Author: rgodfrey
Date: Wed Jul 13 14:44:17 2016
New Revision: 1752439
URL: http://svn.apache.org/viewvc?rev=1752439&view=rev
Log:
QPID-7318 : Ensure injected operations are passed through access control
checking. Clean up use of ACTIONS that should instead be checked as METHODs
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/BrokerAttributeInjector.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObjectMethodOperation.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/CachingSecurityToken.java
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapter.java
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleBasedAccessControl.java
qpid/java/trunk/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapterTest.java
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/BrokerAttributeInjector.java
URL:
http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/BrokerAttributeInjector.java?rev=1752439&r1=1752438&r2=1752439&view=diff
==============================================================================
---
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/BrokerAttributeInjector.java
(original)
+++
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/BrokerAttributeInjector.java
Wed Jul 13 14:44:17 2016
@@ -45,7 +45,6 @@ import org.apache.qpid.server.util.Param
public class BrokerAttributeInjector implements
ConfiguredObjectAttributeInjector
{
private static final Logger LOGGER =
LoggerFactory.getLogger(BrokerAttributeInjector.class);
- private static final Operation CONFIGURE_ACTION =
Operation.ACTION("CONFIGURE");
private final InjectedAttributeOrStatistic.TypeValidator _typeValidator =
new InjectedAttributeOrStatistic.TypeValidator()
@@ -329,7 +328,6 @@ public class BrokerAttributeInjector imp
Method setVMOption,
Map<String, String> options)
{
- broker.authorise(CONFIGURE_ACTION);
broker.getEventLogger().message(BrokerMessages.OPERATION("setJVMOptions"));
StringBuilder exceptionMessages = new StringBuilder();
for (Map.Entry<String, String> entry : options.entrySet())
@@ -369,7 +367,6 @@ public class BrokerAttributeInjector imp
String outputFile,
boolean live)
{
- broker.authorise(CONFIGURE_ACTION);
broker.getEventLogger().message(BrokerMessages.OPERATION("dumpHeap"));
try
{
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObjectMethodOperation.java
URL:
http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObjectMethodOperation.java?rev=1752439&r1=1752438&r2=1752439&view=diff
==============================================================================
---
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObjectMethodOperation.java
(original)
+++
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObjectMethodOperation.java
Wed Jul 13 14:44:17 2016
@@ -32,6 +32,7 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
+import org.apache.qpid.server.security.access.Operation;
import org.apache.qpid.server.util.ServerScopedRuntimeException;
public class ConfiguredObjectMethodOperation<C extends ConfiguredObject>
implements ConfiguredObjectOperation<C>
@@ -109,6 +110,7 @@ public class ConfiguredObjectMethodOpera
}
else
{
+ subject.authorise(Operation.METHOD(_operation.getName()),
parameters);
Set<String> providedNames = new HashSet<>(parameters.keySet());
providedNames.removeAll(_validNames);
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
URL:
http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java?rev=1752439&r1=1752438&r2=1752439&view=diff
==============================================================================
---
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
(original)
+++
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
Wed Jul 13 14:44:17 2016
@@ -107,9 +107,6 @@ public class BrokerAdapter extends Abstr
public static final String MANAGEMENT_MODE_AUTHENTICATION =
"MANAGEMENT_MODE_AUTHENTICATION";
- private static final Operation CONFIGURE_ACTION =
Operation.ACTION("CONFIGURE");
- private static final Operation SHUTDOWN_ACTION =
Operation.ACTION("SHUTDOWN");
-
private final AccessControl<SecurityToken> _systemUserAllowed = new
AccessControl<SecurityToken>()
{
@Override
@@ -425,7 +422,6 @@ public class BrokerAdapter extends Abstr
@Override
public void initiateShutdown()
{
- authorise(SHUTDOWN_ACTION);
getEventLogger().message(BrokerMessages.OPERATION("initiateShutdown"));
