[jboss-cvs] JBoss Messaging SVN: r2924 - in trunk: src/main/org/jboss/jms/server/container and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jul 23 20:09:28 EDT 2007
Author: clebert.suconic at jboss.com
Date: 2007-07-23 20:09:28 -0400 (Mon, 23 Jul 2007)
New Revision: 2924
Modified:
trunk/src/etc/aop-messaging-server.xml
trunk/src/main/org/jboss/jms/server/container/SecurityAspect.java
trunk/src/main/org/jboss/jms/tx/ResourceManager.java
trunk/tests/src/org/jboss/test/messaging/jms/XATestBase.java
Log:
http://jira.jboss.com/jira/browse/JBMESSAGING-1019
Modified: trunk/src/etc/aop-messaging-server.xml
===================================================================
--- trunk/src/etc/aop-messaging-server.xml 2007-07-23 18:25:43 UTC (rev 2923)
+++ trunk/src/etc/aop-messaging-server.xml 2007-07-24 00:09:28 UTC (rev 2924)
@@ -13,6 +13,10 @@
<interceptor-ref name="org.jboss.jms.server.container.ServerLogInterceptor"/>
</bind>
+ <bind pointcut="execution(* org.jboss.jms.server.endpoint.advised.ConnectionAdvised->sendTransaction(..))">
+ <advice name="handleSendTransaction" aspect="org.jboss.jms.server.container.SecurityAspect"/>
+ </bind>
+
<!-- Session -->
<bind pointcut="execution(* org.jboss.jms.server.endpoint.advised.SessionAdvised->$implementing{org.jboss.jms.delegate.SessionEndpoint}(..))">
<interceptor-ref name="org.jboss.jms.server.container.ServerLogInterceptor"/>
Modified: trunk/src/main/org/jboss/jms/server/container/SecurityAspect.java
===================================================================
--- trunk/src/main/org/jboss/jms/server/container/SecurityAspect.java 2007-07-23 18:25:43 UTC (rev 2923)
+++ trunk/src/main/org/jboss/jms/server/container/SecurityAspect.java 2007-07-24 00:09:28 UTC (rev 2924)
@@ -23,6 +23,7 @@
import java.util.HashSet;
import java.util.Set;
+import java.util.Iterator;
import javax.jms.Destination;
import javax.jms.JMSSecurityException;
@@ -37,7 +38,11 @@
import org.jboss.jms.server.endpoint.ServerSessionEndpoint;
import org.jboss.jms.server.endpoint.advised.ConsumerAdvised;
import org.jboss.jms.server.endpoint.advised.SessionAdvised;
+import org.jboss.jms.server.endpoint.advised.ConnectionAdvised;
import org.jboss.jms.server.security.SecurityMetadata;
+import org.jboss.jms.tx.TransactionRequest;
+import org.jboss.jms.tx.ClientTransaction;
+import org.jboss.jms.message.JBossMessage;
import org.jboss.logging.Logger;
import org.jboss.security.SecurityAssociation;
@@ -150,7 +155,47 @@
check(dest, CheckType.WRITE, ce);
return invocation.invokeNext();
- }
+ }
+
+
+ // An aspect over ConnectionAdvised
+ public Object handleSendTransaction(Invocation invocation) throws Throwable
+ {
+ ConnectionAdvised del = (ConnectionAdvised)invocation.getTargetObject();
+ ServerConnectionEndpoint ce = (ServerConnectionEndpoint)del.getEndpoint();
+
+ MethodInvocation mi = (MethodInvocation)invocation;
+
+ TransactionRequest t = (TransactionRequest)mi.getArguments()[0];
+
+ ClientTransaction txState = t.getState();
+
+ if (txState != null)
+ {
+ // distinct list of destinations...
