You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2012/12/04 18:05:32 UTC
svn commit: r1417035 - in
/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src:
main/java/org/apache/qpid/server/
main/java/org/apache/qpid/server/configuration/
test/java/org/apache/qpid/server/
test/java/org/apache/qpid/server/configuration/
Author: orudyy
Date: Tue Dec 4 17:05:31 2012
New Revision: 1417035
URL: http://svn.apache.org/viewvc?rev=1417035&view=rev
Log:
QPID-4390: Use system property to configure message authorization requirements
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/AMQChannel.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/AMQChannelTest.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
Modified: qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/AMQChannel.java
URL: http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/AMQChannel.java?rev=1417035&r1=1417034&r2=1417035&view=diff
==============================================================================
--- qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/AMQChannel.java (original)
+++ qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/AMQChannel.java Tue Dec 4 17:05:31 2012
@@ -53,6 +53,7 @@ import org.apache.qpid.framing.abstracti
import org.apache.qpid.protocol.AMQConstant;
import org.apache.qpid.server.ack.UnacknowledgedMessageMap;
import org.apache.qpid.server.ack.UnacknowledgedMessageMapImpl;
+import org.apache.qpid.server.configuration.BrokerProperties;
import org.apache.qpid.server.exchange.Exchange;
import org.apache.qpid.server.flow.FlowCreditManager;
import org.apache.qpid.server.flow.Pre0_10CreditManager;
@@ -70,7 +71,6 @@ import org.apache.qpid.server.message.Me
import org.apache.qpid.server.message.ServerMessage;
import org.apache.qpid.server.output.ProtocolOutputConverter;
import org.apache.qpid.server.protocol.AMQConnectionModel;
-import org.apache.qpid.server.protocol.AMQProtocolEngine;
import org.apache.qpid.server.protocol.AMQProtocolSession;
import org.apache.qpid.server.protocol.AMQSessionModel;
import org.apache.qpid.server.queue.AMQQueue;
@@ -78,7 +78,6 @@ import org.apache.qpid.server.queue.Base
import org.apache.qpid.server.queue.InboundMessageAdapter;
import org.apache.qpid.server.queue.IncomingMessage;
import org.apache.qpid.server.queue.QueueEntry;
-import org.apache.qpid.server.registry.ApplicationRegistry;
import org.apache.qpid.server.store.MessageStore;
import org.apache.qpid.server.store.StoreFuture;
import org.apache.qpid.server.store.StoredMessage;
@@ -97,11 +96,9 @@ public class AMQChannel implements AMQSe
public static final int DEFAULT_PREFETCH = 4096;
private static final Logger _logger = Logger.getLogger(AMQChannel.class);
-
- // XXX remove reference on ServerConfiguration
- private static final boolean MSG_AUTH =
- ApplicationRegistry.getInstance().getConfiguration().getMsgAuth();
+ //TODO use Broker property to configure message authorization requirements
+ private boolean _messageAuthorizationRequired = Boolean.getBoolean(BrokerProperties.PROPERTY_MSG_AUTH);
private final int _channelId;
@@ -1134,7 +1131,7 @@ public class AMQChannel implements AMQSe
? ((BasicContentHeaderProperties) header.getProperties()).getUserId()
: null;
- return (!MSG_AUTH || _session.getAuthorizedPrincipal().getName().equals(userID == null? "" : userID.toString()));
+ return (!_messageAuthorizationRequired || _session.getAuthorizedPrincipal().getName().equals(userID == null? "" : userID.toString()));
}
Modified: qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java
URL: http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java?rev=1417035&r1=1417034&r2=1417035&view=diff
==============================================================================
--- qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java (original)
+++ qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java Tue Dec 4 17:05:31 2012
@@ -452,11 +452,6 @@ public class ServerConfiguration extends
return getBooleanValue("advanced.synced-clocks");
}
- public boolean getMsgAuth()
- {
- return getBooleanValue("security.msg-auth");
- }
-
public String getDefaultAuthenticationManager()
{
return getStringValue(SECURITY_DEFAULT_AUTH_MANAGER);
Modified: qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/AMQChannelTest.java
URL: http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/AMQChannelTest.java?rev=1417035&r1=1417034&r2=1417035&view=diff
==============================================================================
--- qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/AMQChannelTest.java (original)
+++ qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/AMQChannelTest.java Tue Dec 4 17:05:31 2012
@@ -20,6 +20,20 @@
*/
package org.apache.qpid.server;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.qpid.AMQException;
