Package org.apache.activemq.security

Class SimpleCachedLDAPAuthorizationMap

    • Constructor Detail

      • SimpleCachedLDAPAuthorizationMap

        public SimpleCachedLDAPAuthorizationMap()

    • Method Detail

      • isContextAlive

        protected boolean isContextAlive()

      • open

        protected DirContext open()
                   throws NamingException
        Returns the existing open context or creates a new one and registers listeners for push notifications if such an update style is enabled. This implementation should not be invoked concurrently.
        Returns:
        the current context
        Throws:
        NamingException - if there is an error setting things up

      • query

        protected void query()
              throws Exception
        Queries the directory and initializes the policy based on the data in the directory. This implementation should not be invoked concurrently.
        Throws:
        Exception - if there is an unrecoverable error processing the directory contents

      • updated

        protected void updated()
        Marks the time at which the authorization state was last refreshed. Relevant for synchronous policy updates. This implementation should not be invoked concurrently.

      • applyACL

        protected void applyACL​(AuthorizationEntry entry,
                        SearchResult result,
                        SimpleCachedLDAPAuthorizationMap.PermissionType permissionType)
                 throws NamingException
        Applies the policy from the directory to the given entry within the context of the provided permission type.
        Parameters:
        entry - the policy entry to apply the policy to
        result - the results from the directory to apply to the policy entry
        permissionType - the permission type of the data in the directory
        Throws:
        NamingException - if there is an error applying the ACL

      • applyAcl

        protected void applyAcl​(AuthorizationEntry entry,
                        SimpleCachedLDAPAuthorizationMap.PermissionType permissionType,
                        Set<Object> acls)
        Applies policy to the entry given the actual principals that will be applied to the policy entry.
        Parameters:
        entry - the policy entry to which the policy should be applied
        permissionType - the type of the permission that the policy will be applied to
        acls - the principals that represent the actual policy

      • formatDestinationName

        protected String formatDestinationName​(Rdn destinationName)
        Parses the RDN representing a destination name/pattern into the standard string representation of the name/pattern. This implementation does not care about the type of the RDN such that the RDN could be a CN or OU.
        Parameters:
        destinationName - the RDN representing the name or pattern for the destination
        See Also:
        #formatDestination(Rdn, Rdn)

      • transcribeSet

        protected <T> Set<T> transcribeSet​(Set<T> source)
        Transcribes an existing set into a new set. Used to make defensive copies for concurrent access.
        Parameters:
        source - the source set or null
        Returns:
        a new set containing the same elements as source or null if source is null

      • checkForUpdates

        protected void checkForUpdates()
        Performs a check for updates from the server in the event that synchronous updates are enabled and are the refresh interval has elapsed.

      • getTempDestinationAdminACLs

        public Set<Object> getTempDestinationAdminACLs()
        Provides synchronized and defensive access to the admin ACLs for temp destinations as the super implementation returns live copies of the ACLs and AuthorizationEntry is not setup for concurrent access.
        Specified by:
        getTempDestinationAdminACLs in interface AuthorizationMap

      • getTempDestinationReadACLs

        public Set<Object> getTempDestinationReadACLs()
        Provides synchronized and defensive access to the read ACLs for temp destinations as the super implementation returns live copies of the ACLs and AuthorizationEntry is not setup for concurrent access.
        Specified by:
        getTempDestinationReadACLs in interface AuthorizationMap

      • getTempDestinationWriteACLs

        public Set<Object> getTempDestinationWriteACLs()
        Provides synchronized and defensive access to the write ACLs for temp destinations as the super implementation returns live copies of the ACLs and AuthorizationEntry is not setup for concurrent access.
        Specified by:
        getTempDestinationWriteACLs in interface AuthorizationMap

