@Override public void addProducer(ConnectionContext context, ProducerInfo info) throws Exception { final SecurityContext securityContext = checkSecurityContext(context); if (!securityContext.isBrokerContext() && info.getDestination() != null) { Set<?> allowedACLs = null; if (!info.getDestination().isTemporary()) { allowedACLs = authorizationMap.getWriteACLs(info.getDestination()); } else { allowedACLs = authorizationMap.getTempDestinationWriteACLs(); } if (allowedACLs != null && !securityContext.isInOneOf(allowedACLs)) { throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to write to: " + info.getDestination()); } securityContext.getAuthorizedWriteDests().put(info.getDestination(), info.getDestination()); } super.addProducer(context, info); }
@Override public void send(ProducerBrokerExchange producerExchange, Message messageSend) throws Exception { final SecurityContext securityContext = checkSecurityContext(producerExchange.getConnectionContext()); if (!securityContext.isBrokerContext() && !securityContext.getAuthorizedWriteDests().containsValue(messageSend.getDestination())) { Set<?> allowedACLs = null; if (!messageSend.getDestination().isTemporary()) { allowedACLs = authorizationMap.getWriteACLs(messageSend.getDestination()); } else { allowedACLs = authorizationMap.getTempDestinationWriteACLs(); } if (allowedACLs != null && !securityContext.isInOneOf(allowedACLs)) { throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to write to: " + messageSend.getDestination()); } securityContext.getAuthorizedWriteDests().put(messageSend.getDestination(), messageSend.getDestination()); } super.send(producerExchange, messageSend); }
@Override public void addProducer(ConnectionContext context, ProducerInfo info) throws Exception { SecurityContext subject = context.getSecurityContext(); if (subject == null) { throw new SecurityException("User is not authenticated."); } if (!subject.isBrokerContext() && info.getDestination() != null) { Set<?> allowedACLs = null; if (!info.getDestination().isTemporary()) { allowedACLs = authorizationMap.getWriteACLs(info.getDestination()); } else { allowedACLs = authorizationMap.getTempDestinationWriteACLs(); } if (allowedACLs != null && !subject.isInOneOf(allowedACLs)) { throw new SecurityException("User " + subject.getUserName() + " is not authorized to write to: " + info.getDestination()); } subject.getAuthorizedWriteDests().put(info.getDestination(), info.getDestination()); } super.addProducer(context, info); }
@Override public void addProducer(ConnectionContext context, ProducerInfo info) throws Exception { final SecurityContext securityContext = checkSecurityContext(context); if (!securityContext.isBrokerContext() && info.getDestination() != null) { Set<?> allowedACLs = null; if (!info.getDestination().isTemporary()) { allowedACLs = authorizationMap.getWriteACLs(info.getDestination()); } else { allowedACLs = authorizationMap.getTempDestinationWriteACLs(); } if (allowedACLs != null && !securityContext.isInOneOf(allowedACLs)) { throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to write to: " + info.getDestination()); } securityContext.getAuthorizedWriteDests().put(info.getDestination(), info.getDestination()); } super.addProducer(context, info); }
@Override public void addProducer(ConnectionContext context, ProducerInfo info) throws Exception { final SecurityContext securityContext = checkSecurityContext(context); if (!securityContext.isBrokerContext() && info.getDestination() != null) { Set<?> allowedACLs = null; if (!info.getDestination().isTemporary()) { allowedACLs = authorizationMap.getWriteACLs(info.getDestination()); } else { allowedACLs = authorizationMap.getTempDestinationWriteACLs(); } if (allowedACLs != null && !securityContext.isInOneOf(allowedACLs)) { throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to write to: " + info.getDestination()); } securityContext.getAuthorizedWriteDests().put(info.getDestination(), info.getDestination()); } super.addProducer(context, info); }
@Override public void addProducer(ConnectionContext context, ProducerInfo info) throws Exception { final SecurityContext securityContext = checkSecurityContext(context); if (!securityContext.isBrokerContext() && info.getDestination() != null) { Set<?> allowedACLs = null; if (!info.getDestination().isTemporary()) { allowedACLs = authorizationMap.getWriteACLs(info.getDestination()); } else { allowedACLs = authorizationMap.getTempDestinationWriteACLs(); } if (allowedACLs != null && !securityContext.isInOneOf(allowedACLs)) { throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to write to: " + info.getDestination()); } securityContext.getAuthorizedWriteDests().put(info.getDestination(), info.getDestination()); } super.addProducer(context, info); }
