trunk/activemq-core/src/test/java/org/apache/activemq/security/SimpleSecurityBrokerSystemTest.java - activemq - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.activemq.security;

 import java.net.URL;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.HashSet;

 import junit.framework.Test;
 import org.apache.activemq.CombinationTestSupport;
 import org.apache.activemq.broker.Broker;
 import org.apache.activemq.broker.BrokerPlugin;
 import org.apache.activemq.broker.BrokerService;
 import org.apache.activemq.command.ActiveMQQueue;
 import org.apache.activemq.command.ActiveMQTopic;
 import org.apache.activemq.command.MessageSendTest;
 import org.apache.activemq.filter.DestinationMap;
 import org.apache.activemq.jaas.GroupPrincipal;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 /**
  * Tests that the broker allows/fails access to destinations based on the
  * security policy installed on the broker.
  *
  *
  */
 public class SimpleSecurityBrokerSystemTest extends SecurityTestSupport {

     static final GroupPrincipal GUESTS = new GroupPrincipal("guests");
     static final GroupPrincipal USERS = new GroupPrincipal("users");
     static final GroupPrincipal ADMINS = new GroupPrincipal("admins");
     private static final Logger LOG = LoggerFactory.getLogger(SimpleSecurityBrokerSystemTest.class);

     public BrokerPlugin authorizationPlugin;
     public BrokerPlugin authenticationPlugin;

     static {
         String path = System.getProperty("java.security.auth.login.config");
         if (path == null) {
             URL resource = SimpleSecurityBrokerSystemTest.class.getClassLoader().getResource("login.config");
             if (resource != null) {
                 path = resource.getFile();
                 System.setProperty("java.security.auth.login.config", path);
             }
         }
         LOG.info("Path to login config: " + path);
     }

     public static Test suite() {
         return suite(SimpleSecurityBrokerSystemTest.class);
     }

     public static void main(String[] args) {
         junit.textui.TestRunner.run(suite());
     }

     public static AuthorizationMap createAuthorizationMap() {
         DestinationMap readAccess = new DestinationMap();
         readAccess.put(new ActiveMQQueue(">"), ADMINS);
         readAccess.put(new ActiveMQQueue("USERS.>"), USERS);
         readAccess.put(new ActiveMQQueue("GUEST.>"), GUESTS);
         readAccess.put(new ActiveMQTopic(">"), ADMINS);
         readAccess.put(new ActiveMQTopic("USERS.>"), USERS);
         readAccess.put(new ActiveMQTopic("GUEST.>"), GUESTS);

         DestinationMap writeAccess = new DestinationMap();
         writeAccess.put(new ActiveMQQueue(">"), ADMINS);
         writeAccess.put(new ActiveMQQueue("USERS.>"), USERS);
         writeAccess.put(new ActiveMQQueue("GUEST.>"), USERS);
         writeAccess.put(new ActiveMQQueue("GUEST.>"), GUESTS);
         writeAccess.put(new ActiveMQTopic(">"), ADMINS);
         writeAccess.put(new ActiveMQTopic("USERS.>"), USERS);
         writeAccess.put(new ActiveMQTopic("GUEST.>"), USERS);
         writeAccess.put(new ActiveMQTopic("GUEST.>"), GUESTS);

         readAccess.put(new ActiveMQTopic("ActiveMQ.Advisory.>"), GUESTS);
         readAccess.put(new ActiveMQTopic("ActiveMQ.Advisory.>"), USERS);
         writeAccess.put(new ActiveMQTopic("ActiveMQ.Advisory.>"), GUESTS);
         writeAccess.put(new ActiveMQTopic("ActiveMQ.Advisory.>"), USERS);

         DestinationMap adminAccess = new DestinationMap();
         adminAccess.put(new ActiveMQTopic(">"), ADMINS);
         adminAccess.put(new ActiveMQTopic(">"), USERS);
         adminAccess.put(new ActiveMQTopic(">"), GUESTS);
         adminAccess.put(new ActiveMQQueue(">"), ADMINS);
         adminAccess.put(new ActiveMQQueue(">"), USERS);
         adminAccess.put(new ActiveMQQueue(">"), GUESTS);

         return new SimpleAuthorizationMap(writeAccess, readAccess, adminAccess);
     }

     static class SimpleAuthenticationFactory implements BrokerPlugin {
         public Broker installPlugin(Broker broker) {

             HashMap<String, String> u = new HashMap<String, String>();
             u.put("system", "manager");
             u.put("user", "password");
             u.put("guest", "password");

             HashMap<String, HashSet<Object>> groups = new HashMap<String, HashSet<Object>>();
             groups.put("system", new HashSet<Object>(Arrays.asList(new Object[] {ADMINS, USERS})));
             groups.put("user", new HashSet<Object>(Arrays.asList(new Object[] {USERS})));
             groups.put("guest", new HashSet<Object>(Arrays.asList(new Object[] {GUESTS})));

             return new SimpleAuthenticationBroker(broker, u, groups);
         }

         public String toString() {
             return "SimpleAuthenticationBroker";
         }
     }

     /**
      * @see {@link CombinationTestSupport}
      */
     public void initCombos() {
         addCombinationValues("authorizationPlugin",
                              new Object[] {new AuthorizationPlugin(createAuthorizationMap())});
         addCombinationValues("authenticationPlugin", new Object[] {new SimpleAuthenticationFactory(),
                                                                    new JaasAuthenticationPlugin()});
     }

     protected BrokerService createBroker() throws Exception {
         BrokerService broker = super.createBroker();
         broker.setPlugins(new BrokerPlugin[] {authorizationPlugin, authenticationPlugin});
         broker.setPersistent(false);
         return broker;
     }

