.createResultWithGroups(((AnonymousAuthenticationManager) authenticationProvider).getAnonymousAuthenticationResult()).getSubject();
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/BasicAuthPreemptiveAuthenticator.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/BasicAuthPreemptiveAuthenticator.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/BasicAuthPreemptiveAuthenticator.java
index f04fd35..9393e5d 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/BasicAuthPreemptiveAuthenticator.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/BasicAuthPreemptiveAuthenticator.java
@@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
import org.apache.qpid.server.management.plugin.HttpRequestPreemptiveAuthenticator;
import org.apache.qpid.server.model.AuthenticationProvider;
+import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.plugin.PluggableService;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticationResult;
@@ -45,8 +46,9 @@ public class BasicAuthPreemptiveAuthenticator implements HttpRequestPreemptiveAu
public Subject attemptAuthentication(final HttpServletRequest request, final HttpManagementConfiguration managementConfiguration)
{
String header = request.getHeader("Authorization");
+ final Port<?> port = managementConfiguration.getPort(request);
final AuthenticationProvider<?> authenticationProvider = managementConfiguration.getAuthenticationProvider(request);
- SubjectCreator subjectCreator = authenticationProvider.getSubjectCreator(request.isSecure());
+ SubjectCreator subjectCreator = port.getSubjectCreator(request.isSecure());
if (header != null && authenticationProvider instanceof UsernamePasswordAuthenticationProvider)
{
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/OAuth2InteractiveAuthenticator.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/OAuth2InteractiveAuthenticator.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/OAuth2InteractiveAuthenticator.java
index dcf7ab0..9498162 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/OAuth2InteractiveAuthenticator.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/OAuth2InteractiveAuthenticator.java
@@ -42,6 +42,7 @@ import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
import org.apache.qpid.server.management.plugin.HttpManagementUtil;
import org.apache.qpid.server.management.plugin.HttpRequestInteractiveAuthenticator;
import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.plugin.PluggableService;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticationResult;
@@ -88,6 +89,8 @@ public class OAuth2InteractiveAuthenticator implements HttpRequestInteractiveAut
public AuthenticationHandler getAuthenticationHandler(final HttpServletRequest request,
final HttpManagementConfiguration configuration)
{
+ final Port<?> port = configuration.getPort(request);
+
if (configuration.getAuthenticationProvider(request) instanceof OAuth2AuthenticationProvider)
{
final OAuth2AuthenticationProvider oauth2Provider =
@@ -189,7 +192,7 @@ public class OAuth2InteractiveAuthenticator implements HttpRequestInteractiveAut
private Subject createSubject(final AuthenticationResult authenticationResult)
{
- SubjectCreator subjectCreator = oauth2Provider.getSubjectCreator(request.isSecure());
+ SubjectCreator subjectCreator = port.getSubjectCreator(request.isSecure());
SubjectAuthenticationResult result = subjectCreator.createResultWithGroups(authenticationResult);
Subject original = result.getSubject();
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/OAuth2PreemptiveAuthenticator.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/OAuth2PreemptiveAuthenticator.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/OAuth2PreemptiveAuthenticator.java
index 4fb209b..b696b63 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/OAuth2PreemptiveAuthenticator.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/OAuth2PreemptiveAuthenticator.java
@@ -29,6 +29,7 @@ import org.slf4j.LoggerFactory;
import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
import org.apache.qpid.server.management.plugin.HttpRequestPreemptiveAuthenticator;
import org.apache.qpid.server.model.AuthenticationProvider;
+import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.plugin.PluggableService;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticationResult;
@@ -46,6 +47,7 @@ public class OAuth2PreemptiveAuthenticator implements HttpRequestPreemptiveAuthe
public Subject attemptAuthentication(final HttpServletRequest request,
final HttpManagementConfiguration configuration)
{
+ final Port<?> port = configuration.getPort(request);
final AuthenticationProvider<?> authenticationProvider = configuration.getAuthenticationProvider(request);
String authorizationHeader = request.getHeader("Authorization");
String accessToken = null;
@@ -60,7 +62,7 @@ public class OAuth2PreemptiveAuthenticator implements HttpRequestPreemptiveAuthe
OAuth2AuthenticationProvider<?> oAuth2AuthProvider = (OAuth2AuthenticationProvider<?>) authenticationProvider;
AuthenticationResult authenticationResult = oAuth2AuthProvider.authenticateViaAccessToken(accessToken);
- SubjectCreator subjectCreator = authenticationProvider.getSubjectCreator(request.isSecure());
+ SubjectCreator subjectCreator = port.getSubjectCreator(request.isSecure());
SubjectAuthenticationResult result = subjectCreator.createResultWithGroups(authenticationResult);
return result.getSubject();
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/SSLClientCertPreemptiveAuthenticator.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/SSLClientCertPreemptiveAuthenticator.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/SSLClientCertPreemptiveAuthenticator.java
index feac337..f41e4e3 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/SSLClientCertPreemptiveAuthenticator.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/SSLClientCertPreemptiveAuthenticator.java
@@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
import org.apache.qpid.server.management.plugin.HttpRequestPreemptiveAuthenticator;
import org.apache.qpid.server.model.AuthenticationProvider;
+import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.plugin.PluggableService;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
@@ -50,7 +51,8 @@ public class SSLClientCertPreemptiveAuthenticator implements HttpRequestPreempti
final HttpManagementConfiguration managementConfig)
{
final AuthenticationProvider authenticationProvider = managementConfig.getAuthenticationProvider(request);
- SubjectCreator subjectCreator = authenticationProvider.getSubjectCreator(request.isSecure());
+ final Port<?> port = managementConfig.getPort(request);
+ SubjectCreator subjectCreator = port.getSubjectCreator(request.isSecure());
if(request.isSecure()
&& authenticationProvider instanceof ExternalAuthenticationManager
&& Collections.list(request.getAttributeNames()).contains(CERTIFICATE_ATTRIBUTE_NAME))
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java
index 4bbc030..4403200 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java
@@ -47,7 +47,6 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.qpid.server.management.plugin.GunzipOutputStream;
-import org.apache.qpid.server.management.plugin.HttpManagement;
import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
import org.apache.qpid.server.management.plugin.HttpManagementUtil;
import org.apache.qpid.server.model.AbstractConfigurationChangeListener;
@@ -92,7 +91,7 @@ public abstract class AbstractServlet extends HttpServlet
private ConfiguredObject<?> getManagedObject(final HttpServletRequest request, final HttpServletResponse resp)
{
- HttpPort<?> port = HttpManagement.getPort(request);
+ HttpPort<?> port = HttpManagementUtil.getPort(request);
final NamedAddressSpace addressSpace = port.getAddressSpace(request.getServerName());
if(addressSpace == null)
{
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java
index 8bcd4bd..792aec4 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java
@@ -50,23 +50,22 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
-import org.apache.qpid.server.management.plugin.HttpManagement;
import org.apache.qpid.server.management.plugin.HttpManagementUtil;
import org.apache.qpid.server.model.AbstractConfiguredObject;
import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.ConfiguredObjectFinder;
import org.apache.qpid.server.model.ConfiguredObjectOperation;
import org.apache.qpid.server.model.Content;
-import org.apache.qpid.server.util.ExternalServiceException;
import org.apache.qpid.server.model.IllegalStateTransitionException;
import org.apache.qpid.server.model.IntegrityViolationException;
import org.apache.qpid.server.model.Model;
import org.apache.qpid.server.model.OperationTimeoutException;
import org.apache.qpid.server.model.preferences.UserPreferences;
+import org.apache.qpid.server.util.DataUrlUtils;
+import org.apache.qpid.server.util.ExternalServiceException;
import org.apache.qpid.server.util.ExternalServiceTimeoutException;
import org.apache.qpid.server.util.ServerScopedRuntimeException;
import org.apache.qpid.server.util.urlstreamhandler.data.Handler;
-import org.apache.qpid.server.util.DataUrlUtils;
public class RestServlet extends AbstractServlet
{
@@ -637,7 +636,7 @@ public class RestServlet extends AbstractServlet
}
- if(operation.isSecure(target, operationArguments) && !(request.isSecure() || HttpManagement.getPort(request).isAllowConfidentialOperationsOnInsecureChannels()))
+ if(operation.isSecure(target, operationArguments) && !(request.isSecure() || HttpManagementUtil.getPort(request).isAllowConfidentialOperationsOnInsecureChannels()))
{
sendJsonErrorResponse(request,
response,
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
index 5609669..cda1cd9 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
@@ -42,8 +42,10 @@ import org.slf4j.LoggerFactory;
import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
