diff options
| author | Alex Rudyy <orudyy@apache.org> | 2013-02-19 09:35:28 +0000 |
|---|---|---|
| committer | Alex Rudyy <orudyy@apache.org> | 2013-02-19 09:35:28 +0000 |
| commit | a973713561140fe7395368ae53def8f7edfa18a3 (patch) | |
| tree | 7bda80afada592df681fb73908400e7a189f015f /qpid/java/broker-plugins/management-http/src | |
| parent | 1b0f1d06188e73e9440dc1789c28ee65e24d539d (diff) | |
| download | qpid-python-a973713561140fe7395368ae53def8f7edfa18a3.tar.gz | |
QPID-4390: Introduce a configuration store in java broker allowing runtime modifications and replace existing xml file configuration with json configuration store
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1447646 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java/broker-plugins/management-http/src')
11 files changed, 300 insertions, 255 deletions
diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java index f10b308e24..59dbc6e530 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java @@ -21,15 +21,20 @@ package org.apache.qpid.server.management.plugin; import java.io.File; -import java.util.ArrayList; import java.util.Collection; +import java.util.Collections; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.UUID; -import org.apache.commons.configuration.ConfigurationException; import org.apache.log4j.Logger; +import org.apache.qpid.server.configuration.IllegalConfigurationException; import org.apache.qpid.server.logging.actors.CurrentActor; import org.apache.qpid.server.logging.messages.ManagementConsoleMessages; import org.apache.qpid.server.management.plugin.servlet.DefinedFileServlet; import org.apache.qpid.server.management.plugin.servlet.FileServlet; +import org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet; import org.apache.qpid.server.management.plugin.servlet.rest.LogRecordsServlet; import org.apache.qpid.server.management.plugin.servlet.rest.LogoutServlet; import org.apache.qpid.server.management.plugin.servlet.rest.MessageContentServlet; @@ -46,13 +51,18 @@ import org.apache.qpid.server.model.Exchange; import org.apache.qpid.server.model.Group; import org.apache.qpid.server.model.GroupMember; import org.apache.qpid.server.model.GroupProvider; +import org.apache.qpid.server.model.KeyStore; +import org.apache.qpid.server.model.Plugin; import org.apache.qpid.server.model.Port; import org.apache.qpid.server.model.Protocol; import org.apache.qpid.server.model.Queue; import org.apache.qpid.server.model.Session; -import org.apache.qpid.server.model.Transport; +import org.apache.qpid.server.model.State; import org.apache.qpid.server.model.User; import org.apache.qpid.server.model.VirtualHost; +import org.apache.qpid.server.model.adapter.AbstractPluginAdapter; +import org.apache.qpid.server.plugin.PluginFactory; +import org.apache.qpid.server.util.MapValueConverter; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.SessionManager; @@ -62,98 +72,186 @@ import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.servlet.ServletHolder; import org.eclipse.jetty.util.ssl.SslContextFactory; -public class HttpManagement implements ManagementPlugin +public class HttpManagement extends AbstractPluginAdapter { private final Logger _logger = Logger.getLogger(HttpManagement.class); + // 10 minutes by default + public static final int DEFAULT_TIMEOUT_IN_SECONDS = 60 * 10; + public static final boolean DEFAULT_HTTP_BASIC_AUTHENTICATION_ENABLED = false; + public static final boolean DEFAULT_HTTPS_BASIC_AUTHENTICATION_ENABLED = true; + public static final boolean DEFAULT_HTTP_SASL_AUTHENTICATION_ENABLED = true; + public static final boolean DEFAULT_HTTPS_SASL_AUTHENTICATION_ENABLED = true; + public static final String DEFAULT_NAME = "httpManagement"; + + public static final String TIME_OUT = "sessionTimeout"; + public static final String HTTP_BASIC_AUTHENTICATION_ENABLED = "httpBasicAuthenticationEnabled"; + public static final String HTTPS_BASIC_AUTHENTICATION_ENABLED = "httpsBasicAuthenticationEnabled"; + public static final String HTTP_SASL_AUTHENTICATION_ENABLED = "httpSaslAuthenticationEnabled"; + public static final String HTTPS_SASL_AUTHENTICATION_ENABLED = "httpsSaslAuthenticationEnabled"; + + public static final String PLUGIN_TYPE = "MANAGEMENT-HTTP"; + + @SuppressWarnings("serial") + private static final Collection<String> AVAILABLE_ATTRIBUTES = Collections.unmodifiableSet(new HashSet<String>(Plugin.AVAILABLE_ATTRIBUTES) + {{ + add(HTTP_BASIC_AUTHENTICATION_ENABLED); + add(HTTPS_BASIC_AUTHENTICATION_ENABLED); + add(HTTP_SASL_AUTHENTICATION_ENABLED); + add(HTTPS_SASL_AUTHENTICATION_ENABLED); + add(TIME_OUT); + add(PluginFactory.PLUGIN_TYPE); + }}); + public static final String ENTRY_POINT_PATH = "/management"; private static final String OPERATIONAL_LOGGING_NAME = "Web"; - private final Broker _broker; - private final Collection<Server> _servers = new ArrayList<Server>(); + @SuppressWarnings("serial") + public static final Map<String, Object> DEFAULTS = Collections.unmodifiableMap(new HashMap<String, Object>() + {{ + put(HTTP_BASIC_AUTHENTICATION_ENABLED, DEFAULT_HTTP_BASIC_AUTHENTICATION_ENABLED); + put(HTTPS_BASIC_AUTHENTICATION_ENABLED, DEFAULT_HTTPS_BASIC_AUTHENTICATION_ENABLED); + put(HTTP_SASL_AUTHENTICATION_ENABLED, DEFAULT_HTTP_SASL_AUTHENTICATION_ENABLED); + put(HTTPS_SASL_AUTHENTICATION_ENABLED, DEFAULT_HTTPS_SASL_AUTHENTICATION_ENABLED); + put(TIME_OUT, DEFAULT_TIMEOUT_IN_SECONDS); + put(NAME, DEFAULT_NAME); + }}); + + @SuppressWarnings("serial") + private static final Map<String, Class<?>> ATTRIBUTE_TYPES = Collections.unmodifiableMap(new HashMap<String, Class<?>>(){{ + put(HTTP_BASIC_AUTHENTICATION_ENABLED, Boolean.class); + put(HTTPS_BASIC_AUTHENTICATION_ENABLED, Boolean.class); + put(HTTP_SASL_AUTHENTICATION_ENABLED, Boolean.class); + put(HTTPS_SASL_AUTHENTICATION_ENABLED, Boolean.class); + put(NAME, String.class); + put(TIME_OUT, Integer.class); + put(PluginFactory.PLUGIN_TYPE, String.class); + }}); + + private final Broker _broker; - private final String _keyStorePassword; - private final String _keyStorePath; - private final int _sessionTimeout; + private Server _server; - public HttpManagement(Broker broker, String keyStorePath, String keyStorePassword, int sessionTimeout) throws ConfigurationException + public HttpManagement(UUID id, Broker broker, Map<String, Object> attributes) { + super(id, DEFAULTS, MapValueConverter.convert(attributes, ATTRIBUTE_TYPES), broker.getTaskExecutor()); _broker = broker; - _keyStorePassword = keyStorePassword; - _keyStorePath = keyStorePath; - _sessionTimeout = sessionTimeout; + addParent(Broker.class, broker); + } - Collection<Port> ports = broker.getPorts(); - int httpPort = -1, httpsPort = -1; - for (Port port : ports) + @Override + protected boolean setState(State currentState, State desiredState) + { + if(desiredState == State.ACTIVE) { - if (port.getProtocols().contains(Protocol.HTTP)) - { - if (port.getTransports().contains(Transport.TCP)) - { - httpPort = port.getPort(); - } - } - if (port.getProtocols().contains(Protocol.HTTPS)) - { - if (port.getTransports().contains(Transport.SSL)) - { - httpsPort = port.getPort(); - } - } + start(); + return true; + } + else if(desiredState == State.STOPPED) + { + stop(); + return true; } + return false; + } + + private void start() + { + CurrentActor.get().message(ManagementConsoleMessages.STARTUP(OPERATIONAL_LOGGING_NAME)); - if (httpPort != -1 || httpsPort != -1) + Collection<Port> httpPorts = getHttpPorts(_broker.getPorts()); + _server = createServer(httpPorts); + try { - _servers.add(createServer(httpPort, httpsPort)); - if (_logger.isDebugEnabled()) - { - _logger.debug(_servers.size() + " server(s) defined"); - } + _server.start(); + logOperationalListenMessages(_server); } - else + catch (Exception e) { - if (_logger.isInfoEnabled()) + throw new RuntimeException("Failed to start http management on ports " + httpPorts); + } + + CurrentActor.get().message(ManagementConsoleMessages.READY(OPERATIONAL_LOGGING_NAME)); + } + + private void stop() + { + if (_server != null) + { + try { - _logger.info("Cannot create web server as neither HTTP nor HTTPS port specified"); + _server.stop(); + logOperationalShutdownMessage(_server); + } + catch (Exception e) + { + throw new RuntimeException("Failed to stop http management on port " + getHttpPorts(_broker.getPorts())); } } + + CurrentActor.get().message(ManagementConsoleMessages.STOPPED(OPERATIONAL_LOGGING_NAME)); + } + + /** Added for testing purposes */ + Broker getBroker() + { + return _broker; + } + + /** Added for testing purposes */ + int getSessionTimeout() + { + return (Integer)getAttribute(TIME_OUT); + } + + private boolean isManagementHttp(Port port) + { + return port.getProtocols().contains(Protocol.HTTP) || port.getProtocols().contains(Protocol.HTTPS); } @SuppressWarnings("unchecked") - private Server createServer(int port, int sslPort) throws ConfigurationException + private Server createServer(Collection<Port> ports) { if (_logger.isInfoEnabled()) { - _logger.info("Starting up web server on" + (port == -1 ? "" : " HTTP port " + port) - + (sslPort == -1 ? "" : " HTTPS port " + sslPort)); + _logger.info("Starting up web server on " + ports); } Server server = new Server(); - - if (port != -1) + for (Port port : ports) { - SelectChannelConnector connector = new SelectChannelConnector(); - connector.setPort(port); - if (sslPort != -1) + final Collection<Protocol> protocols = port.getProtocols(); + Connector connector = null; + + //TODO: what to do if protocol HTTP and transport SSL? + if (protocols.contains(Protocol.HTTP)) { - connector.setConfidentialPort(sslPort); + connector = new SelectChannelConnector(); } - server.addConnector(connector); - } - - if (sslPort != -1) - { - checkKeyStorePath(_keyStorePath); + else if (protocols.contains(Protocol.HTTPS)) + { + KeyStore keyStore = _broker.getDefaultKeyStore(); + if (keyStore == null) + { + throw new IllegalConfigurationException("Key store is not configured. Cannot start management on HTTPS port without keystore"); + } + String keyStorePath = (String)keyStore.getAttribute(KeyStore.PATH); + String keyStorePassword = keyStore.getPassword(); + validateKeystoreParameters(keyStorePath, keyStorePassword); - SslContextFactory factory = new SslContextFactory(); - factory.setKeyStorePath(_keyStorePath); - factory.setKeyStorePassword(_keyStorePassword); + SslContextFactory factory = new SslContextFactory(); + factory.setKeyStorePath(keyStorePath); + factory.setKeyStorePassword(keyStorePassword); - SslSocketConnector connector = new SslSocketConnector(factory); - connector.setPort(sslPort); + connector = new SslSocketConnector(factory); + } + else + { + throw new IllegalArgumentException("Unexpected protocol " + protocols); + } + connector.setPort(port.getPort()); server.addConnector(connector); } @@ -161,6 +259,10 @@ public class HttpManagement implements ManagementPlugin root.setContextPath("/"); server.setHandler(root); + // set servlet context attributes for broker and configuration + root.getServletContext().setAttribute(AbstractServlet.ATTR_BROKER, _broker); + root.getServletContext().setAttribute(AbstractServlet.ATTR_MANAGEMENT, this); + addRestServlet(root, "broker"); addRestServlet(root, "virtualhost", VirtualHost.class); addRestServlet(root, "authenticationprovider", AuthenticationProvider.class); @@ -175,13 +277,13 @@ public class HttpManagement implements ManagementPlugin addRestServlet(root, "port", Port.class); addRestServlet(root, "session", VirtualHost.class, Connection.class, Session.class); - root.addServlet(new ServletHolder(new StructureServlet(_broker)), "/rest/structure"); - root.addServlet(new ServletHolder(new MessageServlet(_broker)), "/rest/message/*"); - root.addServlet(new ServletHolder(new MessageContentServlet(_broker)), "/rest/message-content/*"); + root.addServlet(new ServletHolder(new StructureServlet()), "/rest/structure"); + root.addServlet(new ServletHolder(new MessageServlet()), "/rest/message/*"); + root.addServlet(new ServletHolder(new MessageContentServlet()), "/rest/message-content/*"); - root.addServlet(new ServletHolder(new LogRecordsServlet(_broker)), "/rest/logrecords"); + root.addServlet(new ServletHolder(new LogRecordsServlet()), "/rest/logrecords"); - root.addServlet(new ServletHolder(new SaslServlet(_broker)), "/rest/sasl"); + root.addServlet(new ServletHolder(new SaslServlet()), "/rest/sasl"); root.addServlet(new ServletHolder(new DefinedFileServlet("index.html")), ENTRY_POINT_PATH); root.addServlet(new ServletHolder(new LogoutServlet()), "/logout"); @@ -199,61 +301,34 @@ public class HttpManagement implements ManagementPlugin final SessionManager sessionManager = root.getSessionHandler().getSessionManager(); - sessionManager.setMaxInactiveInterval(_sessionTimeout); + sessionManager.setMaxInactiveInterval((Integer)getAttribute(TIME_OUT)); return server; } private void addRestServlet(ServletContextHandler root, String name, Class<? extends ConfiguredObject>... hierarchy) { - root.addServlet(new ServletHolder(new RestServlet(_broker, hierarchy)), "/rest/" + name + "/*"); + root.addServlet(new ServletHolder(new RestServlet(hierarchy)), "/rest/" + name + "/*"); } - @Override - public void start() throws Exception + private void validateKeystoreParameters(String keyStorePath, String password) { - CurrentActor.get().message(ManagementConsoleMessages.STARTUP(OPERATIONAL_LOGGING_NAME)); - - for (Server server : _servers) + if (keyStorePath == null) { - server.start(); - - logOperationalListenMessages(server); + throw new RuntimeException("Management SSL keystore path