Author: dejanb
Date: Wed Apr 13 17:49:29 2011
New Revision: 1091862
URL: http://svn.apache.org/viewvc?rev=1091862&view=rev
Log:
https://issues.apache.org/jira/browse/AMQ-826 - ldap based authorization - more
fixes - support composite and easy advisory settings
Added:
activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPSecurityTest.java
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-ldap.xml
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq.ldif
Modified:
activemq/trunk/activemq-core/pom.xml
activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java
activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java
activemq/trunk/activemq-core/src/test/resources/login.config
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif
activemq/trunk/activemq-jaas/pom.xml
activemq/trunk/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java
Modified: activemq/trunk/activemq-core/pom.xml
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-core/pom.xml?rev=1091862&r1=1091861&r2=1091862&view=diff
==============================================================================
--- activemq/trunk/activemq-core/pom.xml (original)
+++ activemq/trunk/activemq-core/pom.xml Wed Apr 13 17:49:29 2011
@@ -466,6 +466,10 @@
<!-- This test only works on machines which have ssh propertly
configured -->
<exclude>**/SSHTunnelNetworkReconnectTest.*</exclude>
+ <!-- exclude until we fix problems with apache ds and maven -->
+ <exclude>**/LDAPAuthorizationMapTest.*</exclude>
+ <exclude>**/LDAPSecurityTest.*</exclude>
+
<!-- http://issues.apache.org/activemq/browse/AMQ-1027 -->
<exclude>**/FailoverConsumerTest.*</exclude>
Modified:
activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java?rev=1091862&r1=1091861&r2=1091862&view=diff
==============================================================================
---
activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java
(original)
+++
activemq/trunk/activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java
Wed Apr 13 17:49:29 2011
@@ -33,6 +33,7 @@ import javax.naming.directory.InitialDir
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
+import org.apache.activemq.advisory.AdvisorySupport;
import org.apache.activemq.command.ActiveMQDestination;
import org.apache.activemq.jaas.GroupPrincipal;
import org.apache.activemq.jaas.LDAPLoginModule;
@@ -79,9 +80,11 @@ public class LDAPAuthorizationMap implem
private MessageFormat topicSearchMatchingFormat;
private MessageFormat queueSearchMatchingFormat;
+ private String advisorySearchBase =
"uid=ActiveMQ.Advisory,ou=topics,ou=destinations,o=ActiveMQ,dc=example,dc=com";
private boolean topicSearchSubtreeBool = true;
private boolean queueSearchSubtreeBool = true;
+ private boolean useAdvisorySearchBase = true;
private String adminBase;
private String adminAttribute;
@@ -99,8 +102,9 @@ public class LDAPAuthorizationMap implem
connectionProtocol = "s";
authentication = "simple";
- topicSearchMatchingFormat = new
MessageFormat("uid={0},ou=topics,ou=destinations,o=ActiveMQ,ou=system");
- queueSearchMatchingFormat = new
MessageFormat("uid={0},ou=queues,ou=destinations,o=ActiveMQ,ou=system");
+ topicSearchMatchingFormat = new
MessageFormat("uid={0},ou=topics,ou=destinations,o=ActiveMQ,dc=example,dc=com");
+ queueSearchMatchingFormat = new
MessageFormat("uid={0},ou=queues,ou=destinations,o=ActiveMQ,dc=example,dc=com");
+
adminBase = "(cn=admin)";
adminAttribute = "uniqueMember";
@@ -151,14 +155,23 @@ public class LDAPAuthorizationMap implem
}
public Set<GroupPrincipal> getAdminACLs(ActiveMQDestination destination) {
+ if (destination.isComposite()) {
+ return getCompositeACLs(destination, adminBase, adminAttribute);
+ }
return getACLs(destination, adminBase, adminAttribute);
}
public Set<GroupPrincipal> getReadACLs(ActiveMQDestination destination) {
+ if (destination.isComposite()) {