_parent.closeAsync();
}
@@ -1240,7 +1236,6 @@ public class BrokerAdapter extends Abstr
@Override
public void performGC()
{
- authorise(CONFIGURE_ACTION);
getEventLogger().message(BrokerMessages.OPERATION("performGC"));
System.gc();
}
@@ -1248,7 +1243,6 @@ public class BrokerAdapter extends Abstr
@Override
public Content getThreadStackTraces(boolean appendToLog)
{
- authorise(CONFIGURE_ACTION);
getEventLogger().message(BrokerMessages.OPERATION("getThreadStackTraces"));
ThreadMXBean threadMXBean = ManagementFactory.getThreadMXBean();
ThreadInfo[] threadInfos = threadMXBean.dumpAllThreads(true, true);
@@ -1278,7 +1272,6 @@ public class BrokerAdapter extends Abstr
@Override
public Content findThreadStackTraces(String threadNameFindExpression)
{
- authorise(CONFIGURE_ACTION);
getEventLogger().message(BrokerMessages.OPERATION("findThreadStackTraces"));
ThreadMXBean threadMXBean = ManagementFactory.getThreadMXBean();
ThreadInfo[] threadInfos = threadMXBean.dumpAllThreads(true, true);
Modified:
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/CachingSecurityToken.java
URL:
http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/CachingSecurityToken.java?rev=1752439&r1=1752438&r2=1752439&view=diff
==============================================================================
---
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/CachingSecurityToken.java
(original)
+++
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/CachingSecurityToken.java
Wed Jul 13 14:44:17 2016
@@ -52,26 +52,6 @@ class CachingSecurityToken implements Se
return _subject;
}
- Result authoriseMethod(final RuleBasedAccessControl ruleBasedAccessControl,
- final ConfiguredObject<?> configuredObject,
- final String methodName,
- final Map<String, Object> arguments)
- {
- AccessControlCache cache = CACHE_UPDATE.get(this);
- while(cache.getAccessControl() != ruleBasedAccessControl)
- {
- CACHE_UPDATE.compareAndSet(this, cache, new
AccessControlCache(ruleBasedAccessControl));
- }
- final CachedMethodAuthKey key = new
CachedMethodAuthKey(configuredObject, Operation.METHOD(methodName), arguments);
- Result result = cache.getCache().get(key);
- if(result == null)
- {
- result = ruleBasedAccessControl.authoriseMethod(configuredObject,
methodName, arguments);
- cache.getCache().putIfAbsent(key, result);
- }
- return result;
- }
-
Result authorise(final RuleBasedAccessControl ruleBasedAccessControl,
final Operation operation,
final ConfiguredObject<?> configuredObject,
final Map<String, Object> arguments)
Modified:
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapter.java
URL:
http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapter.java?rev=1752439&r1=1752438&r2=1752439&view=diff
==============================================================================
---
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapter.java
(original)
+++
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapter.java
Wed Jul 13 14:44:17 2016
@@ -62,6 +62,14 @@ class LegacyAccessControlAdapter
Collections.unmodifiableSet(new
HashSet<>(Arrays.asList("updateMutableConfig",
"cleanLog",
"checkpoint")));
+
+ private static final Set<String> BROKER_CONFIGURE_OPERATIONS=
+ Collections.unmodifiableSet(new
HashSet<>(Arrays.asList("setJVMOptions",
+ "dumpHeap",
+
"performGC",
+
"getThreadStackTraces",
+
"findThreadStackTraces")));
+
private final LegacyAccessControl _accessControl;
private final Model _model;
@@ -324,14 +332,14 @@ class LegacyAccessControlAdapter
}
Result authoriseAction(final ConfiguredObject<?> configuredObject,
- String methodName,
+ String actionName,
final Map<String, Object> arguments)
{
Class<? extends ConfiguredObject> categoryClass =
configuredObject.getCategoryClass();
if(categoryClass == Exchange.class)
{
Exchange exchange = (Exchange) configuredObject;
- if("publish".equals(methodName))
+ if("publish".equals(actionName))
{
final ObjectProperties _props =
@@ -341,7 +349,7 @@ class LegacyAccessControlAdapter
}
else if(categoryClass == VirtualHost.class)
{
- if("connect".equals(methodName))
+ if("connect".equals(actionName))
{
String virtualHostName = configuredObject.getName();
ObjectProperties properties = new
ObjectProperties(virtualHostName);
@@ -351,16 +359,19 @@ class LegacyAccessControlAdapter
}
else if(categoryClass == Broker.class)
{
