001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.activemq.security;
018    
019    import java.security.Principal;
020    import java.util.HashMap;
021    import java.util.HashSet;
022    import java.util.Iterator;
023    import java.util.List;
024    import java.util.Map;
025    import java.util.Set;
026    import java.util.StringTokenizer;
027    
028    import org.apache.activemq.broker.Broker;
029    import org.apache.activemq.broker.BrokerPlugin;
030    import org.apache.activemq.jaas.GroupPrincipal;
031    
032    /**
033     * A simple authentication plugin
034     *
035     * @org.apache.xbean.XBean element="simpleAuthenticationPlugin"
036     *                         description="Provides a simple authentication plugin
037     *                         configured with a map of user-passwords and a map of
038     *                         user-groups or a list of authentication users"
039     *
040     *
041     */
042    public class SimpleAuthenticationPlugin implements BrokerPlugin {
043        private Map<String, String> userPasswords;
044        private Map<String, Set<Principal>> userGroups;
045        private static final String DEFAULT_ANONYMOUS_USER = "anonymous";
046        private static final String DEFAULT_ANONYMOUS_GROUP = "anonymous";
047        private String anonymousUser = DEFAULT_ANONYMOUS_USER;
048        private String anonymousGroup = DEFAULT_ANONYMOUS_GROUP;
049        private boolean anonymousAccessAllowed = false;
050    
051        public SimpleAuthenticationPlugin() {
052        }
053    
054        public SimpleAuthenticationPlugin(List<?> users) {
055            setUsers(users);
056        }
057    
058        public Broker installPlugin(Broker parent) {
059            SimpleAuthenticationBroker broker = new SimpleAuthenticationBroker(parent, userPasswords, userGroups);
060            broker.setAnonymousAccessAllowed(anonymousAccessAllowed);
061            broker.setAnonymousUser(anonymousUser);
062            broker.setAnonymousGroup(anonymousGroup);
063            return broker;
064        }
065    
066        public Map<String, Set<Principal>> getUserGroups() {
067            return userGroups;
068        }
069    
070        /**
071         * Sets individual users for authentication
072         *
073         * @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthenticationUser"
074         */
075        public void setUsers(List<?> users) {
076            userPasswords = new HashMap<String, String>();
077            userGroups = new HashMap<String, Set<Principal>>();
078            for (Iterator<?> it = users.iterator(); it.hasNext();) {
079                AuthenticationUser user = (AuthenticationUser)it.next();
080                userPasswords.put(user.getUsername(), user.getPassword());
081                Set<Principal> groups = new HashSet<Principal>();
082                StringTokenizer iter = new StringTokenizer(user.getGroups(), ",");
083                while (iter.hasMoreTokens()) {
084                    String name = iter.nextToken().trim();
085                    groups.add(new GroupPrincipal(name));
086                }
087                userGroups.put(user.getUsername(), groups);
088            }
089        }
090    
091    
092        public void setAnonymousAccessAllowed(boolean anonymousAccessAllowed) {
093            this.anonymousAccessAllowed = anonymousAccessAllowed;
094        }
095    
096        public void setAnonymousUser(String anonymousUser) {
097            this.anonymousUser = anonymousUser;
098        }
099    
100        public void setAnonymousGroup(String anonymousGroup) {
101            this.anonymousGroup = anonymousGroup;
102        }
103    
104        /**
105         * Sets the groups a user is in. The key is the user name and the value is a
106         * Set of groups
107         */
108        public void setUserGroups(Map<String, Set<Principal>> userGroups) {
109            this.userGroups = userGroups;
110        }
111    
112        public Map<String, String> getUserPasswords() {
113            return userPasswords;
114        }
115    
116        /**
117         * Sets the map indexed by user name with the value the password
118         */
119        public void setUserPasswords(Map<String, String> userPasswords) {
120            this.userPasswords = userPasswords;
121        }
122    
123    }