You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by rg...@apache.org on 2014/02/19 00:07:43 UTC
svn commit: r1569552 [1/2] - in /qpid/trunk/qpid/java:
broker-core/src/main/java/org/apache/qpid/server/exchange/
broker-core/src/main/java/org/apache/qpid/server/message/
broker-core/src/main/java/org/apache/qpid/server/model/adapter/
broker-core/src/...
Author: rgodfrey
Date: Tue Feb 18 23:07:41 2014
New Revision: 1569552
URL: http://svn.apache.org/r1569552
Log:
QPID-5562 : [Java Broker] make all failed ACL checks throw AccessControlException
Removed:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/QpidSecurityException.java
Modified:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/AbstractExchange.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchange.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeFactory.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeRegistry.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/Exchange.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeFactory.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeInitialiser.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeRegistry.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/message/MessageSource.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BindingAdapter.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/ExchangeAdapter.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/GroupProviderAdapter.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/QueueAdapter.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueue.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueueFactory.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/QueueFactory.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/SimpleAMQQueue.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SecurityManager.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/jmx/JMXPasswordAuthenticator.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/BindingRecoverer.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/ExchangeRecoverer.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/QueueRecoverer.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/VirtualHost.java
qpid/trunk/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/FanoutExchangeTest.java
qpid/trunk/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/HeadersExchangeTest.java
qpid/trunk/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/TopicExchangeTest.java
qpid/trunk/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/SimpleAMQQueueTestBase.java
qpid/trunk/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/auth/jmx/JMXPasswordAuthenticatorTest.java
qpid/trunk/qpid/java/broker-core/src/test/java/org/apache/qpid/server/util/BrokerTestHelper.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnectionDelegate.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerSessionDelegate.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQChannel.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicConsumeMethodHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicGetMethodHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicPublishMethodHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ConnectionOpenMethodHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ExchangeDeclareHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ExchangeDeleteHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueBindHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueDeclareHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueDeleteHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueuePurgeHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueUnbindHandler.java
qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/BrokerTestHelper_0_8.java
qpid/trunk/qpid/java/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/SendingLink_1_0.java
qpid/trunk/qpid/java/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/Session_1_0.java
qpid/trunk/qpid/java/broker-plugins/management-amqp/src/main/java/org/apache/qpid/server/management/amqp/ManagementNode.java
qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementUtil.java
qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java
qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java
qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/UserPreferencesServlet.java
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/MBeanInvocationHandlerImpl.java
qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/AbstractExchange.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/AbstractExchange.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/AbstractExchange.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/AbstractExchange.java Tue Feb 18 23:07:41 2014
@@ -22,7 +22,6 @@ package org.apache.qpid.server.exchange;
import java.util.ArrayList;
import org.apache.log4j.Logger;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.binding.Binding;
import org.apache.qpid.server.consumer.Consumer;
import org.apache.qpid.server.logging.LogSubject;
@@ -134,7 +133,7 @@ public abstract class AbstractExchange i
return _autoDelete;
}
- public void close() throws QpidSecurityException
+ public void close()
{
if(_closed.compareAndSet(false,true))
@@ -526,7 +525,6 @@ public abstract class AbstractExchange i
@Override
public boolean addBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments)
- throws QpidSecurityException
{
return makeBinding(null, bindingKey, queue, arguments, false, false);
}
@@ -535,7 +533,6 @@ public abstract class AbstractExchange i
public boolean replaceBinding(final UUID id, final String bindingKey,
final AMQQueue queue,
final Map<String, Object> arguments)
- throws QpidSecurityException
{
return makeBinding(id, bindingKey, queue, arguments, false, true);
}
@@ -543,20 +540,18 @@ public abstract class AbstractExchange i
@Override
public void restoreBinding(final UUID id, final String bindingKey, final AMQQueue queue,
final Map<String, Object> argumentMap)
- throws QpidSecurityException
{
makeBinding(id, bindingKey,queue, argumentMap,true, false);
}
@Override
- public void removeBinding(final Binding b) throws QpidSecurityException
+ public void removeBinding(final Binding b)
{
removeBinding(b.getBindingKey(), b.getQueue(), b.getArguments());
}
@Override
public Binding removeBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments)
- throws QpidSecurityException
{
assert queue != null;
@@ -569,14 +564,8 @@ public abstract class AbstractExchange i
arguments = Collections.emptyMap();
}
- // The default exchange bindings must reflect the existence of queues, allow
- // all operations on it to succeed. It is up to the broker to prevent illegal
- // attempts at binding to this exchange, not the ACLs.
// Check access
- if (!_virtualHost.getSecurityManager().authoriseUnbind(this, bindingKey, queue))
- {
- throw new QpidSecurityException("Permission denied: unbinding " + bindingKey);
- }
+ _virtualHost.getSecurityManager().authoriseUnbind(this, bindingKey, queue);
BindingImpl b = _bindingsMap.remove(new BindingImpl(null, bindingKey,queue,arguments));
@@ -622,7 +611,7 @@ public abstract class AbstractExchange i
AMQQueue queue,
Map<String, Object> arguments,
boolean restore,
- boolean force) throws QpidSecurityException
+ boolean force)
{
assert queue != null;
@@ -636,10 +625,7 @@ public abstract class AbstractExchange i
}
//Perform ACLs
- if (!_virtualHost.getSecurityManager().authoriseBind(AbstractExchange.this, queue, bindingKey))
- {
- throw new QpidSecurityException("Permission denied: binding " + bindingKey);
- }
+ _virtualHost.getSecurityManager().authoriseBind(AbstractExchange.this, queue, bindingKey);
if (id == null)
{
@@ -690,7 +676,7 @@ public abstract class AbstractExchange i
}
- public void onClose(final Exchange exchange) throws QpidSecurityException
+ public void onClose(final Exchange exchange)
{
removeBinding(this);
}
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchange.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchange.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchange.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchange.java Tue Feb 18 23:07:41 2014
@@ -18,6 +18,7 @@
*/
package org.apache.qpid.server.exchange;
+import java.security.AccessControlException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
@@ -27,7 +28,6 @@ import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicBoolean;
import org.apache.log4j.Logger;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.exchange.ExchangeDefaults;
import org.apache.qpid.server.binding.Binding;
import org.apache.qpid.server.consumer.Consumer;
@@ -97,59 +97,55 @@ public class DefaultExchange implements
@Override
public long getByteDrops()
{
- return 0; //To change body of implemented methods use File | Settings | File Templates.
+ return 0;
}
@Override
public long getByteReceives()
{
- return 0; //To change body of implemented methods use File | Settings | File Templates.
+ return 0;
}
@Override
public long getMsgDrops()
{
- return 0; //To change body of implemented methods use File | Settings | File Templates.
+ return 0;
}
@Override
public long getMsgReceives()
{
- return 0; //To change body of implemented methods use File | Settings | File Templates.