+ return getCompositeACLs(destination, readBase, readAttribute);
+ }
return getACLs(destination, readBase, readAttribute);
}
public Set<GroupPrincipal> getWriteACLs(ActiveMQDestination destination) {
+ if (destination.isComposite()) {
+ return getCompositeACLs(destination, writeBase, writeAttribute);
+ }
return getACLs(destination, writeBase, writeAttribute);
}
@@ -301,6 +314,31 @@ public class LDAPAuthorizationMap implem
this.writeBase = writeBase;
}
+ public boolean isUseAdvisorySearchBase() {
+ return useAdvisorySearchBase;
+ }
+
+ public void setUseAdvisorySearchBase(boolean useAdvisorySearchBase) {
+ this.useAdvisorySearchBase = useAdvisorySearchBase;
+ }
+
+ public String getAdvisorySearchBase() {
+ return advisorySearchBase;
+ }
+
+ public void setAdvisorySearchBase(String advisorySearchBase) {
+ this.advisorySearchBase = advisorySearchBase;
+ }
+
+ protected Set<GroupPrincipal> getCompositeACLs(ActiveMQDestination
destination, String roleBase, String roleAttribute) {
+ ActiveMQDestination[] dests = destination.getCompositeDestinations();
+ Set<GroupPrincipal> acls = new HashSet<GroupPrincipal>();
+ for (ActiveMQDestination dest : dests) {
+ acls.addAll(getACLs(dest, roleBase, roleAttribute));
+ }
+ return acls;
+ }
+
// Implementation methods
//
-------------------------------------------------------------------------
protected Set<GroupPrincipal> getACLs(ActiveMQDestination destination,
String roleBase, String roleAttribute) {
@@ -311,28 +349,28 @@ public class LDAPAuthorizationMap implem
return new HashSet<GroupPrincipal>();
}
- // if ((destination.getDestinationType() &
- // (ActiveMQDestination.QUEUE_TYPE | ActiveMQDestination.TOPIC_TYPE))
!=
- // 0)
- // return new HashSet();
+
String destinationBase = "";
SearchControls constraints = new SearchControls();
-
- if ((destination.getDestinationType() &
ActiveMQDestination.QUEUE_TYPE) == ActiveMQDestination.QUEUE_TYPE) {
- destinationBase = queueSearchMatchingFormat.format(new String[]
{destination.getPhysicalName()});
- if (queueSearchSubtreeBool) {
- constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
- } else {
- constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
+ if (AdvisorySupport.isAdvisoryTopic(destination) &&
useAdvisorySearchBase) {
+ destinationBase = advisorySearchBase;
+ } else {
+ if ((destination.getDestinationType() &
ActiveMQDestination.QUEUE_TYPE) == ActiveMQDestination.QUEUE_TYPE) {
+ destinationBase = queueSearchMatchingFormat.format(new
String[]{destination.getPhysicalName()});
+ if (queueSearchSubtreeBool) {
+ constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ } else {
+ constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
+ }
}
- }
- if ((destination.getDestinationType() &
ActiveMQDestination.TOPIC_TYPE) == ActiveMQDestination.TOPIC_TYPE) {
- destinationBase = topicSearchMatchingFormat.format(new String[]
{destination.getPhysicalName()});
- if (topicSearchSubtreeBool) {
- constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
- } else {
- constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
+ if ((destination.getDestinationType() &
ActiveMQDestination.TOPIC_TYPE) == ActiveMQDestination.TOPIC_TYPE) {
+ destinationBase = topicSearchMatchingFormat.format(new
String[]{destination.getPhysicalName()});
+ if (topicSearchSubtreeBool) {
+ constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ } else {
+ constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
+ }
}
}
Modified:
activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java?rev=1091862&r1=1091861&r2=1091862&view=diff
==============================================================================
---
activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java
(original)
+++
activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPAuthorizationMapTest.java
Wed Apr 13 17:49:29 2011
@@ -17,10 +17,12 @@