import org.apache.qpid.server.management.plugin.HttpManagementUtil;
import org.apache.qpid.server.management.plugin.SessionInvalidatedException;
+import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.ConfiguredObject;
+import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
import org.apache.qpid.server.security.auth.AuthenticationResult;
@@ -74,14 +76,15 @@ public class SaslServlet extends AbstractServlet
+ @Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response,
final ConfiguredObject<?> managedObject) throws ServletException, IOException
{
getRandom(request);
- SubjectCreator subjectCreator = getSubjectCreator(request);
- List<String> mechanismsList = subjectCreator.getMechanisms();
+ AuthenticationProvider<?> authenticationProvider = getAuthenticationProvider(request);
+ List<String> mechanismsList = authenticationProvider.getAvailableMechanisms(request.isSecure());
String[] mechanisms = mechanismsList.toArray(new String[mechanismsList.size()]);
Map<String, Object> outputObject = new LinkedHashMap<String, Object>();
@@ -134,11 +137,11 @@ public class SaslServlet extends AbstractServlet
String saslResponse = request.getParameter("response");
SubjectCreator subjectCreator = getSubjectCreator(request);
-
+ AuthenticationProvider<?> authenticationProvider = getAuthenticationProvider(request);
SaslNegotiator saslNegotiator = null;
if(mechanism != null)
{
- if(id == null && subjectCreator.getMechanisms().contains(mechanism))
+ if(id == null && authenticationProvider.getAvailableMechanisms(request.isSecure()).contains(mechanism))
{
LOGGER.debug("Creating SaslServer for mechanism: {}", mechanism);
@@ -291,7 +294,13 @@ public class SaslServlet extends AbstractServlet
private SubjectCreator getSubjectCreator(HttpServletRequest request)
{
- return HttpManagementUtil.getManagementConfiguration(getServletContext()).getAuthenticationProvider(request).getSubjectCreator(
- request.isSecure());
+ final Port<?> port = HttpManagementUtil.getPort(request);
+
+ return port.getSubjectCreator(request.isSecure());
+ }
+
+ private AuthenticationProvider<?> getAuthenticationProvider(final HttpServletRequest request)
+ {
+ return HttpManagementUtil.getManagementConfiguration(getServletContext()).getAuthenticationProvider(request);
}
}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/auth/OAuth2InteractiveAuthenticatorTest.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/auth/OAuth2InteractiveAuthenticatorTest.java b/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/auth/OAuth2InteractiveAuthenticatorTest.java
index 48eb09c..edf62a8 100644
--- a/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/auth/OAuth2InteractiveAuthenticatorTest.java
+++ b/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/auth/OAuth2InteractiveAuthenticatorTest.java
@@ -21,6 +21,7 @@
package org.apache.qpid.server.management.plugin.auth;
import static org.mockito.Matchers.any;
+import static org.mockito.Matchers.anyBoolean;
import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.doAnswer;
import static org.mockito.Mockito.mock;
@@ -89,14 +90,18 @@ public class OAuth2InteractiveAuthenticatorTest extends QpidTestCase
private OAuth2InteractiveAuthenticator _authenticator;
private HttpManagementConfiguration _mockConfiguration;
private OAuth2AuthenticationProvider<?> _mockAuthProvider;
+ private HttpPort _mockPort;
@Override
public void setUp() throws Exception
{
super.setUp();
- _mockAuthProvider = createMockOAuth2AuthenticationProvider();
+
+ _mockPort = mock(HttpPort.class);
+ _mockAuthProvider = createMockOAuth2AuthenticationProvider(_mockPort);
_mockConfiguration = mock(HttpManagementConfiguration.class);
when(_mockConfiguration.getAuthenticationProvider(any(HttpServletRequest.class))).thenReturn(_mockAuthProvider);
+ when(_mockConfiguration.getPort(any(HttpServletRequest.class))).thenReturn(_mockPort);
_authenticator = new OAuth2InteractiveAuthenticator();
}
@@ -268,11 +273,12 @@ public class OAuth2InteractiveAuthenticatorTest extends QpidTestCase
return parameters;
}
- private OAuth2AuthenticationProvider<?> createMockOAuth2AuthenticationProvider() throws URISyntaxException
+ private OAuth2AuthenticationProvider<?> createMockOAuth2AuthenticationProvider(final HttpPort mockPort) throws URISyntaxException
{
OAuth2AuthenticationProvider authenticationProvider = mock(OAuth2AuthenticationProvider.class);
Broker mockBroker = mock(Broker.class);
SubjectCreator mockSubjectCreator = mock(SubjectCreator.class);
+ when(_mockPort.getSubjectCreator(anyBoolean())).thenReturn(mockSubjectCreator);
SubjectAuthenticationResult mockSuccessfulSubjectAuthenticationResult = mock(SubjectAuthenticationResult.class);
SubjectAuthenticationResult mockUnauthorizedSubjectAuthenticationResult = mock(SubjectAuthenticationResult.class);
final Subject successfulSubject = new Subject(true,
@@ -311,7 +317,6 @@ public class OAuth2InteractiveAuthenticatorTest extends QpidTestCase
when(authenticationProvider.getClientId()).thenReturn(TEST_CLIENT_ID);
when(authenticationProvider.getScope()).thenReturn(TEST_OAUTH2_SCOPE);
when(authenticationProvider.getParent()).thenReturn(mockBroker);
- when(authenticationProvider.getSubjectCreator(any(Boolean.class))).thenReturn(mockSubjectCreator);
when(authenticationProvider.authenticateViaAuthorizationCode(TEST_VALID_AUTHORIZATION_CODE, TEST_REQUEST_HOST)).thenReturn(mockSuccessfulAuthenticationResult);
when(authenticationProvider.authenticateViaAuthorizationCode(TEST_INVALID_AUTHORIZATION_CODE, TEST_REQUEST_HOST)).thenReturn(failedAuthenticationResult);
when(authenticationProvider.authenticateViaAuthorizationCode(TEST_UNAUTHORIZED_AUTHORIZATION_CODE, TEST_REQUEST_HOST)).thenReturn(mockUnauthorizedAuthenticationResult);
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/auth/OAuth2PreemptiveAuthenticatorTest.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/auth/OAuth2PreemptiveAuthenticatorTest.java b/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/auth/OAuth2PreemptiveAuthenticatorTest.java
index 9c3e4c4..f8aa5dc 100644
--- a/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/auth/OAuth2PreemptiveAuthenticatorTest.java
+++ b/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/auth/OAuth2PreemptiveAuthenticatorTest.java
@@ -31,6 +31,7 @@ import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
+import org.apache.qpid.server.model.port.HttpPort;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
import org.apache.qpid.server.security.auth.AuthenticationResult;
@@ -49,14 +50,17 @@ public class OAuth2PreemptiveAuthenticatorTest extends QpidTestCase
private OAuth2PreemptiveAuthenticator _authenticator;
private HttpManagementConfiguration _mockConfiguration;
+ private HttpPort _mockPort;
@Override
protected void setUp() throws Exception
{
super.setUp();
- OAuth2AuthenticationProvider<?> mockAuthProvider = createMockOAuth2AuthenticationProvider();
+ _mockPort = mock(HttpPort.class);
_mockConfiguration = mock(HttpManagementConfiguration.class);
+ OAuth2AuthenticationProvider<?> mockAuthProvider = createMockOAuth2AuthenticationProvider(_mockPort);
when(_mockConfiguration.getAuthenticationProvider(any(HttpServletRequest.class))).thenReturn(mockAuthProvider);
+ when(_mockConfiguration.getPort(any(HttpServletRequest.class))).thenReturn(_mockPort);
_authenticator = new OAuth2PreemptiveAuthenticator();
}
@@ -104,7 +108,7 @@ public class OAuth2PreemptiveAuthenticatorTest extends QpidTestCase
assertNull("Authenticator did not failed with malformed authentication header", subject);
}
- private OAuth2AuthenticationProvider<?> createMockOAuth2AuthenticationProvider() throws URISyntaxException
+ private OAuth2AuthenticationProvider<?> createMockOAuth2AuthenticationProvider(final HttpPort mockPort) throws URISyntaxException
{
OAuth2AuthenticationProvider authenticationProvider = mock(OAuth2AuthenticationProvider.class);
SubjectCreator mockSubjectCreator = mock(SubjectCreator.class);
@@ -128,7 +132,7 @@ public class OAuth2PreemptiveAuthenticatorTest extends QpidTestCase
new Exception("authentication failed"));
SubjectAuthenticationResult failedSubjectAuthenticationResult = new SubjectAuthenticationResult(failedAuthenticationResult);
- when(authenticationProvider.getSubjectCreator(any(Boolean.class))).thenReturn(mockSubjectCreator);
+ when(mockPort.getSubjectCreator(any(Boolean.class))).thenReturn(mockSubjectCreator);
when(authenticationProvider.authenticateViaAccessToken(TEST_VALID_ACCESS_TOKEN)).thenReturn(mockSuccessfulAuthenticationResult);
when(authenticationProvider.authenticateViaAccessToken(TEST_INVALID_ACCESS_TOKEN)).thenReturn(failedAuthenticationResult);
when(authenticationProvider.authenticateViaAccessToken(TEST_UNAUTHORIZED_ACCESS_TOKEN)).thenReturn(mockUnauthorizedAuthenticationResult);
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/systests/src/main/java/org/apache/qpid/systest/rest/Asserts.java
----------------------------------------------------------------------
diff --git a/systests/src/main/java/org/apache/qpid/systest/rest/Asserts.java b/systests/src/main/java/org/apache/qpid/systest/rest/Asserts.java
index fcbd4b8..df93c64 100644
--- a/systests/src/main/java/org/apache/qpid/systest/rest/Asserts.java
+++ b/systests/src/main/java/org/apache/qpid/systest/rest/Asserts.java
@@ -290,7 +290,8 @@ public class Asserts
Port.AUTHENTICATION_PROVIDER,
Port.KEY_STORE,
Port.TRUST_STORES,
- Port.PROTOCOLS);
+ Port.PROTOCOLS,
+ Port.CLIENT_CERT_RECORDER);
assertNotNull("Unexpected value of attribute " + Port.BINDING_ADDRESS, port.get(Port.BINDING_ADDRESS));
}
else
@@ -312,7 +313,8 @@ public class Asserts
Port.WANT_CLIENT_AUTH,
Port.KEY_STORE,
Port.TRUST_STORES,
- Port.PROTOCOLS);
+ Port.PROTOCOLS,
+ Port.CLIENT_CERT_RECORDER);
}
@SuppressWarnings("unchecked")
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org
[2/2] qpid-broker-j git commit: QPID-7800 - [Java Broker] Refactor
Port classes to remove unnecessary intermediate classes/interfaces
Posted by rg...@apache.org.
