Author: orudyy
Date: Tue Dec 4 17:06:14 2012
New Revision: 1417036
URL: http://svn.apache.org/viewvc?rev=1417036&view=rev
Log:
QPID-4390: Simplify the authentication functionality
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagedObjectRegistry.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagement.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Broker.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/rmi/RMIPasswordAuthenticator.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/rmi/RMIPasswordAuthenticatorTest.java
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java?rev=1417036&r1=1417035&r2=1417036&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
Tue Dec 4 17:06:14 2012
@@ -208,11 +208,9 @@ public class HttpManagement extends Abst
root.setContextPath("/");
server.setHandler(root);
- // set servlet context attributes for broker, configuration, security
manager and ports
+ // set servlet context attributes for broker and configuration
root.getServletContext().setAttribute(AbstractServlet.ATTR_BROKER,
_broker);
root.getServletContext().setAttribute(AbstractServlet.ATTR_CONFIGURATION,
_configuration);
-
root.getServletContext().setAttribute(AbstractServlet.ATTR_SECURITY_MANAGER,
_broker.getSecurityManager());
- root.getServletContext().setAttribute(AbstractServlet.ATTR_PORTS,
ports);
addRestServlet(root, "broker");
addRestServlet(root, "virtualhost", VirtualHost.class);
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java?rev=1417036&r1=1417035&r2=1417036&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java
Tue Dec 4 17:06:14 2012
@@ -26,7 +26,6 @@ import java.net.SocketAddress;
import java.security.AccessControlException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
-import java.util.Collection;
import javax.security.auth.Subject;
import javax.servlet.ServletConfig;
@@ -46,7 +45,6 @@ import org.apache.qpid.server.logging.ac
import org.apache.qpid.server.management.plugin.HttpConfiguration;
import org.apache.qpid.server.management.plugin.session.LoginLogoutReporter;
import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.security.SecurityManager;
import org.apache.qpid.server.security.SubjectCreator;
import
org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus;
@@ -67,16 +65,6 @@ public abstract class AbstractServlet ex
*/
public static final String ATTR_CONFIGURATION = "Qpid.configuration";
- /**
- * Servlet context attribute holding a reference to a security manager
- */
- public static final String ATTR_SECURITY_MANAGER = "Qpid.securityManager";
-
- /**
- * Servlet context attribute holding a reference to a collection of http
ports
- */
- public static final String ATTR_PORTS = "Qpid.ports";
-
private static final String ATTR_LOGIN_LOGOUT_REPORTER =
"AbstractServlet.loginLogoutReporter";
private static final String ATTR_SUBJECT = "AbstractServlet.subject";
private static final String ATTR_LOG_ACTOR = "AbstractServlet.logActor";
@@ -84,15 +72,12 @@ public abstract class AbstractServlet ex
private Broker _broker;
private RootMessageLogger _rootLogger;
private HttpConfiguration _configuration;
- private Collection<Port> _ports;
- private SecurityManager _securityManager;
protected AbstractServlet()
{
super();
}
- @SuppressWarnings("unchecked")
@Override
public void init() throws ServletException
{
@@ -101,8 +86,6 @@ public abstract class AbstractServlet ex
_broker = (Broker)servletContext.getAttribute(ATTR_BROKER);
_rootLogger = _broker.getRootMessageLogger();
_configuration =
(HttpConfiguration)servletContext.getAttribute(ATTR_CONFIGURATION);
- _securityManager =
(SecurityManager)servletContext.getAttribute(ATTR_SECURITY_MANAGER);
- _ports = (Collection<Port>)servletContext.getAttribute(ATTR_PORTS);
super.init();
}
@@ -295,7 +278,7 @@ public abstract class AbstractServlet ex
return subject;
}
- SubjectCreator subjectCreator =
getSubjectCreator(getSocketAddress(request));
+ SubjectCreator subjectCreator = getSubjectCreator(request);
subject = authenticate(request, subjectCreator);
if (subject != null)
{
