diff options
| author | Robert Godfrey <rgodfrey@apache.org> | 2014-02-13 19:41:22 +0000 |
|---|---|---|
| committer | Robert Godfrey <rgodfrey@apache.org> | 2014-02-13 19:41:22 +0000 |
| commit | 08b64b592cb844cbd746b33e5f17c94b2158a115 (patch) | |
| tree | a46a4a554c3b04bb9109f02a203df370ac5ee6f6 /qpid/java | |
| parent | e800236056d84261ca34a849d8767405724de298 (diff) | |
| download | qpid-python-08b64b592cb844cbd746b33e5f17c94b2158a115.tar.gz | |
QPID-5551 : replace AMQSecurityException with QpidSecurityException in the broker
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1568015 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java')
55 files changed, 568 insertions, 249 deletions
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/AbstractExchange.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/AbstractExchange.java index 600c60bdb3..07fb554638 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/AbstractExchange.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/AbstractExchange.java @@ -24,7 +24,7 @@ import java.util.ArrayList; import org.apache.log4j.Logger; import org.apache.qpid.AMQException; import org.apache.qpid.AMQInternalException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.binding.Binding; import org.apache.qpid.server.consumer.Consumer; import org.apache.qpid.server.logging.LogSubject; @@ -41,7 +41,6 @@ import org.apache.qpid.server.model.UUIDGenerator; import org.apache.qpid.server.plugin.ExchangeType; import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.queue.BaseQueue; -import org.apache.qpid.server.queue.QueueEntry; import org.apache.qpid.server.store.DurableConfigurationStoreHelper; import org.apache.qpid.server.store.StorableMessageMetaData; import org.apache.qpid.server.txn.ServerTransaction; @@ -138,7 +137,7 @@ public abstract class AbstractExchange implements Exchange return _autoDelete; } - public void close() throws AMQException + public void close() throws QpidSecurityException, AMQInternalException { if(_closed.compareAndSet(false,true)) @@ -532,7 +531,7 @@ public abstract class AbstractExchange implements Exchange @Override public boolean addBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments) - throws AMQSecurityException, AMQInternalException + throws QpidSecurityException, AMQInternalException { return makeBinding(null, bindingKey, queue, arguments, false, false); } @@ -541,7 +540,7 @@ public abstract class AbstractExchange implements Exchange public boolean replaceBinding(final UUID id, final String bindingKey, final AMQQueue queue, final Map<String, Object> arguments) - throws AMQSecurityException, AMQInternalException + throws QpidSecurityException, AMQInternalException { return makeBinding(id, bindingKey, queue, arguments, false, true); } @@ -549,20 +548,20 @@ public abstract class AbstractExchange implements Exchange @Override public void restoreBinding(final UUID id, final String bindingKey, final AMQQueue queue, final Map<String, Object> argumentMap) - throws AMQSecurityException, AMQInternalException + throws QpidSecurityException, AMQInternalException { makeBinding(id, bindingKey,queue, argumentMap,true, false); } @Override - public void removeBinding(final Binding b) throws AMQSecurityException, AMQInternalException + public void removeBinding(final Binding b) throws QpidSecurityException, AMQInternalException { removeBinding(b.getBindingKey(), b.getQueue(), b.getArguments()); } @Override public Binding removeBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments) - throws AMQSecurityException, AMQInternalException + throws QpidSecurityException, AMQInternalException { assert queue != null; @@ -581,7 +580,7 @@ public abstract class AbstractExchange implements Exchange // Check access if (!_virtualHost.getSecurityManager().authoriseUnbind(this, bindingKey, queue)) { - throw new AMQSecurityException("Permission denied: unbinding " + bindingKey); + throw new QpidSecurityException("Permission denied: unbinding " + bindingKey); } BindingImpl b = _bindingsMap.remove(new BindingImpl(null, bindingKey,queue,arguments)); @@ -628,7 +627,7 @@ public abstract class AbstractExchange implements Exchange AMQQueue queue, Map<String, Object> arguments, boolean restore, - boolean force) throws AMQSecurityException, AMQInternalException + boolean force) throws QpidSecurityException, AMQInternalException { assert queue != null; @@ -644,7 +643,7 @@ public abstract class AbstractExchange implements Exchange //Perform ACLs if (!_virtualHost.getSecurityManager().authoriseBind(AbstractExchange.this, queue, bindingKey)) { - throw new AMQSecurityException("Permission denied: binding " + bindingKey); + throw new QpidSecurityException("Permission denied: binding " + bindingKey); } if (id == null) @@ -696,7 +695,7 @@ public abstract class AbstractExchange implements Exchange } - public void onClose(final Exchange exchange) throws AMQSecurityException, AMQInternalException + public void onClose(final Exchange exchange) throws QpidSecurityException, AMQInternalException { removeBinding(this); } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchange.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchange.java index 78b9664cd3..acb9a47096 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchange.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchange.java @@ -29,7 +29,7 @@ import java.util.concurrent.atomic.AtomicBoolean; import org.apache.log4j.Logger; import org.apache.qpid.AMQException; import org.apache.qpid.AMQInternalException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.exchange.ExchangeDefaults; import org.apache.qpid.server.binding.Binding; import org.apache.qpid.server.consumer.Consumer; @@ -43,8 +43,6 @@ import org.apache.qpid.server.message.ServerMessage; import org.apache.qpid.server.model.UUIDGenerator; import org.apache.qpid.server.plugin.ExchangeType; import org.apache.qpid.server.queue.AMQQueue; -import org.apache.qpid.server.queue.BaseQueue; -import org.apache.qpid.server.queue.QueueEntry; import org.apache.qpid.server.queue.QueueRegistry; import org.apache.qpid.server.store.StorableMessageMetaData; import org.apache.qpid.server.txn.ServerTransaction; @@ -124,36 +122,36 @@ public class DefaultExchange implements Exchange @Override public boolean addBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments) - throws AMQSecurityException, AMQInternalException + throws QpidSecurityException, AMQInternalException { - throw new AMQSecurityException("Cannot add bindings to the default exchange"); + throw new QpidSecurityException("Cannot add bindings to the default exchange"); } @Override public boolean replaceBinding(UUID id, String bindingKey, AMQQueue queue, Map<String, Object> arguments) - throws AMQSecurityException, AMQInternalException + throws QpidSecurityException, AMQInternalException { - throw new AMQSecurityException("Cannot replace bindings on the default exchange"); + throw new QpidSecurityException("Cannot replace bindings on the default exchange"); } @Override public void restoreBinding(UUID id, String bindingKey, AMQQueue queue, Map<String, Object> argumentMap) - throws AMQSecurityException, AMQInternalException + throws QpidSecurityException, AMQInternalException { _logger.warn("Bindings to the default exchange should not be stored in the configuration store"); } @Override - public void removeBinding(Binding b) throws AMQSecurityException, AMQInternalException + public void removeBinding(Binding b) throws QpidSecurityException, AMQInternalException { - throw new AMQSecurityException("Cannot remove bindings to the default exchange"); + throw new QpidSecurityException("Cannot remove bindings to the default exchange"); } @Override public Binding removeBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments) - throws AMQSecurityException, AMQInternalException + throws QpidSecurityException, AMQInternalException { - throw new AMQSecurityException("Cannot remove bindings to the default exchange"); + throw new QpidSecurityException("Cannot remove bindings to the default exchange"); } @Override @@ -201,7 +199,7 @@ public class DefaultExchange implements Exchange } @Override - public void close() throws AMQException + public void close() { if(_closed.compareAndSet(false,true)) { diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeFactory.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeFactory.java index 994f6730e0..7229f008d6 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeFactory.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeFactory.java @@ -23,7 +23,7 @@ package org.apache.qpid.server.exchange; import org.apache.log4j.Logger; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.AMQUnknownExchangeType; import org.apache.qpid.exchange.ExchangeDefaults; import org.apache.qpid.server.model.UUIDGenerator; @@ -109,7 +109,7 @@ public class DefaultExchangeFactory implements ExchangeFactory } public Exchange createExchange(String exchange, String type, boolean durable, boolean autoDelete) - throws AMQException + throws AMQException, QpidSecurityException { UUID id = UUIDGenerator.generateExchangeUUID(exchange, _host.getName()); @@ -117,13 +117,13 @@ public class DefaultExchangeFactory implements ExchangeFactory } public Exchange createExchange(UUID id, String exchange, String type, boolean durable, boolean autoDelete) - throws AMQException + throws QpidSecurityException, AMQException { // Check access if (!_host.getSecurityManager().authoriseCreateExchange(autoDelete, durable, exchange, null, null, null, type)) { String description = "Permission denied: exchange-name '" + exchange + "'"; - throw new AMQSecurityException(description); + throw new QpidSecurityException(description); } ExchangeType<? extends Exchange> exchType = _exchangeClassMap.get(type); @@ -137,7 +137,8 @@ public class DefaultExchangeFactory implements ExchangeFactory } @Override - public Exchange restoreExchange(UUID id, String exchange, String type, boolean autoDelete) throws AMQException + public Exchange restoreExchange(UUID id, String exchange, String type, boolean autoDelete) + throws AMQException, QpidSecurityException { return createExchange(id, exchange, type, true, autoDelete); } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeRegistry.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeRegistry.java index 858aa224de..7f1c29f9e5 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeRegistry.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/DefaultExchangeRegistry.java @@ -22,9 +22,8 @@ package org.apache.qpid.server.exchange; import org.apache.log4j.Logger; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.exchange.ExchangeDefaults; -import org.apache.qpid.protocol.AMQConstant; import org.apache.qpid.server.model.UUIDGenerator; import org.apache.qpid.server.plugin.ExchangeType; import org.apache.qpid.server.queue.QueueRegistry; @@ -102,7 +101,7 @@ public class DefaultExchangeRegistry implements ExchangeRegistry return _defaultExchange; } - public boolean unregisterExchange(String name, boolean inUse) throws AMQException + public boolean unregisterExchange(String name, boolean inUse) throws AMQException, QpidSecurityException { final Exchange exchange = _exchangeMap.get(name); if (exchange != null) @@ -110,7 +109,7 @@ public class DefaultExchangeRegistry implements ExchangeRegistry if (!_host.getSecurityManager().authoriseDelete(exchange)) { - throw new AMQSecurityException(); + throw new QpidSecurityException(); } // TODO: check inUse argument diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/Exchange.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/Exchange.java index 6d83fdb2a1..d20bf788c7 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/Exchange.