You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@activemq.apache.org by jb...@apache.org on 2017/09/12 17:56:49 UTC

[1/2] activemq-artemis git commit: This closes #1522

Repository: activemq-artemis
Updated Branches:
  refs/heads/master 04a585ff8 -> 14722f047


This closes #1522


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/14722f04
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/14722f04
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/14722f04

Branch: refs/heads/master
Commit: 14722f04762f4012515438bb02439ee31583d563
Parents: 04a585f da1e004
Author: Justin Bertram <jb...@apache.org>
Authored: Tue Sep 12 12:56:36 2017 -0500
Committer: Justin Bertram <jb...@apache.org>
Committed: Tue Sep 12 12:56:36 2017 -0500

----------------------------------------------------------------------
 .../amqp/broker/AMQPConnectionCallback.java     | 51 +++++++++++++-------
 .../amqp/broker/AMQPConnectionCallbackTest.java | 50 +++++++++++++++++++
 2 files changed, 83 insertions(+), 18 deletions(-)
----------------------------------------------------------------------

[2/2] activemq-artemis git commit: ARTEMIS-1310 - ensure chosen sasl mechanism is from the advertised list

Posted by jb...@apache.org.

ARTEMIS-1310 - ensure chosen sasl mechanism is from the advertised list


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/da1e0043
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/da1e0043
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/da1e0043

Branch: refs/heads/master
Commit: da1e0043aeeee1c1b7bf2c503e3271766a897a21
Parents: 04a585f
Author: gtully <ga...@gmail.com>
Authored: Fri Sep 8 11:50:48 2017 +0100
Committer: Justin Bertram <jb...@apache.org>
Committed: Tue Sep 12 12:56:36 2017 -0500

----------------------------------------------------------------------
 .../amqp/broker/AMQPConnectionCallback.java     | 51 +++++++++++++-------
 .../amqp/broker/AMQPConnectionCallbackTest.java | 50 +++++++++++++++++++
 2 files changed, 83 insertions(+), 18 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/da1e0043/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
----------------------------------------------------------------------
diff --git a/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java b/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
index 47b5f69..0f91b7f 100644
--- a/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
+++ b/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
@@ -40,8 +40,8 @@ import org.apache.activemq.artemis.protocol.amqp.exceptions.ActiveMQAMQPExceptio
 import org.apache.activemq.artemis.protocol.amqp.logger.ActiveMQAMQPProtocolMessageBundle;
 import org.apache.activemq.artemis.protocol.amqp.proton.AMQPConnectionContext;
 import org.apache.activemq.artemis.protocol.amqp.proton.AmqpSupport;
-import org.apache.activemq.artemis.protocol.amqp.proton.transaction.ProtonTransactionImpl;
 import org.apache.activemq.artemis.protocol.amqp.proton.handler.ExtCapability;
+import org.apache.activemq.artemis.protocol.amqp.proton.transaction.ProtonTransactionImpl;
 import org.apache.activemq.artemis.protocol.amqp.sasl.AnonymousServerSASL;
 import org.apache.activemq.artemis.protocol.amqp.sasl.GSSAPIServerSASL;
 import org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL;
@@ -96,27 +96,42 @@ public class AMQPConnectionCallback implements FailureListener, CloseListener {
 
    public ServerSASL getServerSASL(final String mechanism) {
       ServerSASL result = null;
-      switch (mechanism) {
-         case PlainSASL.NAME:
-            result = new PlainSASL(server.getSecurityStore());
-            break;
-
-         case AnonymousServerSASL.NAME:
-            result = new AnonymousServerSASL();
-            break;
-
-         case GSSAPIServerSASL.NAME:
-            GSSAPIServerSASL gssapiServerSASL = new GSSAPIServerSASL();
-            gssapiServerSASL.setLoginConfigScope(manager.getSaslLoginConfigScope());
-            result = gssapiServerSASL;
-            break;
-
-         default:
-            break;
+      if (isPermittedMechanism(mechanism)) {
+         switch (mechanism) {
+            case PlainSASL.NAME:
+               result = new PlainSASL(server.getSecurityStore());
+               break;
+
+            case AnonymousServerSASL.NAME:
+               result = new AnonymousServerSASL();
+               break;
+
+            case GSSAPIServerSASL.NAME:
+               GSSAPIServerSASL gssapiServerSASL = new GSSAPIServerSASL();
+               gssapiServerSASL.setLoginConfigScope(manager.getSaslLoginConfigScope());
+               result = gssapiServerSASL;
+               break;
+
+            default:
+               break;
+         }
       }
       return result;
    }
 
+   private boolean isPermittedMechanism(String mechanism) {
+      if (saslMechanisms == null || saslMechanisms.length == 0) {
+         return AnonymousServerSASL.NAME.equals(mechanism);
+      } else {
+         for (String candidate : saslMechanisms) {
+            if (candidate.equals(mechanism)) {
+               return true;
+            }
+         }
+      }
+      return false;
+   }
+
    public boolean isSupportsAnonymous() {
       boolean supportsAnonymous = false;
       try {

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/da1e0043/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java
----------------------------------------------------------------------
diff --git a/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java b/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java
new file mode 100644
index 0000000..e880036
--- /dev/null
+++ b/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.artemis.protocol.amqp.broker;
+
+import org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl;
+import org.apache.activemq.artemis.protocol.amqp.sasl.AnonymousServerSASL;
+import org.apache.activemq.artemis.protocol.amqp.sasl.GSSAPIServerSASL;
+import org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL;
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+public class AMQPConnectionCallbackTest {
+
+   @Test
+   public void getServerSASLOnlyAllowedMechs() throws Exception {
+      ProtonProtocolManager protonProtocolManager = new ProtonProtocolManager(new ProtonProtocolManagerFactory(), null, null, null);
+      protonProtocolManager.setSaslMechanisms(new String[]{PlainSASL.NAME});
+      AMQPConnectionCallback connectionCallback = new AMQPConnectionCallback(protonProtocolManager, null, null, new ActiveMQServerImpl());
+      assertEquals(1, connectionCallback.getSaslMechanisms().length);
+      for (String mech: connectionCallback.getSaslMechanisms()) {
+         assertNotNull(connectionCallback.getServerSASL(mech));
+      }
+      assertNull("can't get mechanism not in the list", connectionCallback.getServerSASL(GSSAPIServerSASL.NAME));
+   }
+
+   @Test
+   public void getServerSASLAnonDefault() throws Exception {
+      ProtonProtocolManager protonProtocolManager = new ProtonProtocolManager(new ProtonProtocolManagerFactory(), null, null, null);
+      protonProtocolManager.setSaslMechanisms(new String[]{});
+      AMQPConnectionCallback connectionCallback = new AMQPConnectionCallback(protonProtocolManager, null, null, new ActiveMQServerImpl());
+      assertNotNull("can get anon with empty list", connectionCallback.getServerSASL(AnonymousServerSASL.NAME));
+   }
+}
\ No newline at end of file