This is an automated email from the ASF dual-hosted git repository.
robbie pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/activemq-artemis.git
The following commit(s) were added to refs/heads/main by this push:
new ef5fb0b1f1 ARTEMIS-4451: fix non-SASL AMQP connections when resource
audit logging enabled
ef5fb0b1f1 is described below
commit ef5fb0b1f19fe6b0ba2a9dfb93dd2138433ed03f
Author: Robbie Gemmell <[email protected]>
AuthorDate: Wed Oct 4 16:12:02 2023 +0100
ARTEMIS-4451: fix non-SASL AMQP connections when resource audit logging
enabled
---
.../amqp/broker/AMQPConnectionCallback.java | 2 +-
.../amqp/broker/AMQPConnectionCallbackTest.java | 45 ++++++++++++++++++++++
.../smoke/logging/AuditLoggerResourceTest.java | 15 +++++---
3 files changed, 56 insertions(+), 6 deletions(-)
diff --git
a/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
b/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
index c44a9d5546..859962ffc9 100644
---
a/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
+++
b/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallback.java
@@ -130,7 +130,7 @@ public class AMQPConnectionCallback implements
FailureListener, CloseListener {
public boolean isSupportsAnonymous() {
boolean supportsAnonymous = false;
try {
- server.getSecurityStore().authenticate(null, null, null);
+ server.getSecurityStore().authenticate(null, null,
protonConnectionDelegate);
supportsAnonymous = true;
} catch (Exception e) {
// authentication failed so no anonymous support
diff --git
a/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java
b/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java
index 2d03dd5d75..8f0f34756b 100644
---
a/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java
+++
b/artemis-protocols/artemis-amqp-protocol/src/test/java/org/apache/activemq/artemis/protocol/amqp/broker/AMQPConnectionCallbackTest.java
@@ -16,16 +16,25 @@
*/
package org.apache.activemq.artemis.protocol.amqp.broker;
+import org.apache.activemq.artemis.api.core.ActiveMQSecurityException;
import org.apache.activemq.artemis.core.remoting.impl.invm.InVMConnection;
+import org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection;
+import org.apache.activemq.artemis.core.security.SecurityStore;
+import org.apache.activemq.artemis.core.server.ActiveMQServer;
import org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl;
import org.apache.activemq.artemis.protocol.amqp.sasl.AnonymousServerSASL;
import org.apache.activemq.artemis.protocol.amqp.sasl.GSSAPIServerSASL;
import org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL;
+import org.apache.activemq.artemis.utils.ExecutorFactory;
+import org.apache.activemq.artemis.utils.actors.ArtemisExecutor;
import org.junit.Test;
+import org.mockito.Mockito;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
public class AMQPConnectionCallbackTest {
@@ -48,4 +57,40 @@ public class AMQPConnectionCallbackTest {
AMQPConnectionCallback connectionCallback = new
AMQPConnectionCallback(protonProtocolManager, null, null, new
ActiveMQServerImpl());
assertNotNull("can get anon with empty list",
connectionCallback.getServerSASL(AnonymousServerSASL.NAME));
}
+
+ @Test
+ public void testAnonymousSupportCheck() throws Exception {
+ ArtemisExecutor executor = Mockito.mock(ArtemisExecutor.class);
+ ExecutorFactory executorFactory = Mockito.mock(ExecutorFactory.class);
+ Mockito.when(executorFactory.getExecutor()).thenReturn(executor);
+
+ SecurityStore securityStore = Mockito.mock(SecurityStore.class);
+
+ ActiveMQServer server = Mockito.mock(ActiveMQServer.class);
+ Mockito.when(server.getExecutorFactory()).thenReturn(executorFactory);
+ Mockito.when(server.getSecurityStore()).thenReturn(securityStore);
+
+ NettyConnection transportConnection =
Mockito.mock(NettyConnection.class);
+ ProtonProtocolManager protocolManager =
Mockito.mock(ProtonProtocolManager.class);
+ Mockito.when(protocolManager.getServer()).thenReturn(server);
+
+ AMQPConnectionCallback callback = new
AMQPConnectionCallback(protocolManager, transportConnection, executor, server);
+ ActiveMQProtonRemotingConnection connectionDelegate =
Mockito.mock(ActiveMQProtonRemotingConnection.class);
+ callback.setProtonConnectionDelegate(connectionDelegate);
+
+ // Make it succeed
+ Mockito.when(securityStore.authenticate(Mockito.any(), Mockito.any(),
Mockito.any())).thenReturn("validatedAnonUser");
+
+ // Verify result and expected args are passed
+ assertTrue(callback.isSupportsAnonymous());
+ Mockito.verify(securityStore).authenticate(Mockito.any(), Mockito.any(),
Mockito.same(connectionDelegate));
+
+ // Make it fail
+ Mockito.reset(securityStore);
+ Mockito.when(securityStore.authenticate(Mockito.any(), Mockito.any(),
Mockito.any())).thenThrow(new ActiveMQSecurityException("auth-failed"));
+
+ // Verify result and expected args are passed
+ assertFalse(callback.isSupportsAnonymous());
+ Mockito.verify(securityStore).authenticate(Mockito.any(), Mockito.any(),
Mockito.same(connectionDelegate));
+ }
}
\ No newline at end of file
diff --git
a/tests/smoke-tests/src/test/java/org/apache/activemq/artemis/tests/smoke/logging/AuditLoggerResourceTest.java
b/tests/smoke-tests/src/test/java/org/apache/activemq/artemis/tests/smoke/logging/AuditLoggerResourceTest.java
index 653fbcc837..bbc0402932 100644
---
a/tests/smoke-tests/src/test/java/org/apache/activemq/artemis/tests/smoke/logging/AuditLoggerResourceTest.java
+++
b/tests/smoke-tests/src/test/java/org/apache/activemq/artemis/tests/smoke/logging/AuditLoggerResourceTest.java
@@ -98,21 +98,26 @@ public class AuditLoggerResourceTest extends
AuditLoggerTestBase {
@Test
public void testCoreConnectionAuditLog() throws Exception {
- testConnectionAuditLog("CORE");
+ testConnectionAuditLog("CORE", "tcp://localhost:61616");
}
@Test
public void testAMQPConnectionAuditLog() throws Exception {
- testConnectionAuditLog("AMQP");
+ testConnectionAuditLog("AMQP", "amqp://localhost:61616");
+ }
+
+ @Test
+ public void testAMQPNoSaslConnectionAuditLog() throws Exception {
+ testConnectionAuditLog("AMQP",
"amqp://localhost:61616?amqp.saslLayer=false");
}
@Test
public void testOpenWireConnectionAuditLog() throws Exception {
- testConnectionAuditLog("OPENWIRE");
+ testConnectionAuditLog("OPENWIRE", "tcp://localhost:61616");
}
- private void testConnectionAuditLog(String protocol) throws Exception {
- ConnectionFactory factory = CFUtil.createConnectionFactory(protocol,
"tcp://localhost:61616");
+ private void testConnectionAuditLog(String protocol, String url) throws
Exception {
+ ConnectionFactory factory = CFUtil.createConnectionFactory(protocol,
url);
Connection connection = factory.createConnection();
Session s = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
checkAuditLogRecord(true, "AMQ601767: " + protocol + " connection");
