001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.activemq.security;
018    
019    import java.security.Principal;
020    import java.util.Collections;
021    import java.util.HashSet;
022    import java.util.Iterator;
023    import java.util.Set;
024    import java.util.concurrent.ConcurrentHashMap;
025    
026    import org.apache.activemq.command.ActiveMQDestination;
027    
028    /**
029     * Used to cache up authorizations so that subsequent requests are faster.
030     *
031     *
032     */
033    public abstract class SecurityContext {
034    
035        public static final SecurityContext BROKER_SECURITY_CONTEXT = new SecurityContext("ActiveMQBroker") {
036            @Override
037            public boolean isBrokerContext() {
038                return true;
039            }
040    
041            public Set<Principal> getPrincipals() {
042                return Collections.emptySet();
043            }
044        };
045    
046        final String userName;
047    
048        final ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> authorizedReadDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>();
049        final ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> authorizedWriteDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>();
050    
051        public SecurityContext(String userName) {
052            this.userName = userName;
053        }
054    
055        public boolean isInOneOf(Set<?> allowedPrincipals) {
056            Iterator<?> allowedIter = allowedPrincipals.iterator();
057            HashSet<?> userPrincipals = new HashSet<Object>(getPrincipals());
058            while (allowedIter.hasNext()) {
059                Iterator<?> userIter = userPrincipals.iterator();
060                Object allowedPrincipal = allowedIter.next();
061                while (userIter.hasNext()) {
062                    if (allowedPrincipal.equals(userIter.next()))
063                        return true;
064                }
065            }
066            return false;
067        }
068    
069        public abstract Set<Principal> getPrincipals();
070    
071        public String getUserName() {
072            return userName;
073        }
074    
075        public ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedReadDests() {
076            return authorizedReadDests;
077        }
078    
079        public ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedWriteDests() {
080            return authorizedWriteDests;
081        }
082    
083        public boolean isBrokerContext() {
084            return false;
085        }
086    }