package org.apache.activemq.security;
import junit.framework.TestCase;
+import org.apache.activemq.advisory.AdvisorySupport;
import org.apache.activemq.command.ActiveMQDestination;
import org.apache.activemq.command.ActiveMQQueue;
import org.apache.activemq.command.ActiveMQTopic;
import org.apache.activemq.jaas.GroupPrincipal;
+import org.apache.activemq.spring.ActiveMQConnectionFactory;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.core.annotations.ApplyLdifFiles;
@@ -34,6 +36,7 @@ import org.junit.runner.RunWith;
import javax.naming.NameClassPair;
import javax.naming.NamingEnumeration;
import javax.naming.directory.DirContext;
+import java.text.MessageFormat;
import java.util.HashSet;
import java.util.Set;
@@ -62,6 +65,9 @@ public class LDAPAuthorizationMapTest ex
public void setup() throws Exception {
authMap = new LDAPAuthorizationMap();
authMap.setConnectionURL("ldap://localhost:1024";);
+ authMap.setTopicSearchMatchingFormat(new
MessageFormat("uid={0},ou=topics,ou=destinations,o=ActiveMQ,ou=system"));
+ authMap.setQueueSearchMatchingFormat(new
MessageFormat("uid={0},ou=queues,ou=destinations,o=ActiveMQ,ou=system"));
+
authMap.setAdvisorySearchBase("uid=ActiveMQ.Advisory,ou=topics,ou=destinations,o=ActiveMQ,ou=system");
}
@Test
@@ -129,4 +135,24 @@ public class LDAPAuthorizationMapTest ex
assertTrue(aclst1.contains(new GroupPrincipal("role3")));
}
+ @Test
+ public void testComposite() {
+ ActiveMQDestination q1 = new ActiveMQQueue("queue1,topic://topic1");
+ Set aclsq1 = authMap.getWriteACLs(q1);
+ assertEquals(3, aclsq1.size());
+ assertTrue(aclsq1.contains(new GroupPrincipal("role1")));
+ assertTrue(aclsq1.contains(new GroupPrincipal("role2")));
+ assertTrue(aclsq1.contains(new GroupPrincipal("role3")));
+ }
+
+ @Test
+ public void testAdvisory() {
+ ActiveMQDestination dest =
AdvisorySupport.getConnectionAdvisoryTopic();
+ Set acls = authMap.getWriteACLs(dest);
+
+ assertEquals(1, acls.size());
+ assertTrue(acls.contains(new GroupPrincipal("role3")));
+ }
+
+
}
Added:
activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPSecurityTest.java
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPSecurityTest.java?rev=1091862&view=auto
==============================================================================
---
activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPSecurityTest.java
(added)
+++
activemq/trunk/activemq-core/src/test/java/org/apache/activemq/security/LDAPSecurityTest.java
Wed Apr 13 17:49:29 2011
@@ -0,0 +1,79 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.security;
+
+import org.apache.activemq.ActiveMQConnectionFactory;
+import org.apache.activemq.broker.BrokerFactory;
+import org.apache.activemq.broker.BrokerService;
+import org.apache.activemq.command.ActiveMQQueue;
+import org.apache.directory.server.annotations.CreateLdapServer;
+import org.apache.directory.server.annotations.CreateTransport;
+import org.apache.directory.server.core.annotations.ApplyLdifFiles;
+import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
+import org.apache.directory.server.core.integ.FrameworkRunner;
+import org.apache.directory.server.ldap.LdapServer;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import javax.jms.*;
+
+import static org.junit.Assert.assertNotNull;
+
+
+@RunWith( FrameworkRunner.class )
+@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP")})
+@ApplyLdifFiles(
+ "org/apache/activemq/security/activemq.ldif"
+)
+public class LDAPSecurityTest extends AbstractLdapTestUnit {
+
+ public BrokerService broker;
+
+ public static LdapServer ldapServer;
+
+ @Before
+ public void setup() throws Exception {
+ broker =
BrokerFactory.createBroker("xbean:org/apache/activemq/security/activemq-ldap.xml");
+ broker.start();
+ broker.waitUntilStarted();
+ }
+
+ @After
+ public void shutdown() throws Exception {
+ broker.stop();
