diff options
| author | Alex Rudyy <orudyy@apache.org> | 2013-03-11 18:29:45 +0000 |
|---|---|---|
| committer | Alex Rudyy <orudyy@apache.org> | 2013-03-11 18:29:45 +0000 |
| commit | 66de8678fb2ab2af8dc5b6d653402b1efd70779b (patch) | |
| tree | 11e91fd6e6305e3b008d87bccbd81d1d8e29a15c /qpid/java/broker | |
| parent | 8f8a9146dbb5a7116ecd24c1003bd200623a7e03 (diff) | |
| download | qpid-python-66de8678fb2ab2af8dc5b6d653402b1efd70779b.tar.gz | |
QPID-4638: Add UI to add/delete/update authentication providers into java broker web management console
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1455273 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java/broker')
18 files changed, 403 insertions, 73 deletions
diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/AuthenticationProvider.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/AuthenticationProvider.java index c7d3aa76af..2e5c3a0cc7 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/AuthenticationProvider.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/AuthenticationProvider.java @@ -39,8 +39,8 @@ public interface AuthenticationProvider extends ConfiguredObject public static final String TIME_TO_LIVE = "timeToLive"; public static final String CREATED = "created"; public static final String UPDATED = "updated"; - public static final String CATEGORY = "category"; - public static final String TYPE = "authenticationProviderType"; + + public static final String TYPE = "type"; public static final Collection<String> AVAILABLE_ATTRIBUTES = Collections.unmodifiableList( @@ -53,8 +53,8 @@ public interface AuthenticationProvider extends ConfiguredObject TIME_TO_LIVE, CREATED, UPDATED, - CATEGORY, - TYPE)); + TYPE + )); //children Collection<VirtualHostAlias> getVirtualHostPortBindings(); diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Broker.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Broker.java index fbecf1965b..c2b8b9886f 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Broker.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Broker.java @@ -44,6 +44,7 @@ public interface Broker extends ConfiguredObject String PROCESS_PID = "processPid"; String PRODUCT_VERSION = "productVersion"; String SUPPORTED_STORE_TYPES = "supportedStoreTypes"; + String SUPPORTED_AUTHENTICATION_PROVIDERS = "supportedAuthenticationProviders"; String CREATED = "created"; String DURABLE = "durable"; String ID = "id"; @@ -103,6 +104,7 @@ public interface Broker extends ConfiguredObject PROCESS_PID, PRODUCT_VERSION, SUPPORTED_STORE_TYPES, + SUPPORTED_AUTHENTICATION_PROVIDERS, CREATED, DURABLE, ID, diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java index afab8a4900..d77b58458a 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java @@ -69,14 +69,16 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana private GroupPrincipalAccessor _groupAccessor; - protected String _category; + protected Collection<String> _supportedAttributes; + Map<String, AuthenticationManagerFactory> _factories; - private AuthenticationProviderAdapter(UUID id, Broker broker, final T authManager, Map<String, Object> attributes) + private AuthenticationProviderAdapter(UUID id, Broker broker, final T authManager, Map<String, Object> attributes, Collection<String> attributeNames) { super(id, null, attributes, broker.getTaskExecutor()); _authManager = authManager; _broker = broker; - _category = authManager instanceof PrincipalDatabaseAuthenticationManager? PrincipalDatabaseAuthenticationManager.class.getSimpleName() : AuthenticationManager.class.getSimpleName() ; + _supportedAttributes = createSupportedAttributes(attributeNames); + _factories = getAuthenticationManagerFactories(); addParent(Broker.class, broker); } @@ -156,17 +158,13 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana @Override public Collection<String> getAttributeNames() { - return AuthenticationProvider.AVAILABLE_ATTRIBUTES; + return _supportedAttributes; } @Override public Object getAttribute(String name) { - if(CATEGORY.equals(name)) - { - return _category; - } - else if(CREATED.equals(name)) + if(CREATED.equals(name)) { // TODO } @@ -224,7 +222,6 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana throw new