summaryrefslogtreecommitdiff
path: root/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java
diff options
context:
space:
mode:
Diffstat (limited to 'java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java')
-rw-r--r--java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java184
1 files changed, 98 insertions, 86 deletions
diff --git a/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java b/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java
index 9a08eb6499..ab309c54ce 100644
--- a/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java
+++ b/java/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/PlainConfiguration.java
@@ -1,5 +1,5 @@
/*
- *
+ *
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
@@ -7,16 +7,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.qpid.server.security.access.config;
@@ -32,55 +32,65 @@ import java.util.List;
import java.util.Map;
import java.util.Stack;
-import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.lang.StringUtils;
-import org.apache.qpid.server.security.access.ObjectProperties;
+import org.apache.log4j.Logger;
+import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.security.access.ObjectType;
import org.apache.qpid.server.security.access.Operation;
import org.apache.qpid.server.security.access.Permission;
public class PlainConfiguration extends AbstractConfiguration
{
+ private static final Logger _logger = Logger.getLogger(PlainConfiguration.class);
+
public static final Character COMMENT = '#';
public static final Character CONTINUATION = '\\';
- public static final String GROUP = "group";
public static final String ACL = "acl";
public static final String CONFIG = "config";
- public static final String UNRECOGNISED_INITIAL_MSG = "Unrecognised initial token '%s' at line %d";
- public static final String NOT_ENOUGH_TOKENS_MSG = "Not enough tokens at line %d";
- public static final String NUMBER_NOT_ALLOWED_MSG = "Number not allowed before '%s' at line %d";
- public static final String CANNOT_LOAD_MSG = "Cannot load config file %s";
- public static final String PREMATURE_CONTINUATION_MSG = "Premature continuation character at line %d";
- public static final String PREMATURE_EOF_MSG = "Premature end of file reached at line %d";
- public static final String PARSE_TOKEN_FAILED_MSG = "Failed to parse token at line %d";
- public static final String CONFIG_NOT_FOUND_MSG = "Cannot find config file %s";
- public static final String NOT_ENOUGH_GROUP_MSG = "Not enough data for a group at line %d";
- public static final String NOT_ENOUGH_ACL_MSG = "Not enough data for an acl at line %d";
- public static final String NOT_ENOUGH_CONFIG_MSG = "Not enough data for config at line %d";
- public static final String BAD_ACL_RULE_NUMBER_MSG = "Invalid rule number at line %d";
- public static final String PROPERTY_KEY_ONLY_MSG = "Incomplete property (key only) at line %d";
- public static final String PROPERTY_NO_EQUALS_MSG = "Incomplete property (no equals) at line %d";
- public static final String PROPERTY_NO_VALUE_MSG = "Incomplete property (no value) at line %d";
-
+ static final String UNRECOGNISED_INITIAL_MSG = "Unrecognised initial token '%s' at line %d";
+ static final String NOT_ENOUGH_TOKENS_MSG = "Not enough tokens at line %d";
+ static final String NUMBER_NOT_ALLOWED_MSG = "Number not allowed before '%s' at line %d";
+ static final String CANNOT_LOAD_MSG = "Cannot load config file %s";
+ static final String CANNOT_CLOSE_MSG = "Cannot close config file %s";
+ static final String PREMATURE_CONTINUATION_MSG = "Premature continuation character at line %d";
+ static final String PREMATURE_EOF_MSG = "Premature end of file reached at line %d";
+ static final String PARSE_TOKEN_FAILED_MSG = "Failed to parse token at line %d";
+ static final String CONFIG_NOT_FOUND_MSG = "Cannot find config file %s";
+ static final String NOT_ENOUGH_ACL_MSG = "Not enough data for an acl at line %d";
+ static final String NOT_ENOUGH_CONFIG_MSG = "Not enough data for config at line %d";
+ static final String BAD_ACL_RULE_NUMBER_MSG = "Invalid rule number at line %d";
+ static final String PROPERTY_KEY_ONLY_MSG = "Incomplete property (key only) at line %d";
+ static final String PROPERTY_NO_EQUALS_MSG = "Incomplete property (no equals) at line %d";
+ static final String PROPERTY_NO_VALUE_MSG = "Incomplete property (no value) at line %d";
+
private StreamTokenizer _st;
public PlainConfiguration(File file)