not defined, unable to start SSL protected HTTP connector"); } - - CurrentActor.get().message(ManagementConsoleMessages.READY(OPERATIONAL_LOGGING_NAME)); - } - - @Override - public void stop() throws Exception - { - for (Server server : _servers) + if (password == null) { - logOperationalShutdownMessage(server); - - server.stop(); + throw new RuntimeException("Management SSL keystore password, unable to start SSL protected HTTP connector"); } - - CurrentActor.get().message(ManagementConsoleMessages.STOPPED(OPERATIONAL_LOGGING_NAME)); - } - - private void checkKeyStorePath(String keyStorePath) throws ConfigurationException - { - if (keyStorePath == null) + File ksf = new File(keyStorePath); + if (!ksf.exists()) { - throw new ConfigurationException("Management SSL keystore path not defined, unable to start SSL protected HTTP connector"); + throw new RuntimeException("Cannot find management SSL keystore file: " + ksf); } - else + if (!ksf.canRead()) { - File ksf = new File(keyStorePath); - if (!ksf.exists()) - { - throw new ConfigurationException("Cannot find management SSL keystore file: " + ksf); - } - if (!ksf.canRead()) - { - throw new ConfigurationException("Cannot read management SSL keystore file: " + ksf + ". Check permissions."); - } + throw new RuntimeException("Cannot read management SSL keystore file: " + ksf + ". Check permissions."); } } @@ -288,27 +363,50 @@ public class HttpManagement implements ManagementPlugin return connector instanceof SslSocketConnector ? "HTTPS" : "HTTP"; } - /** Added for testing purposes */ - Broker getBroker() + private Collection<Port> getHttpPorts(Collection<Port> ports) { - return _broker; + Collection<Port> httpPorts = new HashSet<Port>(); + for (Port port : ports) + { + if (isManagementHttp(port)) + { + httpPorts.add(port); + } + } + return httpPorts; } - /** Added for testing purposes */ - String getKeyStorePassword() + + @Override + public String getName() { - return _keyStorePassword; + return (String)getAttribute(NAME); } - /** Added for testing purposes */ - String getKeyStorePath() + @Override + public Collection<String> getAttributeNames() { - return _keyStorePath; + return Collections.unmodifiableCollection(AVAILABLE_ATTRIBUTES); } - /** Added for testing purposes */ - int getSessionTimeout() + public boolean isHttpsSaslAuthenticationEnabled() { - return _sessionTimeout; + return (Boolean)getAttribute(HTTPS_SASL_AUTHENTICATION_ENABLED); } + + public boolean isHttpSaslAuthenticationEnabled() + { + return (Boolean)getAttribute(HTTP_SASL_AUTHENTICATION_ENABLED); + } + + public boolean isHttpsBasicAuthenticationEnabled() + { + return (Boolean)getAttribute(HTTPS_BASIC_AUTHENTICATION_ENABLED); + } + + public boolean isHttpBasicAuthenticationEnabled() + { + return (Boolean)getAttribute(HTTP_BASIC_AUTHENTICATION_ENABLED); + } + } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementFactory.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementFactory.java index 452d52d598..ccf5373234 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementFactory.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagementFactory.java @@ -18,37 +18,24 @@ */ package org.apache.qpid.server.management.plugin; -import org.apache.commons.configuration.ConfigurationException; -import org.apache.log4j.Logger; -import org.apache.qpid.server.configuration.ServerConfiguration; +import java.util.Map; +import java.util.UUID; + import org.apache.qpid.server.model.Broker; -import org.apache.qpid.server.plugin.ManagementFactory; +import org.apache.qpid.server.model.Plugin; +import org.apache.qpid.server.plugin.PluginFactory; -public class HttpManagementFactory implements ManagementFactory +public class HttpManagementFactory implements PluginFactory { - private static final Logger LOGGER = Logger.getLogger(HttpManagementFactory.class); @Override - public HttpManagement createInstance(ServerConfiguration configuration, Broker broker) + public Plugin createInstance(UUID id, Map<String, Object> attributes, Broker broker) { - - if (!configuration.getHTTPManagementEnabled() && !configuration.getHTTPSManagementEnabled()) + if (!HttpManagement.PLUGIN_TYPE.equals(attributes.get(PLUGIN_TYPE))) { - LOGGER.info("HttpManagement is disabled"); return null; } - try - { - return new HttpManagement( - broker, - configuration.getManagementKeyStorePath(), - configuration.getManagementKeyStorePassword(), - configuration.getHTTPManagementSessionTimeout()); - } - catch (ConfigurationException e) - { - throw new RuntimeException(e); - } + return