Author: aidan
Date: Wed Apr 15 15:55:36 2009
New Revision: 765250
URL: http://svn.apache.org/viewvc?rev=765250&view=rev
Log:
QPID-1812: Fix firewall rule parsing, add test for this.
Modified:
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/network/FirewallPlugin.java
qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
Modified:
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/network/FirewallPlugin.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/network/FirewallPlugin.java?rev=765250&r1=765249&r2=765250&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/network/FirewallPlugin.java
(original)
+++
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/network/FirewallPlugin.java
Wed Apr 15 15:55:36 2009
@@ -55,7 +55,7 @@
public ACLPlugin newInstance(Configuration config) throws
ConfigurationException
{
FirewallPlugin plugin = new FirewallPlugin();
- plugin.setConfiguration(config);
+ plugin.setConfiguration(config.subset("firewall"));
return plugin;
}
};
@@ -245,7 +245,7 @@
}
CompositeConfiguration finalConfig = new
CompositeConfiguration(config);
- List subFiles = config.getList("firewall.x...@filename]");
+ List subFiles = config.getList("x...@filename]");
for (Object subFile : subFiles)
{
finalConfig.addConfiguration(new XMLConfiguration((String)
subFile));
Modified:
qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java?rev=765250&r1=765249&r2=765250&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
(original)
+++
qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
Wed Apr 15 15:55:36 2009
@@ -696,6 +696,64 @@
"foo", config.getManagementKeyStorePath());
}
+ public void testFirewallConfiguration() throws Exception
+ {
+ // Write out config
+ File mainFile = File.createTempFile(getClass().getName(), null);
+ mainFile.deleteOnExit();
+ FileWriter out = new FileWriter(mainFile);
+
+ out.write("<broker>\n");
+ out.write("\t<management><enabled>false</enabled></management>\n");
+ out.write("\t<security>\n");
+ out.write("\t\t<principal-databases>\n");
+ out.write("\t\t\t<principal-database>\n");
+ out.write("\t\t\t\t<name>passwordfile</name>\n");
+
out.write("\t\t\t\t<class>org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase</class>\n");
+ out.write("\t\t\t\t<attributes>\n");
+ out.write("\t\t\t\t\t<attribute>\n");
+ out.write("\t\t\t\t\t\t<name>passwordFile</name>\n");
+ out.write("\t\t\t\t\t\t<value>/dev/null</value>\n");
+ out.write("\t\t\t\t\t</attribute>\n");
+ out.write("\t\t\t\t</attributes>\n");
+ out.write("\t\t\t</principal-database>\n");
+ out.write("\t\t</principal-databases>\n");
+ out.write("\t\t<jmx>\n");
+ out.write("\t\t\t<access>/dev/null</access>\n");
+
out.write("\t\t\t<principal-database>passwordfile</principal-database>\n");
+ out.write("\t\t</jmx>\n");
+ out.write("\t\t<firewall>\n");
+ out.write("\t\t\t<rule access=\"deny\" network=\"127.0.0.1\"/>");
+ out.write("\t\t</firewall>\n");
+ out.write("\t</security>\n");
+ out.write("\t<virtualhosts>\n");
+ out.write("\t\t<virtualhost>\n");
+ out.write("\t\t\t<name>test</name>\n");
+ out.write("\t\t</virtualhost>\n");
+ out.write("\t</virtualhosts>\n");
+ out.write("</broker>\n");
+ out.close();
+
+ // Load config
+ ApplicationRegistry reg = new
ConfigurationFileApplicationRegistry(mainFile);
+ ApplicationRegistry.initialise(reg, 1);
+
+ // Test config
+ VirtualHostRegistry virtualHostRegistry = reg.getVirtualHostRegistry();
+ VirtualHost virtualHost = virtualHostRegistry.getVirtualHost("test");
+ AMQCodecFactory codecFactory = new AMQCodecFactory(true);
+
+ TestIoSession iosession = new TestIoSession();
+ iosession.setAddress("127.0.0.1");
+
+ AMQProtocolSession session = new AMQMinaProtocolSession(iosession,
virtualHostRegistry, codecFactory);
+ assertFalse(reg.getAccessManager().authoriseConnect(session,
virtualHost));
+
+ iosession.setAddress("127.1.2.3");
+ session = new AMQMinaProtocolSession(iosession, virtualHostRegistry,
codecFactory);
+ assertTrue(reg.getAccessManager().authoriseConnect(session,
virtualHost));
+ }
+
public void testCombinedConfigurationFirewall() throws Exception
{
// Write out config
@@ -756,11 +814,13 @@
ApplicationRegistry.initialise(reg, 1);
// Test config
- TestIoSession iosession = new TestIoSession();
- iosession.setAddress("127.0.0.1");
VirtualHostRegistry virtualHostRegistry = reg.getVirtualHostRegistry();
VirtualHost virtualHost = virtualHostRegistry.getVirtualHost("test");
AMQCodecFactory codecFactory = new AMQCodecFactory(true);
+
+ TestIoSession iosession = new TestIoSession();
+ iosession.setAddress("127.0.0.1");
+
AMQProtocolSession session = new AMQMinaProtocolSession(iosession,
virtualHostRegistry, codecFactory);
assertFalse(reg.getAccessManager().authoriseConnect(session,
virtualHost));
}
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