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/Exchange.java @@ -22,7 +22,7 @@ package org.apache.qpid.server.exchange; import org.apache.qpid.AMQException; import org.apache.qpid.AMQInternalException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.binding.Binding; import org.apache.qpid.server.message.MessageDestination; import org.apache.qpid.server.plugin.ExchangeType; @@ -70,25 +70,25 @@ public interface Exchange extends ExchangeReferrer, MessageDestination boolean addBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments) - throws AMQSecurityException, AMQInternalException; + throws QpidSecurityException, AMQInternalException; boolean replaceBinding(UUID id, String bindingKey, AMQQueue queue, Map<String, Object> arguments) - throws AMQSecurityException, AMQInternalException; + throws QpidSecurityException, AMQInternalException; void restoreBinding(UUID id, String bindingKey, AMQQueue queue, Map<String, Object> argumentMap) - throws AMQSecurityException, AMQInternalException; + throws QpidSecurityException, AMQInternalException; - void removeBinding(Binding b) throws AMQSecurityException, AMQInternalException; + void removeBinding(Binding b) throws QpidSecurityException, AMQInternalException; Binding removeBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments) - throws AMQSecurityException, AMQInternalException; + throws QpidSecurityException, AMQInternalException; Binding getBinding(String bindingKey, AMQQueue queue, Map<String, Object> arguments); - void close() throws AMQException; + void close() throws QpidSecurityException, AMQInternalException; /** * Determines whether a message would be isBound to a particular queue using a specific routing key and arguments diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeFactory.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeFactory.java index f4a3fd940d..ef2a3358dd 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeFactory.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeFactory.java @@ -22,6 +22,7 @@ package org.apache.qpid.server.exchange; import org.apache.qpid.AMQException; import org.apache.qpid.server.plugin.ExchangeType; +import org.apache.qpid.server.security.QpidSecurityException; import java.util.Collection; import java.util.UUID; @@ -34,9 +35,12 @@ public interface ExchangeFactory Collection<ExchangeType<? extends Exchange>> getPublicCreatableTypes(); - Exchange createExchange(String exchange, String type, boolean durable, boolean autoDelete) throws AMQException; + Exchange createExchange(String exchange, String type, boolean durable, boolean autoDelete) + throws AMQException, QpidSecurityException; - Exchange createExchange(UUID id, String exchange, String type, boolean durable, boolean autoDelete) throws AMQException; - Exchange restoreExchange(UUID id, String exchange, String type, boolean autoDelete) throws AMQException; + Exchange createExchange(UUID id, String exchange, String type, boolean durable, boolean autoDelete) throws AMQException, + QpidSecurityException; + Exchange restoreExchange(UUID id, String exchange, String type, boolean autoDelete) + throws AMQException, QpidSecurityException; } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeInitialiser.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeInitialiser.java index 6dbc1d54d1..334c1f5411 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeInitialiser.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeInitialiser.java @@ -23,12 +23,15 @@ package org.apache.qpid.server.exchange; import org.apache.qpid.AMQException; import org.apache.qpid.server.plugin.ExchangeType; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.store.DurableConfigurationStoreHelper; import org.apache.qpid.server.store.DurableConfigurationStore; +import org.apache.qpid.server.util.ServerScopedRuntimeException; public class ExchangeInitialiser { - public void initialise(ExchangeFactory factory, ExchangeRegistry registry, DurableConfigurationStore store) throws AMQException + public void initialise(ExchangeFactory factory, ExchangeRegistry registry, DurableConfigurationStore store) + throws AMQException { for (ExchangeType<? extends Exchange> type : factory.getRegisteredTypes()) { @@ -38,16 +41,25 @@ public class ExchangeInitialiser } private void define(ExchangeRegistry r, ExchangeFactory f, - String name, String type, DurableConfigurationStore store) throws AMQException + String name, String type, DurableConfigurationStore store) + throws AMQException { - if(r.getExchange(name)== null) + try { - Exchange exchange = f.createExchange(name, type, true, false); - r.registerExchange(exchange); - if(exchange.isDurable()) + if(r.getExchange(name)== null) { - DurableConfigurationStoreHelper.createExchange(store, exchange); + Exchange exchange = f.createExchange(name, type, true, false); + r.registerExchange(exchange); + if(exchange.isDurable()) + { + DurableConfigurationStoreHelper.createExchange(store, exchange); + } } } + catch (QpidSecurityException e) + { + throw new ServerScopedRuntimeException("Security Exception when attempting to initialise exchanges - " + + "this is likely a programming error", e); + } } } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeRegistry.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeRegistry.java index 743c8eea3f..6ecbb94235 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeRegistry.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/exchange/ExchangeRegistry.java @@ -21,6 +21,7 @@ package org.apache.qpid.server.exchange; import org.apache.qpid.AMQException; +import org.apache.qpid.server.security.QpidSecurityException; import java.util.Collection; import java.util.UUID; @@ -42,7 +43,7 @@ public interface ExchangeRegistry * @param ifUnused if true, do NOT delete the exchange if it is in use (has queues bound to it) * @throws AMQException */ - boolean unregisterExchange(String exchange, boolean ifUnused) throws AMQException; + boolean unregisterExchange(String exchange, boolean ifUnused) throws AMQException, QpidSecurityException; void clearAndUnregisterMbeans(); diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/message/MessageSource.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/message/MessageSource.java index 1996c73222..86179f9b00 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/message/MessageSource.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/message/MessageSource.java @@ -27,6 +27,7 @@ import org.apache.qpid.server.filter.FilterManager; import org.apache.qpid.server.protocol.AMQSessionModel; import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.security.AuthorizationHolder; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.store.TransactionLogResource; import java.util.Collection; @@ -36,7 +37,8 @@ public interface MessageSource<C extends Consumer, S extends MessageSource<C,S>> { <T extends ConsumerTarget> C addConsumer(T target, FilterManager filters, Class<? extends ServerMessage> messageClass, - String consumerName, EnumSet<Consumer.Option> options) throws AMQException; + String consumerName, EnumSet<Consumer.Option> options) + throws AMQException, QpidSecurityException; Collection<C> getConsumers(); diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BindingAdapter.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BindingAdapter.java index 92b8f55f23..79ba45a2f0 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BindingAdapter.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/BindingAdapter.java @@ -27,7 +27,7 @@ import java.util.HashMap; import java.util.Map; import org.apache.qpid.AMQInternalException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.model.Binding; import org.apache.qpid.server.model.ConfiguredObject; import org.apache.qpid.server.model.Exchange; @@ -144,7 +144,7 @@ final class BindingAdapter extends AbstractAdapter implements Binding { _exchange.getExchange().removeBinding(_binding); } - catch(AMQSecurityException e) + catch(QpidSecurityException e) { throw new AccessControlException(e.getMessage()); } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/ExchangeAdapter.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/ExchangeAdapter.java index 0963f01522..7958dfab23 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/ExchangeAdapter.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/ExchangeAdapter.java @@ -29,7 +29,7 @@ import java.util.Map; import org.apache.qpid.AMQException; import org.apache.qpid.AMQInternalException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.binding.Binding; import org.apache.qpid.server.model.ConfiguredObject; import org.apache.qpid.server.model.ConfiguredObjectFinder; @@ -147,7 +147,7 @@ final class ExchangeAdapter extends AbstractAdapter implements Exchange, org.apa return binding == null ? null : _bindingAdapters.get(binding); } } - catch(AMQSecurityException e) + catch(QpidSecurityException e) { throw new AccessControlException(e.toString()); } @@ -171,6 +171,10 @@ final class ExchangeAdapter extends AbstractAdapter implements Exchange, org.apa { throw new IllegalStateException(e); } + catch (QpidSecurityException e) + { + throw new AccessControlException(e.toString()); + } } public String getName() diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/QueueAdapter.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/QueueAdapter.java index e2c29ede51..19a44fc4c3 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/QueueAdapter.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/QueueAdapter.java @@ -45,6 +45,7 @@ import org.apache.qpid.server.model.Statistics; import org.apache.qpid.server.protocol.AMQConnectionModel; import org.apache.qpid.server.protocol.AMQSessionModel; import org.apache.qpid.server.queue.*; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.store.DurableConfigurationStoreHelper; import org.apache.qpid.server.consumer.Consumer; import org.apache.qpid.server.util.MapValueConverter; @@ -178,6 +179,10 @@ final class QueueAdapter<Q extends AMQQueue<?,Q,?>> extends AbstractAdapter impl { throw new IllegalStateException(e); } + catch (QpidSecurityException e) + { + throw new AccessControlException(e.toString()); + } } public String getName() diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java index c43dc34d2f..bd265fe938 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java @@ -66,6 +66,7 @@ import org.apache.qpid.server.plugin.ExchangeType; import org.apache.qpid.server.protocol.AMQConnectionModel; import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.queue.AMQQueueFactory; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.security.SecurityManager; import org.apache.qpid.server.security.access.Operation; import org.apache.qpid.server.security.auth.AuthenticatedPrincipal; @@ -378,6 +379,10 @@ public final class VirtualHostAdapter extends AbstractAdapter implements Virtual { throw new IllegalArgumentException(e); } + catch (QpidSecurityException e) + { + throw new AccessControlException(e.toString()); + } } public Queue createQueue(Map<String, Object> attributes) @@ -471,6 +476,10 @@ public final class VirtualHostAdapter extends AbstractAdapter implements Virtual { throw new IllegalArgumentException(e); } + catch (QpidSecurityException e) + { + throw new AccessControlException(e.toString()); + } } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueue.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueue.java index 76477a0a9b..49c8a8f2a1 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueue.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueue.java @@ -30,6 +30,7 @@ import org.apache.qpid.server.message.MessageDestination; import org.apache.qpid.server.message.MessageSource; import org.apache.qpid.server.protocol.CapacityChecker; import org.apache.qpid.server.consumer.Consumer; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.util.Action; import org.apache.qpid.server.virtualhost.VirtualHost; @@ -94,7 +95,7 @@ public interface AMQQueue<E extends QueueEntry<E,Q,C>, Q extends AMQQueue<E,Q,C> boolean isDeleted(); - int delete() throws AMQException; + int delete() throws AMQException, QpidSecurityException; void requeue(E entry); @@ -169,7 +170,7 @@ public interface AMQQueue<E extends QueueEntry<E,Q,C>, Q extends AMQQueue<E,Q,C> void deleteMessageFromTop(); - long clearQueue() throws AMQException; + long clearQueue() throws AMQException, QpidSecurityException; /** * Checks the status of messages on the queue, purging expired ones, firing age related alerts etc. diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueueFactory.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueueFactory.java index 4e0a9048e1..1f281b16e9 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueueFactory.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/AMQQueueFactory.java @@ -26,7 +26,7 @@ import java.util.Map; import java.util.UUID; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.exchange.ExchangeDefaults; import org.apache.qpid.server.configuration.BrokerProperties; import org.apache.qpid.server.configuration.QueueConfiguration; @@ -183,7 +183,7 @@ public class AMQQueueFactory implements QueueFactory boolean autoDelete, boolean exclusive, boolean deleteOnNoConsumer, - Map<String, Object> arguments) throws AMQSecurityException, AMQException + Map<String, Object> arguments) throws QpidSecurityException, AMQException { return createOrRestoreQueue(id, queueName, true, owner, autoDelete, exclusive, deleteOnNoConsumer, arguments, false); @@ -201,7 +201,7 @@ public class AMQQueueFactory implements QueueFactory boolean autoDelete, boolean exclusive, boolean deleteOnNoConsumer, - Map<String, Object> arguments) throws AMQSecurityException, AMQException + Map<String, Object> arguments) throws QpidSecurityException, AMQException { return createOrRestoreQueue(id, queueName, durable, owner, autoDelete, exclusive, deleteOnNoConsumer, arguments, true); } @@ -214,7 +214,7 @@ public class AMQQueueFactory implements QueueFactory boolean exclusive, boolean deleteOnNoConsumer, Map<String, Object> arguments, - boolean createInStore) throws AMQSecurityException, AMQException + boolean createInStore) throws QpidSecurityException, AMQException { if (id == null) { @@ -391,7 +391,7 @@ public class AMQQueueFactory implements QueueFactory return q; } - public AMQQueue createAMQQueueImpl(QueueConfiguration config) throws AMQException + public AMQQueue createAMQQueueImpl(QueueConfiguration config) throws AMQException, QpidSecurityException { String queueName = config.getName(); diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/QueueFactory.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/QueueFactory.java index 3e4e1df5a2..d58de14000 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/QueueFactory.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/QueueFactory.java @@ -23,7 +23,7 @@ package org.apache.qpid.server.queue; import java.util.Map; import java.util.UUID; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; public interface QueueFactory { @@ -34,7 +34,7 @@ public interface QueueFactory boolean autoDelete, boolean exclusive, boolean deleteOnNoConsumer, - Map<String, Object> arguments) throws AMQSecurityException, AMQException; + Map<String, Object> arguments) throws QpidSecurityException, AMQException; AMQQueue restoreQueue(UUID id, String queueName, @@ -42,6 +42,6 @@ public interface QueueFactory boolean autoDelete, boolean exclusive, boolean deleteOnNoConsumer, - Map<String, Object> arguments) throws AMQSecurityException, AMQException; + Map<String, Object> arguments) throws QpidSecurityException, AMQException; } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/SimpleAMQQueue.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/SimpleAMQQueue.java index 25b6cac712..c07264b628 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/SimpleAMQQueue.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/queue/SimpleAMQQueue.java @@ -29,7 +29,7 @@ import java.util.concurrent.atomic.AtomicLong; import org.apache.log4j.Logger; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.pool.ReferenceCountingExecutorService; import org.apache.qpid.server.binding.Binding; import org.apache.qpid.server.configuration.BrokerProperties; @@ -56,6 +56,7 @@ import org.apache.qpid.server.txn.AutoCommitTransaction; import org.apache.qpid.server.txn.LocalTransaction; import org.apache.qpid.server.txn.ServerTransaction; import org.apache.qpid.server.util.Action; +import org.apache.qpid.server.util.ConnectionScopedRuntimeException; import org.apache.qpid.server.util.StateChangeListener; import org.apache.qpid.server.virtualhost.VirtualHost; @@ -381,13 +382,13 @@ abstract class SimpleAMQQueue<E extends QueueEntryImpl<E,Q,L>, Q extends SimpleA final FilterManager filters, final Class<? extends ServerMessage> messageClass, final String consumerName, - EnumSet<Consumer.Option> optionSet) throws AMQException + EnumSet<Consumer.Option> optionSet) throws AMQException, QpidSecurityException { // Access control if (!getVirtualHost().getSecurityManager().authoriseConsume(this)) { - throw new AMQSecurityException("Permission denied"); + throw new QpidSecurityException("Permission denied"); } @@ -502,7 +503,14 @@ abstract class SimpleAMQQueue<E extends QueueEntryImpl<E,Q,L>, Q extends SimpleA _logger.info("Auto-deleting queue:" + this); } - getVirtualHost().removeQueue(this); + try + { + getVirtualHost().removeQueue(this); + } + catch (QpidSecurityException e) + { + throw new ConnectionScopedRuntimeException("Auto delete queue unable to delete itself", e); + } // we need to manually fire the event to the removed consumer (which was the last one left for this // queue. This is because the delete method uses the consumer set which has just been cleared @@ -1169,7 +1177,7 @@ abstract class SimpleAMQQueue<E extends QueueEntryImpl<E,Q,L>, Q extends SimpleA } - public void purge(final long request) throws AMQException + public void purge(final long request) throws AMQException, QpidSecurityException { clear(request); } @@ -1199,17 +1207,17 @@ abstract class SimpleAMQQueue<E extends QueueEntryImpl<E,Q,L>, Q extends SimpleA } } - public long clearQueue() throws AMQException + public long clearQueue() throws AMQException, QpidSecurityException { return clear(0l); } - private long clear(final long request) throws AMQSecurityException + private long clear(final long request) throws QpidSecurityException { //Perform ACLs if (!getVirtualHost().getSecurityManager().authorisePurge(this)) { - throw new AMQSecurityException("Permission denied: queue " + getName()); + throw new QpidSecurityException("Permission denied: queue " + getName()); } QueueEntryIterator<E,Q,L,QueueConsumer<?,E,Q,L>> queueListIterator = _entries.iterator(); @@ -1271,12 +1279,12 @@ abstract class SimpleAMQQueue<E extends QueueEntryImpl<E,Q,L>, Q extends SimpleA } // TODO list all thrown exceptions - public int delete() throws AMQException + public int delete() throws AMQException, QpidSecurityException { // Check access if (!_virtualHost.getSecurityManager().authoriseDelete(this)) { - throw new AMQSecurityException("Permission denied: " + getName()); + throw new QpidSecurityException("Permission denied: " + getName()); } if (!_deleted.getAndSet(true)) diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/QpidSecurityException.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/QpidSecurityException.java new file mode 100644 index 0000000000..b9d9513f9f --- /dev/null +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/QpidSecurityException.java @@ -0,0 +1,43 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.qpid.server.security; + +public class QpidSecurityException extends Exception +{ + public QpidSecurityException() + { + } + + public QpidSecurityException(final String message) + { + super(message); + } + + public QpidSecurityException(final String message, final Throwable cause) + { + super(message, cause); + } + + public QpidSecurityException(final Throwable cause) + { + super(cause); + } +} diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/util/ConnectionScopedRuntimeException.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/util/ConnectionScopedRuntimeException.java new file mode 100644 index 0000000000..7161846ef5 --- /dev/null +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/util/ConnectionScopedRuntimeException.java @@ -0,0 +1,51 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.qpid.server.util; + +public class ConnectionScopedRuntimeException extends RuntimeException +{ + public ConnectionScopedRuntimeException() + { + } + + public ConnectionScopedRuntimeException(final String message) + { + super(message); + } + + public ConnectionScopedRuntimeException(final String message, final Throwable cause) + { + super(message, cause); + } + + public ConnectionScopedRuntimeException(final Throwable cause) + { + super(cause); + } + + public ConnectionScopedRuntimeException(final String message, + final Throwable cause, + final boolean enableSuppression, + final boolean writableStackTrace) + { + super(message, cause, enableSuppression, writableStackTrace); + } +} diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/util/ServerScopedRuntimeException.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/util/ServerScopedRuntimeException.java new file mode 100644 index 0000000000..8df7b0489c --- /dev/null +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/util/ServerScopedRuntimeException.java @@ -0,0 +1,51 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.qpid.server.util; + +public class ServerScopedRuntimeException extends RuntimeException +{ + public ServerScopedRuntimeException() + { + } + + public ServerScopedRuntimeException(final String message) + { + super(message); + } + + public ServerScopedRuntimeException(final String message, final Throwable cause) + { + super(message, cause); + } + + public ServerScopedRuntimeException(final Throwable cause) + { + super(cause); + } + + public ServerScopedRuntimeException(final String message, + final Throwable cause, + final boolean enableSuppression, + final boolean writableStackTrace) + { + super(message, cause, enableSuppression, writableStackTrace); + } +} diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java index 3d42b07117..88cd025728 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java @@ -34,7 +34,7 @@ import java.util.concurrent.TimeUnit; import org.apache.commons.configuration.ConfigurationException; import org.apache.log4j.Logger; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.configuration.ExchangeConfiguration; import org.apache.qpid.server.configuration.QueueConfiguration; import org.apache.qpid.server.configuration.VirtualHostConfiguration; @@ -292,7 +292,8 @@ public abstract class AbstractVirtualHost implements VirtualHost, IConnectionReg } - protected void initialiseModel(VirtualHostConfiguration config) throws ConfigurationException, AMQException + protected void initialiseModel(VirtualHostConfiguration config) + throws ConfigurationException, AMQException, QpidSecurityException { _logger.debug("Loading configuration for virtualhost: " + config.getName()); @@ -314,14 +315,15 @@ public abstract class AbstractVirtualHost implements VirtualHost, IConnectionReg } } - private void configureExchange(ExchangeConfiguration exchangeConfiguration) throws AMQException + private void configureExchange(ExchangeConfiguration exchangeConfiguration) + throws AMQException, QpidSecurityException { boolean durable = exchangeConfiguration.getDurable(); boolean autodelete = exchangeConfiguration.getAutoDelete(); try { - Exchange newExchange = createExchange(null, exchangeConfiguration.getName(), exchangeConfiguration.getType(), durable, autodelete, - null); + Exchange newExchange = createExchange(null, exchangeConfiguration.getName(), + exchangeConfiguration.getType(), durable, autodelete, null); } catch(ExchangeExistsException e) { @@ -330,7 +332,8 @@ public abstract class AbstractVirtualHost implements VirtualHost, IConnectionReg } - private void configureQueue(QueueConfiguration queueConfiguration) throws AMQException, ConfigurationException + private void configureQueue(QueueConfiguration queueConfiguration) + throws AMQException, ConfigurationException, QpidSecurityException { AMQQueue queue = _queueFactory.createAMQQueueImpl(queueConfiguration); String queueName = queue.getName(); @@ -380,7 +383,8 @@ public abstract class AbstractVirtualHost implements VirtualHost, IConnectionReg } - private void configureBinding(AMQQueue queue, Exchange exchange, String routingKey, Map<String,Object> arguments) throws AMQException + private void configureBinding(AMQQueue queue, Exchange exchange, String routingKey, Map<String,Object> arguments) + throws AMQException, QpidSecurityException { if (_logger.isInfoEnabled()) { @@ -487,7 +491,7 @@ public abstract class AbstractVirtualHost implements VirtualHost, IConnectionReg } @Override - public int removeQueue(AMQQueue queue) throws AMQException + public int removeQueue(AMQQueue queue) throws AMQException, QpidSecurityException { synchronized (getQueueRegistry()) { @@ -511,7 +515,7 @@ public abstract class AbstractVirtualHost implements VirtualHost, IConnectionReg boolean autoDelete, boolean exclusive, boolean deleteOnNoConsumer, - Map<String, Object> arguments) throws AMQException + Map<String, Object> arguments) throws AMQException, QpidSecurityException { if (queueName == null) @@ -529,7 +533,7 @@ public abstract class AbstractVirtualHost implements VirtualHost, IConnectionReg owner)) { String description = "Permission denied: queue-name '" + queueName + "'"; - throw new AMQSecurityException(description); + throw new QpidSecurityException(description); } synchronized (_queueRegistry) @@ -603,7 +607,7 @@ public abstract class AbstractVirtualHost implements VirtualHost, IConnectionReg boolean durable, boolean autoDelete, String alternateExchangeName) - throws AMQException + throws AMQException, QpidSecurityException { synchronized (_exchangeRegistry) { @@ -649,7 +653,7 @@ public abstract class AbstractVirtualHost implements VirtualHost, IConnectionReg } @Override - public void removeExchange(Exchange exchange, boolean force) throws AMQException + public void removeExchange(Exchange exchange, boolean force) throws AMQException, QpidSecurityException { if(exchange.hasReferrers()) { diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/BindingRecoverer.