IntegrityViolationException("Authentication provider '" + providerName + "' is set on port " + port.getName()); } } - return true; } else if(desiredState == State.ACTIVE) @@ -255,28 +252,74 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana _groupAccessor = groupAccessor; } - public AuthenticationManager createAuthenticationManager(Map<String, Object> attributes) + @Override + protected void changeAttributes(Map<String, Object> attributes) + { + AuthenticationManager manager = validateAttributes(attributes); + manager.initialise(); + _authManager = (T)manager; + String type = (String)attributes.get(AuthenticationManagerFactory.ATTRIBUTE_TYPE); + AuthenticationManagerFactory managerFactory = _factories.get(type); + _supportedAttributes = createSupportedAttributes(managerFactory.getAttributeNames()); + super.changeAttributes(attributes); + } + + private Map<String, AuthenticationManagerFactory> getAuthenticationManagerFactories() { QpidServiceLoader<AuthenticationManagerFactory> loader = new QpidServiceLoader<AuthenticationManagerFactory>(); Iterable<AuthenticationManagerFactory> factories = loader.atLeastOneInstanceOf(AuthenticationManagerFactory.class); + Map<String, AuthenticationManagerFactory> factoryMap = new HashMap<String, AuthenticationManagerFactory>(); for (AuthenticationManagerFactory factory : factories) { - AuthenticationManager manager = factory.createInstance(attributes); - if (manager != null) - { - return manager; - } + factoryMap.put(factory.getType(), factory); } - return null; + return factoryMap; + } + + protected Collection<String> createSupportedAttributes(Collection<String> factoryAttributes) + { + List<String> attributesNames = new ArrayList<String>(AVAILABLE_ATTRIBUTES); + if (factoryAttributes != null) + { + attributesNames.addAll(factoryAttributes); + } + return Collections.unmodifiableCollection(attributesNames); + } + + protected AuthenticationManager validateAttributes(Map<String, Object> attributes) + { + String newName = (String)attributes.get(NAME); + String currentName = getName(); + if (!currentName.equals(newName)) + { + throw new IllegalConfigurationException("Changing the name of authentication provider is not supported"); + } + String newType = (String)attributes.get(AuthenticationManagerFactory.ATTRIBUTE_TYPE); + String currentType = (String)getAttribute(AuthenticationManagerFactory.ATTRIBUTE_TYPE); + if (!currentType.equals(newType)) + { + throw new IllegalConfigurationException("Changing the type of authentication provider is not supported"); + } + AuthenticationManagerFactory managerFactory = _factories.get(newType); + if (managerFactory == null) + { + throw new IllegalConfigurationException("Cannot find authentication provider factory for type " + newType); + } + AuthenticationManager manager = managerFactory.createInstance(attributes); + if (manager == null) + { + throw new IllegalConfigurationException("Cannot change authentication provider " + newName + " of type " + newType + " with the given attributes"); + } + return manager; } public static class SimpleAuthenticationProviderAdapter extends AuthenticationProviderAdapter<AuthenticationManager> { public SimpleAuthenticationProviderAdapter( - UUID id, Broker broker, AuthenticationManager authManager, Map<String, Object> attributes) + UUID id, Broker broker, AuthenticationManager authManager, Map<String, Object> attributes, Collection<String> attributeNames) { - super(id, broker,authManager, attributes); + super(id, broker,authManager, attributes, attributeNames); } @Override @@ -287,21 +330,7 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana throw new UnsupportedOperationException(); } - @Override - protected void changeAttributes(Map<String, Object> attributes) - { - AuthenticationManager manager = createAuthenticationManager(attributes); - if (manager == null) - { - throw new IllegalConfigurationException("Cannot create authentication manager from " + attributes); - } - if (manager instanceof PrincipalDatabaseAuthenticationManager) - { - throw new IllegalConfigurationException("Cannot change the category of the authentication provider"); - } - _authManager = manager; - super.changeAttributes(attributes); - } + } @@ -310,9 +339,9 