new HttpManagement(id, broker, attributes); } } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java index 2d15b8a1d9..689bdb50d8 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java @@ -28,6 +28,8 @@ import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import javax.security.auth.Subject; +import javax.servlet.ServletConfig; +import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; @@ -40,9 +42,9 @@ import org.apache.qpid.server.logging.LogActor; import org.apache.qpid.server.logging.RootMessageLogger; import org.apache.qpid.server.logging.actors.CurrentActor; import org.apache.qpid.server.logging.actors.HttpManagementActor; +import org.apache.qpid.server.management.plugin.HttpManagement; import org.apache.qpid.server.management.plugin.session.LoginLogoutReporter; import org.apache.qpid.server.model.Broker; -import org.apache.qpid.server.registry.ApplicationRegistry; import org.apache.qpid.server.security.SecurityManager; import org.apache.qpid.server.security.SubjectCreator; import org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus; @@ -53,25 +55,38 @@ public abstract class AbstractServlet extends HttpServlet { private static final Logger LOGGER = Logger.getLogger(AbstractServlet.class); + /** + * Servlet context attribute holding a reference to a broker instance + */ + public static final String ATTR_BROKER = "Qpid.broker"; + + /** + * Servlet context attribute holding a reference to plugin configuration + */ + public static final String ATTR_MANAGEMENT = "Qpid.management"; + private static final String ATTR_LOGIN_LOGOUT_REPORTER = "AbstractServlet.loginLogoutReporter"; private static final String ATTR_SUBJECT = "AbstractServlet.subject"; private static final String ATTR_LOG_ACTOR = "AbstractServlet.logActor"; - private final Broker _broker; - + private Broker _broker; private RootMessageLogger _rootLogger; + private HttpManagement _httpManagement; protected AbstractServlet() { super(); - _broker = ApplicationRegistry.getInstance().getBroker(); - _rootLogger = ApplicationRegistry.getInstance().getRootMessageLogger(); } - protected AbstractServlet(Broker broker) + @Override + public void init() throws ServletException { - _broker = broker; - _rootLogger = ApplicationRegistry.getInstance().getRootMessageLogger(); + ServletConfig servletConfig = getServletConfig(); + ServletContext servletContext = servletConfig.getServletContext(); + _broker = (Broker)servletContext.getAttribute(ATTR_BROKER); + _rootLogger = _broker.getRootMessageLogger(); + _httpManagement = (HttpManagement)servletContext.getAttribute(ATTR_MANAGEMENT); + super.init(); } @Override @@ -263,7 +278,7 @@ public abstract class AbstractServlet extends HttpServlet return subject; } - SubjectCreator subjectCreator = ApplicationRegistry.getInstance().getSubjectCreator(getSocketAddress(request)); + SubjectCreator subjectCreator = getSubjectCreator(request); subject = authenticate(request, subjectCreator); if (subject != null) { @@ -293,7 +308,7 @@ public abstract class AbstractServlet extends HttpServlet @Override public Void run() throws Exception { - boolean allowed = ApplicationRegistry.getInstance().getSecurityManager().accessManagement(); + boolean allowed = getSecurityManager().accessManagement(); if (!allowed) { throw new AccessControlException("User is not authorised for management"); @@ -382,8 +397,8 @@ public abstract class AbstractServlet extends HttpServlet private boolean isBasicAuthSupported(HttpServletRequest req) { - return req.isSecure() ? ApplicationRegistry.getInstance().getConfiguration().getHTTPSManagementBasicAuth() - : ApplicationRegistry.getInstance().getConfiguration().getHTTPManagementBasicAuth(); + return req.isSecure() ? _httpManagement.isHttpsBasicAuthenticationEnabled() + : _httpManagement.isHttpBasicAuthenticationEnabled(); } private HttpManagementActor getLogActorAndCacheInSession(HttpServletRequest req) @@ -441,5 +456,18 @@ public abstract class AbstractServlet extends HttpServlet return new HttpManagementActor(_rootLogger, request.getRemoteAddr(), request.getRemotePort()); } + protected HttpManagement getManagement() + { + return _httpManagement; + } + protected SecurityManager getSecurityManager() + { + return _broker.getSecurityManager(); + } + + protected SubjectCreator getSubjectCreator(HttpServletRequest request) + { + return _broker.getSubjectCreator(getSocketAddress(request)); + } } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java index 04eda2a787..f2cf5d7734 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java @@ -26,8 +26,6 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.qpid.server.logging.LogRecorder; -import org.apache.qpid.server.model.Broker; -import org.apache.qpid.server.registry.ApplicationRegistry; import org.codehaus.jackson.map.ObjectMapper; import org.codehaus.jackson.map.SerializationConfig; @@ -35,12 +33,7 @@ public class LogRecordsServlet extends AbstractServlet { public LogRecordsServlet() { - super(ApplicationRegistry.getInstance().getBroker()); - } - - public LogRecordsServlet(Broker broker) - { - super(broker); + super(); } @Override @@ -53,10 +46,10 @@ public class LogRecordsServlet extends AbstractServlet response.setHeader("Pragma","no-cache"); response.setDateHeader ("Expires", 0); - ApplicationRegistry applicationRegistry = (ApplicationRegistry) ApplicationRegistry.getInstance(); List<Map<String,Object>> logRecords = new ArrayList<Map<String, Object>>(); - for(LogRecorder.Record record : applicationRegistry.getLogRecorder()) + LogRecorder logRecorder = getBroker().getLogRecorder(); + for(LogRecorder.Record record : logRecorder) { logRecords.add(logRecordToObject(record)); } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java index ae794472bf..d61c48bb2c 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java @@ -29,7 +29,6 @@ import javax.servlet.http.HttpServletResponse; import org.apache.qpid.server.message.MessageReference; import org.apache.qpid.server.message.ServerMessage; -import org.apache.qpid.server.model.Broker; import org.apache.qpid.server.model.Queue; import org.apache.qpid.server.model.VirtualHost; import org.apache.qpid.server.queue.QueueEntry; @@ -42,11 +41,6 @@ public class MessageContentServlet extends AbstractServlet super(); } - public MessageContentServlet(Broker broker) - { - super(broker); - } - @Override protected void doGetWithSubjectAndActor(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java index 4bbb43be70..49e0c2b1bf 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java @@ -34,13 +34,10 @@ import org.apache.log4j.Logger; import org.apache.qpid.server.message.AMQMessageHeader; import org.apache.qpid.server.message.MessageReference; import org.apache.qpid.server.message.ServerMessage; -import org.apache.qpid.server.model.Broker; import org.apache.qpid.server.model.Queue; import org.apache.qpid.server.model.VirtualHost; import org.apache.qpid.server.queue.QueueEntry; import org.apache.qpid.server.queue.QueueEntryVisitor; -import org.apache.qpid.server.registry.ApplicationRegistry; -import org.apache.qpid.server.registry.IApplicationRegistry; import org.apache.qpid.server.security.SecurityManager; import org.apache.qpid.server.security.access.Operation; import org.apache.qpid.server.subscription.Subscription; @@ -56,11 +53,6 @@ public class MessageServlet extends AbstractServlet super(); } - public MessageServlet(Broker broker) - { - super(broker); - } - @Override protected void doGetWithSubjectAndActor(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { @@ -422,7 +414,7 @@ public class MessageServlet extends AbstractServlet // FIXME: added temporary authorization check until we introduce management layer // and review current ACL rules to have common rules for all management interfaces String methodName = isMoveTransaction? "moveMessages":"copyMessages"; - if (isQueueUpdateMethodAuthorized(methodName, vhost.getName())) + if (isQueueUpdateMethodAuthorized(methodName, vhost)) { final Queue destinationQueue = getQueueFromVirtualHost(destQueueName, vhost); final List messageIds = new ArrayList((List) providedObject.get("messages")); @@ -466,7 +458,7 @@ public class MessageServlet extends AbstractServlet // FIXME: added temporary authorization check until we introduce management layer // and review current ACL rules to have common rules for all management interfaces - if (isQueueUpdateMethodAuthorized("deleteMessages", vhost.getName())) + if (isQueueUpdateMethodAuthorized("deleteMessages", vhost)) { vhost.executeTransaction(new DeleteTransaction(sourceQueue, messageIds)); response.setStatus(HttpServletResponse.SC_OK); @@ -478,25 +470,10 @@ public class MessageServlet extends AbstractServlet } - private boolean isQueueUpdateMethodAuthorized(String methodName, String virtualHost) + private boolean isQueueUpdateMethodAuthorized(String methodName, VirtualHost host) { - SecurityManager securityManager = getSecurityManager(virtualHost); + SecurityManager securityManager = host.getSecurityManager(); return securityManager.authoriseMethod(Operation.UPDATE, "VirtualHost.Queue", methodName); } - private