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/BindingRecoverer.java index de6d3d9e75..7a034647b0 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/BindingRecoverer.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/BindingRecoverer.java @@ -31,9 +31,11 @@ import org.apache.qpid.server.exchange.Exchange; import org.apache.qpid.server.exchange.ExchangeRegistry; import org.apache.qpid.server.model.Queue; import org.apache.qpid.server.queue.AMQQueue; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.store.AbstractDurableConfiguredObjectRecoverer; import org.apache.qpid.server.store.UnresolvedDependency; import org.apache.qpid.server.store.UnresolvedObject; +import org.apache.qpid.server.util.ServerScopedRuntimeException; public class BindingRecoverer extends AbstractDurableConfiguredObjectRecoverer<Binding> { @@ -122,6 +124,12 @@ public class BindingRecoverer extends AbstractDurableConfiguredObjectRecoverer<B { throw new RuntimeException(e); } + catch (QpidSecurityException e) + { + throw new ServerScopedRuntimeException("Security Exception thrown when recovering. The recovery " + + "thread should not be bound by permissions, this is likely " + + "a programming error.",e); + } } private class QueueDependency implements UnresolvedDependency<AMQQueue> diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/ExchangeRecoverer.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/ExchangeRecoverer.java index 6ad7014c47..6375af9933 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/ExchangeRecoverer.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/ExchangeRecoverer.java @@ -27,9 +27,11 @@ import org.apache.qpid.server.exchange.Exchange; import org.apache.qpid.server.exchange.ExchangeFactory; import org.apache.qpid.server.exchange.ExchangeRegistry; import org.apache.qpid.server.model.LifetimePolicy; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.store.AbstractDurableConfiguredObjectRecoverer; import org.apache.qpid.server.store.UnresolvedDependency; import org.apache.qpid.server.store.UnresolvedObject; +import org.apache.qpid.server.util.ServerScopedRuntimeException; public class ExchangeRecoverer extends AbstractDurableConfiguredObjectRecoverer<Exchange> { @@ -85,6 +87,12 @@ public class ExchangeRecoverer extends AbstractDurableConfiguredObjectRecoverer< { throw new RuntimeException("Error recovering exchange uuid " + id + " name " + exchangeName, e); } + catch (QpidSecurityException e) + { + throw new ServerScopedRuntimeException("Security Exception thrown when recovering. The recovery " + + "thread should not be bound by permissions, this is likely " + + "a programming error.",e); + } } @Override diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/QueueRecoverer.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/QueueRecoverer.java index 02d628da68..f6dd510894 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/QueueRecoverer.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/QueueRecoverer.java @@ -32,9 +32,11 @@ import org.apache.qpid.server.exchange.ExchangeRegistry; import org.apache.qpid.server.model.Queue; import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.queue.QueueFactory; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.store.AbstractDurableConfiguredObjectRecoverer; import org.apache.qpid.server.store.UnresolvedDependency; import org.apache.qpid.server.store.UnresolvedObject; +import org.apache.qpid.server.util.ServerScopedRuntimeException; public class QueueRecoverer extends AbstractDurableConfiguredObjectRecoverer<AMQQueue> { @@ -129,6 +131,12 @@ public class QueueRecoverer extends AbstractDurableConfiguredObjectRecoverer<AMQ { throw new RuntimeException("Error recovering queue uuid " + _id + " name " + queueName, e); } + catch (QpidSecurityException e) + { + throw new ServerScopedRuntimeException("Security Exception thrown when recovering. The recovery " + + "thread should not be bound by permissions, this is likely " + + "a programming error.",e); + } return _queue; } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/VirtualHost.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/VirtualHost.java index 7034311d84..1f925d13b5 100755 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/VirtualHost.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/VirtualHost.java @@ -25,18 +25,16 @@ import java.util.Map; import java.util.UUID; import java.util.concurrent.ScheduledFuture; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; import org.apache.qpid.common.Closeable; import org.apache.qpid.server.configuration.VirtualHostConfiguration; import org.apache.qpid.server.connection.IConnectionRegistry; import org.apache.qpid.server.exchange.Exchange; import org.apache.qpid.server.message.MessageDestination; -import org.apache.qpid.server.message.MessageNode; import org.apache.qpid.server.message.MessageSource; import org.apache.qpid.server.plugin.ExchangeType; import org.apache.qpid.server.protocol.LinkRegistry; import org.apache.qpid.server.queue.AMQQueue; -import org.apache.qpid.server.queue.QueueRegistry; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.security.SecurityManager; import org.apache.qpid.server.stats.StatisticsGatherer; import org.apache.qpid.server.store.DurableConfigurationStore; @@ -58,7 +56,7 @@ public interface VirtualHost extends DurableConfigurationStore.Source, Closeable Collection<AMQQueue> getQueues(); - int removeQueue(AMQQueue queue) throws AMQException; + int removeQueue(AMQQueue queue) throws AMQException, QpidSecurityException; AMQQueue createQueue(UUID id, String queueName, @@ -67,7 +65,7 @@ public interface VirtualHost extends DurableConfigurationStore.Source, Closeable boolean autoDelete, boolean exclusive, boolean deleteOnNoConsumer, - Map<String, Object> arguments) throws AMQException; + Map<String, Object> arguments) throws AMQException, QpidSecurityException; Exchange createExchange(UUID id, @@ -76,9 +74,9 @@ public interface VirtualHost extends DurableConfigurationStore.Source, Closeable boolean durable, boolean autoDelete, String alternateExchange) - throws AMQException; + throws AMQException, QpidSecurityException; - void removeExchange(Exchange exchange, boolean force) throws AMQException; + void removeExchange(Exchange exchange, boolean force) throws AMQException, QpidSecurityException; MessageDestination getMessageDestination(String name); diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/FanoutExchangeTest.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/FanoutExchangeTest.java index 4449cf7645..70ac5128c1 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/FanoutExchangeTest.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/FanoutExchangeTest.java @@ -35,7 +35,7 @@ import junit.framework.TestCase; import org.apache.qpid.AMQException; import org.apache.qpid.AMQInternalException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.common.AMQPFilterTypes; import org.apache.qpid.server.logging.LogActor; import org.apache.qpid.server.logging.actors.CurrentActor; @@ -85,28 +85,28 @@ public class FanoutExchangeTest extends TestCase assertFalse("calling isBound(AMQQueue) with null queue should return false", _exchange.isBound((AMQQueue) null)); } - public void testIsBoundStringMapAMQQueue() throws AMQSecurityException, AMQInternalException + public void testIsBoundStringMapAMQQueue() throws QpidSecurityException, AMQInternalException { AMQQueue queue = bindQueue(); assertTrue("Should return true for a bound queue", _exchange.isBound("matters", null, queue)); } - public void testIsBoundStringAMQQueue() throws AMQSecurityException, AMQInternalException + public void testIsBoundStringAMQQueue() throws QpidSecurityException, AMQInternalException { AMQQueue queue = bindQueue(); assertTrue("Should return true for a bound queue", _exchange.isBound("matters", queue)); } - public void testIsBoundAMQQueue() throws AMQSecurityException, AMQInternalException + public void testIsBoundAMQQueue() throws QpidSecurityException, AMQInternalException { AMQQueue queue = bindQueue(); assertTrue("Should return true for a bound queue", _exchange.isBound(queue)); } - private AMQQueue bindQueue() throws AMQSecurityException, AMQInternalException + private AMQQueue bindQueue() throws QpidSecurityException, AMQInternalException { AMQQueue queue = mockQueue(); _exchange.addBinding("matters", queue, null); diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/HeadersExchangeTest.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/HeadersExchangeTest.java index 7c62530301..54b0c3c529 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/HeadersExchangeTest.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/HeadersExchangeTest.java @@ -30,7 +30,7 @@ import java.util.Set; import java.util.UUID; import junit.framework.TestCase; import org.apache.qpid.AMQInternalException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.common.AMQPFilterTypes; import org.apache.qpid.server.logging.LogActor; import org.apache.qpid.server.logging.actors.CurrentActor; @@ -119,7 +119,7 @@ public class HeadersExchangeTest extends TestCase } private void bind(String bindingKey, Map<String, Object> arguments, AMQQueue q) - throws AMQSecurityException, AMQInternalException + throws QpidSecurityException, AMQInternalException { _exchange.addBinding(bindingKey,q,arguments); } diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/TopicExchangeTest.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/TopicExchangeTest.java index 8cab2e9058..4a7bc33365 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/TopicExchangeTest.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/exchange/TopicExchangeTest.java @@ -72,7 +72,7 @@ public class TopicExchangeTest extends QpidTestCase } } - public void testNoRoute() throws AMQException + public void testNoRoute() throws Exception { AMQQueue<?,?,?> queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "a*#b", false, null, false, false, false, null); @@ -84,7 +84,7 @@ public class TopicExchangeTest extends QpidTestCase Assert.assertEquals(0, queue.getMessageCount()); } - public void testDirectMatch() throws AMQException + public void testDirectMatch() throws Exception { AMQQueue<?,?,?> queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "ab", false, null, false, false, false, null); @@ -107,7 +107,7 @@ public class TopicExchangeTest extends QpidTestCase } - public void testStarMatch() throws AMQException + public void testStarMatch() throws Exception { AMQQueue<?,?,?> queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "a*", false, null, false, false, false, null); _exchange.registerQueue(new Binding(null, "a.*",queue, _exchange, null)); @@ -138,7 +138,7 @@ public class TopicExchangeTest extends QpidTestCase Assert.assertEquals(0, queue.getMessageCount()); } - public void testHashMatch() throws AMQException + public void testHashMatch() throws Exception { AMQQueue<?,?,?> queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "a#", false, null, false, false, false, null); _exchange.registerQueue(new Binding(null, "a.#",queue, _exchange, null)); @@ -189,7 +189,7 @@ public class TopicExchangeTest extends QpidTestCase } - public void testMidHash() throws AMQException + public void testMidHash() throws Exception { AMQQueue<?,?,?> queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "a", false, null, false, false, false, null); @@ -215,7 +215,7 @@ public class TopicExchangeTest extends QpidTestCase } - public void testMatchAfterHash() throws AMQException + public void testMatchAfterHash() throws Exception { AMQQueue<?,?,?> queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "a#", false, null, false, false, false, null); @@ -254,7 +254,7 @@ public class TopicExchangeTest extends QpidTestCase } - public void testHashAfterHash() throws AMQException + public void testHashAfterHash() throws Exception { AMQQueue<?,?,?> queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "a#", false, null, false, false, false, null); @@ -276,7 +276,7 @@ public class TopicExchangeTest extends QpidTestCase } - public void testHashHash() throws AMQException + public void testHashHash() throws Exception { AMQQueue<?,?,?> queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "a#", false, null, false, false, false, null); @@ -298,7 +298,7 @@ public class TopicExchangeTest extends QpidTestCase } - public void testSubMatchFails() throws AMQException + public void testSubMatchFails() throws Exception { AMQQueue queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "a", false, null, false, false, false, null); @@ -328,7 +328,7 @@ public class TopicExchangeTest extends QpidTestCase return queues.size(); } - public void testMoreRouting() throws AMQException + public void testMoreRouting() throws Exception { AMQQueue queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "a", false, null, false, false, false, null); @@ -342,7 +342,7 @@ public class TopicExchangeTest extends QpidTestCase } - public void testMoreQueue() throws AMQException + public void testMoreQueue() throws Exception { AMQQueue queue = _vhost.createQueue(UUIDGenerator.generateRandomUUID(), "a", false, null, false, false, false, null); diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/AMQQueueFactoryTest.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/AMQQueueFactoryTest.java index febce9ea2e..e59b9f614e 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/AMQQueueFactoryTest.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/AMQQueueFactoryTest.java @@ -98,7 +98,7 @@ public class AMQQueueFactoryTest extends QpidTestCase } - private void delegateVhostQueueCreation() throws AMQException + private void delegateVhostQueueCreation() throws Exception { final ArgumentCaptor<UUID> id = ArgumentCaptor.forClass(UUID.class); final ArgumentCaptor<String> queueName = ArgumentCaptor.forClass(String.class); @@ -152,7 +152,7 @@ public class AMQQueueFactoryTest extends QpidTestCase }).when(_queueRegistry).registerQueue(capturedQueue.capture()); } - private void mockExchangeCreation() throws AMQException + private void mockExchangeCreation() throws Exception { final ArgumentCaptor<UUID> idCapture = ArgumentCaptor.forClass(UUID.class); final ArgumentCaptor<String> exchangeNameCapture = ArgumentCaptor.forClass(String.class); @@ -260,9 +260,8 @@ public class AMQQueueFactoryTest extends QpidTestCase /** * Tests that setting the {@link QueueArgumentsConverter#X_QPID_DLQ_ENABLED} argument true does * cause the alternate exchange to be set and DLQ to be produced. - * @throws AMQException */ - public void testDeadLetterQueueEnabled() throws AMQException + public void testDeadLetterQueueEnabled() throws Exception { Map<String,Object> attributes = Collections.singletonMap(Queue.CREATE_DLQ_ON_CREATION, (Object) true); @@ -303,7 +302,6 @@ public class AMQQueueFactoryTest extends QpidTestCase /** * Tests that the deadLetterQueues/maximumDeliveryCount settings from the configuration * are not applied to the DLQ itself. - * @throws AMQException */ public void testDeadLetterQueueDoesNotInheritDLQorMDCSettings() throws Exception { @@ -349,9 +347,8 @@ public class AMQQueueFactoryTest extends QpidTestCase /** * Tests that setting the {@link QueueArgumentsConverter#X_QPID_DLQ_ENABLED} argument false does not * result in the alternate exchange being set and DLQ being created. - * @throws AMQException */ - public void testDeadLetterQueueDisabled() throws AMQException + public void testDeadLetterQueueDisabled() throws Exception { Map<String,Object> attributes = Collections.singletonMap(Queue.CREATE_DLQ_ON_CREATION, (Object) false); @@ -384,9 +381,8 @@ public class AMQQueueFactoryTest extends QpidTestCase * Tests that setting the {@link QueueArgumentsConverter#X_QPID_DLQ_ENABLED} argument true but * creating an auto-delete queue, does not result in the alternate exchange * being set and DLQ being created. - * @throws AMQException */ - public void testDeadLetterQueueNotCreatedForAutodeleteQueues() throws AMQException + public void testDeadLetterQueueNotCreatedForAutodeleteQueues() throws Exception { Map<String,Object> attributes = Collections.singletonMap(Queue.CREATE_DLQ_ON_CREATION, (Object) true); diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/PriorityQueueTest.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/PriorityQueueTest.java index 56cd29b0bd..b71e4cd6d3 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/PriorityQueueTest.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/PriorityQueueTest.java @@ -49,7 +49,7 @@ public class PriorityQueueTest extends SimpleAMQQueueTestBase super.setUp(); } - public void testPriorityOrdering() throws AMQException, InterruptedException + public void testPriorityOrdering() throws Exception, InterruptedException { // Enqueue messages in order diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/SimpleAMQQueueTestBase.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/SimpleAMQQueueTestBase.java index 7f3c16e8f1..9330df5bea 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/SimpleAMQQueueTestBase.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/SimpleAMQQueueTestBase.java @@ -36,7 +36,7 @@ import java.util.Map; import org.apache.log4j.Logger; import org.apache.qpid.AMQException; import org.apache.qpid.AMQInternalException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.exchange.ExchangeDefaults; import org.apache.qpid.server.exchange.DirectExchange; import org.apache.qpid.server.message.AMQMessageHeader; @@ -100,7 +100,7 @@ abstract class SimpleAMQQueueTestBase<E extends QueueEntryImpl<E,Q,L>, Q extends } } - public void testCreateQueue() throws AMQException + public void testCreateQueue() throws Exception { _queue.stop(); try @@ -129,7 +129,7 @@ abstract class SimpleAMQQueueTestBase<E extends QueueEntryImpl<E,Q,L>, Q extends assertEquals("Virtual host was wrong", _virtualHost, _queue.getVirtualHost()); } - public void testBinding() throws AMQSecurityException, AMQInternalException + public void testBinding() throws QpidSecurityException, AMQInternalException { _exchange.addBinding(_routingKey, _queue, Collections.EMPTY_MAP); @@ -150,7 +150,7 @@ abstract class SimpleAMQQueueTestBase<E extends QueueEntryImpl<E,Q,L>, Q extends } - public void testRegisterConsumerThenEnqueueMessage() throws AMQException + public void testRegisterConsumerThenEnqueueMessage() throws Exception { ServerMessage messageA = createMessage(new Long(24)); @@ -188,7 +188,7 @@ abstract class SimpleAMQQueueTestBase<E extends QueueEntryImpl<E,Q,L>, Q extends } - public void testEnqueueMessageThenRegisterConsumer() throws AMQException, InterruptedException + public void testEnqueueMessageThenRegisterConsumer() throws Exception, InterruptedException { ServerMessage messageA = createMessage(new Long(24)); _queue.enqueue(messageA, null); @@ -420,7 +420,7 @@ abstract class SimpleAMQQueueTestBase<E extends QueueEntryImpl<E,Q,L>, Q extends consumer2.getQueueContext().getReleasedEntry()); } - public void testExclusiveConsumer() throws AMQException + public void testExclusiveConsumer() throws Exception { ServerMessage messageA = createMessage(new Long(24)); // Check adding an exclusive consumer adds it to the queue @@ -831,7 +831,7 @@ abstract class SimpleAMQQueueTestBase<E extends QueueEntryImpl<E,Q,L>, Q extends * Tests that all messages including dequeued one are deleted from the queue * on invocation of {@link SimpleAMQQueue#clearQueue()} */ - public void testClearQueueWithDequeuedEntry() + public void testClearQueueWithDequeuedEntry() throws Exception { int messageNumber = 4; int dequeueMessageIndex = 1; @@ -843,14 +843,7 @@ abstract class SimpleAMQQueueTestBase<E extends QueueEntryImpl<E,Q,L>, Q extends dequeueMessage(_queue, dequeueMessageIndex); // clean queue - try - { - _queue.clearQueue(); - } - catch (AMQException e) - { - fail("Failure to clear queue:" + e.getMessage()); - } + _queue.clearQueue(); // get queue entries List<E> entries = _queue.getMessagesOnTheQueue(); diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/StandardQueueTest.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/StandardQueueTest.java index 58b3531897..6a32eff9ed 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/StandardQueueTest.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/queue/StandardQueueTest.java @@ -144,7 +144,7 @@ public class StandardQueueTest extends SimpleAMQQueueTestBase<StandardQueueEntry /** * Tests that entry in dequeued state are not enqueued and not delivered to consumer */ - public void testEnqueueDequeuedEntry() + public void testEnqueueDequeuedEntry() throws Exception { // create a queue where each even entry is considered a dequeued SimpleAMQQueue queue = new DequeuedQueue(UUIDGenerator.generateRandomUUID(), "test", false, @@ -153,19 +153,12 @@ public class StandardQueueTest extends SimpleAMQQueueTestBase<StandardQueueEntry MockConsumer consumer = new MockConsumer(); // register consumer - try - { - queue.addConsumer(consumer, - null, - createMessage(-1l).getClass(), - "test", - EnumSet.of(Consumer.Option.ACQUIRES, - Consumer.Option.SEES_REQUEUES)); - } - catch (AMQException e) - { - fail("Failure to register consumer:" + e.getMessage()); - } + queue.addConsumer(consumer, + null, + createMessage(-1l).getClass(), + "test", + EnumSet.of(Consumer.Option.ACQUIRES, + Consumer.Option.SEES_REQUEUES)); // put test messages into a queue putGivenNumberOfMessages(queue, 4); @@ -183,7 +176,7 @@ public class StandardQueueTest extends SimpleAMQQueueTestBase<StandardQueueEntry * Tests whether dequeued entry is sent to subscriber in result of * invocation of {@link SimpleAMQQueue#processQueue(QueueRunner)} */ - public void testProcessQueueWithDequeuedEntry() + public void testProcessQueueWithDequeuedEntry() throws Exception { // total number of messages to send int messageNumber = 4; @@ -224,29 +217,23 @@ public class StandardQueueTest extends SimpleAMQQueueTestBase<StandardQueueEntry } }; - try + // subscribe + testQueue.addConsumer(consumer, + null, + entries.get(0).getMessage().getClass(), + "test", + EnumSet.of(Consumer.Option.ACQUIRES, + Consumer.Option.SEES_REQUEUES)); + + // process queue + testQueue.processQueue(new QueueRunner(testQueue) { - // subscribe - testQueue.addConsumer(consumer, - null, - entries.get(0).getMessage().getClass(), - "test", - EnumSet.of(Consumer.Option.ACQUIRES, - Consumer.Option.SEES_REQUEUES)); - - // process queue - testQueue.processQueue(new QueueRunner(testQueue) + public void run() { - public void run() - { - // do nothing - } - }); - } - catch (AMQException e) - { - fail("Failure to process queue:" + e.getMessage()); - } + // do nothing + } + }); + // wait up to 1 minute for message receipt try { diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/util/BrokerTestHelper.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/util/BrokerTestHelper.java index ed1ea01108..a00baebd5e 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/util/BrokerTestHelper.