QPID-419 Access Control QPID-423 Authentication per virtualhost

Improved error handling when hostconfig is not specifed. Was NPE-ing

git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/branches/M2@521710 13f79535-47bb-0310-9956-ffa450edef68

5 files changed, 28 insertions, 8 deletions

diff --git a/java/broker/etc/log4j.xml b/java/broker/etc/log4j.xml
index 74b80c0e80..8e725dd255 100644
--- a/java/broker/etc/log4j.xml
+++ b/java/broker/etc/log4j.xml
@@ -50,8 +50,6 @@
     </appender>
 
         <appender name="FileAppender" class="org.apache.log4j.FileAppender">
-        <param name="staticLogFileName" value="false"/>
-
         <param name="File" value="${QPID_WORK}/log/${logprefix}qpid${logsuffix}.log"/>
         <param name="Append" value="false"/>
 
diff --git a/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionOpenMethodHandler.java b/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionOpenMethodHandler.java
index 2ecb39254f..4f91dd53a5 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionOpenMethodHandler.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/handler/ConnectionOpenMethodHandler.java
@@ -75,7 +75,7 @@ public class ConnectionOpenMethodHandler implements StateAwareMethodListener<Con
 
         if (virtualHost == null)
         {
-            throw body.getConnectionException(AMQConstant.NOT_FOUND, "Unknown virtual host: " + virtualHostName);
+            throw body.getConnectionException(AMQConstant.NOT_FOUND, "Unknown virtual host: '" + virtualHostName+"'");
         }
         else
         {
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManager.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManager.java
index 0c0de88182..a97a56da55 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManager.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManager.java
@@ -22,6 +22,7 @@ package org.apache.qpid.server.security.access;
 
 public interface AccessManager
 {
+    //AccessResult isAuthorized(Accessable accessObject, Principal username, AccessRights rights);
     AccessResult isAuthorized(Accessable accessObject, String username);
 
     String getName();
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManagerImpl.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManagerImpl.java
index 0feb2791da..3620a0dcdc 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManagerImpl.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/AccessManagerImpl.java
@@ -39,8 +39,13 @@ public class AccessManagerImpl implements AccessManager
 
     public AccessManagerImpl(String name, Configuration hostConfig) throws ConfigurationException
     {
-        String accessClass = hostConfig.getString("security.access.class");
+        if (hostConfig == null)
+        {
+            _logger.warn("No Configuration specified. Using default access controls for VirtualHost:'" + name + "'");
+            return;
+        }
 
+        String accessClass = hostConfig.getString("security.access.class");
         if (accessClass == null)
         {
             _logger.warn("No access control specified. Using default access controls for VirtualHost:'" + name + "'");
@@ -111,7 +116,7 @@ public class AccessManagerImpl implements AccessManager
             }
             catch (Exception e)
             {
-                throw new ConfigurationException(e.getCause());
+                throw new ConfigurationException(e.getMessage(), e.getCause());
             }
         }
     }
@@ -121,7 +126,15 @@ public class AccessManagerImpl implements AccessManager
     {
         if (_accessManager == null)
         {
-            return ApplicationRegistry.getInstance().getAccessManager().isAuthorized(accessObject, username);
+            if (ApplicationRegistry.getInstance().getAccessManager() == this)
+            {
+                _logger.warn("No Default access manager specified DENYING ALL ACCESS");
+                return new AccessResult(this, AccessResult.AccessStatus.REFUSED);
+            }
+            else
+            {
+                return ApplicationRegistry.getInstance().getAccessManager().isAuthorized(accessObject, username);
+            }
         }
         else
         {
@@ -129,7 +142,8 @@ public class AccessManagerImpl implements AccessManager
         }
     }
 
-    public String getName()
+    public String getName
+            ()
     {
         return "AccessManagerImpl";
     }
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/ConfigurationFilePrincipalDatabaseManager.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/ConfigurationFilePrincipalDatabaseManager.java
index 0c35206dd3..2e019e1cfb 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/ConfigurationFilePrincipalDatabaseManager.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/database/ConfigurationFilePrincipalDatabaseManager.java
@@ -136,7 +136,14 @@ public class ConfigurationFilePrincipalDatabaseManager implements PrincipalDatab
             }
             catch (Exception ite)
             {
-                throw new ConfigurationException(ite.getCause());
+                if (ite instanceof ConfigurationException)
+                {
+                    throw(ConfigurationException) ite;
+                }
+                else
+                {
+                    throw new ConfigurationException(ite.getMessage(), ite.getCause());
+                }
             }
         }
     }