SecurityManager getSecurityManager(String virtualHost) - { - IApplicationRegistry appRegistry = ApplicationRegistry.getInstance(); - SecurityManager security; - if (virtualHost == null) - { - security = appRegistry.getSecurityManager(); - } - else - { - security = appRegistry.getVirtualHostRegistry().getVirtualHost(virtualHost).getSecurityManager(); - } - return security; - } - } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java index 203fa66ff9..3fab26cde5 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java @@ -47,29 +47,29 @@ public class RestServlet extends AbstractServlet private Class<? extends ConfiguredObject>[] _hierarchy; - private volatile boolean initializationRequired = false; - private final ConfiguredObjectToMapConverter _objectConverter = new ConfiguredObjectToMapConverter(); + private final boolean _hierarchyInitializationRequired; public RestServlet() { super(); - initializationRequired = true; + _hierarchyInitializationRequired = true; } - public RestServlet(Broker broker, Class<? extends ConfiguredObject>... hierarchy) + public RestServlet(Class<? extends ConfiguredObject>... hierarchy) { - super(broker); + super(); _hierarchy = hierarchy; + _hierarchyInitializationRequired = false; } @Override public void init() throws ServletException { - if (initializationRequired) + super.init(); + if (_hierarchyInitializationRequired) { doInitialization(); - initializationRequired = false; } } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java index f8c8b52023..069132af1e 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java @@ -25,8 +25,7 @@ import org.codehaus.jackson.map.ObjectMapper; import org.codehaus.jackson.map.SerializationConfig; import org.apache.log4j.Logger; -import org.apache.qpid.server.model.Broker; -import org.apache.qpid.server.registry.ApplicationRegistry; +import org.apache.qpid.server.management.plugin.HttpManagement; import org.apache.qpid.server.security.SubjectCreator; import org.apache.qpid.server.security.auth.AuthenticatedPrincipal; @@ -48,6 +47,7 @@ import java.util.Random; public class SaslServlet extends AbstractServlet { + private static final Logger LOGGER = Logger.getLogger(SaslServlet.class); private static final SecureRandom SECURE_RANDOM = new SecureRandom(); @@ -57,17 +57,11 @@ public class SaslServlet extends AbstractServlet private static final String ATTR_EXPIRY = "SaslServlet.Expiry"; private static final long SASL_EXCHANGE_EXPIRY = 1000L; - public SaslServlet() { super(); } - public SaslServlet(Broker broker) - { - super(broker); - } - protected void doGetWithSubjectAndActor(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException @@ -82,7 +76,7 @@ public class SaslServlet extends AbstractServlet HttpSession session = request.getSession(); getRandom(session); - SubjectCreator subjectCreator = ApplicationRegistry.getInstance().getSubjectCreator(getSocketAddress(request)); + SubjectCreator subjectCreator = getSubjectCreator(request); String[] mechanisms = subjectCreator.getMechanisms().split(" "); Map<String, Object> outputObject = new LinkedHashMap<String, Object>(); @@ -140,7 +134,7 @@ public class SaslServlet extends AbstractServlet String id = request.getParameter("id"); String saslResponse = request.getParameter("response"); - SubjectCreator subjectCreator = ApplicationRegistry.getInstance().getSubjectCreator(getSocketAddress(request)); + SubjectCreator subjectCreator = getSubjectCreator(request); if(mechanism != null) { @@ -202,13 +196,14 @@ public class SaslServlet extends AbstractServlet private void checkSaslAuthEnabled(HttpServletRequest request) { boolean saslAuthEnabled; + HttpManagement management = getManagement(); if (request.isSecure()) { - saslAuthEnabled = ApplicationRegistry.getInstance().getConfiguration().getHTTPSManagementSaslAuthEnabled(); + saslAuthEnabled = management.isHttpsSaslAuthenticationEnabled(); } else { - saslAuthEnabled = ApplicationRegistry.getInstance().getConfiguration().getHTTPManagementSaslAuthEnabled(); + saslAuthEnabled = management.isHttpSaslAuthenticationEnabled(); } if (!saslAuthEnabled) diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java index 5f553beb26..40d3c02768 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java @@ -41,11 +41,6 @@ public class StructureServlet extends AbstractServlet super(); } - public StructureServlet(Broker broker) - { - super(broker); - } - @Override protected void doGetWithSubjectAndActor(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { diff --git a/qpid/java/broker-plugins/management-http/src/main/resources/META-INF/services/org.apache.qpid.server.plugin.ManagementFactory b/qpid/java/broker-plugins/management-http/src/main/resources/META-INF/services/org.apache.qpid.server.plugin.PluginFactory index 7ffb9a9013..7ffb9a9013 100644 --- a/qpid/java/broker-plugins/management-http/src/main/resources/META-INF/services/org.apache.qpid.server.plugin.ManagementFactory +++ b/qpid/java/broker-plugins/management-http/src/main/resources/META-INF/services/org.apache.qpid.server.plugin.PluginFactory diff --git a/qpid/java/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/HttpManagementFactoryTest.java b/qpid/java/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/HttpManagementFactoryTest.java index fedd9b88d8..bb4c46826c 100644 --- a/qpid/java/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/HttpManagementFactoryTest.java +++ b/qpid/java/broker-plugins/management-http/src/test/java/org/apache/qpid/server/management/plugin/HttpManagementFactoryTest.java @@ -19,64 +19,42 @@ package org.apache.qpid.server.management.plugin; import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; -import org.apache.qpid.server.configuration.ServerConfiguration; +import java.util.HashMap; +import java.util.Map; +import java.util.UUID; + import org.apache.qpid.server.model.Broker; +import org.apache.qpid.server.plugin.PluginFactory; import org.apache.qpid.test.utils.QpidTestCase; public class HttpManagementFactoryTest extends QpidTestCase { - private static final String KEY_STORE_PASSWORD = "keyStorePassword"; - private static final String KEY_STORE_PATH = "keyStorePath"; private static final int SESSION_TIMEOUT = 3600; - private HttpManagementFactory _managementFactory = new HttpManagementFactory(); - private ServerConfiguration _configuration = mock(ServerConfiguration.class); + private PluginFactory _pluginFactory = new HttpManagementFactory(); + private Map<String, Object> _attributes = new HashMap<String, Object>(); private Broker _broker = mock(Broker.class); + private UUID _id = UUID.randomUUID(); - public void testNoHttpManagementConfigured() throws Exception + public void testCreateInstanceReturnsNullWhenPluginTypeMissing() throws Exception { - ManagementPlugin management = _managementFactory.createInstance(_configuration, _broker); - assertNull(management); + assertNull(_pluginFactory.createInstance(_id, _attributes, _broker)); } - - public void testHttpTransportConfigured() throws Exception + public void testCreateInstanceReturnsNullWhenPluginTypeNotHttp() { - when(_configuration.getHTTPManagementEnabled()).thenReturn(true); - when(_configuration.getHTTPSManagementEnabled()).thenReturn(false); - - when(_configuration.getManagementKeyStorePassword()).thenReturn(null); - when(_configuration.getManagementKeyStorePath()).thenReturn(null); - - when(_configuration.getHTTPManagementSessionTimeout()).thenReturn(SESSION_TIMEOUT); - - HttpManagement management = _managementFactory.createInstance(_configuration, _broker); - - assertNotNull(management); - assertEquals(_broker, management.getBroker()); - assertNull(management.getKeyStorePassword()); - assertNull(management.getKeyStorePath()); - assertEquals(SESSION_TIMEOUT, management.getSessionTimeout()); - + _attributes.put(PluginFactory.PLUGIN_TYPE, "notHttp"); + assertNull(_pluginFactory.createInstance(_id, _attributes, _broker)); } - public void testHttpsTransportConfigured() throws Exception + public void testCreateInstance() throws Exception { - when(_configuration.getHTTPManagementEnabled()).thenReturn(false); - when(_configuration.getHTTPSManagementEnabled()).thenReturn(true); - - when(_configuration.getManagementKeyStorePassword()).thenReturn(KEY_STORE_PASSWORD); - when(_configuration.getManagementKeyStorePath()).thenReturn(KEY_STORE_PATH); - - when(_configuration.getHTTPManagementSessionTimeout()).thenReturn(SESSION_TIMEOUT); + _attributes.put(PluginFactory.PLUGIN_TYPE, HttpManagement.PLUGIN_TYPE); + _attributes.put(HttpManagement.TIME_OUT, SESSION_TIMEOUT); - HttpManagement management = _managementFactory.createInstance(_configuration, _broker); + HttpManagement management = (HttpManagement) _pluginFactory.createInstance(_id, _attributes, _broker); - assertNotNull(management); assertEquals(_broker, management.getBroker()); - assertEquals(KEY_STORE_PASSWORD, management.getKeyStorePassword()); - assertEquals(KEY_STORE_PATH, management.getKeyStorePath()); assertEquals(SESSION_TIMEOUT, management.getSessionTimeout()); } |