{
super(file);
}
-
+
@Override
- public RuleSet load() throws ConfigurationException
+ public RuleSet load()
{
RuleSet ruleSet = super.load();
-
+
+ File file = getFile();
+ FileReader fileReader = null;
+
try
{
- _st = new StreamTokenizer(new BufferedReader(new FileReader(getFile())));
+ if(_logger.isDebugEnabled())
+ {
+ _logger.debug("About to load ACL file " + file);
+ }
+
+ fileReader = new FileReader(file);
+ _st = new StreamTokenizer(new BufferedReader(fileReader));
_st.resetSyntax(); // setup the tokenizer
-
+
_st.commentChar(COMMENT); // single line comments
_st.eolIsSignificant(true); // return EOL as a token
_st.ordinaryChar('='); // equals is a token
@@ -97,7 +107,7 @@ public class PlainConfiguration extends AbstractConfiguration
_st.wordChars('*', '*'); // star
_st.wordChars('@', '@'); // at
_st.wordChars(':', ':'); // colon
-
+
// parse the acl file lines
Stack<String> stack = new Stack<String>();
int current;
@@ -111,21 +121,21 @@ public class PlainConfiguration extends AbstractConfiguration
{
break; // blank line
}
-
+
// pull out the first token from the bottom of the stack and check arguments exist
String first = stack.firstElement();
stack.removeElementAt(0);
if (stack.isEmpty())
{
- throw new ConfigurationException(String.format(NOT_ENOUGH_TOKENS_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(NOT_ENOUGH_TOKENS_MSG, getLine()));
}
-
+
// check for and parse optional initial number for ACL lines
Integer number = null;
if (StringUtils.isNumeric(first))
{
// set the acl number and get the next element
- number = Integer.valueOf(first);
+ number = Integer.valueOf(first);
first = stack.firstElement();
stack.removeElementAt(0);
}
@@ -136,9 +146,9 @@ public class PlainConfiguration extends AbstractConfiguration
}
else if (number == null)
{
- if (StringUtils.equalsIgnoreCase(GROUP, first))
+ if(StringUtils.equalsIgnoreCase("GROUP", first))
{
- parseGroup(stack);
+ throw new IllegalConfigurationException(String.format("GROUP keyword not supported. Groups should defined via a Group Provider, not in the ACL file.", getLine()));
}
else if (StringUtils.equalsIgnoreCase(CONFIG, first))
{
@@ -146,14 +156,14 @@ public class PlainConfiguration extends AbstractConfiguration
}
else
{
- throw new ConfigurationException(String.format(UNRECOGNISED_INITIAL_MSG, first, getLine()));
+ throw new IllegalConfigurationException(String.format(UNRECOGNISED_INITIAL_MSG, first, getLine()));
}
}
else
{
- throw new ConfigurationException(String.format(NUMBER_NOT_ALLOWED_MSG, first, getLine()));
+ throw new IllegalConfigurationException(String.format(NUMBER_NOT_ALLOWED_MSG, first, getLine()));
}
-
+
// reset stack, start next line
stack.clear();
break;
@@ -171,9 +181,9 @@ public class PlainConfiguration extends AbstractConfiguration
{
break; // continue reading next line
}
-
+
// invalid location for continuation character (add one to line beacuse we ate the EOL)
- throw new ConfigurationException(String.format(PREMATURE_CONTINUATION_MSG, getLine() + 1));
+ throw new IllegalConfigurationException(String.format(PREMATURE_CONTINUATION_MSG, getLine() + 1));
}
else if (_st.ttype == '\'' || _st.ttype == '"')
{
@@ -185,54 +195,59 @@ public class PlainConfiguration extends AbstractConfiguration
}
}
} while (current != StreamTokenizer.TT_EOF);
-
+
if (!stack.isEmpty())
{
- throw new ConfigurationException(String.format(PREMATURE_EOF_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PREMATURE_EOF_MSG, getLine()));
}
}
catch (IllegalArgumentException iae)
{
- throw new ConfigurationException(String.format(PARSE_TOKEN_FAILED_MSG, getLine()), iae);
+ throw new IllegalConfigurationException(String.format(PARSE_TOKEN_FAILED_MSG, getLine()), iae);
}
catch (FileNotFoundException fnfe)
{
- throw new ConfigurationException(String.format(CONFIG_NOT_FOUND_MSG, getFile().getName()), fnfe);
+ throw new IllegalConfigurationException(String.format(CONFIG_NOT_FOUND_MSG, file.getName()), fnfe);
}
catch (IOException ioe)
{
- throw new ConfigurationException(String.format(CANNOT_LOAD_MSG, getFile().getName()), ioe);
+ throw new IllegalConfigurationException(String.format(CANNOT_LOAD_MSG, file.getName()), ioe);
}
-
- return ruleSet;
- }
-
- private void parseGroup(List<String> args) throws ConfigurationException
- {
- if (args.size() < 2)
+ finally
{
- throw new ConfigurationException(String.format(NOT_ENOUGH_GROUP_MSG, getLine()));
+ if(fileReader != null)
+ {
+ try