@@ -310,20 +293,6 @@ public abstract class AbstractServlet ex
return subject;
}
- protected SubjectCreator getSubjectCreator(SocketAddress localAddress)
- {
- InetSocketAddress inetSocketAddress = (InetSocketAddress)localAddress;
- Collection<Port> ports = _ports == null ? _broker.getPorts() : _ports;
- for (Port p : ports)
- {
- if (inetSocketAddress.getPort() == p.getPort())
- {
- return p.getAuthenticationProvider().getSubjectCreator();
- }
- }
- return null;
- }
-
protected void authoriseManagement(HttpServletRequest request, Subject
subject)
{
// TODO: We should eliminate SecurityManager.setThreadSubject in
favour of Subject.doAs
@@ -339,7 +308,7 @@ public abstract class AbstractServlet ex
@Override
public Void run() throws Exception
{
- boolean allowed = _securityManager.accessManagement();
+ boolean allowed =
getSecurityManager().accessManagement();
if (!allowed)
{
throw new AccessControlException("User is not
authorised for management");
@@ -494,7 +463,11 @@ public abstract class AbstractServlet ex
protected SecurityManager getSecurityManager()
{
- return _securityManager;
+ return _broker.getSecurityManager();
}
+ protected SubjectCreator getSubjectCreator(HttpServletRequest request)
+ {
+ return _broker.getSubjectCreator(getSocketAddress(request));
+ }
}
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java?rev=1417036&r1=1417035&r2=1417036&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
Tue Dec 4 17:06:14 2012
@@ -76,7 +76,7 @@ public class SaslServlet extends Abstrac
HttpSession session = request.getSession();
getRandom(session);
- SubjectCreator subjectCreator =
getSubjectCreator(getSocketAddress(request));
+ SubjectCreator subjectCreator = getSubjectCreator(request);
String[] mechanisms = subjectCreator.getMechanisms().split(" ");
Map<String, Object> outputObject = new LinkedHashMap<String, Object>();
@@ -134,7 +134,7 @@ public class SaslServlet extends Abstrac
String id = request.getParameter("id");
String saslResponse = request.getParameter("response");
- SubjectCreator subjectCreator =
getSubjectCreator(getSocketAddress(request));
+ SubjectCreator subjectCreator = getSubjectCreator(request);
if(mechanism != null)
{
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagedObjectRegistry.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagedObjectRegistry.java?rev=1417036&r1=1417035&r2=1417036&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagedObjectRegistry.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagedObjectRegistry.java
Tue Dec 4 17:06:14 2012
@@ -45,6 +45,7 @@ import java.io.FileNotFoundException;
import java.io.IOException;
import java.lang.management.ManagementFactory;
import java.net.InetAddress;
+import java.net.InetSocketAddress;
import java.net.UnknownHostException;
import java.rmi.AlreadyBoundException;
import java.rmi.NoSuchObjectException;
@@ -74,15 +75,18 @@ public class JMXManagedObjectRegistry im
private JMXConnectorServer _cs;
private Registry _rmiRegistry;
+ private final Broker _broker;
private final Port _registryPort;
private final Port _connectorPort;
private final JMXConfiguration _jmxConfiguration;
public JMXManagedObjectRegistry(
+ Broker broker,
Port connectorPort, Port registryPort,
JMXConfiguration jmxConfiguration)
{
+ _broker = broker;
_registryPort = registryPort;
_connectorPort = connectorPort;
@@ -156,7 +160,7 @@ public class JMXManagedObjectRegistry im
int jmxPortConnectorServer = _connectorPort.getPort();
//add a JMXAuthenticator implementation the env map to authenticate
the RMI based JMX connector server
- RMIPasswordAuthenticator rmipa = new
RMIPasswordAuthenticator(_registryPort);
+ RMIPasswordAuthenticator rmipa = new RMIPasswordAuthenticator(_broker,
new InetSocketAddress(jmxPortConnectorServer));
HashMap<String,Object> connectorEnv = new HashMap<String,Object>();
connectorEnv.put(JMXConnectorServer.AUTHENTICATOR, rmipa);
@@ -237,14 +241,12 @@ public class JMXManagedObjectRegistry im
}
};
- Broker broker = _registryPort.getParent(Broker.class);
-
//Add the custom invoker as an MBeanServerForwarder, and start the
RMIConnectorServer.
