diff options
| author | Robert Godfrey <rgodfrey@apache.org> | 2012-05-16 12:59:07 +0000 |
|---|---|---|
| committer | Robert Godfrey <rgodfrey@apache.org> | 2012-05-16 12:59:07 +0000 |
| commit | dd52dbe495642935a567c50868d5c1f714fb42c5 (patch) | |
| tree | 3eb666524117c4660cd7323be2422bbe1018bab8 | |
| parent | e7ac384cf17702b59ddae64d55c7438b26fbd0e3 (diff) | |
| download | qpid-python-dd52dbe495642935a567c50868d5c1f714fb42c5.tar.gz | |
QPID-3997 : [Java Broker] Refactor code to make all calls to getAuthenticationManager() pass in local socket address
(note that this commit does not actually implement per socket authentication managers)
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1339146 13f79535-47bb-0310-9956-ffa450edef68
13 files changed, 82 insertions, 25 deletions
diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionSecureOkMethodHandler.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionSecureOkMethodHandler.java index 2ccf97f17c..ac322c4e8c 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionSecureOkMethodHandler.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionSecureOkMethodHandler.java @@ -61,7 +61,7 @@ public class ConnectionSecureOkMethodHandler implements StateAwareMethodListener { AMQProtocolSession session = stateManager.getProtocolSession(); - AuthenticationManager authMgr = ApplicationRegistry.getInstance().getAuthenticationManager(); + AuthenticationManager authMgr = stateManager.getAuthenticationManager(); SaslServer ss = session.getSaslServer(); if (ss == null) diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionStartOkMethodHandler.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionStartOkMethodHandler.java index 162e4e0215..d9979ed2dc 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionStartOkMethodHandler.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionStartOkMethodHandler.java @@ -65,7 +65,7 @@ public class ConnectionStartOkMethodHandler implements StateAwareMethodListener< _logger.info("SASL Mechanism selected: " + body.getMechanism()); _logger.info("Locale selected: " + body.getLocale()); - AuthenticationManager authMgr = ApplicationRegistry.getInstance().getAuthenticationManager(); + AuthenticationManager authMgr = stateManager.getAuthenticationManager(); SaslServer ss = null; try { diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/management/JMXManagedObjectRegistry.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/management/JMXManagedObjectRegistry.java index 04a5b27991..116f64a8bf 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/management/JMXManagedObjectRegistry.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/management/JMXManagedObjectRegistry.java @@ -54,10 +54,7 @@ import java.io.FileNotFoundException; import java.io.IOException; import java.lang.management.ManagementFactory; import java.lang.reflect.Proxy; -import java.net.InetAddress; -import java.net.ServerSocket; -import java.net.Socket; -import java.net.UnknownHostException; +import java.net.*; import java.rmi.AlreadyBoundException; import java.rmi.NoSuchObjectException; import java.rmi.NotBoundException; @@ -197,7 +194,7 @@ public class JMXManagedObjectRegistry implements ManagedObjectRegistry //add a JMXAuthenticator implementation the env map to authenticate the RMI based JMX connector server RMIPasswordAuthenticator rmipa = new RMIPasswordAuthenticator(); - rmipa.setAuthenticationManager(appRegistry.getAuthenticationManager()); + rmipa.setAuthenticationManager(appRegistry.getAuthenticationManager(new InetSocketAddress(_jmxPortRegistryServer))); HashMap<String,Object> env = new HashMap<String,Object>(); env.put(JMXConnectorServer.AUTHENTICATOR, rmipa); diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolEngine.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolEngine.java index ae5ede5e82..c0a8f633fd 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolEngine.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolEngine.java @@ -389,7 +389,7 @@ public class AMQProtocolEngine implements ServerProtocolEngine, Managable, AMQPr // This sets the protocol version (and hence framing classes) for this session. setProtocolVersion(pv); - String mechanisms = ApplicationRegistry.getInstance().getAuthenticationManager().getMechanisms(); + String mechanisms = ApplicationRegistry.getInstance().getAuthenticationManager(getLocalAddress()).getMechanisms(); String locales = "en_US"; diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolSession.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolSession.java index 6cd5b21f89..f9bee93dbf 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolSession.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolSession.java @@ -20,6 +20,7 @@ */ package org.apache.qpid.server.protocol; +import java.net.SocketAddress; import java.util.List; import javax.security.auth.Subject; @@ -60,6 +61,13 @@ public interface AMQProtocolSession extends AMQVersionAwareProtocolSession, Auth long getLastReceivedTime(); + /** + * Return the local socket address for the connection + * + * @return the socket address + */ + SocketAddress getLocalAddress(); + public static interface Task { public void doTask(AMQProtocolSession session) throws AMQException; diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java index 652ffee004..5c92aa95b6 100755 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java @@ -302,7 +302,7 @@ public class MultiVersionProtocolEngine implements ServerProtocolEngine public ServerProtocolEngine getProtocolEngine() { final ConnectionDelegate connDelegate = - new org.apache.qpid.server.transport.ServerConnectionDelegate(_appRegistry, _fqdn); + new org.apache.qpid.server.transport.ServerConnectionDelegate(_appRegistry, _fqdn, _appRegistry.getAuthenticationManager(getLocalAddress())); ServerConnection conn = new ServerConnection(_id); conn.setConnectionDelegate(connDelegate); diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/ProtocolEngine_1_0_0.