constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); DefaultAuthorizationMap newMap = new DefaultAuthorizationMap(); for (PermissionType permissionType : PermissionType.values()) { try { newMap.setAuthorizationEntries(new ArrayList<DestinationMapEntry>(entries.values())); newMap.setGroupClass(groupClass); this.map.set(newMap);
public AuthorizationEntry getEntryFor(ActiveMQDestination destination) { AuthorizationEntry answer = (AuthorizationEntry)chooseValue(destination); if (answer == null) { answer = getDefaultEntry(); } return answer; }
/** * Looks up the value(s) matching the given Destination key. For simple * destinations this is typically a List of one single value, for wildcards * or composite destinations this will typically be a Union of matching * values. * * @param key the destination to lookup * @return a Union of matching values or an empty list if there are no * matching values. */ @Override @SuppressWarnings("rawtypes") public synchronized Set get(ActiveMQDestination key) { if (key.isComposite()) { ActiveMQDestination[] destinations = key.getCompositeDestinations(); Set answer = null; for (int i = 0; i < destinations.length; i++) { ActiveMQDestination childDestination = destinations[i]; answer = union(answer, get(childDestination)); if (answer == null || answer.isEmpty()) { break; } } return answer; } return findWildcardMatches(key, false); }
if (group && !user) { try { members.add(DefaultAuthorizationMap.createGroupPrincipal(principalName, map.getGroupClass())); } catch (Exception e) { NamingException ne = new NamingException( "Can't create a group " + principalName + " of class " + map.getGroupClass()); ne.initCause(e); throw ne;
@Override public Set<Object> getAdminACLs(ActiveMQDestination destination) { Set<AuthorizationEntry> entries = getAllEntries(destination); Set<Object> answer = new WildcardAwareSet<Object>(); // now lets go through each entry adding individual for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) { AuthorizationEntry entry = iter.next(); answer.addAll(entry.getAdminACLs()); } return answer; }
@SuppressWarnings("unchecked") protected Set<AuthorizationEntry> getAllEntries(ActiveMQDestination destination) { Set<AuthorizationEntry> entries = get(destination); if (defaultEntry != null) { entries.add(defaultEntry); } return entries; }
@SuppressWarnings("rawtypes") public DefaultAuthorizationMap(List<DestinationMapEntry> authorizationEntries) { setAuthorizationEntries(authorizationEntries); }
protected Set<Object> parseACLs(String roles) throws Exception { Set<Object> answer = new HashSet<Object>(); StringTokenizer iter = new StringTokenizer(roles, ","); while (iter.hasMoreTokens()) { String name = iter.nextToken().trim(); String groupClass = (this.groupClass != null ? this.groupClass : DefaultAuthorizationMap.DEFAULT_GROUP_CLASS); answer.add(DefaultAuthorizationMap.createGroupPrincipal(name, groupClass)); } return answer; }
/** * Provides synchronized access to the admin ACLs for the destinations as {@link AuthorizationEntry} * is not setup for concurrent access. */ @Override public Set<Object> getAdminACLs(ActiveMQDestination destination) { checkForUpdates(); DefaultAuthorizationMap map = this.map.get(); return map.getAdminACLs(destination); }
protected DefaultAuthorizationMap buildAuthorization(KapuaConnectionContext kcc, List<org.eclipse.kapua.broker.core.plugin.authentication.AuthorizationEntry> authorizationEntries) { @SuppressWarnings("rawtypes") List<DestinationMapEntry> entries = new ArrayList<>(); for (org.eclipse.kapua.broker.core.plugin.authentication.AuthorizationEntry entry : authorizationEntries) { entries.add(createAuthorizationEntry(kcc, entry.getAcl(), entry.getAddress())); // added to support the vt topic name space for durable subscriptions if (entry.getAcl().isRead()) { // logger.info("pattern {} - clientid {} - topic {} - evaluated {}", new Object[]{JmsConstants.ACL_VT_DURABLE_PREFIX[0], clientId, topic, // MessageFormat.format(JmsConstants.ACL_VT_DURABLE_PREFIX[0], fullClientId, topic)}); entries.add(createAuthorizationEntry(kcc, entry.getAcl(), MessageFormat.format(VT_DURABLE_PREFIX.get(0), kcc.getFullClientId(), entry.getAddress()))); // logger.info("pattern {} - clientid {} - topic {} - evaluated {}", new Object[]{JmsConstants.ACL_VT_DURABLE_PREFIX[1], clientId, topic, // MessageFormat.format(JmsConstants.ACL_VT_DURABLE_PREFIX[1], fullClientId, topic)}); entries.add(createAuthorizationEntry(kcc, entry.getAcl(), MessageFormat.format(VT_DURABLE_PREFIX.get(1), kcc.getFullClientId(), entry.getAddress()))); } } return new DefaultAuthorizationMap(entries); }