@Override public void send(ProducerBrokerExchange producerExchange, Message messageSend) throws Exception { SecurityContext subject = producerExchange.getConnectionContext().getSecurityContext(); if (subject == null) { throw new SecurityException("User is not authenticated."); } if (!subject.isBrokerContext() && !subject.getAuthorizedWriteDests().contains(messageSend.getDestination())) { Set<?> allowedACLs = null; if (!messageSend.getDestination().isTemporary()) { allowedACLs = authorizationMap.getWriteACLs(messageSend.getDestination()); } else { allowedACLs = authorizationMap.getTempDestinationWriteACLs(); } if (allowedACLs != null && !subject.isInOneOf(allowedACLs)) { throw new SecurityException("User " + subject.getUserName() + " is not authorized to write to: " + messageSend.getDestination()); } subject.getAuthorizedWriteDests().put(messageSend.getDestination(), messageSend.getDestination()); } super.send(producerExchange, messageSend); }
KapuaSecurityContext kapuaSecurityContext = getKapuaSecurityContext(producerExchange.getConnectionContext()); if (!messageSend.getDestination().isTemporary()) { Set<?> allowedACLs = kapuaSecurityContext.getAuthorizationMap().getWriteACLs(messageSend.getDestination()); if (allowedACLs != null && !kapuaSecurityContext.isInOneOf(allowedACLs)) { String message = MessageFormat.format("User {0} ({1} - {2} - conn id {3}) is not authorized to write to: {4}",
@Override public void send(ProducerBrokerExchange producerExchange, Message messageSend) throws Exception { final SecurityContext securityContext = checkSecurityContext(producerExchange.getConnectionContext()); if (!securityContext.isBrokerContext() && !securityContext.getAuthorizedWriteDests().containsValue(messageSend.getDestination())) { Set<?> allowedACLs = null; if (!messageSend.getDestination().isTemporary()) { allowedACLs = authorizationMap.getWriteACLs(messageSend.getDestination()); } else { allowedACLs = authorizationMap.getTempDestinationWriteACLs(); } if (allowedACLs != null && !securityContext.isInOneOf(allowedACLs)) { throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to write to: " + messageSend.getDestination()); } securityContext.getAuthorizedWriteDests().put(messageSend.getDestination(), messageSend.getDestination()); } super.send(producerExchange, messageSend); }
@Override public void send(ProducerBrokerExchange producerExchange, Message messageSend) throws Exception { final SecurityContext securityContext = checkSecurityContext(producerExchange.getConnectionContext()); if (!securityContext.isBrokerContext() && !securityContext.getAuthorizedWriteDests().containsValue(messageSend.getDestination())) { Set<?> allowedACLs = null; if (!messageSend.getDestination().isTemporary()) { allowedACLs = authorizationMap.getWriteACLs(messageSend.getDestination()); } else { allowedACLs = authorizationMap.getTempDestinationWriteACLs(); } if (allowedACLs != null && !securityContext.isInOneOf(allowedACLs)) { throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to write to: " + messageSend.getDestination()); } securityContext.getAuthorizedWriteDests().put(messageSend.getDestination(), messageSend.getDestination()); } super.send(producerExchange, messageSend); }
@Override public void send(ProducerBrokerExchange producerExchange, Message messageSend) throws Exception { final SecurityContext securityContext = checkSecurityContext(producerExchange.getConnectionContext()); if (!securityContext.isBrokerContext() && !securityContext.getAuthorizedWriteDests().containsValue(messageSend.getDestination())) { Set<?> allowedACLs = null; if (!messageSend.getDestination().isTemporary()) { allowedACLs = authorizationMap.getWriteACLs(messageSend.getDestination()); } else { allowedACLs = authorizationMap.getTempDestinationWriteACLs(); } if (allowedACLs != null && !securityContext.isInOneOf(allowedACLs)) { throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to write to: " + messageSend.getDestination()); } securityContext.getAuthorizedWriteDests().put(messageSend.getDestination(), messageSend.getDestination()); } super.send(producerExchange, messageSend); }