You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kw...@apache.org on 2014/09/05 19:43:15 UTC
svn commit: r1622747 - in /qpid/trunk/qpid/java:
broker-core/src/main/java/org/apache/qpid/server/model/port/
broker-plugins/management-http/src/main/java/resources/js/qpid/management/
Author: kwall
Date: Fri Sep 5 17:43:14 2014
New Revision: 1622747
URL: http://svn.apache.org/r1622747
Log:
QPID-6068: [Java Broker] Introduce ClientAuthCapablePort into Port hierarchy to avoid validation in terms of getAttributes.
Added:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractClientAuthCapablePortWithAuthProvider.java
- copied, changed from r1622677, qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/ClientAuthCapablePort.java
Modified:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java
qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js
Copied: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractClientAuthCapablePortWithAuthProvider.java (from r1622677, qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java)
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractClientAuthCapablePortWithAuthProvider.java?p2=qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractClientAuthCapablePortWithAuthProvider.java&p1=qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java&r1=1622677&r2=1622747&rev=1622747&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractClientAuthCapablePortWithAuthProvider.java Fri Sep 5 17:43:14 2014
@@ -1,5 +1,4 @@
/*
- *
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
@@ -16,7 +15,6 @@
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
*/
package org.apache.qpid.server.model.port;
@@ -24,53 +22,41 @@ import java.util.Map;
import java.util.Set;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
-import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.ManagedAttributeField;
-import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.Transport;
-abstract public class AbstractPortWithAuthProvider<X extends AbstractPortWithAuthProvider<X>> extends AbstractPort<X>
+abstract public class AbstractClientAuthCapablePortWithAuthProvider<X extends AbstractClientAuthCapablePortWithAuthProvider<X>> extends AbstractPortWithAuthProvider<X>
+ implements ClientAuthCapablePort<X>
{
public static final String DEFAULT_AMQP_NEED_CLIENT_AUTH = "false";
public static final String DEFAULT_AMQP_WANT_CLIENT_AUTH = "false";
@ManagedAttributeField
- private AuthenticationProvider _authenticationProvider;
-
- @ManagedAttributeField
private boolean _needClientAuth;
@ManagedAttributeField
private boolean _wantClientAuth;
- public AbstractPortWithAuthProvider(final Map<String, Object> attributes,
- final Broker<?> broker)
+ public AbstractClientAuthCapablePortWithAuthProvider(final Map<String, Object> attributes,
+ final Broker<?> broker)
{
super(attributes, broker);
}
+ @Override
public boolean getNeedClientAuth()
{
return _needClientAuth;
}
+ @Override
public boolean getWantClientAuth()
{
return _wantClientAuth;
}
- public AuthenticationProvider getAuthenticationProvider()
- {
- Broker<?> broker = getParent(Broker.class);
- if(broker.isManagementMode())
- {
- return broker.getManagementModeAuthenticationProvider();
- }
- return _authenticationProvider;
- }
-
@Override
public void onValidate()
{
@@ -94,11 +80,9 @@ abstract public class AbstractPortWithAu
protected void validateChange(final ConfiguredObject<?> proxyForValidation, final Set<String> changedAttributes)
{
super.validateChange(proxyForValidation, changedAttributes);
- Port<?> updated = (Port<?>)proxyForValidation;
+ ClientAuthCapablePort<?> updated = (ClientAuthCapablePort<?>)proxyForValidation;
- boolean needClientCertificate = updated.getAttribute(NEED_CLIENT_AUTH) == null ? false : (Boolean) updated.getAttribute(NEED_CLIENT_AUTH);
- boolean wantClientCertificate = updated.getAttribute(WANT_CLIENT_AUTH) == null ? false : (Boolean) updated.getAttribute(WANT_CLIENT_AUTH);
- boolean requiresCertificate = needClientCertificate || wantClientCertificate;
+ boolean requiresCertificate = updated.getNeedClientAuth() || updated.getWantClientAuth();