QPID-7800 - [Java Broker] Refactor Port classes to remove unnecessary intermediate classes/interfaces
Project: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/commit/9baae38e
Tree: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/tree/9baae38e
Diff: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/diff/9baae38e
Branch: refs/heads/master
Commit: 9baae38e5b673c3384f7dde5072cbc6e8436e1bf
Parents: fed08da
Author: rgodfrey <rg...@apache.org>
Authored: Tue May 30 14:48:06 2017 +0200
Committer: rgodfrey <rg...@apache.org>
Committed: Tue May 30 14:48:06 2017 +0200
----------------------------------------------------------------------
.../server/model/AuthenticationProvider.java | 17 +-
.../java/org/apache/qpid/server/model/Port.java | 18 ++
...ctClientAuthCapablePortWithAuthProvider.java | 130 ---------
.../qpid/server/model/port/AbstractPort.java | 165 ++++++++++--
.../port/AbstractPortWithAuthProvider.java | 112 --------
.../apache/qpid/server/model/port/AmqpPort.java | 17 +-
.../qpid/server/model/port/AmqpPortImpl.java | 10 +-
.../model/port/ClientAuthCapablePort.java | 32 ---
.../apache/qpid/server/model/port/HttpPort.java | 16 +-
.../qpid/server/model/port/HttpPortImpl.java | 3 +-
.../server/model/port/PortWithAuthProvider.java | 29 --
.../qpid/server/security/SubjectCreator.java | 35 +--
.../manager/AbstractAuthenticationManager.java | 27 +-
.../OAuth2AuthenticationProviderImpl.java | 9 +-
.../server/security/SubjectCreatorTest.java | 37 +--
.../ManagedAuthenticationManagerTestBase.java | 9 +-
.../protocol/v0_10/AMQPConnection_0_10Impl.java | 97 ++++---
.../v0_10/ServerConnectionDelegate.java | 30 +--
.../protocol/v0_8/AMQPConnection_0_8Impl.java | 28 +-
.../protocol/v0_8/AMQPConnection_0_8Test.java | 7 +-
.../protocol/v1_0/AMQPConnection_1_0Impl.java | 270 ++++++++-----------
.../protocol/v1_0/type/transport/Open.java | 7 +-
.../protocol/v1_0/ProtocolEngine_1_0_0Test.java | 18 +-
.../management/plugin/HttpManagement.java | 15 +-
.../plugin/HttpManagementConfiguration.java | 3 +
.../management/plugin/HttpManagementUtil.java | 18 +-
.../auth/AnonymousInteractiveAuthenticator.java | 4 +-
.../auth/AnonymousPreemptiveAuthenticator.java | 4 +-
.../auth/BasicAuthPreemptiveAuthenticator.java | 4 +-
.../auth/OAuth2InteractiveAuthenticator.java | 5 +-
.../auth/OAuth2PreemptiveAuthenticator.java | 4 +-
.../SSLClientCertPreemptiveAuthenticator.java | 4 +-
.../plugin/servlet/rest/AbstractServlet.java | 3 +-
.../plugin/servlet/rest/RestServlet.java | 7 +-
.../plugin/servlet/rest/SaslServlet.java | 21 +-
.../OAuth2InteractiveAuthenticatorTest.java | 11 +-
.../auth/OAuth2PreemptiveAuthenticatorTest.java | 10 +-
.../org/apache/qpid/systest/rest/Asserts.java | 6 +-
38 files changed, 508 insertions(+), 734 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/AuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/AuthenticationProvider.java b/broker-core/src/main/java/org/apache/qpid/server/model/AuthenticationProvider.java
index 06d7e8d..cfa3163 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/model/AuthenticationProvider.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/model/AuthenticationProvider.java
@@ -20,15 +20,9 @@
*/
package org.apache.qpid.server.model;
-import java.security.Principal;
import java.util.List;
-import javax.security.sasl.SaslException;
-import javax.security.sasl.SaslServer;
-
import org.apache.qpid.server.logging.EventLoggerProvider;
-import org.apache.qpid.server.security.SubjectCreator;
-import org.apache.qpid.server.security.auth.AuthenticationResult;
import org.apache.qpid.server.security.auth.sasl.SaslNegotiator;
import org.apache.qpid.server.security.auth.sasl.SaslSettings;
@@ -38,14 +32,6 @@ public interface AuthenticationProvider<X extends AuthenticationProvider<X>> ext
{
/**
- * A temporary method to create SubjectCreator.
- *
- * TODO: move all the functionality from SubjectCreator into AuthenticationProvider
- * @param secure
- */
- SubjectCreator getSubjectCreator(final boolean secure);
-
- /**
* Gets the SASL mechanisms known to this manager.
*
* @return SASL mechanism names, space separated.
@@ -61,4 +47,7 @@ public interface AuthenticationProvider<X extends AuthenticationProvider<X>> ext
List<String> getDisabledMechanisms();
SaslNegotiator createSaslNegotiator(String mechanism, final SaslSettings saslSettings);
+
+ List<String> getAvailableMechanisms(boolean secure);
+
}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/Port.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/Port.java b/broker-core/src/main/java/org/apache/qpid/server/model/Port.java
index a3d3cc7..9da0a70 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/model/Port.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/model/Port.java
@@ -27,6 +27,7 @@ import java.util.Set;
import com.google.common.util.concurrent.ListenableFuture;
import org.apache.qpid.server.configuration.CommonProperties;
+import org.apache.qpid.server.security.SubjectCreator;
@ManagedContextDependency({CommonProperties.QPID_SECURITY_TLS_PROTOCOL_WHITE_LIST, CommonProperties.QPID_SECURITY_TLS_CIPHER_SUITE_BLACK_LIST})
@ManagedObject( description = Port.CLASS_DESCRIPTION, amqpName = "org.apache.qpid.Port")
@@ -50,6 +51,8 @@ public interface Port<X extends Port<X>> extends ConfiguredObject<X>
String AUTHENTICATION_PROVIDER = "authenticationProvider";
String KEY_STORE = "keyStore";
String TRUST_STORES = "trustStores";
+ String CLIENT_CERT_RECORDER = "clientCertRecorder";
+
String CONNECTION_MAXIMUM_AUTHENTICATION_DELAY = "connection.maximumAuthenticationDelay";
@@ -91,6 +94,18 @@ public interface Port<X extends Port<X>> extends ConfiguredObject<X>
@DerivedAttribute
List<String> getTlsCipherSuiteBlackList();
+ @ManagedAttribute
+ boolean getNeedClientAuth();
+
+ @ManagedAttribute
+ boolean getWantClientAuth();
+
+ @ManagedAttribute
+ TrustStore<?> getClientCertRecorder();
+
+ @ManagedAttribute( mandatory = true )
+ AuthenticationProvider<?> getAuthenticationProvider();
+
Collection<Connection> getConnections();
void start();
@@ -98,4 +113,7 @@ public interface Port<X extends Port<X>> extends ConfiguredObject<X>
ListenableFuture<Void> startAsync();
NamedAddressSpace getAddressSpace(String name);
+
+ SubjectCreator getSubjectCreator(final boolean secure);
+
}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractClientAuthCapablePortWithAuthProvider.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractClientAuthCapablePortWithAuthProvider.java b/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractClientAuthCapablePortWithAuthProvider.java
deleted file mode 100644
index 507bf36..0000000
--- a/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractClientAuthCapablePortWithAuthProvider.java
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.qpid.server.model.port;
-
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.qpid.server.configuration.IllegalConfigurationException;
-import org.apache.qpid.server.model.ConfiguredObject;
-import org.apache.qpid.server.model.Container;
-import org.apache.qpid.server.model.ManagedAttributeField;
-import org.apache.qpid.server.model.TrustStore;
-import org.apache.qpid.server.security.ManagedPeerCertificateTrustStore;
-
-abstract public class AbstractClientAuthCapablePortWithAuthProvider<X extends AbstractClientAuthCapablePortWithAuthProvider<X>> extends AbstractPortWithAuthProvider<X>
- implements ClientAuthCapablePort<X>
-{
- public static final String DEFAULT_AMQP_NEED_CLIENT_AUTH = "false";
- public static final String DEFAULT_AMQP_WANT_CLIENT_AUTH = "false";
-
- @ManagedAttributeField
- private boolean _needClientAuth;
-
- @ManagedAttributeField
- private boolean _wantClientAuth;
-
- @ManagedAttributeField
- private TrustStore<?> _clientCertRecorder;
-
- public AbstractClientAuthCapablePortWithAuthProvider(final Map<String, Object> attributes,
- final Container<?> broker)
- {
- super(attributes, broker);
- }
-
- @Override
- public boolean getNeedClientAuth()
- {
- return _needClientAuth;
- }
-
- @Override
- public TrustStore<?> getClientCertRecorder()
- {
- return _clientCertRecorder;
- }
-
- @Override
- public boolean getWantClientAuth()
- {
- return _wantClientAuth;
- }
-
- @Override
- public void onValidate()
- {
- super.onValidate();
- boolean useClientAuth = getNeedClientAuth() || getWantClientAuth();
-
- if(useClientAuth && (getTrustStores() == null || getTrustStores().isEmpty()))
- {
- throw new IllegalConfigurationException("Can't create port which requests SSL client certificates but has no trust stores configured.");
- }
-
- boolean useTLSTransport = isUsingTLSTransport();
- if(useClientAuth && !useTLSTransport)
- {
- throw new IllegalConfigurationException(
- "Can't create port which requests SSL client certificates but doesn't use SSL transport.");
- }
-
- if(useClientAuth && getClientCertRecorder() != null)
- {
- if(!(getClientCertRecorder() instanceof ManagedPeerCertificateTrustStore))
- {
- throw new IllegalConfigurationException("Only trust stores of type " + ManagedPeerCertificateTrustStore.TYPE_NAME + " may be used as the client certificate recorder");
- }
- }
- }
-
- @Override
- protected void validateChange(final ConfiguredObject<?> proxyForValidation, final Set<String> changedAttributes)
- {
- super.validateChange(proxyForValidation, changedAttributes);
- ClientAuthCapablePort<?> updated = (ClientAuthCapablePort<?>)proxyForValidation;
-
- boolean requiresCertificate = updated.getNeedClientAuth() || updated.getWantClientAuth();
-
- boolean usesSsl = isUsingTLSTransport(updated.getTransports());
- if (usesSsl)
- {
- if ((updated.getTrustStores() == null || updated.getTrustStores().isEmpty() ) && requiresCertificate)
- {
- throw new IllegalConfigurationException("Can't create port which requests SSL client certificates but has no trust store configured.");
- }
- }
- else
- {
- if (requiresCertificate)
- {
- throw new IllegalConfigurationException("Can't create port which requests SSL client certificates but doesn't use SSL transport.");
- }
- }
-
-
- if(requiresCertificate && updated.getClientCertRecorder() != null)
- {
- if(!(updated.getClientCertRecorder() instanceof ManagedPeerCertificateTrustStore))
- {
- throw new IllegalConfigurationException("Only trust stores of type " + ManagedPeerCertificateTrustStore.TYPE_NAME + " may be used as the client certificate recorder");
