diff options
| author | Robert Godfrey <rgodfrey@apache.org> | 2014-03-08 00:48:50 +0000 |
|---|---|---|
| committer | Robert Godfrey <rgodfrey@apache.org> | 2014-03-08 00:48:50 +0000 |
| commit | dbc2cf98b3ecbb42eea0fa218faca1f974b25bcb (patch) | |
| tree | 92a5397107fd6b9e04c0e71476b6f5fc1f1b7620 /qpid/java/broker-plugins/access-control | |
| parent | d9b099731447585d1af1b375fc641b3eb6850791 (diff) | |
| download | qpid-python-dbc2cf98b3ecbb42eea0fa218faca1f974b25bcb.tar.gz | |
QPID-5611 : Change the event logger from a singleton to an instance
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1575462 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java/broker-plugins/access-control')
10 files changed, 70 insertions, 73 deletions
diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AbstractConfiguration.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AbstractConfiguration.java index f87374ac80..09ffb71519 100644 --- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AbstractConfiguration.java +++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AbstractConfiguration.java @@ -20,16 +20,20 @@ */ package org.apache.qpid.server.security.access.config; +import org.apache.qpid.server.logging.EventLogger; + import java.io.File; public abstract class AbstractConfiguration implements ConfigurationFile { private File _file; private RuleSet _config; - - public AbstractConfiguration(File file) + private final EventLogger _eventLogger; + + public AbstractConfiguration(File file, final EventLogger eventLogger) { _file = file; + _eventLogger = eventLogger; } public File getFile() @@ -39,7 +43,7 @@ public abstract class AbstractConfiguration implements ConfigurationFile public RuleSet load() { - _config = new RuleSet(); + _config = new RuleSet(_eventLogger); return _config; } diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java index 34585bb4f6..df5b66da84 100644 --- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java +++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java @@ -35,6 +35,7 @@ import java.util.Stack; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; import org.apache.qpid.server.configuration.IllegalConfigurationException; +import org.apache.qpid.server.logging.EventLogger; import org.apache.qpid.server.security.access.ObjectType; import org.apache.qpid.server.security.access.Operation; import org.apache.qpid.server.security.access.Permission; @@ -67,9 +68,9 @@ public class PlainConfiguration extends AbstractConfiguration private StreamTokenizer _st; - public PlainConfiguration(File file) + public PlainConfiguration(File file, final EventLogger eventLogger) { - super(file); + super(file, eventLogger); } @Override diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java index 58f3c71c7c..6e9bc590f4 100644 --- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java +++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java @@ -38,7 +38,7 @@ import javax.security.auth.Subject; import org.apache.commons.lang.BooleanUtils; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; -import org.apache.qpid.server.logging.SystemLog; +import org.apache.qpid.server.logging.EventLogger; import org.apache.qpid.server.logging.messages.AccessControlMessages; import org.apache.qpid.server.security.Result; import org.apache.qpid.server.security.access.ObjectProperties; @@ -70,9 +70,11 @@ public class RuleSet private final Map<Subject, Map<Operation, Map<ObjectType, List<Rule>>>> _cache = new WeakHashMap<Subject, Map<Operation, Map<ObjectType, List<Rule>>>>(); private final Map<String, Boolean> _config = new HashMap<String, Boolean>(); + private final EventLogger _eventLogger; - public RuleSet() + public RuleSet(EventLogger eventLogger) { + _eventLogger = eventLogger; // set some default configuration properties configure(DEFAULT_DENY, Boolean.TRUE); } @@ -321,14 +323,14 @@ public class RuleSet switch (permission) { case ALLOW_LOG: - SystemLog.message(AccessControlMessages.ALLOWED( + _eventLogger.message(AccessControlMessages.ALLOWED( action.getOperation().toString(), action.getObjectType().toString(), action.getProperties().toString())); case ALLOW: return Result.ALLOWED; case DENY_LOG: - SystemLog.message(AccessControlMessages.DENIED( + _eventLogger.message(AccessControlMessages.DENIED( action.getOperation().toString(), action.getObjectType().toString(), action.getProperties().toString())); @@ -437,4 +439,9 @@ public class RuleSet } return objects; } + + public EventLogger getEventLogger() + { + return _eventLogger; + } } diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/XMLConfiguration.