001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.activemq.security; 018 019 import java.util.Collections; 020 import java.util.HashSet; 021 import java.util.Iterator; 022 import java.util.Set; 023 import java.util.concurrent.ConcurrentHashMap; 024 025 import org.apache.activemq.command.ActiveMQDestination; 026 027 /** 028 * Used to cache up authorizations so that subsequent requests are faster. 029 * 030 * 031 */ 032 public abstract class SecurityContext { 033 034 public static final SecurityContext BROKER_SECURITY_CONTEXT = new SecurityContext("ActiveMQBroker") { 035 @Override 036 public boolean isBrokerContext() { 037 return true; 038 } 039 040 @SuppressWarnings("unchecked") 041 public Set<?> getPrincipals() { 042 return Collections.EMPTY_SET; 043 } 044 }; 045 046 final String userName; 047 048 final ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> authorizedReadDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>(); 049 final ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> authorizedWriteDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>(); 050 051 public SecurityContext(String userName) { 052 this.userName = userName; 053 } 054 055 public boolean isInOneOf(Set<?> allowedPrincipals) { 056 Iterator allowedIter = allowedPrincipals.iterator(); 057 HashSet<?> userPrincipals = new HashSet<Object>(getPrincipals()); 058 while (allowedIter.hasNext()) { 059 Iterator userIter = userPrincipals.iterator(); 060 Object allowedPrincipal = allowedIter.next(); 061 while (userIter.hasNext()) { 062 if (allowedPrincipal.equals(userIter.next())) 063 return true; 064 } 065 } 066 return false; 067 } 068 069 public abstract Set<?> getPrincipals(); 070 071 public String getUserName() { 072 return userName; 073 } 074 075 public ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedReadDests() { 076 return authorizedReadDests; 077 } 078 079 public ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedWriteDests() { 080 return authorizedWriteDests; 081 } 082 083 public boolean isBrokerContext() { 084 return false; 085 } 086 }