diff options
| author | Alex Rudyy <orudyy@apache.org> | 2015-02-06 17:11:38 +0000 |
|---|---|---|
| committer | Alex Rudyy <orudyy@apache.org> | 2015-02-06 17:11:38 +0000 |
| commit | f0636abb3d7de4b757a4859857dfce004a4d30a3 (patch) | |
| tree | 3b3ecd001fd5ebb66ea8d83807204944dde3ee68 /qpid/java | |
| parent | 0f1feb11d7cbbe40de10a680eb22b28918608615 (diff) | |
| download | qpid-python-f0636abb3d7de4b757a4859857dfce004a4d30a3.tar.gz | |
QPID-6366: [Java Broker] Prevent data urls cluttering the UI and prevent potentially large data url consuming too much bandwidth during the regular REST poll
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1657900 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java')
14 files changed, 106 insertions, 55 deletions
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObject.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObject.java index deda7768f3..7079461a09 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObject.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObject.java @@ -35,6 +35,8 @@ import org.apache.qpid.server.store.ConfiguredObjectRecord; */ public interface ConfiguredObject<X extends ConfiguredObject<X>> { + String OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT = "Value is too long to display"; + String ID = "id"; String NAME = "name"; String TYPE = "type"; diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/FileKeyStore.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/FileKeyStore.java index 775571574f..0607f4b3d3 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/FileKeyStore.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/FileKeyStore.java @@ -62,7 +62,7 @@ public interface FileKeyStore<X extends FileKeyStore<X>> extends KeyStore<X> @ManagedAttribute(defaultValue = "${this:path}") String getDescription(); - @ManagedAttribute( mandatory = true, secure = true) + @ManagedAttribute( mandatory = true, secure = true, oversize = true, oversizedAltText = OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT) String getStoreUrl(); @DerivedAttribute diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/FileTrustStore.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/FileTrustStore.java index f876831724..a8035da5b4 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/FileTrustStore.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/FileTrustStore.java @@ -62,7 +62,7 @@ public interface FileTrustStore<X extends FileTrustStore<X>> extends TrustStore< @ManagedAttribute(defaultValue = "${this:storeUrl}") String getDescription(); - @ManagedAttribute( mandatory = true ) + @ManagedAttribute( mandatory = true, oversize = true, oversizedAltText = OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT) String getStoreUrl(); @DerivedAttribute diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaKeyStore.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaKeyStore.java index 458daa4b7a..78509182b5 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaKeyStore.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaKeyStore.java @@ -31,13 +31,13 @@ public interface NonJavaKeyStore<X extends NonJavaKeyStore<X>> extends KeyStore< @ManagedAttribute(defaultValue = "${this:subjectName}") String getDescription(); - @ManagedAttribute( mandatory = true, secure = true ) + @ManagedAttribute( mandatory = true, secure = true, oversize = true, oversizedAltText = OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT ) String getPrivateKeyUrl(); - @ManagedAttribute( mandatory = true ) + @ManagedAttribute( mandatory = true, oversize = true, oversizedAltText = OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT ) String getCertificateUrl(); - @ManagedAttribute + @ManagedAttribute( oversize = true, oversizedAltText = OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT ) String getIntermediateCertificateUrl(); @DerivedAttribute diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaTrustStore.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaTrustStore.java index f7d970074d..2ae5a329d5 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaTrustStore.