QPID-4705: Restrict access to web management interfaces to authenticated and authorised users only

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1465590 13f79535-47bb-0310-9956-ffa450edef68

2 files changed, 7 insertions, 0 deletions

diff --git a/qpid/java/broker/etc/md5passwd b/qpid/java/broker/etc/md5passwd
index 59354a21f5..f7185c0e92 100644
--- a/qpid/java/broker/etc/md5passwd
+++ b/qpid/java/broker/etc/md5passwd
@@ -20,3 +20,4 @@ guest:CE4DQ6BIb/BVMN9scFyLtA==
 client:CE4DQ6BIb/BVMN9scFyLtA==

 server:CE4DQ6BIb/BVMN9scFyLtA==

 admin:ISMvKXpXpadDiUoOSoAfww==

+webadmin:rda7WOE5vhAzJNBNgtj1RQ==

diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/SubjectCreator.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/SubjectCreator.java
index 213f19dc5c..244ab0dd94 100644
--- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/SubjectCreator.java
+++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/SubjectCreator.java
@@ -35,6 +35,7 @@ import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
 import org.apache.qpid.server.security.auth.AuthenticationResult;
 import org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus;
 import org.apache.qpid.server.security.auth.SubjectAuthenticationResult;
+import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManager;
 import org.apache.qpid.server.security.auth.manager.AuthenticationManager;
 
 /**
@@ -153,4 +154,9 @@ public class SubjectCreator
 
         return Collections.unmodifiableSet(principals);
     }
+
+    public boolean isAnonymousAuthenticationAllowed()
+    {
+        return _authenticationManager instanceof AnonymousAuthenticationManager;
+    }
 }