Author: ataylor
Date: 2012-01-31 08:04:06 -0500 (Tue, 31 Jan 2012)
New Revision: 12052
Added:
branches/Branch_2_2_AS7/src/main/org/hornetq/core/security/HornetQPrincipal.java
Modified:
branches/Branch_2_2_AS7/hornetq-rest/docbook/reference/en/master.xml
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/CoreRemotingConnection.java
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/impl/HornetQPacketHandler.java
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/impl/RemotingConnectionImpl.java
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/invm/InVMAcceptor.java
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/invm/InVMConnection.java
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/netty/NettyAcceptor.java
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/netty/NettyConnection.java
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/server/RemotingService.java
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/server/impl/RemotingServiceImpl.java
branches/Branch_2_2_AS7/src/main/org/hornetq/spi/core/remoting/Acceptor.java
branches/Branch_2_2_AS7/src/main/org/hornetq/spi/core/remoting/Connection.java
branches/Branch_2_2_AS7/tests/src/org/hornetq/tests/integration/largemessage/mock/MockConnector.java
Log:
https://issues.jboss.org/browse/HORNETQ-841 - added unsecure option for invm connections
Modified: branches/Branch_2_2_AS7/hornetq-rest/docbook/reference/en/master.xml
===================================================================
--- branches/Branch_2_2_AS7/hornetq-rest/docbook/reference/en/master.xml 2012-01-30
22:24:46 UTC (rev 12051)
+++ branches/Branch_2_2_AS7/hornetq-rest/docbook/reference/en/master.xml 2012-01-31
13:04:06 UTC (rev 12052)
@@ -861,7 +861,7 @@
pull works almost identically for queues and topics with some minor, but
important caveats. To start consuming you must create a consumer resource
on the server that is dedicated to your client. Now, this pretty much
- breaks the stateless principle of REST, but after much prototyping, this
+ breaks the stateless principal of REST, but after much prototyping, this
is the best way to work most effectively with HornetQ through a REST
interface.</para>
Modified:
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/CoreRemotingConnection.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/CoreRemotingConnection.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/CoreRemotingConnection.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -13,6 +13,7 @@
package org.hornetq.core.protocol.core;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.spi.core.protocol.RemotingConnection;
@@ -100,4 +101,11 @@
* Called periodically to flush any data in the batch buffer
*/
void checkFlushBatchBuffer();
+
+ /**
+ * get the default security principal for invm
+ *
+ * @return the principal
+ */
+ HornetQPrincipal getDefaultHornetQPrincipal();
}
Modified:
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/impl/HornetQPacketHandler.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/impl/HornetQPacketHandler.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/impl/HornetQPacketHandler.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -34,6 +34,7 @@
import org.hornetq.core.protocol.core.impl.wireformat.ReattachSessionMessage;
import org.hornetq.core.protocol.core.impl.wireformat.ReattachSessionResponseMessage;
import org.hornetq.core.replication.ReplicationEndpoint;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.core.server.HornetQServer;
import org.hornetq.core.server.ServerSession;
import org.hornetq.core.version.Version;
@@ -176,9 +177,16 @@
Channel channel = connection.getChannel(request.getSessionChannelID(),
request.getWindowSize());
+ HornetQPrincipal hornetQPrincipal = null;
+
+ if(request.getUsername() == null)
+ {
+ hornetQPrincipal = connection.getDefaultHornetQPrincipal();
+ }
+
ServerSession session = server.createSession(request.getName(),
- request.getUsername(),
- request.getPassword(),
+ hornetQPrincipal ==
null?request.getUsername(): hornetQPrincipal.getUserName(),
+ hornetQPrincipal ==
null?request.getPassword(): hornetQPrincipal.getPassword(),
request.getMinLargeMessageSize(),
connection,
request.isAutoCommitSends(),
Modified:
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/impl/RemotingConnectionImpl.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/impl/RemotingConnectionImpl.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/core/protocol/core/impl/RemotingConnectionImpl.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -33,6 +33,7 @@
import org.hornetq.core.protocol.core.impl.wireformat.DisconnectMessage;
import org.hornetq.core.remoting.CloseListener;
import org.hornetq.core.remoting.FailureListener;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.spi.core.remoting.BufferHandler;
import org.hornetq.spi.core.remoting.Connection;
import org.hornetq.utils.SimpleIDGenerator;
@@ -463,6 +464,11 @@
transportConnection.checkFlushBatchBuffer();
}
+ public HornetQPrincipal getDefaultHornetQPrincipal()
+ {
+ return transportConnection.getDefaultHornetQPrincipal();
+ }
+
// Buffer Handler implementation
// ----------------------------------------------------
Modified:
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/invm/InVMAcceptor.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/invm/InVMAcceptor.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/invm/InVMAcceptor.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -21,6 +21,7 @@