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/XMLConfiguration.java deleted file mode 100644 index a4f6f8b65a..0000000000 --- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/XMLConfiguration.java +++ /dev/null @@ -1,31 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.server.security.access.config; - -import java.io.File; - -public class XMLConfiguration extends AbstractConfiguration -{ - public XMLConfiguration(File file) - { - super(file); - } -} diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java index f579ea0ec5..b56cd7c077 100644 --- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java +++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java @@ -34,6 +34,7 @@ import org.apache.commons.lang.ObjectUtils; import org.apache.log4j.Logger; import org.apache.qpid.server.configuration.IllegalConfigurationException; import org.apache.qpid.server.connection.ConnectionPrincipal; +import org.apache.qpid.server.logging.EventLogger; import org.apache.qpid.server.security.Result; import org.apache.qpid.server.security.AccessControl; import org.apache.qpid.server.security.access.ObjectProperties; @@ -49,9 +50,11 @@ public class DefaultAccessControl implements AccessControl private RuleSet _ruleSet; private File _aclFile; + private final EventLogger _eventLogger; - public DefaultAccessControl(String fileName) + public DefaultAccessControl(String fileName, final EventLogger eventLogger) { + _eventLogger = eventLogger; if (_logger.isDebugEnabled()) { _logger.debug("Creating AccessControl instance using file: " + fileName); @@ -63,6 +66,7 @@ public class DefaultAccessControl implements AccessControl DefaultAccessControl(RuleSet rs) throws ConfigurationException { _ruleSet = rs; + _eventLogger = rs.getEventLogger(); } public void open() @@ -74,7 +78,7 @@ public class DefaultAccessControl implements AccessControl throw new IllegalConfigurationException("ACL file '" + _aclFile + "' is not found"); } - ConfigurationFile configFile = new PlainConfiguration(_aclFile); + ConfigurationFile configFile = new PlainConfiguration(_aclFile, _eventLogger); _ruleSet = configFile.load(); } } @@ -103,7 +107,7 @@ public class DefaultAccessControl implements AccessControl } //verify it is parsable - new PlainConfiguration(_aclFile).load(); + new PlainConfiguration(_aclFile, _eventLogger).load(); } } diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactory.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactory.java index f4e041a8d2..af3b456083 100644 --- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactory.java +++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactory.java @@ -30,6 +30,7 @@ import java.util.Collections; import java.util.Map; import org.apache.qpid.server.configuration.IllegalConfigurationException; +import org.apache.qpid.server.logging.EventLogger; import org.apache.qpid.server.plugin.AccessControlFactory; import org.apache.qpid.server.security.AccessControl; import org.apache.qpid.server.util.ResourceBundleLoader; @@ -43,7 +44,7 @@ public class DefaultAccessControlFactory implements AccessControlFactory PATH )); - public AccessControl createInstance(Map<String, Object> attributes) + public AccessControl createInstance(Map<String, Object> attributes, final EventLogger eventLogger) { if(attributes == null || !ACL_FILE_PROVIDER_TYPE.equals(attributes.get(ATTRIBUTE_TYPE))) { @@ -56,7 +57,7 @@ public class DefaultAccessControlFactory implements AccessControlFactory throw new IllegalConfigurationException("Path to ACL was not specified!"); } - return new DefaultAccessControl(path); + return new DefaultAccessControl(path, eventLogger); } @Override diff --git a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java index e22f4af895..e457d191c9 100644 --- a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java +++ b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java @@ -27,14 +27,13 @@ import java.util.Map; import junit.framework.TestCase; import org.apache.qpid.server.configuration.IllegalConfigurationException; +import org.apache.qpid.server.logging.EventLogger; import org.apache.qpid.server.security.access.ObjectProperties; import org.apache.qpid.server.security.access.ObjectProperties.Property; import org.apache.qpid.server.security.access.ObjectType; import org.apache.qpid.server.security.access.Operation; -import org.apache.qpid.server.security.access.config.ConfigurationFile; -import org.apache.qpid.server.security.access.config.PlainConfiguration; -import org.apache.qpid.server.security.access.config.Rule; -import org.apache.qpid.server.security.access.config.RuleSet; + +import static org.mockito.Mockito.mock; /** * These tests check that the ACL file parsing works correctly. @@ -58,7 +57,7 @@ public class PlainConfigurationTest extends TestCase aclWriter.close(); // Load ruleset - PlainConfiguration configFile = new PlainConfiguration(acl); + PlainConfiguration configFile = new