activemq-shiro/src/test/java/org/apache/activemq/shiro/ShiroPluginTest.java - activemq - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.activemq.shiro;

 import org.apache.activemq.broker.BrokerPlugin;
 import org.apache.activemq.broker.BrokerService;
 import org.apache.activemq.broker.MutableBrokerFilter;
 import org.apache.activemq.shiro.authc.AuthenticationFilter;
 import org.apache.activemq.shiro.authc.DefaultAuthenticationPolicy;
 import org.apache.activemq.shiro.authz.AuthorizationFilter;
 import org.apache.activemq.shiro.env.IniEnvironment;
 import org.apache.activemq.shiro.subject.DefaultConnectionSubjectFactory;
 import org.apache.activemq.shiro.subject.SubjectFilter;
 import org.apache.activemq.test.JmsResourceProvider;
 import org.apache.activemq.test.TestSupport;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.config.Ini;
 import org.apache.shiro.env.DefaultEnvironment;
 import org.apache.shiro.env.Environment;
 import org.apache.shiro.mgt.DefaultSecurityManager;
 import org.apache.shiro.realm.text.IniRealm;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import javax.jms.Connection;
 import javax.jms.ConnectionFactory;
 import javax.jms.Destination;
 import javax.jms.JMSException;
 import javax.jms.MessageConsumer;
 import javax.jms.MessageProducer;
 import javax.jms.Session;

 /**
  * @since 5.10.0
  */
 public class ShiroPluginTest extends TestSupport {

     private static final Logger LOG = LoggerFactory.getLogger(ShiroPluginTest.class);

     protected BrokerService broker;
     protected SecureJmsResourceProvider resourceProvider;
     protected ConnectionFactory connectionFactory;
     protected Connection connection;
     protected Session session;
     protected Destination destination;
     protected MessageConsumer consumer;
     protected MessageProducer producer;

     @Override
     protected void setUp() throws Exception {
         resourceProvider = new SecureJmsResourceProvider();
     }

     @Override
     protected void tearDown() throws Exception {
         LOG.info("Shutting down broker...");

         if (session != null) {
             session.close();
         }
         session = null;

         if (connection != null) {
             connection.close();
         }
         connection = null;

         if (broker != null) {
             broker.stop();
             broker.waitUntilStopped();
         }
         broker = null;

         LOG.info("Broker shut down.");
     }

     protected void reconnect() throws Exception {
         reconnect(null, null);
     }

     protected void reconnect(String username, String password) throws Exception {
         if (connection != null) {
             // Close the prev connection.
             connection.close();
         }
         session = null;
         if (username == null && password == null) {
             connection = resourceProvider.createConnection(connectionFactory);
         } else {
             connection = resourceProvider.createConnection(connectionFactory, username, password);
         }
         reconnectSession();
         connection.start();
     }

     protected void reconnectSession() throws JMSException {
         if (session != null) {
             session.close();
         }
         session = resourceProvider.createSession(connection);
         destination = resourceProvider.createDestination(session, getSubject());
         producer = resourceProvider.createProducer(session, destination);
         consumer = resourceProvider.createConsumer(session, destination);
     }

     protected ConnectionFactory newConnectionFactory() throws Exception {
         return resourceProvider.createConnectionFactory();
     }

     protected void start() throws Exception {
         startBroker();
         topic = resourceProvider.isTopic();
         connectionFactory = newConnectionFactory();
     }

     protected void startBroker() throws Exception {
         broker.start();
         broker.waitUntilStarted();
     }

     protected BrokerService createBroker(BrokerPlugin... plugins) throws Exception {
         return createBroker(plugins, resourceProvider.getServerUri());
     }

     protected BrokerService createBroker(BrokerPlugin[] plugins, String... connectorUris) throws Exception {
         BrokerService brokerService = new BrokerService();
         if (plugins != null && plugins.length > 0) {
             brokerService.setPlugins(plugins);
         }
         if (connectorUris != null) {
             for (String uri : connectorUris) {
                 brokerService.addConnector(uri);
             }
         }
         return brokerService;
     }

     protected ShiroPlugin createPlugin(String iniPath) {
         Ini ini = Ini.fromResourcePath(iniPath);
         Environment env = new IniEnvironment(ini);
         ShiroPlugin plugin = new ShiroPlugin();
         plugin.setEnvironment(env);
         return plugin;
     }

     public void testNoEnvironmentOrSecurityManager() throws Exception {
         //should build IniEnvironment from shiro.ini in the classpath at the least:
         ShiroPlugin plugin = new ShiroPlugin();
         plugin.installPlugin(new MutableBrokerFilter(null));

