[jira] [Work logged] (ARTEMIS-5683) Properly convert wildcards in LegacyLDAPSecuritySettingPlugin

ASF GitHub Bot (Jira) Thu, 02 Oct 2025 09:40:05 -0700


     [ 
https://issues.apache.org/jira/browse/ARTEMIS-5683?focusedWorklogId=985503&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-985503
 ]


ASF GitHub Bot logged work on ARTEMIS-5683:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 02/Oct/25 16:39
            Start Date: 02/Oct/25 16:39
    Worklog Time Spent: 10m 
      Work Description: brusdev commented on code in PR #5948:
URL: https://github.com/apache/activemq-artemis/pull/5948#discussion_r2399402189


##########
tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginWildcardTest.java:
##########
@@ -0,0 +1,224 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.artemis.tests.integration.isolated.security;
+
+import javax.naming.Context;
+import javax.naming.NameClassPair;
+import javax.naming.NamingEnumeration;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import java.io.File;
+import java.lang.management.ManagementFactory;
+import java.net.URL;
+import java.util.HashSet;
+import java.util.Hashtable;
+import java.util.Set;
+
+import org.apache.activemq.artemis.api.core.ActiveMQException;
+import org.apache.activemq.artemis.api.core.QueueConfiguration;
+import org.apache.activemq.artemis.api.core.TransportConfiguration;
+import org.apache.activemq.artemis.api.core.client.ActiveMQClient;
+import org.apache.activemq.artemis.api.core.client.ClientProducer;
+import org.apache.activemq.artemis.api.core.client.ClientSession;
+import org.apache.activemq.artemis.api.core.client.ClientSessionFactory;
+import org.apache.activemq.artemis.api.core.client.ServerLocator;
+import org.apache.activemq.artemis.core.config.Configuration;
+import org.apache.activemq.artemis.core.config.WildcardConfiguration;
+import org.apache.activemq.artemis.core.config.impl.ConfigurationImpl;
+import org.apache.activemq.artemis.core.remoting.impl.invm.InVMAcceptorFactory;
+import 
org.apache.activemq.artemis.core.remoting.impl.invm.InVMConnectorFactory;
+import org.apache.activemq.artemis.core.server.ActiveMQServer;
+import org.apache.activemq.artemis.core.server.ActiveMQServers;
+import 
org.apache.activemq.artemis.core.server.impl.LegacyLDAPSecuritySettingPlugin;
+import 
org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager;
+import org.apache.activemq.artemis.tests.util.ActiveMQTestBase;
+import org.apache.directory.server.annotations.CreateLdapServer;
+import org.apache.directory.server.annotations.CreateTransport;
+import org.apache.directory.server.core.annotations.ApplyLdifFiles;
+import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
+import org.apache.directory.server.core.integ.FrameworkRunner;
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+import org.junit.runner.RunWith;
+
+import static 
org.apache.activemq.artemis.core.config.WildcardConfiguration.DEFAULT_WILDCARD_CONFIGURATION;
+
+@RunWith(FrameworkRunner.class)
+@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP", port = 
1024)})
+@ApplyLdifFiles("AMQauthWildcard.ldif")
+public class LegacyLDAPSecuritySettingPluginWildcardTest extends 
AbstractLdapTestUnit {

Review Comment:
   Can you also add test cases for failing matches?



##########
docs/user-manual/security.adoc:
##########
@@ -349,6 +349,21 @@ Whether or not to map the legacy `read` permission to the 
`createDurableQueue`,
 This was allowed in ActiveMQ Classic.
 The default value is `false`.
 
+anyWordsWildcardConversion::
+This is a 1-character value that should match the `any-words` 
xref:wildcard-syntax.adoc#customizing-the-syntax[wildcard syntax] setting 
defined for the broker.
+The plugin will translate any `<` or `$` character to this value in an LDAP 
entry defining a destination name.

Review Comment:
   How will the plugin translate any `$` I only see `setAnyWords('>').` ?
   ```
   OPENWIRE_WILDCARD = new 
WildcardConfiguration().setDelimiter('.').setAnyWords('>').setSingleWord('*');
   ```



##########
artemis-server/src/test/java/org/apache/activemq/artemis/core/server/impl/LegacyLDAPSecuritySettingPluginTest.java:
##########
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.artemis.core.server.impl;
+
+import java.util.Map;
+
+import org.junit.Test;
+
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+public class LegacyLDAPSecuritySettingPluginTest {

Review Comment:
   Can you add also tests for successful settings?





Issue Time Tracking
-------------------

    Worklog Id:     (was: 985503)
    Time Spent: 20m  (was: 10m)

> Properly convert wildcards in LegacyLDAPSecuritySettingPlugin
> -------------------------------------------------------------
>
>                 Key: ARTEMIS-5683
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-5683
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>            Reporter: Justin Bertram
>            Assignee: Justin Bertram
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> Classic supports translating {{$}} into {{<}} for wildcards in its 
> [{{SimpleCachedLDAPAuthorizationMap}}|https://github.com/apache/activemq/blob/f68fff981b5a7b62a68b8c2f4ef01c73cf2d3404/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java#L588].
>  The corresponding {{LegacyLDAPSecuritySettingPlugin}} in Artemis should do 
> the same.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact

[jira] [Work logged] (ARTEMIS-5683) Properly convert wildcards in LegacyLDAPSecuritySettingPlugin

Reply via email to