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/ProtocolEngine_1_0_0.java index f31ad5052b..045eafeba2 100755 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/ProtocolEngine_1_0_0.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/ProtocolEngine_1_0_0.java @@ -143,7 +143,7 @@ public class ProtocolEngine_1_0_0 implements ServerProtocolEngine, FrameOutputHa Container container = new Container(_appRegistry.getBrokerId().toString()); - _conn = new ConnectionEndpoint(container,asCallbackHandlerSource(_appRegistry.getAuthenticationManager())); + _conn = new ConnectionEndpoint(container,asCallbackHandlerSource(_appRegistry.getAuthenticationManager(getLocalAddress()))); _conn.setConnectionEventListener(new Connection_1_0(_appRegistry)); _conn.setFrameOutputHandler(this); _conn.setRemoteAddress(_network.getRemoteAddress()); diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/ProtocolEngine_1_0_0_SASL.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/ProtocolEngine_1_0_0_SASL.java index ffd5e750b4..5d03567e03 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/ProtocolEngine_1_0_0_SASL.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/protocol/ProtocolEngine_1_0_0_SASL.java @@ -164,7 +164,7 @@ public class ProtocolEngine_1_0_0_SASL implements ServerProtocolEngine, FrameOut Container container = new Container(_appRegistry.getBrokerId().toString()); _conn = new ConnectionEndpoint(container, asCallbackHandlerSource(ApplicationRegistry.getInstance() - .getAuthenticationManager())); + .getAuthenticationManager(getLocalAddress()))); _conn.setConnectionEventListener(new Connection_1_0(_appRegistry)); _conn.setRemoteAddress(getRemoteAddress()); diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java index 4ed28b965d..36f1953053 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java @@ -60,6 +60,7 @@ import org.apache.qpid.server.virtualhost.VirtualHostImpl; import org.apache.qpid.server.virtualhost.VirtualHostRegistry; import java.net.InetSocketAddress; +import java.net.SocketAddress; import java.util.Collection; import java.util.HashMap; import java.util.Iterator; @@ -131,11 +132,6 @@ public abstract class ApplicationRegistry implements IApplicationRegistry _managedObjectRegistry = managedObjectRegistry; } - protected void setAuthenticationManager(AuthenticationManager authenticationManager) - { - _authenticationManager = authenticationManager; - } - protected void setVirtualHostRegistry(VirtualHostRegistry virtualHostRegistry) { _virtualHostRegistry = virtualHostRegistry; @@ -622,6 +618,14 @@ public abstract class ApplicationRegistry implements IApplicationRegistry return _authenticationManager; } + + @Override + public AuthenticationManager getAuthenticationManager(SocketAddress address) + { + return _authenticationManager; + } + + public PluginManager getPluginManager() { return _pluginManager; diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/IApplicationRegistry.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/IApplicationRegistry.java index 59bf250590..af2f0d78bc 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/IApplicationRegistry.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/IApplicationRegistry.java @@ -37,6 +37,7 @@ import org.apache.qpid.server.virtualhost.VirtualHost; import org.apache.qpid.server.virtualhost.VirtualHostRegistry; import java.net.InetSocketAddress; +import java.net.SocketAddress; import java.util.UUID; public interface IApplicationRegistry extends StatisticsGatherer @@ -62,8 +63,26 @@ public interface IApplicationRegistry extends StatisticsGatherer ManagedObjectRegistry getManagedObjectRegistry(); + /** + * Get the default AuthenticationManager + * + * @deprecated + * + * @return the AuthenticationManager + */ AuthenticationManager getAuthenticationManager(); + /** + * Get the AuthenticationManager for the given socket address + * + * If no AuthenticationManager has been specifically set for the given address, then use the default + * AuthenticationManager + * + * @param address The (listening) socket address for which the AuthenticationManager is required + * @return the AuthenticationManager + */ + AuthenticationManager getAuthenticationManager(SocketAddress address); + VirtualHostRegistry getVirtualHostRegistry(); SecurityManager getSecurityManager(); diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/state/AMQStateManager.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/state/AMQStateManager.java index f97b77a4fe..f352bbdd2c 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/state/AMQStateManager.