+import org.apache.qpid.framing.AMQShortString;
+import org.apache.qpid.framing.BasicContentHeaderProperties;
+import org.apache.qpid.framing.ContentHeaderBody;
+import org.apache.qpid.framing.abstraction.MessagePublishInfo;
+import org.apache.qpid.server.configuration.BrokerProperties;
+import org.apache.qpid.server.exchange.Exchange;
+import org.apache.qpid.server.message.MessageContentSource;
import org.apache.qpid.server.protocol.AMQProtocolSession;
import org.apache.qpid.server.protocol.InternalTestProtocolSession;
import org.apache.qpid.server.util.InternalBrokerBaseCase;
@@ -30,6 +44,7 @@ public class AMQChannelTest extends Inte
{
private VirtualHost _virtualHost;
private AMQProtocolSession _protocolSession;
+ private Map<Integer,String> _replies;
@Override
public void setUp() throws Exception
@@ -37,7 +52,21 @@ public class AMQChannelTest extends Inte
super.setUp();
VirtualHostRegistry registry = getRegistry().getVirtualHostRegistry();
_virtualHost = registry.getVirtualHosts().iterator().next();
- _protocolSession = new InternalTestProtocolSession(_virtualHost, registry);
+
+ _protocolSession = new InternalTestProtocolSession(_virtualHost, registry )
+ {
+ @Override
+ public void writeReturn(MessagePublishInfo messagePublishInfo,
+ ContentHeaderBody header,
+ MessageContentSource msgContent,
+ int channelId,
+ int replyCode,
+ AMQShortString replyText) throws AMQException
+ {
+ _replies.put(replyCode, replyText.asString());
+ }
+ };
+ _replies = new HashMap<Integer, String>();
}
public void testCompareTo() throws Exception
@@ -50,4 +79,49 @@ public class AMQChannelTest extends Inte
assertEquals("Unexpected compare result", 0, channel1.compareTo(channel1));
}
+ public void testPublishContentHeaderWhenMessageAuthorizationFails() throws Exception
+ {
+ setTestSystemProperty(BrokerProperties.PROPERTY_MSG_AUTH, "true");
+ AMQChannel channel = new AMQChannel(_protocolSession, 1, _virtualHost.getMessageStore());
+ channel.setLocalTransactional();
+
+ MessagePublishInfo info = mock(MessagePublishInfo.class);
+ Exchange e = mock(Exchange.class);
+ ContentHeaderBody contentHeaderBody= mock(ContentHeaderBody.class);
+ BasicContentHeaderProperties properties = mock(BasicContentHeaderProperties.class);
+
+ when(contentHeaderBody.getProperties()).thenReturn(properties);
+ when(info.getExchange()).thenReturn(new AMQShortString("test"));
+ when(properties.getUserId()).thenReturn(new AMQShortString(_protocolSession.getAuthorizedPrincipal().getName() + "_incorrect"));
+
+ channel.setPublishFrame(info, e);
+ channel.publishContentHeader(contentHeaderBody);
+ channel.commit();
+
+ assertEquals("Unexpected number of replies", 1, _replies.size());
+ assertEquals("Message authorization passed", "Access Refused", _replies.get(403));
+ }
+
+ public void testPublishContentHeaderWhenMessageAuthorizationPasses() throws Exception
+ {
+ setTestSystemProperty(BrokerProperties.PROPERTY_MSG_AUTH, "true");
+ AMQChannel channel = new AMQChannel(_protocolSession, 1, _virtualHost.getMessageStore());
+ channel.setLocalTransactional();
+
+ MessagePublishInfo info = mock(MessagePublishInfo.class);
+ Exchange e = mock(Exchange.class);
+ ContentHeaderBody contentHeaderBody= mock(ContentHeaderBody.class);
+ BasicContentHeaderProperties properties = mock(BasicContentHeaderProperties.class);
+
+ when(contentHeaderBody.getProperties()).thenReturn(properties);
+ when(info.getExchange()).thenReturn(new AMQShortString("test"));
+ when(properties.getUserId()).thenReturn(new AMQShortString(_protocolSession.getAuthorizedPrincipal().getName()));
+
+ channel.setPublishFrame(info, e);
+ channel.publishContentHeader(contentHeaderBody);
+ channel.commit();
+
+ assertEquals("Unexpected number of replies", 0, _replies.size());
+ }
+
}
Modified: qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
URL: http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java?rev=1417035&r1=1417034&r2=1417035&view=diff
==============================================================================
--- qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java (original)
+++ qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java Tue Dec 4 17:05:31 2012
@@ -175,20 +175,6 @@ public class ServerConfigurationTest ext
assertEquals(update, _serverConfig.getLocale());
}
-
- public void testGetMsgAuth() throws ConfigurationException
- {
- // Check default
- _serverConfig.initialise();
- assertEquals(false, _serverConfig.getMsgAuth());
-
- // Check value we set
- _config.setProperty("security.msg-auth", true);
- _serverConfig = new ServerConfiguration(_config);
- _serverConfig.initialise();
- assertEquals(true, _serverConfig.getMsgAuth());
- }
-
public void testGetManagementKeyStorePath() throws ConfigurationException
{
// Check default
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org