You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2013/02/19 10:35:33 UTC
svn commit: r1447646 [2/16] - in /qpid/trunk/qpid/java: ./ bdbstore/
bdbstore/jmx/src/main/java/org/apache/qpid/server/store/berkeleydb/jmx/
bdbstore/jmx/src/test/java/org/apache/qpid/server/store/berkeleydb/
bdbstore/src/main/java/org/apache/qpid/serv...
Modified: qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java Tue Feb 19 09:35:28 2013
@@ -32,9 +32,9 @@ import java.util.List;
import java.util.Map;
import java.util.Stack;
-import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
+import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.security.access.ObjectType;
import org.apache.qpid.server.security.access.Operation;
import org.apache.qpid.server.security.access.Permission;
@@ -73,7 +73,7 @@ public class PlainConfiguration extends
}
@Override
- public RuleSet load() throws ConfigurationException
+ public RuleSet load()
{
RuleSet ruleSet = super.load();
@@ -127,7 +127,7 @@ public class PlainConfiguration extends
stack.removeElementAt(0);
if (stack.isEmpty())
{
- throw new ConfigurationException(String.format(NOT_ENOUGH_TOKENS_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(NOT_ENOUGH_TOKENS_MSG, getLine()));
}
// check for and parse optional initial number for ACL lines
@@ -148,7 +148,7 @@ public class PlainConfiguration extends
{
if(StringUtils.equalsIgnoreCase("GROUP", first))
{
- throw new ConfigurationException(String.format("GROUP keyword not supported. Groups should defined via a Group Provider, not in the ACL file.", getLine()));
+ throw new IllegalConfigurationException(String.format("GROUP keyword not supported. Groups should defined via a Group Provider, not in the ACL file.", getLine()));
}
else if (StringUtils.equalsIgnoreCase(CONFIG, first))
{
@@ -156,12 +156,12 @@ public class PlainConfiguration extends
}
else
{
- throw new ConfigurationException(String.format(UNRECOGNISED_INITIAL_MSG, first, getLine()));
+ throw new IllegalConfigurationException(String.format(UNRECOGNISED_INITIAL_MSG, first, getLine()));
}
}
else
{
- throw new ConfigurationException(String.format(NUMBER_NOT_ALLOWED_MSG, first, getLine()));
+ throw new IllegalConfigurationException(String.format(NUMBER_NOT_ALLOWED_MSG, first, getLine()));
}
// reset stack, start next line
@@ -183,7 +183,7 @@ public class PlainConfiguration extends
}
// invalid location for continuation character (add one to line beacuse we ate the EOL)
- throw new ConfigurationException(String.format(PREMATURE_CONTINUATION_MSG, getLine() + 1));
+ throw new IllegalConfigurationException(String.format(PREMATURE_CONTINUATION_MSG, getLine() + 1));
}
else if (_st.ttype == '\'' || _st.ttype == '"')
{
@@ -198,20 +198,20 @@ public class PlainConfiguration extends
if (!stack.isEmpty())
{
- throw new ConfigurationException(String.format(PREMATURE_EOF_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PREMATURE_EOF_MSG, getLine()));
}
}
catch (IllegalArgumentException iae)
{
- throw new ConfigurationException(String.format(PARSE_TOKEN_FAILED_MSG, getLine()), iae);
+ throw new IllegalConfigurationException(String.format(PARSE_TOKEN_FAILED_MSG, getLine()), iae);
}
catch (FileNotFoundException fnfe)
{
- throw new ConfigurationException(String.format(CONFIG_NOT_FOUND_MSG, file.getName()), fnfe);
+ throw new IllegalConfigurationException(String.format(CONFIG_NOT_FOUND_MSG, file.getName()), fnfe);
}
catch (IOException ioe)
{
- throw new ConfigurationException(String.format(CANNOT_LOAD_MSG, file.getName()), ioe);
+ throw new IllegalConfigurationException(String.format(CANNOT_LOAD_MSG, file.getName()), ioe);
}
finally
{
@@ -223,7 +223,7 @@ public class PlainConfiguration extends
}
catch (IOException e)
{
- throw new ConfigurationException(String.format(CANNOT_CLOSE_MSG, file.getName()), e);
+ throw new IllegalConfigurationException(String.format(CANNOT_CLOSE_MSG, file.getName()), e);
}
}
}
@@ -232,11 +232,11 @@ public class PlainConfiguration extends
return ruleSet;
}
- private void parseAcl(Integer number, List<String> args) throws ConfigurationException
+ private void parseAcl(Integer number, List<String> args)
{
if (args.size() < 3)
{
- throw new ConfigurationException(String.format(NOT_ENOUGH_ACL_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(NOT_ENOUGH_ACL_MSG, getLine()));
}
Permission permission = Permission.parse(args.get(0));
@@ -245,7 +245,7 @@ public class PlainConfiguration extends
if (number != null && !getConfiguration().isValidNumber(number))
{
- throw new ConfigurationException(String.format(BAD_ACL_RULE_NUMBER_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(BAD_ACL_RULE_NUMBER_MSG, getLine()));
}
if (args.size() == 3)
@@ -261,11 +261,11 @@ public class PlainConfiguration extends
}
}
- private void parseConfig(List<String> args) throws ConfigurationException
+ private void parseConfig(List<String> args)
{
if (args.size() < 3)
{
- throw new ConfigurationException(String.format(NOT_ENOUGH_CONFIG_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(NOT_ENOUGH_CONFIG_MSG, getLine()));
}
Map<String, Boolean> properties = toPluginProperties(args);
@@ -273,7 +273,7 @@ public class PlainConfiguration extends
getConfiguration().configure(properties);
}
- private AclRulePredicates toRulePredicates(List<String> args) throws ConfigurationException
+ private AclRulePredicates toRulePredicates(List<String> args)
{
AclRulePredicates predicates = new AclRulePredicates();
Iterator<String> i = args.iterator();
@@ -282,15 +282,15 @@ public class PlainConfiguration extends
String key = i.next();
if (!i.hasNext())
{
- throw new ConfigurationException(String.format(PROPERTY_KEY_ONLY_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_KEY_ONLY_MSG, getLine()));
}
if (!"=".equals(i.next()))
{
- throw new ConfigurationException(String.format(PROPERTY_NO_EQUALS_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_NO_EQUALS_MSG, getLine()));
}
if (!i.hasNext())
{
- throw new ConfigurationException(String.format(PROPERTY_NO_VALUE_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_NO_VALUE_MSG, getLine()));
}
String value = i.next();