PlainConfiguration(acl, new EventLogger()); configFile.load(); return configFile; } @@ -68,7 +67,7 @@ public class PlainConfigurationTest extends TestCase try { // Load ruleset - ConfigurationFile configFile = new PlainConfiguration(new File("doesnotexist")); + ConfigurationFile configFile = new PlainConfiguration(new File("doesnotexist"), new EventLogger()); configFile.load(); fail("fail"); diff --git a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactoryTest.java b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactoryTest.java index 07422e6bdb..5ed5b91cb8 100644 --- a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactoryTest.java +++ b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlFactoryTest.java @@ -26,19 +26,22 @@ import java.util.Map; import java.util.regex.Pattern; import org.apache.qpid.server.configuration.IllegalConfigurationException; +import org.apache.qpid.server.logging.EventLogger; import org.apache.qpid.server.model.GroupProvider; import org.apache.qpid.server.security.AccessControl; import org.apache.qpid.server.security.access.FileAccessControlProviderConstants; import org.apache.qpid.test.utils.QpidTestCase; import org.apache.qpid.test.utils.TestFileUtils; +import static org.mockito.Mockito.mock; + public class DefaultAccessControlFactoryTest extends QpidTestCase { public void testCreateInstanceWhenAclFileIsNotPresent() { DefaultAccessControlFactory factory = new DefaultAccessControlFactory(); Map<String, Object> attributes = new HashMap<String, Object>(); - AccessControl acl = factory.createInstance(attributes); + AccessControl acl = factory.createInstance(attributes, new EventLogger()); assertNull("ACL was created without a configuration file", acl); } @@ -49,7 +52,7 @@ public class DefaultAccessControlFactoryTest extends QpidTestCase Map<String, Object> attributes = new HashMap<String, Object>(); attributes.put(GroupProvider.TYPE, FileAccessControlProviderConstants.ACL_FILE_PROVIDER_TYPE); attributes.put(FileAccessControlProviderConstants.PATH, aclFile.getAbsolutePath()); - AccessControl acl = factory.createInstance(attributes); + AccessControl acl = factory.createInstance(attributes, new EventLogger()); acl.open(); assertNotNull("ACL was not created from acl file: " + aclFile.getAbsolutePath(), acl); @@ -65,7 +68,7 @@ public class DefaultAccessControlFactoryTest extends QpidTestCase attributes.put(FileAccessControlProviderConstants.PATH, aclFile.getAbsolutePath()); try { - AccessControl control = factory.createInstance(attributes); + AccessControl control = factory.createInstance(attributes, new EventLogger()); control.open(); fail("It should not be possible to create and initialise ACL with non existing file"); } diff --git a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlTest.java b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlTest.java index f5f1866c3a..e35f4301ed 100644 --- a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlTest.java +++ b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControlTest.java @@ -33,7 +33,7 @@ import junit.framework.TestCase; import org.apache.commons.configuration.ConfigurationException; import org.apache.qpid.server.connection.ConnectionPrincipal; -import org.apache.qpid.server.logging.SystemLog; +import org.apache.qpid.server.logging.EventLogger; import org.apache.qpid.server.logging.UnitTestMessageLogger; import org.apache.qpid.server.protocol.AMQConnectionModel; import org.apache.qpid.server.security.Result; @@ -56,7 +56,16 @@ public class DefaultAccessControlTest extends TestCase private static final String DENIED_GROUP = "denied_group"; private DefaultAccessControl _plugin = null; // Class under test - private final UnitTestMessageLogger messageLogger = new UnitTestMessageLogger(); + private UnitTestMessageLogger _messageLogger; + private EventLogger _eventLogger; + + public void setUp() throws Exception + { + super.setUp(); + _messageLogger = new UnitTestMessageLogger(); + _eventLogger = new EventLogger(_messageLogger); + _plugin = null; + } private void setUpGroupAccessControl() throws ConfigurationException { @@ -66,12 +75,11 @@ public class DefaultAccessControlTest extends TestCase private void configureAccessControl(final RuleSet rs) throws ConfigurationException { _plugin = new DefaultAccessControl(rs); - SystemLog.setRootMessageLogger(messageLogger); } private RuleSet createGroupRuleSet() { - final RuleSet rs = new RuleSet(); + final RuleSet rs = new RuleSet(_eventLogger); // Rule expressed with username rs.grant(0, "user1", Permission.ALLOW, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY); @@ -84,11 +92,6 @@ public class DefaultAccessControlTest extends TestCase return rs; } - protected void tearDown() throws Exception - { - super.tearDown(); - } - /** * ACL plugin must