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana implements PasswordCredentialManagingAuthenticationProvider { public PrincipalDatabaseAuthenticationManagerAdapter( - UUID id, Broker broker, PrincipalDatabaseAuthenticationManager authManager, Map<String, Object> attributes) + UUID id, Broker broker, PrincipalDatabaseAuthenticationManager authManager, Map<String, Object> attributes, Collection<String> attributeNames) { - super(id, broker, authManager, attributes); + super(id, broker, authManager, attributes, attributeNames); } @Override @@ -333,7 +362,6 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana { if(getSecurityManager().authoriseUserOperation(Operation.DELETE, username)) { - getPrincipalDatabase().deletePrincipal(new UsernamePrincipal(username)); } else @@ -431,19 +459,15 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana } @Override - protected void changeAttributes(Map<String, Object> attributes) + protected void childAdded(ConfiguredObject child) { - AuthenticationManager manager = createAuthenticationManager(attributes); - if (manager == null) - { - throw new IllegalConfigurationException("Cannot create authentication manager from " + attributes); - } - if (!(manager instanceof PrincipalDatabaseAuthenticationManager)) - { - throw new IllegalConfigurationException("Cannot change the category of the authentication provider"); - } - _authManager = (PrincipalDatabaseAuthenticationManager)manager; - super.changeAttributes(attributes); + // no-op, prevent storing users in the broker store + } + + @Override + protected void childRemoved(ConfiguredObject child) + { + // no-op, as per above, users are not in the store } private class PrincipalAdapter extends AbstractAdapter implements User diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderFactory.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderFactory.java index e5108ebbcf..721282fb9c 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderFactory.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderFactory.java @@ -20,6 +20,10 @@ */ package org.apache.qpid.server.model.adapter; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.List; import java.util.Map; import java.util.UUID; @@ -36,10 +40,17 @@ import org.apache.qpid.server.model.adapter.AuthenticationProviderAdapter.Simple public class AuthenticationProviderFactory { private final Iterable<AuthenticationManagerFactory> _factories; + private Collection<String> _supportedAuthenticationProviders; public AuthenticationProviderFactory(QpidServiceLoader<AuthenticationManagerFactory> authManagerFactoryServiceLoader) { _factories = authManagerFactoryServiceLoader.atLeastOneInstanceOf(AuthenticationManagerFactory.class); + List<String> supportedAuthenticationProviders = new ArrayList<String>(); + for (AuthenticationManagerFactory factory : _factories) + { + supportedAuthenticationProviders.add(factory.getType()); + } + _supportedAuthenticationProviders = Collections.unmodifiableCollection(supportedAuthenticationProviders); } /** @@ -60,11 +71,11 @@ public class AuthenticationProviderFactory if (manager instanceof PrincipalDatabaseAuthenticationManager) { authenticationProvider = new PrincipalDatabaseAuthenticationManagerAdapter(id, broker, - (PrincipalDatabaseAuthenticationManager) manager, attributes); + (PrincipalDatabaseAuthenticationManager) manager, attributes, factory.getAttributeNames()); } else { - authenticationProvider = new SimpleAuthenticationProviderAdapter(id, broker, manager, attributes); + authenticationProvider = new SimpleAuthenticationProviderAdapter(id, broker, manager, attributes, factory.getAttributeNames()); } authenticationProvider.setGroupAccessor(groupPrincipalAccessor); return authenticationProvider; @@ -74,4 +85,8 @@ public class AuthenticationProviderFactory throw new IllegalArgumentException("No authentication provider factory found for configuration attributes " + attributes); } + public Collection<String> getSupportedAuthenticationProviders() + { + return _supportedAuthenticationProviders; + } } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java index 4008b419de..6b7cf98c8a 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java @@ -55,6 +55,8 @@ import