boolean usesSsl = updated.getTransports().contains(Transport.SSL);
if (usesSsl)
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java?rev=1622747&r1=1622746&r2=1622747&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPortWithAuthProvider.java Fri Sep 5 17:43:14 2014
@@ -21,46 +21,22 @@
package org.apache.qpid.server.model.port;
import java.util.Map;
-import java.util.Set;
-import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.ManagedAttributeField;
-import org.apache.qpid.server.model.Port;
-import org.apache.qpid.server.model.Transport;
abstract public class AbstractPortWithAuthProvider<X extends AbstractPortWithAuthProvider<X>> extends AbstractPort<X>
{
- public static final String DEFAULT_AMQP_NEED_CLIENT_AUTH = "false";
- public static final String DEFAULT_AMQP_WANT_CLIENT_AUTH = "false";
-
@ManagedAttributeField
private AuthenticationProvider _authenticationProvider;
- @ManagedAttributeField
- private boolean _needClientAuth;
-
- @ManagedAttributeField
- private boolean _wantClientAuth;
-
public AbstractPortWithAuthProvider(final Map<String, Object> attributes,
final Broker<?> broker)
{
super(attributes, broker);
}
- public boolean getNeedClientAuth()
- {
- return _needClientAuth;
- }
-
- public boolean getWantClientAuth()
- {
- return _wantClientAuth;
- }
-
public AuthenticationProvider getAuthenticationProvider()
{
Broker<?> broker = getParent(Broker.class);
@@ -70,50 +46,4 @@ abstract public class AbstractPortWithAu
}
return _authenticationProvider;
}
-
- @Override
- public void onValidate()
- {
- super.onValidate();
- boolean useClientAuth = getNeedClientAuth() || getWantClientAuth();
-
- if(useClientAuth && (getTrustStores() == null || getTrustStores().isEmpty()))
- {
- throw new IllegalConfigurationException("Can't create port which requests SSL client certificates but has no trust stores configured.");
- }
-
- boolean useTLSTransport = getTransports().contains(Transport.SSL) || getTransports().contains(Transport.WSS);
- if(useClientAuth && !useTLSTransport)
- {
- throw new IllegalConfigurationException(
- "Can't create port which requests SSL client certificates but doesn't use SSL transport.");
- }
- }
-
- @Override
- protected void validateChange(final ConfiguredObject<?> proxyForValidation, final Set<String> changedAttributes)
- {
- super.validateChange(proxyForValidation, changedAttributes);
- Port<?> updated = (Port<?>)proxyForValidation;
-
- boolean needClientCertificate = updated.getAttribute(NEED_CLIENT_AUTH) == null ? false : (Boolean) updated.getAttribute(NEED_CLIENT_AUTH);
- boolean wantClientCertificate = updated.getAttribute(WANT_CLIENT_AUTH) == null ? false : (Boolean) updated.getAttribute(WANT_CLIENT_AUTH);
- boolean requiresCertificate = needClientCertificate || wantClientCertificate;
-
- boolean usesSsl = updated.getTransports().contains(Transport.SSL);
- if (usesSsl)
- {
- if ((updated.getTrustStores() == null || updated.getTrustStores().isEmpty() ) && requiresCertificate)
- {
- throw new IllegalConfigurationException("Can't create port which requests SSL client certificates but has no trust store configured.");
- }
- }
- else
- {
- if (requiresCertificate)
- {
- throw new IllegalConfigurationException("Can't create port which requests SSL client certificates but doesn't use SSL transport.");
- }
- }
- }
}
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java?rev=1622747&r1=1622746&r2=1622747&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java Fri Sep 5 17:43:14 2014
@@ -32,7 +32,7 @@ import org.apache.qpid.server.model.Tran
import org.apache.qpid.server.virtualhost.VirtualHostImpl;
@ManagedObject( category = false, type = "AMQP")
-public interface AmqpPort<X extends AmqpPort<X>> extends Port<X>
+public interface AmqpPort<X extends AmqpPort<X>> extends ClientAuthCapablePort<X>
{
String DEFAULT_AMQP_SEND_BUFFER_SIZE = "262144";
String DEFAULT_AMQP_RECEIVE_BUFFER_SIZE = "262144";
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java?rev=1622747&r1=1622746&r2=1622747&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java Fri Sep 5 17:43:14 2014