@@ -300,7 +300,7 @@ public class PlainConfiguration extends
}
/** Converts a {@link List} of "name", "=", "value" tokens into a {@link Map}. */
- protected Map<String, Boolean> toPluginProperties(List<String> args) throws ConfigurationException
+ protected Map<String, Boolean> toPluginProperties(List<String> args)
{
Map<String, Boolean> properties = new HashMap<String, Boolean>();
Iterator<String> i = args.iterator();
@@ -309,15 +309,15 @@ public class PlainConfiguration extends
String key = i.next().toLowerCase();
if (!i.hasNext())
{
- throw new ConfigurationException(String.format(PROPERTY_KEY_ONLY_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_KEY_ONLY_MSG, getLine()));
}
if (!"=".equals(i.next()))
{
- throw new ConfigurationException(String.format(PROPERTY_NO_EQUALS_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_NO_EQUALS_MSG, getLine()));
}
if (!i.hasNext())
{
- throw new ConfigurationException(String.format(PROPERTY_NO_VALUE_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_NO_VALUE_MSG, getLine()));
}
// parse property value and save
Modified: qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java Tue Feb 19 09:35:28 2013
@@ -45,7 +45,7 @@ public class DefaultAccessControl implem
private RuleSet _ruleSet;
- public DefaultAccessControl(String fileName) throws ConfigurationException
+ public DefaultAccessControl(String fileName)
{
if (_logger.isDebugEnabled())
{
Modified: qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactory.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactory.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactory.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactory.java Tue Feb 19 09:35:28 2013
@@ -20,28 +20,40 @@
*/
package org.apache.qpid.server.security.access.plugins;
-import org.apache.commons.configuration.Configuration;
-import org.apache.commons.configuration.ConfigurationException;
+import java.io.File;
+import java.util.Map;
+
+import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.plugin.AccessControlFactory;
import org.apache.qpid.server.security.AccessControl;
public class DefaultAccessControlFactory implements AccessControlFactory
{
- public AccessControl createInstance(Configuration securityConfiguration)
- {
- String aclConfiguration = securityConfiguration.getString("acl");
- if(aclConfiguration == null)
- {
- return null;
- }
+ public static final String ATTRIBUTE_ACL_FILE = "aclFile";
- try
- {
- return new DefaultAccessControl(aclConfiguration);
- }
- catch (ConfigurationException e)
+ public AccessControl createInstance(Map<String, Object> aclConfiguration)
+ {
+ if (aclConfiguration != null)
{
- throw new RuntimeException("caught exception during instance creation", e);
+ Object aclFile = aclConfiguration.get(ATTRIBUTE_ACL_FILE);
+ if (aclFile != null)
+ {
+ if (aclFile instanceof String)
+ {
+ String aclPath = (String) aclFile;
+ if (!new File(aclPath).exists())
+ {
+ throw new IllegalConfigurationException("ACL file '" + aclPath + "' is not found");
+ }
+ return new DefaultAccessControl(aclPath);
+ }
+ else
+ {
+ throw new IllegalConfigurationException("Expected '" + ATTRIBUTE_ACL_FILE + "' attribute value of type String but was " + aclFile.getClass()
+ + ": " + aclFile);
+ }
+ }
}
+ return null;
}
}
Modified: qpid/trunk/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java Tue Feb 19 09:35:28 2013
@@ -26,7 +26,7 @@ import java.util.Map;
import junit.framework.TestCase;
-import org.apache.commons.configuration.ConfigurationException;
+import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.security.access.ObjectProperties;
import org.apache.qpid.server.security.access.ObjectProperties.Property;
import org.apache.qpid.server.security.access.ObjectType;
@@ -73,7 +73,7 @@ public class PlainConfigurationTest exte
fail("fail");
}
- catch (ConfigurationException ce)
+ catch (IllegalConfigurationException ce)
{
assertEquals(String.format(PlainConfiguration.CONFIG_NOT_FOUND_MSG, "doesnotexist"), ce.getMessage());
assertTrue(ce.getCause() instanceof FileNotFoundException);
@@ -87,7 +87,7 @@ public class PlainConfigurationTest exte
writeACLConfig("ACL ALLOW ALL \\ ALL");
fail("fail");
}
- catch (ConfigurationException ce)
+ catch (IllegalConfigurationException ce)
{
assertEquals(String.format(PlainConfiguration.PREMATURE_CONTINUATION_MSG, 1), ce.getMessage());
}
@@ -100,7 +100,7 @@ public class PlainConfigurationTest exte
writeACLConfig("ACL unparsed ALL ALL");
fail("fail");
}
- catch (ConfigurationException ce)
+ catch (IllegalConfigurationException ce)
{
assertEquals(String.format(PlainConfiguration.PARSE_TOKEN_FAILED_MSG, 1), ce.getMessage());
assertTrue(ce.getCause() instanceof IllegalArgumentException);
@@ -115,7 +115,7 @@ public class PlainConfigurationTest exte
writeACLConfig("ACL ALLOW");
fail("fail");
}
- catch (ConfigurationException ce)
+ catch (IllegalConfigurationException ce)
{
assertEquals(String.format(PlainConfiguration.NOT_ENOUGH_ACL_MSG, 1), ce.getMessage());
}
@@ -128,7 +128,7 @@ public class PlainConfigurationTest exte
writeACLConfig("CONFIG");
fail("fail");
}
- catch (ConfigurationException ce)
+ catch (IllegalConfigurationException ce)
{
assertEquals(String.format(PlainConfiguration.NOT_ENOUGH_TOKENS_MSG, 1), ce.getMessage());
}
@@ -141,7 +141,7 @@ public class PlainConfigurationTest exte
writeACLConfig("INVALID");
fail("fail");
}
- catch (ConfigurationException ce)
+ catch (IllegalConfigurationException ce)
{
assertEquals(String.format(PlainConfiguration.NOT_ENOUGH_TOKENS_MSG, 1), ce.getMessage());
}
@@ -154,7 +154,7 @@ public class PlainConfigurationTest exte
writeACLConfig("ACL ALLOW adk CREATE QUEUE name");
fail("fail");
}
- catch (ConfigurationException ce)
+ catch (IllegalConfigurationException ce)
{
assertEquals(String.format(PlainConfiguration.PROPERTY_KEY_ONLY_MSG, 1), ce.getMessage());
}
@@ -167,7 +167,7 @@ public class PlainConfigurationTest exte
writeACLConfig("ACL ALLOW adk CREATE QUEUE name test");
fail("fail");
}
- catch (ConfigurationException ce)
+ catch (IllegalConfigurationException ce)
{
assertEquals(String.format(PlainConfiguration.PROPERTY_NO_EQUALS_MSG, 1), ce.getMessage());
