private void crash() throws Exception {
    /*
     * Rather than just calling stop() on the server here we want to simulate an actual node crash or bridge failure
     * so the bridge's failure listener needs to get something other than a DISCONNECTED message.  In this case we
     * simulate a NOT_CONNECTED exception.
     */
    final CountDownLatch latch = new CountDownLatch(1);
    ClusterConnectionImpl next =
        (ClusterConnectionImpl)
            server1.getClusterManager().getClusterConnections().iterator().next();
    BridgeImpl bridge = (BridgeImpl) next.getRecords().values().iterator().next().getBridge();
    RemotingConnection forwardingConnection = getForwardingConnection(bridge);
    forwardingConnection.addFailureListener(
        new FailureListener() {
          @Override
          public void connectionFailed(ActiveMQException exception, boolean failedOver) {
            latch.countDown();
          }

          @Override
          public void connectionFailed(
              final ActiveMQException me, boolean failedOver, String scaleDownTargetNodeID) {
            connectionFailed(me, failedOver);
          }
        });
    forwardingConnection.fail(new ActiveMQNotConnectedException());
    assertTrue(latch.await(5000, TimeUnit.MILLISECONDS));

    if (crash) {
      jmsServer2.stop();
    }
  }
  @Override
  public boolean validateUserAndRole(
      final String user,
      final String password,
      final Set<Role> roles,
      final CheckType checkType,
      final String address,
      final RemotingConnection connection) {
    X509Certificate[] certificates = null;
    if (connection.getTransportConnection() instanceof NettyConnection) {
      certificates =
          CertificateUtil.getCertsFromChannel(
              ((NettyConnection) connection.getTransportConnection()).getChannel());
    }
    Subject localSubject;
    try {
      localSubject = getAuthenticatedSubject(user, password, certificates);
    } catch (LoginException e) {
      ActiveMQServerLogger.LOGGER.debug("Couldn't validate user", e);
      return false;
    }

    boolean authorized = false;

    if (localSubject != null) {
      Set<RolePrincipal> rolesWithPermission = getPrincipalsInRole(checkType, roles);

      // Check the caller's roles
      Set<RolePrincipal> rolesForSubject = localSubject.getPrincipals(RolePrincipal.class);
      if (rolesForSubject.size() > 0 && rolesWithPermission.size() > 0) {
        Iterator<RolePrincipal> rolesForSubjectIter = rolesForSubject.iterator();
        while (!authorized && rolesForSubjectIter.hasNext()) {
          Iterator<RolePrincipal> rolesWithPermissionIter = rolesWithPermission.iterator();
          while (!authorized && rolesWithPermissionIter.hasNext()) {
            Principal role = rolesWithPermissionIter.next();
            authorized = rolesForSubjectIter.next().equals(role);
          }
        }
      }

      if (trace) {
        ActiveMQServerLogger.LOGGER.trace(
            "user " + (authorized ? " is " : " is NOT ") + "authorized");
      }
    }

    return authorized;
  }
Esempio n. 3
0
  public ActiveMQBuffer encode(final RemotingConnection connection) {
    ActiveMQBuffer buffer = connection.createTransportBuffer(PacketImpl.INITIAL_PACKET_SIZE);

    // The standard header fields

    buffer.writeInt(0); // The length gets filled in at the end
    buffer.writeByte(type);
    buffer.writeLong(channelID);

    encodeRest(buffer);

    size = buffer.writerIndex();

    // The length doesn't include the actual length byte
    int len = size - DataConstants.SIZE_INT;

    buffer.setInt(0, len);

    return buffer;
  }