Class ActiveMQJAASSecurityManager

java.lang.Object
org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager
All Implemented Interfaces:
ActiveMQSecurityManager, ActiveMQSecurityManager5

public class ActiveMQJAASSecurityManager extends Object implements ActiveMQSecurityManager5
This implementation delegates to the JAAS security interfaces.

The Subject returned by the login context is expecting to have a set of RolePrincipal for each role of the user.

  • Constructor Details

    • ActiveMQJAASSecurityManager

      public ActiveMQJAASSecurityManager()
    • ActiveMQJAASSecurityManager

      public ActiveMQJAASSecurityManager(String configurationName)
    • ActiveMQJAASSecurityManager

      public ActiveMQJAASSecurityManager(String configurationName, String certificateConfigurationName)
    • ActiveMQJAASSecurityManager

      public ActiveMQJAASSecurityManager(String configurationName, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration)
    • ActiveMQJAASSecurityManager

      public ActiveMQJAASSecurityManager(String configurationName, String certificateConfigurationName, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration, org.apache.activemq.artemis.core.config.impl.SecurityConfiguration certificateConfiguration)
  • Method Details

    • getDomain

      public String getDomain()
      Specified by:
      getDomain in interface ActiveMQSecurityManager
    • validateUser

      public boolean validateUser(String user, String password)
      Description copied from interface: ActiveMQSecurityManager
      is this a valid user.
      Specified by:
      validateUser in interface ActiveMQSecurityManager
      Parameters:
      user - the user
      password - the users password
      Returns:
      true if a valid user
    • authenticate

      public Subject authenticate(String user, String password, RemotingConnection remotingConnection, String securityDomain) throws NoCacheLoginException
      Description copied from interface: ActiveMQSecurityManager5
      is this a valid user.

      This method is called instead of ActiveMQSecurityManager.validateUser(String, String).

      Specified by:
      authenticate in interface ActiveMQSecurityManager5
      Parameters:
      user - the user
      password - the user's password
      remotingConnection - the user's connection which contains any corresponding SSL certs
      securityDomain - the name of the JAAS security domain to use (can be null)
      Returns:
      the Subject of the authenticated user, else null
      Throws:
      NoCacheLoginException
    • validateUserAndRole

      public boolean validateUserAndRole(String user, String password, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType)
      Description copied from interface: ActiveMQSecurityManager
      is this a valid user and do they have the correct role
      Specified by:
      validateUserAndRole in interface ActiveMQSecurityManager
      Parameters:
      user - the user
      password - the users password
      roles - the roles the user has
      checkType - the type of check to perform
      Returns:
      true if the user is valid and they have the correct roles
    • authorize

      public boolean authorize(Subject subject, Set<org.apache.activemq.artemis.core.security.Role> roles, org.apache.activemq.artemis.core.security.CheckType checkType, String address)
      Description copied from interface: ActiveMQSecurityManager5
      Determine whether the given user has the correct role for the given check type.

      This method is called instead of ActiveMQSecurityManager.validateUserAndRole(String, String, Set, CheckType).

      Specified by:
      authorize in interface ActiveMQSecurityManager5
      Parameters:
      subject - the Subject to authorize
      roles - the roles configured in the security-settings
      checkType - which permission to validate
      address - the address (or FQQN) to grant access to
      Returns:
      true if the user is authorized, else false
    • getUserFromSubject

      public String getUserFromSubject(Subject subject)
      Specified by:
      getUserFromSubject in interface ActiveMQSecurityManager
    • setConfigurationName

      public void setConfigurationName(String configurationName)
    • setConfiguration

      public void setConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration configuration)
    • setCertificateConfigurationName

      public void setCertificateConfigurationName(String certificateConfigurationName)
    • setCertificateConfiguration

      public void setCertificateConfiguration(org.apache.activemq.artemis.core.config.impl.SecurityConfiguration certificateConfiguration)
    • getConfiguration

      public org.apache.activemq.artemis.core.config.impl.SecurityConfiguration getConfiguration()
    • getCertificateConfiguration

      public org.apache.activemq.artemis.core.config.impl.SecurityConfiguration getCertificateConfiguration()
    • getRolePrincipalClass

      public String getRolePrincipalClass()
    • setRolePrincipalClass

      public void setRolePrincipalClass(String principalClass) throws ClassNotFoundException
      Throws:
      ClassNotFoundException
    • getUserPrincipalClass

      public String getUserPrincipalClass()
    • setUserPrincipalClass

      public void setUserPrincipalClass(String principalClass) throws ClassNotFoundException
      Throws:
      ClassNotFoundException