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaTrustStore.java @@ -34,7 +34,7 @@ public interface NonJavaTrustStore<X extends NonJavaTrustStore<X>> extends Trust @ManagedAttribute(defaultValue = "${this:certificateDetails}") String getDescription(); - @ManagedAttribute( mandatory = true ) + @ManagedAttribute( mandatory = true, oversize = true, oversizedAltText = OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT ) String getCertificatesUrl(); enum CertificateDetails diff --git a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProvider.java b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProvider.java index b8509ebd39..3e0f5b63f0 100644 --- a/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProvider.java +++ b/qpid/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProvider.java @@ -27,6 +27,6 @@ import org.apache.qpid.server.model.ManagedObject; @ManagedObject( category = false, type="AclFile" ) public interface ACLFileAccessControlProvider<X extends ACLFileAccessControlProvider<X>> extends AccessControlProvider<X> { - @ManagedAttribute( mandatory = true, description = "File location" ) + @ManagedAttribute( mandatory = true, description = "File location", oversize = true, oversizedAltText = OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT) String getPath(); } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MetaDataServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MetaDataServlet.java index 9b384cd36f..b995bb442c 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MetaDataServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MetaDataServlet.java @@ -188,7 +188,10 @@ public class MetaDataServlet extends AbstractServlet { attrDetails.put("secure",attribute.isSecure()); } - + if(attribute.isOversized()) + { + attrDetails.put("oversize", attribute.isOversized()); + } attributeDetails.put(attribute.getName(), attrDetails); } return attributeDetails; diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/ResourceWidget.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/ResourceWidget.js index 7b1663ac5d..f603c96ff3 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/ResourceWidget.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/ResourceWidget.js @@ -168,6 +168,10 @@ function (declare, array, lang, util, _WidgetBase, _TemplatedMixin, _WidgetsInTe { console.log(message); } + }, + _setPlaceHolderAttr: function(newValue) + { + this.resourceLocation.set("placeHolder", newValue); } } ); diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/filekeystore/add.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/filekeystore/add.js index feb7da1864..b4c45d8f99 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/filekeystore/add.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/filekeystore/add.js @@ -52,13 +52,15 @@ define(["dojo/dom","dojo/query", "dojo/_base/array", "dijit/registry","qpid/comm var name = item.id.replace("addStore.",""); if (name in attributes ) { - if (item.type != "password") + var attribute = attributes[name]; + if (attribute.secure || attribute.oversize) { - item.set("value", effectiveData[name]); + item.set("required", false); + item.set("placeHolder", effectiveData[name]); } else { - item.set("required", effectiveData?false:true); + item.set("value", effectiveData[name]); } } }); diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/filetruststore/add.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/filetruststore/add.js index b55affb33b..e04ee1a835 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/filetruststore/add.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/filetruststore/add.js @@ -53,13 +53,15 @@ define(["dojo/dom","dojo/query", "dojo/_base/array", "dijit/registry","qpid/comm var name = item.id.replace("addStore.",""); if (name in attributes ) { - if (item.type != "password") + var attribute = attributes[name]; + if (attribute.secure || attribute.oversize) { - item.set("value", effectiveData[name]); + item.set("required", false); + item.set("placeHolder", effectiveData[name]); } else { - item.set("required", effectiveData?false:true); + item.set("value", effectiveData[name]); } } }); diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/nonjavakeystore/add.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/nonjavakeystore/add.js index 989af03832..0d74699d79 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/nonjavakeystore/add.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/nonjavakeystore/add.js @@ -43,15 +43,28 @@ define(["dojo/dom","dojo/query", "dojo/_base/array", "dijit/registry","qpid/comm }, update: function(effectiveData) { - var attributes = metadata.getMetaData("KeyStore", "NonJavaKeyStore").attributes; - var widgets = registry.findWidgets(this.containerNode); - var that=this; - array.forEach(widgets, function(item) - { - var name = item.id.replace("addStore.",""); - var val = effectiveData[name]; - item.set("value", val); - }); + if (effectiveData) + { + var attributes = metadata.getMetaData("KeyStore", "NonJavaKeyStore").attributes; + var widgets = registry.findWidgets(this.containerNode); + array.forEach(widgets, function(item) + { + var name = item.id.replace("addStore.",""); + if (name in attributes ) + { + var attribute = attributes[name]; + if (attribute.oversize || attribute.secure) + { + item.set("required", false); + item.set("placeHolder", effectiveData[name]); + } + else + { + item.set("value", effectiveData[name]); + } + } + }); + } } }; diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/nonjavatruststore/add.