+ return 0;
}
@Override
public boolean addBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments)
- throws QpidSecurityException
{
- throw new QpidSecurityException("Cannot add bindings to the default exchange");
+ throw new AccessControlException("Cannot add bindings to the default exchange");
}
@Override
public boolean replaceBinding(UUID id, String bindingKey, AMQQueue queue, Map<String, Object> arguments)
- throws QpidSecurityException
{
- throw new QpidSecurityException("Cannot replace bindings on the default exchange");
+ throw new AccessControlException("Cannot replace bindings on the default exchange");
}
@Override
public void restoreBinding(UUID id, String bindingKey, AMQQueue queue, Map<String, Object> argumentMap)
- throws QpidSecurityException
{
_logger.warn("Bindings to the default exchange should not be stored in the configuration store");
}
@Override
- public void removeBinding(Binding b) throws QpidSecurityException
+ public void removeBinding(Binding b)
{
- throw new QpidSecurityException("Cannot remove bindings to the default exchange");
+ throw new AccessControlException("Cannot remove bindings to the default exchange");
}
@Override
public Binding removeBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments)
- throws QpidSecurityException
{
- throw new QpidSecurityException("Cannot remove bindings to the default exchange");
+ throw new AccessControlException("Cannot remove bindings to the default exchange");
}
@Override
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeFactory.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeFactory.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeFactory.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeFactory.java Tue Feb 18 23:07:41 2014
@@ -22,7 +22,6 @@ package org.apache.qpid.server.exchange;
import org.apache.log4j.Logger;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.exchange.ExchangeDefaults;
import org.apache.qpid.server.model.UUIDGenerator;
import org.apache.qpid.server.plugin.ExchangeType;
@@ -107,7 +106,7 @@ public class DefaultExchangeFactory impl
}
public Exchange createExchange(String exchange, String type, boolean durable, boolean autoDelete)
- throws AMQUnknownExchangeType, QpidSecurityException
+ throws AMQUnknownExchangeType
{
UUID id = UUIDGenerator.generateExchangeUUID(exchange, _host.getName());
@@ -115,14 +114,10 @@ public class DefaultExchangeFactory impl
}
public Exchange createExchange(UUID id, String exchange, String type, boolean durable, boolean autoDelete)
- throws QpidSecurityException, AMQUnknownExchangeType
+ throws AMQUnknownExchangeType
{
// Check access
- if (!_host.getSecurityManager().authoriseCreateExchange(autoDelete, durable, exchange, null, null, null, type))
- {
- String description = "Permission denied: exchange-name '" + exchange + "'";
- throw new QpidSecurityException(description);
- }
+ _host.getSecurityManager().authoriseCreateExchange(autoDelete, durable, exchange, null, null, null, type);
ExchangeType<? extends Exchange> exchType = _exchangeClassMap.get(type);
if (exchType == null)
@@ -136,7 +131,7 @@ public class DefaultExchangeFactory impl
@Override
public Exchange restoreExchange(UUID id, String exchange, String type, boolean autoDelete)
- throws AMQUnknownExchangeType, QpidSecurityException
+ throws AMQUnknownExchangeType
{
return createExchange(id, exchange, type, true, autoDelete);
}
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeRegistry.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeRegistry.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeRegistry.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeRegistry.java Tue Feb 18 23:07:41 2014
@@ -21,7 +21,6 @@
package org.apache.qpid.server.exchange;
import org.apache.log4j.Logger;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.exchange.ExchangeDefaults;
import org.apache.qpid.server.model.UUIDGenerator;
import org.apache.qpid.server.plugin.ExchangeType;
@@ -100,16 +99,13 @@ public class DefaultExchangeRegistry imp
return _defaultExchange;
}
- public boolean unregisterExchange(String name, boolean inUse) throws QpidSecurityException
+ public boolean unregisterExchange(String name, boolean inUse)
{
final Exchange exchange = _exchangeMap.get(name);
if (exchange != null)
{
- if (!_host.getSecurityManager().authoriseDelete(exchange))
- {
- throw new QpidSecurityException();
- }
+ _host.getSecurityManager().authoriseDelete(exchange);
// TODO: check inUse argument
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/Exchange.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/Exchange.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/Exchange.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/Exchange.java Tue Feb 18 23:07:41 2014
@@ -20,7 +20,6 @@
*/
package org.apache.qpid.server.exchange;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.binding.Binding;
import org.apache.qpid.server.message.MessageDestination;
import org.apache.qpid.server.plugin.ExchangeType;
@@ -66,26 +65,22 @@ public interface Exchange extends Exchan
long getMsgReceives();
- boolean addBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments)
- throws QpidSecurityException;
+ boolean addBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments);
boolean replaceBinding(UUID id, String bindingKey,
AMQQueue queue,
- Map<String, Object> arguments)
- throws QpidSecurityException;
+ Map<String, Object> arguments);
void restoreBinding(UUID id, String bindingKey, AMQQueue queue,
- Map<String, Object> argumentMap)
- throws QpidSecurityException;
+ Map<String, Object> argumentMap);
- void removeBinding(Binding b) throws QpidSecurityException;
+ void removeBinding(Binding b);
- Binding removeBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments)
- throws QpidSecurityException;
+ Binding removeBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments);
Binding getBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments);
- void close() throws QpidSecurityException;
+ void close();
/**
* Determines whether a message would be isBound to a particular queue using a specific routing key and arguments
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeFactory.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeFactory.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeFactory.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeFactory.java Tue Feb 18 23:07:41 2014
@@ -21,7 +21,6 @@
package org.apache.qpid.server.exchange;
import org.apache.qpid.server.plugin.ExchangeType;
-import org.apache.qpid.server.security.QpidSecurityException;
import java.util.Collection;
import java.util.UUID;
@@ -35,11 +34,10 @@ public interface ExchangeFactory
Collection<ExchangeType<? extends Exchange>> getPublicCreatableTypes();
Exchange createExchange(String exchange, String type, boolean durable, boolean autoDelete)
- throws AMQUnknownExchangeType, QpidSecurityException;
+ throws AMQUnknownExchangeType;
- Exchange createExchange(UUID id, String exchange, String type, boolean durable, boolean autoDelete) throws AMQUnknownExchangeType,
- QpidSecurityException;
+ Exchange createExchange(UUID id, String exchange, String type, boolean durable, boolean autoDelete) throws AMQUnknownExchangeType;
Exchange restoreExchange(UUID id, String exchange, String type, boolean autoDelete)
- throws AMQUnknownExchangeType, QpidSecurityException;
+ throws AMQUnknownExchangeType;
}
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeInitialiser.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeInitialiser.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeInitialiser.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeInitialiser.java Tue Feb 18 23:07:41 2014
