QPID-6295 : [Java Broker] Allow ACL configuration file to be stored as a data:// URL inside the config

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1648994 13f79535-47bb-0310-9956-ffa450edef68
author: Robert Godfrey <rgodfrey@apache.org> 2015-01-02 10:20:35 +0000
committer: Robert Godfrey <rgodfrey@apache.org> 2015-01-02 10:20:35 +0000
commit: b8ea17f07b61ec9166be66ec251b39decfbb1e20 (patch)
tree: 37f43c1b47c8bc66c8f2cbe8144efde2db0923e8 /qpid/java
parent: 6631e8e980107ad609105d4ef1bb2ee5c4275e8b (diff)
download: qpid-python-b8ea17f07b61ec9166be66ec251b39decfbb1e20.tar.gz
8 files changed, 97 insertions, 176 deletions
diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AbstractConfiguration.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AbstractConfiguration.java
deleted file mode 100644
index e15361acfe..0000000000
--- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AbstractConfiguration.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * 
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- * 
- *   http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * 
- */
-package org.apache.qpid.server.security.access.config;
-
-import org.apache.qpid.server.logging.EventLogger;
-import org.apache.qpid.server.logging.EventLoggerProvider;
-
-import java.io.File;
-
-public abstract class AbstractConfiguration implements ConfigurationFile
-{
-    private File _file;
-    private RuleSet _config;
-    private final EventLoggerProvider _eventLogger;
-
-    public AbstractConfiguration(File file, final EventLoggerProvider eventLogger)
-    {
-        _file = file;
-        _eventLogger = eventLogger;
-    }
-    
-    public File getFile()
-    {
-        return _file;
-    }
-    
-    public RuleSet load()
-    {
-        _config = new RuleSet(_eventLogger);
-        return _config;
-    }
-    
-    public RuleSet getConfiguration()
-    {
-        return _config;
-    }
-        
-    public boolean save(RuleSet configuration)
-    {
-        return true;
-    }
-    
-    public RuleSet reload()
-    {
-        RuleSet oldRules = _config;
-        
-        try
-        {
-            RuleSet newRules = load();
-            _config = newRules;
-        }
-        catch (Exception e)
-        {
-            _config = oldRules;
-        }
-        
-        return _config;
-    }
-}
diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/ConfigurationFile.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/ConfigurationFile.java
index 966c32e24e..3405b6c155 100644
--- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/ConfigurationFile.java
+++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/ConfigurationFile.java
@@ -20,35 +20,20 @@
  */
 package org.apache.qpid.server.security.access.config;
 
-import java.io.File;
+import java.io.Reader;
 
 import org.apache.qpid.server.configuration.IllegalConfigurationException;
 
 public interface ConfigurationFile
 {
     /**
-     * Return the actual {@link File}  object containing the configuration.
-     */
-    File getFile();
-    
-    /**
      * Load this configuration file's contents into a {@link RuleSet}.
      * @throws IllegalConfigurationException if the configuration file has errors.
      * @throws IllegalArgumentException if individual tokens cannot be parsed.
+     * @param configReader
      */
-    RuleSet load() throws IllegalConfigurationException;
-    
-    /**
-     * Reload this configuration file's contents.
-     * @throws IllegalConfigurationException if the configuration file has errors.
-     * @throws IllegalArgumentException if individual tokens cannot be parsed.
-     */
-    RuleSet reload() throws IllegalConfigurationException;
-        
+    RuleSet load(final Reader configReader) throws IllegalConfigurationException;
+
     RuleSet getConfiguration();
-    
-    /**
-     * TODO document me.
-     */
-    boolean save(RuleSet configuration);
+
 }
diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java
index 8a5dae8244..5ed28b679a 100644
--- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java
+++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java
@@ -21,10 +21,9 @@
 package org.apache.qpid.server.security.access.config;
 
 import java.io.BufferedReader;
-import java.io.File;
 import java.io.FileNotFoundException;
-import java.io.FileReader;
 import java.io.IOException;
+import java.io.Reader;
 import java.io.StreamTokenizer;
 import java.util.HashMap;
 import java.util.Iterator;
@@ -34,14 +33,14 @@ import java.util.Stack;
 
 import org.apache.commons.lang.StringUtils;
 import org.apache.log4j.Logger;
+
 import org.apache.qpid.server.configuration.IllegalConfigurationException;
-import org.apache.qpid.server.logging.EventLogger;
 import org.apache.qpid.server.logging.EventLoggerProvider;
 import org.apache.qpid.server.security.access.ObjectType;
 import org.apache.qpid.server.security.access.Operation;
 import org.apache.qpid.server.security.access.Permission;
 