+ broker.waitUntilStopped();
+ }
+
+ @Test
+ public void testSendReceive() throws Exception {
+ ActiveMQConnectionFactory factory = new
ActiveMQConnectionFactory("tcp://localhost:61616");
+ Connection conn = factory.createQueueConnection("jdoe", "sunflower");
+ Session sess = conn.createSession(false, Session.AUTO_ACKNOWLEDGE);
+ conn.start();
+ Queue queue = sess.createQueue("TEST.FOO");
+
+ MessageProducer producer = sess.createProducer(queue);
+ MessageConsumer consumer = sess.createConsumer(queue);
+
+ producer.send(sess.createTextMessage("test"));
+ Message msg = consumer.receive(1000);
+ assertNotNull(msg);
+ }
+
+}
Modified: activemq/trunk/activemq-core/src/test/resources/login.config
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/resources/login.config?rev=1091862&r1=1091861&r2=1091862&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/test/resources/login.config (original)
+++ activemq/trunk/activemq-core/src/test/resources/login.config Wed Apr 13
17:49:29 2011
@@ -65,4 +65,4 @@ broker2 {
debug=true
org.apache.activemq.jaas.textfiledn.user="org/apache/activemq/security/users2.properties"
org.apache.activemq.jaas.textfiledn.group="org/apache/activemq/security/groups.properties";
-};
+};
\ No newline at end of file
Modified:
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif?rev=1091862&r1=1091861&r2=1091862&view=diff
==============================================================================
---
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif
(original)
+++
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/AMQauth.ldif
Wed Apr 13 17:49:29 2011
@@ -15,8 +15,6 @@
## limitations under the License.
## ---------------------------------------------------------------------------
-version: 1
-
dn: o=ActiveMQ,ou=system
objectclass: organization
objectclass: top
@@ -109,3 +107,28 @@ objectclass: top
cn: admin
uniquemember: uid=role1
+dn: uid=ActiveMQ.Advisory,ou=topics,ou=destinations,o=ActiveMQ,ou=system
+objectclass: uidObject
+objectclass: top
+objectclass: applicationProcess
+uid: ActiveMQ.Advisory
+cn: ActiveMQ.Advisory
+
+dn:
cn=admin,uid=ActiveMQ.Advisory,ou=topics,ou=destinations,o=ActiveMQ,ou=system
+objectclass: groupOfUniqueNames
+objectclass: top
+cn: admin
+uniquemember: uid=role1
+
+dn:
cn=read,uid=ActiveMQ.Advisory,ou=topics,ou=destinations,o=ActiveMQ,ou=system
+objectclass: groupOfUniqueNames
+objectclass: top
+cn: read
+uniquemember: uid=role2
+
+dn:
cn=write,uid=ActiveMQ.Advisory,ou=topics,ou=destinations,o=ActiveMQ,ou=system
+objectclass: groupOfUniqueNames
+objectclass: top
+cn: write
+uniquemember: uid=role3
+
Added:
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-ldap.xml
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-ldap.xml?rev=1091862&view=auto
==============================================================================
---
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-ldap.xml
(added)
+++
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-ldap.xml
Wed Apr 13 17:49:29 2011
@@ -0,0 +1,77 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- START SNIPPET: xbean -->
+<beans
+ xmlns="http://www.springframework.org/schema/beans";
+ xmlns:amq="http://activemq.apache.org/schema/core";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+ http://activemq.apache.org/schema/core
http://activemq.apache.org/schema/core/activemq-core.xsd";>
+
+ <bean
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <broker useJmx="false" xmlns="http://activemq.apache.org/schema/core";
persistent="false">
+
+ <plugins>
+ <simpleAuthenticationPlugin>
+ <users>
+ <authenticationUser username="jdoe"
password="sunflower"
+ groups="users"/>
+ <authenticationUser username="admin"
password="sunflower"
+ groups="admin"/>
+ </users>
+ </simpleAuthenticationPlugin>
+
+ <authorizationPlugin>
+ <map>
+ <bean id="lDAPAuthorizationMap"