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPort.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPort.java b/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPort.java
index 9914c2f..94ff7c3 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPort.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPort.java
@@ -21,6 +21,7 @@
package org.apache.qpid.server.model.port;
+import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Map;
@@ -36,20 +37,9 @@ import org.apache.qpid.server.configuration.CommonProperties;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.logging.EventLogger;
import org.apache.qpid.server.logging.messages.PortMessages;
-import org.apache.qpid.server.model.AbstractConfiguredObject;
-import org.apache.qpid.server.model.ConfiguredObject;
-import org.apache.qpid.server.model.Connection;
-import org.apache.qpid.server.model.Container;
-import org.apache.qpid.server.model.KeyStore;
-import org.apache.qpid.server.model.ManagedAttributeField;
-import org.apache.qpid.server.model.NamedAddressSpace;
-import org.apache.qpid.server.model.Port;
-import org.apache.qpid.server.model.Protocol;
-import org.apache.qpid.server.model.State;
-import org.apache.qpid.server.model.StateTransition;
-import org.apache.qpid.server.model.Transport;
-import org.apache.qpid.server.model.TrustStore;
-import org.apache.qpid.server.model.VirtualHostAlias;
+import org.apache.qpid.server.model.*;
+import org.apache.qpid.server.security.ManagedPeerCertificateTrustStore;
+import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.util.ParameterizedTypes;
public abstract class AbstractPort<X extends AbstractPort<X>> extends AbstractConfiguredObject<X> implements Port<X>
@@ -74,6 +64,19 @@ public abstract class AbstractPort<X extends AbstractPort<X>> extends AbstractCo
@ManagedAttributeField
private Set<Protocol> _protocols;
+ @ManagedAttributeField
+ private AuthenticationProvider _authenticationProvider;
+
+ @ManagedAttributeField
+ private boolean _needClientAuth;
+
+ @ManagedAttributeField
+ private boolean _wantClientAuth;
+
+ @ManagedAttributeField
+ private TrustStore<?> _clientCertRecorder;
+
+
private List<String> _tlsProtocolBlackList;
private List<String> _tlsProtocolWhiteList;
@@ -132,23 +135,87 @@ public abstract class AbstractPort<X extends AbstractPort<X>> extends AbstractCo
}
}
}
+
+ AuthenticationProvider<?> authenticationProvider = getAuthenticationProvider();
+ final Set<Transport> transports = getTransports();
+ validateAuthenticationMechanisms(authenticationProvider, transports);
+
+ boolean useClientAuth = getNeedClientAuth() || getWantClientAuth();
+
+ if(useClientAuth && (getTrustStores() == null || getTrustStores().isEmpty()))
+ {
+ throw new IllegalConfigurationException("Can't create port which requests SSL client certificates but has no trust stores configured.");
+ }
+
+ if(useClientAuth && !useTLSTransport)
+ {
+ throw new IllegalConfigurationException(
+ "Can't create port which requests SSL client certificates but doesn't use SSL transport.");
+ }
+
+ if(useClientAuth && getClientCertRecorder() != null)
+ {
+ if(!(getClientCertRecorder() instanceof ManagedPeerCertificateTrustStore))
+ {
+ throw new IllegalConfigurationException("Only trust stores of type " + ManagedPeerCertificateTrustStore.TYPE_NAME + " may be used as the client certificate recorder");
+ }
+ }
}
- protected final boolean isUsingTLSTransport()
+ private void validateAuthenticationMechanisms(final AuthenticationProvider<?> authenticationProvider,
+ final Set<Transport> transports)
{
- return isUsingTLSTransport(getTransports());
+ List<String> availableMechanisms = new ArrayList<>(authenticationProvider.getMechanisms());
+ if(authenticationProvider.getDisabledMechanisms() != null)
+ {
+ availableMechanisms.removeAll(authenticationProvider.getDisabledMechanisms());
+ }
+ if (availableMechanisms.isEmpty())
+ {
+ throw new IllegalConfigurationException("The authentication provider '"
+ + authenticationProvider.getName()
+ + "' on port '"
+ + getName()
+ + "' has all authentication mechanisms disabled.");
+ }
+ if (hasNonTLSTransport(transports) && authenticationProvider.getSecureOnlyMechanisms() != null)
+ {
+ availableMechanisms.removeAll(authenticationProvider.getSecureOnlyMechanisms());
+ if(availableMechanisms.isEmpty())
+ {
+ throw new IllegalConfigurationException("The port '"
+ + getName()
+ + "' allows for non TLS connections, but all authentication "
+ + "mechanisms of the authentication provider '"
+ + authenticationProvider.getName()
+ + "' are disabled on non-secure connections.");
+ }
+ }
}
- protected final boolean isUsingTLSTransport(final Collection<Transport> transports)
+ @Override
+ public AuthenticationProvider getAuthenticationProvider()
{
- return hasTransportOfType(transports, true);
+ SystemConfig<?> systemConfig = getAncestor(SystemConfig.class);
+ if(systemConfig.isManagementMode())
+ {
+ return _container.getManagementModeAuthenticationProvider();
+ }
+ return _authenticationProvider;
+ }
+
+
+ private boolean isUsingTLSTransport()
+ {
+ return isUsingTLSTransport(getTransports());
}
- protected final boolean hasNonTLSTransport()
+ private boolean isUsingTLSTransport(final Collection<Transport> transports)
{
- return hasNonTLSTransport(getTransports());
+ return hasTransportOfType(transports, true);
}
- protected final boolean hasNonTLSTransport(final Collection<Transport> transports)
+
+ private boolean hasNonTLSTransport(final Collection<Transport> transports)
{
return hasTransportOfType(transports, false);
}
@@ -215,6 +282,37 @@ public abstract class AbstractPort<X extends AbstractPort<X>> extends AbstractCo
throw new IllegalConfigurationException("Can't create port which requires SSL but has no key store configured.");
}
}
+
+ if(changedAttributes.contains(Port.AUTHENTICATION_PROVIDER) || changedAttributes.contains(Port.TRANSPORTS))
+ {
+ validateAuthenticationMechanisms(updated.getAuthenticationProvider(), updated.getTransports());
+ }
+
+ boolean requiresCertificate = updated.getNeedClientAuth() || updated.getWantClientAuth();
+
+ if (usesSsl)
+ {
+ if ((updated.getTrustStores() == null || updated.getTrustStores().isEmpty() ) && requiresCertificate)
+ {
+ throw new IllegalConfigurationException("Can't create port which requests SSL client certificates but has no trust store configured.");
+ }
+ }
+ else
+ {
+ if (requiresCertificate)
+ {
+ throw new IllegalConfigurationException("Can't create port which requests SSL client certificates but doesn't use SSL transport.");
+ }
+ }
+
+
+ if(requiresCertificate && updated.getClientCertRecorder() != null)
+ {
+ if(!(updated.getClientCertRecorder() instanceof ManagedPeerCertificateTrustStore))
+ {
+ throw new IllegalConfigurationException("Only trust stores of type " + ManagedPeerCertificateTrustStore.TYPE_NAME + " may be used as the client certificate recorder");
+ }
+ }
}
@Override
@@ -351,6 +449,31 @@ public abstract class AbstractPort<X extends AbstractPort<X>> extends AbstractCo
}
@Override
+ public boolean getNeedClientAuth()
+ {
+ return _needClientAuth;
+ }
+
+ @Override
+ public TrustStore<?> getClientCertRecorder()
+ {
+ return _clientCertRecorder;
+ }
+
+ @Override
+ public boolean getWantClientAuth()
+ {
+ return _wantClientAuth;
+ }
+
+ @Override
+ public SubjectCreator getSubjectCreator(final boolean secure)
+ {
+ Collection children = _container.getChildren(GroupProvider.class);
+ return new SubjectCreator(getAuthenticationProvider(), children);
+ }
+
+ @Override
protected void logOperation(final String operation)
{
_eventLogger.message(PortMessages.OPERATION(operation));
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java b/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java
deleted file mode 100644
index 7938a74..0000000
--- a/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.server.model.port;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.qpid.server.configuration.IllegalConfigurationException;
-import org.apache.qpid.server.model.AuthenticationProvider;
-import org.apache.qpid.server.model.ConfiguredObject;
-import org.apache.qpid.server.model.Container;
-import org.apache.qpid.server.model.ManagedAttributeField;
-import org.apache.qpid.server.model.Port;
-import org.apache.qpid.server.model.SystemConfig;
-import org.apache.qpid.server.model.Transport;
-
-abstract public class AbstractPortWithAuthProvider<X extends AbstractPortWithAuthProvider<X>> extends AbstractPort<X> implements PortWithAuthProvider<X>
-{
- private final Container<?> _container;
- @ManagedAttributeField
- private AuthenticationProvider _authenticationProvider;
-
- public AbstractPortWithAuthProvider(final Map<String, Object> attributes,
- final Container<?> container)
- {
- super(attributes, container);
- _container = container;
- }
-
- public AuthenticationProvider getAuthenticationProvider()
- {
- SystemConfig<?> systemConfig = getAncestor(SystemConfig.class);
- if(systemConfig.isManagementMode())
- {
- return _container.getManagementModeAuthenticationProvider();
- }
- return _authenticationProvider;
- }
-
- @Override
- public void onValidate()
- {
- super.onValidate();
-
- AuthenticationProvider<?> authenticationProvider = getAuthenticationProvider();
- final Set<Transport> transports = getTransports();
- validateAuthenticationMechanisms(authenticationProvider, transports);
-
- }
-
- private void validateAuthenticationMechanisms(final AuthenticationProvider<?> authenticationProvider,
- final Set<Transport> transports)
- {
- List<String> availableMechanisms = new ArrayList<>(authenticationProvider.getMechanisms());
- if(authenticationProvider.getDisabledMechanisms() != null)
- {
- availableMechanisms.removeAll(authenticationProvider.getDisabledMechanisms());
- }
- if (availableMechanisms.isEmpty())
- {
- throw new IllegalConfigurationException("The authentication provider '"
- + authenticationProvider.getName()
- + "' on port '"
- + getName()
- + "' has all authentication mechanisms disabled.");
- }
- if (hasNonTLSTransport(transports) && authenticationProvider.getSecureOnlyMechanisms() != null)
- {
- availableMechanisms.removeAll(authenticationProvider.getSecureOnlyMechanisms());
- if(availableMechanisms.isEmpty())
- {
- throw new IllegalConfigurationException("The port '"
- + getName()
- + "' allows for non TLS connections, but all authentication "
- + "mechanisms of the authentication provider '"
