You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by jb...@apache.org on 2017/09/12 17:56:49 UTC
[1/2] activemq-artemis git commit: This closes #1522
Repository: activemq-artemis
Updated Branches:
refs/heads/master 04a585ff8 -> 14722f047
This closes #1522
Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/14722f04
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/14722f04
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/14722f04
Branch: refs/heads/master
Commit: 14722f04762f4012515438bb02439ee31583d563
Parents: 04a585f da1e004
Author: Justin Bertram <jb...@apache.org>
Authored: Tue Sep 12 12:56:36 2017 -0500
Committer: Justin Bertram <jb...@apache.org>
Committed: Tue Sep 12 12:56:36 2017 -0500
----------------------------------------------------------------------
.../amqp/broker/AMQPConnectionCallback.java | 51 +++++++++++++-------
.../amqp/broker/AMQPConnectionCallbackTest.java | 50 +++++++++++++++++++
2 files changed, 83 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
[2/2] activemq-artemis git commit: ARTEMIS-1310 - ensure chosen sasl
mechanism is from the advertised list
Posted by jb...@apache.org.
ARTEMIS-1310 - ensure chosen sasl mechanism is from the advertised list
Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/da1e0043
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/da1e0043
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/da1e0043
Branch: refs/heads/master
Commit: da1e0043aeeee1c1b7bf2c503e3271766a897a21
Parents: 04a585f
Author: gtully <ga...@gmail.com>
Authored: Fri Sep 8 11:50:48 2017 +0100
Committer: Justin Bertram <jb...@apache.org>
Committed: Tue Sep 12 12:56:36 2017 -0500
----------------------------------------------------------------------
.../amqp/broker/AMQPConnectionCallback.java | 51 +++++++++++++-------
.../amqp/broker/AMQPConnectionCallbackTest.java | 50 +++++++++++++++++++
2 files changed, 83 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/da1e0043/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
----------------------------------------------------------------------
diff --git a/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java b/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
index 47b5f69..0f91b7f 100644
--- a/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
+++ b/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
@@ -40,8 +40,8 @@ import org.apache.activemq.artemis.protocol.amqp.exceptions.ActiveMQAMQPExceptio
import org.apache.activemq.artemis.protocol.amqp.logger.ActiveMQAMQPProtocolMessageBundle;
import org.apache.activemq.artemis.protocol.amqp.proton.AMQPConnectionContext;
import org.apache.activemq.artemis.protocol.amqp.proton.AmqpSupport;
-import org.apache.activemq.artemis.protocol.amqp.proton.transaction.ProtonTransactionImpl;
import org.apache.activemq.artemis.protocol.amqp.proton.handler.ExtCapability;
+import org.apache.activemq.artemis.protocol.amqp.proton.transaction.ProtonTransactionImpl;
import org.apache.activemq.artemis.protocol.amqp.sasl.AnonymousServerSASL;
import org.apache.activemq.artemis.protocol.amqp.sasl.GSSAPIServerSASL;
import org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL;
@@ -96,27 +96,42 @@ public class AMQPConnectionCallback implements FailureListener, CloseListener {
public ServerSASL getServerSASL(final String mechanism) {
ServerSASL result = null;
- switch (mechanism) {
- case PlainSASL.NAME:
- result = new PlainSASL(server.getSecurityStore());
- break;
-
- case AnonymousServerSASL.NAME:
- result = new AnonymousServerSASL();
- break;
-
- case GSSAPIServerSASL.NAME:
- GSSAPIServerSASL gssapiServerSASL = new GSSAPIServerSASL();
- gssapiServerSASL.setLoginConfigScope(manager.getSaslLoginConfigScope());
- result = gssapiServerSASL;
- break;
-
- default:
- break;
+ if (isPermittedMechanism(mechanism)) {
+ switch (mechanism) {
+ case PlainSASL.NAME:
+ result = new PlainSASL(server.getSecurityStore());
+ break;
+
+ case AnonymousServerSASL.NAME:
+ result = new AnonymousServerSASL();
+ break;
+
+ case GSSAPIServerSASL.NAME:
+ GSSAPIServerSASL gssapiServerSASL = new GSSAPIServerSASL();
+ gssapiServerSASL.setLoginConfigScope(manager.getSaslLoginConfigScope());
+ result = gssapiServerSASL;
+ break;
+
+ default:
+ break;
+ }
}
return result;
}
+ private boolean isPermittedMechanism(String mechanism) {
+ if (saslMechanisms == null || saslMechanisms.length == 0) {
+ return AnonymousServerSASL.NAME.equals(mechanism);
+ } else {
+ for (String candidate : saslMechanisms) {
+ if (candidate.equals(mechanism)) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
public boolean isSupportsAnonymous() {
boolean supportsAnonymous = false;
try {
http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/da1e0043/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java
----------------------------------------------------------------------
diff --git a/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java b/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java
new file mode 100644
index 0000000..e880036
--- /dev/null
+++ b/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.artemis.protocol.amqp.broker;
+
+import org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl;
+import org.apache.activemq.artemis.protocol.amqp.sasl.AnonymousServerSASL;
+import org.apache.activemq.artemis.protocol.amqp.sasl.GSSAPIServerSASL;
+import org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL;
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+public class AMQPConnectionCallbackTest {
+
+ @Test
+ public void getServerSASLOnlyAllowedMechs() throws Exception {
+ ProtonProtocolManager protonProtocolManager = new ProtonProtocolManager(new ProtonProtocolManagerFactory(), null, null, null);
+ protonProtocolManager.setSaslMechanisms(new String[]{PlainSASL.NAME});
+ AMQPConnectionCallback connectionCallback = new AMQPConnectionCallback(protonProtocolManager, null, null, new ActiveMQServerImpl());
+ assertEquals(1, connectionCallback.getSaslMechanisms().length);
+ for (String mech: connectionCallback.getSaslMechanisms()) {
+ assertNotNull(connectionCallback.getServerSASL(mech));
+ }
+ assertNull("can't get mechanism not in the list", connectionCallback.getServerSASL(GSSAPIServerSASL.NAME));
+ }
+
+ @Test
+ public void getServerSASLAnonDefault() throws Exception {
+ ProtonProtocolManager protonProtocolManager = new ProtonProtocolManager(new ProtonProtocolManagerFactory(), null, null, null);
+ protonProtocolManager.setSaslMechanisms(new String[]{});
+ AMQPConnectionCallback connectionCallback = new AMQPConnectionCallback(protonProtocolManager, null, null, new ActiveMQServerImpl());
+ assertNotNull("can get anon with empty list", connectionCallback.getServerSASL(AnonymousServerSASL.NAME));
+ }
+}
\ No newline at end of file