class="org.apache.activemq.security.LDAPAuthorizationMap"
+ xmlns="http://www.springframework.org/schema/beans";>
+ <property name="initialContextFactory"
value="com.sun.jndi.ldap.LdapCtxFactory"/>
+ <property name="connectionURL"
value="ldap://localhost:1024"/>
+ <property name="authentication" value="simple"/>
+ <property name="connectionUsername"
value="uid=admin,ou=system"/>
+ <property name="connectionPassword" value="secret"/>
+ <property name="connectionProtocol" value="s"/>
+ <property name="topicSearchMatchingFormat"
+
value="cn={0},ou=Topic,ou=Destination,ou=ActiveMQ,ou=system"/>
+ <property name="topicSearchSubtreeBool" value="true"/>
+ <property name="queueSearchMatchingFormat"
+
value="cn={0},ou=Queue,ou=Destination,ou=ActiveMQ,ou=system"/>
+ <property name="advisorySearchBase"
+
value="cn=ActiveMQ.Advisory,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system"/>
+ <property name="queueSearchSubtreeBool" value="true"/>
+ <property name="adminBase" value="(cn=admin)"/>
+ <property name="adminAttribute" value="member"/>
+ <property name="readBase" value="(cn=read)"/>
+ <property name="readAttribute" value="member"/>
+ <property name="writeBase" value="(cn=write)"/>
+ <property name="writeAttribute" value="member"/>
+ </bean>
+ </map>
+ </authorizationPlugin>
+ </plugins>
+
+
+ <transportConnectors>
+ <transportConnector uri="tcp://localhost:61616"/>
+ </transportConnectors>
+
+ </broker>
+
+</beans>
+<!-- END SNIPPET: xbean -->
Added:
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq.ldif
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq.ldif?rev=1091862&view=auto
==============================================================================
---
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq.ldif
(added)
+++
activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq.ldif
Wed Apr 13 17:49:29 2011
@@ -0,0 +1,179 @@
+## ---------------------------------------------------------------------------
+## Licensed to the Apache Software Foundation (ASF) under one or more
+## contributor license agreements. See the NOTICE file distributed with
+## this work for additional information regarding copyright ownership.
+## The ASF licenses this file to You under the Apache License, Version 2.0
+## (the "License"); you may not use this file except in compliance with
+## the License. You may obtain a copy of the License at
+##
+## http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+## ---------------------------------------------------------------------------
+
+
+##########################
+## Define basic objects ##
+##########################
+
+# Uncomment if adding to open ldap
+#dn: ou=system
+#objectclass: organizationalUnit
+#objectclass: top
+#ou: system
+
+dn: ou=ActiveMQ,ou=system
+objectClass: organizationalUnit
+objectClass: top
+ou: ActiveMQ
+
+dn: ou=Services,ou=system
+ou: Services
+objectClass: organizationalUnit
+objectClass: top
+
+dn: cn=mqbroker,ou=Services,ou=system
+cn: mqbroker
+objectClass: organizationalRole
+objectClass: top
+objectClass: simpleSecurityObject
+userPassword: {SSHA}YvMAkkd66cDecNoejo8jnw5uUUBziyl0
+description: Bind user for MQ broker
+
+
+###################
+## Define groups ##
+###################
+
+
+dn: ou=Group,ou=ActiveMQ,ou=system
+objectClass: organizationalUnit
+objectClass: top
+ou: Group
+
+dn: cn=admins,ou=Group,ou=ActiveMQ,ou=system
+cn: admins
+member: uid=admin
+objectClass: groupOfNames
+objectClass: top
+
+dn: cn=users,ou=Group,ou=ActiveMQ,ou=system
+cn: users
+member: uid=jdoe
+objectClass: groupOfNames
+objectClass: top
+
+
+##################
+## Define users ##
+##################
+
+
+dn: ou=User,ou=ActiveMQ,ou=system
+objectClass: organizationalUnit
+objectClass: top
+ou: User
+
+dn: uid=admin,ou=User,ou=ActiveMQ,ou=system
+uid: admin
+userPassword: {SSHA}YvMAkkd66cDecNoejo8jnw5uUUBziyl0
