Package org.apache.activemq.security

Class AuthorizationBroker

java.lang.Object

org.apache.activemq.broker.BrokerFilter

org.apache.activemq.security.AuthorizationBroker

All Implemented Interfaces:

Broker, Region, SecurityAdminMBean, Service

public class AuthorizationBroker
extends BrokerFilter
implements SecurityAdminMBean

Verifies if a authenticated user can do an operation against the broker using an authorization map.

Field Summary

Fields inherited from class org.apache.activemq.broker.BrokerFilter

next

Fields inherited from interface org.apache.activemq.security.SecurityAdminMBean

OPERATION_ADMIN, OPERATION_READ, OPERATION_WRITE

Constructor Summary

Constructors

Constructor	Description
AuthorizationBroker(Broker next, AuthorizationMap authorizationMap)

Method Summary

Modifier and Type	Method	Description
Subscription	addConsumer(ConnectionContext context, ConsumerInfo info)	Adds a consumer.
Destination	addDestination(ConnectionContext context, ActiveMQDestination destination, boolean create)	Used to create a destination.
void	addDestinationInfo(ConnectionContext context, DestinationInfo info)	Add and process a DestinationInfo object
void	addDestinationRole(Destination destination, String operation, String role)
void	addProducer(ConnectionContext context, ProducerInfo info)	Adds a producer.
void	addQueueRole(String queue, String operation, String role)
void	addRole(String role)
void	addTopicRole(String topic, String operation, String role)
void	addUserRole(String user, String role)
protected boolean	checkDestinationAdmin(SecurityContext securityContext, ActiveMQDestination destination)
protected SecurityContext	checkSecurityContext(ConnectionContext context)
AuthorizationMap	getAuthorizationMap()
void	removeDestination(ConnectionContext context, ActiveMQDestination destination, long timeout)	Used to destroy a destination.
void	removeDestinationInfo(ConnectionContext context, DestinationInfo info)	Remove and process a DestinationInfo object
void	removeDestinationRole(Destination destination, String operation, String role)
void	removeQueueRole(String queue, String operation, String role)
void	removeRole(String role)
void	removeTopicRole(String topic, String operation, String role)
void	removeUserRole(String user, String role)
void	send(ProducerBrokerExchange producerExchange, Message messageSend)	Send a message to the broker to using the specified destination.
void	setAuthorizationMap(AuthorizationMap map)

Methods inherited from class org.apache.activemq.broker.BrokerFilter

acknowledge, addBroker, addConnection, addSession, beginTransaction, brokerServiceStarted, commitTransaction, fastProducer, forgetTransaction, gc, getAdaptor, getAdminConnectionContext, getBrokerId, getBrokerName, getBrokerSequenceId, getBrokerService, getClients, getDestinationMap, getDestinationMap, getDestinations, getDestinations, getDurableDestinations, getExecutor, getNext, getPeerBrokerInfos, getPreparedTransactions, getRoot, getScheduler, getTempDataStore, getVmConnectorURI, isExpired, isFaultTolerantConfiguration, isFull, isStopped, messageConsumed, messageDelivered, messageDiscarded, messageExpired, messagePull, networkBridgeStarted, networkBridgeStopped, nowMasterBroker, postProcessDispatch, prepareTransaction, preProcessDispatch, processConsumerControl, processDispatchNotification, reapplyInterceptor, removeBroker, removeConnection, removeConsumer, removeProducer, removeSession, removeSubscription, rollbackTransaction, sendToDeadLetterQueue, setAdminConnectionContext, slowConsumer, start, stop, virtualDestinationAdded, virtualDestinationRemoved

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthorizationBroker

public AuthorizationBroker(Broker next,
                           AuthorizationMap authorizationMap)

Method Detail

getAuthorizationMap

public AuthorizationMap getAuthorizationMap()

setAuthorizationMap

public void setAuthorizationMap(AuthorizationMap map)

checkSecurityContext

protected SecurityContext checkSecurityContext(ConnectionContext context)
                                        throws SecurityException

Throws:

SecurityException

checkDestinationAdmin

protected boolean checkDestinationAdmin(SecurityContext securityContext,
                                        ActiveMQDestination destination)

addDestinationInfo

public void addDestinationInfo(ConnectionContext context,
                               DestinationInfo info)
                        throws Exception

Description copied from interface: Broker

Add and process a DestinationInfo object

Specified by:

addDestinationInfo in interface Broker

Overrides:

addDestinationInfo in class BrokerFilter

Throws:

Exception

addDestination

public Destination addDestination(ConnectionContext context,
                                  ActiveMQDestination destination,
                                  boolean create)
                           throws Exception

Description copied from interface: Region

Used to create a destination. Usually, this method is invoked as a side-effect of sending a message to a destination that does not exist yet.