import org.hornetq.api.core.SimpleString;
import org.hornetq.api.core.management.NotificationType;
import org.hornetq.core.logging.Logger;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.core.server.cluster.ClusterConnection;
import org.hornetq.core.server.management.Notification;
import org.hornetq.core.server.management.NotificationService;
@@ -64,6 +65,8 @@
private final Map<String, Object> configuration;
+ private HornetQPrincipal defaultHornetQPrincipal;
+
public InVMAcceptor(final ClusterConnection clusterConnection,
final Map<String, Object> configuration,
final BufferHandler handler,
@@ -209,7 +212,7 @@
throw new IllegalStateException("Acceptor is not started");
}
- new InVMConnection(this, id, connectionID, remoteHandler, new Listener(connector),
clientExecutor);
+ new InVMConnection(this, id, connectionID, remoteHandler, new Listener(connector),
clientExecutor, defaultHornetQPrincipal);
}
public void disconnect(final String connectionID)
@@ -227,6 +230,16 @@
}
}
+ public boolean isUnsecurable()
+ {
+ return true;
+ }
+
+ public void setDefaultHornetQPrincipal(HornetQPrincipal defaultHornetQPrincipal)
+ {
+ this.defaultHornetQPrincipal = defaultHornetQPrincipal;
+ }
+
private class Listener implements ConnectionLifeCycleListener
{
//private static Listener instance = new Listener();
Modified:
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/invm/InVMConnection.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/invm/InVMConnection.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/invm/InVMConnection.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -20,6 +20,7 @@
import org.hornetq.api.core.HornetQBuffer;
import org.hornetq.api.core.HornetQBuffers;
import org.hornetq.core.logging.Logger;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.spi.core.protocol.ProtocolType;
import org.hornetq.spi.core.remoting.Acceptor;
import org.hornetq.spi.core.remoting.BufferHandler;
@@ -58,6 +59,8 @@
private volatile boolean closing;
+ private HornetQPrincipal defaultHornetQPrincipal;
+
public InVMConnection(final Acceptor acceptor,
final int serverID,
final BufferHandler handler,
@@ -74,6 +77,17 @@
final ConnectionLifeCycleListener listener,
final Executor executor)
{
+ this(acceptor, serverID, id, handler, listener, executor, null);
+ }
+
+ public InVMConnection(final Acceptor acceptor,
+ final int serverID,
+ final String id,
+ final BufferHandler handler,
+ final ConnectionLifeCycleListener listener,
+ final Executor executor,
+ HornetQPrincipal defaultHornetQPrincipal)
+ {
this.serverID = serverID;
this.handler = handler;
@@ -84,6 +98,8 @@
this.executor = executor;
+ this.defaultHornetQPrincipal = defaultHornetQPrincipal;
+
listener.connectionCreated(acceptor, this, ProtocolType.CORE);
}
@@ -213,7 +229,12 @@
public void removeReadyListener(ReadyListener listener)
{
}
-
+
+ public HornetQPrincipal getDefaultHornetQPrincipal()
+ {
+ return defaultHornetQPrincipal;
+ }
+
public void disableFlush()
{
flushEnabled = false;
Modified:
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/netty/NettyAcceptor.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/netty/NettyAcceptor.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/netty/NettyAcceptor.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -37,6 +37,7 @@
import org.hornetq.core.logging.Logger;
import org.hornetq.core.protocol.stomp.WebSocketServerHandler;
import org.hornetq.core.remoting.impl.ssl.SSLSupport;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.core.server.cluster.ClusterConnection;
import org.hornetq.core.server.management.Notification;
import org.hornetq.core.server.management.NotificationService;
@@ -646,10 +647,20 @@
{
this.notificationService = notificationService;
}
-
+
+ public void setDefaultHornetQPrincipal(HornetQPrincipal defaultHornetQPrincipal)
+ {
+ throw new IllegalStateException("unsecure connections not allowed");
+ }
+
+ public boolean isUnsecurable()
+ {
+ return false;
+ }
+
/* (non-Javadoc)
- * @see org.hornetq.spi.core.remoting.Acceptor#getClusterConnection()
- */
+ * @see org.hornetq.spi.core.remoting.Acceptor#getClusterConnection()
+ */
public ClusterConnection getClusterConnection()
{
return clusterConnection;
Modified:
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/netty/NettyConnection.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/netty/NettyConnection.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/impl/netty/NettyConnection.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -20,6 +20,7 @@
import org.hornetq.api.core.HornetQBuffers;
import org.hornetq.core.buffers.impl.ChannelBufferWrapper;
import org.hornetq.core.logging.Logger;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.spi.core.protocol.ProtocolType;
import org.hornetq.spi.core.remoting.Acceptor;
import org.hornetq.spi.core.remoting.Connection;
@@ -272,6 +273,12 @@
readyListeners.remove(listener);
}
+ //never allow this
+ public HornetQPrincipal getDefaultHornetQPrincipal()
+ {
+ return null;
+ }
+
public void fireReady(final boolean ready)
{
for (ReadyListener listener : readyListeners)
Modified:
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/server/RemotingService.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/server/RemotingService.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/server/RemotingService.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -16,6 +16,7 @@
