QPID-6295 : [Java Broker] reload ACL config when the file value is changed

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1649587 13f79535-47bb-0310-9956-ffa450edef68

2 files changed, 25 insertions, 5 deletions

diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java
index 1449b53beb..00b42094b1 100644
--- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java
+++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java
@@ -55,7 +55,7 @@ public class ACLFileAccessControlProviderImpl
     protected DefaultAccessControl _accessControl;
     protected final Broker _broker;
 
-    @ManagedAttributeField
+    @ManagedAttributeField( afterSet = "reloadAclFile")
     private String _path;
 
     @ManagedObjectFactoryConstructor
@@ -100,7 +100,6 @@ public class ACLFileAccessControlProviderImpl
         }
         catch(RuntimeException e)
         {
-            e.printStackTrace();
             throw new IllegalConfigurationException(e.getMessage(), e);
         }
         finally
@@ -119,6 +118,26 @@ public class ACLFileAccessControlProviderImpl
         _accessControl = new DefaultAccessControl(getPath(), _broker);
     }
 
+    @SuppressWarnings("unused")
+    private void reloadAclFile()
+    {
+        try
+        {
+            DefaultAccessControl accessControl = new DefaultAccessControl(getPath(), _broker);
+            accessControl.open();
+            DefaultAccessControl oldAccessControl = _accessControl;
+            _accessControl = accessControl;
+            if(oldAccessControl != null)
+            {
+                oldAccessControl.close();
+            }
+        }
+        catch(RuntimeException e)
+        {
+            throw new IllegalConfigurationException(e.getMessage(), e);
+        }
+    }
+
     @Override
     public String getPath()
     {
diff --git a/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java b/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
index 8c4effd685..e40add449e 100644
--- a/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
+++ b/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
@@ -795,10 +795,11 @@ public class BrokerACLTest extends QpidRestTestCase
 
         assertAccessControlProviderExistence(accessControlProviderName, true);
 
+        File aclFile = TestFileUtils.createTempFile(this, ".acl", "ACL ALLOW all all");
+
         Map<String, Object> attributes = new HashMap<String, Object>();
-        attributes.put(GroupProvider.NAME, accessControlProviderName);
-        attributes.put(GroupProvider.TYPE, FileBasedGroupProviderImpl.GROUP_FILE_PROVIDER_TYPE);
-        attributes.put(FileBasedGroupProvider.PATH, "/path/to/file");
+        attributes.put(AccessControlProvider.NAME, accessControlProviderName);
+        attributes.put(FileBasedGroupProvider.PATH, aclFile.getAbsolutePath());
         responseCode = getRestTestHelper().submitRequest("accesscontrolprovider/" + accessControlProviderName, "PUT", attributes);
         assertEquals("Setting of access control provider attributes should be allowed", 200, responseCode);
     }