Specified by:

addDestination in interface Region

Overrides:

addDestination in class BrokerFilter

destination - the destination to create.

Returns:

TODO

Throws:

Exception - TODO

removeDestination

public void removeDestination(ConnectionContext context,
                              ActiveMQDestination destination,
                              long timeout)
                       throws Exception

Description copied from interface: Region

Used to destroy a destination. This should try to quiesce use of the destination up to the timeout allotted time before removing the destination. This will remove all persistent messages associated with the destination.

Specified by:

removeDestination in interface Region

Overrides:

removeDestination in class BrokerFilter

Parameters:

context - the environment the operation is being executed under.

destination - what is being removed from the broker.

timeout - the max amount of time to wait for the destination to quiesce

Throws:

Exception - TODO

removeDestinationInfo

public void removeDestinationInfo(ConnectionContext context,
                                  DestinationInfo info)
                           throws Exception

Description copied from interface: Broker

Remove and process a DestinationInfo object

Specified by:

removeDestinationInfo in interface Broker

Overrides:

removeDestinationInfo in class BrokerFilter

Throws:

Exception

addConsumer

public Subscription addConsumer(ConnectionContext context,
                                ConsumerInfo info)
                         throws Exception

Description copied from interface: Region

Adds a consumer.

Specified by:

addConsumer in interface Region

Overrides:

addConsumer in class BrokerFilter

Parameters:

context - the environment the operation is being executed under.

Returns:

TODO

Throws:

Exception - TODO

addProducer

public void addProducer(ConnectionContext context,
                        ProducerInfo info)
                 throws Exception

Description copied from interface: Broker

Adds a producer.

Specified by:

addProducer in interface Broker

Specified by:

addProducer in interface Region

Overrides:

addProducer in class BrokerFilter

Parameters:

context - the environment the operation is being executed under.

Throws:

Exception - TODO

send

public void send(ProducerBrokerExchange producerExchange,
                 Message messageSend)
          throws Exception

Description copied from interface: Region

Send a message to the broker to using the specified destination. The destination specified in the message does not need to match the destination the message is sent to. This is handy in case the message is being sent to a dead letter destination.

Specified by:

send in interface Region

Overrides:

send in class BrokerFilter

Parameters:

producerExchange - the environment the operation is being executed under.

Throws:

Exception - TODO

addQueueRole

public void addQueueRole(String queue,
                         String operation,
                         String role)

Specified by:

addQueueRole in interface SecurityAdminMBean

addTopicRole

public void addTopicRole(String topic,
                         String operation,
                         String role)

Specified by:

addTopicRole in interface SecurityAdminMBean

removeQueueRole

public void removeQueueRole(String queue,
                            String operation,
                            String role)

Specified by:

removeQueueRole in interface SecurityAdminMBean

removeTopicRole

public void removeTopicRole(String topic,
                            String operation,
                            String role)

Specified by:

removeTopicRole in interface SecurityAdminMBean

addDestinationRole

public void addDestinationRole(Destination destination,
                               String operation,
                               String role)

removeDestinationRole

public void removeDestinationRole(Destination destination,
                                  String operation,
                                  String role)

addRole

public void addRole(String role)

Specified by:

addRole in interface SecurityAdminMBean

addUserRole

public void addUserRole(String user,
                        String role)

Specified by:

addUserRole in interface SecurityAdminMBean

removeRole

public void removeRole(String role)

Specified by:

removeRole in interface SecurityAdminMBean

removeUserRole

public void removeUserRole(String user,
                           String role)

Specified by:

removeUserRole in interface SecurityAdminMBean