- if("manage".equals(methodName))
+ if("manage".equals(actionName))
{
return _accessControl.authorise(LegacyOperation.ACCESS,
ObjectType.MANAGEMENT, ObjectProperties.EMPTY);
}
+ else if("CONFIGURE".equals(actionName) ||
"SHUTDOWN".equals(actionName))
+ {
+ return
_accessControl.authorise(LegacyOperation.valueOf(actionName),
ObjectType.BROKER, ObjectProperties.EMPTY);
+ }
}
else if(categoryClass == Queue.class)
{
Queue queue = (Queue) configuredObject;
- final ObjectProperties properties = new ObjectProperties();
- if("publish".equals(methodName))
+ if("publish".equals(actionName))
{
final ObjectProperties _props =
@@ -368,55 +379,17 @@ class LegacyAccessControlAdapter
return _accessControl.authorise(PUBLISH, EXCHANGE, _props);
}
}
- else if(categoryClass == VirtualHostLogger.class)
- {
- VirtualHostLogger logger = (VirtualHostLogger)configuredObject;
- if(LOG_ACCESS_METHOD_NAMES.contains(methodName))
- {
- return _accessControl.authorise(ACCESS_LOGS,
- ObjectType.VIRTUALHOST,
- new
ObjectProperties(logger.getParent(VirtualHost.class).getName()));
- }
- }
return Result.DEFER;
}
- Result authoriseExecute(final ConfiguredObject<?> configuredObject,
- final String methodName,
- final Map<String, Object> arguments)
+ Result authoriseMethod(final ConfiguredObject<?> configuredObject,
+ final String methodName,
+ final Map<String, Object> arguments)
{
Class<? extends ConfiguredObject> categoryClass =
configuredObject.getCategoryClass();
- if(categoryClass == Exchange.class)
- {
- Exchange exchange = (Exchange) configuredObject;
- if("publish".equals(methodName))
- {
-
- final ObjectProperties _props =
- new
ObjectProperties(exchange.getParent(VirtualHost.class).getName(),
exchange.getName(), (String)arguments.get("routingKey"),
(Boolean)arguments.get("immediate"));
- return _accessControl.authorise(PUBLISH, EXCHANGE, _props);
- }
- }
- else if(categoryClass == VirtualHost.class)
- {
- if("connect".equals(methodName))
- {
- String virtualHostName = configuredObject.getName();
- ObjectProperties properties = new
ObjectProperties(virtualHostName);
- properties.put(ObjectProperties.Property.VIRTUALHOST_NAME,
virtualHostName);
- return _accessControl.authorise(LegacyOperation.ACCESS,
ObjectType.VIRTUALHOST, properties);
- }
- }
- else if(categoryClass == Broker.class)
- {
- if("manage".equals(methodName))
- {
- return _accessControl.authorise(LegacyOperation.ACCESS,
ObjectType.MANAGEMENT, ObjectProperties.EMPTY);
- }
- }
- else if(categoryClass == Queue.class)
+ if(categoryClass == Queue.class)
{
Queue queue = (Queue) configuredObject;
final ObjectProperties properties = new ObjectProperties();
@@ -490,7 +463,18 @@ class LegacyAccessControlAdapter
return _accessControl.authorise(LegacyOperation.UPDATE,
ObjectType.BROKER, properties);
}
}
+ else if(categoryClass == Broker.class)
+ {
+ if(BROKER_CONFIGURE_OPERATIONS.contains(methodName))
+ {
+ _accessControl.authorise(LegacyOperation.CONFIGURE,
ObjectType.BROKER, ObjectProperties.EMPTY);
+ }
+ else if("initiateShutdown".equals(methodName))
+ {
+ _accessControl.authorise(LegacyOperation.SHUTDOWN,
ObjectType.BROKER, ObjectProperties.EMPTY);
+ }
+ }
return Result.ALLOWED;
}
@@ -509,7 +493,7 @@ class LegacyAccessControlAdapter
case DELETE:
return authorise(LegacyOperation.DELETE, configuredObject);
case METHOD:
- return authoriseExecute(configuredObject, operation.getName(),
arguments);
+ return authoriseMethod(configuredObject, operation.getName(),
arguments);
case ACTION:
return authoriseAction(configuredObject, operation.getName(),
arguments);
case DISCOVER:
Modified:
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleBasedAccessControl.java
URL:
http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleBasedAccessControl.java?rev=1752439&r1=1752438&r2=1752439&view=diff
==============================================================================
---
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleBasedAccessControl.java
(original)
+++
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleBasedAccessControl.java
Wed Jul 13 14:44:17 2016
@@ -113,13 +113,6 @@ public class RuleBasedAccessControl impl
}
}
- public Result authoriseMethod(final ConfiguredObject<?> configuredObject,
- final String methodName,
- final Map<String, Object> arguments)
- {
- return _adapter.authoriseExecute(configuredObject, methodName,
