001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.activemq.security;
018    
019    import java.util.Collections;
020    import java.util.HashSet;
021    import java.util.Iterator;
022    import java.util.Set;
023    import java.util.concurrent.ConcurrentHashMap;
024    
025    import org.apache.activemq.command.ActiveMQDestination;
026    
027    /**
028     * Used to cache up authorizations so that subsequent requests are faster.
029     * 
030     * 
031     */
032    public abstract class SecurityContext {
033    
034        public static final SecurityContext BROKER_SECURITY_CONTEXT = new SecurityContext("ActiveMQBroker") {
035            @Override
036            public boolean isBrokerContext() {
037                return true;
038            }
039    
040            @SuppressWarnings("unchecked")
041            public Set<?> getPrincipals() {
042                return Collections.EMPTY_SET;
043            }
044        };
045    
046        final String userName;
047    
048        final ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> authorizedReadDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>();
049        final ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> authorizedWriteDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>();
050    
051        public SecurityContext(String userName) {
052            this.userName = userName;
053        }
054    
055        public boolean isInOneOf(Set<?> allowedPrincipals) {
056            Iterator allowedIter = allowedPrincipals.iterator();
057            HashSet<?> userPrincipals = new HashSet<Object>(getPrincipals());
058            while (allowedIter.hasNext()) {
059                    Iterator userIter = userPrincipals.iterator();
060                    Object allowedPrincipal = allowedIter.next(); 
061                    while (userIter.hasNext()) {
062                            if (allowedPrincipal.equals(userIter.next()))
063                                    return true;
064                    }
065            }
066            return false;
067        }
068    
069        public abstract Set<?> getPrincipals();
070    
071        public String getUserName() {
072            return userName;
073        }
074    
075        public ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedReadDests() {
076            return authorizedReadDests;
077        }
078    
079        public ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedWriteDests() {
080            return authorizedWriteDests;
081        }
082    
083        public boolean isBrokerContext() {
084            return false;
085        }
086    }