This is an automated email from the ASF dual-hosted git repository.
brusdev pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/activemq-artemis.git
The following commit(s) were added to refs/heads/main by this push:
new 15aafe0b70 ARTEMIS-4293 add mngmnt ops to clear authn/z caches
15aafe0b70 is described below
commit 15aafe0b70f59c0edc255bb648cc4007e9a29811
Author: Justin Bertram <jbert...@apache.org>
AuthorDate: Thu May 25 18:07:33 2023 -0500
ARTEMIS-4293 add mngmnt ops to clear authn/z caches
---
.../apache/activemq/artemis/logs/AuditLogger.java | 14 ++++++++++++
.../api/core/management/ActiveMQServerControl.java | 6 +++++
.../management/impl/ActiveMQServerControlImpl.java | 16 +++++++++++++
.../core/security/impl/SecurityStoreImpl.java | 2 --
.../management/ActiveMQServerControlTest.java | 26 ++++++++++++++++++++++
.../ActiveMQServerControlUsingCoreTest.java | 10 +++++++++
6 files changed, 72 insertions(+), 2 deletions(-)
diff --git
a/artemis-commons/src/main/java/org/apache/activemq/artemis/logs/AuditLogger.java
b/artemis-commons/src/main/java/org/apache/activemq/artemis/logs/AuditLogger.java
index 2f02c7d4f7..9af9075ea9 100644
---
a/artemis-commons/src/main/java/org/apache/activemq/artemis/logs/AuditLogger.java
+++
b/artemis-commons/src/main/java/org/apache/activemq/artemis/logs/AuditLogger.java
@@ -2653,4 +2653,18 @@ public interface AuditLogger {
@LogMessage(id = 601768, value = "{} connection {} for user {} destroyed",
level = LogMessage.Level.INFO)
void destroyedConnection(String protocol, String connectionID, String user);
+
+ static void clearAuthenticationCache(Object source) {
+ BASE_LOGGER.clearAuthenticationCache(getCaller(), source);
+ }
+
+ @LogMessage(id = 601769, value = "User {} is clearing authentication cache
on target resource: {}", level = LogMessage.Level.INFO)
+ void clearAuthenticationCache(String user, Object source);
+
+ static void clearAuthorizationCache(Object source) {
+ BASE_LOGGER.clearAuthorizationCache(getCaller(), source);
+ }
+
+ @LogMessage(id = 601770, value = "User {} is clearing authorization cache
on target resource: {}", level = LogMessage.Level.INFO)
+ void clearAuthorizationCache(String user, Object source);
}
diff --git
a/artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/management/ActiveMQServerControl.java
b/artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/management/ActiveMQServerControl.java
index 2229abfee5..0c4289fb52 100644
---
a/artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/management/ActiveMQServerControl.java
+++
b/artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/management/ActiveMQServerControl.java
@@ -2006,5 +2006,11 @@ public interface ActiveMQServerControl {
@Attribute(desc = "Scan all paged destinations to rebuild the page
counters")
void rebuildPageCounters() throws Exception;
+
+ @Operation(desc = "Clear the authentication cache", impact =
MBeanOperationInfo.ACTION)
+ void clearAuthenticationCache() throws Exception;
+
+ @Operation(desc = "Clear the authorization cache", impact =
MBeanOperationInfo.ACTION)
+ void clearAuthorizationCache() throws Exception;
}
diff --git
a/artemis-server/src/main/java/org/apache/activemq/artemis/core/management/impl/ActiveMQServerControlImpl.java
b/artemis-server/src/main/java/org/apache/activemq/artemis/core/management/impl/ActiveMQServerControlImpl.java
index eb147349b4..1096ebee4f 100644
---
a/artemis-server/src/main/java/org/apache/activemq/artemis/core/management/impl/ActiveMQServerControlImpl.java
+++
b/artemis-server/src/main/java/org/apache/activemq/artemis/core/management/impl/ActiveMQServerControlImpl.java
@@ -4664,5 +4664,21 @@ public class ActiveMQServerControlImpl extends