@@ -57,7 +57,7 @@ import org.apache.qpid.server.util.Serve
import org.apache.qpid.server.virtualhost.VirtualHostImpl;
import org.apache.qpid.transport.network.security.ssl.QpidMultipleTrustManager;
-public class AmqpPortImpl extends AbstractPortWithAuthProvider<AmqpPortImpl> implements AmqpPort<AmqpPortImpl>
+public class AmqpPortImpl extends AbstractClientAuthCapablePortWithAuthProvider<AmqpPortImpl> implements AmqpPort<AmqpPortImpl>
{
public static final String DEFAULT_BINDING_ADDRESS = "*";
Added: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/ClientAuthCapablePort.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/ClientAuthCapablePort.java?rev=1622747&view=auto
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/ClientAuthCapablePort.java (added)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/ClientAuthCapablePort.java Fri Sep 5 17:43:14 2014
@@ -0,0 +1,30 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.qpid.server.model.port;
+
+import org.apache.qpid.server.model.Port;
+
+
+public interface ClientAuthCapablePort<X extends Port<X>> extends Port<X>
+{
+ boolean getNeedClientAuth();
+
+ boolean getWantClientAuth();
+}
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java?rev=1622747&r1=1622746&r2=1622747&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java Fri Sep 5 17:43:14 2014
@@ -30,9 +30,8 @@ import org.apache.qpid.server.model.Prot
import org.apache.qpid.server.model.Transport;
@ManagedObject( category = false, type = "HTTP")
-public interface HttpPort<X extends HttpPort<X>> extends Port<X>
+public interface HttpPort<X extends HttpPort<X>> extends ClientAuthCapablePort<X>
{
-
String DEFAULT_AMQP_NEED_CLIENT_AUTH = "false";
String DEFAULT_AMQP_WANT_CLIENT_AUTH = "false";
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java?rev=1622747&r1=1622746&r2=1622747&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java Fri Sep 5 17:43:14 2014
@@ -20,17 +20,14 @@
*/
package org.apache.qpid.server.model.port;
-import java.util.Collections;
import java.util.Map;
-import java.util.Set;
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.ManagedAttributeField;
import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
-import org.apache.qpid.server.model.Protocol;
import org.apache.qpid.server.model.State;
-public class HttpPortImpl extends AbstractPortWithAuthProvider<HttpPortImpl> implements HttpPort<HttpPortImpl>
+public class HttpPortImpl extends AbstractClientAuthCapablePortWithAuthProvider<HttpPortImpl> implements HttpPort<HttpPortImpl>
{
private PortManager _portManager;
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js?rev=1622747&r1=1622746&r2=1622747&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js Fri Sep 5 17:43:14 2014
@@ -90,6 +90,12 @@ define(["dojo/_base/xhr",
};
+ addPort._isSecure = function(currentTransport)
+ {
+ return currentTransport == "SSL" || (lang.isArray(currentTransport) && array.indexOf(currentTransport, "SSL")>=0)
+ || currentTransport == "WSS" || (lang.isArray(currentTransport) && array.indexOf(currentTransport, "WSS")>=0);
+ }
+
addPort._convertToPort = function(formValues)
{
var newPort = {};
@@ -155,7 +161,7 @@ define(["dojo/_base/xhr",
var initialTransport = transportWidget.initialValue;
var currentTransport = transportWidget.value;
- if (currentTransport == "SSL" || (lang.isArray(currentTransport) && array.indexOf(currentTransport, "SSL")>=0))
+ if (addPort._isSecure(currentTransport))
{
newPort.needClientAuth = needClientAuth.checked;
newPort.wantClientAuth = wantClientAuth.checked
@@ -191,7 +197,7 @@ define(["dojo/_base/xhr",
var clientAuthPanel = dojo.byId("formAddPort:fieldsClientAuth");
var transportSSLPanelNode = dom.byId("formAddPort:fieldsTransportSSL");
- if (transportType == "SSL" || (lang.isArray(transportType) && array.indexOf(transportType, "SSL")>=0))
+ if (addPort._isSecure(transportType))
{
var typeMetaData = metadata.getMetaData("Port", portType);
var clientAuth = "needClientAuth" in typeMetaData.attributes || "wantClientAuth" in typeMetaData.attributes;
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org