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/nonjavatruststore/add.js index 15926d1832..53e3b43082 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/nonjavatruststore/add.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/store/nonjavatruststore/add.js @@ -43,17 +43,28 @@ define(["dojo/dom","dojo/query", "dojo/_base/array", "dijit/registry","qpid/comm }, update: function(effectiveData) { - var attributes = metadata.getMetaData("TrustStore", "NonJavaTrustStore").attributes; - var widgets = registry.findWidgets(this.containerNode); - var that=this; - array.forEach(widgets, function(item) - { - var name = item.id.replace("addStore.",""); - var val = effectiveData[name]; - item.set("value", val); - - }); - + if (effectiveData) + { + var attributes = metadata.getMetaData("TrustStore", "NonJavaTrustStore").attributes; + var widgets = registry.findWidgets(this.containerNode); + array.forEach(widgets, function(item) + { + var name = item.id.replace("addStore.",""); + if (name in attributes ) + { + var attribute = attributes[name]; + if (attribute.oversize || attribute.secure) + { + item.set("required", false); + item.set("placeHolder", effectiveData[name]); + } + else + { + item.set("value", effectiveData[name]); + } + } + }); + } } }; diff --git a/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java b/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java index 772f86edf4..b0e396cf8e 100644 --- a/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java +++ b/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java @@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.qpid.server.model.AbstractConfiguredObject; +import org.apache.qpid.server.model.ConfiguredObject; import org.apache.qpid.server.model.KeyStore; import org.apache.qpid.server.security.FileKeyStore; import org.apache.qpid.test.utils.TestBrokerConfiguration; @@ -98,7 +99,7 @@ public class KeyStoreRestTest extends QpidRestTestCase Map<String, Object> keystore = keyStores.get(0); assertEquals("Unexpected name", name, keystore.get(KeyStore.NAME)); - assertEquals("unexpected data", dataUrlForKeyStore, keystore.get(FileKeyStore.STORE_URL)); + assertEquals("unexpected data", ConfiguredObject.OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, keystore.get(FileKeyStore.STORE_URL)); assertEquals("unexpected password", TestSSLConstants.KEYSTORE_PASSWORD, keystore.get(FileKeyStore.PASSWORD)); assertEquals("unexpected alias", null, keystore.get(FileKeyStore.CERTIFICATE_ALIAS)); } diff --git a/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java b/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java index 5919473676..c1ea83e0dd 100644 --- a/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java +++ b/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java @@ -27,6 +27,7 @@ import java.util.Map; import javax.servlet.http.HttpServletResponse; import org.apache.qpid.server.model.AbstractConfiguredObject; +import org.apache.qpid.server.model.ConfiguredObject; import org.apache.qpid.server.model.TrustStore; import org.apache.qpid.server.security.FileTrustStore; import org.apache.qpid.test.utils.TestBrokerConfiguration; @@ -36,6 +37,7 @@ import org.apache.qpid.util.FileUtils; public class TrustStoreRestTest extends QpidRestTestCase { + @Override public void setUp() throws Exception { @@ -51,8 +53,14 @@ public class TrustStoreRestTest extends QpidRestTestCase List<Map<String, Object>> trustStores = assertNumberOfTrustStores(1); Map<String, Object> truststore = trustStores.get(0); - assertTrustStoreAttributes(truststore, TestBrokerConfiguration.ENTRY_NAME_SSL_TRUSTSTORE, - QPID_HOME + "/../" + TestSSLConstants.BROKER_TRUSTSTORE, false); + assertEquals("default systests trust store is missing", + TestBrokerConfiguration.ENTRY_NAME_SSL_TRUSTSTORE, truststore.get(TrustStore.NAME)); + assertEquals("unexpected store URL", ConfiguredObject.OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, truststore.get(FileTrustStore.STORE_URL)); + assertEquals("unexpected (dummy) password of default systests trust store", + AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD)); + assertEquals("unexpected type of default systests trust store", + java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE)); + assertEquals("unexpected peersOnly value", false, truststore.get(FileTrustStore.PEERS_ONLY)); } public void testCreate() throws Exception @@ -68,7 +76,12 @@ public class TrustStoreRestTest