- + authenticationProvider.getName()
- + "' are disabled on non-secure connections.");
- }
- }
- }
-
- @Override
- protected void validateChange(final ConfiguredObject<?> proxyForValidation, final Set<String> changedAttributes)
- {
- super.validateChange(proxyForValidation, changedAttributes);
- if(changedAttributes.contains(Port.AUTHENTICATION_PROVIDER) || changedAttributes.contains(Port.TRANSPORTS))
- {
- PortWithAuthProvider<?> port = (PortWithAuthProvider<?>) proxyForValidation;
- validateAuthenticationMechanisms(port.getAuthenticationProvider(), port.getTransports());
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java b/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java
index 5bc46d9..44756cc 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java
@@ -25,21 +25,19 @@ import java.util.Set;
import javax.net.ssl.SSLContext;
-import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.DerivedAttribute;
import org.apache.qpid.server.model.ManagedAttribute;
import org.apache.qpid.server.model.ManagedContextDefault;
import org.apache.qpid.server.model.ManagedObject;
import org.apache.qpid.server.model.ManagedStatistic;
-import org.apache.qpid.server.model.NamedAddressSpace;
+import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.Protocol;
import org.apache.qpid.server.model.StatisticType;
import org.apache.qpid.server.model.StatisticUnit;
import org.apache.qpid.server.model.Transport;
-import org.apache.qpid.server.model.TrustStore;
@ManagedObject( category = false, type = "AMQP", amqpName = "org.apache.qpid.AmqpPort")
-public interface AmqpPort<X extends AmqpPort<X>> extends ClientAuthCapablePort<X>
+public interface AmqpPort<X extends AmqpPort<X>> extends Port<X>
{
String DEFAULT_AMQP_TCP_NO_DELAY = "true";
@@ -112,23 +110,20 @@ public interface AmqpPort<X extends AmqpPort<X>> extends ClientAuthCapablePort<X
@ManagedAttribute( defaultValue = "${" + PORT_AMQP_NUMBER_OF_SELECTORS + "}")
int getNumberOfSelectors();
+ @Override
@ManagedAttribute( defaultValue = DEFAULT_AMQP_NEED_CLIENT_AUTH )
boolean getNeedClientAuth();
+ @Override
@ManagedAttribute( defaultValue = DEFAULT_AMQP_WANT_CLIENT_AUTH )
boolean getWantClientAuth();
- @ManagedAttribute
- TrustStore<?> getClientCertRecorder();
-
- @ManagedAttribute( mandatory = true )
- AuthenticationProvider getAuthenticationProvider();
-
-
+ @Override
@ManagedAttribute( defaultValue = "TCP",
validValues = {"org.apache.qpid.server.model.port.AmqpPortImpl#getAllAvailableTransportCombinations()"})
Set<Transport> getTransports();
+ @Override
@ManagedAttribute( defaultValue = "${" + DEFAULT_AMQP_PROTOCOLS + "}", validValues = {"org.apache.qpid.server.model.port.AmqpPortImpl#getAllAvailableProtocolCombinations()"} )
Set<Protocol> getProtocols();
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java b/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java
index 902cd95..d928b27 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java
@@ -22,9 +22,7 @@ package org.apache.qpid.server.model.port;
import java.io.IOException;
import java.io.StringWriter;
import java.net.SocketAddress;
-import java.security.GeneralSecurityException;
import java.security.PrivilegedAction;
-import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
@@ -34,10 +32,7 @@ import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;
-import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
import javax.security.auth.Subject;
import com.fasterxml.jackson.databind.ObjectMapper;
@@ -70,12 +65,11 @@ import org.apache.qpid.server.plugin.TransportProviderFactory;
import org.apache.qpid.server.transport.AcceptingTransport;
import org.apache.qpid.server.transport.PortBindFailureException;
import org.apache.qpid.server.transport.TransportProvider;
+import org.apache.qpid.server.transport.network.security.ssl.SSLUtil;
import org.apache.qpid.server.util.PortUtil;
import org.apache.qpid.server.util.ServerScopedRuntimeException;
-import org.apache.qpid.server.transport.network.security.ssl.QpidMultipleTrustManager;
-import org.apache.qpid.server.transport.network.security.ssl.SSLUtil;
-public class AmqpPortImpl extends AbstractClientAuthCapablePortWithAuthProvider<AmqpPortImpl> implements AmqpPort<AmqpPortImpl>
+public class AmqpPortImpl extends AbstractPort<AmqpPortImpl> implements AmqpPort<AmqpPortImpl>
{
private static final Logger LOGGER = LoggerFactory.getLogger(AmqpPortImpl.class);
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/port/ClientAuthCapablePort.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/port/ClientAuthCapablePort.java b/broker-core/src/main/java/org/apache/qpid/server/model/port/ClientAuthCapablePort.java
deleted file mode 100644
index 1c97e23..0000000
--- a/broker-core/src/main/java/org/apache/qpid/server/model/port/ClientAuthCapablePort.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.qpid.server.model.port;
-
-import org.apache.qpid.server.model.TrustStore;
-
-
-public interface ClientAuthCapablePort<X extends PortWithAuthProvider<X>> extends PortWithAuthProvider<X>
-{
- boolean getNeedClientAuth();
-
- boolean getWantClientAuth();
-
- TrustStore<?> getClientCertRecorder();
-}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java b/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java
index 6b3783b..3cc9158 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java
@@ -22,17 +22,16 @@ package org.apache.qpid.server.model.port;
import java.util.Set;
-import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.DerivedAttribute;
import org.apache.qpid.server.model.ManagedAttribute;
import org.apache.qpid.server.model.ManagedContextDefault;
import org.apache.qpid.server.model.ManagedObject;
+import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.Protocol;
import org.apache.qpid.server.model.Transport;
-import org.apache.qpid.server.model.TrustStore;
@ManagedObject( category = false, type = "HTTP", amqpName = "org.apache.qpid.HttpPort")
-public interface HttpPort<X extends HttpPort<X>> extends ClientAuthCapablePort<X>
+public interface HttpPort<X extends HttpPort<X>> extends Port<X>
{
String DEFAULT_HTTP_NEED_CLIENT_AUTH = "false";
String DEFAULT_HTTP_WANT_CLIENT_AUTH = "false";
@@ -61,23 +60,20 @@ public interface HttpPort<X extends HttpPort<X>> extends ClientAuthCapablePort<X
@ManagedAttribute(defaultValue = "*")
String getBindingAddress();
+ @Override
@ManagedAttribute( defaultValue = DEFAULT_HTTP_NEED_CLIENT_AUTH)
boolean getNeedClientAuth();
+ @Override
@ManagedAttribute( defaultValue = DEFAULT_HTTP_WANT_CLIENT_AUTH)
boolean getWantClientAuth();
- @ManagedAttribute
- TrustStore<?> getClientCertRecorder();
-
- @ManagedAttribute( mandatory = true )
- AuthenticationProvider getAuthenticationProvider();
-
-
+ @Override
@ManagedAttribute( defaultValue = "TCP",
validValues = {"[ \"TCP\" ]", "[ \"SSL\" ]", "[ \"TCP\", \"SSL\" ]"})
Set<Transport> getTransports();
+ @Override
@ManagedAttribute( defaultValue = "HTTP", validValues = { "[ \"HTTP\"]"} )
Set<Protocol> getProtocols();
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java b/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java
index 7a56efa..88296df 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java
@@ -31,7 +31,7 @@ import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
import org.apache.qpid.server.model.State;
import org.apache.qpid.server.util.PortUtil;
-public class HttpPortImpl extends AbstractClientAuthCapablePortWithAuthProvider<HttpPortImpl> implements HttpPort<HttpPortImpl>
+public class HttpPortImpl extends AbstractPort<HttpPortImpl> implements HttpPort<HttpPortImpl>
{
private PortManager _portManager;
@@ -60,6 +60,7 @@ public class HttpPortImpl extends AbstractClientAuthCapablePortWithAuthProvider<
super(attributes, container);
}
+ @Override
public void setPortManager(PortManager manager)
{
_portManager = manager;
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/model/port/PortWithAuthProvider.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/model/port/PortWithAuthProvider.java b/broker-core/src/main/java/org/apache/qpid/server/model/port/PortWithAuthProvider.java
deleted file mode 100644
index b6854c5..0000000
--- a/broker-core/src/main/java/org/apache/qpid/server/model/port/PortWithAuthProvider.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.server.model.port;
-
-import org.apache.qpid.server.model.AuthenticationProvider;
-import org.apache.qpid.server.model.Port;
-
-public interface PortWithAuthProvider<X extends PortWithAuthProvider<X>> extends Port<X>
-{
- AuthenticationProvider getAuthenticationProvider();
-}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/security/SubjectCreator.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/security/SubjectCreator.java b/broker-core/src/main/java/org/apache/qpid/server/security/SubjectCreator.java
index 9f6af23..4b54858 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/security/SubjectCreator.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/security/SubjectCreator.java
@@ -23,16 +23,13 @@ package org.apache.qpid.server.security;
import static org.apache.qpid.server.logging.messages.AuthenticationProviderMessages.AUTHENTICATION_FAILED;
import java.security.Principal;
-import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
-import java.util.List;
import java.util.Set;
import javax.security.auth.Subject;
-import org.apache.qpid.server.logging.LogMessage;
import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.GroupProvider;
import org.apache.qpid.server.security.auth.AuthenticationResult;
@@ -55,17 +52,14 @@ import org.apache.qpid.server.security.auth.sasl.SaslSettings;
public class SubjectCreator
{
private static final String UNKNOWN_AUTHENTICATION_ID = "<<UNKNOWN>>";
- private final boolean _secure;
private AuthenticationProvider<?> _authenticationProvider;
private Collection<GroupProvider<?>> _groupProviders;
public SubjectCreator(AuthenticationProvider<?> authenticationProvider,
- Collection<GroupProvider<?>> groupProviders,
- final boolean secure)
+ Collection<GroupProvider<?>> groupProviders)
{
_authenticationProvider = authenticationProvider;
_groupProviders = groupProviders;
- _secure = secure;
}
public AuthenticationProvider<?> getAuthenticationProvider()
@@ -73,35 +67,8 @@ public class SubjectCreator
return _authenticationProvider;
}
- /**
- * Gets the known SASL mechanisms
- *
- * @return SASL mechanism names, space separated.
