org.apache.activemq.artemis.spi.core.security

Class ActiveMQJAASSecurityManager

java.lang.Object

org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager

All Implemented Interfaces:

ActiveMQSecurityManager, ActiveMQSecurityManager3

public class ActiveMQJAASSecurityManager
extends Object
implements ActiveMQSecurityManager3

This implementation delegates to the JAAS security interfaces. The Subject returned by the login context is expecting to have a set of RolePrincipal for each role of the user.

Constructor Summary

Constructors

Constructor and Description
ActiveMQJAASSecurityManager()
ActiveMQJAASSecurityManager(String configurationName)
ActiveMQJAASSecurityManager(String configurationName, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration)
ActiveMQJAASSecurityManager(String configurationName, String certificateConfigurationName)
ActiveMQJAASSecurityManager(String configurationName, String certificateConfigurationName, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration certificateConfiguration)

Method Summary

Modifier and Type	Method and Description
static Object	createGroupPrincipal(String name, String groupClass)
org.apache.activemq.artemis.core.config.impl.SecurityConfiguration	getCertificateConfiguration()
org.apache.activemq.artemis.core.config.impl.SecurityConfiguration	getConfiguration()
String	getRolePrincipalClass()
String	getUserFromSubject(Subject subject)
void	setCertificateConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration certificateConfiguration)
void	setCertificateConfigurationName(String certificateConfigurationName)
void	setConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration)
void	setConfigurationName(String configurationName)
void	setRolePrincipalClass(String rolePrincipalClass)
boolean	validateUser(String user, String password) is this a valid user.
String	validateUser(String user, String password, RemotingConnection remotingConnection) is this a valid user.
boolean	validateUserAndRole(String user, String password, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType) is this a valid user and do they have the correct role
String	validateUserAndRole(String user, String password, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType, String address, RemotingConnection remotingConnection) Determine whether the given user is valid and whether they have the correct role for the given destination address.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ActiveMQJAASSecurityManager

public ActiveMQJAASSecurityManager()

ActiveMQJAASSecurityManager

public ActiveMQJAASSecurityManager(String configurationName)

ActiveMQJAASSecurityManager

public ActiveMQJAASSecurityManager(String configurationName,
                                   String certificateConfigurationName)

ActiveMQJAASSecurityManager

public ActiveMQJAASSecurityManager(String configurationName,
                                   org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration)

ActiveMQJAASSecurityManager

public ActiveMQJAASSecurityManager(String configurationName,
                                   String certificateConfigurationName,
                                   org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration,
                                   org.apache.activemq.artemis.core.config.impl.SecurityConfiguration certificateConfiguration)

Method Detail

validateUser

public boolean validateUser(String user,
                            String password)

Description copied from interface: ActiveMQSecurityManager

is this a valid user.

Specified by:

validateUser in interface ActiveMQSecurityManager

Parameters:

user - the user

password - the users password

Returns:

true if a valid user

validateUser

public String validateUser(String user,
                           String password,
                           RemotingConnection remotingConnection)

Description copied from interface: ActiveMQSecurityManager3

is this a valid user. This method is called instead of ActiveMQSecurityManager.validateUser(String, String).

Specified by:

validateUser in interface ActiveMQSecurityManager3

Parameters:

user - the user

password - the users password

Returns:

the name of the validated user or null if the user isn't validated

getUserFromSubject

public String getUserFromSubject(Subject subject)

validateUserAndRole

public boolean validateUserAndRole(String user,
                                   String password,
                                   Set<org.apache.activemq.artemis.core.security.Role> roles,
                                   org.apache.activemq.artemis.core.security.CheckType checkType)

Description copied from interface: ActiveMQSecurityManager

is this a valid user and do they have the correct role

Specified by:

validateUserAndRole in interface ActiveMQSecurityManager

Parameters:

user - the user

password - the users password

roles - the roles the user has

checkType - the type of check to perform

Returns:

true if the user is valid and they have the correct roles

validateUserAndRole

public String validateUserAndRole(String user,
                                  String password,
                                  Set<org.apache.activemq.artemis.core.security.Role> roles,
                                  org.apache.activemq.artemis.core.security.CheckType checkType,
                                  String address,
                                  RemotingConnection remotingConnection)

Description copied from interface: ActiveMQSecurityManager3

Determine whether the given user is valid and whether they have the correct role for the given destination address. This method is called instead of ActiveMQSecurityManager.validateUserAndRole(String, String, Set, CheckType).

Specified by:

validateUserAndRole in interface ActiveMQSecurityManager3

Parameters:

user - the user

password - the user's password

roles - the user's roles

checkType - which permission to validate

address - the address for which to perform authorization

remotingConnection - the user's connection

Returns:

the name of the validated user or null if the user isn't validated

setConfigurationName

public void setConfigurationName(String configurationName)

setConfiguration

public void setConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration)

setCertificateConfigurationName

public void setCertificateConfigurationName(String certificateConfigurationName)

setCertificateConfiguration

public void setCertificateConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration certificateConfiguration)

getConfiguration

public org.apache.activemq.artemis.core.config.impl.SecurityConfiguration getConfiguration()

getCertificateConfiguration

public org.apache.activemq.artemis.core.config.impl.SecurityConfiguration getCertificateConfiguration()

getRolePrincipalClass

public String getRolePrincipalClass()

setRolePrincipalClass

public void setRolePrincipalClass(String rolePrincipalClass)

createGroupPrincipal

public static Object createGroupPrincipal(String name,
                                          String groupClass)
                                   throws Exception

Throws:

Exception