Package org.apache.activemq.artemis.spi.core.security

Class ActiveMQJAASSecurityManager

java.lang.Object

org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager

All Implemented Interfaces:

ActiveMQSecurityManager, ActiveMQSecurityManager5

public class ActiveMQJAASSecurityManager
extends Object
implements ActiveMQSecurityManager5

This implementation delegates to the JAAS security interfaces. The Subject returned by the login context is expecting to have a set of RolePrincipal for each role of the user.

Constructor Summary

Constructors

Constructor	Description
ActiveMQJAASSecurityManager()
ActiveMQJAASSecurityManager(String configurationName)
ActiveMQJAASSecurityManager(String configurationName, String certificateConfigurationName)
ActiveMQJAASSecurityManager(String configurationName, String certificateConfigurationName, SecurityConfiguration configuration, SecurityConfiguration certificateConfiguration)
ActiveMQJAASSecurityManager(String configurationName, SecurityConfiguration configuration)

Method Summary

Modifier and Type	Method	Description
Subject	authenticate(String user, String password, RemotingConnection remotingConnection, String securityDomain)	is this a valid user.
boolean	authorize(Subject subject, Set<Role> roles, CheckType checkType, String address)	Determine whether the given user has the correct role for the given check type.
SecurityConfiguration	getCertificateConfiguration()
SecurityConfiguration	getConfiguration()
String	getDomain()
String	getRolePrincipalClass()
void	setCertificateConfiguration(SecurityConfiguration certificateConfiguration)
void	setCertificateConfigurationName(String certificateConfigurationName)
void	setConfiguration(SecurityConfiguration configuration)
void	setConfigurationName(String configurationName)
void	setRolePrincipalClass(String rolePrincipalClass)
boolean	validateUser(String user, String password)	is this a valid user.
boolean	validateUserAndRole(String user, String password, Set<Role> roles, CheckType checkType)	is this a valid user and do they have the correct role

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager

init

Constructor Detail

ActiveMQJAASSecurityManager

public ActiveMQJAASSecurityManager()

ActiveMQJAASSecurityManager

public ActiveMQJAASSecurityManager(String configurationName)

ActiveMQJAASSecurityManager

public ActiveMQJAASSecurityManager(String configurationName,
                                   String certificateConfigurationName)

ActiveMQJAASSecurityManager

public ActiveMQJAASSecurityManager(String configurationName,
                                   SecurityConfiguration configuration)

ActiveMQJAASSecurityManager

public ActiveMQJAASSecurityManager(String configurationName,
                                   String certificateConfigurationName,
                                   SecurityConfiguration configuration,
                                   SecurityConfiguration certificateConfiguration)

Method Detail

getDomain

public String getDomain()

Specified by:

getDomain in interface ActiveMQSecurityManager

validateUser

public boolean validateUser(String user,
                            String password)

Description copied from interface: ActiveMQSecurityManager

is this a valid user.

Specified by:

validateUser in interface ActiveMQSecurityManager

Parameters:

user - the user

password - the users password

Returns:

true if a valid user

authenticate

public Subject authenticate(String user,
                            String password,
                            RemotingConnection remotingConnection,
                            String securityDomain)
                     throws NoCacheLoginException

Description copied from interface: ActiveMQSecurityManager5

is this a valid user. This method is called instead of ActiveMQSecurityManager.validateUser(String, String).

Specified by:

authenticate in interface ActiveMQSecurityManager5

Parameters:

user - the user

password - the user's password

remotingConnection - the user's connection which contains any corresponding SSL certs

securityDomain - the name of the JAAS security domain to use (can be null)

Returns:

the Subject of the authenticated user, else null

Throws:

NoCacheLoginException

validateUserAndRole

public boolean validateUserAndRole(String user,
                                   String password,
                                   Set<Role> roles,
                                   CheckType checkType)

Description copied from interface: ActiveMQSecurityManager

is this a valid user and do they have the correct role

Specified by:

validateUserAndRole in interface ActiveMQSecurityManager

Parameters:

user - the user

password - the users password

roles - the roles the user has

checkType - the type of check to perform

Returns:

true if the user is valid and they have the correct roles

authorize

public boolean authorize(Subject subject,
                         Set<Role> roles,
                         CheckType checkType,
                         String address)

Description copied from interface: ActiveMQSecurityManager5

Determine whether the given user has the correct role for the given check type. This method is called instead of ActiveMQSecurityManager.validateUserAndRole(String, String, Set, CheckType).

Specified by:

authorize in interface ActiveMQSecurityManager5

Parameters:

subject - the Subject to authorize

roles - the roles configured in the security-settings

checkType - which permission to validate

address - the address (or FQQN) to grant access to

Returns:

true if the user is authorized, else false

setConfigurationName

public void setConfigurationName(String configurationName)

setConfiguration

public void setConfiguration(SecurityConfiguration configuration)

setCertificateConfigurationName

public void setCertificateConfigurationName(String certificateConfigurationName)

setCertificateConfiguration

public void setCertificateConfiguration(SecurityConfiguration certificateConfiguration)

getConfiguration

public SecurityConfiguration getConfiguration()

getCertificateConfiguration

public SecurityConfiguration getCertificateConfiguration()

getRolePrincipalClass

public String getRolePrincipalClass()

setRolePrincipalClass

public void setRolePrincipalClass(String rolePrincipalClass)