+objectClass: account
+objectClass: simpleSecurityObject
+objectClass: top
+
+
+dn: uid=jdoe,ou=User,ou=ActiveMQ,ou=system
+uid: jdoe
+userPassword: {SSHA}YvMAkkd66cDecNoejo8jnw5uUUBziyl0
+objectclass: inetOrgPerson
+objectclass: organizationalPerson
+objectclass: person
+objectclass: top
+cn: Jane Doe
+sn: Doe
+
+
+#########################
+## Define destinations ##
+#########################
+
+dn: ou=Destination,ou=ActiveMQ,ou=system
+objectClass: organizationalUnit
+objectClass: top
+ou: Destination
+
+dn: ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
+objectClass: organizationalUnit
+objectClass: top
+ou: Topic
+
+dn: ou=Queue,ou=Destination,ou=ActiveMQ,ou=system
+objectClass: organizationalUnit
+objectClass: top
+ou: Queue
+
+## TEST.FOO
+
+dn: cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=system
+cn: TEST.FOO
+description: A queue
+objectClass: applicationProcess
+objectClass: top
+
+dn: cn=admin,cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=system
+cn: admin
+description: Admin privilege group, members are roles
+member: cn=admins
+member: cn=users
+objectClass: groupOfNames
+objectClass: top
+
+dn: cn=read,cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=system
+cn: read
+member: cn=users
+member: cn=admins
+objectClass: groupOfNames
+objectClass: top
+
+dn: cn=write,cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=system
+cn: write
+objectClass: groupOfNames
+objectClass: top
+member: cn=users
+member: cn=admins
+
+
+
+#######################
+## Define advisories ##
+#######################
+dn: cn=ActiveMQ.Advisory,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
+cn: ActiveMQ.Advisory
+objectClass: applicationProcess
+objectClass: top
+description: Advisory topic about consumers
+
+dn: cn=read,cn=ActiveMQ.Advisory,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
+cn: read
+member: cn=admins
+member: cn=users
+objectClass: groupOfNames
+objectClass: top
+
+dn: cn=write,cn=ActiveMQ.Advisory,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
+cn: write
+member: cn=admins
+member: cn=users
+objectClass: groupOfNames
+objectClass: top
+
+dn: cn=admin,cn=ActiveMQ.Advisory,ou=Topic,ou=Destination,ou=ActiveMQ,ou=system
+cn: admin
+member: cn=admins
+member: cn=users
+objectClass: groupOfNames
+objectClass: top
\ No newline at end of file
Modified: activemq/trunk/activemq-jaas/pom.xml
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-jaas/pom.xml?rev=1091862&r1=1091861&r2=1091862&view=diff
==============================================================================
--- activemq/trunk/activemq-jaas/pom.xml (original)
+++ activemq/trunk/activemq-jaas/pom.xml Wed Apr 13 17:49:29 2011
@@ -40,7 +40,6 @@
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
- <forkMode>pertest</forkMode>
<childDelegation>false</childDelegation>
<useFile>true</useFile>
<argLine>-Xmx512M</argLine>
Modified:
activemq/trunk/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java?rev=1091862&r1=1091861&r2=1091862&view=diff
==============================================================================
---
activemq/trunk/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java
(original)
+++
activemq/trunk/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java
Wed Apr 13 17:49:29 2011
@@ -47,17 +47,6 @@ import static org.junit.Assert.assertTru
"test.ldif"
)
public class LDAPLoginModuleTest extends AbstractLdapTestUnit {
-
- static {
- String path = System.getProperty("java.security.auth.login.config");
- if (path == null) {
- URL resource =
PropertiesLoginModuleTest.class.getClassLoader().getResource("login.config");
- if (resource != null) {
- path = resource.getFile();
- System.setProperty("java.security.auth.login.config", path);
- }
- }
- }
private static final String BASE = "o=ActiveMQ,ou=system";
public static LdapServer ldapServer;