         Ini ini = Ini.fromResourcePath("classpath:shiro.ini");
         IniRealm realm = (IniRealm) ((DefaultSecurityManager) plugin.getEnvironment().getSecurityManager()).getRealms().iterator().next();
         assertEquals(ini, realm.getIni());
     }

     public void testSetIni() throws Exception {
         ShiroPlugin plugin = new ShiroPlugin();
         Ini ini = Ini.fromResourcePath("classpath:minimal.shiro.ini");
         plugin.setIni(ini);
         plugin.installPlugin(new MutableBrokerFilter(null));

         IniRealm realm = (IniRealm) ((DefaultSecurityManager) plugin.getEnvironment().getSecurityManager()).getRealms().iterator().next();
         assertSame(ini, realm.getIni());
     }

     public void testSetIniString() throws Exception {
         ShiroPlugin plugin = new ShiroPlugin();
         plugin.setIniConfig(
                 "[users]\n" +
                 "system = manager, system\n" +
                 "[roles]\n" +
                 "system = *");
         plugin.installPlugin(new MutableBrokerFilter(null));

         IniRealm realm = (IniRealm) ((DefaultSecurityManager) plugin.getEnvironment().getSecurityManager()).getRealms().iterator().next();
         Ini ini = realm.getIni();
         assertEquals(1, ini.getSection("users").size());
         assertEquals("manager, system", ini.getSection("users").get("system"));
         assertEquals(1, ini.getSection("roles").size());
         assertEquals("*", ini.getSection("roles").get("system"));
     }

     public void testSetIniResourcePath() throws Exception {
         ShiroPlugin plugin = new ShiroPlugin();

         String path = "classpath:minimal.shiro.ini";

         plugin.setIniResourcePath(path);
         plugin.installPlugin(new MutableBrokerFilter(null));

         Ini ini = Ini.fromResourcePath(path);

         IniRealm realm = (IniRealm) ((DefaultSecurityManager) plugin.getEnvironment().getSecurityManager()).getRealms().iterator().next();
         assertEquals(ini, realm.getIni());
     }

     public void testSetSubjectFilter() {
         ShiroPlugin plugin = new ShiroPlugin();
         SubjectFilter filter = new SubjectFilter();
         plugin.setSubjectFilter(filter);
         assertSame(filter, plugin.getSubjectFilter());
         //assert that the AuthenticationFilter is always the next filter in the chain after the SubjectFilter:
         assertSame(plugin.getAuthenticationFilter(), filter.getNext());
     }

     public void testSetAuthenticationFilter() {
         ShiroPlugin plugin = new ShiroPlugin();
         AuthenticationFilter filter = new AuthenticationFilter();
         plugin.setAuthenticationFilter(filter);
         assertSame(filter, plugin.getAuthenticationFilter());
         //assert that the AuthenticationFilter is always the next filter in the chain after the SubjectFilter:
         assertSame(plugin.getSubjectFilter().getNext(), filter);
     }

     public void testSetAuthorizationFilter() {
         ShiroPlugin plugin = new ShiroPlugin();
         AuthorizationFilter filter = new AuthorizationFilter();
         plugin.setAuthorizationFilter(filter);
         assertSame(filter, plugin.getAuthorizationFilter());
         //assert that the AuthenticationFilter is always the next filter in the chain after the AuthenticationFilter:
         assertSame(plugin.getAuthenticationFilter().getNext(), filter);
     }

