summaryrefslogtreecommitdiff
path: root/qpid/java/broker-plugins/access-control
Commit message (Collapse)AuthorAgeFilesLines
* QPID-4984: WIP - Merge from trunk r.1534385.Kim van der Riet2013-10-214-34/+79
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/branches/linearstore@1534394 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4984: WIP - Merge from trunk r.1525056Kim van der Riet2013-09-201-5/+5
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/branches/linearstore@1525101 13f79535-47bb-0310-9956-ffa450edef68
* NO-JIRA: add missing licence headers to various java filesRobert Gemmell2013-05-051-0/+20
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1479398 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4753: set vhost SecurityManager _managementMode boolean to equal the ↵Robert Gemmell2013-04-291-1/+4
| | | | | | parent/broker SecurityManager, validate the ACL file during onCreate to ensure it is usable before allowing it to be added git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1477155 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4753: move ACL config from broker attribute to a top level entityAlex Rudyy2013-04-194-49/+116
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1469937 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4678: Add ACL checks to restrict the operations to change broker level ↵Alex Rudyy2013-03-291-0/+7
| | | | | | configuration through the management interfaces git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1462551 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4390: Introduce a configuration store in java broker allowing runtime ↵Alex Rudyy2013-02-197-62/+139
| | | | | | modifications and replace existing xml file configuration with json configuration store git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1447646 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4377: add missing licence headers to various files in the Java treeRobert Gemmell2012-12-111-0/+18
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1420285 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4456: ensure the broker plugins get packaged in the release binary and ↵Robert Gemmell2012-11-211-0/+2
| | | | | | added to the classpath. Create opt directory for later use by users and update docs accordingly. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1412359 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4335, QPID-4353: Refactored broker plugins to use simplified ↵Robert Gemmell2012-10-127-226/+49
| | | | | | | | | | | | | | | | ServiceLoader-based model rather than embedding Felix to use OSGi. Removed the ability to reload security configuration because this feature is not very useful in its current form and was making our code hard to refactor. Modified all tests to use jars rather than classes. This makes them closer to real-world deployments, e.g. the META-INF/services file is read from within the jar. Also moved various system tests from their respective modules into "systests". This removes the need for most modules to depend on systests, thus simplifying our dependency graph. Applied patch from myself, Keith Wall and Phil Harvey <phil@philharveyonline.com> git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1397519 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4334: addressed Keith's review comments. Also moved ↵Keith Wall2012-09-288-88/+211
| | | | | | | | PlainConfigurationTest to the correct package. Applied patch from Philip Harvey <phil@philharveyonline.com>. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1391431 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4334: removed the firewall plugin and moved its functionality into the ↵Keith Wall2012-09-2823-98/+1524
| | | | | | | | Access Control plugin. Applied patch from Philip Harvey <phil@philharveyonline.com>. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1391430 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4292: add ACL rule to authorise access to the web management UIKeith Wall2012-09-101-0/+9
| | | | | | | | | | | * added object name MANAGEMENT to represent both JMX and Web Management layers * Change both JMX/Web entry points to permission access with an access management check * Updated examples and docbook * Made Principals serialised to avoid container warnings when Qpid principals are placed within a HttpSession. Work of Robbie Gemmell <robbie@apache.org> and myself. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1382947 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4236, QPID-4237, QPID-4245: Added group management functionality, and ↵Robert Gemmell2012-08-248-207/+185
| | | | | | | | | | | | | | | | | | | exposed it via the web management interface. Removed group definition functionality from the ACL plugin. The ACL plugin uses groups but no longer defines them. Introduced SubjectCreator as a facade to AuthenticationManager and group management classes. Applied access control to user and group management. Fixed bug in choosing between update and creation in RestServlet. Moved lots of RestTest helper methods to RestTestHelper. Fixed authentication, authorisation, and status logging when using the web ui. Applied patch from Philip Harvey <phil@philharveyonline.com>, Keith Wall and myself. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1376968 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4098: update POM generation for the plugins to mark the dependencies as ↵Robert Gemmell2012-06-291-0/+1
| | | | | | being provided (by the broker itself) at runtime git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1355391 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4098: generate maven release artifacts for the broker pluginsRobert Gemmell2012-06-291-1/+4
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1355390 13f79535-47bb-0310-9956-ffa450edef68
* QPID-3998, QPID-3999, QPID-4093: add new management plugins for ↵Robert Gemmell2012-06-281-2/+0
| | | | | | jmx/rest/webui functionality, partial merge from the java-config-and-management branch at r1355039 git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1355072 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4042 : [Java Broker] Add SSL Client Auth supportRobert Godfrey2012-06-061-45/+45
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1346817 13f79535-47bb-0310-9956-ffa450edef68
