001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.activemq.security;
018
019import java.util.Set;
020
021import org.apache.activemq.broker.ConnectionContext;
022import org.apache.activemq.broker.region.Destination;
023import org.apache.activemq.broker.region.DestinationFilter;
024import org.apache.activemq.broker.region.Subscription;
025import org.apache.activemq.command.ActiveMQDestination;
026
027/**
028 * Authorizes addSubscription calls.
029 */
030public class AuthorizationDestinationFilter extends DestinationFilter {
031
032    private final AuthorizationBroker broker;
033
034    public AuthorizationDestinationFilter(Destination destination, AuthorizationBroker broker) {
035        super(destination);
036        this.broker = broker;
037    }
038
039    @Override
040    public void addSubscription(ConnectionContext context, Subscription sub) throws Exception {
041        // authorize subscription
042        final SecurityContext securityContext = broker.checkSecurityContext(context);
043
044        final AuthorizationMap authorizationMap = broker.getAuthorizationMap();
045        // use the destination being filtered, instead of the destination from the consumerinfo in the subscription
046        // since that could be a wildcard destination
047        final ActiveMQDestination destination = next.getActiveMQDestination();
048
049        Set<?> allowedACLs;
050        if (!destination.isTemporary()) {
051            allowedACLs = authorizationMap.getReadACLs(destination);
052        } else {
053            allowedACLs = authorizationMap.getTempDestinationReadACLs();
054        }
055
056        if (!securityContext.isBrokerContext() && allowedACLs != null && !securityContext.isInOneOf(allowedACLs) ) {
057            throw new SecurityException("User " + securityContext.getUserName() + " is not authorized to read from: " + destination);
058        }
059
060        super.addSubscription(context, sub);
061    }
062
063}