You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@servicemix.apache.org by cc...@apache.org on 2010/01/12 08:21:30 UTC
svn commit: r898202 - in
/servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test:
java/org/apache/servicemix/jbi/security/SpringSecuredRemoteBrokerTest.java
resources/org/apache/servicemix/jbi/security/secure2.xml
Author: ccustine
Date: Tue Jan 12 07:21:29 2010
New Revision: 898202
URL: http://svn.apache.org/viewvc?rev=898202&view=rev
Log:
SM-1925 - Add security check on remote broker when using JMSFlow/JCAFlow
Added:
servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SpringSecuredRemoteBrokerTest.java
- copied, changed from r896902, servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SpringSecuredBrokerTest.java
servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/secure2.xml (contents, props changed)
- copied, changed from r896902, servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/secure.xml
Copied: servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SpringSecuredRemoteBrokerTest.java (from r896902, servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SpringSecuredBrokerTest.java)
URL: http://svn.apache.org/viewvc/servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SpringSecuredRemoteBrokerTest.java?p2=servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SpringSecuredRemoteBrokerTest.java&p1=servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SpringSecuredBrokerTest.java&r1=896902&r2=898202&rev=898202&view=diff
==============================================================================
--- servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SpringSecuredBrokerTest.java (original)
+++ servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/java/org/apache/servicemix/jbi/security/SpringSecuredRemoteBrokerTest.java Tue Jan 12 07:21:29 2010
@@ -31,19 +31,23 @@
import javax.security.auth.login.LoginContext;
import javax.xml.namespace.QName;
+import junit.framework.TestCase;
+import org.apache.activemq.broker.BrokerService;
+import org.apache.activemq.xbean.BrokerFactoryBean;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.servicemix.client.DefaultServiceMixClient;
import org.apache.servicemix.client.ServiceMixClient;
+import org.apache.servicemix.jbi.container.SpringJBIContainer;
import org.apache.servicemix.jbi.jaxp.StringSource;
-import org.apache.servicemix.tck.Receiver;
-import org.apache.servicemix.tck.SpringTestSupport;
import org.apache.xbean.spring.context.ClassPathXmlApplicationContext;
import org.springframework.context.support.AbstractXmlApplicationContext;
+import org.springframework.core.io.ClassPathResource;
-public class SpringSecuredBrokerTest extends SpringTestSupport {
- private static final Log LOG = LogFactory.getLog(SpringSecuredBrokerTest.class);
+public class SpringSecuredRemoteBrokerTest extends TestCase {
+
+ private static final Log LOG = LogFactory.getLog(SpringSecuredRemoteBrokerTest.class);
static {
String path = System.getProperty("java.security.auth.login.config");
@@ -71,29 +75,42 @@
}
}
- protected Receiver receiver1;
- protected Receiver receiver2;
- protected Receiver receiver3;
protected ServiceMixClient client;
-
+ protected SpringJBIContainer jbi1;
+ protected SpringJBIContainer jbi2;
+ protected AbstractXmlApplicationContext context;
+ protected BrokerService broker;
+
protected void setUp() throws Exception {
- super.setUp();
- receiver1 = (Receiver) jbi.getBean("receiver1");
- receiver2 = (Receiver) jbi.getBean("receiver2");
- receiver3 = (Receiver) jbi.getBean("receiver3");
- client = new DefaultServiceMixClient(jbi);
+ BrokerFactoryBean bfb = new BrokerFactoryBean(new ClassPathResource("org/apache/servicemix/jbi/nmr/flow/jca/broker.xml"));
+ bfb.afterPropertiesSet();
+ broker = bfb.getBroker();
+ broker.start();
+
+ context = createBeanFactory();
+ jbi1 = (SpringJBIContainer) context.getBean("jbi1");
+ jbi2 = (SpringJBIContainer) context.getBean("jbi2");
+
+ assertNotNull("JBI Container not found in spring!", jbi1);
+ assertNotNull("JBI Container not found in spring!", jbi2);
+
+ client = new DefaultServiceMixClient(jbi1);
}
-
+
protected void tearDown() throws Exception {
- super.tearDown();
+ if (context != null) {
+ LOG.info("Closing down the spring context");
+ context.destroy();
+ }
+ broker.stop();
}
protected AbstractXmlApplicationContext createBeanFactory() {
- return new ClassPathXmlApplicationContext("org/apache/servicemix/jbi/security/secure.xml");
+ return new ClassPathXmlApplicationContext("org/apache/servicemix/jbi/security/secure2.xml");
}
-
+
protected Subject login(final String username, final String password) throws Exception {
- LoginContext context = new LoginContext("servicemix-domain", new CallbackHandler() {
+ LoginContext logincontext = new LoginContext("servicemix-domain", new CallbackHandler() {
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
@@ -106,10 +123,10 @@
}
}
});
- context.login();
- return context.getSubject();
+ logincontext.login();
+ return logincontext.getSubject();
}
-
+
protected void send(String username, String password, QName service) throws Exception {
Subject subject = login(username, password);
InOnly me = client.createInOnlyExchange();
@@ -118,16 +135,16 @@
me.getInMessage().setContent(new StringSource("<hello>world</hello>"));
client.sendSync(me);
}
-
- public void testAuthorizationsOnReceiver1() throws Exception {
+
+ public void testAuthorizationsOnLocalReceiver1() throws Exception {
QName service = new QName("http://servicemix.org/example/1", "receiver1");
// receiver1 should be available to: programmers, accounting, testers