}
@@ -180,7 +180,7 @@ public class PlainConfigurationTest exte
writeACLConfig("ACL ALLOW adk CREATE QUEUE name =");
fail("fail");
}
- catch (ConfigurationException ce)
+ catch (IllegalConfigurationException ce)
{
assertEquals(String.format(PlainConfiguration.PROPERTY_NO_VALUE_MSG, 1), ce.getMessage());
}
@@ -432,7 +432,7 @@ public class PlainConfigurationTest exte
writeACLConfig("GROUP group1 bob alice");
fail("Expected exception not thrown");
}
- catch(ConfigurationException e)
+ catch(IllegalConfigurationException e)
{
assertTrue(e.getMessage().contains("GROUP keyword not supported"));
}
Added: qpid/trunk/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactoryTest.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactoryTest.java?rev=1447646&view=auto
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactoryTest.java (added)
+++ qpid/trunk/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactoryTest.java Tue Feb 19 09:35:28 2013
@@ -0,0 +1,69 @@
+package org.apache.qpid.server.security.access.plugins;
+
+import java.io.File;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.apache.qpid.server.configuration.IllegalConfigurationException;
+import org.apache.qpid.server.security.AccessControl;
+import org.apache.qpid.test.utils.QpidTestCase;
+import org.apache.qpid.test.utils.TestFileUtils;
+
+public class DefaultAccessControlFactoryTest extends QpidTestCase
+{
+ public void testCreateInstanceWhenAclFileIsNotPresent()
+ {
+ DefaultAccessControlFactory factory = new DefaultAccessControlFactory();
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ AccessControl acl = factory.createInstance(attributes);
+ assertNull("ACL was created without a configuration file", acl);
+ }
+
+ public void testCreateInstanceWhenAclFileIsSpecified()
+ {
+ File aclFile = TestFileUtils.createTempFile(this, ".acl", "ACL ALLOW all all");
+ DefaultAccessControlFactory factory = new DefaultAccessControlFactory();
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(DefaultAccessControlFactory.ATTRIBUTE_ACL_FILE, aclFile.getAbsolutePath());
+ AccessControl acl = factory.createInstance(attributes);
+
+ assertNotNull("ACL was not created from acl file: " + aclFile.getAbsolutePath(), acl);
+ }
+
+ public void testCreateInstanceWhenAclFileIsSpecifiedButDoesNotExist()
+ {
+ File aclFile = new File(TMP_FOLDER, "my-non-existing-acl-" + System.currentTimeMillis());
+ assertFalse("ACL file " + aclFile.getAbsolutePath() + " actually exists but should not", aclFile.exists());
+ DefaultAccessControlFactory factory = new DefaultAccessControlFactory();
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(DefaultAccessControlFactory.ATTRIBUTE_ACL_FILE, aclFile.getAbsolutePath());
+ try
+ {
+ factory.createInstance(attributes);
+ fail("It should not be possible to create ACL from non existing file");
+ }
+ catch (IllegalConfigurationException e)
+ {
+ assertTrue("Unexpected exception message", Pattern.matches("ACL file '.*' is not found", e.getMessage()));
+ }
+ }
+
+ public void testCreateInstanceWhenAclFileIsSpecifiedAsNonString()
+ {
+ DefaultAccessControlFactory factory = new DefaultAccessControlFactory();
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ Integer aclFile = new Integer(0);
+ attributes.put(DefaultAccessControlFactory.ATTRIBUTE_ACL_FILE, aclFile);
+ try
+ {
+ factory.createInstance(attributes);
+ fail("It should not be possible to create ACL from Integer");
+ }
+ catch (IllegalConfigurationException e)
+ {
+ assertEquals("Unexpected exception message", "Expected '" + DefaultAccessControlFactory.ATTRIBUTE_ACL_FILE
+ + "' attribute value of type String but was " + Integer.class + ": " + aclFile, e.getMessage());
+ }
+ }
+}
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java Tue Feb 19 09:35:28 2013
@@ -21,15 +21,20 @@
package org.apache.qpid.server.management.plugin;
import java.io.File;
-import java.util.ArrayList;
import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.UUID;
-import org.apache.commons.configuration.ConfigurationException;
import org.apache.log4j.Logger;
+import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.logging.actors.CurrentActor;
import org.apache.qpid.server.logging.messages.ManagementConsoleMessages;
import org.apache.qpid.server.management.plugin.servlet.DefinedFileServlet;
import org.apache.qpid.server.management.plugin.servlet.FileServlet;
+import org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet;
import org.apache.qpid.server.management.plugin.servlet.rest.LogRecordsServlet;
import org.apache.qpid.server.management.plugin.servlet.rest.LogoutServlet;
import org.apache.qpid.server.management.plugin.servlet.rest.MessageContentServlet;
@@ -46,13 +51,18 @@ import org.apache.qpid.server.model.Exch
import org.apache.qpid.server.model.Group;
import org.apache.qpid.server.model.GroupMember;
import org.apache.qpid.server.model.GroupProvider;
+import org.apache.qpid.server.model.KeyStore;
+import org.apache.qpid.server.model.Plugin;
import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.Protocol;
import org.apache.qpid.server.model.Queue;
import org.apache.qpid.server.model.Session;
-import org.apache.qpid.server.model.Transport;
+import org.apache.qpid.server.model.State;
import org.apache.qpid.server.model.User;
import org.apache.qpid.server.model.VirtualHost;
+import org.apache.qpid.server.model.adapter.AbstractPluginAdapter;
+import org.apache.qpid.server.plugin.PluginFactory;
+import org.apache.qpid.server.util.MapValueConverter;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.SessionManager;
@@ -62,98 +72,186 @@ import org.eclipse.jetty.servlet.Servlet
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.ssl.SslContextFactory;
-public class HttpManagement implements ManagementPlugin
+public class HttpManagement extends AbstractPluginAdapter
{
private final Logger _logger = Logger.getLogger(HttpManagement.class);
+ // 10 minutes by default
+ public static final int DEFAULT_TIMEOUT_IN_SECONDS = 60 * 10;
+ public static final boolean DEFAULT_HTTP_BASIC_AUTHENTICATION_ENABLED = false;
