You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by jb...@apache.org on 2020/10/14 17:27:35 UTC

[activemq-artemis] branch master updated: ARTEMIS-2886 pass FQQN regardless of match

This is an automated email from the ASF dual-hosted git repository.

jbertram pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/activemq-artemis.git


The following commit(s) were added to refs/heads/master by this push:
     new 4584ab1  ARTEMIS-2886 pass FQQN regardless of match
     new 96fc3b7  This closes #3291
4584ab1 is described below

commit 4584ab16dfd9a9cb7bd2b7986ad5e7a38574cf8a
Author: Luis Alves <Lu...@gls-portugal.com>
AuthorDate: Wed Oct 7 08:24:24 2020 +0100

    ARTEMIS-2886 pass FQQN regardless of match
---
 .../activemq/artemis/core/security/impl/SecurityStoreImpl.java    | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
index 7382142..605cc7d 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
@@ -253,24 +253,22 @@ public class SecurityStoreImpl implements SecurityStore, HierarchicalRepositoryC
          /*
           * If a valid queue is passed in and there's an exact match for the FQQN then use the FQQN instead of the address
           */
-         boolean isFullyQualified = false;
          SimpleString fqqn = null;
          if (bareQueue != null) {
             fqqn = CompositeAddress.toFullyQualified(bareAddress, bareQueue);
             if (securityRepository.containsExactMatch(fqqn.toString())) {
                roles = securityRepository.getMatch(fqqn.toString());
-               isFullyQualified = true;
             }
          }
 
-         if (checkAuthorizationCache(isFullyQualified ? fqqn : bareAddress, user, checkType)) {
+         if (checkAuthorizationCache(fqqn != null  ? fqqn : bareAddress, user, checkType)) {
             return;
          }
 
          final Boolean validated;
          if (securityManager instanceof ActiveMQSecurityManager5) {
             Subject subject = getSubjectForAuthorization(session, ((ActiveMQSecurityManager5) securityManager));
-            validated = ((ActiveMQSecurityManager5) securityManager).authorize(subject, roles, checkType, isFullyQualified ? fqqn.toString() : bareAddress.toString());
+            validated = ((ActiveMQSecurityManager5) securityManager).authorize(subject, roles, checkType, fqqn != null ? fqqn.toString() : bareAddress.toString());
          } else if (securityManager instanceof ActiveMQSecurityManager4) {
             validated = ((ActiveMQSecurityManager4) securityManager).validateUserAndRole(user, session.getPassword(), roles, checkType, bareAddress.toString(), session.getRemotingConnection(), session.getSecurityDomain()) != null;
          } else if (securityManager instanceof ActiveMQSecurityManager3) {
@@ -314,7 +312,7 @@ public class SecurityStoreImpl implements SecurityStore, HierarchicalRepositoryC
             set = new ConcurrentHashSet<>();
             authorizationCache.put(key, set);
          }
-         set.add(isFullyQualified ? fqqn : bareAddress);
+         set.add(fqqn != null ? fqqn : bareAddress);
       }
    }