* QPID-3994: trivial changes to the build.xml files to aid people regenerating ↵Robert Gemmell2012-05-131-0/+1
| | | | | | their Eclipse project files using Ant Eclipse following the Ivy related changes git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1337925 13f79535-47bb-0310-9956-ffa450edef68
* QPID-3985 : [Java Tests] Fix locale specific testsRobert Godfrey2012-05-071-4/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1335303 13f79535-47bb-0310-9956-ffa450edef68
* QPID-3965: Fix issue with converting ACL content to lower case Applied patch ↵Keith Wall2012-04-273-6/+10
| | | | | | by Oleksandr Rudyy <orudyy@gmail.com>, Phil Harvey <phil@philharveyonline.com> git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1331342 13f79535-47bb-0310-9956-ffa450edef68
* QPID-3843: ensure ACL rule evaluation for the ALL operation accounts for the ↵Robert Gemmell2012-02-162-25/+202
| | | | | | | | object type and properties. Fix length used for property wildcarding checks. Applied patch from Oleksandr Rudyy <orudyy@gmail.com> git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1244934 13f79535-47bb-0310-9956-ffa450edef68
* QPID-3789 : [Java] code tidyupsRobert Godfrey2012-01-296-18/+9
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1237273 13f79535-47bb-0310-9956-ffa450edef68
* NO-JIRA: Encapsulate fields, use private members and accesors (keep ↵Robert Godfrey2012-01-271-1/+1
| | | | | | checkstyle happy) git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1236867 13f79535-47bb-0310-9956-ffa450edef68
* QPID-3703: ACL test improvementsKeith Wall2011-12-202-3/+213
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1221518 13f79535-47bb-0310-9956-ffa450edef68
* QPID-3641: rename configuration element aclv2 => acl.Keith Wall2011-11-281-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1207407 13f79535-47bb-0310-9956-ffa450edef68
* QPID-3641: ACLV2 Simplifications and Improvements for Java BrokerKeith Wall2011-11-243-84/+29
| | | | | | | | | | | | | Improvements and simplifications to ACL V2 for the Java Broker: 1) Removed 'EXECUTE' operation (we now just have ACCESS and UPDATE like C++ broker) 2) Enable users with management rights for a procedure to complete that procedure without matching AMQP rights (configurable) 3) Fix up system tests (make clearer, remove need for lots of support files) 4) Fix disparity in DENY_LOG and DENY-LOG values between brokers. 5) Get rid of transitive/expand permission rules Work from Robbie Gemmell and myself. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1205782 13f79535-47bb-0310-9956-ffa450edef68
* QPID-3310 - Principal/Subject refactoring.Robert Gemmell2011-07-136-384/+697
| | | | | | | | | | Refactoring to the connection/session objects to pass the Subject from Authentication tier to Access tier, rather than just the Principal. Change the access-control to be able to make access decisions based on Groups from the Authentication tier whilst retaining support for groups declared within the ACL file itself. Improve unit tests. Applied patch by Keith Wall <keith.wall@gmail.com> git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1146079 13f79535-47bb-0310-9956-ffa450edef68
* add missing Apache licenceRobert Gemmell2010-09-271-1/+21
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1001950 13f79535-47bb-0310-9956-ffa450edef68
* QPID-2654: Add Actor logging to the ACL pluginRobert Gemmell2010-06-175-15/+65
| | | | | | | Applied patch from Andrew Kennedy <andrew.international@gmail.com> git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@955642 13f79535-47bb-0310-9956-ffa450edef68
* QPID-2638 : Add initial support for Topics section in configuration file.Martin Ritchie2010-06-141-1/+1
| | | | | | | | | Added getQueueConfiguration(AMQQueue) which will return a new configuration for the given queue reflecting its binding status. This will allow the queue to be reconfigured during the binding process. Full Docs on this approach to appear on wiki. AMQQueue.configure and getConfiguration() have been updated to use ConfigurationPlugin rather than QueueConfiguration, The queue may be configured by a TopicConfiguration now. Update SlowConsumerTest to be GlobalQueuesTest and add a GlobalTopicsTest to match, where the config is added to the queues or topics section respectively git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@954433 13f79535-47bb-0310-9956-ffa450edef68
* QPID-2632 : Applied patch from Andrew Kennedy. To convert RST and PPT to ↵Martin Ritchie2010-06-042-4/+4
| | | | | | QTCs not IBBCs git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@951341 13f79535-47bb-0310-9956-ffa450edef68
* QPID-2581 : Update Plugins that use configuration to only throw ↵Martin Ritchie2010-06-032-14/+31
| | | | | | | | | | ConfigurationExceptions during the configuration phase of loading configuration. Creating a plugin and providing it with configuration should not throw a configuration exception. Added configuration validation to newer plugins SimpleXML still needs validation. todo Docuement Configuration mechanism. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@951159 13f79535-47bb-0310-9956-ffa450edef68
* Remove Plugin.isConfigured Only configured plugins should be createdMartin Ritchie2010-06-031-9/+15
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@951158 13f79535-47bb-0310-9956-ffa450edef68
* QPID-2632 : Ensure additional broker unit tests extend IBBCMartin Ritchie2010-06-032-13/+10
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@951157 13f79535-47bb-0310-9956-ffa450edef68
* Add the ASF License to various classes currently missing itRobert Gemmell2010-06-025-0/+100
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@950740 13f79535-47bb-0310-9956-ffa450edef68
* QPID-2581 : Update Plugins to have a consistent ↵Martin Ritchie2010-06-021-10/+5
| | | | | | | | | configure(ConfigurationPlugin config) method. Further work is required to ensure that all ConfigurationPlugins perform config validation rather than leaving that to the plugin. The plugin should just use the config. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@950656 13f79535-47bb-0310-9956-ffa450edef68
* QPID-2542: Implement ACL checking as OSGi pluginRobert Gemmell2010-05-3115-0/+2008
Applied patch from Andrew Kennedy <andrew.international@gmail.com> git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@949783 13f79535-47bb-0310-9956-ffa450edef68
View Lorry Controller Status