     public void testSetEnvironment() {
         ShiroPlugin plugin = new ShiroPlugin();
         Environment env = new DefaultEnvironment();
         plugin.setEnvironment(env);
         assertSame(env, plugin.getEnvironment());
     }

     public void testSetSecurityManager() {
         ShiroPlugin plugin = new ShiroPlugin();
         org.apache.shiro.mgt.SecurityManager securityManager = new DefaultSecurityManager();
         plugin.setSecurityManager(securityManager);
         assertSame(securityManager, plugin.getSecurityManager());
     }

     public void testSecurityManagerWhenInstalled() throws Exception {
         ShiroPlugin plugin = new ShiroPlugin();
         org.apache.shiro.mgt.SecurityManager securityManager = new DefaultSecurityManager();
         plugin.setSecurityManager(securityManager);

         assertNull(plugin.getEnvironment()); //we will auto-create one when only a sm is provided

         plugin.installPlugin(new MutableBrokerFilter(null));

         assertSame(securityManager, plugin.getSecurityManager());
         assertNotNull(plugin.getEnvironment());
         assertSame(securityManager, plugin.getEnvironment().getSecurityManager());
     }

     public void testEnabledWhenNotInstalled() {
         ShiroPlugin plugin = new ShiroPlugin();
         assertTrue(plugin.isEnabled()); //enabled by default

         plugin.setEnabled(false);
         assertFalse(plugin.isEnabled());

         plugin.setEnabled(true);
         assertTrue(plugin.isEnabled());
     }

     public void testEnabledWhenInstalled() throws Exception {
         ShiroPlugin plugin = createPlugin("classpath:minimal.shiro.ini");
         this.broker = createBroker(plugin);
         start();
         assertTrue(plugin.isEnabled());

         plugin.setEnabled(false);
         assertFalse(plugin.isEnabled());

         plugin.setEnabled(true);
         assertTrue(plugin.isEnabled());
     }

     public void testAuthenticationEnabledWhenNotInstalled() {
         ShiroPlugin plugin = new ShiroPlugin();
         assertTrue(plugin.isAuthenticationEnabled());

         plugin.setAuthenticationEnabled(false);
         assertFalse(plugin.isAuthenticationEnabled());

         plugin.setAuthenticationEnabled(true);
         assertTrue(plugin.isAuthenticationEnabled());
     }

     public void testAuthenticationEnabledWhenInstalled() throws Exception {
         ShiroPlugin plugin = new ShiroPlugin();
         plugin.setEnvironment(new DefaultEnvironment());
         plugin.installPlugin(new MutableBrokerFilter(null));

         assertTrue(plugin.isAuthenticationEnabled());

         plugin.setAuthenticationEnabled(false);
         assertFalse(plugin.isAuthenticationEnabled());

         plugin.setAuthenticationEnabled(true);
         assertTrue(plugin.isAuthenticationEnabled());
     }

     public void testSetAuthenticationPolicy() {
         ShiroPlugin plugin = new ShiroPlugin();
         DefaultAuthenticationPolicy policy = new DefaultAuthenticationPolicy();
         plugin.setAuthenticationPolicy(policy);
         assertSame(policy, plugin.getAuthenticationPolicy());
         assertSame(policy, plugin.getAuthenticationFilter().getAuthenticationPolicy());
         assertSame(policy, ((DefaultConnectionSubjectFactory) plugin.getSubjectFilter().getConnectionSubjectFactory()).getAuthenticationPolicy());
     }

     public void testAuthorizationEnabledWhenNotInstalled() {
         ShiroPlugin plugin = new ShiroPlugin();
         assertTrue(plugin.isAuthorizationEnabled());

         plugin.setAuthorizationEnabled(false);
         assertFalse(plugin.isAuthorizationEnabled());

         plugin.setAuthorizationEnabled(true);
         assertTrue(plugin.isAuthorizationEnabled());
     }

     public void testAuthorizationEnabledWhenInstalled() throws Exception {
         ShiroPlugin plugin = new ShiroPlugin();
         plugin.setEnvironment(new DefaultEnvironment());
         plugin.installPlugin(new MutableBrokerFilter(null));

