Class ActiveMQBasicSecurityManager
- java.lang.Object
-
- org.apache.activemq.artemis.spi.core.security.ActiveMQBasicSecurityManager
-
- All Implemented Interfaces:
ActiveMQSecurityManager,ActiveMQSecurityManager5,UserManagement
public class ActiveMQBasicSecurityManager extends Object implements ActiveMQSecurityManager5, UserManagement
All user and role state (both in memory and on disk) is maintained by the underlying StorageManager
-
-
Field Summary
Fields Modifier and Type Field Description static StringBOOTSTRAP_PASSWORDstatic StringBOOTSTRAP_ROLEstatic StringBOOTSTRAP_ROLE_FILEstatic StringBOOTSTRAP_USERstatic StringBOOTSTRAP_USER_FILE
-
Constructor Summary
Constructors Constructor Description ActiveMQBasicSecurityManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddNewUser(String user, String password, String... roles)Subjectauthenticate(String userToAuthenticate, String passwordToAuthenticate, RemotingConnection remotingConnection, String securityDomain)is this a valid user.booleanauthorize(Subject subject, Set<Role> roles, CheckType checkType, String address)Determine whether the given user has the correct role for the given check type.voidcompleteInit(StorageManager storageManager)ActiveMQBasicSecurityManagerinit(Map<String,String> properties)Initialize the manager with the given configuration properties.Map<String,Set<String>>listUser(String user)voidremoveUser(String user)voidupdateUser(String user, String password, String... roles)booleanvalidateUser(String user, String password)is this a valid user.booleanvalidateUserAndRole(String user, String password, Set<Role> roles, CheckType checkType)is this a valid user and do they have the correct role-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager
getDomain
-
-
-
-
Field Detail
-
BOOTSTRAP_USER
public static final String BOOTSTRAP_USER
- See Also:
- Constant Field Values
-
BOOTSTRAP_PASSWORD
public static final String BOOTSTRAP_PASSWORD
- See Also:
- Constant Field Values
-
BOOTSTRAP_ROLE
public static final String BOOTSTRAP_ROLE
- See Also:
- Constant Field Values
-
BOOTSTRAP_USER_FILE
public static final String BOOTSTRAP_USER_FILE
- See Also:
- Constant Field Values
-
BOOTSTRAP_ROLE_FILE
public static final String BOOTSTRAP_ROLE_FILE
- See Also:
- Constant Field Values
-
-
Method Detail
-
init
public ActiveMQBasicSecurityManager init(Map<String,String> properties)
Description copied from interface:ActiveMQSecurityManagerInitialize the manager with the given configuration properties. This method is called by the broker when the file-based configuration is read. If you're creating/configuring the plugin programmatically then the recommended approach is to simply use the manager's getters/setters rather than this method.- Specified by:
initin interfaceActiveMQSecurityManager- Parameters:
properties- name/value pairs used to configure the ActiveMQSecurityManager instance- Returns:
thisinstance
-
validateUser
public boolean validateUser(String user, String password)
Description copied from interface:ActiveMQSecurityManageris this a valid user.- Specified by:
validateUserin interfaceActiveMQSecurityManager- Parameters:
user- the userpassword- the users password- Returns:
- true if a valid user
-
authenticate
public Subject authenticate(String userToAuthenticate, String passwordToAuthenticate, RemotingConnection remotingConnection, String securityDomain)
Description copied from interface:ActiveMQSecurityManager5is this a valid user. This method is called instead ofActiveMQSecurityManager.validateUser(String, String).- Specified by:
authenticatein interfaceActiveMQSecurityManager5- Parameters:
userToAuthenticate- the userpasswordToAuthenticate- the user's passwordremotingConnection- the user's connection which contains any corresponding SSL certssecurityDomain- the name of the JAAS security domain to use (can be null)- Returns:
- the Subject of the authenticated user, else null
-
validateUserAndRole
public boolean validateUserAndRole(String user, String password, Set<Role> roles, CheckType checkType)
Description copied from interface:ActiveMQSecurityManageris this a valid user and do they have the correct role- Specified by:
validateUserAndRolein interfaceActiveMQSecurityManager- Parameters:
user- the userpassword- the users passwordroles- the roles the user hascheckType- the type of check to perform- Returns:
- true if the user is valid and they have the correct roles
-
authorize
public boolean authorize(Subject subject, Set<Role> roles, CheckType checkType, String address)
Description copied from interface:ActiveMQSecurityManager5Determine whether the given user has the correct role for the given check type. This method is called instead ofActiveMQSecurityManager.validateUserAndRole(String, String, Set, CheckType).- Specified by:
authorizein interfaceActiveMQSecurityManager5- Parameters:
subject- the Subject to authorizeroles- the roles configured in the security-settingscheckType- which permission to validateaddress- the address (or FQQN) to grant access to- Returns:
- true if the user is authorized, else false
-
addNewUser
public void addNewUser(String user, String password, String... roles) throws Exception
- Specified by:
addNewUserin interfaceUserManagement- Throws:
Exception
-
removeUser
public void removeUser(String user) throws Exception
- Specified by:
removeUserin interfaceUserManagement- Throws:
Exception
-
listUser
public Map<String,Set<String>> listUser(String user)
- Specified by:
listUserin interfaceUserManagement
-
updateUser
public void updateUser(String user, String password, String... roles) throws Exception
- Specified by:
updateUserin interfaceUserManagement- Throws:
Exception
-
completeInit
public void completeInit(StorageManager storageManager)
-
-