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/util/BrokerTestHelper.java @@ -46,6 +46,7 @@ import org.apache.qpid.server.model.Broker; import org.apache.qpid.server.model.UUIDGenerator; import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.queue.AMQQueueFactory; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.security.SecurityManager; import org.apache.qpid.server.security.SubjectCreator; import org.apache.qpid.server.stats.StatisticsGatherer; @@ -179,7 +180,8 @@ public class BrokerTestHelper return factory.createExchange("amp.direct", "direct", false, false); } - public static AMQQueue createQueue(String queueName, VirtualHost virtualHost) throws AMQException + public static AMQQueue createQueue(String queueName, VirtualHost virtualHost) + throws AMQException, QpidSecurityException { AMQQueue queue = virtualHost.createQueue(UUIDGenerator.generateRandomUUID(), queueName, false, null, false, false, false, Collections.<String, Object>emptyMap()); diff --git a/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerSessionDelegate.java b/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerSessionDelegate.java index d3d53504be..3d50da6ed5 100644 --- a/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerSessionDelegate.java +++ b/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerSessionDelegate.java @@ -42,6 +42,7 @@ import org.apache.qpid.server.model.UUIDGenerator; import org.apache.qpid.server.plugin.ExchangeType; import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.queue.QueueArgumentsConverter; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.security.SecurityManager; import org.apache.qpid.server.store.DurableConfigurationStore; import org.apache.qpid.server.store.MessageStore; @@ -301,6 +302,10 @@ public class ServerSessionDelegate extends SessionDelegate { exception(session, method, e, "Cannot subscribe to queue '" + queueName + "' with destination '" + destination); } + catch (QpidSecurityException e) + { + exception(session, method, ExecutionErrorCode.UNAUTHORIZED_ACCESS, e.getMessage()); + } } } } @@ -786,6 +791,10 @@ public class ServerSessionDelegate extends SessionDelegate { exception(session, method, e, "Cannot declare exchange '" + exchangeName); } + catch (QpidSecurityException e) + { + exception(session, method, ExecutionErrorCode.UNAUTHORIZED_ACCESS, e.getMessage()); + } } @@ -898,6 +907,10 @@ public class ServerSessionDelegate extends SessionDelegate { exception(session, method, e, "Cannot delete exchange '" + method.getExchange() ); } + catch (QpidSecurityException e) + { + exception(session, method, ExecutionErrorCode.UNAUTHORIZED_ACCESS, e.getMessage()); + } } private boolean nameNullOrEmpty(String name) @@ -992,6 +1005,10 @@ public class ServerSessionDelegate extends SessionDelegate { exception(session, method, e, "Cannot add binding '" + method.getBindingKey()); } + catch (QpidSecurityException e) + { + exception(session, method, ExecutionErrorCode.UNAUTHORIZED_ACCESS, e.getMessage()); + } } else { @@ -1045,6 +1062,10 @@ public class ServerSessionDelegate extends SessionDelegate { exception(session, method, e, "Cannot remove binding '" + method.getBindingKey()); } + catch (QpidSecurityException e) + { + exception(session, method, ExecutionErrorCode.UNAUTHORIZED_ACCESS, e.getMessage()); + } } } } @@ -1272,6 +1293,10 @@ public class ServerSessionDelegate extends SessionDelegate { exception(session, method, e, "Cannot delete '" + method.getQueue()); } + catch (QpidSecurityException e) + { + exception(session, method, ExecutionErrorCode.UNAUTHORIZED_ACCESS, e.getMessage()); + } } }; final ServerSession s = (ServerSession) session; @@ -1324,6 +1349,10 @@ public class ServerSessionDelegate extends SessionDelegate { exception(session, method, e, "Cannot declare queue '" + queueName); } + catch (QpidSecurityException e) + { + exception(session, method, ExecutionErrorCode.UNAUTHORIZED_ACCESS, e.getMessage()); + } } } @@ -1401,6 +1430,10 @@ public class ServerSessionDelegate extends SessionDelegate { exception(session, method, e, "Cannot delete queue '" + queueName); } + catch (QpidSecurityException e) + { + exception(session, method, ExecutionErrorCode.UNAUTHORIZED_ACCESS, e.getMessage()); + } } } } @@ -1432,6 +1465,10 @@ public class ServerSessionDelegate extends SessionDelegate { exception(session, method, e, "Cannot purge queue '" + queueName); } + catch (QpidSecurityException e) + { + exception(session, method, ExecutionErrorCode.UNAUTHORIZED_ACCESS, e.getMessage()); + } } } } diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQChannel.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQChannel.java index 5afb2069c1..4eeb9d8fb2 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQChannel.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQChannel.java @@ -29,7 +29,7 @@ import java.util.concurrent.locks.Lock; import org.apache.log4j.Logger; import org.apache.qpid.AMQConnectionException; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.common.AMQPFilterTypes; import org.apache.qpid.framing.AMQMethodBody; import org.apache.qpid.framing.AMQShortString; @@ -262,13 +262,13 @@ public class AMQChannel implements AMQSessionModel, AsyncAutoCommitTransaction.F return _channelId; } - public void setPublishFrame(MessagePublishInfo info, final MessageDestination e) throws AMQSecurityException + public void setPublishFrame(MessagePublishInfo info, final MessageDestination e) throws QpidSecurityException { String routingKey = info.getRoutingKey() == null ? null : info.getRoutingKey().asString(); SecurityManager securityManager = getVirtualHost().getSecurityManager(); if (!securityManager.authorisePublish(info.isImmediate(), routingKey, e.getName())) { - throw new AMQSecurityException("Permission denied: " + e.getName()); + throw new QpidSecurityException("Permission denied: " + e.getName()); } _currentMessage = new IncomingMessage(info); _currentMessage.setMessageDestination(e); @@ -515,7 +515,8 @@ public class AMQChannel implements AMQSessionModel, AsyncAutoCommitTransaction.F * @throws AMQException if something goes wrong */ public AMQShortString consumeFromSource(AMQShortString tag, MessageSource source, boolean acks, - FieldTable filters, boolean exclusive, boolean noLocal) throws AMQException + FieldTable filters, boolean exclusive, boolean noLocal) + throws AMQException, QpidSecurityException { if (tag == null) { @@ -588,6 +589,11 @@ public class AMQChannel implements AMQSessionModel, AsyncAutoCommitTransaction.F _tag2SubscriptionTargetMap.remove(tag); throw e; } + catch (QpidSecurityException e) + { + _tag2SubscriptionTargetMap.remove(tag); + throw e; + } return tag; } diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQProtocolEngine.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQProtocolEngine.java index ba61afc376..329aa396b0 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQProtocolEngine.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/AMQProtocolEngine.java @@ -46,7 +46,7 @@ import org.apache.log4j.Logger; import org.apache.qpid.AMQChannelException; import org.apache.qpid.AMQConnectionException; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.codec.AMQCodecFactory; import org.apache.qpid.common.QpidProperties; import org.apache.qpid.common.ServerPropertyNames; @@ -628,12 +628,6 @@ public class AMQProtocolEngine implements ServerProtocolEngine, AMQProtocolSessi _logger.info(e.getMessage() + " whilst processing:" + methodBody); closeConnection(channelId, e); } - catch (AMQSecurityException e) - { - AMQConnectionException ce = evt.getMethod().getConnectionException(AMQConstant.ACCESS_REFUSED, e.getMessage()); - _logger.info(e.getMessage() + " whilst processing:" + methodBody); - closeConnection(channelId, ce); - } } catch (Exception e) { diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicConsumeMethodHandler.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicConsumeMethodHandler.java index b28bb5a0ad..ad4235b786 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicConsumeMethodHandler.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicConsumeMethodHandler.java @@ -35,6 +35,7 @@ import org.apache.qpid.server.protocol.AMQSessionModel; import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.protocol.v0_8.state.AMQStateManager; import org.apache.qpid.server.protocol.v0_8.state.StateAwareMethodListener; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.virtualhost.VirtualHost; public class BasicConsumeMethodHandler implements StateAwareMethodListener<BasicConsumeBody> @@ -175,6 +176,13 @@ public class BasicConsumeMethodHandler implements StateAwareMethodListener<Basic + queue.getName() + " exclusively as it already has a consumer"); } + catch (QpidSecurityException e) + { + throw body.getChannelException(AMQConstant.ACCESS_REFUSED, + "Cannot subscribe to queue " + + queue.getName() + + " permission denied"); + } } } diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicGetMethodHandler.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicGetMethodHandler.java index fd4324cee0..f55a120a2d 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicGetMethodHandler.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicGetMethodHandler.java @@ -45,6 +45,7 @@ import org.apache.qpid.server.protocol.v0_8.state.StateAwareMethodListener; import org.apache.qpid.server.protocol.v0_8.ClientDeliveryMethod; import org.apache.qpid.server.protocol.v0_8.RecordDeliveryMethod; import org.apache.qpid.server.consumer.Consumer; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.virtualhost.VirtualHost; import java.util.EnumSet; @@ -106,14 +107,22 @@ public class BasicGetMethodHandler implements StateAwareMethodListener<BasicGetB } } - if (!performGet(queue,protocolConnection, channel, !body.getNoAck())) + try { - MethodRegistry methodRegistry = protocolConnection.getMethodRegistry(); - // TODO - set clusterId - BasicGetEmptyBody responseBody = methodRegistry.createBasicGetEmptyBody(null); + if (!performGet(queue,protocolConnection, channel, !body.getNoAck())) + { + MethodRegistry methodRegistry = protocolConnection.getMethodRegistry(); + // TODO - set clusterId + BasicGetEmptyBody responseBody = methodRegistry.createBasicGetEmptyBody(null); - protocolConnection.writeFrame(responseBody.generateFrame(channelId)); + protocolConnection.writeFrame(responseBody.generateFrame(channelId)); + } + } + catch (QpidSecurityException e) + { + throw body.getConnectionException(AMQConstant.ACCESS_REFUSED, + e.getMessage()); } } } @@ -123,7 +132,7 @@ public class BasicGetMethodHandler implements StateAwareMethodListener<BasicGetB final AMQProtocolSession session, final AMQChannel channel, final boolean acks) - throws AMQException + throws AMQException, QpidSecurityException { final FlowCreditManager singleMessageCredit = new MessageOnlyCreditManager(1L); diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicPublishMethodHandler.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicPublishMethodHandler.java index f8a7722447..318efdd125 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicPublishMethodHandler.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/BasicPublishMethodHandler.java @@ -34,6 +34,7 @@ import org.apache.qpid.server.exchange.Exchange; import org.apache.qpid.server.protocol.v0_8.AMQProtocolSession; import org.apache.qpid.server.protocol.v0_8.state.AMQStateManager; import org.apache.qpid.server.protocol.v0_8.state.StateAwareMethodListener; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.virtualhost.VirtualHost; public class BasicPublishMethodHandler implements StateAwareMethodListener<BasicPublishBody> @@ -88,7 +89,14 @@ public class BasicPublishMethodHandler implements StateAwareMethodListener<Basic MessagePublishInfo info = session.getMethodRegistry().getProtocolVersionMethodConverter().convertToInfo(body); info.setExchange(exchangeName); - channel.setPublishFrame(info, exch); + try + { + channel.setPublishFrame(info, exch); + } + catch (QpidSecurityException e) + { + throw body.getConnectionException(AMQConstant.ACCESS_REFUSED, e.getMessage()); + } } } diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ExchangeDeclareHandler.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ExchangeDeclareHandler.java index 154c38a4bf..fa513486a4 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ExchangeDeclareHandler.