- MBeanServerForwarder mbsf =
MBeanInvocationHandlerImpl.newProxyInstance(broker, _jmxConfiguration);
+ MBeanServerForwarder mbsf =
MBeanInvocationHandlerImpl.newProxyInstance(_broker, _jmxConfiguration);
_cs.setMBeanServerForwarder(mbsf);
// Install a ManagementLogonLogoffReporter so we can report as users
logon/logoff
- ManagementLogonLogoffReporter jmxManagementUserLogonLogoffReporter =
new ManagementLogonLogoffReporter(broker.getRootMessageLogger(),
usernameCachingRmiServer);
+ ManagementLogonLogoffReporter jmxManagementUserLogonLogoffReporter =
new ManagementLogonLogoffReporter(_broker.getRootMessageLogger(),
usernameCachingRmiServer);
_cs.addNotificationListener(jmxManagementUserLogonLogoffReporter,
jmxManagementUserLogonLogoffReporter, null);
// Install the usernameCachingRmiServer as a listener so it may
cleanup as clients disconnect
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagement.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagement.java?rev=1417036&r1=1417035&r2=1417036&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagement.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagement.java
Tue Dec 4 17:06:14 2012
@@ -118,7 +118,7 @@ public class JMXManagement extends Abstr
throw new IllegalStateException("No JMX RMI port found supporting
protocol " + Protocol.RMI);
}
- _objectRegistry = new JMXManagedObjectRegistry(connectorPort,
registryPort, _jmxConfiguration);
+ _objectRegistry = new JMXManagedObjectRegistry(_broker, connectorPort,
registryPort, _jmxConfiguration);
_broker.addChangeListener(this);
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Broker.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Broker.java?rev=1417036&r1=1417035&r2=1417036&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Broker.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Broker.java
Tue Dec 4 17:06:14 2012
@@ -20,6 +20,7 @@
*/
package org.apache.qpid.server.model;
+import java.net.SocketAddress;
import java.security.AccessControlException;
import java.util.Arrays;
import java.util.Collection;
@@ -29,6 +30,7 @@ import java.util.Map;
import org.apache.qpid.server.logging.LogRecorder;
import org.apache.qpid.server.logging.RootMessageLogger;
import org.apache.qpid.server.security.SecurityManager;
+import org.apache.qpid.server.security.SubjectCreator;
public interface Broker extends ConfiguredObject
{
@@ -135,4 +137,12 @@ public interface Broker extends Configur
VirtualHost findVirtualHostByName(String name);
+ /**
+ * Get the SubjectCreator for the given socket address.
+ * TODO: move the authentication related functionality into host aliases
and AuthenticationProviders
+ *
+ * @param address The (listening) socket address for which the
AuthenticationManager is required
+ */
+ SubjectCreator getSubjectCreator(SocketAddress localAddress);
+
}
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java?rev=1417036&r1=1417035&r2=1417036&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
Tue Dec 4 17:06:14 2012
@@ -25,6 +25,8 @@ import static org.apache.qpid.server.uti
import static
org.apache.qpid.server.util.MapValueConverter.getBooleanAttribute;
import static org.apache.qpid.server.util.MapValueConverter.getStringAttribute;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
import java.security.AccessControlException;
import java.util.ArrayList;
import java.util.Collection;
@@ -54,6 +56,7 @@ import org.apache.qpid.server.model.Virt
import org.apache.qpid.server.registry.IApplicationRegistry;
import org.apache.qpid.server.security.group.GroupPrincipalAccessor;
import org.apache.qpid.server.security.SecurityManager;
+import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.stats.StatisticsGatherer;
import org.apache.qpid.server.virtualhost.VirtualHostRegistry;
@@ -727,4 +730,21 @@ public class BrokerAdapter extends Abstr
{
return _vhostAdapters.get(name);
}
+
+ @Override
+ public SubjectCreator getSubjectCreator(SocketAddress localAddress)