@@ -21,7 +21,6 @@
package org.apache.qpid.server.exchange;
import org.apache.qpid.server.plugin.ExchangeType;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.store.DurableConfigurationStoreHelper;
import org.apache.qpid.server.store.DurableConfigurationStore;
import org.apache.qpid.server.util.ServerScopedRuntimeException;
@@ -52,11 +51,6 @@ public class ExchangeInitialiser
}
}
}
- catch (QpidSecurityException e)
- {
- throw new ServerScopedRuntimeException("Security Exception when attempting to initialise exchanges - " +
- "this is likely a programming error", e);
- }
catch (AMQUnknownExchangeType e)
{
throw new ServerScopedRuntimeException("Unknown exchange type while attempting to initialise exchanges - " +
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeRegistry.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeRegistry.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeRegistry.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeRegistry.java Tue Feb 18 23:07:41 2014
@@ -20,8 +20,6 @@
*/
package org.apache.qpid.server.exchange;
-import org.apache.qpid.server.security.QpidSecurityException;
-
import java.util.Collection;
import java.util.UUID;
@@ -41,7 +39,7 @@ public interface ExchangeRegistry
* @param exchange name of the exchange to delete
* @param ifUnused if true, do NOT delete the exchange if it is in use (has queues bound to it)
*/
- boolean unregisterExchange(String exchange, boolean ifUnused) throws QpidSecurityException;
+ boolean unregisterExchange(String exchange, boolean ifUnused);
void clearAndUnregisterMbeans();
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/message/MessageSource.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/message/MessageSource.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/message/MessageSource.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/message/MessageSource.java Tue Feb 18 23:07:41 2014
@@ -24,8 +24,6 @@ import org.apache.qpid.server.consumer.C
import org.apache.qpid.server.consumer.ConsumerTarget;
import org.apache.qpid.server.filter.FilterManager;
import org.apache.qpid.server.protocol.AMQSessionModel;
-import org.apache.qpid.server.security.AuthorizationHolder;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.store.TransactionLogResource;
import java.util.Collection;
@@ -36,7 +34,7 @@ public interface MessageSource<C extends
<T extends ConsumerTarget> C addConsumer(T target, FilterManager filters,
Class<? extends ServerMessage> messageClass,
String consumerName, EnumSet<Consumer.Option> options)
- throws ExistingExclusiveConsumer, ExistingConsumerPreventsExclusive, QpidSecurityException,
+ throws ExistingExclusiveConsumer, ExistingConsumerPreventsExclusive,
ConsumerAccessRefused;
Collection<C> getConsumers();
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java Tue Feb 18 23:07:41 2014
@@ -472,27 +472,17 @@ public abstract class AuthenticationProv
@Override
public boolean createUser(String username, String password, Map<String, String> attributes)
{
- if(getSecurityManager().authoriseUserOperation(Operation.CREATE, username))
- {
- return getPrincipalDatabase().createPrincipal(new UsernamePrincipal(username), password.toCharArray());
- }
- else
- {
- throw new AccessControlException("Do not have permission to create new user");
- }
+ getSecurityManager().authoriseUserOperation(Operation.CREATE, username);
+ return getPrincipalDatabase().createPrincipal(new UsernamePrincipal(username), password.toCharArray());
+
}
@Override
public void deleteUser(String username) throws AccountNotFoundException
{
- if(getSecurityManager().authoriseUserOperation(Operation.DELETE, username))
- {
- getPrincipalDatabase().deletePrincipal(new UsernamePrincipal(username));
- }
- else
- {
- throw new AccessControlException("Cannot delete user " + username);
- }
+ getSecurityManager().authoriseUserOperation(Operation.DELETE, username);
+ getPrincipalDatabase().deletePrincipal(new UsernamePrincipal(username));
+
}
private SecurityManager getSecurityManager()
@@ -508,14 +498,10 @@ public abstract class AuthenticationProv
@Override
public void setPassword(String username, String password) throws AccountNotFoundException
{
- if(getSecurityManager().authoriseUserOperation(Operation.UPDATE, username))
- {
- getPrincipalDatabase().updatePassword(new UsernamePrincipal(username), password.toCharArray());
- }
- else
- {
- throw new AccessControlException("Do not have permission to set password");
- }
+ getSecurityManager().authoriseUserOperation(Operation.UPDATE, username);
+
+ getPrincipalDatabase().updatePassword(new UsernamePrincipal(username), password.toCharArray());
+
}
@Override
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BindingAdapter.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BindingAdapter.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BindingAdapter.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BindingAdapter.java Tue Feb 18 23:07:41 2014
@@ -26,7 +26,6 @@ import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.model.Binding;
import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.Exchange;
@@ -139,14 +138,7 @@ final class BindingAdapter extends Abstr
public void delete()
{
- try
- {
- _exchange.getExchange().removeBinding(_binding);
- }
- catch(QpidSecurityException e)
- {
- throw new AccessControlException(e.getMessage());
- }
+ _exchange.getExchange().removeBinding(_binding);
}
@Override
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/ExchangeAdapter.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/ExchangeAdapter.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/ExchangeAdapter.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/ExchangeAdapter.java Tue Feb 18 23:07:41 2014
@@ -27,7 +27,6 @@ import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.binding.Binding;
import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.ConfiguredObjectFinder;
@@ -127,28 +126,21 @@ final class ExchangeAdapter extends Abst
{
AMQQueue amqQueue = ((QueueAdapter)queue).getAMQQueue();
- try
+ if(!_exchange.addBinding(bindingKey, amqQueue, bindingArguments))
{
- if(!_exchange.addBinding(bindingKey, amqQueue, bindingArguments))
- {
- Binding oldBinding = _exchange.getBinding(bindingKey, amqQueue, bindingArguments);
+ Binding oldBinding = _exchange.getBinding(bindingKey, amqQueue, bindingArguments);
- Map<String, Object> oldArgs = oldBinding.getArguments();
- if((oldArgs == null && !bindingArguments.isEmpty()) || (oldArgs != null && !oldArgs.equals(bindingArguments)))
- {
- _exchange.replaceBinding(oldBinding.getId(), bindingKey, amqQueue, bindingArguments);
- }
- }
- Binding binding = _exchange.getBinding(bindingKey, amqQueue, bindingArguments);
-
- synchronized (_bindingAdapters)
+ Map<String, Object> oldArgs = oldBinding.getArguments();
+ if((oldArgs == null && !bindingArguments.isEmpty()) || (oldArgs != null && !oldArgs.equals(bindingArguments)))
{
- return binding == null ? null : _bindingAdapters.get(binding);
+ _exchange.replaceBinding(oldBinding.getId(), bindingKey, amqQueue, bindingArguments);
}
}
- catch(QpidSecurityException e)
+ Binding binding = _exchange.getBinding(bindingKey, amqQueue, bindingArguments);
+
+ synchronized (_bindingAdapters)
{
- throw new AccessControlException(e.toString());
+ return binding == null ? null : _bindingAdapters.get(binding);
}
}
@@ -166,10 +158,6 @@ final class ExchangeAdapter extends Abst
{
throw new IllegalStateException(e);
}
- catch (QpidSecurityException e)
- {
