diff options
Diffstat (limited to 'java/broker/src')
9 files changed, 109 insertions, 39 deletions
diff --git a/java/broker/src/main/java/org/apache/qpid/server/plugins/Plugin.java b/java/broker/src/main/java/org/apache/qpid/server/plugins/Plugin.java index e094422a1e..e7f9983fff 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/plugins/Plugin.java +++ b/java/broker/src/main/java/org/apache/qpid/server/plugins/Plugin.java @@ -26,9 +26,6 @@ public interface Plugin /** * Provide Configuration to this plugin - * - * FIXME Should not throw ConfigurationException, - * Only ConfigurationPlugin should throw ConfigurationException */ - public void configure(ConfigurationPlugin config) throws ConfigurationException; + public void configure(ConfigurationPlugin config); } diff --git a/java/broker/src/main/java/org/apache/qpid/server/plugins/PluginManager.java b/java/broker/src/main/java/org/apache/qpid/server/plugins/PluginManager.java index bbbe586ed3..466bc9e228 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/plugins/PluginManager.java +++ b/java/broker/src/main/java/org/apache/qpid/server/plugins/PluginManager.java @@ -36,6 +36,7 @@ import org.apache.log4j.Logger; import org.apache.qpid.common.Closeable; import org.apache.qpid.server.configuration.plugins.ConfigurationPluginFactory; import org.apache.qpid.server.exchange.ExchangeType; +import org.apache.qpid.server.security.SecurityManager; import org.apache.qpid.server.security.SecurityPluginFactory; import org.apache.qpid.server.security.access.plugins.AllowAll; import org.apache.qpid.server.security.access.plugins.DenyAll; @@ -78,6 +79,7 @@ public class PluginManager implements Closeable _securityPlugins.put(pluginFactory.getPluginName(), pluginFactory); } for (ConfigurationPluginFactory configFactory : Arrays.asList( + SecurityManager.SecurityConfiguration.FACTORY, AllowAll.AllowAllConfiguration.FACTORY, DenyAll.DenyAllConfiguration.FACTORY, LegacyAccess.LegacyAccessConfiguration.FACTORY)) diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/AbstractPlugin.java b/java/broker/src/main/java/org/apache/qpid/server/security/AbstractPlugin.java index 87cc6e89aa..ff80499bc2 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/AbstractPlugin.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/AbstractPlugin.java @@ -45,7 +45,7 @@ public abstract class AbstractPlugin implements SecurityPlugin public abstract Result authorise(Operation operation, ObjectType object, ObjectProperties properties); - public void configure(ConfigurationPlugin config) throws ConfigurationException + public void configure(ConfigurationPlugin config) { _config = config; } diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/SecurityManager.java b/java/broker/src/main/java/org/apache/qpid/server/security/SecurityManager.java index 035b7fa854..362d919a5e 100755 --- a/java/broker/src/main/java/org/apache/qpid/server/security/SecurityManager.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/SecurityManager.java @@ -22,14 +22,18 @@ import static org.apache.qpid.server.security.access.ObjectType.*; import static org.apache.qpid.server.security.access.Operation.*; import java.security.Principal; +import java.util.Arrays; import java.util.HashMap; +import java.util.List; import java.util.Map; import java.util.Map.Entry; +import org.apache.commons.configuration.Configuration; import org.apache.commons.configuration.ConfigurationException; import org.apache.log4j.Logger; import org.apache.qpid.framing.AMQShortString; import org.apache.qpid.server.configuration.plugins.ConfigurationPlugin; +import org.apache.qpid.server.configuration.plugins.ConfigurationPluginFactory; import org.apache.qpid.server.exchange.Exchange; import org.apache.qpid.server.plugins.PluginManager; import org.apache.qpid.server.protocol.AMQProtocolSession; @@ -57,6 +61,39 @@ public class SecurityManager private Map<String, SecurityPlugin> _globalPlugins = new HashMap<String, SecurityPlugin>(); private Map<String, SecurityPlugin> _hostPlugins = new HashMap<String, SecurityPlugin>(); + public static class SecurityConfiguration extends ConfigurationPlugin + { + public static final ConfigurationPluginFactory FACTORY = new ConfigurationPluginFactory() + { + public ConfigurationPlugin newInstance(String path, Configuration config) throws ConfigurationException + { + ConfigurationPlugin instance = new