send("first", "secret", service);
send("second", "password", service);
send("third", "another", service);
}
-
- public void testAuthorizationsOnReceiver2() throws Exception {
+
+ public void testAuthorizationsOnLocalReceiver2() throws Exception {
QName service = new QName("http://servicemix.org/example/1", "receiver2");
// receiver2 should be available to: programmers, accounting
send("first", "secret", service);
@@ -139,10 +156,10 @@
// Expected
}
}
-
- public void testAuthorizationsOnReceiver3() throws Exception {
- QName service = new QName("http://servicemix.org/example/2", "receiver1");
- // receiver2 should be available to: programmers
+
+ public void testAuthorizationsOnLocalReceiver3() throws Exception {
+ QName service = new QName("http://servicemix.org/example/1a", "receiver1");
+ // receiver3 should be available to: programmers
send("first", "secret", service);
try {
send("second", "password", service);
@@ -157,5 +174,24 @@
// Expected
}
}
-
-}
+
+ public void testAuthorizationsOnRemoteReceiver() throws Exception {
+ QName service = new QName("http://servicemix.org/example/2a", "receiver1");
+ // remote endpoint should be available to: programmers
+ send("first", "secret", service);
+ try {
+ send("second", "password", service);
+ fail("receiver3 is not available to accounting");
+ } catch (SecurityException e) {
+ // Expected
+ }
+
+ try {
+ send("third", "another", service);
+ fail("receiver3 is not available to testers");
+ } catch (SecurityException e) {
+ // Expected
+ }
+ }
+
+}
\ No newline at end of file
Copied: servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/secure2.xml (from r896902, servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/secure.xml)
URL: http://svn.apache.org/viewvc/servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/secure2.xml?p2=servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/secure2.xml&p1=servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/secure.xml&r1=896902&r2=898202&rev=898202&view=diff
==============================================================================
--- servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/secure.xml (original)
+++ servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/secure2.xml Tue Jan 12 07:21:29 2010
@@ -18,36 +18,78 @@
-->
<beans xmlns:sm="http://servicemix.apache.org/config/1.0"
- xmlns:ex1="http://servicemix.org/example/1"
- xmlns:ex2="http://servicemix.org/example/2">
+ xmlns:container1="http://servicemix.org/example/1"
+ xmlns:container1a="http://servicemix.org/example/1a"
+ xmlns:container2="http://servicemix.org/example/2"
+ xmlns:container2a="http://servicemix.org/example/2a">
- <sm:container id="jbi" embedded="true" useMBeanServer="false">
+ <sm:container id="jbi1" embedded="true" useMBeanServer="false" name="ServiceMix1">
<sm:broker>
<sm:securedBroker>
<sm:authorizationMap>
<sm:authorizationMap>
<sm:authorizationEntries>
<sm:authorizationEntry service="*:*" roles="programmers" />
- <sm:authorizationEntry service="ex1:*" roles="accounting" />
- <sm:authorizationEntry service="ex1:receiver1" roles="testers" />
+ <sm:authorizationEntry service="container1:*" roles="accounting" />
+ <sm:authorizationEntry service="container1:receiver1" roles="testers" />
</sm:authorizationEntries>
</sm:authorizationMap>
</sm:authorizationMap>
+ <sm:flows>
+ <sm:jmsFlow jmsURL="tcp://localhost:61216" />
+ </sm:flows>
</sm:securedBroker>
</sm:broker>
<sm:activationSpecs>
- <sm:activationSpec id="receiver1" service="ex1:receiver1">
+ <sm:activationSpec id="receiver11" service="container1:receiver1">
<sm:component>
<bean class="org.apache.servicemix.tck.ReceiverComponent" />
</sm:component>
</sm:activationSpec>
- <sm:activationSpec id="receiver2" service="ex1:receiver2">
+ <sm:activationSpec id="receiver12" service="container1:receiver2">
<sm:component>
<bean class="org.apache.servicemix.tck.ReceiverComponent" />
</sm:component>
</sm:activationSpec>
- <sm:activationSpec id="receiver3" service="ex2:receiver1">
+ <sm:activationSpec id="receiver13" service="container1a:receiver1">
+ <sm:component>
+ <bean class="org.apache.servicemix.tck.ReceiverComponent" />
+ </sm:component>
+ </sm:activationSpec>
+ </sm:activationSpecs>
+ </sm:container>
+
+ <sm:container id="jbi2" embedded="true" useMBeanServer="false" name="ServiceMix2">
+ <sm:broker>
+ <sm:securedBroker>
+ <sm:authorizationMap>
+ <sm:authorizationMap>
+ <sm:authorizationEntries>
+ <sm:authorizationEntry service="*:*" roles="programmers" />
+ <sm:authorizationEntry service="container2:*" roles="accounting" />
+ <sm:authorizationEntry service="container2:receiver1" roles="testers" />
+ </sm:authorizationEntries>
+ </sm:authorizationMap>
+ </sm:authorizationMap>
+ <sm:flows>
+ <sm:jmsFlow jmsURL="tcp://localhost:61216" />
+ </sm:flows>
+ </sm:securedBroker>
+ </sm:broker>
+
+ <sm:activationSpecs>
+ <sm:activationSpec id="receiver21" service="container2:receiver1">
+ <sm:component>
+ <bean class="org.apache.servicemix.tck.ReceiverComponent" />
+ </sm:component>
+ </sm:activationSpec>
+ <sm:activationSpec id="receiver22" service="container2:receiver2">
+ <sm:component>
+ <bean class="org.apache.servicemix.tck.ReceiverComponent" />
+ </sm:component>
+ </sm:activationSpec>
+ <sm:activationSpec id="receiver23" service="container2a:receiver1">
<sm:component>
<bean class="org.apache.servicemix.tck.ReceiverComponent" />
</sm:component>
Propchange: servicemix/smx3/branches/servicemix-3.2/core/servicemix-core/src/test/resources/org/apache/servicemix/jbi/security/secure2.xml
------------------------------------------------------------------------------
svn:eol-style = native