+ public static final boolean DEFAULT_HTTPS_BASIC_AUTHENTICATION_ENABLED = true;
+ public static final boolean DEFAULT_HTTP_SASL_AUTHENTICATION_ENABLED = true;
+ public static final boolean DEFAULT_HTTPS_SASL_AUTHENTICATION_ENABLED = true;
+ public static final String DEFAULT_NAME = "httpManagement";
+
+ public static final String TIME_OUT = "sessionTimeout";
+ public static final String HTTP_BASIC_AUTHENTICATION_ENABLED = "httpBasicAuthenticationEnabled";
+ public static final String HTTPS_BASIC_AUTHENTICATION_ENABLED = "httpsBasicAuthenticationEnabled";
+ public static final String HTTP_SASL_AUTHENTICATION_ENABLED = "httpSaslAuthenticationEnabled";
+ public static final String HTTPS_SASL_AUTHENTICATION_ENABLED = "httpsSaslAuthenticationEnabled";
+
+ public static final String PLUGIN_TYPE = "MANAGEMENT-HTTP";
+
+ @SuppressWarnings("serial")
+ private static final Collection<String> AVAILABLE_ATTRIBUTES = Collections.unmodifiableSet(new HashSet<String>(Plugin.AVAILABLE_ATTRIBUTES)
+ {{
+ add(HTTP_BASIC_AUTHENTICATION_ENABLED);
+ add(HTTPS_BASIC_AUTHENTICATION_ENABLED);
+ add(HTTP_SASL_AUTHENTICATION_ENABLED);
+ add(HTTPS_SASL_AUTHENTICATION_ENABLED);
+ add(TIME_OUT);
+ add(PluginFactory.PLUGIN_TYPE);
+ }});
+
public static final String ENTRY_POINT_PATH = "/management";
private static final String OPERATIONAL_LOGGING_NAME = "Web";
- private final Broker _broker;
- private final Collection<Server> _servers = new ArrayList<Server>();
+ @SuppressWarnings("serial")
+ public static final Map<String, Object> DEFAULTS = Collections.unmodifiableMap(new HashMap<String, Object>()
+ {{
+ put(HTTP_BASIC_AUTHENTICATION_ENABLED, DEFAULT_HTTP_BASIC_AUTHENTICATION_ENABLED);
+ put(HTTPS_BASIC_AUTHENTICATION_ENABLED, DEFAULT_HTTPS_BASIC_AUTHENTICATION_ENABLED);
+ put(HTTP_SASL_AUTHENTICATION_ENABLED, DEFAULT_HTTP_SASL_AUTHENTICATION_ENABLED);
+ put(HTTPS_SASL_AUTHENTICATION_ENABLED, DEFAULT_HTTPS_SASL_AUTHENTICATION_ENABLED);
+ put(TIME_OUT, DEFAULT_TIMEOUT_IN_SECONDS);
+ put(NAME, DEFAULT_NAME);
+ }});
+
+ @SuppressWarnings("serial")
+ private static final Map<String, Class<?>> ATTRIBUTE_TYPES = Collections.unmodifiableMap(new HashMap<String, Class<?>>(){{
+ put(HTTP_BASIC_AUTHENTICATION_ENABLED, Boolean.class);
+ put(HTTPS_BASIC_AUTHENTICATION_ENABLED, Boolean.class);
+ put(HTTP_SASL_AUTHENTICATION_ENABLED, Boolean.class);
+ put(HTTPS_SASL_AUTHENTICATION_ENABLED, Boolean.class);
+ put(NAME, String.class);
+ put(TIME_OUT, Integer.class);
+ put(PluginFactory.PLUGIN_TYPE, String.class);
+ }});
+
+ private final Broker _broker;
- private final String _keyStorePassword;
- private final String _keyStorePath;
- private final int _sessionTimeout;
+ private Server _server;
- public HttpManagement(Broker broker, String keyStorePath, String keyStorePassword, int sessionTimeout) throws ConfigurationException
+ public HttpManagement(UUID id, Broker broker, Map<String, Object> attributes)
{
+ super(id, DEFAULTS, MapValueConverter.convert(attributes, ATTRIBUTE_TYPES), broker.getTaskExecutor());
_broker = broker;
- _keyStorePassword = keyStorePassword;
- _keyStorePath = keyStorePath;
- _sessionTimeout = sessionTimeout;
+ addParent(Broker.class, broker);
+ }
- Collection<Port> ports = broker.getPorts();
- int httpPort = -1, httpsPort = -1;
- for (Port port : ports)
+ @Override
+ protected boolean setState(State currentState, State desiredState)
+ {
+ if(desiredState == State.ACTIVE)
{
- if (port.getProtocols().contains(Protocol.HTTP))
- {
- if (port.getTransports().contains(Transport.TCP))
- {
- httpPort = port.getPort();
- }
- }
- if (port.getProtocols().contains(Protocol.HTTPS))
- {
- if (port.getTransports().contains(Transport.SSL))
- {
- httpsPort = port.getPort();
- }
- }
+ start();
+ return true;
+ }
+ else if(desiredState == State.STOPPED)
+ {
+ stop();
+ return true;
}
+ return false;
+ }
+
+ private void start()
+ {
+ CurrentActor.get().message(ManagementConsoleMessages.STARTUP(OPERATIONAL_LOGGING_NAME));
- if (httpPort != -1 || httpsPort != -1)
+ Collection<Port> httpPorts = getHttpPorts(_broker.getPorts());
+ _server = createServer(httpPorts);
+ try
{
- _servers.add(createServer(httpPort, httpsPort));
- if (_logger.isDebugEnabled())
- {
- _logger.debug(_servers.size() + " server(s) defined");
- }
+ _server.start();
+ logOperationalListenMessages(_server);
}
- else
+ catch (Exception e)
+ {
+ throw new RuntimeException("Failed to start http management on ports " + httpPorts);
+ }
+
+ CurrentActor.get().message(ManagementConsoleMessages.READY(OPERATIONAL_LOGGING_NAME));
+ }
+
+ private void stop()
+ {
+ if (_server != null)
{
- if (_logger.isInfoEnabled())
+ try
{
- _logger.info("Cannot create web server as neither HTTP nor HTTPS port specified");
+ _server.stop();
+ logOperationalShutdownMessage(_server);
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException("Failed to stop http management on port " + getHttpPorts(_broker.getPorts()));
}
}
+
+ CurrentActor.get().message(ManagementConsoleMessages.STOPPED(OPERATIONAL_LOGGING_NAME));
+ }
+
+ /** Added for testing purposes */
+ Broker getBroker()
+ {
+ return _broker;
+ }
+
+ /** Added for testing purposes */
+ int getSessionTimeout()
+ {
+ return (Integer)getAttribute(TIME_OUT);
+ }
+
+ private boolean isManagementHttp(Port port)
+ {
+ return port.getProtocols().contains(Protocol.HTTP) || port.getProtocols().contains(Protocol.HTTPS);
}
@SuppressWarnings("unchecked")
- private Server createServer(int port, int sslPort) throws ConfigurationException
+ private Server createServer(Collection<Port> ports)
{
if (_logger.isInfoEnabled())
{
- _logger.info("Starting up web server on" + (port == -1 ? "" : " HTTP port " + port)
- + (sslPort == -1 ? "" : " HTTPS port " + sslPort));
+ _logger.info("Starting up web server on " + ports);
}
Server server = new Server();
-
- if (port != -1)
+ for (Port port : ports)
{
- SelectChannelConnector connector = new SelectChannelConnector();
- connector.setPort(port);
- if (sslPort != -1)
+ final Collection<Protocol> protocols = port.getProtocols();
+ Connector connector = null;
+
+ //TODO: what to do if protocol HTTP and transport SSL?
