You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ri...@apache.org on 2008/07/17 18:33:04 UTC
svn commit: r677633 - in /incubator/qpid/trunk/qpid/java/broker: etc/
src/main/java/org/apache/qpid/server/handler/
src/main/java/org/apache/qpid/server/security/auth/
src/main/java/org/apache/qpid/server/security/auth/manager/
Author: ritchiem
Date: Thu Jul 17 09:33:03 2008
New Revision: 677633
URL: http://svn.apache.org/viewvc?rev=677633&view=rev
Log:
QPID-1182 : Added additional logging to identify the exception that caused Authentication to fail.
Modified:
incubator/qpid/trunk/qpid/java/broker/etc/acl.config.xml
incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionSecureOkMethodHandler.java
incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionStartOkMethodHandler.java
incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/AuthenticationResult.java
incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManager.java
Modified: incubator/qpid/trunk/qpid/java/broker/etc/acl.config.xml
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/java/broker/etc/acl.config.xml?rev=677633&r1=677632&r2=677633&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/java/broker/etc/acl.config.xml (original)
+++ incubator/qpid/trunk/qpid/java/broker/etc/acl.config.xml Thu Jul 17 09:33:03 2008
@@ -93,7 +93,7 @@
<queues>
<exchange>amq.direct</exchange>
<!-- 4Mb -->
- <maximumQueueDepth>4235g264</maximumQueueDepth>
+ <maximumQueueDepth>4235264</maximumQueueDepth>
<!-- 2Mb -->
<maximumMessageSize>2117632</maximumMessageSize>
<!-- 10 mins -->
Modified: incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionSecureOkMethodHandler.java
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionSecureOkMethodHandler.java?rev=677633&r1=677632&r2=677633&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionSecureOkMethodHandler.java (original)
+++ incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionSecureOkMethodHandler.java Thu Jul 17 09:33:03 2008
@@ -57,9 +57,6 @@
{
AMQProtocolSession session = stateManager.getProtocolSession();
-
- //fixme Vhost not defined yet
- //session.getVirtualHost().getAuthenticationManager();
AuthenticationManager authMgr = ApplicationRegistry.getInstance().getAuthenticationManager();
SaslServer ss = session.getSaslServer();
@@ -72,11 +69,12 @@
switch (authResult.status)
{
case ERROR:
- // Can't do this as we violate protocol. Need to send Close
- // throw new AMQException(AMQConstant.NOT_ALLOWED.getCode(), AMQConstant.NOT_ALLOWED.getName());
- _logger.info("Authentication failed");
- stateManager.changeState(AMQState.CONNECTION_CLOSING);
+ Exception cause = authResult.getCause();
+ _logger.info("Authentication failed:" + (cause == null ? "" : cause.getMessage()));
+
+ // This should be abstracted
+ stateManager.changeState(AMQState.CONNECTION_CLOSING);
ConnectionCloseBody connectionCloseBody =
methodRegistry.createConnectionCloseBody(AMQConstant.NOT_ALLOWED.getCode(),
@@ -84,7 +82,7 @@
body.getClazz(),
body.getMethod());
- session.writeFrame(connectionCloseBody.generateFrame(0) );
+ session.writeFrame(connectionCloseBody.generateFrame(0));
disposeSaslServer(session);
break;
case SUCCESS:
@@ -96,7 +94,7 @@
ConnectionStartOkMethodHandler.getConfiguredFrameSize(),
HeartbeatConfig.getInstance().getDelay());
session.writeFrame(tuneBody.generateFrame(0));
- session.setAuthorizedID(new UsernamePrincipal(ss.getAuthorizationID()));
+ session.setAuthorizedID(new UsernamePrincipal(ss.getAuthorizationID()));
disposeSaslServer(session);
break;
case CONTINUE:
Modified: incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionStartOkMethodHandler.java
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionStartOkMethodHandler.java?rev=677633&r1=677632&r2=677633&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionStartOkMethodHandler.java (original)
+++ incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionStartOkMethodHandler.java Thu Jul 17 09:33:03 2008
@@ -93,7 +93,10 @@
switch (authResult.status)
{
case ERROR:
- _logger.info("Authentication failed");
+ Exception cause = authResult.getCause();
+
+ _logger.info("Authentication failed:" + (cause == null ? "" : cause.getMessage()));
+
stateManager.changeState(AMQState.CONNECTION_CLOSING);
ConnectionCloseBody closeBody =
Modified: incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/AuthenticationResult.java
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/AuthenticationResult.java?rev=677633&r1=677632&r2=677633&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/AuthenticationResult.java (original)
+++ incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/AuthenticationResult.java Thu Jul 17 09:33:03 2008
@@ -20,6 +20,8 @@
*/
package org.apache.qpid.server.security.auth;
+import javax.security.sasl.SaslException;
+
public class AuthenticationResult
{
public enum AuthenticationStatus
@@ -29,15 +31,33 @@
public AuthenticationStatus status;
public byte[] challenge;
+
+ private Exception cause;
+
+ public AuthenticationResult(AuthenticationStatus status)
+ {
+ this(null, status, null);
+ }
public AuthenticationResult(byte[] challenge, AuthenticationStatus status)
{
+ this(challenge, status, null);
+ }
+
+ public AuthenticationResult(AuthenticationStatus error, Exception cause)
+ {
+ this(null, error, cause);
+ }
+
+ public AuthenticationResult(byte[] challenge, AuthenticationStatus status, Exception cause)
+ {
this.status = status;
this.challenge = challenge;
+ this.cause = cause;
}
- public AuthenticationResult(AuthenticationStatus status)
+ public Exception getCause()
{
- this.status = status;
+ return cause;
}
}
Modified: incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManager.java
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManager.java?rev=677633&r1=677632&r2=677633&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManager.java (original)
+++ incubator/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManager.java Thu Jul 17 09:33:03 2008
@@ -230,12 +230,7 @@
}
catch (SaslException e)
{
- return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR);
+ return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, e);
}
}
-
- public AuthenticationResult isAuthorize(VirtualHost vhost, String username)
- {
- return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR);
- }
}