SecurityConfiguration(); + instance.setConfiguration(path, config); + return instance; + } + + public List<String> getParentPaths() + { + return Arrays.asList("security", "virtualhosts.virtualhost.security"); + } + }; + + @Override + public String[] getElementsProcessed() + { + return new String[]{"security"}; + } + + public void validateConfiguration() throws ConfigurationException + { + if (_configuration.isEmpty()) + { + throw new ConfigurationException("security section is incomplete, no elements found."); + } + } + } + + public SecurityManager(SecurityManager parent) throws ConfigurationException { _pluginManager = parent._pluginManager; @@ -116,12 +153,18 @@ public class SecurityManager public Map<String, SecurityPlugin> configurePlugins(ConfigurationPlugin hostConfig) throws ConfigurationException { Map<String, SecurityPlugin> plugins = new HashMap<String, SecurityPlugin>(); - for (SecurityPluginFactory<?> factory : _pluginFactories.values()) + SecurityConfiguration securityConfig = hostConfig.getConfiguration(SecurityConfiguration.class); + + // If we have no security Configuration then there is nothing to configure. + if (securityConfig != null) { - SecurityPlugin plugin = factory.newInstance(hostConfig); - if (plugin.isConfigured()) + for (SecurityPluginFactory<?> factory : _pluginFactories.values()) { - plugins.put(factory.getPluginName(), plugin); + SecurityPlugin plugin = factory.newInstance(securityConfig); + if (plugin != null) + { + plugins.put(factory.getPluginName(), plugin); + } } } return plugins; diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/AllowAll.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/AllowAll.java index 7525362bfc..24ff44b1ae 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/AllowAll.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/AllowAll.java @@ -36,7 +36,7 @@ public class AllowAll extends BasicPlugin { public List<String> getParentPaths() { - return Arrays.asList("security", "virtualhosts.virtualhost.security"); + return Arrays.asList("security.allow-all", "virtualhosts.virtualhost.security.allow-all"); } public ConfigurationPlugin newInstance(String path, Configuration config) throws ConfigurationException @@ -49,16 +49,33 @@ public class AllowAll extends BasicPlugin public String[] getElementsProcessed() { - return new String[] { "allow-all" }; + return new String[] { "" }; } + + public void validateConfiguration() throws ConfigurationException + { + if (!_configuration.isEmpty()) + { + throw new ConfigurationException("allow-all section takes no elements."); + } + } + } public static final SecurityPluginFactory<AllowAll> FACTORY = new SecurityPluginFactory<AllowAll>() { - public AllowAll newInstance(ConfigurationPlugin config) throws ConfigurationException + public AllowAll newInstance(ConfigurationPlugin config) throws ConfigurationException { + AllowAllConfiguration configuration = config.getConfiguration(AllowAllConfiguration.class); + + // If there is no configuration for this plugin then don't load it. + if (configuration == null) + { + return null; + } + AllowAll plugin = new AllowAll(); - plugin.configure(config); + plugin.configure(configuration); return plugin; } @@ -79,8 +96,4 @@ public class AllowAll extends BasicPlugin return Result.ALLOWED; } - public void configure(ConfigurationPlugin config) throws ConfigurationException - { - _config = config.getConfiguration(AllowAllConfiguration.class); - } } diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/DenyAll.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/DenyAll.java index 7647072abc..cd68511730 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/DenyAll.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/DenyAll.java @@ -36,7 +36,7 @@ public class DenyAll extends BasicPlugin { public List<String> getParentPaths() { - return Arrays.asList("security", "virtualhosts.virtualhost.security"); + return Arrays.asList("security.deny-all", "virtualhosts.virtualhost.security.deny-all"); } public ConfigurationPlugin newInstance(String path, Configuration config) throws ConfigurationException @@ -49,16 +49,33 @@ public class DenyAll extends BasicPlugin public String[] getElementsProcessed() { - return new String[] { "deny-all" }; + return new String[] { "" }; } + + public void validateConfiguration() throws ConfigurationException + { + if (!