You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@activemq.apache.org by cl...@apache.org on 2015/07/08 17:51:17 UTC

[1/2] activemq-artemis git commit: Set default password properly in security manager

Repository: activemq-artemis
Updated Branches:
  refs/heads/master f72c18352 -> 5b75f59bd


Set default password properly in security manager

The current Security Manager implementation was returning the username
instead of the default password when validating  the default user.

This patch returns the correct value and cleans up the validate method.


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/19dc0594
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/19dc0594
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/19dc0594

Branch: refs/heads/master
Commit: 19dc0594e5724b1232c11b3c3bf754abd0e70c54
Parents: f72c183
Author: Martyn Taylor <mt...@redhat.com>
Authored: Tue Jul 7 15:18:02 2015 +0100
Committer: Martyn Taylor <mt...@redhat.com>
Committed: Wed Jul 8 16:25:11 2015 +0100

----------------------------------------------------------------------
 .../security/ActiveMQSecurityManagerImpl.java   | 28 +++++++++++++-------
 .../impl/ActiveMQSecurityManagerImplTest.java   |  5 ++--
 2 files changed, 21 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/19dc0594/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManagerImpl.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManagerImpl.java b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManagerImpl.java
index a6f4774..c3bd1a2 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManagerImpl.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManagerImpl.java
@@ -23,6 +23,7 @@ import org.apache.activemq.artemis.core.config.impl.SecurityConfiguration;
 import org.apache.activemq.artemis.core.security.CheckType;
 import org.apache.activemq.artemis.core.security.Role;
 import org.apache.activemq.artemis.core.security.User;
+import org.apache.activemq.artemis.core.server.ActiveMQServerLogger;
 
 /**
  * A basic implementation of the ActiveMQSecurityManager. This can be used within an appserver and be deployed by
@@ -32,6 +33,8 @@ public class ActiveMQSecurityManagerImpl implements ActiveMQSecurityManager
 {
    private final SecurityConfiguration configuration;
 
+   private ActiveMQServerLogger logger = ActiveMQServerLogger.LOGGER;
+
    public ActiveMQSecurityManagerImpl()
    {
       configuration = new SecurityConfiguration();
@@ -44,19 +47,24 @@ public class ActiveMQSecurityManagerImpl implements ActiveMQSecurityManager
 
    // Public ---------------------------------------------------------------------
 
-   public boolean validateUser(final String user, final String password)
+   public boolean validateUser(final String username, final String password)
    {
-      if (user == null && configuration.getDefaultUser() == null)
+      if (username != null)
       {
-         return false;
+         User user = configuration.getUser(username);
+         return user != null && user.isValid(username, password);
+      }
+      else if (username == null && password == null)
+      {
+         return configuration.getDefaultUser() != null;
+      }
+      else // the only possible case here is user == null, password != null
+      {
+         logger.debug("Validating default user against a provided password.  This happens when username=null, password!=null");
+         String defaultUsername = configuration.getDefaultUser();
+         User defaultUser = configuration.getUser(defaultUsername);
+         return defaultUser != null && defaultUser.isValid(defaultUsername, password);
       }
-
-      String defaultUser = configuration.getDefaultUser();
-      User theUser = configuration.getUser(user == null ? defaultUser : user);
-
-      boolean ok = theUser != null && theUser.isValid(user == null ? defaultUser : user, password == null ? defaultUser
-                                                                                                         : password);
-      return ok;
    }
 
    public boolean validateUserAndRole(final String user,

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/19dc0594/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/security/impl/ActiveMQSecurityManagerImplTest.java
----------------------------------------------------------------------
diff --git a/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/security/impl/ActiveMQSecurityManagerImplTest.java b/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/security/impl/ActiveMQSecurityManagerImplTest.java
index 08e8d80..c729d27 100644
--- a/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/security/impl/ActiveMQSecurityManagerImplTest.java
+++ b/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/security/impl/ActiveMQSecurityManagerImplTest.java
@@ -57,11 +57,12 @@ public class ActiveMQSecurityManagerImplTest extends ActiveMQTestBase
    @Test
    public void testDefaultSecurity()
    {
-      securityManager.getConfiguration().addUser("guest", "guest");
+      securityManager.getConfiguration().addUser("guest", "password");
       securityManager.getConfiguration().addRole("guest", "guest");
       securityManager.getConfiguration().setDefaultUser("guest");
       Assert.assertTrue(securityManager.validateUser(null, null));
-      Assert.assertTrue(securityManager.validateUser("guest", "guest"));
+      Assert.assertTrue(securityManager.validateUser("guest", "password"));
+      Assert.assertFalse(securityManager.validateUser(null, "wrongpass"));
       HashSet<Role> roles = new HashSet<Role>();
       roles.add(new Role("guest", true, true, true, true, true, true, true));
       Assert.assertTrue(securityManager.validateUserAndRole(null, null, roles, CheckType.CREATE_DURABLE_QUEUE));

[2/2] activemq-artemis git commit: This closes #61 Security Manager change

Posted by cl...@apache.org.

This closes #61 Security Manager change


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/5b75f59b
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/5b75f59b
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/5b75f59b

Branch: refs/heads/master
Commit: 5b75f59bd653bc153f59037bed454529d6afa84c
Parents: f72c183 19dc059
Author: Clebert Suconic <cl...@apache.org>
Authored: Wed Jul 8 11:51:05 2015 -0400
Committer: Clebert Suconic <cl...@apache.org>
Committed: Wed Jul 8 11:51:05 2015 -0400

----------------------------------------------------------------------
 .../security/ActiveMQSecurityManagerImpl.java   | 28 +++++++++++++-------
 .../impl/ActiveMQSecurityManagerImplTest.java   |  5 ++--
 2 files changed, 21 insertions(+), 12 deletions(-)
----------------------------------------------------------------------