001/** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.activemq.security; 018 019import java.security.Principal; 020import java.util.Collections; 021import java.util.HashSet; 022import java.util.Iterator; 023import java.util.Set; 024import java.util.concurrent.ConcurrentHashMap; 025import java.util.concurrent.ConcurrentMap; 026 027import org.apache.activemq.command.ActiveMQDestination; 028 029/** 030 * Used to cache up authorizations so that subsequent requests are faster. 031 * 032 * 033 */ 034public abstract class SecurityContext { 035 036 public static final SecurityContext BROKER_SECURITY_CONTEXT = new SecurityContext("ActiveMQBroker") { 037 @Override 038 public boolean isBrokerContext() { 039 return true; 040 } 041 042 @Override 043 public Set<Principal> getPrincipals() { 044 return Collections.emptySet(); 045 } 046 }; 047 048 final String userName; 049 050 final ConcurrentMap<ActiveMQDestination, ActiveMQDestination> authorizedWriteDests = new ConcurrentHashMap<ActiveMQDestination, ActiveMQDestination>(); 051 052 public SecurityContext(String userName) { 053 this.userName = userName; 054 } 055 056 public boolean isInOneOf(Set<?> allowedPrincipals) { 057 Iterator<?> allowedIter = allowedPrincipals.iterator(); 058 HashSet<?> userPrincipals = new HashSet<Object>(getPrincipals()); 059 while (allowedIter.hasNext()) { 060 Iterator<?> userIter = userPrincipals.iterator(); 061 Object allowedPrincipal = allowedIter.next(); 062 while (userIter.hasNext()) { 063 if (allowedPrincipal.equals(userIter.next())) 064 return true; 065 } 066 } 067 return false; 068 } 069 070 public abstract Set<Principal> getPrincipals(); 071 072 public String getUserName() { 073 return userName; 074 } 075 076 public ConcurrentMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedWriteDests() { 077 return authorizedWriteDests; 078 } 079 080 public boolean isBrokerContext() { 081 return false; 082 } 083}