001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.activemq.security; 018 019 import java.util.HashSet; 020 import java.util.Iterator; 021 import java.util.List; 022 import java.util.Set; 023 024 import org.apache.activemq.command.ActiveMQDestination; 025 import org.apache.activemq.filter.DestinationMap; 026 027 /** 028 * Represents a destination based configuration of policies so that individual 029 * destinations or wildcard hierarchies of destinations can be configured using 030 * different policies. Each entry in the map represents the authorization ACLs 031 * for each operation. 032 * 033 * @org.apache.xbean.XBean element="authorizationMap" 034 * 035 */ 036 public class DefaultAuthorizationMap extends DestinationMap implements AuthorizationMap { 037 038 private AuthorizationEntry defaultEntry; 039 040 private TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry; 041 042 public DefaultAuthorizationMap() { 043 } 044 045 public DefaultAuthorizationMap(List authorizationEntries) { 046 setAuthorizationEntries(authorizationEntries); 047 048 } 049 050 public void setTempDestinationAuthorizationEntry(TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry) { 051 this.tempDestinationAuthorizationEntry = tempDestinationAuthorizationEntry; 052 } 053 054 public TempDestinationAuthorizationEntry getTempDestinationAuthorizationEntry() { 055 return this.tempDestinationAuthorizationEntry; 056 } 057 058 public Set<Object> getTempDestinationAdminACLs() { 059 if (tempDestinationAuthorizationEntry != null) { 060 return tempDestinationAuthorizationEntry.getAdminACLs(); 061 } else { 062 return null; 063 } 064 } 065 066 public Set<Object> getTempDestinationReadACLs() { 067 if (tempDestinationAuthorizationEntry != null) { 068 return tempDestinationAuthorizationEntry.getReadACLs(); 069 } else { 070 return null; 071 } 072 } 073 074 public Set<Object> getTempDestinationWriteACLs() { 075 if (tempDestinationAuthorizationEntry != null) { 076 return tempDestinationAuthorizationEntry.getWriteACLs(); 077 } else { 078 return null; 079 } 080 } 081 082 public Set<Object> getAdminACLs(ActiveMQDestination destination) { 083 Set<AuthorizationEntry> entries = getAllEntries(destination); 084 Set<Object> answer = new HashSet<Object>(); 085 // now lets go through each entry adding individual 086 for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) { 087 AuthorizationEntry entry = iter.next(); 088 answer.addAll(entry.getAdminACLs()); 089 } 090 return answer; 091 } 092 093 public Set<Object> getReadACLs(ActiveMQDestination destination) { 094 Set<AuthorizationEntry> entries = getAllEntries(destination); 095 Set<Object> answer = new HashSet<Object>(); 096 097 // now lets go through each entry adding individual 098 for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) { 099 AuthorizationEntry entry = iter.next(); 100 answer.addAll(entry.getReadACLs()); 101 } 102 return answer; 103 } 104 105 public Set<Object> getWriteACLs(ActiveMQDestination destination) { 106 Set<AuthorizationEntry> entries = getAllEntries(destination); 107 Set<Object> answer = new HashSet<Object>(); 108 109 // now lets go through each entry adding individual 110 for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) { 111 AuthorizationEntry entry = iter.next(); 112 answer.addAll(entry.getWriteACLs()); 113 } 114 return answer; 115 } 116 117 public AuthorizationEntry getEntryFor(ActiveMQDestination destination) { 118 AuthorizationEntry answer = (AuthorizationEntry)chooseValue(destination); 119 if (answer == null) { 120 answer = getDefaultEntry(); 121 } 122 return answer; 123 } 124 125 /** 126 * Sets the individual entries on the authorization map 127 * 128 * @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthorizationEntry" 129 */ 130 public void setAuthorizationEntries(List entries) { 131 super.setEntries(entries); 132 } 133 134 public AuthorizationEntry getDefaultEntry() { 135 return defaultEntry; 136 } 137 138 public void setDefaultEntry(AuthorizationEntry defaultEntry) { 139 this.defaultEntry = defaultEntry; 140 } 141 142 protected Class<AuthorizationEntry> getEntryClass() { 143 return AuthorizationEntry.class; 144 } 145 146 protected Set<AuthorizationEntry> getAllEntries(ActiveMQDestination destination) { 147 Set<AuthorizationEntry> entries = get(destination); 148 if (defaultEntry != null) { 149 entries.add(defaultEntry); 150 } 151 return entries; 152 } 153 154 }