         assertTrue(plugin.isAuthorizationEnabled());

         plugin.setAuthorizationEnabled(false);
         assertFalse(plugin.isAuthorizationEnabled());

         plugin.setAuthorizationEnabled(true);
         assertTrue(plugin.isAuthorizationEnabled());
     }


     public void testSimple() throws Exception {
         ShiroPlugin plugin = createPlugin("classpath:minimal.shiro.ini");
         this.broker = createBroker(plugin);
         start();
         reconnect();
     }

     public void testDisabled() throws Exception {
         ShiroPlugin plugin = createPlugin("classpath:nosystem.shiro.ini");
         plugin.setEnabled(false);
         this.broker = createBroker(plugin);
         start();
     }

     public void testRuntimeDisableEnableChanges() throws Exception {
         ShiroPlugin plugin = createPlugin("classpath:nosystem.shiro.ini");
         ((DefaultAuthenticationPolicy) plugin.getAuthenticationPolicy()).setVmConnectionAuthenticationRequired(true);
         plugin.setEnabled(false);
         this.broker = createBroker(plugin);
         start();

         //connection has no credentials.  When disabled, this should succeed:
         reconnect();

         //now enable the plugin and assert that credentials are required:
         plugin.setEnabled(true);

         try {
             reconnect();
             fail("Connections without passwords in this configuration should fail.");
         } catch (JMSException expected) {
             assertTrue(expected.getCause() instanceof AuthenticationException);
         }

         //this should work now that we're authenticating:
         reconnect("foo", "bar");
     }

     static class SecureJmsResourceProvider extends JmsResourceProvider {

         /**
          * Creates a connection, authenticating with the specified username and password.
          *
          * @see org.apache.activemq.test.JmsResourceProvider#createConnection(javax.jms.ConnectionFactory)
          */
         public Connection createConnection(ConnectionFactory cf, String username, String password) throws JMSException {
             Connection connection = cf.createConnection(username, password);
             if (getClientID() != null) {
                 connection.setClientID(getClientID());
             }
             return connection;
         }
     }
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.activemq.shiro;

	import org.apache.activemq.broker.BrokerPlugin;
	import org.apache.activemq.broker.BrokerService;
	import org.apache.activemq.broker.MutableBrokerFilter;
	import org.apache.activemq.shiro.authc.AuthenticationFilter;
	import org.apache.activemq.shiro.authc.DefaultAuthenticationPolicy;
	import org.apache.activemq.shiro.authz.AuthorizationFilter;
	import org.apache.activemq.shiro.env.IniEnvironment;
	import org.apache.activemq.shiro.subject.DefaultConnectionSubjectFactory;
	import org.apache.activemq.shiro.subject.SubjectFilter;
	import org.apache.activemq.test.JmsResourceProvider;
	import org.apache.activemq.test.TestSupport;
	import org.apache.shiro.authc.AuthenticationException;
	import org.apache.shiro.config.Ini;
	import org.apache.shiro.env.DefaultEnvironment;
	import org.apache.shiro.env.Environment;
	import org.apache.shiro.mgt.DefaultSecurityManager;
	import org.apache.shiro.realm.text.IniRealm;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	import javax.jms.Connection;
	import javax.jms.ConnectionFactory;
	import javax.jms.Destination;
	import javax.jms.JMSException;
	import javax.jms.MessageConsumer;
	import javax.jms.MessageProducer;
	import javax.jms.Session;

	/**
	* @since 5.10.0
	*/
	public class ShiroPluginTest extends TestSupport {

	private static final Logger LOG = LoggerFactory.getLogger(ShiroPluginTest.class);

	protected BrokerService broker;
	protected SecureJmsResourceProvider resourceProvider;
	protected ConnectionFactory connectionFactory;
	protected Connection connection;
	protected Session session;
	protected Destination destination;
	protected MessageConsumer consumer;
	protected MessageProducer producer;

	@Override
	protected void setUp() throws Exception {
	resourceProvider = new SecureJmsResourceProvider();
	}

