Author: rgodfrey
Date: Mon Jan 12 23:32:50 2015
New Revision: 1651230
URL: http://svn.apache.org/r1651230
Log:
QPID-6309 : Add group provider which stores user to group mapping in config
Added:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupImpl.java
(with props)
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupMemberImpl.java
(with props)
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupProviderImpl.java
(with props)
Modified:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/BrokerModel.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Group.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/GroupMember.java
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/FileBasedGroupProviderImpl.java
Modified:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/BrokerModel.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/BrokerModel.java?rev=1651230&r1=1651229&r2=1651230&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/BrokerModel.java
(original)
+++
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/BrokerModel.java
Mon Jan 12 23:32:50 2015
@@ -90,7 +90,6 @@ public final class BrokerModel extends M
addRelationship(AuthenticationProvider.class, User.class);
addRelationship(AuthenticationProvider.class,
PreferencesProvider.class);
- addRelationship(User.class, GroupMember.class);
addRelationship(GroupProvider.class, Group.class);
addRelationship(Group.class, GroupMember.class);
Modified:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Group.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Group.java?rev=1651230&r1=1651229&r2=1651230&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Group.java
(original)
+++
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Group.java
Mon Jan 12 23:32:50 2015
@@ -19,7 +19,11 @@
*/
package org.apache.qpid.server.model;
-@ManagedObject
+import org.apache.qpid.server.security.group.GroupImpl;
+import org.apache.qpid.server.security.group.GroupPrincipal;
+
+@ManagedObject( defaultType = GroupImpl.CONFIG_TYPE )
public interface Group<X extends Group<X>> extends ConfiguredObject<X>
{
+ GroupPrincipal getGroupPrincipal();
}
Modified:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/GroupMember.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/GroupMember.java?rev=1651230&r1=1651229&r2=1651230&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/GroupMember.java
(original)
+++
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/GroupMember.java
Mon Jan 12 23:32:50 2015
@@ -19,7 +19,12 @@
*/
package org.apache.qpid.server.model;
-@ManagedObject
+import java.security.Principal;
+
+import org.apache.qpid.server.security.group.GroupMemberImpl;
+
+@ManagedObject( defaultType = GroupMemberImpl.CONFIG_TYPE )
public interface GroupMember<X extends GroupMember<X>> extends
ConfiguredObject<X>
{
+ Principal getPrincipal();
}
Modified:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/FileBasedGroupProviderImpl.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/FileBasedGroupProviderImpl.java?rev=1651230&r1=1651229&r2=1651230&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/FileBasedGroupProviderImpl.java
(original)
+++
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/FileBasedGroupProviderImpl.java
Mon Jan 12 23:32:50 2015
@@ -54,7 +54,6 @@ import org.apache.qpid.server.security.g
public class FileBasedGroupProviderImpl
extends AbstractConfiguredObject<FileBasedGroupProviderImpl>
implements FileBasedGroupProvider<FileBasedGroupProviderImpl>
{
- public static final String RESOURCE_BUNDLE =
"org.apache.qpid.server.security.group.FileGroupProviderAttributeDescriptions";
public static final String GROUP_FILE_PROVIDER_TYPE = "GroupFile";
private static Logger LOGGER =
Logger.getLogger(FileBasedGroupProviderImpl.class);
@@ -357,7 +356,7 @@ public class FileBasedGroupProviderImpl
private class GroupAdapter extends AbstractConfiguredObject<GroupAdapter>
implements Group<GroupAdapter>
{
-
+ private GroupPrincipal _groupPrincipal;
public GroupAdapter(Map<String, Object> attributes)
{
super(parentsMap(FileBasedGroupProviderImpl.this), attributes);
@@ -396,6 +395,7 @@ public class FileBasedGroupProviderImpl
groupMemberAdapter.open();
members.add(groupMemberAdapter);
}
+ _groupPrincipal = new GroupPrincipal(getName());
}
@Override