arguments);
- }
-
@Override
public Result authorise(final CachingSecurityToken token,
final Operation operation,
Modified:
qpid/java/trunk/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapterTest.java
URL:
http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapterTest.java?rev=1752439&r1=1752438&r2=1752439&view=diff
==============================================================================
---
qpid/java/trunk/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapterTest.java
(original)
+++
qpid/java/trunk/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapterTest.java
Wed Jul 13 14:44:17 2016
@@ -759,7 +759,7 @@ public class LegacyAccessControlAdapterT
ObjectProperties properties = createExpectedQueueObjectProperties();
- _adapter.authoriseExecute(queue, "clearQueue",
Collections.<String,Object>emptyMap());
+ _adapter.authoriseMethod(queue, "clearQueue",
Collections.<String,Object>emptyMap());
verify(_accessControl).authorise(eq(LegacyOperation.PURGE),
eq(ObjectType.QUEUE), eq(properties));
}
@@ -770,7 +770,7 @@ public class LegacyAccessControlAdapterT
ConfiguredObject logger = mock(BrokerLogger.class);
when(logger.getCategoryClass()).thenReturn(BrokerLogger.class);
- _adapter.authoriseExecute(logger, "getFile",
Collections.singletonMap("fileName", (Object)"qpid.log"));
+ _adapter.authoriseMethod(logger, "getFile",
Collections.singletonMap("fileName", (Object)"qpid.log"));
verify(_accessControl).authorise(ACCESS_LOGS, BROKER,
ObjectProperties.EMPTY);
@@ -782,7 +782,7 @@ public class LegacyAccessControlAdapterT
when(logger.getCategoryClass()).thenReturn(VirtualHostLogger.class);
when(logger.getParent(eq(VirtualHost.class))).thenReturn(_virtualHost);
- _adapter.authoriseExecute(logger, "getFile",
Collections.singletonMap("fileName", (Object)"qpid.log"));
+ _adapter.authoriseMethod(logger, "getFile",
Collections.singletonMap("fileName", (Object)"qpid.log"));
ObjectProperties expectedObjectProperties = new
ObjectProperties(_virtualHost.getName());
verify(_accessControl).authorise(ACCESS_LOGS, VIRTUALHOST,
expectedObjectProperties);
@@ -803,7 +803,7 @@ public class LegacyAccessControlAdapterT
when(queue.getCategoryClass()).thenReturn(Queue.class);
- _adapter.authoriseExecute(queue, "deleteMessages",
Collections.<String,Object>emptyMap());
+ _adapter.authoriseMethod(queue, "deleteMessages",
Collections.<String,Object>emptyMap());
verify(_accessControl).authorise(eq(LegacyOperation.UPDATE),
eq(ObjectType.METHOD), eq(properties));
}
@@ -818,7 +818,7 @@ public class LegacyAccessControlAdapterT
ObjectProperties properties = new ObjectProperties("testUser");
- _adapter.authoriseExecute(authenticationProvider, "getPreferences",
Collections.<String,Object>singletonMap("userId","testUser"));
+ _adapter.authoriseMethod(authenticationProvider, "getPreferences",
Collections.<String,Object>singletonMap("userId", "testUser"));
verify(_accessControl).authorise(eq(LegacyOperation.UPDATE),
eq(ObjectType.USER), eq(properties));
}
@@ -826,7 +826,7 @@ public class LegacyAccessControlAdapterT
public void testAccessManagement()
{
- _adapter.authoriseExecute(_broker, "manage",
Collections.<String,Object>emptyMap());
+ _adapter.authoriseAction(_broker, "manage",
Collections.<String,Object>emptyMap());
verify(_accessControl).authorise(LegacyOperation.ACCESS,
ObjectType.MANAGEMENT, ObjectProperties.EMPTY);
}
@@ -845,7 +845,7 @@ public class LegacyAccessControlAdapterT
Map<String,Object> args = new HashMap<>();
args.put("routingKey",routingKey);
args.put("immediate", true);
- _adapter.authoriseExecute(exchange, "publish", args);
+ _adapter.authoriseAction(exchange, "publish", args);
verify(_accessControl).authorise(eq(LegacyOperation.PUBLISH),
eq(ObjectType.EXCHANGE), eq(properties));
@@ -858,7 +858,7 @@ public class LegacyAccessControlAdapterT
properties.put(ObjectProperties.Property.NAME, TEST_VIRTUAL_HOST);
properties.put(ObjectProperties.Property.VIRTUALHOST_NAME,
TEST_VIRTUAL_HOST);
- _adapter.authoriseExecute(_virtualHost, "connect",
Collections.<String,Object>emptyMap());
+ _adapter.authoriseAction(_virtualHost, "connect",
Collections.<String,Object>emptyMap());
verify(_accessControl).authorise(eq(LegacyOperation.ACCESS),
eq(ObjectType.VIRTUALHOST), eq(properties));
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
