summaryrefslogtreecommitdiff
path: root/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/ACLManager.java
diff options
context:
space:
mode:
Diffstat (limited to 'qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/ACLManager.java')
-rw-r--r--qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/ACLManager.java161
1 files changed, 161 insertions, 0 deletions
diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/ACLManager.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/ACLManager.java
new file mode 100644
index 0000000000..539f32a732
--- /dev/null
+++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/ACLManager.java
@@ -0,0 +1,161 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ *
+ */
+package org.apache.qpid.server.security.access;
+
+import org.apache.commons.configuration.Configuration;
+import org.apache.commons.configuration.ConfigurationException;
+import org.apache.qpid.server.registry.ApplicationRegistry;
+import org.apache.qpid.server.security.access.plugins.DenyAll;
+import org.apache.qpid.configuration.PropertyUtils;
+import org.apache.log4j.Logger;
+
+import java.util.List;
+import java.lang.reflect.Method;
+
+public class ACLManager
+{
+ private static final Logger _logger = Logger.getLogger(ACLManager.class);
+
+ public static ACLPlugin loadACLManager(String name, Configuration hostConfig) throws ConfigurationException
+ {
+ ACLPlugin aclPlugin = ApplicationRegistry.getInstance().getAccessManager();
+
+ if (hostConfig == null)
+ {
+ _logger.warn("No Configuration specified. Using default ACLPlugin '" + aclPlugin.getPluginName()
+ + "' for VirtualHost:'" + name + "'");
+ return aclPlugin;
+ }
+
+ String accessClass = hostConfig.getString("security.access.class");
+ if (accessClass == null)
+ {
+
+ _logger.warn("No ACL Plugin specified. Using default ACL Plugin '" + aclPlugin.getPluginName() +
+ "' for VirtualHost:'" + name + "'");
+ return aclPlugin;
+ }
+
+ Object o;
+ try
+ {
+ o = Class.forName(accessClass).newInstance();
+ }
+ catch (Exception e)
+ {
+ throw new ConfigurationException("Error initialising ACL: " + e, e);
+ }
+
+ if (!(o instanceof ACLPlugin))
+ {
+ throw new ConfigurationException("ACL Plugins must implement the ACLPlugin interface");
+ }
+
+ initialiseAccessControl((ACLPlugin) o, hostConfig);
+
+ aclPlugin = getManager((ACLPlugin) o);
+ if (_logger.isInfoEnabled())
+ {
+ _logger.info("Initialised ACL Plugin '" + aclPlugin.getPluginName()
+ + "' for virtualhost '" + name + "' successfully");
+ }
+
+ return aclPlugin;
+ }
+
+
+ private static void initialiseAccessControl(ACLPlugin accessManager, Configuration config)
+ throws ConfigurationException
+ {
+ //First provide the ACLPlugin with the host configuration
+
+ accessManager.setConfiguaration(config);
+
+ //Provide additional attribute customisation.
+ String baseName = "security.access.attributes.attribute.";
+ List<String> argumentNames = config.getList(baseName + "name");
+ List<String> argumentValues = config.getList(baseName + "value");
+ for (int i = 0; i < argumentNames.size(); i++)
+ {
+ String argName = argumentNames.get(i);
+ if (argName == null || argName.length() == 0)
+ {
+ throw new ConfigurationException("Access Control argument names must have length >= 1 character");
+ }
+ if (Character.isLowerCase(argName.charAt(0)))
+ {
+ argName = Character.toUpperCase(argName.charAt(0)) + argName.substring(1);
+ }
+ String methodName = "set" + argName;
+ Method method = null;
+ try
+ {
+ method = accessManager.getClass().getMethod(methodName, String.class);
+ }
+ catch (NoSuchMethodException e)
+ {
+ //do nothing as method will be null
+ }
+
+ if (method == null)
+ {
+ throw new ConfigurationException("No method " + methodName + " found in class " + accessManager.getClass() +
+ " hence unable to configure access control. The method must be public and " +
+ "have a single String argument with a void return type");
+ }
+ try
+ {
+ method.invoke(accessManager, PropertyUtils.replaceProperties(argumentValues.get(i)));
+ }
+ catch (Exception e)
+ {
+ ConfigurationException ce = new ConfigurationException(e.getMessage(), e.getCause());
+ ce.initCause(e);
+ throw ce;
+ }
+ }
+ }
+
+
+ private static ACLPlugin getManager(ACLPlugin manager)
+ {
+ if (manager == null)
+ {
+ if (ApplicationRegistry.getInstance().getAccessManager() == null)
+ {
+ return new DenyAll();
+ }
+ else
+ {
+ return ApplicationRegistry.getInstance().getAccessManager();
+ }
+ }
+ else
+ {
+ return manager;
+ }
+ }
+
+ public static Logger getLogger()
+ {
+ return _logger;
+ }
+}
View Lorry Controller Status