You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by rg...@apache.org on 2014/07/23 14:14:45 UTC
svn commit: r1612824 - in
/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager:
AbstractScramAuthenticationManager.java ScramAuthUser.java
Author: rgodfrey
Date: Wed Jul 23 12:14:45 2014
New Revision: 1612824
URL: http://svn.apache.org/r1612824
Log:
QPID-5917 : deleting a user from a SCRAM-* auth provider causes the auth provider to deregister
Modified:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/ScramAuthUser.java
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java?rev=1612824&r1=1612823&r2=1612824&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java Wed Jul 23 12:14:45 2014
@@ -45,7 +45,6 @@ import org.apache.qpid.server.configurat
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.PasswordCredentialManagingAuthenticationProvider;
-import org.apache.qpid.server.model.State;
import org.apache.qpid.server.model.User;
import org.apache.qpid.server.security.access.Operation;
import org.apache.qpid.server.security.auth.AuthenticationResult;
@@ -56,7 +55,6 @@ public abstract class AbstractScramAuthe
extends AbstractAuthenticationManager<X>
implements PasswordCredentialManagingAuthenticationProvider<X>
{
- public static final String SCRAM_USER_TYPE = "scram";
static final Charset ASCII = Charset.forName("ASCII");
private final SecureRandom _random = new SecureRandom();
@@ -257,7 +255,7 @@ public abstract class AbstractScramAuthe
userAttrs.put(User.ID, UUID.randomUUID());
userAttrs.put(User.NAME, username);
userAttrs.put(User.PASSWORD, createStoredPassword(password));
- userAttrs.put(User.TYPE, SCRAM_USER_TYPE);
+ userAttrs.put(User.TYPE, ScramAuthUser.SCRAM_USER_TYPE);
ScramAuthUser user = new ScramAuthUser(userAttrs, AbstractScramAuthenticationManager.this);
user.create();
@@ -287,7 +285,7 @@ public abstract class AbstractScramAuthe
final ScramAuthUser authUser = getUser(user);
if(authUser != null)
{
- authUser.setState(State.DELETED);
+ authUser.delete();
}
else
{
@@ -384,11 +382,6 @@ public abstract class AbstractScramAuthe
return super.addChild(childClass, attributes, otherParents);
}
- void doDeleted()
- {
- deleted();
- }
-
Map<String, ScramAuthUser> getUserMap()
{
return _users;
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/ScramAuthUser.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/ScramAuthUser.java?rev=1612824&r1=1612823&r2=1612824&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/ScramAuthUser.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/ScramAuthUser.java Wed Jul 23 12:14:45 2014
@@ -37,12 +37,14 @@ import org.apache.qpid.server.model.Mana
import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
import org.apache.qpid.server.model.PreferencesProvider;
import org.apache.qpid.server.model.State;
+import org.apache.qpid.server.model.StateTransition;
import org.apache.qpid.server.model.User;
import org.apache.qpid.server.security.access.Operation;
-@ManagedObject( category = false, type = "scram")
+@ManagedObject( category = false, type = ScramAuthUser.SCRAM_USER_TYPE)
class ScramAuthUser extends AbstractConfiguredObject<ScramAuthUser> implements User<ScramAuthUser>
{
+ public static final String SCRAM_USER_TYPE = "scram";
private AbstractScramAuthenticationManager _authenticationManager;
@ManagedAttributeField
@@ -86,23 +88,25 @@ class ScramAuthUser extends AbstractConf
throw new IllegalArgumentException(getClass().getSimpleName() + " must be durable");
}
}
+
@Override
- protected boolean setState(final State desiredState)
+ protected void authoriseSetDesiredState(final State desiredState) throws AccessControlException
{
if(desiredState == State.DELETED)
{
_authenticationManager.getSecurityManager().authoriseUserOperation(Operation.DELETE, getName());
- _authenticationManager.getUserMap().remove(getName());
- _authenticationManager.doDeleted();
- deleted();
- return true;
- }
- else
- {
- return false;
}
+
}
+ @StateTransition(currentState = {State.ACTIVE}, desiredState = State.DELETED)
+ private void doDelete()
+ {
+ _authenticationManager.getUserMap().remove(getName());
+ deleted();
+ }
+
+
@Override
public void setAttributes(final Map<String, Object> attributes)
throws IllegalStateException, AccessControlException, IllegalArgumentException
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org