org.apache.qpid.server.model.TrustStore; import org.apache.qpid.server.model.UUIDGenerator; import org.apache.qpid.server.model.VirtualHost; import org.apache.qpid.server.configuration.updater.TaskExecutor; +import org.apache.qpid.server.security.auth.manager.Base64MD5PasswordFileAuthenticationManagerFactory; +import org.apache.qpid.server.security.auth.manager.PlainPasswordFileAuthenticationManagerFactory; import org.apache.qpid.server.security.group.FileGroupManager; import org.apache.qpid.server.security.group.GroupManager; import org.apache.qpid.server.security.group.GroupPrincipalAccessor; @@ -152,7 +154,7 @@ public class BrokerAdapter extends AbstractAdapter implements Broker, Configurat private final Map<String, VirtualHost> _vhostAdapters = new HashMap<String, VirtualHost>(); private final Map<Integer, Port> _portAdapters = new HashMap<Integer, Port>(); - private final Map<String, AuthenticationProvider> _authenticationProviders = new HashMap<String, AuthenticationProvider>(); + private final Map<UUID, AuthenticationProvider> _authenticationProviders = new HashMap<UUID, AuthenticationProvider>(); private final Map<String, GroupProvider> _groupProviders = new HashMap<String, GroupProvider>(); private final Map<UUID, ConfiguredObject> _plugins = new HashMap<UUID, ConfiguredObject>(); private final Map<UUID, KeyStore> _keyStores = new HashMap<UUID, KeyStore>(); @@ -456,11 +458,46 @@ public class BrokerAdapter extends AbstractAdapter implements Broker, Configurat private AuthenticationProvider createAuthenticationProvider(Map<String, Object> attributes) { - // it's cheap to create the groupPrincipalAccessor on the fly - GroupPrincipalAccessor groupPrincipalAccessor = new GroupPrincipalAccessor(_groupProviders.values()); + String type = (String)attributes.get(AuthenticationProvider.TYPE); + if (type == null) + { + throw new IllegalConfigurationException("Authentication provider type is not specified"); + } + + AuthenticationProvider authenticationProvider = null; + synchronized (_authenticationProviders) + { + // a temporary restriction to prevent creation of several instances + // of PlainPasswordFileAuthenticationProvider/Base64MD5PasswordFileAuthenticationProvider + // due to current limitation of JMX management which cannot cope + // with several user management MBeans as MBEan type is used as a name. + + // TODO: Remove this check after fixing the JMX management + if (type.equals(PlainPasswordFileAuthenticationManagerFactory.PROVIDER_TYPE) + || type.equals(Base64MD5PasswordFileAuthenticationManagerFactory.PROVIDER_TYPE)) + { + + for (AuthenticationProvider provider : _authenticationProviders.values()) + { + String providerType = (String) provider.getAttribute(AuthenticationProvider.TYPE); + if (providerType.equals(PlainPasswordFileAuthenticationManagerFactory.PROVIDER_TYPE) + || providerType.equals(Base64MD5PasswordFileAuthenticationManagerFactory.PROVIDER_TYPE)) + { + throw new IllegalConfigurationException("Authentication provider managing users alredy exists [" + + provider.getName() + "]. Only one instance is allowed."); + } + } + + } - AuthenticationProvider authenticationProvider = _authenticationProviderFactory.create(UUID.randomUUID(), this, attributes, groupPrincipalAccessor); - addAuthenticationProvider(authenticationProvider); + // it's cheap to create the groupPrincipalAccessor on the fly + GroupPrincipalAccessor groupPrincipalAccessor = new GroupPrincipalAccessor(_groupProviders.values()); + + authenticationProvider = _authenticationProviderFactory.create(UUID.randomUUID(), this, attributes, + groupPrincipalAccessor); + addAuthenticationProvider(authenticationProvider); + } + authenticationProvider.setDesiredState(State.INITIALISING, State.ACTIVE); return authenticationProvider; } @@ -472,11 +509,18 @@ public class BrokerAdapter extends AbstractAdapter implements Broker, Configurat String name = authenticationProvider.getName(); synchronized (_authenticationProviders) { - if(_authenticationProviders.containsKey(name)) + if (_authenticationProviders.containsKey(authenticationProvider.getId())) { - throw new IllegalConfigurationException("Cannot add AuthenticationProvider because one with name " + name + " already exists"); + throw