	@Override
	protected void tearDown() throws Exception {
	LOG.info("Shutting down broker...");

	if (session != null) {
	session.close();
	}
	session = null;

	if (connection != null) {
	connection.close();
	}
	connection = null;

	if (broker != null) {
	broker.stop();
	broker.waitUntilStopped();
	}
	broker = null;

	LOG.info("Broker shut down.");
	}

	protected void reconnect() throws Exception {
	reconnect(null, null);
	}

	protected void reconnect(String username, String password) throws Exception {
	if (connection != null) {
	// Close the prev connection.
	connection.close();
	}
	session = null;
	if (username == null && password == null) {
	connection = resourceProvider.createConnection(connectionFactory);
	} else {
	connection = resourceProvider.createConnection(connectionFactory, username, password);
	}
	reconnectSession();
	connection.start();
	}

	protected void reconnectSession() throws JMSException {
	if (session != null) {
	session.close();
	}
	session = resourceProvider.createSession(connection);
	destination = resourceProvider.createDestination(session, getSubject());
	producer = resourceProvider.createProducer(session, destination);
	consumer = resourceProvider.createConsumer(session, destination);
	}

	protected ConnectionFactory newConnectionFactory() throws Exception {
	return resourceProvider.createConnectionFactory();
	}

	protected void start() throws Exception {
	startBroker();
	topic = resourceProvider.isTopic();
	connectionFactory = newConnectionFactory();
	}

	protected void startBroker() throws Exception {
	broker.start();
	broker.waitUntilStarted();
	}

	protected BrokerService createBroker(BrokerPlugin... plugins) throws Exception {
	return createBroker(plugins, resourceProvider.getServerUri());
	}

	protected BrokerService createBroker(BrokerPlugin[] plugins, String... connectorUris) throws Exception {
	BrokerService brokerService = new BrokerService();
	if (plugins != null && plugins.length > 0) {
	brokerService.setPlugins(plugins);
	}
	if (connectorUris != null) {
	for (String uri : connectorUris) {
	brokerService.addConnector(uri);
	}
	}
	return brokerService;
	}

	protected ShiroPlugin createPlugin(String iniPath) {
	Ini ini = Ini.fromResourcePath(iniPath);
	Environment env = new IniEnvironment(ini);
	ShiroPlugin plugin = new ShiroPlugin();
	plugin.setEnvironment(env);
	return plugin;
	}

	public void testNoEnvironmentOrSecurityManager() throws Exception {
	//should build IniEnvironment from shiro.ini in the classpath at the least:
	ShiroPlugin plugin = new ShiroPlugin();
	plugin.installPlugin(new MutableBrokerFilter(null));

	Ini ini = Ini.fromResourcePath("classpath:shiro.ini");
	IniRealm realm = (IniRealm) ((DefaultSecurityManager) plugin.getEnvironment().getSecurityManager()).getRealms().iterator().next();
	assertEquals(ini, realm.getIni());
	}

	public void testSetIni() throws Exception {
	ShiroPlugin plugin = new ShiroPlugin();
	Ini ini = Ini.fromResourcePath("classpath:minimal.shiro.ini");
	plugin.setIni(ini);
	plugin.installPlugin(new MutableBrokerFilter(null));

	IniRealm realm = (IniRealm) ((DefaultSecurityManager) plugin.getEnvironment().getSecurityManager()).getRealms().iterator().next();
	assertSame(ini, realm.getIni());
	}

	public void testSetIniString() throws Exception {
	ShiroPlugin plugin = new ShiroPlugin();
	plugin.setIniConfig(
	"[users]\n" +
	"system = manager, system\n" +
	"[roles]\n" +
	"system = *");
	plugin.installPlugin(new MutableBrokerFilter(null));

	IniRealm realm = (IniRealm) ((DefaultSecurityManager) plugin.getEnvironment().getSecurityManager()).getRealms().iterator().next();
	Ini ini = realm.getIni();
	assertEquals(1, ini.getSection("users").size());
	assertEquals("manager, system", ini.getSection("users").get("system"));
	assertEquals(1, ini.getSection("roles").size());
	assertEquals("*", ini.getSection("roles").get("system"));
	}

	public void testSetIniResourcePath() throws Exception {
	ShiroPlugin plugin = new ShiroPlugin();