- */
- public List<String> getMechanisms()
- {
- List<String> mechanisms = _authenticationProvider.getMechanisms();
- Set<String> filter = _authenticationProvider.getDisabledMechanisms() != null
- ? new HashSet<>(_authenticationProvider.getDisabledMechanisms())
- : new HashSet<String>() ;
- if(!_secure)
- {
- filter.addAll(_authenticationProvider.getSecureOnlyMechanisms());
- }
- if (!filter.isEmpty())
- {
- mechanisms = new ArrayList<>(mechanisms);
- mechanisms.removeAll(filter);
- }
- return mechanisms;
- }
-
public SaslNegotiator createSaslNegotiator(String mechanism, final SaslSettings saslSettings)
{
- if(!getMechanisms().contains(mechanism))
- {
- return null;
- }
return _authenticationProvider.createSaslNegotiator(mechanism, saslSettings);
}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractAuthenticationManager.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractAuthenticationManager.java b/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractAuthenticationManager.java
index 527897c..d4bbe76 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractAuthenticationManager.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractAuthenticationManager.java
@@ -22,8 +22,10 @@ package org.apache.qpid.server.security.auth.manager;
import java.util.ArrayList;
import java.util.Collection;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import com.google.common.util.concurrent.FutureCallback;
import com.google.common.util.concurrent.Futures;
@@ -37,15 +39,12 @@ import org.apache.qpid.server.logging.messages.AuthenticationProviderMessages;
import org.apache.qpid.server.model.AbstractConfiguredObject;
import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.Container;
-import org.apache.qpid.server.model.GroupProvider;
import org.apache.qpid.server.model.IntegrityViolationException;
import org.apache.qpid.server.model.ManagedAttributeField;
import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.State;
import org.apache.qpid.server.model.StateTransition;
import org.apache.qpid.server.model.SystemConfig;
-import org.apache.qpid.server.model.port.AbstractPortWithAuthProvider;
-import org.apache.qpid.server.security.SubjectCreator;
public abstract class AbstractAuthenticationManager<T extends AbstractAuthenticationManager<T>>
extends AbstractConfiguredObject<T>
@@ -83,12 +82,25 @@ public abstract class AbstractAuthenticationManager<T extends AbstractAuthentica
}
@Override
- public SubjectCreator getSubjectCreator(final boolean secure)
+ public List<String> getAvailableMechanisms(boolean secure)
{
- Collection children = _container.getChildren(GroupProvider.class);
- return new SubjectCreator(this, children, secure);
+ List<String> mechanisms = getMechanisms();
+ Set<String> filter = getDisabledMechanisms() != null
+ ? new HashSet<>(getDisabledMechanisms())
+ : new HashSet<>() ;
+ if(!secure)
+ {
+ filter.addAll(getSecureOnlyMechanisms());
+ }
+ if (!filter.isEmpty())
+ {
+ mechanisms = new ArrayList<>(mechanisms);
+ mechanisms.removeAll(filter);
+ }
+ return mechanisms;
}
+
@StateTransition( currentState = State.UNINITIALIZED, desiredState = State.QUIESCED )
protected ListenableFuture<Void> startQuiesced()
{
@@ -128,8 +140,7 @@ public abstract class AbstractAuthenticationManager<T extends AbstractAuthentica
Collection<Port> ports = new ArrayList<>(_container.getChildren(Port.class));
for (Port<?> port : ports)
{
- if(port instanceof AbstractPortWithAuthProvider
- && ((AbstractPortWithAuthProvider<?>)port).getAuthenticationProvider() == this)
+ if(port.getAuthenticationProvider() == this)
{
throw new IntegrityViolationException("Authentication provider '" + providerName + "' is set on port " + port.getName());
}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProviderImpl.java
----------------------------------------------------------------------
diff --git a/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProviderImpl.java b/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProviderImpl.java
index 6052d96..49aa020 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProviderImpl.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProviderImpl.java
@@ -220,7 +220,14 @@ public class OAuth2AuthenticationProviderImpl
@Override
public SaslNegotiator createSaslNegotiator(final String mechanism, final SaslSettings saslSettings)
{
- return new OAuth2Negotiator(this);
+ if(OAuth2Negotiator.MECHANISM.equals(mechanism))
+ {
+ return new OAuth2Negotiator(this);
+ }
+ else
+ {
+ return null;
+ }
}
@Override
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/test/java/org/apache/qpid/server/security/SubjectCreatorTest.java
----------------------------------------------------------------------
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/SubjectCreatorTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/SubjectCreatorTest.java
index 174dc0c..3be7ad9 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/SubjectCreatorTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/SubjectCreatorTest.java
@@ -69,8 +69,8 @@ public class SubjectCreatorTest extends QpidTestCase
when(_groupManager1.getGroupPrincipalsForUser(USERNAME_PRINCIPAL)).thenReturn(Collections.singleton(_group1));
when(_groupManager2.getGroupPrincipalsForUser(USERNAME_PRINCIPAL)).thenReturn(Collections.singleton(_group2));
- _subjectCreator = new SubjectCreator(_authenticationProvider, new HashSet<GroupProvider<?>>(Arrays.asList(_groupManager1, _groupManager2)),
- false);
+ _subjectCreator = new SubjectCreator(_authenticationProvider, new HashSet<GroupProvider<?>>(Arrays.asList(_groupManager1, _groupManager2))
+ );
_eventLogger = mock(EventLogger.class);
when(_authenticationProvider.getEventLogger()).thenReturn(_eventLogger);
_authenticationResult = new AuthenticationResult(USERNAME_PRINCIPAL);
@@ -144,38 +144,5 @@ public class SubjectCreatorTest extends QpidTestCase
assertEquals(expectedGroupPrincipals, actualGroupPrincipals);
}
- public void testDisabledMechanisms()
- {
- AuthenticationProvider<?> authenticationProvider = mock(AuthenticationProvider.class);
- SubjectCreator subjectCreator = new SubjectCreator(authenticationProvider,
- new HashSet<GroupProvider<?>>(Arrays.asList(_groupManager1,
- _groupManager2)),
- false);
- when(authenticationProvider.getMechanisms()).thenReturn(Arrays.asList("PLAIN", "SCRAM-SHA-1"));
- assertTrue("Should contain SCRAM-SHA-1 mechanism.", subjectCreator.getMechanisms().contains("SCRAM-SHA-1"));
- assertTrue("Should contain PLAIN mechanism.", subjectCreator.getMechanisms().contains("PLAIN"));
- when(authenticationProvider.getDisabledMechanisms()).thenReturn(Arrays.asList("SCRAM-SHA-1"));
- assertFalse("SCRAM-SHA-1 should have been filtered out.", subjectCreator.getMechanisms().contains("SCRAM-SHA-1"));
- assertTrue("PLAIN should not have been filtered out.", subjectCreator.getMechanisms().contains("PLAIN"));
- }
- public void testSecureOnlyMechanisms()
- {
- AuthenticationProvider<?> authenticationProvider = mock(AuthenticationProvider.class);
- SubjectCreator subjectCreator;
- subjectCreator = new SubjectCreator(authenticationProvider,
- new HashSet<GroupProvider<?>>(Arrays.asList(_groupManager1, _groupManager2)),
- false);
- when(authenticationProvider.getMechanisms()).thenReturn(Arrays.asList("PLAIN", "SCRAM-SHA-1"));
- assertTrue("Should contain SCRAM-SHA-1 mechanism", subjectCreator.getMechanisms().contains("SCRAM-SHA-1"));
- assertTrue("Should contain PLAIN mechanism", subjectCreator.getMechanisms().contains("PLAIN"));
- when(authenticationProvider.getSecureOnlyMechanisms()).thenReturn(Arrays.asList("PLAIN"));
- assertTrue("SCRAM-SHA-1 should not have been filtered out.", subjectCreator.getMechanisms().contains("SCRAM-SHA-1"));
- assertFalse("PLAIN should have been filtered out on insecure connection.", subjectCreator.getMechanisms().contains("PLAIN"));
-
- subjectCreator = new SubjectCreator(authenticationProvider,
- new HashSet<GroupProvider<?>>(Arrays.asList(_groupManager1, _groupManager2)),
- true);
- assertTrue("SCRAM-SHA-1 should not have been filtered out.", subjectCreator.getMechanisms().contains("SCRAM-SHA-1"));
- assertTrue("PLAIN should not have been filtered out on secure connection.", subjectCreator.getMechanisms().contains("PLAIN"));}
}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/ManagedAuthenticationManagerTestBase.java
----------------------------------------------------------------------
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/ManagedAuthenticationManagerTestBase.java b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/ManagedAuthenticationManagerTestBase.java
index 8ca5366..302ab56 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/ManagedAuthenticationManagerTestBase.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/ManagedAuthenticationManagerTestBase.java
@@ -35,10 +35,9 @@ import org.apache.qpid.server.configuration.updater.CurrentThreadTaskExecutor;
import org.apache.qpid.server.configuration.updater.TaskExecutor;
import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.model.BrokerTestHelper;
import org.apache.qpid.server.model.User;
-import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticationResult;
-import org.apache.qpid.server.model.BrokerTestHelper;
import org.apache.qpid.server.security.auth.sasl.SaslNegotiator;