new IllegalConfigurationException("Cannot add AuthenticationProvider because one with id " + authenticationProvider.getId() + " already exists"); } - _authenticationProviders.put(name, authenticationProvider); + for (AuthenticationProvider provider : _authenticationProviders.values()) + { + if (provider.getName().equals(name)) + { + throw new IllegalConfigurationException("Cannot add AuthenticationProvider because one with name " + name + " already exists"); + } + } + _authenticationProviders.put(authenticationProvider.getId(), authenticationProvider); } authenticationProvider.addChangeListener(this); } @@ -604,6 +648,10 @@ public class BrokerAdapter extends AbstractAdapter implements Broker, Configurat { // TODO } + else if(SUPPORTED_AUTHENTICATION_PROVIDERS.equals(name)) + { + return _authenticationProviderFactory.getSupportedAuthenticationProviders(); + } else if (DEFAULT_AUTHENTICATION_PROVIDER.equals(name)) { return _defaultAuthenticationProvider == null ? null : _defaultAuthenticationProvider.getName(); @@ -634,7 +682,7 @@ public class BrokerAdapter extends AbstractAdapter implements Broker, Configurat AuthenticationProvider removedAuthenticationProvider = null; synchronized (_authenticationProviders) { - removedAuthenticationProvider = _authenticationProviders.remove(authenticationProvider.getName()); + removedAuthenticationProvider = _authenticationProviders.remove(authenticationProvider.getId()); } return removedAuthenticationProvider != null; } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/plugin/AuthenticationManagerFactory.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/plugin/AuthenticationManagerFactory.java index 95e6b4feb0..9a2a3c9d3b 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/plugin/AuthenticationManagerFactory.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/plugin/AuthenticationManagerFactory.java @@ -18,14 +18,41 @@ */ package org.apache.qpid.server.plugin; +import java.util.Collection; import java.util.Map; +import org.apache.qpid.server.model.AuthenticationProvider; import org.apache.qpid.server.security.auth.manager.AuthenticationManager; - public interface AuthenticationManagerFactory { - public static final String ATTRIBUTE_TYPE = "authenticationProviderType"; + public static final String ATTRIBUTE_TYPE = AuthenticationProvider.TYPE; + + /** + * Returns the authentication provider type + * @return authentication provider type + */ + String getType(); + /** + * Creates authentication manager from the provided attributes + * + * @param attributes + * attributes to create authentication manager + * @return authentication manager instance + */ AuthenticationManager createInstance(Map<String, Object> attributes); + + /** + * Get the names of attributes the authentication manager which can be passed into {@link #createInstance(Map)} to create the + * authentication manager + * + * @return the collection of attribute names + */ + Collection<String> getAttributeNames(); + + /** + * @return returns human readable descriptions for the attributes + */ + Map<String, String> getAttributeDescriptions(); } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractPrincipalDatabaseAuthManagerFactory.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractPrincipalDatabaseAuthManagerFactory.java index ff21d63c87..2cf8c4619a 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractPrincipalDatabaseAuthManagerFactory.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractPrincipalDatabaseAuthManagerFactory.java @@ -20,6 +20,9 @@ package org.apache.qpid.server.security.auth.manager; import java.io.IOException; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; import java.util.Map; import org.apache.log4j.Logger; @@ -33,10 +36,16 @@ import org.apache.qpid.server.security.auth.database.PrincipalDatabase; */ public abstract class AbstractPrincipalDatabaseAuthManagerFactory implements AuthenticationManagerFactory { + public static final String RESOURCE_BUNDLE = "org.apache.qpid.server.security.auth.manager.PasswordFileAuthenticationProviderAttributeDescriptions"; public static final String ATTRIBUTE_PATH = "path"; private static final Logger LOGGER = Logger.getLogger(AbstractPrincipalDatabaseAuthManagerFactory.class); + public