AbstractControl implements Active
}
throw ActiveMQMessageBundle.BUNDLE.embeddedWebServerNotFound();
}
+
+ @Override
+ public void clearAuthenticationCache() {
+ if (AuditLogger.isBaseLoggingEnabled()) {
+ AuditLogger.clearAuthenticationCache(this.server);
+ }
+
((SecurityStoreImpl)server.getSecurityStore()).invalidateAuthenticationCache();
+ }
+
+ @Override
+ public void clearAuthorizationCache() {
+ if (AuditLogger.isBaseLoggingEnabled()) {
+ AuditLogger.clearAuthorizationCache(this.server);
+ }
+
((SecurityStoreImpl)server.getSecurityStore()).invalidateAuthorizationCache();
+ }
}
diff --git
a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
index 7f770d9711..14c393d032 100644
---
a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
+++
b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
@@ -424,12 +424,10 @@ public class SecurityStoreImpl implements SecurityStore,
HierarchicalRepositoryC
logger.debug("Skipping authentication cache due to exception: {}",
e.getMessage());
}
- // public for testing purposes
public void invalidateAuthorizationCache() {
authorizationCache.invalidateAll();
}
- // public for testing purposes
public void invalidateAuthenticationCache() {
authenticationCache.invalidateAll();
}
diff --git
a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlTest.java
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlTest.java
index d758fb62f8..b6585dbcc4 100644
---
a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlTest.java
+++
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlTest.java
@@ -257,6 +257,32 @@ public class ActiveMQServerControlTest extends
ManagementTestBase {
Wait.assertEquals(usingCore() ? 8 : 1, () ->
serverControl.getAuthorizationCacheSize());
}
+ @Test
+ public void testClearingSecurityCaches() throws Exception {
+ ActiveMQServerControl serverControl = createManagementControl();
+
+ ServerLocator loc = createInVMNonHALocator();
+ ClientSessionFactory csf = createSessionFactory(loc);
+ ClientSession session = csf.createSession("myUser", "myPass", false,
true, false, false, 0);
+ session.start();
+
+ final String address = "ADDRESS";
+ serverControl.createAddress(address, "MULTICAST");
+ ClientProducer producer = session.createProducer(address);
+ ClientMessage m = session.createMessage(true);
+ m.putStringProperty("hello", "world");
+ producer.send(m);
+
+ Assert.assertTrue(serverControl.getAuthenticationCacheSize() > 0);
+ Wait.assertTrue(() -> serverControl.getAuthorizationCacheSize() > 0);
+
+ serverControl.clearAuthenticationCache();
+ serverControl.clearAuthorizationCache();
+
+ Assert.assertEquals(usingCore() ? 1 : 0,
serverControl.getAuthenticationCacheSize());
+ Assert.assertEquals(usingCore() ? 7 : 0,
serverControl.getAuthorizationCacheSize());
+ }
+
@Test
public void testGetConnectors() throws Exception {
ActiveMQServerControl serverControl = createManagementControl();
diff --git
a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlUsingCoreTest.java
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlUsingCoreTest.java
index 5cb2cc98d6..fd1fee8be2 100644
---
a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlUsingCoreTest.java
+++
b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlUsingCoreTest.java
@@ -1754,6 +1754,16 @@ public class ActiveMQServerControlUsingCoreTest extends
ActiveMQServerControlTes
public void rebuildPageCounters() throws Exception {
proxy.invokeOperation("rebuildPageCounters");
}
+
+ @Override
+ public void clearAuthenticationCache() throws Exception {
+ proxy.invokeOperation("clearAuthenticationCache");
+ }
+
+ @Override
+ public void clearAuthorizationCache() throws Exception {
+ proxy.invokeOperation("clearAuthorizationCache");
+ }
};
}