+ {
+ InetSocketAddress inetSocketAddress = (InetSocketAddress)localAddress;
+ AuthenticationProvider provider = _defaultAuthenticationProvider;
+ Collection<Port> ports = getPorts();
+ for (Port p : ports)
+ {
+ if (inetSocketAddress.getPort() == p.getPort())
+ {
+ provider = p.getAuthenticationProvider();
+ break;
+ }
+ }
+ return provider.getSubjectCreator();
+ }
}
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java?rev=1417036&r1=1417035&r2=1417036&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java
Tue Dec 4 17:06:14 2012
@@ -20,9 +20,7 @@
*/
package org.apache.qpid.server.registry;
-import java.net.InetSocketAddress;
import java.net.SocketAddress;
-import java.util.Collection;
import java.util.Timer;
import java.util.TimerTask;
import java.util.UUID;
@@ -382,18 +380,7 @@ public class ApplicationRegistry impleme
@Override
public SubjectCreator getSubjectCreator(SocketAddress localAddress)
{
- AuthenticationProvider provider =
_broker.getDefaultAuthenticationProvider();
- InetSocketAddress inetSocketAddress = (InetSocketAddress)localAddress;
- Collection<Port> ports = _broker.getPorts();
- for (Port p : ports)
- {
- if (inetSocketAddress.getPort() == p.getPort())
- {
- provider = p.getAuthenticationProvider();
- break;
- }
- }
- return provider.getSubjectCreator();
+ return _broker.getSubjectCreator(localAddress);
}
public RootMessageLogger getRootMessageLogger()
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/rmi/RMIPasswordAuthenticator.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/rmi/RMIPasswordAuthenticator.java?rev=1417036&r1=1417035&r2=1417036&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/rmi/RMIPasswordAuthenticator.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/rmi/RMIPasswordAuthenticator.java
Tue Dec 4 17:06:14 2012
@@ -20,8 +20,9 @@
*/
package org.apache.qpid.server.security.auth.rmi;
+import java.net.SocketAddress;
+
import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.security.SecurityManager;
import org.apache.qpid.server.security.SubjectCreator;
import
org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus;
@@ -41,11 +42,13 @@ public class RMIPasswordAuthenticator im
static final String CREDENTIALS_REQUIRED = "User details are required. " +
"Please ensure you are using an up to date management
console to connect.";
- private final Port _registryPort;
+ private final Broker _broker;
+ private final SocketAddress _address;
- public RMIPasswordAuthenticator(Port registryPort)
+ public RMIPasswordAuthenticator(Broker broker, SocketAddress address)
{
- _registryPort = registryPort;
+ _broker = broker;
+ _address = address;
}
public Subject authenticate(Object credentials) throws SecurityException
@@ -91,10 +94,10 @@ public class RMIPasswordAuthenticator im
throw new SecurityException(SHOULD_BE_NON_NULL);
}
- SubjectCreator subjectCreator =
_registryPort.getAuthenticationProvider().getSubjectCreator();
+ SubjectCreator subjectCreator = _broker.getSubjectCreator(_address);
if (subjectCreator == null)
{
- throw new SecurityException("Can't get subject creator for " +
_registryPort.getBindingAddress());
+ throw new SecurityException("Can't get subject creator for " +
_address);
}
final SubjectAuthenticationResult result =
subjectCreator.authenticate(username, password);
@@ -116,10 +119,9 @@ public class RMIPasswordAuthenticator im
private void doManagementAuthorisation(Subject authenticatedSubject)
{
SecurityManager.setThreadSubject(authenticatedSubject);
- Broker broker = _registryPort.getParent(Broker.class);
try
{
- if (!broker.getSecurityManager().accessManagement())
+ if (!_broker.getSecurityManager().accessManagement())
{
throw new
SecurityException(USER_NOT_AUTHORISED_FOR_MANAGEMENT);
}
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/rmi/RMIPasswordAuthenticatorTest.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/rmi/RMIPasswordAuthenticatorTest.java?rev=1417036&r1=1417035&r2=1417036&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/rmi/RMIPasswordAuthenticatorTest.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/rmi/RMIPasswordAuthenticatorTest.java