- throw new AccessControlException(e.toString());
- }
}
public String getName()
@@ -384,19 +372,13 @@ final class ExchangeAdapter extends Abst
@Override
protected void authoriseSetAttribute(String name, Object expected, Object desired) throws AccessControlException
{
- if (!_vhost.getSecurityManager().authoriseUpdate(_exchange))
- {
- throw new AccessControlException("Setting of exchange attribute is denied");
- }
+ _vhost.getSecurityManager().authoriseUpdate(_exchange);
}
@Override
protected void authoriseSetAttributes(Map<String, Object> attributes) throws AccessControlException
{
- if (!_vhost.getSecurityManager().authoriseUpdate(_exchange))
- {
- throw new AccessControlException("Setting of exchange attributes is denied");
- }
+ _vhost.getSecurityManager().authoriseUpdate(_exchange);
}
private class ExchangeStatistics implements Statistics
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/GroupProviderAdapter.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/GroupProviderAdapter.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/GroupProviderAdapter.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/GroupProviderAdapter.java Tue Feb 18 23:07:41 2014
@@ -209,16 +209,10 @@ public class GroupProviderAdapter extend
{
String groupName = (String) attributes.get(Group.NAME);
- if (getSecurityManager().authoriseGroupOperation(Operation.CREATE, groupName))
- {
+ getSecurityManager().authoriseGroupOperation(Operation.CREATE, groupName);
_groupManager.createGroup(groupName);
return (C) new GroupAdapter(groupName, getTaskExecutor());
- }
- else
- {
- throw new AccessControlException("Do not have permission" +
- " to create new group");
- }
+
}
throw new IllegalArgumentException(
@@ -487,16 +481,11 @@ public class GroupProviderAdapter extend
{
String memberName = (String) attributes.get(GroupMember.NAME);
- if (getSecurityManager().authoriseGroupOperation(Operation.UPDATE, _group))
- {
- _groupManager.addUserToGroup(memberName, _group);
- return (C) new GroupMemberAdapter(memberName, getTaskExecutor());
- }
- else
- {
- throw new AccessControlException("Do not have permission" +
- " to add new group member");
- }
+ getSecurityManager().authoriseGroupOperation(Operation.UPDATE, _group);
+
+ _groupManager.addUserToGroup(memberName, _group);
+ return (C) new GroupMemberAdapter(memberName, getTaskExecutor());
+
}
throw new IllegalArgumentException(
@@ -530,15 +519,9 @@ public class GroupProviderAdapter extend
{
if (desiredState == State.DELETED)
{
- if (getSecurityManager().authoriseGroupOperation(Operation.DELETE, _group))
- {
- _groupManager.removeGroup(_group);
- return true;
- }
- else
- {
- throw new AccessControlException("Do not have permission to delete group");
- }
+ getSecurityManager().authoriseGroupOperation(Operation.DELETE, _group);
+ _groupManager.removeGroup(_group);
+ return true;
}
return false;
@@ -677,15 +660,11 @@ public class GroupProviderAdapter extend
{
if (desiredState == State.DELETED)
{
- if (getSecurityManager().authoriseGroupOperation(Operation.UPDATE, _group))
- {
- _groupManager.removeUserFromGroup(_memberName, _group);
- return true;
- }
- else
- {
- throw new AccessControlException("Do not have permission to remove group member");
- }
+ getSecurityManager().authoriseGroupOperation(Operation.UPDATE, _group);
+
+ _groupManager.removeUserFromGroup(_memberName, _group);
+ return true;
+
}
return false;
}
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/QueueAdapter.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/QueueAdapter.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/QueueAdapter.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/QueueAdapter.java Tue Feb 18 23:07:41 2014
@@ -35,7 +35,6 @@ import org.apache.qpid.server.model.*;
import org.apache.qpid.server.protocol.AMQConnectionModel;
import org.apache.qpid.server.protocol.AMQSessionModel;
import org.apache.qpid.server.queue.*;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.store.DurableConfigurationStoreHelper;
import org.apache.qpid.server.consumer.Consumer;
import org.apache.qpid.server.util.MapValueConverter;
@@ -160,14 +159,7 @@ final class QueueAdapter<Q extends AMQQu
public void delete()
{
- try
- {
- _queue.getVirtualHost().removeQueue(_queue);
- }
- catch (QpidSecurityException e)
- {
- throw new AccessControlException(e.toString());
- }
+ _queue.getVirtualHost().removeQueue(_queue);
}
public String getName()
@@ -771,19 +763,13 @@ final class QueueAdapter<Q extends AMQQu
@Override
protected void authoriseSetAttribute(String name, Object expected, Object desired) throws AccessControlException
{
- if (!_vhost.getSecurityManager().authoriseUpdate(_queue))
- {
- throw new AccessControlException("Setting of queue attribute is denied");
- }
+ _vhost.getSecurityManager().authoriseUpdate(_queue);
}
@Override
protected void authoriseSetAttributes(Map<String, Object> attributes) throws AccessControlException
{
- if (!_vhost.getSecurityManager().authoriseUpdate(_queue))
- {
- throw new AccessControlException("Setting of queue attributes is denied");
- }
+ _vhost.getSecurityManager().authoriseUpdate(_queue);
}
@Override
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java Tue Feb 18 23:07:41 2014
@@ -64,7 +64,6 @@ import org.apache.qpid.server.plugin.Exc
import org.apache.qpid.server.protocol.AMQConnectionModel;
import org.apache.qpid.server.queue.AMQQueue;
import org.apache.qpid.server.queue.ConflationQueue;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.security.SecurityManager;
import org.apache.qpid.server.security.access.Operation;
import org.apache.qpid.server.stats.StatisticsGatherer;
@@ -377,10 +376,6 @@ public final class VirtualHostAdapter ex
{
throw new IllegalArgumentException(e);
}
- catch (QpidSecurityException e)
- {
- throw new AccessControlException(e.toString());
- }
}
public Queue createQueue(Map<String, Object> attributes)
@@ -431,10 +426,6 @@ public final class VirtualHostAdapter ex
{
throw new IllegalArgumentException("Queue with name "+MapValueConverter.getStringAttribute(Queue.NAME,attributes)+" already exists");
}
- catch (QpidSecurityException e)
- {
- throw new AccessControlException(e.toString());
- }
}
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueue.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueue.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueue.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueue.java Tue Feb 18 23:07:41 2014
@@ -21,7 +21,6 @@
package org.apache.qpid.server.queue;
import org.apache.qpid.server.binding.Binding;
-import org.apache.qpid.server.configuration.QueueConfiguration;
import org.apache.qpid.server.exchange.Exchange;
import org.apache.qpid.server.exchange.ExchangeReferrer;
import org.apache.qpid.server.logging.LogSubject;
@@ -31,8 +30,6 @@ import org.apache.qpid.server.model.Excl
import org.apache.qpid.server.model.LifetimePolicy;
import org.apache.qpid.server.protocol.CapacityChecker;
import org.apache.qpid.server.consumer.Consumer;
-import org.apache.qpid.server.security.QpidSecurityException;
-import org.apache.qpid.server.util.Action;
import org.apache.qpid.server.util.Deletable;
import org.apache.qpid.server.virtualhost.VirtualHost;
@@ -96,7 +93,7 @@ public interface AMQQueue<E extends Queu
boolean isDeleted();
- int delete() throws QpidSecurityException;
+ int delete();
void requeue(E entry);
@@ -164,7 +161,7 @@ public interface AMQQueue<E extends Queu
boolean isOverfull();
- long clearQueue() throws QpidSecurityException;
+ long clearQueue();
/**
* Checks the status of messages on the queue, purging expired ones, firing age related alerts etc.