@Override public Set<Object> getReadACLs(ActiveMQDestination destination) { Set<AuthorizationEntry> entries = getAllEntries(destination); Set<Object> answer = new WildcardAwareSet<Object>(); // now lets go through each entry adding individual for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) { AuthorizationEntry entry = iter.next(); answer.addAll(entry.getReadACLs()); } return answer; }
if (group && !user) { try { members.add(DefaultAuthorizationMap.createGroupPrincipal(principalName, map.getGroupClass())); } catch (Exception e) { NamingException ne = new NamingException( "Can't create a group " + principalName + " of class " + map.getGroupClass()); ne.initCause(e); throw ne;
@SuppressWarnings("unchecked") protected Set<AuthorizationEntry> getAllEntries(ActiveMQDestination destination) { Set<AuthorizationEntry> entries = get(destination); if (defaultEntry != null) { entries.add(defaultEntry); } return entries; }
@SuppressWarnings("rawtypes") public DefaultAuthorizationMap(List<DestinationMapEntry> authorizationEntries) { setAuthorizationEntries(authorizationEntries); }
protected Set<Object> parseACLs(String roles) throws Exception { Set<Object> answer = new HashSet<Object>(); StringTokenizer iter = new StringTokenizer(roles, ","); while (iter.hasMoreTokens()) { String name = iter.nextToken().trim(); String groupClass = (this.groupClass != null ? this.groupClass : DefaultAuthorizationMap.DEFAULT_GROUP_CLASS); answer.add(DefaultAuthorizationMap.createGroupPrincipal(name, groupClass)); } return answer; }
/** * Provides synchronized access to the admin ACLs for the destinations as {@link AuthorizationEntry} * is not setup for concurrent access. */ @Override public Set<Object> getAdminACLs(ActiveMQDestination destination) { checkForUpdates(); DefaultAuthorizationMap map = this.map.get(); return map.getAdminACLs(destination); }
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); DefaultAuthorizationMap newMap = new DefaultAuthorizationMap(); for (PermissionType permissionType : PermissionType.values()) { try { newMap.setAuthorizationEntries(new ArrayList<DestinationMapEntry>(entries.values())); newMap.setGroupClass(groupClass); this.map.set(newMap);
/** * Looks up the value(s) matching the given Destination key. For simple * destinations this is typically a List of one single value, for wildcards * or composite destinations this will typically be a Union of matching * values. * * @param key the destination to lookup * @return a Union of matching values or an empty list if there are no * matching values. */ @Override @SuppressWarnings("rawtypes") public synchronized Set get(ActiveMQDestination key) { if (key.isComposite()) { ActiveMQDestination[] destinations = key.getCompositeDestinations(); Set answer = null; for (int i = 0; i < destinations.length; i++) { ActiveMQDestination childDestination = destinations[i]; answer = union(answer, get(childDestination)); if (answer == null || answer.isEmpty()) { break; } } return answer; } return findWildcardMatches(key, false); }
public AuthorizationEntry getEntryFor(ActiveMQDestination destination) { AuthorizationEntry answer = (AuthorizationEntry)chooseValue(destination); if (answer == null) { answer = getDefaultEntry(); } return answer; }
@Override public Set<Object> getWriteACLs(ActiveMQDestination destination) { Set<AuthorizationEntry> entries = getAllEntries(destination); Set<Object> answer = new WildcardAwareSet<Object>(); // now lets go through each entry adding individual for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) { AuthorizationEntry entry = iter.next(); answer.addAll(entry.getWriteACLs()); } return answer; }