From 2a0ced98b56d888f15f77348db2dd2788719df2f Mon Sep 17 00:00:00 2001 From: Keith Wall Date: Tue, 4 Sep 2012 13:19:03 +0000 Subject: QPID-4283: Make web management capable of using external authentication manager. also: * remove test servlets * rename management.html => index.html * allow sasl-auth to be disabled Work of Robbie Gemmell and myself. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1380626 13f79535-47bb-0310-9956-ffa450edef68 --- qpid/java/broker/etc/config.xml | 2 +- .../server/configuration/ServerConfiguration.java | 11 ++++++ .../manager/ExternalAuthenticationManager.java | 3 +- .../configuration/ServerConfigurationTest.java | 39 ++++++++++++++++++++++ 4 files changed, 53 insertions(+), 2 deletions(-) (limited to 'qpid/java/broker') diff --git a/qpid/java/broker/etc/config.xml b/qpid/java/broker/etc/config.xml index 7bd4ceb128..7301d9eefd 100644 --- a/qpid/java/broker/etc/config.xml +++ b/qpid/java/broker/etc/config.xml @@ -48,7 +48,7 @@ 8999 diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java index f94bd684e9..de34ed1fad 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java @@ -620,6 +620,16 @@ public class ServerConfiguration extends ConfigurationPlugin return getBooleanValue("management.https.basic-auth", true); } + public boolean getHTTPManagementSaslAuthEnabled() + { + return getBooleanValue("management.http.sasl-auth", true); + } + + public boolean getHTTPSManagementSaslAuthEnabled() + { + return getBooleanValue("management.https.sasl-auth", true); + } + public String[] getVirtualHosts() { return _virtualHosts.keySet().toArray(new String[_virtualHosts.size()]); @@ -1053,4 +1063,5 @@ public class ServerConfiguration extends ConfigurationPlugin _qpidHome = path; } + } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManager.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManager.java index a1328ca0de..7ca296cc47 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManager.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationManager.java @@ -29,6 +29,7 @@ import org.apache.log4j.Logger; import org.apache.qpid.server.configuration.plugins.ConfigurationPlugin; import org.apache.qpid.server.configuration.plugins.ConfigurationPluginFactory; import org.apache.qpid.server.security.auth.AuthenticationResult; +import org.apache.qpid.server.security.auth.UsernamePrincipal; import org.apache.qpid.server.security.auth.sasl.external.ExternalSaslServer; public class ExternalAuthenticationManager implements AuthenticationManager @@ -159,7 +160,7 @@ public class ExternalAuthenticationManager implements AuthenticationManager @Override public AuthenticationResult authenticate(String username, String password) { - return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR); + return new AuthenticationResult(new UsernamePrincipal(username)); } @Override diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java index 660ff5e7d4..5d4e0edcc9 100644 --- a/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java +++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java @@ -300,6 +300,45 @@ public class ServerConfigurationTest extends QpidTestCase assertEquals(false, _serverConfig.getJMXManagementEnabled()); } + public void testGetHTTPManagementEnabled() throws ConfigurationException + { + // Check default + _serverConfig.initialise(); + assertEquals(true, _serverConfig.getHTTPManagementEnabled()); + + // Check value we set + _config.setProperty("management.http.enabled", false); + _serverConfig = new ServerConfiguration(_config); + _serverConfig.initialise(); + assertEquals(false, _serverConfig.getHTTPManagementEnabled()); + } + + public void testGetHTTPManagementSaslAuthEnabled() throws ConfigurationException + { + // Check default + _serverConfig.initialise(); + assertEquals(true, _serverConfig.getHTTPManagementSaslAuthEnabled()); + + // Check value we set + _config.setProperty("management.http.sasl-auth", false); + _serverConfig = new ServerConfiguration(_config); + _serverConfig.initialise(); + assertEquals(false, _serverConfig.getHTTPManagementSaslAuthEnabled()); + } + + public void testGetHTTPSManagementSaslAuthEnabled() throws ConfigurationException + { + // Check default + _serverConfig.initialise(); + assertEquals(true, _serverConfig.getHTTPSManagementSaslAuthEnabled()); + + // Check value we set + _config.setProperty("management.https.sasl-auth", false); + _serverConfig = new ServerConfiguration(_config); + _serverConfig.initialise(); + assertEquals(false, _serverConfig.getHTTPSManagementSaslAuthEnabled()); + } + public void testGetManagementRightsInferAllAccess() throws Exception { _serverConfig.initialise(); -- cgit v1.2.1