001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.activemq.security; 018 019 import java.security.Principal; 020 import java.util.HashMap; 021 import java.util.HashSet; 022 import java.util.Iterator; 023 import java.util.List; 024 import java.util.Map; 025 import java.util.Set; 026 import java.util.StringTokenizer; 027 028 import org.apache.activemq.broker.Broker; 029 import org.apache.activemq.broker.BrokerPlugin; 030 import org.apache.activemq.jaas.GroupPrincipal; 031 032 /** 033 * A simple authentication plugin 034 * 035 * @org.apache.xbean.XBean element="simpleAuthenticationPlugin" 036 * description="Provides a simple authentication plugin 037 * configured with a map of user-passwords and a map of 038 * user-groups or a list of authentication users" 039 * 040 * 041 */ 042 public class SimpleAuthenticationPlugin implements BrokerPlugin { 043 private Map<String, String> userPasswords; 044 private Map<String, Set<Principal>> userGroups; 045 private static final String DEFAULT_ANONYMOUS_USER = "anonymous"; 046 private static final String DEFAULT_ANONYMOUS_GROUP = "anonymous"; 047 private String anonymousUser = DEFAULT_ANONYMOUS_USER; 048 private String anonymousGroup = DEFAULT_ANONYMOUS_GROUP; 049 private boolean anonymousAccessAllowed = false; 050 051 public SimpleAuthenticationPlugin() { 052 } 053 054 public SimpleAuthenticationPlugin(List<?> users) { 055 setUsers(users); 056 } 057 058 public Broker installPlugin(Broker parent) { 059 SimpleAuthenticationBroker broker = new SimpleAuthenticationBroker(parent, userPasswords, userGroups); 060 broker.setAnonymousAccessAllowed(anonymousAccessAllowed); 061 broker.setAnonymousUser(anonymousUser); 062 broker.setAnonymousGroup(anonymousGroup); 063 return broker; 064 } 065 066 public Map<String, Set<Principal>> getUserGroups() { 067 return userGroups; 068 } 069 070 /** 071 * Sets individual users for authentication 072 * 073 * @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthenticationUser" 074 */ 075 public void setUsers(List<?> users) { 076 userPasswords = new HashMap<String, String>(); 077 userGroups = new HashMap<String, Set<Principal>>(); 078 for (Iterator<?> it = users.iterator(); it.hasNext();) { 079 AuthenticationUser user = (AuthenticationUser)it.next(); 080 userPasswords.put(user.getUsername(), user.getPassword()); 081 Set<Principal> groups = new HashSet<Principal>(); 082 StringTokenizer iter = new StringTokenizer(user.getGroups(), ","); 083 while (iter.hasMoreTokens()) { 084 String name = iter.nextToken().trim(); 085 groups.add(new GroupPrincipal(name)); 086 } 087 userGroups.put(user.getUsername(), groups); 088 } 089 } 090 091 092 public void setAnonymousAccessAllowed(boolean anonymousAccessAllowed) { 093 this.anonymousAccessAllowed = anonymousAccessAllowed; 094 } 095 096 public void setAnonymousUser(String anonymousUser) { 097 this.anonymousUser = anonymousUser; 098 } 099 100 public void setAnonymousGroup(String anonymousGroup) { 101 this.anonymousGroup = anonymousGroup; 102 } 103 104 /** 105 * Sets the groups a user is in. The key is the user name and the value is a 106 * Set of groups 107 */ 108 public void setUserGroups(Map<String, Set<Principal>> userGroups) { 109 this.userGroups = userGroups; 110 } 111 112 public Map<String, String> getUserPasswords() { 113 return userPasswords; 114 } 115 116 /** 117 * Sets the map indexed by user name with the value the password 118 */ 119 public void setUserPasswords(Map<String, String> userPasswords) { 120 this.userPasswords = userPasswords; 121 } 122 123 }