+ if (protocols.contains(Protocol.HTTP))
{
- connector.setConfidentialPort(sslPort);
+ connector = new SelectChannelConnector();
}
- server.addConnector(connector);
- }
-
- if (sslPort != -1)
- {
- checkKeyStorePath(_keyStorePath);
-
- SslContextFactory factory = new SslContextFactory();
- factory.setKeyStorePath(_keyStorePath);
- factory.setKeyStorePassword(_keyStorePassword);
+ else if (protocols.contains(Protocol.HTTPS))
+ {
+ KeyStore keyStore = _broker.getDefaultKeyStore();
+ if (keyStore == null)
+ {
+ throw new IllegalConfigurationException("Key store is not configured. Cannot start management on HTTPS port without keystore");
+ }
+ String keyStorePath = (String)keyStore.getAttribute(KeyStore.PATH);
+ String keyStorePassword = keyStore.getPassword();
+ validateKeystoreParameters(keyStorePath, keyStorePassword);
+
+ SslContextFactory factory = new SslContextFactory();
+ factory.setKeyStorePath(keyStorePath);
+ factory.setKeyStorePassword(keyStorePassword);
- SslSocketConnector connector = new SslSocketConnector(factory);
- connector.setPort(sslPort);
+ connector = new SslSocketConnector(factory);
+ }
+ else
+ {
+ throw new IllegalArgumentException("Unexpected protocol " + protocols);
+ }
+ connector.setPort(port.getPort());
server.addConnector(connector);
}
@@ -161,6 +259,10 @@ public class HttpManagement implements M
root.setContextPath("/");
server.setHandler(root);
+ // set servlet context attributes for broker and configuration
+ root.getServletContext().setAttribute(AbstractServlet.ATTR_BROKER, _broker);
+ root.getServletContext().setAttribute(AbstractServlet.ATTR_MANAGEMENT, this);
+
addRestServlet(root, "broker");
addRestServlet(root, "virtualhost", VirtualHost.class);
addRestServlet(root, "authenticationprovider", AuthenticationProvider.class);
@@ -175,13 +277,13 @@ public class HttpManagement implements M
addRestServlet(root, "port", Port.class);
addRestServlet(root, "session", VirtualHost.class, Connection.class, Session.class);
- root.addServlet(new ServletHolder(new StructureServlet(_broker)), "/rest/structure");
- root.addServlet(new ServletHolder(new MessageServlet(_broker)), "/rest/message/*");
- root.addServlet(new ServletHolder(new MessageContentServlet(_broker)), "/rest/message-content/*");
+ root.addServlet(new ServletHolder(new StructureServlet()), "/rest/structure");
+ root.addServlet(new ServletHolder(new MessageServlet()), "/rest/message/*");
+ root.addServlet(new ServletHolder(new MessageContentServlet()), "/rest/message-content/*");
- root.addServlet(new ServletHolder(new LogRecordsServlet(_broker)), "/rest/logrecords");
+ root.addServlet(new ServletHolder(new LogRecordsServlet()), "/rest/logrecords");
- root.addServlet(new ServletHolder(new SaslServlet(_broker)), "/rest/sasl");
+ root.addServlet(new ServletHolder(new SaslServlet()), "/rest/sasl");
root.addServlet(new ServletHolder(new DefinedFileServlet("index.html")), ENTRY_POINT_PATH);
root.addServlet(new ServletHolder(new LogoutServlet()), "/logout");
@@ -199,61 +301,34 @@ public class HttpManagement implements M
final SessionManager sessionManager = root.getSessionHandler().getSessionManager();
- sessionManager.setMaxInactiveInterval(_sessionTimeout);
+ sessionManager.setMaxInactiveInterval((Integer)getAttribute(TIME_OUT));
return server;
}
private void addRestServlet(ServletContextHandler root, String name, Class<? extends ConfiguredObject>... hierarchy)
{
- root.addServlet(new ServletHolder(new RestServlet(_broker, hierarchy)), "/rest/" + name + "/*");
+ root.addServlet(new ServletHolder(new RestServlet(hierarchy)), "/rest/" + name + "/*");
}
- @Override
- public void start() throws Exception
+ private void validateKeystoreParameters(String keyStorePath, String password)
{
- CurrentActor.get().message(ManagementConsoleMessages.STARTUP(OPERATIONAL_LOGGING_NAME));
-
- for (Server server : _servers)
+ if (keyStorePath == null)
{
- server.start();
-
- logOperationalListenMessages(server);
+ throw new RuntimeException("Management SSL keystore path not defined, unable to start SSL protected HTTP connector");
}
-
- CurrentActor.get().message(ManagementConsoleMessages.READY(OPERATIONAL_LOGGING_NAME));
- }
-
- @Override
- public void stop() throws Exception
- {
- for (Server server : _servers)
+ if (password == null)
{
- logOperationalShutdownMessage(server);
-
- server.stop();
+ throw new RuntimeException("Management SSL keystore password, unable to start SSL protected HTTP connector");
}
-
- CurrentActor.get().message(ManagementConsoleMessages.STOPPED(OPERATIONAL_LOGGING_NAME));
- }
-
- private void checkKeyStorePath(String keyStorePath) throws ConfigurationException
- {
- if (keyStorePath == null)
+ File ksf = new File(keyStorePath);
+ if (!ksf.exists())
{
- throw new ConfigurationException("Management SSL keystore path not defined, unable to start SSL protected HTTP connector");
+ throw new RuntimeException("Cannot find management SSL keystore file: " + ksf);
}
- else
+ if (!ksf.canRead())
{
- File ksf = new File(keyStorePath);
- if (!ksf.exists())
- {
- throw new ConfigurationException("Cannot find management SSL keystore file: " + ksf);
- }
- if (!ksf.canRead())
- {
- throw new ConfigurationException("Cannot read management SSL keystore file: " + ksf + ". Check permissions.");
- }
+ throw new RuntimeException("Cannot read management SSL keystore file: " + ksf + ". Check permissions.");
}
}
@@ -288,27 +363,50 @@ public class HttpManagement implements M
return connector instanceof SslSocketConnector ? "HTTPS" : "HTTP";
}
- /** Added for testing purposes */
- Broker getBroker()
+ private Collection<Port> getHttpPorts(Collection<Port> ports)
{
- return _broker;
+ Collection<Port> httpPorts = new HashSet<Port>();
+ for (Port port : ports)
+ {
+ if (isManagementHttp(port))
+ {
+ httpPorts.add(port);
+ }
+ }
+ return httpPorts;
}
- /** Added for testing purposes */
- String getKeyStorePassword()
+
+ @Override
+ public String getName()
{
- return _keyStorePassword;
+ return (String)getAttribute(NAME);
}
- /** Added for testing purposes */
- String getKeyStorePath()
+ @Override
+ public Collection<String> getAttributeNames()
{
- return _keyStorePath;
+ return Collections.unmodifiableCollection(AVAILABLE_ATTRIBUTES);
}
- /** Added for testing purposes */
- int getSessionTimeout()
+ public boolean isHttpsSaslAuthenticationEnabled()
{
- return _sessionTimeout;
+ return (Boolean)getAttribute(HTTPS_SASL_AUTHENTICATION_ENABLED);
}
+
+ public boolean isHttpSaslAuthenticationEnabled()
+ {
+ return (Boolean)getAttribute(HTTP_SASL_AUTHENTICATION_ENABLED);
+ }
+
+ public boolean isHttpsBasicAuthenticationEnabled()
+ {
+ return (Boolean)getAttribute(HTTPS_BASIC_AUTHENTICATION_ENABLED);
+ }
+
+ public boolean isHttpBasicAuthenticationEnabled()
+ {
+ return (Boolean)getAttribute(HTTP_BASIC_AUTHENTICATION_ENABLED);
+ }
+
}
