From a5a183cd30706ddc235b89465014498755479e88 Mon Sep 17 00:00:00 2001
From: Alex Rudyy <orudyy@apache.org>
Date: Tue, 17 Sep 2013 14:26:03 +0000
Subject: QPID-5138: Disallow setting of preferneces provider for anonymous
 authentication provider

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1524061 13f79535-47bb-0310-9956-ffa450edef68
---
 .../adapter/AuthenticationProviderAdapter.java     |  9 +++
 .../adapter/FileSystemPreferencesProvider.java     |  9 ++-
 .../AuthenticationProviderRecovererTest.java       | 81 +++++++++++++---------
 3 files changed, 65 insertions(+), 34 deletions(-)

(limited to 'qpid/java/broker/src')

diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java
index f0076bd983..cbf8e1ba30 100644
--- a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java
+++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AuthenticationProviderAdapter.java
@@ -56,6 +56,7 @@ import org.apache.qpid.server.security.SubjectCreator;
 import org.apache.qpid.server.security.access.Operation;
 import org.apache.qpid.server.security.auth.UsernamePrincipal;
 import org.apache.qpid.server.security.auth.database.PrincipalDatabase;
+import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManagerFactory;
 import org.apache.qpid.server.security.auth.manager.AuthenticationManager;
 import org.apache.qpid.server.security.auth.manager.PrincipalDatabaseAuthenticationManager;
 import org.apache.qpid.server.security.SecurityManager;
@@ -303,6 +304,10 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana
             if (_state.compareAndSet(state, State.STOPPED))
             {
                 _authManager.close();
+                if (_preferencesProvider != null)
+                {
+                    _preferencesProvider.setDesiredState(_preferencesProvider.getActualState(), State.STOPPED);
+                }
                 return true;
             }
             else
@@ -421,6 +426,10 @@ public abstract class AuthenticationProviderAdapter<T extends AuthenticationMana
 
     public void setPreferencesProvider(PreferencesProvider provider)
     {
+        if (AnonymousAuthenticationManagerFactory.PROVIDER_TYPE.equals(getAttribute(TYPE)))
+        {
+            throw new IllegalConfigurationException("Cannot set preferences provider for anonymous authentication provider");
+        }
         _preferencesProvider = provider;
     }
 
diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/FileSystemPreferencesProvider.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/FileSystemPreferencesProvider.java
index 0b0610681a..5914b8d8d2 100644
--- a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/FileSystemPreferencesProvider.java
+++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/FileSystemPreferencesProvider.java
@@ -520,7 +520,7 @@ public class FileSystemPreferencesProvider extends AbstractAdapter implements Pr
 
     private void getFileLock() throws IOException, AMQStoreException
     {
-        File lockFile = new File(_preferencesLocation.getAbsolutePath() + ".lck");
+        File lockFile = new File(getLockFileName());
         lockFile.createNewFile();
 
         FileOutputStream out = new FileOutputStream(lockFile);
@@ -540,6 +540,11 @@ public class FileSystemPreferencesProvider extends AbstractAdapter implements Pr
         lockFile.deleteOnExit();
     }
 
+    private String getLockFileName()
+    {
+        return _preferencesLocation.getAbsolutePath() + ".lck";
+    }
+
     public void close()
     {
         try
@@ -552,7 +557,7 @@ public class FileSystemPreferencesProvider extends AbstractAdapter implements Pr
         }
         finally
         {
-            new File(_preferencesLocation.getAbsolutePath() + ".lck").delete();
+            new File(getLockFileName()).delete();
             _fileLock = null;
             _preferences.clear();
         }
diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/AuthenticationProviderRecovererTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/AuthenticationProviderRecovererTest.java
index 36e485844f..eed54ef5bf 100644
--- a/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/AuthenticationProviderRecovererTest.java
+++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/AuthenticationProviderRecovererTest.java
@@ -43,7 +43,7 @@ import org.apache.qpid.server.model.adapter.FileSystemPreferencesProvider;
 import org.apache.qpid.server.model.adapter.PreferencesProviderCreator;
 import org.apache.qpid.server.plugin.AuthenticationManagerFactory;
 import org.apache.qpid.server.plugin.QpidServiceLoader;
-import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManagerFactory;
+import org.apache.qpid.server.security.auth.manager.PlainPasswordFileAuthenticationManagerFactory;
 import org.apache.qpid.server.util.BrokerTestHelper;
 import org.apache.qpid.test.utils.QpidTestCase;
 import org.apache.qpid.test.utils.TestFileUtils;
@@ -82,44 +82,61 @@ public class AuthenticationProviderRecovererTest extends QpidTestCase
 