 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.activemq.security;

	import java.net.URL;
	import java.util.Arrays;
	import java.util.HashMap;
	import java.util.HashSet;

	import junit.framework.Test;
	import org.apache.activemq.CombinationTestSupport;
	import org.apache.activemq.broker.Broker;
	import org.apache.activemq.broker.BrokerPlugin;
	import org.apache.activemq.broker.BrokerService;
	import org.apache.activemq.command.ActiveMQQueue;
	import org.apache.activemq.command.ActiveMQTopic;
	import org.apache.activemq.command.MessageSendTest;
	import org.apache.activemq.filter.DestinationMap;
	import org.apache.activemq.jaas.GroupPrincipal;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	/**
	* Tests that the broker allows/fails access to destinations based on the
	* security policy installed on the broker.
	*
	*
	*/
	public class SimpleSecurityBrokerSystemTest extends SecurityTestSupport {

	static final GroupPrincipal GUESTS = new GroupPrincipal("guests");
	static final GroupPrincipal USERS = new GroupPrincipal("users");
	static final GroupPrincipal ADMINS = new GroupPrincipal("admins");
	private static final Logger LOG = LoggerFactory.getLogger(SimpleSecurityBrokerSystemTest.class);

	public BrokerPlugin authorizationPlugin;
	public BrokerPlugin authenticationPlugin;

	static {
	String path = System.getProperty("java.security.auth.login.config");
	if (path == null) {
	URL resource = SimpleSecurityBrokerSystemTest.class.getClassLoader().getResource("login.config");
	if (resource != null) {
	path = resource.getFile();
	System.setProperty("java.security.auth.login.config", path);
	}
	}
	LOG.info("Path to login config: " + path);
	}

	public static Test suite() {
	return suite(SimpleSecurityBrokerSystemTest.class);
	}

	public static void main(String[] args) {
	junit.textui.TestRunner.run(suite());
	}

	public static AuthorizationMap createAuthorizationMap() {
	DestinationMap readAccess = new DestinationMap();
	readAccess.put(new ActiveMQQueue(">"), ADMINS);
	readAccess.put(new ActiveMQQueue("USERS.>"), USERS);
	readAccess.put(new ActiveMQQueue("GUEST.>"), GUESTS);
	readAccess.put(new ActiveMQTopic(">"), ADMINS);
	readAccess.put(new ActiveMQTopic("USERS.>"), USERS);
	readAccess.put(new ActiveMQTopic("GUEST.>"), GUESTS);

	DestinationMap writeAccess = new DestinationMap();
	writeAccess.put(new ActiveMQQueue(">"), ADMINS);
	writeAccess.put(new ActiveMQQueue("USERS.>"), USERS);
	writeAccess.put(new ActiveMQQueue("GUEST.>"), USERS);
	writeAccess.put(new ActiveMQQueue("GUEST.>"), GUESTS);
	writeAccess.put(new ActiveMQTopic(">"), ADMINS);
	writeAccess.put(new ActiveMQTopic("USERS.>"), USERS);
	writeAccess.put(new ActiveMQTopic("GUEST.>"), USERS);
	writeAccess.put(new ActiveMQTopic("GUEST.>"), GUESTS);

	readAccess.put(new ActiveMQTopic("ActiveMQ.Advisory.>"), GUESTS);
	readAccess.put(new ActiveMQTopic("ActiveMQ.Advisory.>"), USERS);
	writeAccess.put(new ActiveMQTopic("ActiveMQ.Advisory.>"), GUESTS);
	writeAccess.put(new ActiveMQTopic("ActiveMQ.Advisory.>"), USERS);

	DestinationMap adminAccess = new DestinationMap();
	adminAccess.put(new ActiveMQTopic(">"), ADMINS);
	adminAccess.put(new ActiveMQTopic(">"), USERS);
	adminAccess.put(new ActiveMQTopic(">"), GUESTS);
	adminAccess.put(new ActiveMQQueue(">"), ADMINS);
	adminAccess.put(new ActiveMQQueue(">"), USERS);
	adminAccess.put(new ActiveMQQueue(">"), GUESTS);

	return new SimpleAuthorizationMap(writeAccess, readAccess, adminAccess);
	}

	static class SimpleAuthenticationFactory implements BrokerPlugin {
	public Broker installPlugin(Broker broker) {

	HashMap<String, String> u = new HashMap<String, String>();
	u.put("system", "manager");
	u.put("user", "password");
	u.put("guest", "password");

	HashMap<String, HashSet<Object>> groups = new HashMap<String, HashSet<Object>>();
	groups.put("system", new HashSet<Object>(Arrays.asList(new Object[] {ADMINS, USERS})));
	groups.put("user", new HashSet<Object>(Arrays.asList(new Object[] {USERS})));
	groups.put("guest", new HashSet<Object>(Arrays.asList(new Object[] {GUESTS})));

	return new SimpleAuthenticationBroker(broker, u, groups);
	}

	public String toString() {
	return "SimpleAuthenticationBroker";
	}
	}

	/**
	* @see {@link CombinationTestSupport}
	*/
	public void initCombos() {
	addCombinationValues("authorizationPlugin",
	new Object[] {new AuthorizationPlugin(createAuthorizationMap())});
	addCombinationValues("authenticationPlugin", new Object[] {new SimpleAuthenticationFactory(),
	new JaasAuthenticationPlugin()});
	}

	protected BrokerService createBroker() throws Exception {
	BrokerService broker = super.createBroker();
	broker.setPlugins(new BrokerPlugin[] {authorizationPlugin, authenticationPlugin});
	broker.setPersistent(false);
	return broker;
	}

	}