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueueFactory.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueueFactory.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueueFactory.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueueFactory.java Tue Feb 18 23:07:41 2014
@@ -28,7 +28,6 @@ import org.apache.qpid.server.exchange.A
import org.apache.qpid.server.model.ExclusivityPolicy;
import org.apache.qpid.server.model.LifetimePolicy;
import org.apache.qpid.server.protocol.AMQSessionModel;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.exchange.ExchangeDefaults;
import org.apache.qpid.server.configuration.BrokerProperties;
import org.apache.qpid.server.configuration.QueueConfiguration;
@@ -64,7 +63,7 @@ public class AMQQueueFactory implements
}
@Override
- public AMQQueue restoreQueue(Map<String, Object> attributes) throws QpidSecurityException
+ public AMQQueue restoreQueue(Map<String, Object> attributes)
{
return createOrRestoreQueue(null, attributes, false);
@@ -72,13 +71,13 @@ public class AMQQueueFactory implements
@Override
public AMQQueue createQueue(final AMQSessionModel creatingSession,
- Map<String, Object> attributes) throws QpidSecurityException
+ Map<String, Object> attributes)
{
return createOrRestoreQueue(creatingSession, attributes, true);
}
private AMQQueue createOrRestoreQueue(final AMQSessionModel creatingSession, Map<String, Object> attributes,
- boolean createInStore) throws QpidSecurityException
+ boolean createInStore)
{
@@ -179,7 +178,7 @@ public class AMQQueueFactory implements
return queue;
}
- private void createDLQ(final AMQQueue queue) throws QpidSecurityException
+ private void createDLQ(final AMQQueue queue)
{
final String queueName = queue.getName();
final String dlExchangeName = getDeadLetterExchangeName(queueName);
@@ -256,7 +255,7 @@ public class AMQQueueFactory implements
queue.setAlternateExchange(dlExchange);
}
- public AMQQueue createAMQQueueImpl(QueueConfiguration config) throws QpidSecurityException
+ public AMQQueue createAMQQueueImpl(QueueConfiguration config)
{
Map<String, Object> arguments = createQueueAttributesFromConfig(_virtualHost, config);
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/QueueFactory.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/QueueFactory.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/QueueFactory.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/QueueFactory.java Tue Feb 18 23:07:41 2014
@@ -21,16 +21,14 @@
package org.apache.qpid.server.queue;
import java.util.Map;
-import java.util.UUID;
import org.apache.qpid.server.protocol.AMQSessionModel;
-import org.apache.qpid.server.security.QpidSecurityException;
public interface QueueFactory
{
AMQQueue createQueue(final AMQSessionModel creatingSession,
- Map<String, Object> arguments) throws QpidSecurityException;
+ Map<String, Object> arguments);
- AMQQueue restoreQueue(Map<String, Object> arguments) throws QpidSecurityException;
+ AMQQueue restoreQueue(Map<String, Object> arguments);
}
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/SimpleAMQQueue.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/SimpleAMQQueue.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/SimpleAMQQueue.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/SimpleAMQQueue.java Tue Feb 18 23:07:41 2014
@@ -29,11 +29,9 @@ import java.util.concurrent.atomic.Atomi
import java.util.concurrent.atomic.AtomicLong;
import org.apache.log4j.Logger;
-import org.apache.qpid.server.message.MessageSource;
import org.apache.qpid.server.model.ExclusivityPolicy;
import org.apache.qpid.server.model.LifetimePolicy;
import org.apache.qpid.server.protocol.AMQConnectionModel;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.pool.ReferenceCountingExecutorService;
import org.apache.qpid.server.binding.Binding;
import org.apache.qpid.server.configuration.BrokerProperties;
@@ -51,7 +49,6 @@ import org.apache.qpid.server.message.Me
import org.apache.qpid.server.message.ServerMessage;
import org.apache.qpid.server.model.Queue;
import org.apache.qpid.server.protocol.AMQSessionModel;
-import org.apache.qpid.server.security.AuthorizationHolder;
import org.apache.qpid.server.consumer.Consumer;
import org.apache.qpid.server.consumer.ConsumerTarget;
import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
@@ -60,7 +57,6 @@ import org.apache.qpid.server.txn.AutoCo
import org.apache.qpid.server.txn.LocalTransaction;
import org.apache.qpid.server.txn.ServerTransaction;
import org.apache.qpid.server.util.Action;
-import org.apache.qpid.server.util.ConnectionScopedRuntimeException;
import org.apache.qpid.server.util.Deletable;
import org.apache.qpid.server.util.MapValueConverter;
import org.apache.qpid.server.util.ServerScopedRuntimeException;
@@ -437,15 +433,7 @@ abstract class SimpleAMQQueue<E extends
@Override
public void performAction(final Deletable object)
{
- try
- {
- getVirtualHost().removeQueue(SimpleAMQQueue.this);
- }
- catch (QpidSecurityException e)
- {
- throw new ConnectionScopedRuntimeException("Unable to delete a queue even though the queue's " +
- "lifetime was tied to an object being deleted");
- }
+ getVirtualHost().removeQueue(SimpleAMQQueue.this);
}
};
@@ -583,15 +571,12 @@ abstract class SimpleAMQQueue<E extends
final Class<? extends ServerMessage> messageClass,
final String consumerName,
EnumSet<Consumer.Option> optionSet)
- throws ExistingExclusiveConsumer, ExistingConsumerPreventsExclusive, QpidSecurityException,
+ throws ExistingExclusiveConsumer, ExistingConsumerPreventsExclusive,
ConsumerAccessRefused
{
// Access control
- if (!getVirtualHost().getSecurityManager().authoriseConsume(this))
- {
- throw new QpidSecurityException("Permission denied");
- }
+ getVirtualHost().getSecurityManager().authoriseConsume(this);
if (hasExclusiveConsumer())
@@ -777,14 +762,7 @@ abstract class SimpleAMQQueue<E extends
_logger.info("Auto-deleting queue:" + this);
}
- try
- {
- getVirtualHost().removeQueue(this);
- }
- catch (QpidSecurityException e)
- {
- throw new ConnectionScopedRuntimeException("Auto delete queue unable to delete itself", e);
- }
+ getVirtualHost().removeQueue(this);
// we need to manually fire the event to the removed consumer (which was the last one left for this
// queue. This is because the delete method uses the consumer set which has just been cleared
@@ -1440,11 +1418,6 @@ abstract class SimpleAMQQueue<E extends
}
- public void purge(final long request) throws QpidSecurityException
- {
- clear(request);
- }
-
public long getCreateTime()
{
return _createTime;
@@ -1452,18 +1425,15 @@ abstract class SimpleAMQQueue<E extends
// ------ Management functions
- public long clearQueue() throws QpidSecurityException
+ public long clearQueue()
{
return clear(0l);
}
- private long clear(final long request) throws QpidSecurityException
+ private long clear(final long request)
{
//Perform ACLs
- if (!getVirtualHost().getSecurityManager().authorisePurge(this))
- {
- throw new QpidSecurityException("Permission denied: queue " + getName());
- }
+ getVirtualHost().getSecurityManager().authorisePurge(this);
QueueEntryIterator<E,Q,L,QueueConsumer<?,E,Q,L>> queueListIterator = _entries.iterator();
long count = 0;
@@ -1526,13 +1496,10 @@ abstract class SimpleAMQQueue<E extends
}
// TODO list all thrown exceptions
- public int delete() throws QpidSecurityException
+ public int delete()
{
// Check access
- if (!_virtualHost.getSecurityManager().authoriseDelete(this))
- {
- throw new QpidSecurityException("Permission denied: " + getName());
- }
+ _virtualHost.getSecurityManager().authoriseDelete(this);
if (!_deleted.getAndSet(true))
{
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SecurityManager.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SecurityManager.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SecurityManager.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SecurityManager.java Tue Feb 18 23:07:41 2014
@@ -56,6 +56,7 @@ import static org.apache.qpid.server.sec