import java.util.Set;
import org.hornetq.api.core.Interceptor;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.spi.core.protocol.RemotingConnection;
/**
@@ -49,5 +50,7 @@
void freeze();
+ void allowInvmSecurityOverride(HornetQPrincipal principal);
+
RemotingConnection getServerSideReplicatingConnection();
}
Modified:
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/server/impl/RemotingServiceImpl.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/server/impl/RemotingServiceImpl.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/core/remoting/server/impl/RemotingServiceImpl.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -36,8 +36,10 @@
import org.hornetq.core.protocol.core.impl.CoreProtocolManagerFactory;
import org.hornetq.core.protocol.stomp.StompProtocolManagerFactory;
import org.hornetq.core.remoting.FailureListener;
+import org.hornetq.core.remoting.impl.invm.InVMAcceptor;
import org.hornetq.core.remoting.impl.netty.TransportConstants;
import org.hornetq.core.remoting.server.RemotingService;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.core.server.HornetQServer;
import org.hornetq.core.server.cluster.ClusterConnection;
import org.hornetq.core.server.cluster.ClusterManager;
@@ -246,6 +248,17 @@
started = true;
}
+ public synchronized void allowInvmSecurityOverride(HornetQPrincipal principal)
+ {
+ for (Acceptor acceptor : acceptors)
+ {
+ if(acceptor.isUnsecurable())
+ {
+ acceptor.setDefaultHornetQPrincipal(principal);
+ }
+ }
+ }
+
public synchronized void freeze()
{
// Used in testing - prevents service taking any more connections
Added: branches/Branch_2_2_AS7/src/main/org/hornetq/core/security/HornetQPrincipal.java
===================================================================
--- branches/Branch_2_2_AS7/src/main/org/hornetq/core/security/HornetQPrincipal.java
(rev 0)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/core/security/HornetQPrincipal.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -0,0 +1,49 @@
+/*
+* JBoss, Home of Professional Open Source.
+* Copyright 2010, Red Hat, Inc., and individual contributors
+* as indicated by the @author tags. See the copyright.txt file in the
+* distribution for a full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.hornetq.core.security;
+
+/**
+ * @author <a href="mailto:andy.taylor@jboss.org">Andy Taylor</a>
+ * 1/30/12
+ */
+public class HornetQPrincipal
+{
+ private final String userName;
+
+ private final String password;
+
+ public HornetQPrincipal(String userName, String password)
+ {
+ this.userName = userName;
+ this.password = password;
+ }
+
+ public String getUserName()
+ {
+ return userName;
+ }
+
+ public String getPassword()
+ {
+ return password;
+ }
+}
Modified: branches/Branch_2_2_AS7/src/main/org/hornetq/spi/core/remoting/Acceptor.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/spi/core/remoting/Acceptor.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/spi/core/remoting/Acceptor.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -15,6 +15,7 @@
import java.util.Map;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.core.server.HornetQComponent;
import org.hornetq.core.server.cluster.ClusterConnection;
import org.hornetq.core.server.management.NotificationService;
@@ -46,4 +47,8 @@
* @param notificationService the notification service
*/
void setNotificationService(NotificationService notificationService);
+
+ void setDefaultHornetQPrincipal(HornetQPrincipal defaultHornetQPrincipal);
+
+ boolean isUnsecurable();
}
Modified: branches/Branch_2_2_AS7/src/main/org/hornetq/spi/core/remoting/Connection.java
===================================================================
---
branches/Branch_2_2_AS7/src/main/org/hornetq/spi/core/remoting/Connection.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/src/main/org/hornetq/spi/core/remoting/Connection.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -14,6 +14,7 @@
package org.hornetq.spi.core.remoting;
import org.hornetq.api.core.HornetQBuffer;
+import org.hornetq.core.security.HornetQPrincipal;
/**
* The connection used by a channel to write data to.
@@ -74,4 +75,6 @@
void addReadyListener(ReadyListener listener);
void removeReadyListener(ReadyListener listener);
+
+ HornetQPrincipal getDefaultHornetQPrincipal();
}
\ No newline at end of file
Modified:
branches/Branch_2_2_AS7/tests/src/org/hornetq/tests/integration/largemessage/mock/MockConnector.java
===================================================================
---
branches/Branch_2_2_AS7/tests/src/org/hornetq/tests/integration/largemessage/mock/MockConnector.java 2012-01-30
22:24:46 UTC (rev 12051)
+++
branches/Branch_2_2_AS7/tests/src/org/hornetq/tests/integration/largemessage/mock/MockConnector.java 2012-01-31
13:04:06 UTC (rev 12052)
@@ -20,6 +20,7 @@
import org.hornetq.api.core.HornetQBuffer;
import org.hornetq.core.remoting.impl.invm.InVMConnection;
import org.hornetq.core.remoting.impl.invm.InVMConnector;
+import org.hornetq.core.security.HornetQPrincipal;
import org.hornetq.spi.core.remoting.BufferHandler;
import org.hornetq.spi.core.remoting.Connection;
import org.hornetq.spi.core.remoting.ConnectionLifeCycleListener;
@@ -103,5 +104,10 @@
super.write(buffer, flush, batch);
}
+
+ public HornetQPrincipal getDefaultHornetQPrincipal()
+ {
+ return null;
+ }
}
}