extends QpidRestTestCase List<Map<String, Object>> trustStores = getRestTestHelper().getJsonAsList("truststore/" + name); assertNotNull("details cannot be null", trustStores); - assertTrustStoreAttributes(trustStores.get(0), name, TestSSLConstants.TRUSTSTORE, true); + Map<String, Object> truststore = trustStores.get(0); + assertEquals("unexpected trust store name", name, truststore.get(TrustStore.NAME)); + assertEquals("unexpected store URL", TestSSLConstants.TRUSTSTORE, truststore.get(FileTrustStore.STORE_URL)); + assertEquals("unexpected password value", AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD)); + assertEquals("unexpected type", java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE)); + assertEquals("unexpected peersOnly value", true, truststore.get(FileTrustStore.PEERS_ONLY)); } public void testCreateUsingDataUrl() throws Exception @@ -88,7 +101,12 @@ public class TrustStoreRestTest extends QpidRestTestCase List<Map<String, Object>> trustStores = getRestTestHelper().getJsonAsList("truststore/" + name); assertNotNull("details cannot be null", trustStores); - assertTrustStoreAttributes(trustStores.get(0), name, dataUrlForTruststore, false); + Map<String, Object> truststore = trustStores.get(0); + assertEquals("nexpected trust store name", name, truststore.get(TrustStore.NAME)); + assertEquals("unexpected store URL value", ConfiguredObject.OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, truststore.get(FileTrustStore.STORE_URL)); + assertEquals("unexpected password value", AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD)); + assertEquals("unexpected type of trust store", java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE)); + assertEquals("unexpected peersOnly value", false, truststore.get(FileTrustStore.PEERS_ONLY)); } public void testDelete() throws Exception @@ -110,8 +128,11 @@ public class TrustStoreRestTest extends QpidRestTestCase //check only the default systests trust store remains List<Map<String, Object>> trustStores = assertNumberOfTrustStores(1); Map<String, Object> truststore = trustStores.get(0); - assertTrustStoreAttributes(truststore, TestBrokerConfiguration.ENTRY_NAME_SSL_TRUSTSTORE, - QPID_HOME + "/../" + TestSSLConstants.BROKER_TRUSTSTORE, false); + assertEquals("unexpected name", TestBrokerConfiguration.ENTRY_NAME_SSL_TRUSTSTORE, truststore.get(TrustStore.NAME)); + assertEquals("unexpected store URL value", ConfiguredObject.OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, truststore.get(FileTrustStore.STORE_URL)); + assertEquals("unexpected password value", AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD)); + assertEquals("unexpected type of trust store", java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE)); + assertEquals("unexpected peersOnly value", false, truststore.get(FileTrustStore.PEERS_ONLY)); } @@ -134,7 +155,12 @@ public class TrustStoreRestTest extends QpidRestTestCase List<Map<String, Object>> trustStore = getRestTestHelper().getJsonAsList("truststore/" + name); assertNotNull("details should not be null", trustStore); - assertTrustStoreAttributes(trustStore.get(0), name, TestSSLConstants.TRUSTSTORE, false); + Map<String, Object> truststore = trustStore.get(0); + assertEquals("unexpected name", name, truststore.get(TrustStore.NAME)); + assertEquals("unexpected path to trust store", TestSSLConstants.TRUSTSTORE, truststore.get(FileTrustStore.STORE_URL)); + assertEquals("unexpected password", AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD)); + assertEquals("unexpected type", java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE)); + assertEquals("unexpected peersOnly value", false, truststore.get(FileTrustStore.PEERS_ONLY)); } private List<Map<String, Object>> assertNumberOfTrustStores(int numberOfTrustStores) throws Exception @@ -158,17 +184,4 @@ public class TrustStoreRestTest extends QpidRestTestCase getRestTestHelper().submitRequest("truststore/" + name, "PUT", trustStoreAttributes, HttpServletResponse.SC_CREATED); } - private void assertTrustStoreAttributes(Map<String, Object> truststore, String name, String path, boolean peersOnly) - { - assertEquals("default systests trust store is missing", - name, truststore.get(TrustStore.NAME)); - assertEquals("unexpected path to trust store", - path, truststore.get(FileTrustStore.STORE_URL)); - assertEquals("unexpected (dummy) password of default systests trust store", - AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD)); - assertEquals("unexpected type of default systests trust store", - java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE)); - assertEquals("unexpected peersOnly value", - peersOnly, truststore.get(FileTrustStore.PEERS_ONLY)); - } } |