import javax.security.auth.Subject;
import java.net.SocketAddress;
+import java.security.AccessControlException;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
@@ -289,20 +290,26 @@ public class SecurityManager implements
return true;
}
- public boolean authoriseBind(final Exchange exch, final AMQQueue queue, final String routingKey)
+ public void authoriseBind(final Exchange exch, final AMQQueue queue, final String routingKey)
{
- return checkAllPlugins(new AccessCheck()
+ boolean allowed =
+ checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(BIND, EXCHANGE, new ObjectProperties(exch, queue, routingKey));
}
});
+
+ if(!allowed)
+ {
+ throw new AccessControlException("Permission denied: binding " + routingKey);
+ }
}
- public boolean authoriseMethod(final Operation operation, final String componentName, final String methodName)
+ public void authoriseMethod(final Operation operation, final String componentName, final String methodName)
{
- return checkAllPlugins(new AccessCheck()
+ boolean allowed = checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
@@ -316,132 +323,176 @@ public class SecurityManager implements
return plugin.authorise(operation, METHOD, properties);
}
});
+ if(!allowed)
+ {
+ throw new AccessControlException("Permission denied: " + operation.name() + " " + methodName);
+ }
}
- public boolean accessManagement()
+ public void accessManagement()
{
- return checkAllPlugins(new AccessCheck()
+ if(!checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.access(ObjectType.MANAGEMENT, null);
}
- });
+ }))
+ {
+ throw new AccessControlException("User not authorised for management");
+ }
}
- public boolean accessVirtualhost(final String vhostname, final SocketAddress remoteAddress)
+ public void accessVirtualhost(final String vhostname, final SocketAddress remoteAddress)
{
- return checkAllPlugins(new AccessCheck()
+ if(!checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.access(VIRTUALHOST, remoteAddress);
}
- });
+ }))
+ {
+ throw new AccessControlException("Permission denied: " + vhostname);
+ }
}
- public boolean authoriseConsume(final AMQQueue queue)
+ public void authoriseConsume(final AMQQueue queue)
{
- return checkAllPlugins(new AccessCheck()
+ if(!checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(CONSUME, QUEUE, new ObjectProperties(queue));
}
- });
+ }))
+ {
+ throw new AccessControlException("Permission denied: consume from queue '" + queue.getName() + "'.");
+ }
}
- public boolean authoriseCreateExchange(final Boolean autoDelete, final Boolean durable, final String exchangeName,
- final Boolean internal, final Boolean nowait, final Boolean passive, final String exchangeType)
+ public void authoriseCreateExchange(final Boolean autoDelete,
+ final Boolean durable,
+ final String exchangeName,
+ final Boolean internal,
+ final Boolean nowait,
+ final Boolean passive,
+ final String exchangeType)
{
- return checkAllPlugins(new AccessCheck()
+ if(!checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(CREATE, EXCHANGE, new ObjectProperties(autoDelete, durable, exchangeName,
internal, nowait, passive, exchangeType));
}
- });
+ }))
+ {
+ throw new AccessControlException("Permission denied: exchange-name '" + exchangeName + "'");
+ }
}
- public boolean authoriseCreateQueue(final Boolean autoDelete, final Boolean durable, final Boolean exclusive,
+ public void authoriseCreateQueue(final Boolean autoDelete, final Boolean durable, final Boolean exclusive,
final Boolean nowait, final Boolean passive, final String queueName, final String owner)
{
- return checkAllPlugins(new AccessCheck()
+ if(! checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(CREATE, QUEUE, new ObjectProperties(autoDelete, durable, exclusive, nowait, passive, queueName, owner));
}
- });
+ }))
+ {
+ throw new AccessControlException("Permission denied: queue-name '" + queueName + "'");
+ }
}
- public boolean authoriseDelete(final AMQQueue queue)
+ public void authoriseDelete(final AMQQueue queue)
{
- return checkAllPlugins(new AccessCheck()
+ if(!checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(DELETE, QUEUE, new ObjectProperties(queue));
}
- });
+ }))
+ {
+ throw new AccessControlException("Permission denied, delete queue: " + queue.getName());
+ }
}
- public boolean authoriseUpdate(final AMQQueue queue)
+ public void authoriseUpdate(final AMQQueue queue)
{
- return checkAllPlugins(new AccessCheck()
+ if(!checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(UPDATE, QUEUE, new ObjectProperties(queue));
}
- });
+ }))
+ {
+ throw new AccessControlException("Permission denied: update queue: " + queue.getName());
+ }
}
- public boolean authoriseUpdate(final Exchange exchange)
+ public void authoriseUpdate(final Exchange exchange)
{
- return checkAllPlugins(new AccessCheck()
+ if(!checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(UPDATE, EXCHANGE, new ObjectProperties(exchange.getName()));
}
- });
+ }))
+ {
+ throw new AccessControlException("Permission denied: update exchange: " + exchange.getName());
+ }
}
- public boolean authoriseDelete(final Exchange exchange)
+ public void authoriseDelete(final Exchange exchange)
{
- return checkAllPlugins(new AccessCheck()
+ if(! checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(DELETE, EXCHANGE, new ObjectProperties(exchange.getName()));
}
- });
+ }))
+ {
+ throw new AccessControlException("Permission denied, delete exchange: '" + exchange.getName() + "'");
+ }
}
- public boolean authoriseGroupOperation(final Operation operation, final String groupName)
+ public void authoriseGroupOperation(final Operation operation, final String groupName)
{
- return checkAllPlugins(new AccessCheck()
+ if(!checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(operation, GROUP, new ObjectProperties(groupName));
}
- });
+ }))
+ {
+ throw new AccessControlException("Do not have permission" +
+ " to perform the " + operation + " on the group " + groupName);
+ }
}
- public boolean authoriseUserOperation(final Operation operation, final String userName)
+ public void authoriseUserOperation(final Operation operation, final String userName)
{
- return checkAllPlugins(new AccessCheck()
+ if(! checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(operation, USER, new ObjectProperties(userName));
}
- });
+ }))
+ {
+ throw new AccessControlException("Do not have permission" +
+ " to perform the " + operation + " on the user " + userName);
+ }
}
private ConcurrentHashMap<String, ConcurrentHashMap<String, PublishAccessCheck>> _immediatePublishPropsCache
@@ -449,7 +500,7 @@ public class SecurityManager implements
private ConcurrentHashMap<String, ConcurrentHashMap<String, PublishAccessCheck>> _publishPropsCache
= new ConcurrentHashMap<String, ConcurrentHashMap<String, PublishAccessCheck>>();
- public boolean authorisePublish(final boolean immediate, String routingKey, String exchangeName)
+ public void authorisePublish(final boolean immediate, String routingKey, String exchangeName)
{
if(routingKey == null)
{
@@ -477,29 +528,38 @@ public class SecurityManager implements
exchangeMap.put(routingKey, check);
}
- return checkAllPlugins(check);
+ if(!checkAllPlugins(check))
+ {
+ throw new AccessControlException("Permission denied, publish to: exchange-name '" + exchangeName + "'");
+ }
}
- public boolean authorisePurge(final AMQQueue queue)
+ public void authorisePurge(final AMQQueue queue)
{
- return checkAllPlugins(new AccessCheck()
+ if(!checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(PURGE, QUEUE, new ObjectProperties(queue));
}
- });
+ }))
+ {
+ throw new AccessControlException("Permission denied: queue " + queue.getName());
+ }
}
- public boolean authoriseUnbind(final Exchange exch, final String routingKey, final AMQQueue queue)
+ public void authoriseUnbind(final Exchange exch, final String routingKey, final AMQQueue queue)
{
- return checkAllPlugins(new AccessCheck()
+ if(! checkAllPlugins(new AccessCheck()
{