static final Collection<String> ATTRIBUTES = Collections.unmodifiableList(Arrays.asList( + ATTRIBUTE_TYPE, + ATTRIBUTE_PATH)); + + @Override public AuthenticationManager createInstance(Map<String, Object> attributes) { @@ -65,7 +74,11 @@ public abstract class AbstractPrincipalDatabaseAuthManagerFactory implements Aut return new PrincipalDatabaseAuthenticationManager(principalDatabase); } - abstract String getType(); - abstract PrincipalDatabase createPrincipalDatabase(); + + @Override + public Collection<String> getAttributeNames() + { + return ATTRIBUTES; + } } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AnonymousAuthenticationManagerFactory.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AnonymousAuthenticationManagerFactory.java index 1b1995500c..0c6aa75636 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AnonymousAuthenticationManagerFactory.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AnonymousAuthenticationManagerFactory.java @@ -19,6 +19,8 @@ */ package org.apache.qpid.server.security.auth.manager; +import java.util.Collection; +import java.util.Collections; import java.util.Map; import org.apache.qpid.server.plugin.AuthenticationManagerFactory; @@ -37,4 +39,21 @@ public class AnonymousAuthenticationManagerFactory implements AuthenticationMana return null; } + @Override + public Collection<String> getAttributeNames() + { + return Collections.<String>singletonList(ATTRIBUTE_TYPE); + } + + @Override + public String getType() + { + return PROVIDER_TYPE; + } + + @Override + public Map<String, String> getAttributeDescriptions() + { + return null; + } } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/Base64MD5PasswordFileAuthenticationManagerFactory.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/Base64MD5PasswordFileAuthenticationManagerFactory.java index c61567ef77..c0c0b8e3c1 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/Base64MD5PasswordFileAuthenticationManagerFactory.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/Base64MD5PasswordFileAuthenticationManagerFactory.java @@ -20,15 +20,18 @@ */ package org.apache.qpid.server.security.auth.manager; +import java.util.Map; + import org.apache.qpid.server.security.auth.database.Base64MD5PasswordFilePrincipalDatabase; import org.apache.qpid.server.security.auth.database.PrincipalDatabase; +import org.apache.qpid.server.util.ResourceBundleLoader; public class Base64MD5PasswordFileAuthenticationManagerFactory extends AbstractPrincipalDatabaseAuthManagerFactory { public static final String PROVIDER_TYPE = "Base64MD5PasswordFileAuthenticationProvider"; @Override - String getType() + public String getType() { return PROVIDER_TYPE; } @@ -39,4 +42,10 @@ public class Base64MD5PasswordFileAuthenticationManagerFactory extends AbstractP return new Base64MD5PasswordFilePrincipalDatabase(); } + @Override + public Map<String, String> getAttributeDescriptions() + { + return ResourceBundleLoader.getResources(RESOURCE_BUNDLE); + } + } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManagerFactory.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManagerFactory.java index 3c3628e9db..29cfb2ad29 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManagerFactory.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManagerFactory.java @@ -19,6 +19,8 @@ */ package org.apache.qpid.server.security.auth.manager; +import java.util.Collection; +import java.util.Collections; import java.util.Map; import org.apache.qpid.server.plugin.AuthenticationManagerFactory; @@ -37,4 +39,22 @@ public class ExternalAuthenticationManagerFactory implements AuthenticationManag return null; } + @Override + public Collection<String> getAttributeNames() + { + return Collections.<String>singletonList(ATTRIBUTE_TYPE); + } + + @Override + public String getType() + { + return PROVIDER_TYPE; + } + + @Override + public Map<String, String> getAttributeDescriptions() + { + return null; + } + } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerFactory.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerFactory.java index 7af6727280..e60f37a18e 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerFactory.