diff options
Diffstat (limited to 'java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaTrustStoreImpl.java')
-rw-r--r-- | java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaTrustStoreImpl.java | 66 |
1 files changed, 45 insertions, 21 deletions
diff --git a/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaTrustStoreImpl.java b/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaTrustStoreImpl.java index 4f7f913776..d757387a34 100644 --- a/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaTrustStoreImpl.java +++ b/java/broker-core/src/main/java/org/apache/qpid/server/security/NonJavaTrustStoreImpl.java @@ -49,6 +49,7 @@ import org.apache.log4j.Logger; import org.apache.qpid.server.configuration.IllegalConfigurationException; import org.apache.qpid.server.model.AbstractConfiguredObject; +import org.apache.qpid.server.model.AuthenticationProvider; import org.apache.qpid.server.model.Broker; import org.apache.qpid.server.model.ConfiguredObject; import org.apache.qpid.server.model.IntegrityViolationException; @@ -58,7 +59,10 @@ import org.apache.qpid.server.model.ManagedObject; import org.apache.qpid.server.model.ManagedObjectFactoryConstructor; import org.apache.qpid.server.model.Port; import org.apache.qpid.server.model.State; +import org.apache.qpid.server.model.StateTransition; +import org.apache.qpid.server.model.TrustStore; import org.apache.qpid.server.security.access.Operation; +import org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManager; import org.apache.qpid.server.util.urlstreamhandler.data.Handler; @ManagedObject( category = false ) @@ -168,12 +172,6 @@ public class NonJavaTrustStoreImpl } @Override - public State getState() - { - return State.ACTIVE; - } - - @Override public Object getAttribute(String name) { if (KeyStore.STATE.equals(name)) @@ -184,30 +182,56 @@ public class NonJavaTrustStoreImpl return super.getAttribute(name); } - @Override - protected boolean setState(State desiredState) + @StateTransition(currentState = {State.ACTIVE, State.ERRORED}, desiredState = State.DELETED) + protected void doDelete() { - if (desiredState == State.DELETED) + // verify that it is not in use + String storeName = getName(); + + Collection<Port<?>> ports = new ArrayList<Port<?>>(_broker.getPorts()); + for (Port port : ports) { - // verify that it is not in use - String storeName = getName(); + Collection<TrustStore> trustStores = port.getTrustStores(); + if(trustStores != null) + { + for (TrustStore store : trustStores) + { + if(storeName.equals(store.getAttribute(TrustStore.NAME))) + { + throw new IntegrityViolationException("Trust store '" + + storeName + + "' can't be deleted as it is in use by a port: " + + port.getName()); + } + } + } + } - Collection<Port> ports = new ArrayList<Port>(_broker.getPorts()); - for (Port port : ports) + Collection<AuthenticationProvider> authenticationProviders = new ArrayList<AuthenticationProvider>(_broker.getAuthenticationProviders()); + for (AuthenticationProvider authProvider : authenticationProviders) + { + if(authProvider.getAttributeNames().contains(SimpleLDAPAuthenticationManager.TRUST_STORE)) { - if (port.getKeyStore() == this) + Object attributeType = authProvider.getAttribute(AuthenticationProvider.TYPE); + Object attributeValue = authProvider.getAttribute(SimpleLDAPAuthenticationManager.TRUST_STORE); + if (SimpleLDAPAuthenticationManager.PROVIDER_TYPE.equals(attributeType) + && storeName.equals(attributeValue)) { - throw new IntegrityViolationException("Key store '" - + storeName - + "' can't be deleted as it is in use by a port:" - + port.getName()); + throw new IntegrityViolationException("Trust store '" + + storeName + + "' can't be deleted as it is in use by an authentication manager: " + + authProvider.getName()); } } - deleted(); - return true; } + deleted(); + setState(State.DELETED); + } - return false; + @StateTransition(currentState = {State.UNINITIALIZED, State.ERRORED}, desiredState = State.ACTIVE) + protected void doActivate() + { + setState(State.ACTIVE); } @Override |