You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by rg...@apache.org on 2015/06/18 01:08:59 UTC
svn commit: r1686121 - in
/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model:
AbstractConfiguredObject.java adapter/BrokerAdapter.java
Author: rgodfrey
Date: Wed Jun 17 23:08:58 2015
New Revision: 1686121
URL: http://svn.apache.org/r1686121
Log:
QPID-6598 : [Java Broker] Allow configuration encryption provider to be updated dynamically
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/AbstractConfiguredObject.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/AbstractConfiguredObject.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/AbstractConfiguredObject.java?rev=1686121&r1=1686120&r2=1686121&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/AbstractConfiguredObject.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/AbstractConfiguredObject.java Wed Jun 17 23:08:58 2015
@@ -1037,6 +1037,17 @@ public abstract class AbstractConfigured
protected void setEncrypter(final ConfigurationSecretEncrypter encrypter)
{
_encrypter = encrypter;
+ applyToChildren(new Action<ConfiguredObject<?>>()
+ {
+ @Override
+ public void performAction(final ConfiguredObject<?> object)
+ {
+ if(object instanceof AbstractConfiguredObject)
+ {
+ ((AbstractConfiguredObject)object).setEncrypter(encrypter);
+ }
+ }
+ });
}
protected void onResolve()
@@ -2107,6 +2118,59 @@ public abstract class AbstractConfigured
}
}
+ protected void forceUpdateAllSecureAttributes()
+ {
+ applyToChildren(new Action<ConfiguredObject<?>>()
+ {
+ @Override
+ public void performAction(final ConfiguredObject<?> object)
+ {
+ if (object instanceof AbstractConfiguredObject)
+ {
+ ((AbstractConfiguredObject) object).forceUpdateAllSecureAttributes();
+ }
+ }
+ });
+ doUpdateSecureAttributes();
+ }
+
+ private void doUpdateSecureAttributes()
+ {
+ Map<String,Object> secureAttributeValues = getSecureAttributeValues();
+ if(!secureAttributeValues.isEmpty())
+ {
+ bulkChangeStart();
+ for (Map.Entry<String, Object> attribute : secureAttributeValues.entrySet())
+ {
+ synchronized (_changeListeners)
+ {
+ List<ConfigurationChangeListener> copy =
+ new ArrayList<>(_changeListeners);
+ for (ConfigurationChangeListener listener : copy)
+ {
+ listener.attributeSet(this, attribute.getKey(), attribute.getValue(), attribute.getValue());
+ }
+ }
+
+ }
+ bulkChangeEnd();
+ }
+ }
+
+ private Map<String,Object> getSecureAttributeValues()
+ {
+ Map<String,Object> secureAttributeValues = new HashMap<>();
+ for (Map.Entry<String, ConfiguredObjectAttribute<?, ?>> attribute : _attributeTypes.entrySet())
+ {
+ if (attribute.getValue().isSecure() && _attributes.containsKey(attribute.getKey()))
+ {
+ secureAttributeValues.put(attribute.getKey(), _attributes.get(attribute.getKey()));
+ }
+ }
+ return secureAttributeValues;
+ }
+
+
private void bulkChangeStart()
{
synchronized (_changeListeners)
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java?rev=1686121&r1=1686120&r2=1686121&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java Wed Jun 17 23:08:58 2015
@@ -104,7 +104,8 @@ public class BrokerAdapter extends Abstr
private boolean _statisticsReportingResetEnabled;
@ManagedAttributeField
private boolean _messageCompressionEnabled;
- @ManagedAttributeField
+
+ @ManagedAttributeField(afterSet = "postEncrypterProviderSet")
private String _confidentialConfigurationEncryptionProvider;
private final boolean _virtualHostPropertiesNodeEnabled;
@@ -131,30 +132,36 @@ public class BrokerAdapter extends Abstr
QpidServiceLoader qpidServiceLoader = new QpidServiceLoader();
final Set<String> systemNodeCreatorTypes = qpidServiceLoader.getInstancesByType(SystemNodeCreator.class).keySet();
_virtualHostPropertiesNodeEnabled = systemNodeCreatorTypes.contains(VirtualHostPropertiesNodeCreator.TYPE);
+ if(attributes.containsKey(CONFIDENTIAL_CONFIGURATION_ENCRYPTION_PROVIDER))
+ {
+ final String encryptionProviderType = String.valueOf(attributes.get(CONFIDENTIAL_CONFIGURATION_ENCRYPTION_PROVIDER));
+ updateEncrypter(encryptionProviderType);
+ }
_messagesDelivered = new StatisticsCounter("messages-delivered");
_dataDelivered = new StatisticsCounter("bytes-delivered");
_messagesReceived = new StatisticsCounter("messages-received");
_dataReceived = new StatisticsCounter("bytes-received");
}
- @Override
- protected void postResolve()
+ private void updateEncrypter(final String encryptionProviderType)
{
- super.postResolve();
- if(_confidentialConfigurationEncryptionProvider != null)
+ if(encryptionProviderType != null && !"".equals(encryptionProviderType.trim()))
{
-
PluggableFactoryLoader<ConfigurationSecretEncrypterFactory> factoryLoader =
new PluggableFactoryLoader<>(ConfigurationSecretEncrypterFactory.class);
- ConfigurationSecretEncrypterFactory factory = factoryLoader.get(_confidentialConfigurationEncryptionProvider);
- if(factory == null)
+ ConfigurationSecretEncrypterFactory factory = factoryLoader.get(encryptionProviderType);
+ if (factory == null)
{
- throw new IllegalConfigurationException("Unknown Configuration Secret Encryption method " + _confidentialConfigurationEncryptionProvider);
+ throw new IllegalConfigurationException("Unknown Configuration Secret Encryption method "
+ + encryptionProviderType);
}
setEncrypter(factory.createEncrypter(this));
}
-
+ else
+ {
+ setEncrypter(null);
+ }
}
@Override
@@ -844,4 +851,11 @@ public class BrokerAdapter extends Abstr
{
return _managementModeAuthenticationProvider;
}
+
+ @SuppressWarnings("unused")
+ private void postEncrypterProviderSet()
+ {
+ updateEncrypter(_confidentialConfigurationEncryptionProvider);
+ forceUpdateAllSecureAttributes();
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org