always abstain if there is no subject attached to the thread. */ @@ -153,12 +156,15 @@ public class DefaultAccessControlTest extends TestCase @Override public Object run() { - assertEquals("Expecting zero messages before test", 0, messageLogger.getLogMessages().size()); + assertEquals("Expecting zero messages before test", + 0, + _messageLogger.getLogMessages().size()); final Result result = _plugin.authorise(Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY); assertEquals(Result.DENIED, result); - assertEquals("Expecting one message before test", 1, messageLogger.getLogMessages().size()); - assertTrue("Logged message does not contain expected string", messageLogger.messageContains(0, "ACL-1002")); + assertEquals("Expecting one message before test", 1, _messageLogger.getLogMessages().size()); + assertTrue("Logged message does not contain expected string", + _messageLogger.messageContains(0, "ACL-1002")); return null; } }); @@ -170,7 +176,7 @@ public class DefaultAccessControlTest extends TestCase */ public void testAuthoriseAccessMethodWhenAllAccessOperationsAllowedOnAllComponents() throws ConfigurationException { - final RuleSet rs = new RuleSet(); + final RuleSet rs = new RuleSet(_eventLogger); // grant user4 access right on any method in any component rs.grant(1, "user4", Permission.ALLOW, Operation.ACCESS, ObjectType.METHOD, new ObjectProperties(ObjectProperties.STAR)); @@ -196,7 +202,7 @@ public class DefaultAccessControlTest extends TestCase */ public void testAuthoriseAccessMethodWhenAllAccessOperationsAllowedOnSpecifiedComponent() throws ConfigurationException { - final RuleSet rs = new RuleSet(); + final RuleSet rs = new RuleSet(_eventLogger); // grant user5 access right on any methods in "Test" component ObjectProperties ruleProperties = new ObjectProperties(ObjectProperties.STAR); @@ -296,7 +302,7 @@ public class DefaultAccessControlTest extends TestCase */ public void testAuthoriseAccessMethodWhenSpecifiedAccessOperationsAllowedOnSpecifiedComponent() throws ConfigurationException { - final RuleSet rs = new RuleSet(); + final RuleSet rs = new RuleSet(_eventLogger); // grant user6 access right on "getAttribute" method in "Test" component ObjectProperties ruleProperties = new ObjectProperties("getAttribute"); @@ -333,7 +339,7 @@ public class DefaultAccessControlTest extends TestCase */ public void testAuthoriseAccessUpdateMethodWhenAllRightsGrantedOnSpecifiedMethodForAllComponents() throws ConfigurationException { - final RuleSet rs = new RuleSet(); + final RuleSet rs = new RuleSet(_eventLogger); // grant user8 all rights on method queryNames in all component rs.grant(1, "user8", Permission.ALLOW, Operation.ALL, ObjectType.METHOD, new ObjectProperties("queryNames")); @@ -372,7 +378,7 @@ public class DefaultAccessControlTest extends TestCase */ public void testAuthoriseAccessUpdateMethodWhenAllRightsGrantedOnAllMethodsInAllComponents() throws ConfigurationException { - final RuleSet rs = new RuleSet(); + final RuleSet rs = new RuleSet(_eventLogger); // grant user9 all rights on any method in all component rs.grant(1, "user9", Permission.ALLOW, Operation.ALL, ObjectType.METHOD, new ObjectProperties()); @@ -410,7 +416,7 @@ public class DefaultAccessControlTest extends TestCase */ public void testAuthoriseAccessMethodWhenMatchingAccessOperationsAllowedOnSpecifiedComponent() throws ConfigurationException { - final RuleSet rs = new RuleSet(); + final RuleSet rs = new RuleSet(_eventLogger); // grant user9 all rights on "getAttribute*" methods in Test component ObjectProperties ruleProperties = new ObjectProperties(); diff --git a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/RuleSetTest.java b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/RuleSetTest.java index 52f55f7e2d..47f7f440fa 100644 --- a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/RuleSetTest.java +++ b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/RuleSetTest.java @@ -25,6 +25,7 @@ import java.security.Principal; import javax.security.auth.Subject; +import org.apache.qpid.server.logging.EventLogger; import org.apache.qpid.server.security.Result; import org.apache.qpid.server.security.access.ObjectProperties; import org.apache.qpid.server.security.access.ObjectType; @@ -35,6 +36,8 @@ import org.apache.qpid.server.security.access.config.RuleSet; import org.apache.qpid.server.security.auth.TestPrincipalUtils; import org.apache.qpid.test.utils.QpidTestCase; +import static org.mockito.Mockito.mock; + /** * This test checks that the {@link RuleSet} object which forms the core of the access control plugin performs correctly. * @@ -62,7 +65,7 @@ public class RuleSetTest extends QpidTestCase { super.setUp(); - _ruleSet = new RuleSet(); + _ruleSet = new RuleSet(new EventLogger()); } @Override |