+ HashSet destinations = new HashSet();
+
+ for (Iterator i = txState.getSessionStates().iterator(); i.hasNext(); )
+ {
+ ClientTransaction.SessionTxState sessionState = (ClientTransaction.SessionTxState)i.next();
+ for (Iterator j = sessionState.getMsgs().iterator(); j.hasNext(); )
+ {
+ JBossMessage message = (JBossMessage)j.next();
+ destinations.add(message.getJMSDestination());
+ }
+ }
+ for (Iterator iterDestinations = destinations.iterator();iterDestinations.hasNext();)
+ {
+ Destination destination = (Destination) iterDestinations.next();
+ check(destination, CheckType.WRITE, ce);
+ }
+
+ }
+
+ return invocation.invokeNext();
+ }
+
+
protected void checkConsumerAccess(Invocation invocation) throws Throwable
{
Modified: trunk/src/main/org/jboss/jms/tx/ResourceManager.java
===================================================================
--- trunk/src/main/org/jboss/jms/tx/ResourceManager.java 2007-07-23 18:25:43 UTC (rev 2923)
+++ trunk/src/main/org/jboss/jms/tx/ResourceManager.java 2007-07-24 00:09:28 UTC (rev 2924)
@@ -29,6 +29,7 @@
import javax.jms.IllegalStateException;
import javax.jms.JMSException;
+import javax.jms.JMSSecurityException;
import javax.transaction.xa.XAException;
import javax.transaction.xa.XAResource;
import javax.transaction.xa.Xid;
@@ -214,6 +215,11 @@
throw new IllegalStateException("Cannot find xid to remove " + xid);
}
}
+ catch (JMSSecurityException e)
+ {
+ // If a security exception happens, just rethrow it
+ throw e;
+ }
catch (Throwable t)
{
// If a problem occurs during commit processing the session should be rolled back
@@ -630,6 +636,12 @@
{
connection.sendTransaction(request, false);
}
+ catch (JMSSecurityException security)
+ {
+ MessagingXAException xaEx = new MessagingXAException(XAException.XA_RBROLLBACK, "A security exception happend!", security);
+ log.error(xaEx, xaEx);
+ throw xaEx;
+ }
catch (Throwable t)
{
//Catch anything else
Modified: trunk/tests/src/org/jboss/test/messaging/jms/XATestBase.java
===================================================================
--- trunk/tests/src/org/jboss/test/messaging/jms/XATestBase.java 2007-07-23 18:25:43 UTC (rev 2923)
+++ trunk/tests/src/org/jboss/test/messaging/jms/XATestBase.java 2007-07-24 00:09:28 UTC (rev 2924)
@@ -44,6 +44,7 @@
import javax.naming.InitialContext;
import javax.transaction.Transaction;
import javax.transaction.TransactionManager;
+import javax.transaction.RollbackException;
import javax.transaction.xa.XAException;
import javax.transaction.xa.XAResource;
import javax.transaction.xa.Xid;
@@ -552,7 +553,7 @@
XASession xasession = xaconn.createXASession();
XAResource resouce = xasession.getXAResource();
-
+
trans.enlistResource(resouce);
MessageConsumer consumer = xasession.createConsumer(queue);
@@ -566,7 +567,7 @@
assertNull(consumer.receive(1000));
count = (Integer)ServerManagement.getAttribute(queueMBean, "MessageCount");
-
+
assertEquals(1, count.intValue());
trans.delistResource(resouce, XAResource.TMSUCCESS);
@@ -3408,6 +3409,72 @@
}
+ /**
+ * This Validate sending messages on an Queue where the user don't have write authorization
+ * @throws Exception
+ */
+ public void testSecurityOnXA() throws Exception
+ {
+ XAConnection xaconn = null;
+
+ Transaction formerTrans = tm.suspend();
+ try
+ {
+ tm.begin();
+
+ Transaction trans = tm.getTransaction();
+
+ XAConnectionFactory xacf = (XAConnectionFactory)cf;
+
+ xaconn = xacf.createXAConnection("nobody", "nobody");
+
+ XASession xasession = xaconn.createXASession();
+
+ XAResource resouce = xasession.getXAResource();
+
+ MessageProducer producer = xasession.createProducer(queue);
+
+ trans.enlistResource(resouce);
+
+
+
+ for (int i=0;i<10;i++)
+ {
+ producer.send(xasession.createTextMessage("Test " + i));
+ }
+
+ trans.delistResource(resouce, XAResource.TMSUCCESS);
+
+ try
+ {
+ trans.commit();
+ fail("Didn't throw expected exception!");
+ }
+ catch (RollbackException expected)
+ {
+ }
+ }
+ finally
+ {
+ try
+ {
+ if (xaconn != null)
+ {
+ xaconn.close();
+ }
+ ServerManagement.undeployQueue("MyQueue2");
+ }
+ catch (Throwable ignored)
+ {
+ }
+
+ if (formerTrans!=null) tm.resume(formerTrans);
+
+ }
+ }
+
+
+
// Package protected ---------------------------------------------
// Protected -----------------------------------------------------
More information about the jboss-cvs-commits
mailing list