Result allowed(AccessControl plugin)
{
return plugin.authorise(UNBIND, EXCHANGE, new ObjectProperties(exch, queue, routingKey));
}
- });
+ }))
+ {
+ throw new AccessControlException("Permission denied: unbinding " + routingKey);
+ }
}
public static boolean setAccessChecksDisabled(final boolean status)
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/jmx/JMXPasswordAuthenticator.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/jmx/JMXPasswordAuthenticator.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/jmx/JMXPasswordAuthenticator.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/jmx/JMXPasswordAuthenticator.java Tue Feb 18 23:07:41 2014
@@ -38,7 +38,6 @@ public class JMXPasswordAuthenticator im
static final String SHOULD_HAVE_2_ELEMENTS = "User details should have 2 elements, username, password";
static final String SHOULD_BE_NON_NULL = "Supplied username and password should be non-null";
static final String INVALID_CREDENTIALS = "Invalid user details supplied";
- static final String USER_NOT_AUTHORISED_FOR_MANAGEMENT = "User not authorised for management";
static final String CREDENTIALS_REQUIRED = "User details are required. " +
"Please ensure you are using an up to date management console to connect.";
@@ -121,10 +120,7 @@ public class JMXPasswordAuthenticator im
SecurityManager.setThreadSubject(authenticatedSubject);
try
{
- if (!_broker.getSecurityManager().accessManagement())
- {
- throw new SecurityException(USER_NOT_AUTHORISED_FOR_MANAGEMENT);
- }
+ _broker.getSecurityManager().accessManagement();
}
finally
{
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java Tue Feb 18 23:07:41 2014
@@ -38,7 +38,6 @@ import org.apache.qpid.server.exchange.A
import org.apache.qpid.server.model.ExclusivityPolicy;
import org.apache.qpid.server.model.LifetimePolicy;
import org.apache.qpid.server.model.Queue;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.configuration.ExchangeConfiguration;
import org.apache.qpid.server.configuration.QueueConfiguration;
import org.apache.qpid.server.configuration.VirtualHostConfiguration;
@@ -73,7 +72,6 @@ import org.apache.qpid.server.store.Dura
import org.apache.qpid.server.store.DurableConfiguredObjectRecoverer;
import org.apache.qpid.server.store.Event;
import org.apache.qpid.server.store.EventListener;
-import org.apache.qpid.server.store.MessageStore;
import org.apache.qpid.server.txn.DtxRegistry;
import org.apache.qpid.server.util.MapValueConverter;
import org.apache.qpid.server.util.ServerScopedRuntimeException;
@@ -313,10 +311,6 @@ public abstract class AbstractVirtualHos
{
configureExchange(config.getExchangeConfiguration(exchangeName));
}
- catch (QpidSecurityException e)
- {
- throw new ServerScopedRuntimeException("Could not configure exchange " + exchangeName, e);
- }
catch (UnknownExchangeException e)
{
throw new ServerScopedRuntimeException("Could not configure exchange " + exchangeName, e);
@@ -344,15 +338,11 @@ public abstract class AbstractVirtualHos
{
throw new ServerScopedRuntimeException("Could not configure queue " + queueName, e);
}
- catch (QpidSecurityException e)
- {
- throw new ServerScopedRuntimeException("Could not configure queue " + queueName, e);
- }
}
}
private void configureExchange(ExchangeConfiguration exchangeConfiguration)
- throws QpidSecurityException, UnknownExchangeException, ReservedExchangeNameException,
+ throws UnknownExchangeException, ReservedExchangeNameException,
AMQUnknownExchangeType
{
boolean durable = exchangeConfiguration.getDurable();
@@ -370,7 +360,7 @@ public abstract class AbstractVirtualHos
}
private void configureQueue(QueueConfiguration queueConfiguration)
- throws ConfigurationException, QpidSecurityException
+ throws ConfigurationException
{
AMQQueue queue = _queueFactory.createAMQQueueImpl(queueConfiguration);
String queueName = queue.getName();
@@ -421,7 +411,6 @@ public abstract class AbstractVirtualHos
}
private void configureBinding(AMQQueue queue, Exchange exchange, String routingKey, Map<String,Object> arguments)
- throws QpidSecurityException
{
if (_logger.isInfoEnabled())
{
@@ -528,7 +517,7 @@ public abstract class AbstractVirtualHos
}
@Override
- public int removeQueue(AMQQueue queue) throws QpidSecurityException
+ public int removeQueue(AMQQueue queue)
{
synchronized (getQueueRegistry())
{
@@ -547,7 +536,7 @@ public abstract class AbstractVirtualHos
}
}
- public AMQQueue createQueue(final AMQSessionModel creatingSession, Map<String, Object> attributes) throws QpidSecurityException, QueueExistsException
+ public AMQQueue createQueue(final AMQSessionModel creatingSession, Map<String, Object> attributes) throws QueueExistsException
{
// make a copy as we may augment (with an ID for example)
attributes = new LinkedHashMap<String, Object>(attributes);
@@ -562,17 +551,13 @@ public abstract class AbstractVirtualHos
String owner = MapValueConverter.getStringAttribute(Queue.OWNER, attributes, null);
// Access check
- if (!getSecurityManager().authoriseCreateQueue(autoDelete,
- durable,
- exclusive != null && exclusive != ExclusivityPolicy.NONE,
- null,
- null,
- queueName,
- owner))
- {
- String description = "Permission denied: queue-name '" + queueName + "'";
- throw new QpidSecurityException(description);
- }
+ getSecurityManager().authoriseCreateQueue(autoDelete,
+ durable,
+ exclusive != null && exclusive != ExclusivityPolicy.NONE,
+ null,
+ null,
+ queueName,
+ owner);
synchronized (_queueRegistry)
{
@@ -650,7 +635,7 @@ public abstract class AbstractVirtualHos
boolean durable,
boolean autoDelete,
String alternateExchangeName)
- throws QpidSecurityException, ExchangeExistsException, ReservedExchangeNameException,
+ throws ExchangeExistsException, ReservedExchangeNameException,
UnknownExchangeException, AMQUnknownExchangeType
{
synchronized (_exchangeRegistry)
@@ -698,7 +683,7 @@ public abstract class AbstractVirtualHos
@Override
public void removeExchange(Exchange exchange, boolean force)
- throws QpidSecurityException, ExchangeIsAlternateException, RequiredExchangeException
+ throws ExchangeIsAlternateException, RequiredExchangeException
{
if(exchange.hasReferrers())
{
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/BindingRecoverer.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/BindingRecoverer.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/BindingRecoverer.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/BindingRecoverer.java Tue Feb 18 23:07:41 2014
@@ -30,11 +30,9 @@ import org.apache.qpid.server.exchange.E
import org.apache.qpid.server.exchange.ExchangeRegistry;
import org.apache.qpid.server.model.Queue;
import org.apache.qpid.server.queue.AMQQueue;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.store.AbstractDurableConfiguredObjectRecoverer;
import org.apache.qpid.server.store.UnresolvedDependency;
import org.apache.qpid.server.store.UnresolvedObject;
-import org.apache.qpid.server.util.ServerScopedRuntimeException;
public class BindingRecoverer extends AbstractDurableConfiguredObjectRecoverer<Binding>
{
@@ -108,23 +106,14 @@ public class BindingRecoverer extends Ab
@Override
public Binding resolve()
{
- try
+ if(_exchange.getBinding(_bindingName, _queue, _bindingArgumentsMap) == null)
{
- if(_exchange.getBinding(_bindingName, _queue, _bindingArgumentsMap) == null)
- {
- _logger.info("Restoring binding: (Exchange: " + _exchange.getName() + ", Queue: " + _queue.getName()
- + ", Routing Key: " + _bindingName + ", Arguments: " + _bindingArgumentsMap + ")");
-
- _exchange.restoreBinding(_bindingId, _bindingName, _queue, _bindingArgumentsMap);
- }
- return _exchange.getBinding(_bindingName, _queue, _bindingArgumentsMap);
- }
- catch (QpidSecurityException e)
- {
- throw new ServerScopedRuntimeException("Security Exception thrown when recovering. The recovery " +
- "thread should not be bound by permissions, this is likely " +
- "a programming error.",e);
+ _logger.info("Restoring binding: (Exchange: " + _exchange.getName() + ", Queue: " + _queue.getName()