_configuration.isEmpty()) + { + throw new ConfigurationException("deny-all section takes no elements."); + } + } + } public static final SecurityPluginFactory<DenyAll> FACTORY = new SecurityPluginFactory<DenyAll>() { public DenyAll newInstance(ConfigurationPlugin config) throws ConfigurationException { + DenyAllConfiguration configuration = config.getConfiguration(DenyAllConfiguration.class); + + // If there is no configuration for this plugin then don't load it. + if (configuration == null) + { + return null; + } + DenyAll plugin = new DenyAll(); - plugin.configure(config); + plugin.configure(configuration); return plugin; } @@ -79,9 +96,4 @@ public class DenyAll extends BasicPlugin return Result.DENIED; } - public void configure(ConfigurationPlugin config) throws ConfigurationException - { - _config = config.getConfiguration(DenyAllConfiguration.class); - } - } diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/LegacyAccess.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/LegacyAccess.java index d2b72503a4..8cebedbc26 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/LegacyAccess.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/LegacyAccess.java @@ -37,7 +37,11 @@ public class LegacyAccess extends BasicPlugin { public List<String> getParentPaths() { - return Arrays.asList("security", "virtualhosts.virtualhost.security"); + return Arrays.asList("security.jmx", "virtualhosts.virtualhost.security.jmx", + "security.false", "virtualhosts.virtualhost.security.false", + "security.msg-auth", "virtualhosts.virtualhost.security.msg-auth", + "security.access", "virtualhosts.virtualhost.security.access", + "security.principal-databases", "virtualhosts.virtualhost.security.principal-databases"); } public ConfigurationPlugin newInstance(String path, Configuration config) throws ConfigurationException @@ -50,7 +54,7 @@ public class LegacyAccess extends BasicPlugin public String[] getElementsProcessed() { - return new String[] { "principal-databases", "access", "msg-auth", "false", "jmx" }; + return new String[] { "" }; } } @@ -58,8 +62,16 @@ public class LegacyAccess extends BasicPlugin { public LegacyAccess newInstance(ConfigurationPlugin config) throws ConfigurationException { + LegacyAccessConfiguration configuration = config.getConfiguration(LegacyAccessConfiguration.class); + + // If there is no configuration for this plugin then don't load it. + if (configuration == null) + { + return null; + } + LegacyAccess plugin = new LegacyAccess(); - plugin.configure(config); + plugin.configure(configuration); return plugin; } @@ -74,8 +86,4 @@ public class LegacyAccess extends BasicPlugin } }; - public void configure(ConfigurationPlugin config) throws ConfigurationException - { - _config = config.getConfiguration(LegacyAccessConfiguration.class); - } } diff --git a/java/broker/src/main/java/org/apache/qpid/server/virtualhost/VirtualHostImpl.java b/java/broker/src/main/java/org/apache/qpid/server/virtualhost/VirtualHostImpl.java index d104209e98..f7ad934a57 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/virtualhost/VirtualHostImpl.java +++ b/java/broker/src/main/java/org/apache/qpid/server/virtualhost/VirtualHostImpl.java @@ -308,11 +308,7 @@ public class VirtualHostImpl implements VirtualHost _logger.info("Loaded VirtualHostPlugin:" + plugin); } - catch (IllegalArgumentException iae) - { - _logger.warn("VirtualHostPlugin:" + pluginName + " has not been configured for this virtualhost(" + getName() + ")"); - } - catch (Exception e) + catch (RuntimeException e) { _logger.error("Unable to load VirtualHostPlugin:" + pluginName + " due to:" + e.getMessage(), e); } diff --git a/java/broker/src/main/java/org/apache/qpid/server/virtualhost/plugins/VirtualHostPluginFactory.java b/java/broker/src/main/java/org/apache/qpid/server/virtualhost/plugins/VirtualHostPluginFactory.java index 5335925fb0..c8bea18444 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/virtualhost/plugins/VirtualHostPluginFactory.java +++ b/java/broker/src/main/java/org/apache/qpid/server/virtualhost/plugins/VirtualHostPluginFactory.java @@ -20,10 +20,9 @@ */ package org.apache.qpid.server.virtualhost.plugins; -import org.apache.commons.configuration.ConfigurationException; import org.apache.qpid.server.virtualhost.VirtualHost; public interface VirtualHostPluginFactory { - public VirtualHostHouseKeepingPlugin newInstance(VirtualHost vhost) throws ConfigurationException; + public VirtualHostHouseKeepingPlugin newInstance(VirtualHost vhost); } |