diff options
Diffstat (limited to 'qpid/java/systests/src/test/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java')
| -rw-r--r-- | qpid/java/systests/src/test/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java | 320 |
1 files changed, 320 insertions, 0 deletions
diff --git a/qpid/java/systests/src/test/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java b/qpid/java/systests/src/test/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java new file mode 100644 index 0000000000..165fbed00c --- /dev/null +++ b/qpid/java/systests/src/test/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java @@ -0,0 +1,320 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the +* "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.qpid.server.security.acl; + +import org.apache.qpid.management.common.mbeans.ServerInformation; +import org.apache.qpid.server.security.access.ObjectType; +import org.apache.qpid.test.utils.JMXTestUtils; +import org.apache.qpid.test.utils.TestBrokerConfiguration; + +import java.lang.management.ManagementFactory; +import java.lang.management.RuntimeMXBean; + +/** + * Tests that access to the JMX interface is governed only by {@link ObjectType#METHOD}/{@link ObjectType#ALL} + * rules and AMQP rights have no effect. + * + * Ensures that objects outside the Qpid domain are not governed by the ACL model. + */ +public class ExternalACLJMXTest extends AbstractACLTestCase +{ + + private JMXTestUtils _jmx; + + private static final String TEST_QUEUE_OWNER = "admin"; + private static final String TEST_VHOST = "test"; + private static final String TEST2_VHOST = "test2"; + + @Override + public void setUp() throws Exception + { + //remove the normal 'test' vhost, we will configure the vhosts below + getBrokerConfiguration(0).removeObjectConfiguration(org.apache.qpid.server.model.VirtualHostNode.class, TestBrokerConfiguration.ENTRY_NAME_VIRTUAL_HOST); + + createTestVirtualHostNode(0, TEST_VHOST); + createTestVirtualHostNode(0, TEST2_VHOST); + + getBrokerConfiguration().addJmxManagementConfiguration(); + + _jmx = new JMXTestUtils(this); + super.setUp(); + _jmx.open(); + } + + @Override + public void tearDown() throws Exception + { + _jmx.close(); + super.tearDown(); + } + + public void setUpDenyAllIsCatchAllRule() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "#No more rules, default catch all (deny all) should apply"); + } + + public void testDenyAllIsCatchAllRule() throws Exception + { + //try a broker-level method + ServerInformation info = _jmx.getServerInformation(); + try + { + info.resetStatistics(); + fail("Exception not thrown"); + } + catch (SecurityException e) + { + assertEquals("Cause message incorrect", "Permission denied: UPDATE resetStatistics", e.getMessage()); + } + + //try a vhost-level method + try + { + _jmx.createQueue(TEST_VHOST, getTestQueueName(), TEST_QUEUE_OWNER, true); + fail("Exception not thrown"); + } + catch (Exception e) + { + assertEquals("Cause message incorrect", "Permission denied: UPDATE createNewQueue", e.getMessage()); + } + + // Ensure that calls to MBeans outside the Qpid domain are not impeded. + final RuntimeMXBean runtimeBean = _jmx.getManagedObject(RuntimeMXBean.class, ManagementFactory.RUNTIME_MXBEAN_NAME); + runtimeBean.getName(); + // PASS + } + + /** + * Ensure an ALLOW ALL ALL rule allows access to both getters/setters. + */ + public void setUpAllowAll() throws Exception + { + writeACLFile("ACL ALLOW ALL ALL"); + } + + public void testAllowAll() throws Exception + { + ServerInformation info = _jmx.getServerInformation(); + info.getBuildVersion(); // getter - requires ACCESS + info.resetStatistics(); // setter - requires UPDATE + // PASS + } + + public void setUpVhostWithName() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "ACL ALLOW admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue' virtualhost_name='"+ TEST_VHOST + "'", + "ACL DENY admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue' virtualhost_name='"+ TEST2_VHOST + "'"); + } + + public void testVhostWithName() throws Exception + { + _jmx.createQueue(TEST_VHOST, getTestQueueName(), TEST_QUEUE_OWNER, true); + + try + { + _jmx.createQueue(TEST2_VHOST, getTestQueueName(), TEST_QUEUE_OWNER, true); + fail("Exception not thrown"); + } + catch (SecurityException e) + { + assertEquals("Cause message incorrect", "Permission denied: UPDATE createNewQueue", e.getMessage()); + } + } + + + /** + * admin user is allowed all update methods on the component at broker level. + */ + public void