001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.activemq.security;
018
019import java.security.Principal;
020import java.util.HashMap;
021import java.util.HashSet;
022import java.util.Iterator;
023import java.util.List;
024import java.util.Map;
025import java.util.Set;
026import java.util.StringTokenizer;
027
028import org.apache.activemq.broker.Broker;
029import org.apache.activemq.broker.BrokerPlugin;
030import org.apache.activemq.jaas.GroupPrincipal;
031
032/**
033 * A simple authentication plugin
034 *
035 * @org.apache.xbean.XBean element="simpleAuthenticationPlugin"
036 *                         description="Provides a simple authentication plugin
037 *                         configured with a map of user-passwords and a map of
038 *                         user-groups or a list of authentication users"
039 *
040 *
041 */
042public class SimpleAuthenticationPlugin implements BrokerPlugin {
043    private Map<String, String> userPasswords = new HashMap<String, String>();
044    private Map<String, Set<Principal>> userGroups = new HashMap<String, Set<Principal>>();
045    private static final String DEFAULT_ANONYMOUS_USER = "anonymous";
046    private static final String DEFAULT_ANONYMOUS_GROUP = "anonymous";
047    private String anonymousUser = DEFAULT_ANONYMOUS_USER;
048    private String anonymousGroup = DEFAULT_ANONYMOUS_GROUP;
049    private boolean anonymousAccessAllowed = false;
050
051    public SimpleAuthenticationPlugin() {
052    }
053
054    public SimpleAuthenticationPlugin(List<?> users) {
055        setUsers(users);
056    }
057
058    public Broker installPlugin(Broker parent) {
059        SimpleAuthenticationBroker broker = new SimpleAuthenticationBroker(parent, userPasswords, userGroups);
060        broker.setAnonymousAccessAllowed(anonymousAccessAllowed);
061        broker.setAnonymousUser(anonymousUser);
062        broker.setAnonymousGroup(anonymousGroup);
063        return broker;
064    }
065
066    public Map<String, Set<Principal>> getUserGroups() {
067        return userGroups;
068    }
069
070    /**
071     * Sets individual users for authentication
072     *
073     * @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthenticationUser"
074     */
075    public void setUsers(List<?> users) {
076        userPasswords.clear();
077        userGroups.clear();
078        for (Iterator<?> it = users.iterator(); it.hasNext();) {
079            AuthenticationUser user = (AuthenticationUser)it.next();
080            userPasswords.put(user.getUsername(), user.getPassword());
081            Set<Principal> groups = new HashSet<Principal>();
082            StringTokenizer iter = new StringTokenizer(user.getGroups(), ",");
083            while (iter.hasMoreTokens()) {
084                String name = iter.nextToken().trim();
085                groups.add(new GroupPrincipal(name));
086            }
087            userGroups.put(user.getUsername(), groups);
088        }
089    }
090
091
092    public void setAnonymousAccessAllowed(boolean anonymousAccessAllowed) {
093        this.anonymousAccessAllowed = anonymousAccessAllowed;
094    }
095
096    public boolean isAnonymousAccessAllowed() {
097        return anonymousAccessAllowed;
098    }
099
100    public void setAnonymousUser(String anonymousUser) {
101        this.anonymousUser = anonymousUser;
102    }
103
104    public String getAnonymousUser() {
105        return anonymousUser;
106    }
107
108    public void setAnonymousGroup(String anonymousGroup) {
109        this.anonymousGroup = anonymousGroup;
110    }
111
112    public String getAnonymousGroup() {
113        return anonymousGroup;
114    }
115
116    /**
117     * Sets the groups a user is in. The key is the user name and the value is a
118     * Set of groups
119     */
120    public void setUserGroups(Map<String, Set<Principal>> userGroups) {
121        this.userGroups = userGroups;
122    }
123
124    public Map<String, String> getUserPasswords() {
125        return userPasswords;
126    }
127
128    /**
129     * Sets the map indexed by user name with the value the password
130     */
131    public void setUserPasswords(Map<String, String> userPasswords) {
132        this.userPasswords = userPasswords;
133    }
134
135}