@@ -463,16 +463,30 @@ public class FileBasedGroupProviderImpl
setState(State.DELETED);
}
+ @Override
+ public GroupPrincipal getGroupPrincipal()
+ {
+ return _groupPrincipal;
+ }
+
private class GroupMemberAdapter extends
AbstractConfiguredObject<GroupMemberAdapter> implements
GroupMember<GroupMemberAdapter>
{
+ private Principal _principal;
+
public GroupMemberAdapter(Map<String, Object> attrMap)
{
// TODO - need to relate to the User object
super(parentsMap(GroupAdapter.this),attrMap);
}
+ @Override
+ protected void onOpen()
+ {
+ super.onOpen();
+ _principal = new UsernamePrincipal(getName());
+ }
@Override
public void onValidate()
@@ -484,6 +498,8 @@ public class FileBasedGroupProviderImpl
}
}
+
+
@Override
protected void validateChange(final ConfiguredObject<?>
proxyForValidation, final Set<String> changedAttributes)
{
@@ -517,6 +533,11 @@ public class FileBasedGroupProviderImpl
setState(State.DELETED);
}
+ @Override
+ public Principal getPrincipal()
+ {
+ return _principal;
+ }
}
}
Added:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupImpl.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupImpl.java?rev=1651230&view=auto
==============================================================================
---
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupImpl.java
(added)
+++
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupImpl.java
Mon Jan 12 23:32:50 2015
@@ -0,0 +1,92 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.server.security.group;
+
+import java.util.Map;
+
+import org.apache.qpid.server.model.AbstractConfiguredObject;
+import org.apache.qpid.server.model.ConfiguredObject;
+import org.apache.qpid.server.model.Group;
+import org.apache.qpid.server.model.GroupMember;
+import org.apache.qpid.server.model.GroupProvider;
+import org.apache.qpid.server.model.ManagedObject;
+import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
+import org.apache.qpid.server.model.State;
+import org.apache.qpid.server.model.StateTransition;
+
+@ManagedObject(category = false, type = GroupImpl.CONFIG_TYPE)
+public class GroupImpl extends AbstractConfiguredObject<GroupImpl> implements
Group<GroupImpl>
+{
+
+ public static final String CONFIG_TYPE = "ManagedGroup";
+
+ private GroupPrincipal _groupPrincipal;
+
+ @ManagedObjectFactoryConstructor
+ public GroupImpl(Map<String, Object> attributes,
+ GroupProvider<?> provider)
+ {
+ super(parentsMap(provider), attributes);
+ }
+
+ @Override
+ protected void onOpen()
+ {
+ super.onOpen();
+ _groupPrincipal = new GroupPrincipal(getName());
+ }
+
+ @Override
+ protected <C extends ConfiguredObject> C addChild(final Class<C>
childClass,
+ final Map<String,
Object> attributes,
+ final
ConfiguredObject... otherParents)
+ {
+ if(childClass == GroupMember.class)
+ {
+ return (C) getObjectFactory().create(childClass, attributes, this);
+ }
+ else
+ {
+ return super.addChild(childClass, attributes, otherParents);
+ }
+ }
+
+ @Override
+ public GroupPrincipal getGroupPrincipal()
+ {
+ return _groupPrincipal;
+ }
+
+
+ @StateTransition( currentState = { State.UNINITIALIZED, State.QUIESCED,
State.ERRORED }, desiredState = State.ACTIVE )
+ private void activate()
+ {
+ setState(State.ACTIVE);
+ }
+
+
+ @StateTransition(currentState = {State.ACTIVE}, desiredState =
State.DELETED)
+ private void doDelete()
+ {
+ deleted();
+ }
+
+}
Propchange:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupImpl.java
------------------------------------------------------------------------------
svn:eol-style = native
Added:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupMemberImpl.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupMemberImpl.java?rev=1651230&view=auto
==============================================================================
---
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupMemberImpl.java
(added)
+++
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupMemberImpl.java
Mon Jan 12 23:32:50 2015
@@ -0,0 +1,75 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.server.security.group;
+
+import java.security.Principal;
+import java.util.Map;
+
+import org.apache.qpid.server.model.AbstractConfiguredObject;
+import org.apache.qpid.server.model.Group;
+import org.apache.qpid.server.model.GroupMember;
+import org.apache.qpid.server.model.ManagedObject;