Tue Dec 4 17:06:14 2012
@@ -21,18 +21,20 @@
package org.apache.qpid.server.security.auth.rmi;
import static org.mockito.Matchers.anyString;
+import static org.mockito.Matchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
import java.security.Principal;
+import java.util.regex.Pattern;
import javax.security.auth.Subject;
import junit.framework.TestCase;
-import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.security.SubjectCreator;
import org.apache.qpid.server.security.auth.AuthenticationResult;
import
org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus;
@@ -49,8 +51,6 @@ public class RMIPasswordAuthenticatorTes
private static final String PASSWORD = "password";
private final Broker _broker = mock(Broker.class);
- private final Port _rmiPort = mock(Port.class);
- private final AuthenticationProvider _authenticationProvider =
mock(AuthenticationProvider.class);
private final SecurityManager _securityManager =
mock(SecurityManager.class);
private final Subject _loginSubject = new Subject();
private final String[] _credentials = new String[] {USERNAME, PASSWORD};
@@ -62,11 +62,8 @@ public class RMIPasswordAuthenticatorTes
protected void setUp() throws Exception
{
- when(_rmiPort.getBindingAddress()).thenReturn("0.0.0.0:8999");
-
when(_rmiPort.getAuthenticationProvider()).thenReturn(_authenticationProvider);
- when(_rmiPort.getParent(Broker.class)).thenReturn(_broker);
when(_broker.getSecurityManager()).thenReturn(_securityManager);
- _rmipa = new RMIPasswordAuthenticator(_rmiPort);
+ _rmipa = new RMIPasswordAuthenticator(_broker, new
InetSocketAddress(8999));
}
/**
@@ -74,7 +71,7 @@ public class RMIPasswordAuthenticatorTes
*/
public void testAuthenticationSuccess()
{
-
when(_authenticationProvider.getSubjectCreator()).thenReturn(_usernamePasswordOkaySuvjectCreator);
+
when(_broker.getSubjectCreator(any(SocketAddress.class))).thenReturn(_usernamePasswordOkaySuvjectCreator);
when(_securityManager.accessManagement()).thenReturn(true);
Subject newSubject = _rmipa.authenticate(_credentials);
@@ -86,7 +83,7 @@ public class RMIPasswordAuthenticatorTes
*/
public void testUsernameOrPasswordInvalid()
{
-
when(_authenticationProvider.getSubjectCreator()).thenReturn(_badPasswordSubjectCreator);
+
when(_broker.getSubjectCreator(any(SocketAddress.class))).thenReturn(_badPasswordSubjectCreator);
try
{
@@ -102,7 +99,7 @@ public class RMIPasswordAuthenticatorTes
public void testAuthorisationFailure()
{
-
when(_authenticationProvider.getSubjectCreator()).thenReturn(_usernamePasswordOkaySuvjectCreator);
+
when(_broker.getSubjectCreator(any(SocketAddress.class))).thenReturn(_usernamePasswordOkaySuvjectCreator);
when(_securityManager.accessManagement()).thenReturn(false);
try
@@ -121,7 +118,7 @@ public class RMIPasswordAuthenticatorTes
{
final Exception mockAuthException = new Exception("Mock Auth system
failure");
SubjectCreator subjectCreator = createMockSubjectCreator(false,
mockAuthException);
-
when(_authenticationProvider.getSubjectCreator()).thenReturn(subjectCreator);
+
when(_broker.getSubjectCreator(any(SocketAddress.class))).thenReturn(subjectCreator);
try
{
@@ -139,7 +136,7 @@ public class RMIPasswordAuthenticatorTes
*/
public void testNullSubjectCreator() throws Exception
{
- when(_authenticationProvider.getSubjectCreator()).thenReturn(null);
+
when(_broker.getSubjectCreator(any(SocketAddress.class))).thenReturn(null);
try
{
@@ -148,8 +145,7 @@ public class RMIPasswordAuthenticatorTes
}
catch (SecurityException se)
{
- assertEquals("Unexpected exception message",
- "Can't get subject creator for 0.0.0.0:8999",
se.getMessage());
+ assertTrue("Unexpected exception message", Pattern.matches("Can't
get subject creator for .*:8999", se.getMessage()));
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