	String path = "classpath:minimal.shiro.ini";

	plugin.setIniResourcePath(path);
	plugin.installPlugin(new MutableBrokerFilter(null));

	Ini ini = Ini.fromResourcePath(path);

	IniRealm realm = (IniRealm) ((DefaultSecurityManager) plugin.getEnvironment().getSecurityManager()).getRealms().iterator().next();
	assertEquals(ini, realm.getIni());
	}

	public void testSetSubjectFilter() {
	ShiroPlugin plugin = new ShiroPlugin();
	SubjectFilter filter = new SubjectFilter();
	plugin.setSubjectFilter(filter);
	assertSame(filter, plugin.getSubjectFilter());
	//assert that the AuthenticationFilter is always the next filter in the chain after the SubjectFilter:
	assertSame(plugin.getAuthenticationFilter(), filter.getNext());
	}

	public void testSetAuthenticationFilter() {
	ShiroPlugin plugin = new ShiroPlugin();
	AuthenticationFilter filter = new AuthenticationFilter();
	plugin.setAuthenticationFilter(filter);
	assertSame(filter, plugin.getAuthenticationFilter());
	//assert that the AuthenticationFilter is always the next filter in the chain after the SubjectFilter:
	assertSame(plugin.getSubjectFilter().getNext(), filter);
	}

	public void testSetAuthorizationFilter() {
	ShiroPlugin plugin = new ShiroPlugin();
	AuthorizationFilter filter = new AuthorizationFilter();
	plugin.setAuthorizationFilter(filter);
	assertSame(filter, plugin.getAuthorizationFilter());
	//assert that the AuthenticationFilter is always the next filter in the chain after the AuthenticationFilter:
	assertSame(plugin.getAuthenticationFilter().getNext(), filter);
	}

	public void testSetEnvironment() {
	ShiroPlugin plugin = new ShiroPlugin();
	Environment env = new DefaultEnvironment();
	plugin.setEnvironment(env);
	assertSame(env, plugin.getEnvironment());
	}

	public void testSetSecurityManager() {
	ShiroPlugin plugin = new ShiroPlugin();
	org.apache.shiro.mgt.SecurityManager securityManager = new DefaultSecurityManager();
	plugin.setSecurityManager(securityManager);
	assertSame(securityManager, plugin.getSecurityManager());
	}

	public void testSecurityManagerWhenInstalled() throws Exception {
	ShiroPlugin plugin = new ShiroPlugin();
	org.apache.shiro.mgt.SecurityManager securityManager = new DefaultSecurityManager();
	plugin.setSecurityManager(securityManager);

	assertNull(plugin.getEnvironment()); //we will auto-create one when only a sm is provided

	plugin.installPlugin(new MutableBrokerFilter(null));

	assertSame(securityManager, plugin.getSecurityManager());
	assertNotNull(plugin.getEnvironment());
	assertSame(securityManager, plugin.getEnvironment().getSecurityManager());
	}

	public void testEnabledWhenNotInstalled() {
	ShiroPlugin plugin = new ShiroPlugin();
	assertTrue(plugin.isEnabled()); //enabled by default

	plugin.setEnabled(false);
	assertFalse(plugin.isEnabled());

	plugin.setEnabled(true);
	assertTrue(plugin.isEnabled());
	}

	public void testEnabledWhenInstalled() throws Exception {
	ShiroPlugin plugin = createPlugin("classpath:minimal.shiro.ini");
	this.broker = createBroker(plugin);
	start();
	assertTrue(plugin.isEnabled());

	plugin.setEnabled(false);
	assertFalse(plugin.isEnabled());

	plugin.setEnabled(true);
	assertTrue(plugin.isEnabled());
	}

	public void testAuthenticationEnabledWhenNotInstalled() {
	ShiroPlugin plugin = new ShiroPlugin();
	assertTrue(plugin.isAuthenticationEnabled());