import org.apache.qpid.server.security.auth.sasl.SaslSettings;
import org.apache.qpid.test.utils.QpidTestCase;
@@ -92,10 +91,8 @@ abstract class ManagedAuthenticationManagerTestBase extends QpidTestCase
public void testMechanisms()
{
- SubjectCreator insecureCreator = _authManager.getSubjectCreator(false);
- assertFalse("PLAIN authentication should not be available on an insecure connection", insecureCreator.getMechanisms().contains("PLAIN"));
- SubjectCreator secureCreator = _authManager.getSubjectCreator(true);
- assertTrue("PLAIN authentication should be available on a secure connection", secureCreator.getMechanisms().contains("PLAIN"));
+ assertFalse("PLAIN authentication should not be available on an insecure connection", _authManager.getAvailableMechanisms(false).contains("PLAIN"));
+ assertTrue("PLAIN authentication should be available on a secure connection", _authManager.getAvailableMechanisms(true).contains("PLAIN"));
}
public void testAddChildAndThenDelete() throws ExecutionException, InterruptedException
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/AMQPConnection_0_10Impl.java
----------------------------------------------------------------------
diff --git a/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/AMQPConnection_0_10Impl.java b/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/AMQPConnection_0_10Impl.java
index 594280f..127b0a0 100755
--- a/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/AMQPConnection_0_10Impl.java
+++ b/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/AMQPConnection_0_10Impl.java
@@ -40,18 +40,17 @@ import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.Protocol;
import org.apache.qpid.server.model.Transport;
import org.apache.qpid.server.model.port.AmqpPort;
-import org.apache.qpid.server.security.SubjectCreator;
+import org.apache.qpid.server.protocol.v0_10.transport.ConnectionCloseCode;
import org.apache.qpid.server.session.AMQPSession;
import org.apache.qpid.server.store.StoreException;
import org.apache.qpid.server.transport.AbstractAMQPConnection;
import org.apache.qpid.server.transport.AggregateTicker;
+import org.apache.qpid.server.transport.ByteBufferSender;
import org.apache.qpid.server.transport.ProtocolEngine;
import org.apache.qpid.server.transport.ServerNetworkConnection;
import org.apache.qpid.server.util.Action;
import org.apache.qpid.server.util.ConnectionScopedRuntimeException;
import org.apache.qpid.server.util.ServerScopedRuntimeException;
-import org.apache.qpid.server.transport.ByteBufferSender;
-import org.apache.qpid.server.protocol.v0_10.transport.ConnectionCloseCode;
public class AMQPConnection_0_10Impl extends AbstractAMQPConnection<AMQPConnection_0_10Impl, ServerConnection>
@@ -84,8 +83,7 @@ public class AMQPConnection_0_10Impl extends AbstractAMQPConnection<AMQPConnecti
_connection = new ServerConnection(id, broker, port, transport, this);
- SubjectCreator subjectCreator = port.getAuthenticationProvider().getSubjectCreator(transport.isSecure());
- ServerConnectionDelegate connDelegate = new ServerConnectionDelegate(broker, subjectCreator);
+ ServerConnectionDelegate connDelegate = new ServerConnectionDelegate(port, transport.isSecure());
_connection.setConnectionDelegate(connDelegate);
_connection.setRemoteAddress(network.getRemoteAddress());
@@ -93,17 +91,13 @@ public class AMQPConnection_0_10Impl extends AbstractAMQPConnection<AMQPConnecti
_inputHandler = new ServerInputHandler(new ServerAssembler(_connection));
_connection.addFrameSizeObserver(_inputHandler);
- AccessController.doPrivileged(new PrivilegedAction<Object>()
+ AccessController.doPrivileged((PrivilegedAction<Object>) () ->
{
- @Override
- public Object run()
- {
- _connection.setNetworkConnection(getNetwork());
- _disassembler = new ServerDisassembler(wrapSender(getNetwork().getSender()), Constant.MIN_MAX_FRAME_SIZE);
- _connection.setSender(_disassembler);
- _connection.addFrameSizeObserver(_disassembler);
- return null;
- }
+ _connection.setNetworkConnection(getNetwork());
+ _disassembler = new ServerDisassembler(wrapSender(getNetwork().getSender()), Constant.MIN_MAX_FRAME_SIZE);
+ _connection.setSender(_disassembler);
+ _connection.addFrameSizeObserver(_disassembler);
+ return null;
}, getAccessControllerContext());
}
@@ -139,36 +133,33 @@ public class AMQPConnection_0_10Impl extends AbstractAMQPConnection<AMQPConnecti
};
}
+ @Override
public void received(final QpidByteBuffer buf)
{
- AccessController.doPrivileged(new PrivilegedAction<Object>()
+ AccessController.doPrivileged((PrivilegedAction<Object>) () ->
{
- @Override
- public Object run()
+ updateLastReadTime();
+ try
+ {
+ _inputHandler.received(buf);
+ _connection.receivedComplete();
+ }
+ catch (IllegalArgumentException | IllegalStateException e)
{
- updateLastReadTime();
- try
+ throw new ConnectionScopedRuntimeException(e);
+ }
+ catch (StoreException e)
+ {
+ if (getAddressSpace().isActive())
{
- _inputHandler.received(buf);
- _connection.receivedComplete();
+ throw new ServerScopedRuntimeException(e);
}
- catch (IllegalArgumentException | IllegalStateException e)
+ else
{
throw new ConnectionScopedRuntimeException(e);
}
- catch (StoreException e)
- {
- if (getAddressSpace().isActive())
- {
- throw new ServerScopedRuntimeException(e);
- }
- else
- {
- throw new ConnectionScopedRuntimeException(e);
- }
- }
- return null;
}
+ return null;
}, getAccessControllerContext());
}
@@ -177,22 +168,20 @@ public class AMQPConnection_0_10Impl extends AbstractAMQPConnection<AMQPConnecti
{
}
+ @Override
public void writerIdle()
{
_connection.doHeartBeat();
}
+ @Override
public void readerIdle()
{
- AccessController.doPrivileged(new PrivilegedAction<Object>()
+ AccessController.doPrivileged((PrivilegedAction<Object>) () ->
{
- @Override
- public Object run()
- {
- _connection.getEventLogger().message(ConnectionMessages.IDLE_CLOSE("Current connection state: " + _connection.getConnectionDelegate().getState(), true));
- getNetwork().close();
- return null;
- }
+ _connection.getEventLogger().message(ConnectionMessages.IDLE_CLOSE("Current connection state: " + _connection.getConnectionDelegate().getState(), true));
+ getNetwork().close();
+ return null;
}, getAccessControllerContext());
}
@@ -207,18 +196,14 @@ public class AMQPConnection_0_10Impl extends AbstractAMQPConnection<AMQPConnecti
{
try
{
- AccessController.doPrivileged(new PrivilegedAction<Void>()
+ AccessController.doPrivileged((PrivilegedAction<Void>) () ->
{
- @Override
- public Void run()
+ _inputHandler.closed();
+ if(_disassembler != null)
{
- _inputHandler.closed();
- if(_disassembler != null)
- {
- _disassembler.closed();
- }
- return null;
+ _disassembler.closed();
}
+ return null;
}, getAccessControllerContext());
}
finally
@@ -281,16 +266,19 @@ public class AMQPConnection_0_10Impl extends AbstractAMQPConnection<AMQPConnecti
notifyWork();
}
+ @Override
public void clearWork()
{
_stateChanged.set(false);
}
+ @Override
public void setWorkListener(final Action<ProtocolEngine> listener)
{
_workListener.set(listener);
}
+ @Override
public boolean hasSessionWithName(final byte[] name)
{
return _connection.hasSessionWithName(name);
@@ -319,16 +307,19 @@ public class AMQPConnection_0_10Impl extends AbstractAMQPConnection<AMQPConnecti
_connection.addAsyncTask(action);
}
+ @Override
public void block()
{
_connection.block();
}
+ @Override
public String getRemoteContainerName()
{
return getClientId();
}
+ @Override
public Collection<? extends Session_0_10> getSessionModels()
{
final Collection<org.apache.qpid.server.model.Session> sessions =
@@ -337,11 +328,13 @@ public class AMQPConnection_0_10Impl extends AbstractAMQPConnection<AMQPConnecti
return session_0_10s;
}
+ @Override
public void unblock()
{
_connection.unblock();
}
+ @Override
public long getSessionCountLimit()
{
return _connection.getSessionCountLimit();
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnectionDelegate.java
----------------------------------------------------------------------
diff --git a/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnectionDelegate.java b/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnectionDelegate.java
index 3823e91..566131d 100644
--- a/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnectionDelegate.java
+++ b/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnectionDelegate.java
@@ -37,17 +37,18 @@ import org.slf4j.LoggerFactory;
import org.apache.qpid.server.common.ServerPropertyNames;
import org.apache.qpid.server.configuration.CommonProperties;
-import org.apache.qpid.server.properties.ConnectionStartProperties;
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.NamedAddressSpace;
+import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.port.AmqpPort;
+import org.apache.qpid.server.properties.ConnectionStartProperties;
import org.apache.qpid.server.protocol.v0_10.transport.*;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus;
import org.apache.qpid.server.security.auth.SubjectAuthenticationResult;
import org.apache.qpid.server.security.auth.sasl.SaslNegotiator;
import org.apache.qpid.server.security.auth.sasl.SaslSettings;
-import org.apache.qpid.server.transport.*;
+import org.apache.qpid.server.transport.AMQPConnection;