-public class PlainConfiguration extends AbstractConfiguration
+public class PlainConfiguration implements ConfigurationFile
 {
     private static final Logger _logger = Logger.getLogger(PlainConfiguration.class);
 
@@ -66,30 +65,30 @@ public class PlainConfiguration extends AbstractConfiguration
     static final String PROPERTY_KEY_ONLY_MSG = "Incomplete property (key only) at line %d";
     static final String PROPERTY_NO_EQUALS_MSG = "Incomplete property (no equals) at line %d";
     static final String PROPERTY_NO_VALUE_MSG = "Incomplete property (no value) at line %d";
+    private final EventLoggerProvider _eventLogger;
+    private final String _name;
 
     private StreamTokenizer _st;
+    private RuleSet _config;
 
-    public PlainConfiguration(File file, final EventLoggerProvider eventLogger)
+    public PlainConfiguration(String name, final EventLoggerProvider eventLogger)
     {
-        super(file, eventLogger);
+        _eventLogger = eventLogger;
+        _name = name;
     }
 
     @Override
-    public RuleSet load()
+    public RuleSet load(final Reader configReader)
     {
-        RuleSet ruleSet = super.load();
-
-        File file = getFile();
-        FileReader fileReader = null;
+        _config = new RuleSet(_eventLogger);
 
-        try
+        try(Reader fileReader = configReader)
         {
             if(_logger.isDebugEnabled())
             {
-                _logger.debug("About to load ACL file " + file);
+                _logger.debug("About to load ACL file");
             }
 
-            fileReader = new FileReader(file);
             _st = new StreamTokenizer(new BufferedReader(fileReader));
             _st.resetSyntax(); // setup the tokenizer
 
@@ -209,29 +208,14 @@ public class PlainConfiguration extends AbstractConfiguration
         }
         catch (FileNotFoundException fnfe)
         {
-            throw new IllegalConfigurationException(String.format(CONFIG_NOT_FOUND_MSG, file.getName()), fnfe);
+            throw new IllegalConfigurationException(String.format(CONFIG_NOT_FOUND_MSG, _name), fnfe);
         }
         catch (IOException ioe)
         {
-            throw new IllegalConfigurationException(String.format(CANNOT_LOAD_MSG, file.getName()), ioe);
-        }
-        finally
-        {
-            if(fileReader != null)
-            {
-                try
-                {
-                    fileReader.close();
-                }
-                catch (IOException e)
-                {
-                    throw new IllegalConfigurationException(String.format(CANNOT_CLOSE_MSG, file.getName()), e);
-                }
-            }
+            throw new IllegalConfigurationException(String.format(CANNOT_LOAD_MSG, _name), ioe);
         }
 
-
-        return ruleSet;
+        return _config;
     }
 
     private void parseAcl(Integer number, List<String> args)
@@ -333,4 +317,10 @@ public class PlainConfiguration extends AbstractConfiguration
     {
         return _st.lineno() - 1;
     }
+
+    public RuleSet getConfiguration()
+    {
+        return _config;
+    }
+
 }
diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java
index 1adc6561c7..1449b53beb 100644
--- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java
+++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java
@@ -39,6 +39,7 @@ import org.apache.qpid.server.model.State;
 import org.apache.qpid.server.model.StateTransition;
 import org.apache.qpid.server.security.AccessControl;
 import org.apache.qpid.server.security.access.Operation;
+import org.apache.qpid.server.util.urlstreamhandler.data.Handler;
 
 public class ACLFileAccessControlProviderImpl
         extends AbstractConfiguredObject<ACLFileAccessControlProviderImpl>
@@ -46,6 +47,11 @@ public class ACLFileAccessControlProviderImpl
 {
     private static final Logger LOGGER = Logger.getLogger(ACLFileAccessControlProviderImpl.class);
 