+import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
+import org.apache.qpid.server.model.State;
+import org.apache.qpid.server.model.StateTransition;
+import org.apache.qpid.server.security.auth.UsernamePrincipal;
+
+@ManagedObject(category = false, type = GroupMemberImpl.CONFIG_TYPE)
+public class GroupMemberImpl extends AbstractConfiguredObject<GroupMemberImpl>
implements GroupMember<GroupMemberImpl>
+{
+ public static final String CONFIG_TYPE = "ManagedGroupMember";
+ private UsernamePrincipal _principal;
+
+
+ @ManagedObjectFactoryConstructor
+ public GroupMemberImpl(Map<String, Object> attributes,
+ Group group)
+ {
+ super(parentsMap(group), attributes);
+ }
+
+ @Override
+ protected void onOpen()
+ {
+ super.onOpen();
+ _principal = new UsernamePrincipal(getName());
+ }
+
+ @Override
+ public Principal getPrincipal()
+ {
+ return _principal;
+ }
+
+
+ @StateTransition( currentState = { State.UNINITIALIZED, State.QUIESCED,
State.ERRORED }, desiredState = State.ACTIVE )
+ private void activate()
+ {
+ setState(State.ACTIVE);
+ }
+
+
+ @StateTransition(currentState = {State.ACTIVE}, desiredState =
State.DELETED)
+ private void doDelete()
+ {
+ deleted();
+ }
+}
Propchange:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupMemberImpl.java
------------------------------------------------------------------------------
svn:eol-style = native
Added:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupProviderImpl.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupProviderImpl.java?rev=1651230&view=auto
==============================================================================
---
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupProviderImpl.java
(added)
+++
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupProviderImpl.java
Mon Jan 12 23:32:50 2015
@@ -0,0 +1,103 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.server.security.group;
+
+import java.security.Principal;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.qpid.server.model.AbstractConfiguredObject;
+import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.model.ConfiguredObject;
+import org.apache.qpid.server.model.Group;
+import org.apache.qpid.server.model.GroupMember;
+import org.apache.qpid.server.model.GroupProvider;
+import org.apache.qpid.server.model.ManagedObject;
+import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
+import org.apache.qpid.server.model.State;
+import org.apache.qpid.server.model.StateTransition;
+
+@ManagedObject(category = false, type = GroupProviderImpl.CONFIG_TYPE)
+public class GroupProviderImpl extends
AbstractConfiguredObject<GroupProviderImpl> implements
GroupProvider<GroupProviderImpl>
+{
+
+ public static final String CONFIG_TYPE = "ManagedGroupProvider";
+
+ @ManagedObjectFactoryConstructor
+ public GroupProviderImpl(Map<String, Object> attributes,
+ Broker broker)
+ {
+ super(parentsMap(broker), attributes);
+ }
+
+
+ @Override
+ public Set<Principal> getGroupPrincipalsForUser(final String username)
+ {
+ Set<Principal> principals = new HashSet<>();
+
+ final Collection<Group> groups = getChildren(Group.class);
+ for(Group<?> group : groups)
+ {
+ for(GroupMember<?> member : group.getChildren(GroupMember.class))
+ {
+ if(member.getPrincipal().getName().equals(username))
+ {
+ principals.add(group.getGroupPrincipal());
+ }
+ }
+ }
+ return principals;
+ }
+
+ @Override
+ protected <C extends ConfiguredObject> C addChild(final Class<C>
childClass,
+ final Map<String,
Object> attributes,
+ final
ConfiguredObject... otherParents)
+ {
+ if(childClass == Group.class)
+ {
+ C child = (C) getObjectFactory().create(childClass, attributes,
this);
+
+ return child;
+ }
+ else
+ {
+ return super.addChild(childClass, attributes, otherParents);
+ }
+ }
+
+ @StateTransition( currentState = { State.UNINITIALIZED, State.QUIESCED,
State.ERRORED }, desiredState = State.ACTIVE )
+ private void activate()
+ {
+ setState(State.ACTIVE);
+ }
+
+
+ @StateTransition(currentState = {State.ACTIVE}, desiredState =
State.DELETED)
+ private void doDelete()
+ {
+ deleted();
+ }
+
+}
Propchange:
qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupProviderImpl.java
------------------------------------------------------------------------------
svn:eol-style = native
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
