@Override public Object[] getRoles() throws Exception { clearIO(); try { Set<Role> roles = securityRepository.getMatch(address.toString()); Object[] objRoles = new Object[roles.size()]; int i = 0; for (Role role : roles) { objRoles[i++] = new Object[] { role.getName(), CheckType.SEND.hasRole(role), CheckType.CONSUME.hasRole(role), CheckType.CREATE_DURABLE_QUEUE.hasRole(role), CheckType.DELETE_DURABLE_QUEUE.hasRole(role), CheckType.CREATE_NON_DURABLE_QUEUE.hasRole(role), CheckType.DELETE_NON_DURABLE_QUEUE.hasRole(role), CheckType.MANAGE.hasRole(role) }; } return objRoles; } finally { blockOnIO(); } }
@Test public void testSECURITY_PERMISSION_VIOLATION() throws Exception { SimpleString queue = RandomUtil.randomSimpleString(); SimpleString address = RandomUtil.randomSimpleString(); // guest can not create queue Role role = new Role( "roleCanNotCreateQueue", true, true, false, true, false, true, true, true, true, true); Set<Role> roles = new HashSet<>(); roles.add(role); server.getSecurityRepository().addMatch(address.toString(), roles); ActiveMQJAASSecurityManager securityManager = (ActiveMQJAASSecurityManager) server.getSecurityManager(); securityManager.getConfiguration().addRole("guest", "roleCanNotCreateQueue"); SecurityNotificationTest.flush(notifConsumer); ServerLocator locator = createInVMNonHALocator(); ClientSessionFactory sf = createSessionFactory(locator); ClientSession guestSession = sf.createSession("guest", "guest", false, true, true, false, 1); try { guestSession.createQueue(address, queue, true); Assert.fail( "session creation must fail and a notification of security violation must be sent"); } catch (Exception e) { } ClientMessage[] notifications = SecurityNotificationTest.consumeMessages(1, notifConsumer); Assert.assertEquals( SECURITY_PERMISSION_VIOLATION.toString(), notifications[0].getObjectProperty(ManagementHelper.HDR_NOTIFICATION_TYPE).toString()); Assert.assertEquals( "guest", notifications[0].getObjectProperty(ManagementHelper.HDR_USER).toString()); Assert.assertEquals( address.toString(), notifications[0].getObjectProperty(ManagementHelper.HDR_ADDRESS).toString()); Assert.assertEquals( CheckType.CREATE_DURABLE_QUEUE.toString(), notifications[0].getObjectProperty(ManagementHelper.HDR_CHECK_TYPE).toString()); guestSession.close(); }
@Test public void testGetRoles() throws Exception { SimpleString address = RandomUtil.randomSimpleString(); SimpleString queue = RandomUtil.randomSimpleString(); Role role = new Role( RandomUtil.randomString(), RandomUtil.randomBoolean(), RandomUtil.randomBoolean(), RandomUtil.randomBoolean(), RandomUtil.randomBoolean(), RandomUtil.randomBoolean(), RandomUtil.randomBoolean(), RandomUtil.randomBoolean()); session.createQueue(address, queue, true); CoreMessagingProxy proxy = createProxy(address); Object[] roles = (Object[]) proxy.retrieveAttributeValue("roles"); for (Object role2 : roles) { System.out.println(((Object[]) role2)[0]); } Assert.assertEquals(0, roles.length); Set<Role> newRoles = new HashSet<>(); newRoles.add(role); server.getSecurityRepository().addMatch(address.toString(), newRoles); roles = (Object[]) proxy.retrieveAttributeValue("roles"); Assert.assertEquals(1, roles.length); Object[] r = (Object[]) roles[0]; Assert.assertEquals(role.getName(), r[0]); Assert.assertEquals(CheckType.SEND.hasRole(role), r[1]); Assert.assertEquals(CheckType.CONSUME.hasRole(role), r[2]); Assert.assertEquals(CheckType.CREATE_DURABLE_QUEUE.hasRole(role), r[3]); Assert.assertEquals(CheckType.DELETE_DURABLE_QUEUE.hasRole(role), r[4]); Assert.assertEquals(CheckType.CREATE_NON_DURABLE_QUEUE.hasRole(role), r[5]); Assert.assertEquals(CheckType.DELETE_NON_DURABLE_QUEUE.hasRole(role), r[6]); Assert.assertEquals(CheckType.MANAGE.hasRole(role), r[7]); session.deleteQueue(queue); }