+    static
+    {
+        Handler.register();
+    }
+
     protected DefaultAccessControl _accessControl;
     protected final Broker _broker;
 
@@ -94,6 +100,7 @@ public class ACLFileAccessControlProviderImpl
         }
         catch(RuntimeException e)
         {
+            e.printStackTrace();
             throw new IllegalConfigurationException(e.getMessage(), e);
         }
         finally
diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java
index c42dc88d53..2998252b51 100644
--- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java
+++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/DefaultAccessControl.java
@@ -21,9 +21,14 @@
 package org.apache.qpid.server.security.access.plugins;
 
 import java.io.File;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.Reader;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
+import java.net.MalformedURLException;
 import java.net.SocketAddress;
+import java.net.URL;
 import java.security.AccessController;
 import java.util.Set;
 
@@ -47,46 +52,81 @@ import org.apache.qpid.server.security.access.config.RuleSet;
 public class DefaultAccessControl implements AccessControl
 {
     private static final Logger _logger = Logger.getLogger(DefaultAccessControl.class);
+    private final String _fileName;
 
     private RuleSet _ruleSet;
-    private File _aclFile;
     private final EventLoggerProvider _eventLogger;
 
-    public DefaultAccessControl(String fileName, final EventLoggerProvider eventLogger)
+    public DefaultAccessControl(String name, final EventLoggerProvider eventLogger)
     {
+        _fileName = name;
         _eventLogger = eventLogger;
         if (_logger.isDebugEnabled())
         {
-            _logger.debug("Creating AccessControl instance using file: " + fileName);
+            _logger.debug("Creating AccessControl instance");
         }
-
-        _aclFile = new File(fileName);
     }
 
     DefaultAccessControl(RuleSet rs)
     {
+        _fileName = null;
         _ruleSet = rs;
         _eventLogger = rs;
     }
 
     public void open()
     {
-        if(_aclFile != null)
+        if(_fileName != null)
         {
-            if (!validate())
-            {
-                throw new IllegalConfigurationException("ACL file '" + _aclFile + "' is not found");
-            }
-
-            ConfigurationFile configFile = new PlainConfiguration(_aclFile, _eventLogger);
-            _ruleSet = configFile.load();
+            ConfigurationFile configFile = new PlainConfiguration(_fileName, _eventLogger);
+            _ruleSet = configFile.load(getReaderFromURLString(_fileName));
         }
     }
 
     @Override
     public boolean validate()
     {
-        return _aclFile.exists();
+        try
+        {
+            getReaderFromURLString(_fileName);
+            return true;
+        }
+        catch(IllegalConfigurationException e)
+        {
+            return false;
+        }
+    }
+
+
+    private static Reader getReaderFromURLString(String urlString)
+    {
+        try
+        {
+            URL url;
+
+            try
+            {
+                url = new URL(urlString);
+            }
+            catch (MalformedURLException e)
+            {
+                File file = new File(urlString);
+                try
+                {
+                    url = file.toURI().toURL();
+                }
+                catch (MalformedURLException notAFile)
+                {
+                    throw new IllegalConfigurationException("Cannot convert " + urlString + " to a readable resource");
+                }
+
+            }
+            return new InputStreamReader(url.openStream());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalConfigurationException("Cannot convert " + urlString + " to a readable resource");
+        }
     }
 
     @Override
@@ -104,16 +144,10 @@ public class DefaultAccessControl implements AccessControl
     @Override
     public void onCreate()
     {
-        if(_aclFile != null)
+        if(_fileName != null)
         {
-            //verify it exists
-            if (!validate())
-            {
-                throw new IllegalConfigurationException("ACL file '" + _aclFile + "' is not found");
-            }
-
             //verify it is parsable
-            new PlainConfiguration(_aclFile, _eventLogger).load();
+            new PlainConfiguration(_fileName, _eventLogger).load(getReaderFromURLString(_fileName));
         }
     }
 
diff --git a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java
index 6ac21f856a..76435cbae4 100644
--- a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java
+++ b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/PlainConfigurationTest.java
@@ -18,8 +18,10 @@
  */
 package org.apache.qpid.server.security.access.config;
 