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerFactory.java @@ -19,6 +19,8 @@ */ package org.apache.qpid.server.security.auth.manager; +import java.util.Collection; +import java.util.Collections; import java.util.Map; import org.apache.qpid.server.plugin.AuthenticationManagerFactory; @@ -36,4 +38,22 @@ public class KerberosAuthenticationManagerFactory implements AuthenticationManag } return null; } + + @Override + public Collection<String> getAttributeNames() + { + return Collections.<String>singletonList(ATTRIBUTE_TYPE); + } + + @Override + public String getType() + { + return PROVIDER_TYPE; + } + + @Override + public Map<String, String> getAttributeDescriptions() + { + return null; + } } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PasswordFileAuthenticationProviderAttributeDescriptions.properties b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PasswordFileAuthenticationProviderAttributeDescriptions.properties new file mode 100644 index 0000000000..e847e90f57 --- /dev/null +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PasswordFileAuthenticationProviderAttributeDescriptions.properties @@ -0,0 +1,19 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +path=File location*
\ No newline at end of file diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PlainPasswordFileAuthenticationManagerFactory.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PlainPasswordFileAuthenticationManagerFactory.java index 43b92735f1..c08b00f907 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PlainPasswordFileAuthenticationManagerFactory.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/PlainPasswordFileAuthenticationManagerFactory.java @@ -20,15 +20,18 @@ */ package org.apache.qpid.server.security.auth.manager; +import java.util.Map; + import org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase; import org.apache.qpid.server.security.auth.database.PrincipalDatabase; +import org.apache.qpid.server.util.ResourceBundleLoader; public class PlainPasswordFileAuthenticationManagerFactory extends AbstractPrincipalDatabaseAuthManagerFactory { public static final String PROVIDER_TYPE = "PlainPasswordFileAuthenticationProvider"; @Override - String getType() + public String getType() { return PROVIDER_TYPE; } @@ -39,4 +42,9 @@ public class PlainPasswordFileAuthenticationManagerFactory extends AbstractPrinc return new PlainPasswordFilePrincipalDatabase(); } + @Override + public Map<String, String> getAttributeDescriptions() + { + return ResourceBundleLoader.getResources(AbstractPrincipalDatabaseAuthManagerFactory.RESOURCE_BUNDLE); + } } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManagerFactory.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManagerFactory.java index 05a692fb0e..ff468dc56a 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManagerFactory.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManagerFactory.java @@ -19,12 +19,17 @@ */ package org.apache.qpid.server.security.auth.manager; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; import java.util.Map; import org.apache.qpid.server.plugin.AuthenticationManagerFactory; +import org.apache.qpid.server.util.ResourceBundleLoader; public class SimpleLDAPAuthenticationManagerFactory implements AuthenticationManagerFactory { + public static final String RESOURCE_BUNDLE = "org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationProviderAttributeDescriptions"; private static final String DEFAULT_LDAP_CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory"; public static final String PROVIDER_TYPE = SimpleLDAPAuthenticationManager.class.getSimpleName(); @@ -36,6 +41,15 @@ public class SimpleLDAPAuthenticationManagerFactory implements AuthenticationMan public static final String ATTRIBUTE_PROVIDER_SEARCH_URL = "providerSearchUrl"; public static final String ATTRIBUTE_PROVIDER_URL = "providerUrl"; + public static final Collection<String> ATTRIBUTES = Collections.