Class ActiveMQBasicSecurityManager
- java.lang.Object
-
- org.apache.activemq.artemis.spi.core.security.ActiveMQBasicSecurityManager
-
- All Implemented Interfaces:
ActiveMQSecurityManager
,ActiveMQSecurityManager5
,UserManagement
public class ActiveMQBasicSecurityManager extends Object implements ActiveMQSecurityManager5, UserManagement
All user and role state (both in memory and on disk) is maintained by the underlying StorageManager
-
-
Field Summary
Fields Modifier and Type Field Description static String
BOOTSTRAP_PASSWORD
static String
BOOTSTRAP_ROLE
static String
BOOTSTRAP_ROLE_FILE
static String
BOOTSTRAP_USER
static String
BOOTSTRAP_USER_FILE
-
Constructor Summary
Constructors Constructor Description ActiveMQBasicSecurityManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addNewUser(String user, String password, String... roles)
Subject
authenticate(String userToAuthenticate, String passwordToAuthenticate, RemotingConnection remotingConnection, String securityDomain)
is this a valid user.boolean
authorize(Subject subject, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType, String address)
Determine whether the given user has the correct role for the given check type.void
completeInit(org.apache.activemq.artemis.core.persistence.StorageManager storageManager)
ActiveMQBasicSecurityManager
init(Map<String,String> properties)
Initialize the manager with the given configuration properties.Map<String,Set<String>>
listUser(String user)
void
removeUser(String user)
void
updateUser(String user, String password, String... roles)
boolean
validateUser(String user, String password)
is this a valid user.boolean
validateUserAndRole(String user, String password, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType)
is this a valid user and do they have the correct role-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager
getDomain, getUserFromSubject
-
-
-
-
Field Detail
-
BOOTSTRAP_USER
public static final String BOOTSTRAP_USER
- See Also:
- Constant Field Values
-
BOOTSTRAP_PASSWORD
public static final String BOOTSTRAP_PASSWORD
- See Also:
- Constant Field Values
-
BOOTSTRAP_ROLE
public static final String BOOTSTRAP_ROLE
- See Also:
- Constant Field Values
-
BOOTSTRAP_USER_FILE
public static final String BOOTSTRAP_USER_FILE
- See Also:
- Constant Field Values
-
BOOTSTRAP_ROLE_FILE
public static final String BOOTSTRAP_ROLE_FILE
- See Also:
- Constant Field Values
-
-
Method Detail
-
init
public ActiveMQBasicSecurityManager init(Map<String,String> properties)
Description copied from interface:ActiveMQSecurityManager
Initialize the manager with the given configuration properties. This method is called by the broker when the file-based configuration is read. If you're creating/configuring the plugin programmatically then the recommended approach is to simply use the manager's getters/setters rather than this method.- Specified by:
init
in interfaceActiveMQSecurityManager
- Parameters:
properties
- name/value pairs used to configure the ActiveMQSecurityManager instance- Returns:
this
instance
-
validateUser
public boolean validateUser(String user, String password)
Description copied from interface:ActiveMQSecurityManager
is this a valid user.- Specified by:
validateUser
in interfaceActiveMQSecurityManager
- Parameters:
user
- the userpassword
- the users password- Returns:
- true if a valid user
-
authenticate
public Subject authenticate(String userToAuthenticate, String passwordToAuthenticate, RemotingConnection remotingConnection, String securityDomain)
Description copied from interface:ActiveMQSecurityManager5
is this a valid user. This method is called instead ofActiveMQSecurityManager.validateUser(String, String)
.- Specified by:
authenticate
in interfaceActiveMQSecurityManager5
- Parameters:
userToAuthenticate
- the userpasswordToAuthenticate
- the user's passwordremotingConnection
- the user's connection which contains any corresponding SSL certssecurityDomain
- the name of the JAAS security domain to use (can be null)- Returns:
- the Subject of the authenticated user, else null
-
validateUserAndRole
public boolean validateUserAndRole(String user, String password, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType)
Description copied from interface:ActiveMQSecurityManager
is this a valid user and do they have the correct role- Specified by:
validateUserAndRole
in interfaceActiveMQSecurityManager
- Parameters:
user
- the userpassword
- the users passwordroles
- the roles the user hascheckType
- the type of check to perform- Returns:
- true if the user is valid and they have the correct roles
-
authorize
public boolean authorize(Subject subject, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType, String address)
Description copied from interface:ActiveMQSecurityManager5
Determine whether the given user has the correct role for the given check type. This method is called instead ofActiveMQSecurityManager.validateUserAndRole(String, String, Set, CheckType)
.- Specified by:
authorize
in interfaceActiveMQSecurityManager5
- Parameters:
subject
- the Subject to authorizeroles
- the roles configured in the security-settingscheckType
- which permission to validateaddress
- the address (or FQQN) to grant access to- Returns:
- true if the user is authorized, else false
-
addNewUser
public void addNewUser(String user, String password, String... roles) throws Exception
- Specified by:
addNewUser
in interfaceUserManagement
- Throws:
Exception
-
removeUser
public void removeUser(String user) throws Exception
- Specified by:
removeUser
in interfaceUserManagement
- Throws:
Exception
-
listUser
public Map<String,Set<String>> listUser(String user)
- Specified by:
listUser
in interfaceUserManagement
-
updateUser
public void updateUser(String user, String password, String... roles) throws Exception
- Specified by:
updateUser
in interfaceUserManagement
- Throws:
Exception
-
completeInit
public void completeInit(org.apache.activemq.artemis.core.persistence.StorageManager storageManager)
-
-