+import static org.mockito.Mockito.mock;
+
 import java.io.File;
-import java.io.FileNotFoundException;
+import java.io.FileReader;
 import java.io.FileWriter;
 import java.io.PrintWriter;
 import java.util.Map;
@@ -27,15 +29,12 @@ import java.util.Map;
 import junit.framework.TestCase;
 
 import org.apache.qpid.server.configuration.IllegalConfigurationException;
-import org.apache.qpid.server.logging.EventLogger;
 import org.apache.qpid.server.logging.EventLoggerProvider;
 import org.apache.qpid.server.security.access.ObjectProperties;
 import org.apache.qpid.server.security.access.ObjectProperties.Property;
 import org.apache.qpid.server.security.access.ObjectType;
 import org.apache.qpid.server.security.access.Operation;
 
-import static org.mockito.Mockito.mock;
-
 public class PlainConfigurationTest extends TestCase
 {
     private PlainConfiguration writeACLConfig(String...aclData) throws Exception
@@ -52,28 +51,11 @@ public class PlainConfigurationTest extends TestCase
         aclWriter.close();
 
         // Load ruleset
-        PlainConfiguration configFile = new PlainConfiguration(acl, mock(EventLoggerProvider.class));
-        configFile.load();
+        PlainConfiguration configFile = new PlainConfiguration(acl.getName(), mock(EventLoggerProvider.class));
+        configFile.load(new FileReader(acl));
         return configFile;
     }
 
-    public void testMissingACLConfig() throws Exception
-    {
-        try
-        {
-            // Load ruleset
-            ConfigurationFile configFile = new PlainConfiguration(new File("doesnotexist"), mock(EventLoggerProvider.class));
-            configFile.load();
-
-            fail("fail");
-        }
-        catch (IllegalConfigurationException ce)
-        {
-            assertEquals(String.format(PlainConfiguration.CONFIG_NOT_FOUND_MSG, "doesnotexist"), ce.getMessage());
-            assertTrue(ce.getCause() instanceof FileNotFoundException);
-        }
-    }
-
     public void testACLFileSyntaxContinuation() throws Exception
     {
         try
diff --git a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderFactoryTest.java b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderFactoryTest.java
index 49697cf5b7..a34ac16e80 100644
--- a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderFactoryTest.java
+++ b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderFactoryTest.java
@@ -107,7 +107,7 @@ public class ACLFileAccessControlProviderFactoryTest extends QpidTestCase
         }
         catch (IllegalConfigurationException e)
         {
-            assertTrue("Unexpected exception message: " + e.getMessage(), Pattern.matches("ACL file '.*' is not found", e.getMessage()));
+            assertTrue("Unexpected exception message: " + e.getMessage(), Pattern.matches("Cannot convert .* to a readable resource", e.getMessage()));
         }
     }
 }
diff --git a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImplTest.java b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImplTest.java
index 005d2a95bc..82c209bb6f 100644
--- a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImplTest.java
+++ b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImplTest.java
@@ -73,7 +73,7 @@ public class ACLFileAccessControlProviderImplTest extends QpidTestCase
         }
         catch (IllegalConfigurationException e)
         {
-            assertEquals("Unexpected exception message:" + e.getMessage(), String.format("ACL file '%s' is not found", aclFilePath ), e.getMessage());
+            assertEquals("Unexpected exception message:" + e.getMessage(), String.format("Cannot convert %s to a readable resource", aclFilePath ), e.getMessage());
         }
     }
author	Robert Godfrey <rgodfrey@apache.org>	2015-01-02 10:20:35 +0000
committer	Robert Godfrey <rgodfrey@apache.org>	2015-01-02 10:20:35 +0000
commit	b8ea17f07b61ec9166be66ec251b39decfbb1e20 (patch)
tree	37f43c1b47c8bc66c8f2cbe8144efde2db0923e8 /qpid/java
parent	6631e8e980107ad609105d4ef1bb2ee5c4275e8b (diff)
download	qpid-python-b8ea17f07b61ec9166be66ec251b39decfbb1e20.tar.gz