svn commit: r1161620 - in /activemq/activemq-apollo/trunk: apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/ apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/

chirino Thu, 25 Aug 2011 09:08:26 -0700

Author: chirino
Date: Thu Aug 25 16:07:59 2011
New Revision: 1161620

URL: http://svn.apache.org/viewvc?rev=1161620&view=rev
Log:
Better JAAS configuration.  Don't succeed a login just because it it passed the 
socket address module.  Also avoid hitting the other login modules if it fails 
the socket address module.


Modified:
    
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileGroupLoginModule.scala
    
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/GuestLoginModule.scala
    
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SocketAddressLoginModule.scala
    
activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/login.config

Modified: 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileGroupLoginModule.scala
URL: 
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileGroupLoginModule.scala?rev=1161620&r1=1161619&r2=1161620&view=diff
==============================================================================
--- 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileGroupLoginModule.scala
 (original)
+++ 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/FileGroupLoginModule.scala
 Thu Aug 25 16:07:59 2011
@@ -96,9 +96,7 @@ class FileGroupLoginModule extends Login
     debug("Initialized file=%s, match=%s", file, match_kind)
   }
 
-  def login: Boolean = {
-    false
-  }
+  def login = false
 
   def commit: Boolean = {
 

Modified: 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/GuestLoginModule.scala
URL: 
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/GuestLoginModule.scala?rev=1161620&r1=1161619&r2=1161620&view=diff
==============================================================================
--- 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/GuestLoginModule.scala
 (original)
+++ 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/GuestLoginModule.scala
 Thu Aug 25 16:07:59 2011
@@ -74,7 +74,7 @@ class GuestLoginModule extends LoginModu
       val callback = new NameCallback("Username: ")
       callback_handler.handle(Array(callback))
       if( callback.getName!=null && callback.getName.size>=0 ) {
-        throw new LoginException("User supplied a user name, not a guest")
+        return false;
       }
     } catch {
       case ioe: IOException =>
@@ -85,9 +85,7 @@ class GuestLoginModule extends LoginModu
     try {
       val callback = new PasswordCallback("Password: ", false)
       callback_handler.handle(Array(callback))
-      if( callback.getPassword!=null && callback.getPassword.size>=0 ) {
-        throw new LoginException("User supplied a password, not a guest")
-      }
+      return false;
     } catch {
       case ioe: IOException =>
         throw new LoginException(ioe.getMessage())

Modified: 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SocketAddressLoginModule.scala
URL: 
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SocketAddressLoginModule.scala?rev=1161620&r1=1161619&r2=1161620&view=diff
==============================================================================
--- 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SocketAddressLoginModule.scala
 (original)
+++ 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/SocketAddressLoginModule.scala
 Thu Aug 25 16:07:59 2011
@@ -128,7 +128,7 @@ class SocketAddressLoginModule extends L
         }
     }
 
-    return true
+    return false
   }
 
   def matches(file:File, address:SocketAddress):Boolean = {

Modified: 
activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/login.config
URL: 
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/login.config?rev=1161620&r1=1161619&r2=1161620&view=diff
==============================================================================
--- 
activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/login.config
 (original)
+++ 
activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/login.config
 Thu Aug 25 16:07:59 2011
@@ -22,7 +22,7 @@ apollo {
   // The black-list.txt is a text file that contains a new line separated IP 
address
   // which are not allowed to connect to this server.
   //
-  org.apache.activemq.apollo.broker.security.SocketAddressLoginModule required
+  org.apache.activemq.apollo.broker.security.SocketAddressLoginModule requisite
     // Uncomment to use a while list of allowed address that can connect to us
     // white_list_file="white-list.txt"
     black_list_file="black-list.txt"

svn commit: r1161620 - in /activemq/activemq-apollo/trunk: apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/security/ apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/

Reply via email to