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementFactory.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementFactory.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementFactory.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementFactory.java Tue Feb 19 09:35:28 2013
@@ -18,37 +18,24 @@
*/
package org.apache.qpid.server.management.plugin;
-import org.apache.commons.configuration.ConfigurationException;
-import org.apache.log4j.Logger;
-import org.apache.qpid.server.configuration.ServerConfiguration;
+import java.util.Map;
+import java.util.UUID;
+
import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.plugin.ManagementFactory;
+import org.apache.qpid.server.model.Plugin;
+import org.apache.qpid.server.plugin.PluginFactory;
-public class HttpManagementFactory implements ManagementFactory
+public class HttpManagementFactory implements PluginFactory
{
- private static final Logger LOGGER = Logger.getLogger(HttpManagementFactory.class);
@Override
- public HttpManagement createInstance(ServerConfiguration configuration, Broker broker)
+ public Plugin createInstance(UUID id, Map<String, Object> attributes, Broker broker)
{
-
- if (!configuration.getHTTPManagementEnabled() && !configuration.getHTTPSManagementEnabled())
+ if (!HttpManagement.PLUGIN_TYPE.equals(attributes.get(PLUGIN_TYPE)))
{
- LOGGER.info("HttpManagement is disabled");
return null;
}
- try
- {
- return new HttpManagement(
- broker,
- configuration.getManagementKeyStorePath(),
- configuration.getManagementKeyStorePassword(),
- configuration.getHTTPManagementSessionTimeout());
- }
- catch (ConfigurationException e)
- {
- throw new RuntimeException(e);
- }
+ return new HttpManagement(id, broker, attributes);
}
}
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java Tue Feb 19 09:35:28 2013
@@ -28,6 +28,8 @@ import java.security.PrivilegedActionExc
import java.security.PrivilegedExceptionAction;
import javax.security.auth.Subject;
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
@@ -40,9 +42,9 @@ import org.apache.qpid.server.logging.Lo
import org.apache.qpid.server.logging.RootMessageLogger;
import org.apache.qpid.server.logging.actors.CurrentActor;
import org.apache.qpid.server.logging.actors.HttpManagementActor;
+import org.apache.qpid.server.management.plugin.HttpManagement;
import org.apache.qpid.server.management.plugin.session.LoginLogoutReporter;
import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.registry.ApplicationRegistry;
import org.apache.qpid.server.security.SecurityManager;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus;
@@ -53,25 +55,38 @@ public abstract class AbstractServlet ex
{
private static final Logger LOGGER = Logger.getLogger(AbstractServlet.class);
+ /**
+ * Servlet context attribute holding a reference to a broker instance
+ */
+ public static final String ATTR_BROKER = "Qpid.broker";
+
+ /**
+ * Servlet context attribute holding a reference to plugin configuration
+ */
+ public static final String ATTR_MANAGEMENT = "Qpid.management";
+
private static final String ATTR_LOGIN_LOGOUT_REPORTER = "AbstractServlet.loginLogoutReporter";
private static final String ATTR_SUBJECT = "AbstractServlet.subject";
private static final String ATTR_LOG_ACTOR = "AbstractServlet.logActor";
- private final Broker _broker;
-
+ private Broker _broker;
private RootMessageLogger _rootLogger;
+ private HttpManagement _httpManagement;
protected AbstractServlet()
{
super();
- _broker = ApplicationRegistry.getInstance().getBroker();
- _rootLogger = ApplicationRegistry.getInstance().getRootMessageLogger();
}
- protected AbstractServlet(Broker broker)
+ @Override
+ public void init() throws ServletException
{
- _broker = broker;
- _rootLogger = ApplicationRegistry.getInstance().getRootMessageLogger();
+ ServletConfig servletConfig = getServletConfig();
+ ServletContext servletContext = servletConfig.getServletContext();
+ _broker = (Broker)servletContext.getAttribute(ATTR_BROKER);
+ _rootLogger = _broker.getRootMessageLogger();
+ _httpManagement = (HttpManagement)servletContext.getAttribute(ATTR_MANAGEMENT);
+ super.init();
}
@Override
@@ -263,7 +278,7 @@ public abstract class AbstractServlet ex
return subject;
}
- SubjectCreator subjectCreator = ApplicationRegistry.getInstance().getSubjectCreator(getSocketAddress(request));
+ SubjectCreator subjectCreator = getSubjectCreator(request);
subject = authenticate(request, subjectCreator);
if (subject != null)
{
@@ -293,7 +308,7 @@ public abstract class AbstractServlet ex
@Override
public Void run() throws Exception
{
- boolean allowed = ApplicationRegistry.getInstance().getSecurityManager().accessManagement();
+ boolean allowed = getSecurityManager().accessManagement();
if (!allowed)
{
throw new AccessControlException("User is not authorised for management");
@@ -382,8 +397,8 @@ public abstract class AbstractServlet ex
private boolean isBasicAuthSupported(HttpServletRequest req)
{
- return req.isSecure() ? ApplicationRegistry.getInstance().getConfiguration().getHTTPSManagementBasicAuth()
- : ApplicationRegistry.getInstance().getConfiguration().getHTTPManagementBasicAuth();
+ return req.isSecure() ? _httpManagement.isHttpsBasicAuthenticationEnabled()
+ : _httpManagement.isHttpBasicAuthenticationEnabled();
}
private HttpManagementActor getLogActorAndCacheInSession(HttpServletRequest req)
@@ -441,5 +456,18 @@ public abstract class AbstractServlet ex
return new HttpManagementActor(_rootLogger, request.getRemoteAddr(), request.getRemotePort());
}
+ protected HttpManagement getManagement()
+ {
+ return _httpManagement;
+ }
+ protected SecurityManager getSecurityManager()
+ {
+ return _broker.getSecurityManager();
+ }
+
+ protected SubjectCreator getSubjectCreator(HttpServletRequest request)
+ {
+ return _broker.getSubjectCreator(getSocketAddress(request));
+ }
}
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java Tue Feb 19 09:35:28 2013
@@ -26,8 +26,6 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.qpid.server.logging.LogRecorder;
-import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.registry.ApplicationRegistry;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.map.SerializationConfig;
@@ -35,12 +33,7 @@ public class LogRecordsServlet extends A
{
public LogRecordsServlet()
{
- super(ApplicationRegistry.getInstance().getBroker());
- }
-
- public LogRecordsServlet(Broker broker)
- {
- super(broker);
+ super();
}
@Override
@@ -53,10 +46,10 @@ public class LogRecordsServlet extends A
response.setHeader("Pragma","no-cache");
response.setDateHeader ("Expires", 0);
- ApplicationRegistry applicationRegistry = (ApplicationRegistry) ApplicationRegistry.getInstance();
List<Map<String,Object>> logRecords = new ArrayList<Map<String, Object>>();
- for(LogRecorder.Record record : applicationRegistry.getLogRecorder())
+ LogRecorder logRecorder = getBroker().getLogRecorder();
+ for(LogRecorder.Record record : logRecorder)
{
logRecords.add(logRecordToObject(record));
}
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java Tue Feb 19 09:35:28 2013
@@ -29,7 +29,6 @@ import javax.servlet.http.HttpServletRes
