ARTEMIS-1473 fix default user/pass system props
Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/c93a2506 Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/c93a2506 Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/c93a2506 Branch: refs/heads/master Commit: c93a25063519f9cc55fb3f614af66fcdcfe7e4a1 Parents: ac73f38 Author: Justin Bertram <jbert...@apache.org> Authored: Wed Oct 25 12:45:17 2017 -0500 Committer: Justin Bertram <jbert...@apache.org> Committed: Wed Oct 25 14:56:09 2017 -0500 ---------------------------------------------------------------------- .../jms/client/DefaultConnectionProperties.java | 38 +++++---- .../artemis/jms/tests/SecurityTest.java | 87 +++++++++++++++++++- 2 files changed, 106 insertions(+), 19 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/c93a2506/artemis-jms-client/src/main/java/org/apache/activemq/artemis/jms/client/DefaultConnectionProperties.java ---------------------------------------------------------------------- diff --git a/artemis-jms-client/src/main/java/org/apache/activemq/artemis/jms/client/DefaultConnectionProperties.java b/artemis-jms-client/src/main/java/org/apache/activemq/artemis/jms/client/DefaultConnectionProperties.java index 328ab71..aba1c8b 100644 --- a/artemis-jms-client/src/main/java/org/apache/activemq/artemis/jms/client/DefaultConnectionProperties.java +++ b/artemis-jms-client/src/main/java/org/apache/activemq/artemis/jms/client/DefaultConnectionProperties.java @@ -34,12 +34,19 @@ import java.security.PrivilegedAction; */ public class DefaultConnectionProperties { - public static final String DEFAULT_BROKER_HOST; - public static final int DEFAULT_BROKER_PORT; - public static final String DEFAULT_BROKER_BIND_URL; - public static final String DEFAULT_BROKER_URL; - public static final String DEFAULT_USER; - public static final String DEFAULT_PASSWORD; + public static final String AMQ_HOST = "AMQ_HOST"; + public static final String AMQ_PORT = "AMQ_PORT"; + public static final String AMQ_USER = "AMQ_USER"; + public static final String AMQ_PASSWORD = "AMQ_PASSWORD"; + public static final String BROKER_BIND_URL = "BROKER_BIND_URL"; + public static final String PREFIX = "org.apache.activemq."; + + public static String DEFAULT_BROKER_HOST; + public static int DEFAULT_BROKER_PORT; + public static String DEFAULT_BROKER_BIND_URL; + public static String DEFAULT_BROKER_URL; + public static String DEFAULT_USER; + public static String DEFAULT_PASSWORD; static String getProperty(final String defaultValue, final String... propertyNames) { return AccessController.doPrivileged(new PrivilegedAction<String>() { @@ -57,21 +64,20 @@ public class DefaultConnectionProperties { } static { - String host = getProperty("localhost", "AMQ_HOST", "org.apache.activemq.AMQ_HOST"); - String port = getProperty("61616", "AMQ_PORT", "org.apache.activemq.AMQ_PORT"); + initialize(); + } + + public static void initialize() { + String host = getProperty("localhost", AMQ_HOST, PREFIX + AMQ_HOST); + String port = getProperty("61616", AMQ_PORT, PREFIX + AMQ_PORT); DEFAULT_BROKER_HOST = host; DEFAULT_BROKER_PORT = Integer.parseInt(port); - String url = getProperty("tcp://" + host + ":" + port, "org.apache.activemq.BROKER_BIND_URL", "BROKER_BIND_URL"); - DEFAULT_USER = getProperty(null, "AMQ_USER", "org.apache.activemq.AMQ_USER"); - DEFAULT_PASSWORD = getProperty(null, "AMQ_PASSWORD", "org.apache.activemq.AMQ_PASSWORD"); - - if (DEFAULT_USER != null && DEFAULT_PASSWORD != null) { - url += "?user=" + DEFAULT_USER + "&password=" + DEFAULT_PASSWORD; - } + String url = getProperty("tcp://" + host + ":" + port, PREFIX + BROKER_BIND_URL, BROKER_BIND_URL); + DEFAULT_USER = getProperty(null, AMQ_USER, PREFIX + AMQ_USER); + DEFAULT_PASSWORD = getProperty(null, AMQ_PASSWORD, PREFIX + AMQ_PASSWORD); DEFAULT_BROKER_BIND_URL = url; // TODO: improve this once we implement failover:// as ActiveMQ5 does DEFAULT_BROKER_URL = DEFAULT_BROKER_BIND_URL; } - } http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/c93a2506/tests/jms-tests/src/test/java/org/apache/activemq/artemis/jms/tests/SecurityTest.java ---------------------------------------------------------------------- diff --git a/tests/jms-tests/src/test/java/org/apache/activemq/artemis/jms/tests/SecurityTest.java