import org.apache.qpid.server.util.ConnectionScopedRuntimeException;
import org.apache.qpid.server.virtualhost.VirtualHostUnavailableException;
@@ -81,24 +82,15 @@ public class ServerConnectionDelegate extends MethodDelegate<ServerConnection> i
private volatile SubjectAuthenticationResult _successfulAuthenticationResult;
- public ServerConnectionDelegate(Broker<?> broker, SubjectCreator subjectCreator)
- {
- this(createConnectionProperties(broker), Collections.singletonList((Object)"en_US"), broker, subjectCreator);
- }
-
- private ServerConnectionDelegate(Map<String, Object> properties,
- List<Object> locales,
- Broker<?> broker,
- SubjectCreator subjectCreator)
+ public ServerConnectionDelegate(Port<?> port, boolean secure)
{
- _clientProperties = properties;
- _mechanisms = (List) subjectCreator.getMechanisms();
- _locales = locales;
+ _broker = (Broker<?>) port.getParent();
+ _clientProperties = createConnectionProperties((Broker<?>) port.getParent());
+ _mechanisms = new ArrayList<>(port.getAuthenticationProvider().getAvailableMechanisms(secure));
- _broker = broker;
- _maxNoOfChannels = broker.getConnection_sessionCountLimit();
- _subjectCreator = subjectCreator;
- _maximumFrameSize = Math.min(0xffff, broker.getNetworkBufferSize());
+ _maxNoOfChannels = _broker.getConnection_sessionCountLimit();
+ _subjectCreator = port.getSubjectCreator(secure);
+ _maximumFrameSize = Math.min(0xffff, _broker.getNetworkBufferSize());
}
@Override
@@ -173,7 +165,7 @@ public class ServerConnectionDelegate extends MethodDelegate<ServerConnection> i
{
assertState(serverConnection, ConnectionState.INIT);
serverConnection.send(new ProtocolHeader(1, 0, 10));
- serverConnection.sendConnectionStart(_clientProperties, _mechanisms, _locales);
+ serverConnection.sendConnectionStart(_clientProperties, _mechanisms, Collections.singletonList((Object)"en_US"));
_state = ConnectionState.AWAIT_START_OK;
}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQPConnection_0_8Impl.java
----------------------------------------------------------------------
diff --git a/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQPConnection_0_8Impl.java b/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQPConnection_0_8Impl.java
index 2093f91..8bf1183 100644
--- a/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQPConnection_0_8Impl.java
+++ b/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQPConnection_0_8Impl.java
@@ -223,16 +223,19 @@ public class AMQPConnection_0_8Impl
return broker.getNetworkBufferSize() - AMQFrame.getFrameOverhead();
}
+ @Override
public boolean isClosing()
{
return _orderlyClose.get();
}
+ @Override
public ClientDeliveryMethod createDeliveryMethod(int channelId)
{
return new WriteDeliverMethod(channelId);
}
+ @Override
public void received(final QpidByteBuffer msg)
{
AccessController.doPrivileged(new PrivilegedAction<Void>()
@@ -314,8 +317,7 @@ public class AMQPConnection_0_8Impl
setProtocolVersion(pv);
StringBuilder mechanismBuilder = new StringBuilder();
- SubjectCreator subjectCreator = getPort().getAuthenticationProvider().getSubjectCreator(getTransport().isSecure());
- for(String mechanismName : subjectCreator.getMechanisms())
+ for(String mechanismName : getPort().getAuthenticationProvider().getAvailableMechanisms(getTransport().isSecure()))
{
if(mechanismBuilder.length() != 0)
{
@@ -366,6 +368,7 @@ public class AMQPConnection_0_8Impl
}
}
+ @Override
public synchronized void writeFrame(AMQDataBlock frame)
{
if(_logger.isDebugEnabled())
@@ -397,6 +400,7 @@ public class AMQPConnection_0_8Impl
}
}
+ @Override
public boolean channelAwaitingClosure(int channelId)
{
return !_closingChannelsList.isEmpty() && _closingChannelsList.containsKey(channelId);
@@ -435,11 +439,13 @@ public class AMQPConnection_0_8Impl
}
+ @Override
public void closeChannel(AMQChannel channel)
{
closeChannel(channel, 0, null, false);
}
+ @Override
public void closeChannelAndWriteFrame(AMQChannel channel, int cause, String message)
{
writeFrame(new AMQFrame(channel.getChannelId(),
@@ -478,6 +484,7 @@ public class AMQPConnection_0_8Impl
}
+ @Override
public void closeChannelOk(int channelId)
{
_closingChannelsList.remove(channelId);
@@ -535,6 +542,7 @@ public class AMQPConnection_0_8Impl
}
}
+ @Override
public void sendConnectionClose(int errorCode,
String message, int channelId)
{
@@ -574,6 +582,7 @@ public class AMQPConnection_0_8Impl
getNetwork().close();
}
+ @Override
public boolean isSendQueueDeleteOkRegardless()
{
return _sendQueueDeleteOkRegardless;
@@ -639,6 +648,7 @@ public class AMQPConnection_0_8Impl
return _protocolVersion.getMajorVersion();
}
+ @Override
public ProtocolVersion getProtocolVersion()
{
return _protocolVersion;
@@ -654,16 +664,19 @@ public class AMQPConnection_0_8Impl
return getMethodRegistry();
}
+ @Override
public ProtocolOutputConverter getProtocolOutputConverter()
{
return _protocolOutputConverter;
}
+ @Override
public MethodRegistry getMethodRegistry()
{
return _methodRegistry;
}
+ @Override
public void closed()
{
try
@@ -708,6 +721,7 @@ public class AMQPConnection_0_8Impl
{
}
+ @Override
public void readerIdle()
{
AccessController.doPrivileged(new PrivilegedAction<Object>()
@@ -722,11 +736,13 @@ public class AMQPConnection_0_8Impl
}, getAccessControllerContext());
}
+ @Override
public synchronized void writerIdle()
{
writeFrame(HeartbeatBody.FRAME);
}
+ @Override
public long getSessionCountLimit()
{
return getMaximumNumberOfChannels();
@@ -737,6 +753,7 @@ public class AMQPConnection_0_8Impl
return String.valueOf(getNetwork().getRemoteAddress());
}
+ @Override
public void closeSessionAsync(final AMQPSession<?,?> session, final CloseReason reason, final String message)
{
final int cause;
@@ -826,6 +843,7 @@ public class AMQPConnection_0_8Impl
}
}
+ @Override
public void unblock()
{
synchronized (_channelAddRemoveLock)
@@ -854,6 +872,7 @@ public class AMQPConnection_0_8Impl
}
+ @Override
public void setDeferFlush(boolean deferFlush)
{
_deferFlush = deferFlush;
@@ -1214,6 +1233,7 @@ public class AMQPConnection_0_8Impl
}
+ @Override
public int getBinaryDataLimit()
{
return _binaryDataLimit;
@@ -1244,11 +1264,13 @@ public class AMQPConnection_0_8Impl
}
+ @Override
public Object getReference()
{
return _reference;
}
+ @Override
public boolean isCloseWhenNoRoute()
{
return _closeWhenNoRoute;
@@ -1261,7 +1283,7 @@ public class AMQPConnection_0_8Impl
private SubjectCreator getSubjectCreator()
{
- return getPort().getAuthenticationProvider().getSubjectCreator(getTransport().isSecure());
+ return getPort().getSubjectCreator(getTransport().isSecure());
}
@Override
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/9baae38e/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AMQPConnection_0_8Test.java
----------------------------------------------------------------------
diff --git a/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AMQPConnection_0_8Test.java b/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AMQPConnection_0_8Test.java
index 3cd2d1b..d2c4035 100644
--- a/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AMQPConnection_0_8Test.java
+++ b/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AMQPConnection_0_8Test.java
@@ -21,6 +21,7 @@
package org.apache.qpid.server.protocol.v0_8;
import static org.mockito.Matchers.any;
+import static org.mockito.Matchers.anyBoolean;
import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@@ -81,6 +82,7 @@ public class AMQPConnection_0_8Test extends QpidTestCase
private AggregateTicker _ticker;
private ByteBufferSender _sender;
+ @Override
public void setUp() throws Exception
{
super.setUp();
@@ -129,7 +131,6 @@ public class AMQPConnection_0_8Test extends QpidTestCase
SubjectCreator subjectCreator = mock(SubjectCreator.class);
- when(subjectCreator.getMechanisms()).thenReturn(Collections.singletonList(SASL_MECH.toString()));
SaslNegotiator saslNegotiator = mock(SaslNegotiator.class);
when(subjectCreator.createSaslNegotiator(eq(SASL_MECH.toString()), any(SaslSettings.class))).thenReturn(saslNegotiator);
@@ -137,7 +138,7 @@ public class AMQPConnection_0_8Test extends QpidTestCase
new AuthenticationResult(new AuthenticatedPrincipal(new UsernamePrincipal("username", null))), new Subject()));
AuthenticationProvider authenticationProvider = mock(AuthenticationProvider.class);
- when(authenticationProvider.getSubjectCreator(false)).thenReturn(subjectCreator);
+ when(authenticationProvider.getAvailableMechanisms(anyBoolean())).thenReturn(Collections.singletonList(SASL_MECH.toString()));
_port = mock(AmqpPort.class);
when(_port.getParent()).thenReturn(_broker);
@@ -148,6 +149,7 @@ public class AMQPConnection_0_8Test extends QpidTestCase
when(_port.getAddressSpace(VIRTUAL_HOST_NAME)).thenReturn(_virtualHost);
when(_port.getContextValue(Long.class, Port.CONNECTION_MAXIMUM_AUTHENTICATION_DELAY)).thenReturn(2500l);
when(_port.getContextValue(Integer.class, Connection.MAX_MESSAGE_SIZE)).thenReturn(Connection.DEFAULT_MAX_MESSAGE_SIZE);
+ when(_port.getSubjectCreator(false)).thenReturn(subjectCreator);
_sender = mock(ByteBufferSender.class);
@@ -160,6 +162,7 @@ public class AMQPConnection_0_8Test extends QpidTestCase
_ticker = new AggregateTicker();
}
+ @Override
public void tearDown() throws Exception
{
try
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org