import org.apache.qpid.server.message.MessageReference;
import org.apache.qpid.server.message.ServerMessage;
-import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.Queue;
import org.apache.qpid.server.model.VirtualHost;
import org.apache.qpid.server.queue.QueueEntry;
@@ -42,11 +41,6 @@ public class MessageContentServlet exten
super();
}
- public MessageContentServlet(Broker broker)
- {
- super(broker);
- }
-
@Override
protected void doGetWithSubjectAndActor(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java Tue Feb 19 09:35:28 2013
@@ -34,13 +34,10 @@ import org.apache.log4j.Logger;
import org.apache.qpid.server.message.AMQMessageHeader;
import org.apache.qpid.server.message.MessageReference;
import org.apache.qpid.server.message.ServerMessage;
-import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.Queue;
import org.apache.qpid.server.model.VirtualHost;
import org.apache.qpid.server.queue.QueueEntry;
import org.apache.qpid.server.queue.QueueEntryVisitor;
-import org.apache.qpid.server.registry.ApplicationRegistry;
-import org.apache.qpid.server.registry.IApplicationRegistry;
import org.apache.qpid.server.security.SecurityManager;
import org.apache.qpid.server.security.access.Operation;
import org.apache.qpid.server.subscription.Subscription;
@@ -56,11 +53,6 @@ public class MessageServlet extends Abst
super();
}
- public MessageServlet(Broker broker)
- {
- super(broker);
- }
-
@Override
protected void doGetWithSubjectAndActor(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
@@ -422,7 +414,7 @@ public class MessageServlet extends Abst
// FIXME: added temporary authorization check until we introduce management layer
// and review current ACL rules to have common rules for all management interfaces
String methodName = isMoveTransaction? "moveMessages":"copyMessages";
- if (isQueueUpdateMethodAuthorized(methodName, vhost.getName()))
+ if (isQueueUpdateMethodAuthorized(methodName, vhost))
{
final Queue destinationQueue = getQueueFromVirtualHost(destQueueName, vhost);
final List messageIds = new ArrayList((List) providedObject.get("messages"));
@@ -466,7 +458,7 @@ public class MessageServlet extends Abst
// FIXME: added temporary authorization check until we introduce management layer
// and review current ACL rules to have common rules for all management interfaces
- if (isQueueUpdateMethodAuthorized("deleteMessages", vhost.getName()))
+ if (isQueueUpdateMethodAuthorized("deleteMessages", vhost))
{
vhost.executeTransaction(new DeleteTransaction(sourceQueue, messageIds));
response.setStatus(HttpServletResponse.SC_OK);
@@ -478,25 +470,10 @@ public class MessageServlet extends Abst
}
- private boolean isQueueUpdateMethodAuthorized(String methodName, String virtualHost)
+ private boolean isQueueUpdateMethodAuthorized(String methodName, VirtualHost host)
{
- SecurityManager securityManager = getSecurityManager(virtualHost);
+ SecurityManager securityManager = host.getSecurityManager();
return securityManager.authoriseMethod(Operation.UPDATE, "VirtualHost.Queue", methodName);
}
- private SecurityManager getSecurityManager(String virtualHost)
- {
- IApplicationRegistry appRegistry = ApplicationRegistry.getInstance();
- SecurityManager security;
- if (virtualHost == null)
- {
- security = appRegistry.getSecurityManager();
- }
- else
- {
- security = appRegistry.getVirtualHostRegistry().getVirtualHost(virtualHost).getSecurityManager();
- }
- return security;
- }
-
}
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java Tue Feb 19 09:35:28 2013
@@ -47,29 +47,29 @@ public class RestServlet extends Abstrac
private Class<? extends ConfiguredObject>[] _hierarchy;
- private volatile boolean initializationRequired = false;
-
private final ConfiguredObjectToMapConverter _objectConverter = new ConfiguredObjectToMapConverter();
+ private final boolean _hierarchyInitializationRequired;
public RestServlet()
{
super();
- initializationRequired = true;
+ _hierarchyInitializationRequired = true;
}
- public RestServlet(Broker broker, Class<? extends ConfiguredObject>... hierarchy)
+ public RestServlet(Class<? extends ConfiguredObject>... hierarchy)
{
- super(broker);
+ super();
_hierarchy = hierarchy;
+ _hierarchyInitializationRequired = false;
}
@Override
public void init() throws ServletException
{
- if (initializationRequired)
+ super.init();
+ if (_hierarchyInitializationRequired)
{
doInitialization();
- initializationRequired = false;
}
}
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java Tue Feb 19 09:35:28 2013
@@ -25,8 +25,7 @@ import org.codehaus.jackson.map.ObjectMa
import org.codehaus.jackson.map.SerializationConfig;
import org.apache.log4j.Logger;
-import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.registry.ApplicationRegistry;
+import org.apache.qpid.server.management.plugin.HttpManagement;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
@@ -48,6 +47,7 @@ import java.util.Random;
public class SaslServlet extends AbstractServlet
{
+
private static final Logger LOGGER = Logger.getLogger(SaslServlet.class);
private static final SecureRandom SECURE_RANDOM = new SecureRandom();
@@ -57,17 +57,11 @@ public class SaslServlet extends Abstrac
private static final String ATTR_EXPIRY = "SaslServlet.Expiry";
private static final long SASL_EXCHANGE_EXPIRY = 1000L;
-
public SaslServlet()
{
super();
}
- public SaslServlet(Broker broker)
- {
- super(broker);
- }
-
protected void doGetWithSubjectAndActor(HttpServletRequest request, HttpServletResponse response) throws
ServletException,
IOException
@@ -82,7 +76,7 @@ public class SaslServlet extends Abstrac
HttpSession session = request.getSession();
getRandom(session);
- SubjectCreator subjectCreator = ApplicationRegistry.getInstance().getSubjectCreator(getSocketAddress(request));
+ SubjectCreator subjectCreator = getSubjectCreator(request);
String[] mechanisms = subjectCreator.getMechanisms().split(" ");
Map<String, Object> outputObject = new LinkedHashMap<String, Object>();
@@ -140,7 +134,7 @@ public class SaslServlet extends Abstrac
String id = request.getParameter("id");
String saslResponse = request.getParameter("response");
- SubjectCreator subjectCreator = ApplicationRegistry.getInstance().getSubjectCreator(getSocketAddress(request));
+ SubjectCreator subjectCreator = getSubjectCreator(request);
if(mechanism != null)
{
@@ -202,13 +196,14 @@ public class SaslServlet extends Abstrac
private void checkSaslAuthEnabled(HttpServletRequest request)
{
boolean saslAuthEnabled;
+ HttpManagement management = getManagement();
if (request.isSecure())
{
- saslAuthEnabled = ApplicationRegistry.getInstance().getConfiguration().getHTTPSManagementSaslAuthEnabled();
+ saslAuthEnabled = management.isHttpsSaslAuthenticationEnabled();
}
else
{
- saslAuthEnabled = ApplicationRegistry.getInstance().getConfiguration().getHTTPManagementSaslAuthEnabled();
+ saslAuthEnabled = management.isHttpSaslAuthenticationEnabled();
}
if (!saslAuthEnabled)