	plugin.setAuthenticationEnabled(false);
	assertFalse(plugin.isAuthenticationEnabled());

	plugin.setAuthenticationEnabled(true);
	assertTrue(plugin.isAuthenticationEnabled());
	}

	public void testAuthenticationEnabledWhenInstalled() throws Exception {
	ShiroPlugin plugin = new ShiroPlugin();
	plugin.setEnvironment(new DefaultEnvironment());
	plugin.installPlugin(new MutableBrokerFilter(null));

	assertTrue(plugin.isAuthenticationEnabled());

	plugin.setAuthenticationEnabled(false);
	assertFalse(plugin.isAuthenticationEnabled());

	plugin.setAuthenticationEnabled(true);
	assertTrue(plugin.isAuthenticationEnabled());
	}

	public void testSetAuthenticationPolicy() {
	ShiroPlugin plugin = new ShiroPlugin();
	DefaultAuthenticationPolicy policy = new DefaultAuthenticationPolicy();
	plugin.setAuthenticationPolicy(policy);
	assertSame(policy, plugin.getAuthenticationPolicy());
	assertSame(policy, plugin.getAuthenticationFilter().getAuthenticationPolicy());
	assertSame(policy, ((DefaultConnectionSubjectFactory) plugin.getSubjectFilter().getConnectionSubjectFactory()).getAuthenticationPolicy());
	}

	public void testAuthorizationEnabledWhenNotInstalled() {
	ShiroPlugin plugin = new ShiroPlugin();
	assertTrue(plugin.isAuthorizationEnabled());

	plugin.setAuthorizationEnabled(false);
	assertFalse(plugin.isAuthorizationEnabled());

	plugin.setAuthorizationEnabled(true);
	assertTrue(plugin.isAuthorizationEnabled());
	}

	public void testAuthorizationEnabledWhenInstalled() throws Exception {
	ShiroPlugin plugin = new ShiroPlugin();
	plugin.setEnvironment(new DefaultEnvironment());
	plugin.installPlugin(new MutableBrokerFilter(null));

	assertTrue(plugin.isAuthorizationEnabled());

	plugin.setAuthorizationEnabled(false);
	assertFalse(plugin.isAuthorizationEnabled());

	plugin.setAuthorizationEnabled(true);
	assertTrue(plugin.isAuthorizationEnabled());
	}


	public void testSimple() throws Exception {
	ShiroPlugin plugin = createPlugin("classpath:minimal.shiro.ini");
	this.broker = createBroker(plugin);
	start();
	reconnect();
	}

	public void testDisabled() throws Exception {
	ShiroPlugin plugin = createPlugin("classpath:nosystem.shiro.ini");
	plugin.setEnabled(false);
	this.broker = createBroker(plugin);
	start();
	}

	public void testRuntimeDisableEnableChanges() throws Exception {
	ShiroPlugin plugin = createPlugin("classpath:nosystem.shiro.ini");
	((DefaultAuthenticationPolicy) plugin.getAuthenticationPolicy()).setVmConnectionAuthenticationRequired(true);
	plugin.setEnabled(false);
	this.broker = createBroker(plugin);
	start();

	//connection has no credentials. When disabled, this should succeed:
	reconnect();

	//now enable the plugin and assert that credentials are required:
	plugin.setEnabled(true);

	try {
	reconnect();
	fail("Connections without passwords in this configuration should fail.");
	} catch (JMSException expected) {
	assertTrue(expected.getCause() instanceof AuthenticationException);
	}

	//this should work now that we're authenticating:
	reconnect("foo", "bar");
	}

	static class SecureJmsResourceProvider extends JmsResourceProvider {

	/**
	* Creates a connection, authenticating with the specified username and password.
	*
	* @see org.apache.activemq.test.JmsResourceProvider#createConnection(javax.jms.ConnectionFactory)
	*/
	public Connection createConnection(ConnectionFactory cf, String username, String password) throws JMSException {
	Connection connection = cf.createConnection(username, password);
	if (getClientID() != null) {
	connection.setClientID(getClientID());
	}
	return connection;
	}
	}
	}