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ExchangeDeclareHandler.java @@ -35,6 +35,7 @@ import org.apache.qpid.server.exchange.Exchange; import org.apache.qpid.server.protocol.v0_8.AMQProtocolSession; import org.apache.qpid.server.protocol.v0_8.state.AMQStateManager; import org.apache.qpid.server.protocol.v0_8.state.StateAwareMethodListener; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.virtualhost.ExchangeExistsException; import org.apache.qpid.server.virtualhost.ReservedExchangeNameException; import org.apache.qpid.server.virtualhost.VirtualHost; @@ -124,6 +125,10 @@ public class ExchangeDeclareHandler implements StateAwareMethodListener<Exchange { throw body.getConnectionException(AMQConstant.COMMAND_INVALID, "Unknown exchange: " + exchangeName,e); } + catch (QpidSecurityException e) + { + throw body.getConnectionException(AMQConstant.ACCESS_REFUSED, e.getMessage()); + } } diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ExchangeDeleteHandler.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ExchangeDeleteHandler.java index ce377eee78..ea3d7ded4d 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ExchangeDeleteHandler.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/ExchangeDeleteHandler.java @@ -29,6 +29,7 @@ import org.apache.qpid.server.exchange.Exchange; import org.apache.qpid.server.protocol.v0_8.AMQProtocolSession; import org.apache.qpid.server.protocol.v0_8.state.AMQStateManager; import org.apache.qpid.server.protocol.v0_8.state.StateAwareMethodListener; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.virtualhost.ExchangeIsAlternateException; import org.apache.qpid.server.virtualhost.RequiredExchangeException; import org.apache.qpid.server.virtualhost.VirtualHost; @@ -82,5 +83,9 @@ public class ExchangeDeleteHandler implements StateAwareMethodListener<ExchangeD { throw body.getChannelException(AMQConstant.NOT_ALLOWED, "Exchange '"+body.getExchange()+"' cannot be deleted"); } + catch (QpidSecurityException e) + { + throw body.getConnectionException(AMQConstant.ACCESS_REFUSED, e.getMessage()); + } } } diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueBindHandler.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueBindHandler.java index d95d59f75f..401718db88 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueBindHandler.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueBindHandler.java @@ -41,6 +41,7 @@ import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.queue.QueueRegistry; import org.apache.qpid.server.protocol.v0_8.state.AMQStateManager; import org.apache.qpid.server.protocol.v0_8.state.StateAwareMethodListener; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.virtualhost.VirtualHost; import java.util.Map; @@ -147,6 +148,10 @@ public class QueueBindHandler implements StateAwareMethodListener<QueueBindBody> { throw body.getChannelException(AMQConstant.CHANNEL_ERROR, e.toString()); } + catch (QpidSecurityException e) + { + throw body.getConnectionException(AMQConstant.ACCESS_REFUSED, e.getMessage()); + } if (_log.isInfoEnabled()) { diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueDeclareHandler.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueDeclareHandler.java index 263175d590..1286a20970 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueDeclareHandler.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueDeclareHandler.java @@ -39,9 +39,11 @@ import org.apache.qpid.server.queue.QueueArgumentsConverter; import org.apache.qpid.server.queue.QueueRegistry; import org.apache.qpid.server.protocol.v0_8.state.AMQStateManager; import org.apache.qpid.server.protocol.v0_8.state.StateAwareMethodListener; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.store.DurableConfigurationStoreHelper; import org.apache.qpid.server.store.DurableConfigurationStore; import org.apache.qpid.server.util.Action; +import org.apache.qpid.server.util.ConnectionScopedRuntimeException; import org.apache.qpid.server.virtualhost.VirtualHost; import java.util.Map; @@ -185,6 +187,10 @@ public class QueueDeclareHandler implements StateAwareMethodListener<QueueDeclar } } + catch (QpidSecurityException e) + { + throw body.getConnectionException(AMQConstant.ACCESS_REFUSED, e.getMessage()); + } //set this as the default queue on the channel: channel.setDefaultQueue(queue); @@ -213,7 +219,7 @@ public class QueueDeclareHandler implements StateAwareMethodListener<QueueDeclar QueueDeclareBody body, final VirtualHost virtualHost, final AMQProtocolSession session) - throws AMQException + throws AMQException, QpidSecurityException { final boolean durable = body.getDurable(); @@ -239,7 +245,14 @@ public class QueueDeclareHandler implements StateAwareMethodListener<QueueDeclar { if (virtualHost.getQueue(queueName.toString()) == queue) { - virtualHost.removeQueue(queue); + try + { + virtualHost.removeQueue(queue); + } + catch (QpidSecurityException e) + { + throw new ConnectionScopedRuntimeException("Permission exception: Unable to remove a temporary queue created by a session which has now removed itself", e); + } } } }; diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueDeleteHandler.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueDeleteHandler.java index d3c196a789..3a9a6dc44e 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueDeleteHandler.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueDeleteHandler.java @@ -32,6 +32,7 @@ import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.queue.QueueRegistry; import org.apache.qpid.server.protocol.v0_8.state.AMQStateManager; import org.apache.qpid.server.protocol.v0_8.state.StateAwareMethodListener; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.store.DurableConfigurationStore; import org.apache.qpid.server.store.DurableConfigurationStoreHelper; import org.apache.qpid.server.virtualhost.VirtualHost; @@ -111,7 +112,15 @@ public class QueueDeleteHandler implements StateAwareMethodListener<QueueDeleteB "Queue " + queue.getName() + " is exclusive, but not created on this Connection."); } - int purged = virtualHost.removeQueue(queue); + int purged = 0; + try + { + purged = virtualHost.removeQueue(queue); + } + catch (QpidSecurityException e) + { + throw body.getConnectionException(AMQConstant.ACCESS_REFUSED, e.getMessage()); + } MethodRegistry methodRegistry = protocolConnection.getMethodRegistry(); QueueDeleteOkBody responseBody = methodRegistry.createQueueDeleteOkBody(purged); diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueuePurgeHandler.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueuePurgeHandler.java index ff845d3c16..6d8f8e64fc 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueuePurgeHandler.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueuePurgeHandler.java @@ -33,6 +33,7 @@ import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.queue.QueueRegistry; import org.apache.qpid.server.protocol.v0_8.state.AMQStateManager; import org.apache.qpid.server.protocol.v0_8.state.StateAwareMethodListener; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.virtualhost.VirtualHost; public class QueuePurgeHandler implements StateAwareMethodListener<QueuePurgeBody> @@ -103,10 +104,18 @@ public class QueuePurgeHandler implements StateAwareMethodListener<QueuePurgeBod "Queue is exclusive, but not created on this Connection."); } - long purged = queue.clearQueue(); + long purged = 0; + try + { + purged = queue.clearQueue(); + } + catch (QpidSecurityException e) + { + throw body.getConnectionException(AMQConstant.ACCESS_REFUSED, e.getMessage()); + } - if(!body.getNowait()) + if(!body.getNowait()) { channel.sync(); MethodRegistry methodRegistry = protocolConnection.getMethodRegistry(); diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueUnbindHandler.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueUnbindHandler.java index d568e0f581..91025dacf2 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueUnbindHandler.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/main/java/org/apache/qpid/server/protocol/v0_8/handler/QueueUnbindHandler.java @@ -38,6 +38,7 @@ import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.queue.QueueRegistry; import org.apache.qpid.server.protocol.v0_8.state.AMQStateManager; import org.apache.qpid.server.protocol.v0_8.state.StateAwareMethodListener; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.virtualhost.VirtualHost; public class QueueUnbindHandler implements StateAwareMethodListener<QueueUnbindBody> @@ -105,7 +106,14 @@ public class QueueUnbindHandler implements StateAwareMethodListener<QueueUnbindB } else { - exch.removeBinding(String.valueOf(routingKey), queue, FieldTable.convertToMap(body.getArguments())); + try + { + exch.removeBinding(String.valueOf(routingKey), queue, FieldTable.convertToMap(body.getArguments())); + } + catch (QpidSecurityException e) + { + throw body.getConnectionException(AMQConstant.ACCESS_REFUSED, e.getMessage()); + } } diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AckTest.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AckTest.java index c805956b83..23c32f988d 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AckTest.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AckTest.java @@ -177,7 +177,7 @@ public class AckTest extends QpidTestCase * Tests that the acknowledgements are correctly associated with a channel and * order is preserved when acks are enabled */ - public void testAckChannelAssociationTest() throws AMQException + public void testAckChannelAssociationTest() throws Exception { _subscriptionTarget = ConsumerTarget_0_8.createAckTarget(_channel, DEFAULT_CONSUMER_TAG, @@ -206,7 +206,7 @@ public class AckTest extends QpidTestCase /** * Tests that in no-ack mode no messages are retained */ - public void testNoAckMode() throws AMQException + public void testNoAckMode() throws Exception { // false arg means no acks expected _subscriptionTarget = ConsumerTarget_0_8.createNoAckTarget(_channel, @@ -231,7 +231,7 @@ public class AckTest extends QpidTestCase /** * Tests that in no-ack mode no messages are retained */ - public void testPersistentNoAckMode() throws AMQException + public void testPersistentNoAckMode() throws Exception { // false arg means no acks expected @@ -255,7 +255,7 @@ public class AckTest extends QpidTestCase * Tests that a single acknowledgement is handled correctly (i.e multiple flag not * set case) */ - public void testSingleAckReceivedTest() throws AMQException + public void testSingleAckReceivedTest() throws Exception { _subscriptionTarget = ConsumerTarget_0_8.createAckTarget(_channel, @@ -292,7 +292,7 @@ public class AckTest extends QpidTestCase * Tests that a single acknowledgement is handled correctly (i.e multiple flag not * set case) */ - public void testMultiAckReceivedTest() throws AMQException + public void testMultiAckReceivedTest() throws Exception { _subscriptionTarget = ConsumerTarget_0_8.createAckTarget(_channel, @@ -326,7 +326,7 @@ public class AckTest extends QpidTestCase /** * Tests that a multiple acknowledgement is handled correctly. When ack'ing all pending msgs. */ - public void testMultiAckAllReceivedTest() throws AMQException + public void testMultiAckAllReceivedTest() throws Exception { _subscriptionTarget = ConsumerTarget_0_8.createAckTarget(_channel, diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AcknowledgeTest.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AcknowledgeTest.java index f47525097e..9e551c9c01 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AcknowledgeTest.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/AcknowledgeTest.java @@ -84,40 +84,40 @@ public class AcknowledgeTest extends QpidTestCase return _queue; } - public void testTransactionalSingleAck() throws AMQException + public void testTransactionalSingleAck() throws Exception { getChannel().setLocalTransactional(); runMessageAck(1, 1, 1, false, 0); } - public void testTransactionalMultiAck() throws AMQException + public void testTransactionalMultiAck() throws Exception { getChannel().setLocalTransactional(); runMessageAck(10, 1, 5, true, 5); } - public void testTransactionalAckAll() throws AMQException + public void testTransactionalAckAll() throws Exception { getChannel().setLocalTransactional(); runMessageAck(10, 1, 0, true, 0); } - public void testNonTransactionalSingleAck() throws AMQException + public void testNonTransactionalSingleAck() throws Exception { runMessageAck(1, 1, 1, false, 0); } - public void testNonTransactionalMultiAck() throws AMQException + public void testNonTransactionalMultiAck() throws Exception { runMessageAck(10, 1, 5, true, 5); } - public void testNonTransactionalAckAll() throws AMQException + public void testNonTransactionalAckAll() throws Exception { runMessageAck(10, 1, 0, true, 0); } - protected void runMessageAck(int sendMessageCount, long firstDeliveryTag, long acknowledgeDeliveryTag, boolean acknowledgeMultiple, int remainingUnackedMessages) throws AMQException + protected void runMessageAck(int sendMessageCount, long firstDeliveryTag, long acknowledgeDeliveryTag, boolean acknowledgeMultiple, int remainingUnackedMessages) throws Exception { //Check store is empty checkStoreContents(0); diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/BrokerTestHelper_0_8.