setUpUpdateComponentOnlyAllow() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "ACL ALLOW admin UPDATE METHOD component='VirtualHost.VirtualHostManager'"); + } + + public void testUpdateComponentOnlyAllow() throws Exception + { + _jmx.createQueue(TEST_VHOST, getTestQueueName(), TEST_QUEUE_OWNER, true); + // PASS + _jmx.deleteQueue(TEST_VHOST, getTestQueueName()); + // PASS + } + + + /** + * admin user is allowed all update methods on all components at broker level. + */ + public void setUpUpdateMethodOnlyAllow() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "ACL ALLOW admin UPDATE METHOD"); + } + + public void testUpdateMethodOnlyAllow() throws Exception + { + _jmx.createQueue(TEST_VHOST, getTestQueueName(), TEST_QUEUE_OWNER, true); + //PASS + _jmx.deleteQueue(TEST_VHOST, getTestQueueName()); + // PASS + } + + + /** + * admin user has JMX right, AMQP right is irrelevant. + */ + public void setUpCreateQueueSuccess() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "ACL ALLOW admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue'"); + } + + public void testCreateQueueSuccess() throws Exception + { + _jmx.createQueue(TEST_VHOST, getTestQueueName(), TEST_QUEUE_OWNER, true); + } + + + /** + * admin user has JMX right, verifies lack of AMQP rights is irrelevant. + */ + public void setUpCreateQueueSuccessNoAMQPRights() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "ACL ALLOW admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue'", + "ACL DENY admin CREATE QUEUE"); + } + + public void testCreateQueueSuccessNoAMQPRights() throws Exception + { + _jmx.createQueue(TEST_VHOST, getTestQueueName(), TEST_QUEUE_OWNER, true); + } + + + /** + * admin user does not have JMX right, AMQP right is irrelevant. + */ + public void setUpCreateQueueDenied() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "ACL DENY admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue'"); + } + + public void testCreateQueueDenied() throws Exception + { + try + { + _jmx.createQueue(TEST_VHOST, getTestQueueName(), TEST_QUEUE_OWNER, true); + fail("Exception not thrown"); + } + catch (SecurityException e) + { + assertEquals("Cause message incorrect", "Permission denied: UPDATE createNewQueue", e.getMessage()); + } + } + + + /** + * admin user does not have JMX right + */ + public void setUpServerInformationUpdateDenied() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "ACL DENY admin UPDATE METHOD component='ServerInformation' name='resetStatistics'"); + } + + public void testServerInformationUpdateDenied() throws Exception + { + ServerInformation info = _jmx.getServerInformation(); + try + { + info.resetStatistics(); + fail("Exception not thrown"); + } + catch (SecurityException e) + { + assertEquals("Cause message incorrect", "Permission denied: UPDATE resetStatistics", e.getMessage()); + } + } + + + /** + * admin user has JMX right to check management API major version (but not minor version) + */ + public void setUpServerInformationAccessGranted() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "ACL ALLOW-LOG admin ACCESS METHOD component='ServerInformation' name='getManagementApiMajorVersion'"); + } + + public void testServerInformationAccessGranted() throws Exception + { + ServerInformation info = _jmx.getServerInformation(); + info.getManagementApiMajorVersion(); + + try + { + info.getManagementApiMinorVersion(); + fail("Exception not thrown"); + } + catch (SecurityException e) + { + assertEquals("Cause message incorrect", "Permission denied: ACCESS getManagementApiMinorVersion", e.getMessage()); + } + } + + + /** + * admin user has JMX right to use the update method + */ + public void setUpServerInformationUpdateMethodPermission() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "ACL ALLOW admin UPDATE METHOD component='ServerInformation' name='resetStatistics'"); + } + + public void testServerInformationUpdateMethodPermission() throws Exception + { + ServerInformation info = _jmx.getServerInformation(); + info.resetStatistics(); + // PASS + } + + + /** + * admin user has JMX right to use all types of method on ServerInformation + */ + public void setUpServerInformationAllMethodPermissions() throws Exception + { + writeACLFile("ACL ALLOW admin ACCESS MANAGEMENT", + "ACL ALLOW admin ALL METHOD component='ServerInformation'"); + } + + public void testServerInformationAllMethodPermissions() throws Exception + { + //try an update method + ServerInformation info = _jmx.getServerInformation(); + info.resetStatistics(); + // PASS + //try an access method + info.getManagementApiMinorVersion(); + // PASS + } + +} |