Author: ritchiem
Date: Fri Mar 23 05:59:18 2007
New Revision: 521710
URL: http://svn.apache.org/viewvc?view=rev&rev=521710
Log:
QPID-419 Access Control QPID-423 Authentication per virtualhost
Improved error handling when hostconfig is not specifed. Was NPE-ing
Modified:
incubator/qpid/branches/M2/java/broker/etc/log4j.xml
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionOpenMethodHandler.java
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManager.java
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManagerImpl.java
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/ConfigurationFilePrincipalDatabaseManager.java
Modified: incubator/qpid/branches/M2/java/broker/etc/log4j.xml
URL:
http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/etc/log4j.xml?view=diff&rev=521710&r1=521709&r2=521710
==============================================================================
--- incubator/qpid/branches/M2/java/broker/etc/log4j.xml (original)
+++ incubator/qpid/branches/M2/java/broker/etc/log4j.xml Fri Mar 23 05:59:18
2007
@@ -50,8 +50,6 @@
</appender>
<appender name="FileAppender" class="org.apache.log4j.FileAppender">
- <param name="staticLogFileName" value="false"/>
-
<param name="File"
value="${QPID_WORK}/log/${logprefix}qpid${logsuffix}.log"/>
<param name="Append" value="false"/>
Modified:
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionOpenMethodHandler.java
URL:
http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionOpenMethodHandler.java?view=diff&rev=521710&r1=521709&r2=521710
==============================================================================
---
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionOpenMethodHandler.java
(original)
+++
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionOpenMethodHandler.java
Fri Mar 23 05:59:18 2007
@@ -75,7 +75,7 @@
if (virtualHost == null)
{
- throw body.getConnectionException(AMQConstant.NOT_FOUND, "Unknown
virtual host: " + virtualHostName);
+ throw body.getConnectionException(AMQConstant.NOT_FOUND, "Unknown
virtual host: '" + virtualHostName+"'");
}
else
{
Modified:
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManager.java
URL:
http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManager.java?view=diff&rev=521710&r1=521709&r2=521710
==============================================================================
---
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManager.java
(original)
+++
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManager.java
Fri Mar 23 05:59:18 2007
@@ -22,6 +22,7 @@
public interface AccessManager
{
+ //AccessResult isAuthorized(Accessable accessObject, Principal username,
AccessRights rights);
AccessResult isAuthorized(Accessable accessObject, String username);
String getName();
Modified:
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManagerImpl.java
URL:
http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManagerImpl.java?view=diff&rev=521710&r1=521709&r2=521710
==============================================================================
---
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManagerImpl.java
(original)
+++
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManagerImpl.java
Fri Mar 23 05:59:18 2007
@@ -39,8 +39,13 @@
public AccessManagerImpl(String name, Configuration hostConfig) throws
ConfigurationException
{
- String accessClass = hostConfig.getString("security.access.class");
+ if (hostConfig == null)
+ {
+ _logger.warn("No Configuration specified. Using default access
controls for VirtualHost:'" + name + "'");
+ return;
+ }
+ String accessClass = hostConfig.getString("security.access.class");
if (accessClass == null)
{
_logger.warn("No access control specified. Using default access
controls for VirtualHost:'" + name + "'");
@@ -111,7 +116,7 @@
}
catch (Exception e)
{
- throw new ConfigurationException(e.getCause());
+ throw new ConfigurationException(e.getMessage(), e.getCause());
}
}
}
@@ -121,7 +126,15 @@
{
if (_accessManager == null)
{
- return
ApplicationRegistry.getInstance().getAccessManager().isAuthorized(accessObject,
username);
+ if (ApplicationRegistry.getInstance().getAccessManager() == this)
+ {
+ _logger.warn("No Default access manager specified DENYING ALL
ACCESS");
+ return new AccessResult(this,
AccessResult.AccessStatus.REFUSED);
+ }
+ else
+ {
+ return
ApplicationRegistry.getInstance().getAccessManager().isAuthorized(accessObject,
username);
+ }
}
else
{
@@ -129,7 +142,8 @@
}
}
- public String getName()
+ public String getName
+ ()
{
return "AccessManagerImpl";
}
Modified:
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/ConfigurationFilePrincipalDatabaseManager.java
URL:
http://svn.apache.org/viewvc/incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/ConfigurationFilePrincipalDatabaseManager.java?view=diff&rev=521710&r1=521709&r2=521710
==============================================================================
---
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/ConfigurationFilePrincipalDatabaseManager.java
(original)
+++
incubator/qpid/branches/M2/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/ConfigurationFilePrincipalDatabaseManager.java
Fri Mar 23 05:59:18 2007
@@ -136,7 +136,14 @@
}
catch (Exception ite)
{
- throw new ConfigurationException(ite.getCause());
+ if (ite instanceof ConfigurationException)
+ {
+ throw(ConfigurationException) ite;
+ }
+ else
+ {
+ throw new ConfigurationException(ite.getMessage(),
ite.getCause());
+ }
}
}
}