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/BrokerTestHelper_0_8.java index 991a0272d4..845c1d55b4 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/BrokerTestHelper_0_8.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/BrokerTestHelper_0_8.java @@ -26,6 +26,7 @@ import org.apache.qpid.framing.BasicContentHeaderProperties; import org.apache.qpid.framing.ContentHeaderBody; import org.apache.qpid.framing.abstraction.MessagePublishInfo; import org.apache.qpid.server.exchange.Exchange; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.util.BrokerTestHelper; import org.apache.qpid.server.virtualhost.VirtualHost; @@ -64,7 +65,8 @@ public class BrokerTestHelper_0_8 extends BrokerTestHelper return new InternalTestProtocolSession(virtualHost, createBrokerMock()); } - public static void publishMessages(AMQChannel channel, int numberOfMessages, String queueName, String exchangeName) throws AMQException + public static void publishMessages(AMQChannel channel, int numberOfMessages, String queueName, String exchangeName) + throws AMQException, QpidSecurityException { AMQShortString routingKey = new AMQShortString(queueName); AMQShortString exchangeNameAsShortString = new AMQShortString(exchangeName); diff --git a/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/QueueBrowserUsesNoAckTest.java b/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/QueueBrowserUsesNoAckTest.java index dc687e1075..e213aa8a20 100644 --- a/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/QueueBrowserUsesNoAckTest.java +++ b/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/QueueBrowserUsesNoAckTest.java @@ -85,7 +85,7 @@ public class QueueBrowserUsesNoAckTest extends QpidTestCase return _queue; } - public void testQueueBrowserUsesNoAck() throws AMQException + public void testQueueBrowserUsesNoAck() throws Exception { int sendMessageCount = 2; int prefetch = 1; @@ -136,7 +136,7 @@ public class QueueBrowserUsesNoAckTest extends QpidTestCase assertEquals("Message header count incorrect in the MetaDataMap", messageCount, ((TestableMemoryMessageStore) _messageStore).getMessageCount()); } - private AMQShortString browse(AMQChannel channel, AMQQueue queue) throws AMQException + private AMQShortString browse(AMQChannel channel, AMQQueue queue) throws Exception { FieldTable filters = new FieldTable(); filters.put(AMQPFilterTypes.NO_CONSUME.getValue(), true); diff --git a/qpid/java/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/SendingLink_1_0.java b/qpid/java/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/SendingLink_1_0.java index f796a4b2e3..56b574685f 100644 --- a/qpid/java/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/SendingLink_1_0.java +++ b/qpid/java/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/SendingLink_1_0.java @@ -32,7 +32,7 @@ import java.util.concurrent.ConcurrentHashMap; import org.apache.log4j.Logger; import org.apache.qpid.AMQException; import org.apache.qpid.AMQInternalException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.amqp_1_0.transport.DeliveryStateHandler; import org.apache.qpid.amqp_1_0.transport.LinkEndpoint; import org.apache.qpid.amqp_1_0.transport.SendingLinkEndpoint; @@ -329,6 +329,11 @@ public class SendingLink_1_0 implements SendingLinkListener, Link_1_0, DeliveryS //TODO _logger.error("Error removing queue", e); } + catch (QpidSecurityException e) + { + //TODO + _logger.error("Error removing queue", e); + } } } }; @@ -348,7 +353,7 @@ public class SendingLink_1_0 implements SendingLinkListener, Link_1_0, DeliveryS qd = new QueueDestination(queue); } - catch (AMQSecurityException e) + catch (QpidSecurityException e) { _logger.error("Security error", e); throw new RuntimeException(e); @@ -403,6 +408,11 @@ public class SendingLink_1_0 implements SendingLinkListener, Link_1_0, DeliveryS //TODO _logger.error("Error registering subscription", e); } + catch (QpidSecurityException e) + { + //TODO + _logger.error("Error registering subscription", e); + } } } @@ -455,7 +465,12 @@ public class SendingLink_1_0 implements SendingLinkListener, Link_1_0, DeliveryS catch(AMQException e) { //TODO - _logger.error("Error removing queue", e); + _logger.error("Error registering subscription", e); + } + catch (QpidSecurityException e) + { + //TODO + _logger.error("Error registering subscription", e); } } diff --git a/qpid/java/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/Session_1_0.java b/qpid/java/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/Session_1_0.java index beed6be84b..a0b2fc5289 100644 --- a/qpid/java/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/Session_1_0.java +++ b/qpid/java/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/server/protocol/v1_0/Session_1_0.java @@ -37,7 +37,7 @@ import org.apache.qpid.amqp_1_0.type.transport.*; import org.apache.qpid.amqp_1_0.type.transport.Error; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.protocol.AMQConstant; import org.apache.qpid.server.exchange.Exchange; import org.apache.qpid.server.logging.LogSubject; @@ -362,6 +362,11 @@ public class Session_1_0 implements SessionEventListener, AMQSessionModel, LogSu //TODO _logger.error("Error removing queue from vhost", e); } + catch (QpidSecurityException e) + { + //TODO + _logger.error("Error removing queue from vhost", e); + } } } }; @@ -391,7 +396,7 @@ public class Session_1_0 implements SessionEventListener, AMQSessionModel, LogSu } } - catch (AMQSecurityException e) + catch (QpidSecurityException e) { //TODO _logger.error("Security error", e); diff --git a/qpid/java/broker-plugins/management-amqp/src/main/java/org/apache/qpid/server/management/amqp/ManagementNode.java b/qpid/java/broker-plugins/management-amqp/src/main/java/org/apache/qpid/server/management/amqp/ManagementNode.java index 2cb4e50415..4921db5c07 100644 --- a/qpid/java/broker-plugins/management-amqp/src/main/java/org/apache/qpid/server/management/amqp/ManagementNode.java +++ b/qpid/java/broker-plugins/management-amqp/src/main/java/org/apache/qpid/server/management/amqp/ManagementNode.java @@ -21,7 +21,7 @@ package org.apache.qpid.server.management.amqp; import org.apache.qpid.AMQException; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.consumer.Consumer; import org.apache.qpid.server.consumer.ConsumerTarget; import org.apache.qpid.server.filter.FilterManager; @@ -373,7 +373,7 @@ class ManagementNode implements MessageSource<ManagementNodeConsumer,ManagementN } catch(RuntimeException e) { - if (e instanceof AccessControlException || e.getCause() instanceof AMQSecurityException) + if (e instanceof AccessControlException || e.getCause() instanceof QpidSecurityException) { response = createFailureResponse(message, STATUS_CODE_FORBIDDEN, e.getMessage()); } @@ -478,7 +478,7 @@ class ManagementNode implements MessageSource<ManagementNodeConsumer,ManagementN } catch(RuntimeException e) { - if (e instanceof AccessControlException || e.getCause() instanceof AMQSecurityException) + if (e instanceof AccessControlException || e.getCause() instanceof QpidSecurityException) { responseHeader.setHeader(STATUS_CODE_HEADER, STATUS_CODE_FORBIDDEN); } @@ -516,7 +516,7 @@ class ManagementNode implements MessageSource<ManagementNodeConsumer,ManagementN } catch(RuntimeException e) { - if (e instanceof AccessControlException || e.getCause() instanceof AMQSecurityException) + if (e instanceof AccessControlException || e.getCause() instanceof QpidSecurityException) { return createFailureResponse(requestMessage, STATUS_CODE_FORBIDDEN, e.getMessage()); } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java index ca11bd9465..45e0c2dab8 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java @@ -27,7 +27,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.log4j.Logger; -import org.apache.qpid.AMQSecurityException; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.model.*; import org.codehaus.jackson.map.ObjectMapper; import org.codehaus.jackson.map.SerializationConfig; @@ -498,7 +498,7 @@ public class RestServlet extends AbstractServlet private void setResponseStatus(HttpServletResponse response, RuntimeException e) throws IOException { - if (e instanceof AccessControlException || e.getCause() instanceof AMQSecurityException) + if (e instanceof AccessControlException || e.getCause() instanceof QpidSecurityException) { if (LOGGER.isDebugEnabled()) { diff --git a/qpid/java/systests/src/main/java/org/apache/qpid/server/store/MessageStoreTest.java b/qpid/java/systests/src/main/java/org/apache/qpid/server/store/MessageStoreTest.java index de36c6e413..bdcdbe23c2 100644 --- a/qpid/java/systests/src/main/java/org/apache/qpid/server/store/MessageStoreTest.java +++ b/qpid/java/systests/src/main/java/org/apache/qpid/server/store/MessageStoreTest.java @@ -51,6 +51,7 @@ import org.apache.qpid.server.queue.PriorityQueue; import org.apache.qpid.server.queue.AMQQueue; import org.apache.qpid.server.queue.ConflationQueue; import org.apache.qpid.server.queue.StandardQueue; +import org.apache.qpid.server.security.QpidSecurityException; import org.apache.qpid.server.txn.AutoCommitTransaction; import org.apache.qpid.server.txn.ServerTransaction; import org.apache.qpid.server.util.BrokerTestHelper; @@ -630,7 +631,7 @@ public class MessageStoreTest extends QpidTestCase } - private void createAllQueues() + private void createAllQueues() throws Exception { //Register Durable Priority Queue createQueue(durablePriorityQueueName, true, true, false, false); @@ -651,7 +652,7 @@ public class MessageStoreTest extends QpidTestCase createQueue(queueName, false, false, false, false); } - private void createAllTopicQueues() + private void createAllTopicQueues() throws Exception { //Register Durable Priority Queue createQueue(durablePriorityTopicQueueName, true, true, false, false); @@ -667,6 +668,7 @@ public class MessageStoreTest extends QpidTestCase } private void createQueue(String queueName, boolean usePriority, boolean durable, boolean exclusive, boolean lastValueQueue) + throws Exception { Map<String,Object> queueArguments = null; @@ -689,22 +691,16 @@ public class MessageStoreTest extends QpidTestCase AMQQueue queue = null; //Ideally we would be able to use the QueueDeclareHandler here. - try - { - queue = getVirtualHost().createQueue(UUIDGenerator.generateRandomUUID(), queueName, durable, queueOwner, false, exclusive, - false, queueArguments); + queue = getVirtualHost().createQueue(UUIDGenerator.generateRandomUUID(), queueName, durable, queueOwner, false, exclusive, + false, queueArguments); + + validateQueueProperties(queue, usePriority, durable, exclusive, lastValueQueue); - validateQueueProperties(queue, usePriority, durable, exclusive, lastValueQueue); - } - catch (AMQException e) - { - fail(e.getMessage()); - } } - private Map<String, Exchange> createExchanges() + private Map<String, Exchange> createExchanges() throws Exception { Map<String, Exchange> exchanges = new HashMap<String, Exchange>(); @@ -718,18 +714,11 @@ public class MessageStoreTest extends QpidTestCase return exchanges; } - private Exchange createExchange(ExchangeType<?> type, String name, boolean durable) + private Exchange createExchange(ExchangeType<?> type, String name, boolean durable) throws Exception { Exchange exchange = null; - try - { - exchange = getVirtualHost().createExchange(null, name, type.getType(), durable, false, null); - } - catch (AMQException e) - { - fail(e.getMessage()); - } + exchange = getVirtualHost().createExchange(null, name, type.getType(), durable, false, null); return exchange; } |