001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.activemq.security;
018
019import java.util.Collections;
020import java.util.HashSet;
021import java.util.Iterator;
022import java.util.Set;
023import java.util.concurrent.ConcurrentHashMap;
024
025import org.apache.activemq.command.ActiveMQDestination;
026
027/**
028 * Used to cache up authorizations so that subsequent requests are faster.
029 * 
030 * 
031 */
032public abstract class SecurityContext {
033
034    public static final SecurityContext BROKER_SECURITY_CONTEXT = new SecurityContext("ActiveMQBroker") {
035        @Override
036        public boolean isBrokerContext() {
037            return true;
038        }
039
040        @SuppressWarnings("unchecked")
041        public Set<?> getPrincipals() {
042            return Collections.EMPTY_SET;
043        }
044    };
045
046    final String userName;
047
048    final ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> authorizedReadDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>();
049    final ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> authorizedWriteDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>();
050
051    public SecurityContext(String userName) {
052        this.userName = userName;
053    }
054
055    public boolean isInOneOf(Set<?> allowedPrincipals) {
056        Iterator allowedIter = allowedPrincipals.iterator();
057        HashSet<?> userPrincipals = new HashSet<Object>(getPrincipals());
058        while (allowedIter.hasNext()) {
059                Iterator userIter = userPrincipals.iterator();
060                Object allowedPrincipal = allowedIter.next(); 
061                while (userIter.hasNext()) {
062                        if (allowedPrincipal.equals(userIter.next()))
063                                return true;
064                }
065        }
066        return false;
067    }
068
069    public abstract Set<?> getPrincipals();
070
071    public String getUserName() {
072        return userName;
073    }
074
075    public ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedReadDests() {
076        return authorizedReadDests;
077    }
078
079    public ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedWriteDests() {
080        return authorizedWriteDests;
081    }
082
083    public boolean isBrokerContext() {
084        return false;
085    }
086}