Class ActiveMQJAASSecurityManager
- java.lang.Object
-
- org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager
-
- All Implemented Interfaces:
ActiveMQSecurityManager,ActiveMQSecurityManager5
public class ActiveMQJAASSecurityManager extends Object implements ActiveMQSecurityManager5
This implementation delegates to the JAAS security interfaces. TheSubjectreturned by the login context is expecting to have a set ofRolePrincipalfor each role of the user.
-
-
Constructor Summary
Constructors Constructor Description ActiveMQJAASSecurityManager()ActiveMQJAASSecurityManager(String configurationName)ActiveMQJAASSecurityManager(String configurationName, String certificateConfigurationName)ActiveMQJAASSecurityManager(String configurationName, String certificateConfigurationName, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration certificateConfiguration)ActiveMQJAASSecurityManager(String configurationName, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Subjectauthenticate(String user, String password, RemotingConnection remotingConnection, String securityDomain)is this a valid user.booleanauthorize(Subject subject, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType, String address)Determine whether the given user has the correct role for the given check type.org.apache.activemq.artemis.core.config.impl.SecurityConfigurationgetCertificateConfiguration()org.apache.activemq.artemis.core.config.impl.SecurityConfigurationgetConfiguration()StringgetDomain()StringgetRolePrincipalClass()voidsetCertificateConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration certificateConfiguration)voidsetCertificateConfigurationName(String certificateConfigurationName)voidsetConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration)voidsetConfigurationName(String configurationName)voidsetRolePrincipalClass(String rolePrincipalClass)booleanvalidateUser(String user, String password)is this a valid user.booleanvalidateUserAndRole(String user, String password, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType)is this a valid user and do they have the correct role-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManager
init
-
-
-
-
Constructor Detail
-
ActiveMQJAASSecurityManager
public ActiveMQJAASSecurityManager()
-
ActiveMQJAASSecurityManager
public ActiveMQJAASSecurityManager(String configurationName)
-
ActiveMQJAASSecurityManager
public ActiveMQJAASSecurityManager(String configurationName, String certificateConfigurationName)
-
ActiveMQJAASSecurityManager
public ActiveMQJAASSecurityManager(String configurationName, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration)
-
ActiveMQJAASSecurityManager
public ActiveMQJAASSecurityManager(String configurationName, String certificateConfigurationName, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration certificateConfiguration)
-
-
Method Detail
-
getDomain
public String getDomain()
- Specified by:
getDomainin interfaceActiveMQSecurityManager
-
validateUser
public boolean validateUser(String user, String password)
Description copied from interface:ActiveMQSecurityManageris this a valid user.- Specified by:
validateUserin interfaceActiveMQSecurityManager- Parameters:
user- the userpassword- the users password- Returns:
- true if a valid user
-
authenticate
public Subject authenticate(String user, String password, RemotingConnection remotingConnection, String securityDomain) throws NoCacheLoginException
Description copied from interface:ActiveMQSecurityManager5is this a valid user. This method is called instead ofActiveMQSecurityManager.validateUser(String, String).- Specified by:
authenticatein interfaceActiveMQSecurityManager5- Parameters:
user- the userpassword- the user's passwordremotingConnection- the user's connection which contains any corresponding SSL certssecurityDomain- the name of the JAAS security domain to use (can be null)- Returns:
- the Subject of the authenticated user, else null
- Throws:
NoCacheLoginException
-
validateUserAndRole
public boolean validateUserAndRole(String user, String password, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType)
Description copied from interface:ActiveMQSecurityManageris this a valid user and do they have the correct role- Specified by:
validateUserAndRolein interfaceActiveMQSecurityManager- Parameters:
user- the userpassword- the users passwordroles- the roles the user hascheckType- the type of check to perform- Returns:
- true if the user is valid and they have the correct roles
-
authorize
public boolean authorize(Subject subject, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType, String address)
Description copied from interface:ActiveMQSecurityManager5Determine whether the given user has the correct role for the given check type. This method is called instead ofActiveMQSecurityManager.validateUserAndRole(String, String, Set, CheckType).- Specified by:
authorizein interfaceActiveMQSecurityManager5- Parameters:
subject- the Subject to authorizeroles- the roles configured in the security-settingscheckType- which permission to validateaddress- the address (or FQQN) to grant access to- Returns:
- true if the user is authorized, else false
-
setConfigurationName
public void setConfigurationName(String configurationName)
-
setConfiguration
public void setConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration)
-
setCertificateConfigurationName
public void setCertificateConfigurationName(String certificateConfigurationName)
-
setCertificateConfiguration
public void setCertificateConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration certificateConfiguration)
-
getConfiguration
public org.apache.activemq.artemis.core.config.impl.SecurityConfiguration getConfiguration()
-
getCertificateConfiguration
public org.apache.activemq.artemis.core.config.impl.SecurityConfiguration getCertificateConfiguration()
-
getRolePrincipalClass
public String getRolePrincipalClass()
-
setRolePrincipalClass
public void setRolePrincipalClass(String rolePrincipalClass)
-
-