001/** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.activemq.security; 018 019import java.util.HashMap; 020import java.util.HashSet; 021import java.util.Iterator; 022import java.util.List; 023import java.util.Map; 024import java.util.Set; 025import java.util.StringTokenizer; 026 027import org.apache.activemq.broker.Broker; 028import org.apache.activemq.broker.BrokerPlugin; 029import org.apache.activemq.jaas.GroupPrincipal; 030 031/** 032 * A simple authentication plugin 033 * 034 * @org.apache.xbean.XBean element="simpleAuthenticationPlugin" 035 * description="Provides a simple authentication plugin 036 * configured with a map of user-passwords and a map of 037 * user-groups or a list of authentication users" 038 * 039 * 040 */ 041public class SimpleAuthenticationPlugin implements BrokerPlugin { 042 private Map<String, String> userPasswords; 043 private Map<String, Set<GroupPrincipal>> userGroups; 044 private static final String DEFAULT_ANONYMOUS_USER = "anonymous"; 045 private static final String DEFAULT_ANONYMOUS_GROUP = "anonymous"; 046 private String anonymousUser = DEFAULT_ANONYMOUS_USER; 047 private String anonymousGroup = DEFAULT_ANONYMOUS_GROUP; 048 private boolean anonymousAccessAllowed = false; 049 050 public SimpleAuthenticationPlugin() { 051 } 052 053 public SimpleAuthenticationPlugin(List users) { 054 setUsers(users); 055 } 056 057 public Broker installPlugin(Broker parent) { 058 SimpleAuthenticationBroker broker = new SimpleAuthenticationBroker(parent, userPasswords, userGroups); 059 broker.setAnonymousAccessAllowed(anonymousAccessAllowed); 060 broker.setAnonymousUser(anonymousUser); 061 broker.setAnonymousGroup(anonymousGroup); 062 return broker; 063 } 064 065 public Map<String, Set<GroupPrincipal>> getUserGroups() { 066 return userGroups; 067 } 068 069 /** 070 * Sets individual users for authentication 071 * 072 * @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthenticationUser" 073 */ 074 public void setUsers(List users) { 075 userPasswords = new HashMap<String, String>(); 076 userGroups = new HashMap<String, Set<GroupPrincipal>>(); 077 for (Iterator it = users.iterator(); it.hasNext();) { 078 AuthenticationUser user = (AuthenticationUser)it.next(); 079 userPasswords.put(user.getUsername(), user.getPassword()); 080 Set<GroupPrincipal> groups = new HashSet<GroupPrincipal>(); 081 StringTokenizer iter = new StringTokenizer(user.getGroups(), ","); 082 while (iter.hasMoreTokens()) { 083 String name = iter.nextToken().trim(); 084 groups.add(new GroupPrincipal(name)); 085 } 086 userGroups.put(user.getUsername(), groups); 087 } 088 } 089 090 091 public void setAnonymousAccessAllowed(boolean anonymousAccessAllowed) { 092 this.anonymousAccessAllowed = anonymousAccessAllowed; 093 } 094 095 public void setAnonymousUser(String anonymousUser) { 096 this.anonymousUser = anonymousUser; 097 } 098 099 public void setAnonymousGroup(String anonymousGroup) { 100 this.anonymousGroup = anonymousGroup; 101 } 102 103 /** 104 * Sets the groups a user is in. The key is the user name and the value is a 105 * Set of groups 106 */ 107 public void setUserGroups(Map<String, Set<GroupPrincipal>> userGroups) { 108 this.userGroups = userGroups; 109 } 110 111 public Map<String, String> getUserPasswords() { 112 return userPasswords; 113 } 114 115 /** 116 * Sets the map indexed by user name with the value the password 117 */ 118 public void setUserPasswords(Map<String, String> userPasswords) { 119 this.userPasswords = userPasswords; 120 } 121 122}