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java Tue Feb 19 09:35:28 2013
@@ -41,11 +41,6 @@ public class StructureServlet extends Ab
super();
}
- public StructureServlet(Broker broker)
- {
- super(broker);
- }
-
@Override
protected void doGetWithSubjectAndActor(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
Copied: qpid/trunk/qpid/java/broker-plugins/management-http/src/main/resources/META-INF/services/org.apache.qpid.server.plugin.PluginFactory (from r1447519, qpid/trunk/qpid/java/broker-plugins/management-http/src/main/resources/META-INF/services/org.apache.qpid.server.plugin.ManagementFactory)
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/main/resources/META-INF/services/org.apache.qpid.server.plugin.PluginFactory?p2=qpid/trunk/qpid/java/broker-plugins/management-http/src/main/resources/META-INF/services/org.apache.qpid.server.plugin.PluginFactory&p1=qpid/trunk/qpid/java/broker-plugins/management-http/src/main/resources/META-INF/services/org.apache.qpid.server.plugin.ManagementFactory&r1=1447519&r2=1447646&rev=1447646&view=diff
==============================================================================
(empty)
Modified: qpid/trunk/qpid/java/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/HttpManagementFactoryTest.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/HttpManagementFactoryTest.java?rev=1447646&r1=1447645&r2=1447646&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/HttpManagementFactoryTest.java (original)
+++ qpid/trunk/qpid/java/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/HttpManagementFactoryTest.java Tue Feb 19 09:35:28 2013
@@ -19,64 +19,42 @@
package org.apache.qpid.server.management.plugin;
import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-import org.apache.qpid.server.configuration.ServerConfiguration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.plugin.PluginFactory;
import org.apache.qpid.test.utils.QpidTestCase;
public class HttpManagementFactoryTest extends QpidTestCase
{
- private static final String KEY_STORE_PASSWORD = "keyStorePassword";
- private static final String KEY_STORE_PATH = "keyStorePath";
private static final int SESSION_TIMEOUT = 3600;
- private HttpManagementFactory _managementFactory = new HttpManagementFactory();
- private ServerConfiguration _configuration = mock(ServerConfiguration.class);
+ private PluginFactory _pluginFactory = new HttpManagementFactory();
+ private Map<String, Object> _attributes = new HashMap<String, Object>();
private Broker _broker = mock(Broker.class);
+ private UUID _id = UUID.randomUUID();
- public void testNoHttpManagementConfigured() throws Exception
+ public void testCreateInstanceReturnsNullWhenPluginTypeMissing() throws Exception
{
- ManagementPlugin management = _managementFactory.createInstance(_configuration, _broker);
- assertNull(management);
+ assertNull(_pluginFactory.createInstance(_id, _attributes, _broker));
}
-
- public void testHttpTransportConfigured() throws Exception
+ public void testCreateInstanceReturnsNullWhenPluginTypeNotHttp()
{
- when(_configuration.getHTTPManagementEnabled()).thenReturn(true);
- when(_configuration.getHTTPSManagementEnabled()).thenReturn(false);
-
- when(_configuration.getManagementKeyStorePassword()).thenReturn(null);
- when(_configuration.getManagementKeyStorePath()).thenReturn(null);
-
- when(_configuration.getHTTPManagementSessionTimeout()).thenReturn(SESSION_TIMEOUT);
-
- HttpManagement management = _managementFactory.createInstance(_configuration, _broker);
-
- assertNotNull(management);
- assertEquals(_broker, management.getBroker());
- assertNull(management.getKeyStorePassword());
- assertNull(management.getKeyStorePath());
- assertEquals(SESSION_TIMEOUT, management.getSessionTimeout());
-
+ _attributes.put(PluginFactory.PLUGIN_TYPE, "notHttp");
+ assertNull(_pluginFactory.createInstance(_id, _attributes, _broker));
}
- public void testHttpsTransportConfigured() throws Exception
+ public void testCreateInstance() throws Exception
{
- when(_configuration.getHTTPManagementEnabled()).thenReturn(false);
- when(_configuration.getHTTPSManagementEnabled()).thenReturn(true);
-
- when(_configuration.getManagementKeyStorePassword()).thenReturn(KEY_STORE_PASSWORD);
- when(_configuration.getManagementKeyStorePath()).thenReturn(KEY_STORE_PATH);
-
- when(_configuration.getHTTPManagementSessionTimeout()).thenReturn(SESSION_TIMEOUT);
+ _attributes.put(PluginFactory.PLUGIN_TYPE, HttpManagement.PLUGIN_TYPE);
+ _attributes.put(HttpManagement.TIME_OUT, SESSION_TIMEOUT);
- HttpManagement management = _managementFactory.createInstance(_configuration, _broker);
+ HttpManagement management = (HttpManagement) _pluginFactory.createInstance(_id, _attributes, _broker);
- assertNotNull(management);
assertEquals(_broker, management.getBroker());
- assertEquals(KEY_STORE_PASSWORD, management.getKeyStorePassword());
- assertEquals(KEY_STORE_PATH, management.getKeyStorePath());
assertEquals(SESSION_TIMEOUT, management.getSessionTimeout());
}
Added: qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/CustomRMIServerSocketFactory.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/CustomRMIServerSocketFactory.java?rev=1447646&view=auto
==============================================================================
--- qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/CustomRMIServerSocketFactory.java (added)
+++ qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/CustomRMIServerSocketFactory.java Tue Feb 19 09:35:28 2013
@@ -0,0 +1,68 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.server.jmx;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.ServerSocket;
+import java.net.Socket;
+import java.rmi.server.RMIServerSocketFactory;
+
+/**
+ * Custom RMIServerSocketFactory class, used to prevent updates to the RMI registry.
+ * Supplied to the registry at creation, this will prevent RMI-based operations on the
+ * registry such as attempting to bind a new object, thereby securing it from tampering.
+ * This is accomplished by always returning null when attempting to determine the address
+ * of the caller, thus ensuring the registry will refuse the attempt. Calls to bind etc
+ * made using the object reference will not be affected and continue to operate normally.
+ */
+class CustomRMIServerSocketFactory implements RMIServerSocketFactory
+{
+
+ public ServerSocket createServerSocket(int port) throws IOException
+ {
+ return new NoLocalAddressServerSocket(port);
+ }
+
+ private static class NoLocalAddressServerSocket extends ServerSocket
+ {
+ NoLocalAddressServerSocket(int port) throws IOException
+ {
+ super(port);
+ }
+
+ @Override
+ public Socket accept() throws IOException
+ {
+ Socket s = new NoLocalAddressSocket();
+ super.implAccept(s);
+ return s;
+ }
+ }
+
+ private static class NoLocalAddressSocket extends Socket
+ {
+ @Override
+ public InetAddress getInetAddress()
+ {
+ return null;
+ }
+ }
+}
\ No newline at end of file
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org