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/state/AMQStateManager.java @@ -32,7 +32,9 @@ import org.apache.qpid.protocol.AMQConstant; import org.apache.qpid.protocol.AMQMethodEvent; import org.apache.qpid.protocol.AMQMethodListener; import org.apache.qpid.server.protocol.AMQProtocolSession; +import org.apache.qpid.server.registry.IApplicationRegistry; import org.apache.qpid.server.security.SecurityManager; +import org.apache.qpid.server.security.auth.manager.AuthenticationManager; import org.apache.qpid.server.virtualhost.VirtualHostRegistry; import java.util.concurrent.CopyOnWriteArraySet; @@ -61,6 +63,18 @@ public class AMQStateManager implements AMQMethodListener } + /** + * Get the ApplicationRegistry associated with this AMQStateManager + * + * returns the application registry associated with the VirtualHostRegistry of the AMQStateManager + * + * @return the ApplicationRegistry + */ + public IApplicationRegistry getApplicationRegistry() + { + return _virtualHostRegistry.getApplicationRegistry(); + } + public AMQState getCurrentState() { return _currentState; @@ -142,4 +156,14 @@ public class AMQStateManager implements AMQMethodListener SecurityManager.setThreadSubject(_protocolSession.getAuthorizedSubject()); return _protocolSession; } + + /** + * Get the AuthenticationManager associated with the ProtocolSession of the AMQStateManager + * + * @return the AuthenticationManager + */ + public AuthenticationManager getAuthenticationManager() + { + return getApplicationRegistry().getAuthenticationManager(getProtocolSession().getLocalAddress()); + } } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/transport/ServerConnectionDelegate.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/transport/ServerConnectionDelegate.java index 0d8036ec3a..a55d50cc54 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/transport/ServerConnectionDelegate.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/transport/ServerConnectionDelegate.java @@ -32,6 +32,7 @@ import org.apache.qpid.server.registry.IApplicationRegistry; import org.apache.qpid.server.security.SecurityManager; import org.apache.qpid.server.security.auth.AuthenticationResult; import org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus; +import org.apache.qpid.server.security.auth.manager.AuthenticationManager; import org.apache.qpid.server.subscription.Subscription_0_10; import org.apache.qpid.server.virtualhost.State; import org.apache.qpid.server.virtualhost.VirtualHost; @@ -58,22 +59,25 @@ public class ServerConnectionDelegate extends ServerDelegate private final IApplicationRegistry _appRegistry; private int _maxNoOfChannels; private Map<String,Object> _clientProperties; + private final AuthenticationManager _authManager; - public ServerConnectionDelegate(IApplicationRegistry appRegistry, String localFQDN) + public ServerConnectionDelegate(IApplicationRegistry appRegistry, String localFQDN, AuthenticationManager authManager) { - this(createConnectionProperties(appRegistry.getBroker()), Collections.singletonList((Object)"en_US"), appRegistry, localFQDN); + this(createConnectionProperties(appRegistry.getBroker()), Collections.singletonList((Object)"en_US"), appRegistry, localFQDN, authManager); } - public ServerConnectionDelegate(Map<String, Object> properties, + private ServerConnectionDelegate(Map<String, Object> properties, List<Object> locales, IApplicationRegistry appRegistry, - String localFQDN) + String localFQDN, + AuthenticationManager authManager) { - super(properties, parseToList(appRegistry.getAuthenticationManager().getMechanisms()), locales); + super(properties, parseToList(authManager.getMechanisms()), locales); _appRegistry = appRegistry; _localFQDN = localFQDN; - _maxNoOfChannels = ApplicationRegistry.getInstance().getConfiguration().getMaxChannelCount(); + _maxNoOfChannels = appRegistry.getConfiguration().getMaxChannelCount(); + _authManager = authManager; } private static Map<String, Object> createConnectionProperties(final BrokerConfig brokerConfig) @@ -110,13 +114,13 @@ public class ServerConnectionDelegate extends ServerDelegate protected SaslServer createSaslServer(String mechanism) throws SaslException { - return _appRegistry.getAuthenticationManager().createSaslServer(mechanism, _localFQDN); + return _authManager.createSaslServer(mechanism, _localFQDN); } protected void secure(final SaslServer ss, final Connection conn, final byte[] response) { - final AuthenticationResult authResult = _appRegistry.getAuthenticationManager().authenticate(ss, response); + final AuthenticationResult authResult = _authManager.authenticate(ss, response); final ServerConnection sconn = (ServerConnection) conn; diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/transport/ServerConnectionMBeanTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/transport/ServerConnectionMBeanTest.java index dcb3692cf5..b0b81355ac 100644 --- a/qpid/java/broker/src/test/java/org/apache/qpid/server/transport/ServerConnectionMBeanTest.java +++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/transport/ServerConnectionMBeanTest.java @@ -32,6 +32,7 @@ import org.apache.qpid.transport.Session; import javax.management.JMException; import javax.management.openmbean.CompositeData; import javax.management.openmbean.TabularData; +import java.net.InetSocketAddress; import java.util.ArrayList; import java.util.Collection; import java.util.Date; @@ -80,7 +81,7 @@ public class ServerConnectionMBeanTest extends InternalBrokerBaseCase "authid", "remoteProcessName", new Integer(1967), new Integer(1970), vhost.getConfigStore(), Boolean.FALSE); _serverConnection.setConnectionConfig(config); _serverConnection.setVirtualHost(vhost); - _serverConnection.setConnectionDelegate(new ServerConnectionDelegate(getRegistry(), "")); + _serverConnection.setConnectionDelegate(new ServerConnectionDelegate(getRegistry(), "", getRegistry().getAuthenticationManager(new InetSocketAddress(5672)))); _serverSession = new ServerSessionMock(_serverConnection, 1); _mbean = (ServerConnectionMBean) _serverConnection.getManagedObject(); } |