[jboss-cvs] JBoss Messaging SVN: r7489 - in trunk/src/main/org/jboss/messaging/core: security/impl and 1 other directory.

[jboss-cvs-commits at lists.jboss.org]

Author: jmesnil
Date: 2009-06-29 05:22:17 -0400 (Mon, 29 Jun 2009)
New Revision: 7489

Modified:
   trunk/src/main/org/jboss/messaging/core/management/impl/ManagementServiceImpl.java
   trunk/src/main/org/jboss/messaging/core/security/impl/SecurityStoreImpl.java
Log:
* do not add the management cluster credentials using JBMSecurityManager. For AS integration, the implemented addUser() method is a no-op
* validate management cluster credentials as a special case in SecurityStoreImpl 

Modified: trunk/src/main/org/jboss/messaging/core/management/impl/ManagementServiceImpl.java
===================================================================
--- trunk/src/main/org/jboss/messaging/core/management/impl/ManagementServiceImpl.java	2009-06-29 08:32:01 UTC (rev 7488)
+++ trunk/src/main/org/jboss/messaging/core/management/impl/ManagementServiceImpl.java	2009-06-29 09:22:17 UTC (rev 7489)
@@ -70,7 +70,6 @@
 import org.jboss.messaging.core.postoffice.PostOffice;
 import org.jboss.messaging.core.remoting.server.RemotingService;
 import org.jboss.messaging.core.remoting.spi.Acceptor;
-import org.jboss.messaging.core.security.JBMSecurityManager;
 import org.jboss.messaging.core.security.Role;
 import org.jboss.messaging.core.server.Divert;
 import org.jboss.messaging.core.server.MessagingServer;
@@ -207,12 +206,6 @@
       this.storageManager = storageManager;
       this.messagingServer = messagingServer;
 
-      JBMSecurityManager sm = messagingServer.getSecurityManager();
-      if (sm != null)
-      {
-         sm.addUser(managementClusterUser, managementClusterPassword);
-      }
-
       messagingServerControl = new MessagingServerControlImpl(postOffice,
                                                               configuration,
                                                               resourceManager,

Modified: trunk/src/main/org/jboss/messaging/core/security/impl/SecurityStoreImpl.java
===================================================================
--- trunk/src/main/org/jboss/messaging/core/security/impl/SecurityStoreImpl.java	2009-06-29 08:32:01 UTC (rev 7488)
+++ trunk/src/main/org/jboss/messaging/core/security/impl/SecurityStoreImpl.java	2009-06-29 09:22:17 UTC (rev 7489)
@@ -119,6 +119,22 @@
    {     
       if (securityEnabled)
       {
+         
+         if (managementClusterUser.equals(user))
+         {
+            if (trace) { log.trace("Authenticating cluster admin user"); }
+            
+            // The special user cluster user is used for creating sessions that replicate management operation between nodes
+            if (!managementClusterPassword.equals(password))
+            {
+               throw new MessagingException(MessagingException.SECURITY_EXCEPTION, "Unable to validate user: " + user);                 
+            }
+            else
+            {
+               return;
+            }
+         }
+
          if (!securityManager.validateUser(user, password))
          {
             if (notificationService != null)