     public void testRecoverAuthenticationProviderWithPreferencesProvider()
     {
-        Map<String, Object> authenticationAttributes = new HashMap<String, Object>();
-        authenticationAttributes.put(AuthenticationManagerFactory.ATTRIBUTE_TYPE, AnonymousAuthenticationManagerFactory.PROVIDER_TYPE);
-        authenticationAttributes.put(AuthenticationProvider.NAME, "test-authenticator");
-        UUID authenticationId = UUID.randomUUID();
-
-        final PreferencesProviderRecoverer preferencesRecoverer = new PreferencesProviderRecoverer(_preferencesProviderCreator);
-        RecovererProvider recovererProvider = new RecovererProvider()
+        File authenticationProviderFile = TestFileUtils.createTempFile(this, "test-authenticator.txt", "test_user:test_user");
+        try
         {
-            @Override
-            public ConfiguredObjectRecoverer<? extends ConfiguredObject> getRecoverer(String type)
+            Map<String, Object> authenticationAttributes = new HashMap<String, Object>();
+            authenticationAttributes.put(AuthenticationManagerFactory.ATTRIBUTE_TYPE,
+                    PlainPasswordFileAuthenticationManagerFactory.PROVIDER_TYPE);
+            authenticationAttributes.put(AuthenticationProvider.NAME, "test-authenticator");
+            authenticationAttributes.put(PlainPasswordFileAuthenticationManagerFactory.ATTRIBUTE_PATH,
+                    authenticationProviderFile.getAbsolutePath());
+            UUID authenticationId = UUID.randomUUID();
+
+            final PreferencesProviderRecoverer preferencesRecoverer = new PreferencesProviderRecoverer(_preferencesProviderCreator);
+            RecovererProvider recovererProvider = new RecovererProvider()
             {
-                return preferencesRecoverer;
-            }
-        };
+                @Override
+                public ConfiguredObjectRecoverer<? extends ConfiguredObject> getRecoverer(String type)
+                {
+                    return preferencesRecoverer;
+                }
+            };
 
-        Map<String, Object> preferencesAttributes = new HashMap<String, Object>();
-        UUID preferencesId = UUID.randomUUID();
-        preferencesAttributes.put(PreferencesProvider.TYPE, FileSystemPreferencesProvider.class);
-        preferencesAttributes.put(PreferencesProvider.NAME, "test-provider");
-        File file = TestFileUtils.createTempFile(this, ".prefs.json", "{\"test_user\":{\"pref1\": \"pref1Value\", \"pref2\": 1.0} }");
-        preferencesAttributes.put(FileSystemPreferencesProvider.PATH, file.getAbsolutePath());
-        ConfigurationEntry preferencesEntry = new ConfigurationEntry(preferencesId, PreferencesProvider.class.getSimpleName(), preferencesAttributes, Collections.<UUID>emptySet(), _configurationStore);
-        when(_configurationStore.getEntry(preferencesId)).thenReturn(preferencesEntry);
+            Map<String, Object> preferencesAttributes = new HashMap<String, Object>();
+            UUID preferencesId = UUID.randomUUID();
+            preferencesAttributes.put(PreferencesProvider.TYPE, FileSystemPreferencesProvider.class);
+            preferencesAttributes.put(PreferencesProvider.NAME, "test-provider");
+            File file = TestFileUtils.createTempFile(this, ".prefs.json",
+                    "{\"test_user\":{\"pref1\": \"pref1Value\", \"pref2\": 1.0} }");
+            preferencesAttributes.put(FileSystemPreferencesProvider.PATH, file.getAbsolutePath());
+            ConfigurationEntry preferencesEntry = new ConfigurationEntry(preferencesId, PreferencesProvider.class.getSimpleName(),
+                    preferencesAttributes, Collections.<UUID> emptySet(), _configurationStore);
+            when(_configurationStore.getEntry(preferencesId)).thenReturn(preferencesEntry);
 
-        ConfigurationEntry authenticationProviderEntry = new ConfigurationEntry(authenticationId, AuthenticationProvider.class.getSimpleName(), authenticationAttributes, Collections.singleton(preferencesId), _configurationStore);
-        try
-        {
-            AuthenticationProvider authenticationProvider = _recoverer.create(recovererProvider, authenticationProviderEntry, _broker);
-            assertNotNull("Authentication provider was not recovered", authenticationProvider);
-            assertEquals("Unexpected name", "test-authenticator", authenticationProvider.getName());
-            assertEquals("Unexpected id", authenticationId, authenticationProvider.getId());
-            PreferencesProvider preferencesProvider = authenticationProvider.getPreferencesProvider();
-            assertNotNull("Preferences provider was not recovered", preferencesProvider);
-            assertEquals("Unexpected path", file.getAbsolutePath(), preferencesProvider.getAttribute(FileSystemPreferencesProvider.PATH));
+            ConfigurationEntry authenticationProviderEntry = new ConfigurationEntry(authenticationId,
+                    AuthenticationProvider.class.getSimpleName(), authenticationAttributes, Collections.singleton(preferencesId),
+                    _configurationStore);
+            try
+            {
+                AuthenticationProvider authenticationProvider = _recoverer.create(recovererProvider, authenticationProviderEntry,
+                        _broker);
+                assertNotNull("Authentication provider was not recovered", authenticationProvider);
+                assertEquals("Unexpected name", "test-authenticator", authenticationProvider.getName());
+                assertEquals("Unexpected id", authenticationId, authenticationProvider.getId());
+                PreferencesProvider preferencesProvider = authenticationProvider.getPreferencesProvider();
+                assertNotNull("Preferences provider was not recovered", preferencesProvider);
+                assertEquals("Unexpected path", file.getAbsolutePath(),
+                        preferencesProvider.getAttribute(FileSystemPreferencesProvider.PATH));
+            }
+            finally
+            {
+                file.delete();
+            }
         }
         finally
         {
-            file.delete();
+            authenticationProviderFile.delete();
         }
     }
 
-- 
cgit v1.2.1