      • objectRenamed

        public void objectRenamed​(NamingEvent namingEvent,
                          SimpleCachedLDAPAuthorizationMap.DestinationType destinationType,
                          SimpleCachedLDAPAuthorizationMap.PermissionType permissionType)
        Handler for renamed policy entries in the directory. This handler deals with the renaming of destination entries as well as permission entries. If the permission type is not null, it is assumed that we are dealing with the renaming of a permission entry. Otherwise, it is assumed that we are dealing with the renaming of a destination entry.
        Parameters:
        namingEvent - the renaming entry event that occurred
        destinationType - the type of the destination to which the event applies
        permissionType - the permission type to which the event applies

      • namingExceptionThrown

        public void namingExceptionThrown​(NamingExceptionEvent namingExceptionEvent)
        Handler for exception events from the registry.
        Parameters:
        namingExceptionEvent - the exception event

      • afterPropertiesSet

        public void afterPropertiesSet()
                        throws Exception
        Throws:
        Exception

      • getConnectionURL

        public String getConnectionURL()

      • setConnectionURL

        public void setConnectionURL​(String connectionURL)

      • getConnectionUsername

        public String getConnectionUsername()

      • setConnectionUsername

        public void setConnectionUsername​(String connectionUsername)

      • getConnectionPassword

        public String getConnectionPassword()

      • setConnectionPassword

        public void setConnectionPassword​(String connectionPassword)

      • getConnectionProtocol

        public String getConnectionProtocol()

      • setConnectionProtocol

        public void setConnectionProtocol​(String connectionProtocol)

      • getAuthentication

        public String getAuthentication()

      • setAuthentication

        public void setAuthentication​(String authentication)

      • getQueueSearchBase

        public String getQueueSearchBase()

      • setQueueSearchBase

        public void setQueueSearchBase​(String queueSearchBase)

      • getTopicSearchBase

        public String getTopicSearchBase()

      • setTopicSearchBase

        public void setTopicSearchBase​(String topicSearchBase)

      • getTempSearchBase

        public String getTempSearchBase()

      • setTempSearchBase

        public void setTempSearchBase​(String tempSearchBase)

      • getPermissionGroupMemberAttribute

        public String getPermissionGroupMemberAttribute()

      • setPermissionGroupMemberAttribute

        public void setPermissionGroupMemberAttribute​(String permissionGroupMemberAttribute)

      • getAdminPermissionGroupSearchFilter

        public String getAdminPermissionGroupSearchFilter()

      • setAdminPermissionGroupSearchFilter

        public void setAdminPermissionGroupSearchFilter​(String adminPermissionGroupSearchFilter)

      • getReadPermissionGroupSearchFilter

        public String getReadPermissionGroupSearchFilter()

      • setReadPermissionGroupSearchFilter

        public void setReadPermissionGroupSearchFilter​(String readPermissionGroupSearchFilter)

      • getWritePermissionGroupSearchFilter

        public String getWritePermissionGroupSearchFilter()

      • setWritePermissionGroupSearchFilter

        public void setWritePermissionGroupSearchFilter​(String writePermissionGroupSearchFilter)

      • isLegacyGroupMapping

        public boolean isLegacyGroupMapping()

      • setLegacyGroupMapping

        public void setLegacyGroupMapping​(boolean legacyGroupMapping)

      • getGroupObjectClass

        public String getGroupObjectClass()

      • setGroupObjectClass

        public void setGroupObjectClass​(String groupObjectClass)

      • getUserObjectClass

        public String getUserObjectClass()

      • setUserObjectClass

        public void setUserObjectClass​(String userObjectClass)

      • getGroupNameAttribute

        public String getGroupNameAttribute()

      • setGroupNameAttribute

        public void setGroupNameAttribute​(String groupNameAttribute)

      • getUserNameAttribute

        public String getUserNameAttribute()

      • setUserNameAttribute

        public void setUserNameAttribute​(String userNameAttribute)

      • isRefreshDisabled

        public boolean isRefreshDisabled()

      • setRefreshDisabled

        public void setRefreshDisabled​(boolean refreshDisabled)

      • getRefreshInterval

        public int getRefreshInterval()

      • setRefreshInterval

        public void setRefreshInterval​(int refreshInterval)

      • getGroupClass

        public String getGroupClass()

      • setGroupClass

        public void setGroupClass​(String groupClass)