<String> unmodifiableList(Arrays.asList( + ATTRIBUTE_TYPE, + ATTRIBUTE_LDAP_CONTEXT_FACTORY, + ATTRIBUTE_SEARCH_FILTER, + ATTRIBUTE_SEARCH_CONTEXT, + ATTRIBUTE_PROVIDER_AUTH_URL, + ATTRIBUTE_PROVIDER_SEARCH_URL, + ATTRIBUTE_PROVIDER_URL)); + @Override public AuthenticationManager createInstance(Map<String, Object> attributes) { @@ -66,4 +80,21 @@ public class SimpleLDAPAuthenticationManagerFactory implements AuthenticationMan ldapContextFactory); } + @Override + public Collection<String> getAttributeNames() + { + return ATTRIBUTES; + } + + @Override + public String getType() + { + return PROVIDER_TYPE; + } + + @Override + public Map<String, String> getAttributeDescriptions() + { + return ResourceBundleLoader.getResources(RESOURCE_BUNDLE); + } } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationProviderAttributeDescriptions.properties b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationProviderAttributeDescriptions.properties new file mode 100644 index 0000000000..1fadfcf758 --- /dev/null +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationProviderAttributeDescriptions.properties @@ -0,0 +1,24 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +ldapContextFactory= LDAP context factory +searchFilter=Search filter* +searchContext=Search context* +providerAuthUrl=LDAP authentication URL +providerSearchUrl=LDAP search URL +providerUrl=LDAP server URL*
\ No newline at end of file diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/util/ResourceBundleLoader.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/util/ResourceBundleLoader.java new file mode 100644 index 0000000000..a0ed4e27f4 --- /dev/null +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/util/ResourceBundleLoader.java @@ -0,0 +1,49 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.qpid.server.util; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Map; +import java.util.MissingResourceException; +import java.util.ResourceBundle; + +public class ResourceBundleLoader +{ + public static Map<String, String> getResources(String baseName) + { + try + { + ResourceBundle bundle = ResourceBundle.getBundle(baseName); + Map<String, String> resources = new HashMap<String, String>(); + Enumeration<String> en = bundle.getKeys(); + while (en.hasMoreElements()) + { + String key = (String) en.nextElement(); + resources.put(key, bundle.getString(key)); + } + return resources; + } + catch(MissingResourceException e) + { + return null; + } + } +} diff --git a/qpid/java/broker/src/main/resources/initial-store.json b/qpid/java/broker/src/main/resources/initial-store.json index a80ad95bd4..8e278120fc 100644 --- a/qpid/java/broker/src/main/resources/initial-store.json +++ b/qpid/java/broker/src/main/resources/initial-store.json @@ -20,11 +20,11 @@ */ { "name": "QpidBroker", - "defaultAuthenticationProvider" : "defaultAuthenticationProvider", + "defaultAuthenticationProvider" : "passwordFile", "defaultVirtualHost" : "default", "authenticationproviders" : [ { - "name" : "defaultAuthenticationProvider", - "authenticationProviderType" : "PlainPasswordFileAuthenticationProvider", + "name" : "passwordFile", + "type" : "PlainPasswordFileAuthenticationProvider", "path" : "${QPID_HOME}/etc/passwd" } ], "ports" : [ { diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/BrokerRecovererTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/BrokerRecovererTest.java index c1ebe26f52..883f88cc36 100644 --- a/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/BrokerRecovererTest.java +++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/BrokerRecovererTest.java @@ -66,6 +66,7 @@ public class BrokerRecovererTest extends TestCase private Map<String, Collection<ConfigurationEntry>> _brokerEntryChildren = new HashMap<String, Collection<ConfigurationEntry>>(); private ConfigurationEntry _authenticationProviderEntry1; private AuthenticationProvider _authenticationProvider1; + private UUID _authenticationProvider1Id = UUID.randomUUID(); @Override protected void setUp() throws Exception @@ -80,6 +81,7 @@ public class BrokerRecovererTest extends TestCase //Add a base AuthenticationProvider for all tests _authenticationProvider1 = mock(AuthenticationProvider.class); when(_authenticationProvider1.getName()).thenReturn("authenticationProvider1"); + when(_authenticationProvider1.getId()).thenReturn(_authenticationProvider1Id); _authenticationProviderEntry1 = mock(ConfigurationEntry.class); _brokerEntryChildren.put(AuthenticationProvider.class.getSimpleName(), Arrays.asList(_authenticationProviderEntry1)); } |