+ {
+ fileReader.close();
+ }
+ catch (IOException e)
+ {
+ throw new IllegalConfigurationException(String.format(CANNOT_CLOSE_MSG, file.getName()), e);
+ }
+ }
}
-
- getConfiguration().addGroup(args.get(0), args.subList(1, args.size()));
+
+
+ return ruleSet;
}
-
- private void parseAcl(Integer number, List<String> args) throws ConfigurationException
+
+ private void parseAcl(Integer number, List<String> args)
{
if (args.size() < 3)
{
- throw new ConfigurationException(String.format(NOT_ENOUGH_ACL_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(NOT_ENOUGH_ACL_MSG, getLine()));
}
Permission permission = Permission.parse(args.get(0));
String identity = args.get(1);
Operation operation = Operation.parse(args.get(2));
-
+
if (number != null && !getConfiguration().isValidNumber(number))
{
- throw new ConfigurationException(String.format(BAD_ACL_RULE_NUMBER_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(BAD_ACL_RULE_NUMBER_MSG, getLine()));
}
-
+
if (args.size() == 3)
{
getConfiguration().grant(number, identity, permission, operation);
@@ -240,55 +255,52 @@ public class PlainConfiguration extends AbstractConfiguration
else
{
ObjectType object = ObjectType.parse(args.get(3));
- ObjectProperties properties = toObjectProperties(args.subList(4, args.size()));
+ AclRulePredicates predicates = toRulePredicates(args.subList(4, args.size()));
- getConfiguration().grant(number, identity, permission, operation, object, properties);
+ getConfiguration().grant(number, identity, permission, operation, object, predicates);
}
}
-
- private void parseConfig(List<String> args) throws ConfigurationException
+
+ private void parseConfig(List<String> args)
{
if (args.size() < 3)
{
- throw new ConfigurationException(String.format(NOT_ENOUGH_CONFIG_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(NOT_ENOUGH_CONFIG_MSG, getLine()));
}
Map<String, Boolean> properties = toPluginProperties(args);
-
+
getConfiguration().configure(properties);
}
-
- /** Converts a {@link List} of "name", "=", "value" tokens into a {@link Map}. */
- protected ObjectProperties toObjectProperties(List<String> args) throws ConfigurationException
+
+ private AclRulePredicates toRulePredicates(List<String> args)
{
- ObjectProperties properties = new ObjectProperties();
+ AclRulePredicates predicates = new AclRulePredicates();
Iterator<String> i = args.iterator();
while (i.hasNext())
{
String key = i.next();
if (!i.hasNext())
{
- throw new ConfigurationException(String.format(PROPERTY_KEY_ONLY_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_KEY_ONLY_MSG, getLine()));
}
if (!"=".equals(i.next()))
{
- throw new ConfigurationException(String.format(PROPERTY_NO_EQUALS_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_NO_EQUALS_MSG, getLine()));
}
if (!i.hasNext())
{
- throw new ConfigurationException(String.format(PROPERTY_NO_VALUE_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_NO_VALUE_MSG, getLine()));
}
String value = i.next();
-
- // parse property key
- ObjectProperties.Property property = ObjectProperties.Property.parse(key);
- properties.put(property, value);
+
+ predicates.parse(key, value);
}
- return properties;
+ return predicates;
}
-
+
/** Converts a {@link List} of "name", "=", "value" tokens into a {@link Map}. */
- protected Map<String, Boolean> toPluginProperties(List<String> args) throws ConfigurationException
+ protected Map<String, Boolean> toPluginProperties(List<String> args)
{
Map<String, Boolean> properties = new HashMap<String, Boolean>();
Iterator<String> i = args.iterator();
@@ -297,24 +309,24 @@ public class PlainConfiguration extends AbstractConfiguration
String key = i.next().toLowerCase();
if (!i.hasNext())
{
- throw new ConfigurationException(String.format(PROPERTY_KEY_ONLY_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_KEY_ONLY_MSG, getLine()));
}
if (!"=".equals(i.next()))
{
- throw new ConfigurationException(String.format(PROPERTY_NO_EQUALS_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_NO_EQUALS_MSG, getLine()));
}
if (!i.hasNext())
{
- throw new ConfigurationException(String.format(PROPERTY_NO_VALUE_MSG, getLine()));
+ throw new IllegalConfigurationException(String.format(PROPERTY_NO_VALUE_MSG, getLine()));
}
-
+
// parse property value and save
Boolean value = Boolean.valueOf(i.next());
properties.put(key, value);
}
return properties;
}
-
+
protected int getLine()
{
return _st.lineno() - 1;
View Lorry Controller Status