b/tests/jms-tests/src/test/java/org/apache/activemq/artemis/jms/tests/SecurityTest.java index 3d281df..d7137ae 100644 --- a/tests/jms-tests/src/test/java/org/apache/activemq/artemis/jms/tests/SecurityTest.java +++ b/tests/jms-tests/src/test/java/org/apache/activemq/artemis/jms/tests/SecurityTest.java @@ -22,7 +22,12 @@ import javax.jms.IllegalStateException; import javax.jms.JMSSecurityException; import javax.jms.Session; +import org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory; +import org.apache.activemq.artemis.jms.client.DefaultConnectionProperties; import org.apache.activemq.artemis.jms.tests.util.ProxyAssertSupport; +import org.junit.After; +import org.junit.Assert; +import org.junit.Before; import org.junit.Test; /** @@ -31,10 +36,40 @@ import org.junit.Test; * This test must be run with the Test security config. on the server */ public class SecurityTest extends JMSTestCase { + private String originalAmqUser; + private String originalAmqPassword; + private String originalBrokerBindUrl; - /** - * Login with no user, no password Should allow login (equivalent to guest) - */ + @Before + public void setupProperty() { + originalAmqUser = System.getProperty(DefaultConnectionProperties.AMQ_USER); + originalAmqPassword = System.getProperty(DefaultConnectionProperties.AMQ_PASSWORD); + originalBrokerBindUrl = System.getProperty(DefaultConnectionProperties.BROKER_BIND_URL); + } + + @After + public void clearProperty() { + if (originalAmqUser == null) { + System.clearProperty(DefaultConnectionProperties.AMQ_USER); + } else { + System.setProperty(DefaultConnectionProperties.AMQ_USER, originalAmqUser); + } + if (originalAmqPassword == null) { + System.clearProperty(DefaultConnectionProperties.AMQ_PASSWORD); + } else { + System.setProperty(DefaultConnectionProperties.AMQ_PASSWORD, originalAmqPassword); + } + if (originalBrokerBindUrl == null) { + System.clearProperty(DefaultConnectionProperties.BROKER_BIND_URL); + } else { + System.setProperty(DefaultConnectionProperties.BROKER_BIND_URL, originalBrokerBindUrl); + } + } + + + /** + * Login with no user, no password Should allow login (equivalent to guest) + */ @Test public void testLoginNoUserNoPassword() throws Exception { createConnection(); @@ -61,6 +96,34 @@ public class SecurityTest extends JMSTestCase { } /** + * Login with valid user and password + * Should allow + */ + @Test + public void testLoginValidUserAndPasswordSystemProperty() throws Exception { + System.setProperty(DefaultConnectionProperties.AMQ_USER, "guest"); + System.setProperty(DefaultConnectionProperties.AMQ_PASSWORD, "guest"); + DefaultConnectionProperties.initialize(); + ConnectionFactory cf = new ActiveMQConnectionFactory(); + Connection conn = addConnection(cf.createConnection()); + } + + /** + * Login with valid user and password + * Should allow + */ + @Test + public void testLoginValidUserAndPasswordSystemPropertyWithAdditionalProperties() throws Exception { + System.setProperty(DefaultConnectionProperties.AMQ_USER, "guest"); + System.setProperty(DefaultConnectionProperties.AMQ_PASSWORD, "guest"); + System.setProperty(DefaultConnectionProperties.BROKER_BIND_URL, "tcp://localhost:61616?compressLargeMessage=true"); + DefaultConnectionProperties.initialize(); + ConnectionFactory cf = new ActiveMQConnectionFactory(); + Connection conn = addConnection(cf.createConnection()); + Assert.assertTrue(((ActiveMQConnectionFactory) cf).isCompressLargeMessage()); + } + + /** * Login with valid user and invalid password * Should allow */ @@ -75,6 +138,24 @@ public class SecurityTest extends JMSTestCase { } /** + * Login with valid user and invalid password + * Should allow + */ + @Test + public void testLoginValidUserInvalidPasswordSystemProperty() throws Exception { + System.setProperty(DefaultConnectionProperties.AMQ_USER, "guest"); + System.setProperty(DefaultConnectionProperties.AMQ_PASSWORD, "not.the.valid.password"); + DefaultConnectionProperties.initialize(); + try { + ConnectionFactory cf = new ActiveMQConnectionFactory(); + Connection conn1 = addConnection(cf.createConnection()); + ProxyAssertSupport.fail(); + } catch (JMSSecurityException e) { + // Expected + } + } + + /** * Login with invalid user and invalid password * Should allow */