+ + ", Routing Key: " + _bindingName + ", Arguments: " + _bindingArgumentsMap + ")");
+
+ _exchange.restoreBinding(_bindingId, _bindingName, _queue, _bindingArgumentsMap);
}
+ return _exchange.getBinding(_bindingName, _queue, _bindingArgumentsMap);
}
private class QueueDependency implements UnresolvedDependency<AMQQueue>
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/ExchangeRecoverer.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/ExchangeRecoverer.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/ExchangeRecoverer.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/ExchangeRecoverer.java Tue Feb 18 23:07:41 2014
@@ -27,7 +27,6 @@ import org.apache.qpid.server.exchange.E
import org.apache.qpid.server.exchange.ExchangeFactory;
import org.apache.qpid.server.exchange.ExchangeRegistry;
import org.apache.qpid.server.model.LifetimePolicy;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.store.AbstractDurableConfiguredObjectRecoverer;
import org.apache.qpid.server.store.UnresolvedDependency;
import org.apache.qpid.server.store.UnresolvedObject;
@@ -82,16 +81,6 @@ public class ExchangeRecoverer extends A
_exchange = _exchangeFactory.restoreExchange(id, exchangeName, exchangeType, autoDelete);
_exchangeRegistry.registerExchange(_exchange);
}
- }/*
- catch (AMQException e)
- {
- throw new RuntimeException("Error recovering exchange uuid " + id + " name " + exchangeName, e);
- }*/
- catch (QpidSecurityException e)
- {
- throw new ServerScopedRuntimeException("Security Exception thrown when recovering. The recovery " +
- "thread should not be bound by permissions, this is likely " +
- "a programming error.",e);
}
catch (AMQUnknownExchangeType e)
{
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/QueueRecoverer.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/QueueRecoverer.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/QueueRecoverer.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/QueueRecoverer.java Tue Feb 18 23:07:41 2014
@@ -31,11 +31,9 @@ import org.apache.qpid.server.exchange.E
import org.apache.qpid.server.model.Queue;
import org.apache.qpid.server.queue.AMQQueue;
import org.apache.qpid.server.queue.QueueFactory;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.store.AbstractDurableConfiguredObjectRecoverer;
import org.apache.qpid.server.store.UnresolvedDependency;
import org.apache.qpid.server.store.UnresolvedObject;
-import org.apache.qpid.server.util.ServerScopedRuntimeException;
public class QueueRecoverer extends AbstractDurableConfiguredObjectRecoverer<AMQQueue>
{
@@ -105,26 +103,17 @@ public class QueueRecoverer extends Abst
{
String queueName = (String) _attributes.get(Queue.NAME);
- try
+ _queue = _virtualHost.getQueue(_id);
+ if(_queue == null)
{
- _queue = _virtualHost.getQueue(_id);
- if(_queue == null)
- {
- _queue = _virtualHost.getQueue(queueName);
- }
-
- if (_queue == null)
- {
- Map<String, Object> attributes = new LinkedHashMap<String, Object>(_attributes);
- attributes.put(Queue.ID, _id);
- _queue = _queueFactory.restoreQueue(attributes);
- }
+ _queue = _virtualHost.getQueue(queueName);
}
- catch (QpidSecurityException e)
+
+ if (_queue == null)
{
- throw new ServerScopedRuntimeException("Security Exception thrown when recovering. The recovery " +
- "thread should not be bound by permissions, this is likely " +
- "a programming error.",e);
+ Map<String, Object> attributes = new LinkedHashMap<String, Object>(_attributes);
+ attributes.put(Queue.ID, _id);
+ _queue = _queueFactory.restoreQueue(attributes);
}
return _queue;
}
Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/VirtualHost.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/VirtualHost.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/VirtualHost.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/VirtualHost.java Tue Feb 18 23:07:41 2014
@@ -36,7 +36,6 @@ import org.apache.qpid.server.plugin.Exc
import org.apache.qpid.server.protocol.AMQSessionModel;
import org.apache.qpid.server.protocol.LinkRegistry;
import org.apache.qpid.server.queue.AMQQueue;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.server.security.SecurityManager;
import org.apache.qpid.server.stats.StatisticsGatherer;
import org.apache.qpid.server.store.DurableConfigurationStore;
@@ -58,9 +57,9 @@ public interface VirtualHost extends Dur
Collection<AMQQueue> getQueues();
- int removeQueue(AMQQueue queue) throws QpidSecurityException;
+ int removeQueue(AMQQueue queue);
- AMQQueue createQueue(final AMQSessionModel creatingSession, Map<String, Object> arguments) throws QueueExistsException, QpidSecurityException;
+ AMQQueue createQueue(final AMQSessionModel creatingSession, Map<String, Object> arguments) throws QueueExistsException;
Exchange createExchange(UUID id,
@@ -69,10 +68,10 @@ public interface VirtualHost extends Dur
boolean durable,
boolean autoDelete,
String alternateExchange)
- throws QpidSecurityException, ExchangeExistsException, ReservedExchangeNameException,
+ throws ExchangeExistsException, ReservedExchangeNameException,
UnknownExchangeException, AMQUnknownExchangeType;
- void removeExchange(Exchange exchange, boolean force) throws QpidSecurityException, ExchangeIsAlternateException,
+ void removeExchange(Exchange exchange, boolean force) throws ExchangeIsAlternateException,
RequiredExchangeException;
MessageDestination getMessageDestination(String name);
Modified: qpid/trunk/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/FanoutExchangeTest.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/FanoutExchangeTest.java?rev=1569552&r1=1569551&r2=1569552&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/FanoutExchangeTest.java (original)
+++ qpid/trunk/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/FanoutExchangeTest.java Tue Feb 18 23:07:41 2014
@@ -20,9 +20,7 @@
*/
package org.apache.qpid.server.exchange;
-import static org.mockito.Matchers.any;
import static org.mockito.Matchers.anySet;
-import static org.mockito.Matchers.anyString;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@@ -33,7 +31,6 @@ import java.util.Set;
import java.util.UUID;
import junit.framework.TestCase;
-import org.apache.qpid.server.security.QpidSecurityException;
import org.apache.qpid.common.AMQPFilterTypes;
import org.apache.qpid.server.logging.LogActor;
import org.apache.qpid.server.logging.actors.CurrentActor;
@@ -60,8 +57,6 @@ public class FanoutExchangeTest extends
_virtualHost = mock(VirtualHost.class);
SecurityManager securityManager = mock(SecurityManager.class);
when(_virtualHost.getSecurityManager()).thenReturn(securityManager);
- when(securityManager.authoriseBind(any(Exchange.class), any(AMQQueue.class), anyString())).thenReturn(true);
- when(securityManager.authoriseUnbind(any(Exchange.class), anyString(), any(AMQQueue.class))).thenReturn(true);
_exchange.initialise(UUID.randomUUID(), _virtualHost, "test", false, false);
}
@@ -83,28 +78,28 @@ public class FanoutExchangeTest extends
assertFalse("calling isBound(AMQQueue) with null queue should return false", _exchange.isBound((AMQQueue) null));
}
- public void testIsBoundStringMapAMQQueue() throws QpidSecurityException
+ public void testIsBoundStringMapAMQQueue()
{
AMQQueue queue = bindQueue();
assertTrue("Should return true for a bound queue",
_exchange.isBound("matters", null, queue));
}
- public void testIsBoundStringAMQQueue() throws QpidSecurityException
+ public void testIsBoundStringAMQQueue()
{
AMQQueue queue = bindQueue();
assertTrue("Should return true for a bound queue",
_exchange.isBound("matters", queue));
}
- public void testIsBoundAMQQueue() throws QpidSecurityException
+ public void testIsBoundAMQQueue()
{
AMQQueue queue = bindQueue();
assertTrue("Should return true for a bound queue",
_exchange.isBound(queue));
}
- private AMQQueue bindQueue() throws QpidSecurityException
+ private AMQQueue bindQueue()
{
AMQQueue queue = mockQueue();
_exchange.addBinding("matters", queue, null);
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org