Examples of org.apache.activemq.security.SecurityContext

• org.apache.activemq.security.SecurityContext
  Used to cache up authorizations so that subsequent requests are faster. @version $Revision$

    @Test(expected = IllegalArgumentException.class)
    public void testNonSubjectSecurityContext() {
        SubjectConnectionReference reference =
                new SubjectConnectionReference(new ConnectionContext(), new ConnectionInfo(),
                        new DefaultEnvironment(), new SubjectAdapter());
        reference.getConnectionContext().setSecurityContext(new SecurityContext("") {
            @Override
            public Set<Principal> getPrincipals() {
                return null;
            }
        });

    public void send(ProducerBrokerExchange producerExchange, Message messageSend) throws Exception {
        final ConnectionContext context = producerExchange.getConnectionContext();
        String userID = context.getUserName();
        if (isUseAuthenticatePrincipal()) {
            SecurityContext securityContext = context.getSecurityContext();
            if (securityContext != null) {
                Set<?> principals = securityContext.getPrincipals();
                if (principals != null) {
                    for (Object candidate : principals) {
                        if (candidate instanceof UserPrincipal) {
                            userID = ((UserPrincipal)candidate).getName();
                            break;

    //ActiveMQ internals will create a ConnectionContext with a SecurityContext that is not
    //Shiro specific.  We need to allow actions for internal system operations:
    protected boolean isSystemBroker(DestinationAction action) {
        ConnectionContext context = action.getConnectionContext();
        SecurityContext securityContext = context.getSecurityContext();
        return securityContext != null && securityContext.isBrokerContext();
    }

    @Override
    public void addConnection(ConnectionContext context, ConnectionInfo info) throws Exception {

        if (isEnabled()) {

            SecurityContext secCtx = context.getSecurityContext();

            if (secCtx == null) {
                ConnectionReference conn = new ConnectionReference(context, info, getEnvironment());
                Subject subject = createSubject(conn);
                SubjectConnectionReference subjectConn = new SubjectConnectionReference(context, info, getEnvironment(), subject);

    public ConnectionSubjectResolver(ConnectionContext connCtx) {
        if (connCtx == null) {
            throw new IllegalArgumentException("ConnectionContext argument cannot be null.");
        }
        SecurityContext secCtx = connCtx.getSecurityContext();
        if (secCtx == null) {
            String msg = "There is no SecurityContext available on the ConnectionContext.  It " +
                    "is expected that a previous broker in the chain will create the SecurityContext prior to this " +
                    "resolver being invoked.  Ensure you have configured the SubjectPlugin and that it is " +
                    "configured before all other Shiro-dependent broker filters.";
            throw new IllegalArgumentException(msg);
        }
        if (!(secCtx instanceof SubjectSecurityContext)) {
            String msg = "The specified SecurityContext is expected to be a " + SubjectSecurityContext.class.getName() +
                    " instance.  The current instance's class: " + secCtx.getClass().getName();
            throw new IllegalArgumentException(msg);
        }
        this.securityContext = (SubjectSecurityContext) secCtx;
    }

    @Override
    public void removeConnection(ConnectionContext context, ConnectionInfo info, Throwable error) throws Exception {
        try {
            super.removeConnection(context, info, error);
        } finally {
            SecurityContext secCtx = context.getSecurityContext();

            if (secCtx instanceof SubjectSecurityContext) {

                SubjectSecurityContext subjectSecurityContext = (SubjectSecurityContext) secCtx;
                Subject subject = subjectSecurityContext.getSubject();

                lc.login();

                Subject subject = lc.getSubject();
                LOG.info("Got subject {}", subject);
                SecurityContext s = new OpenAMSecurityContext(info.getUserName(), subject, lc);
                context.setSecurityContext(s);
                securityContexts.add(s);
                /*

                not sure this is really needed...

    }

    public void removeConnection(ConnectionContext context, ConnectionInfo info, Throwable error)
        throws Exception {
        super.removeConnection(context, info, error);
        SecurityContext s = context.getSecurityContext();
        if (securityContexts.remove(s)) {
            if (s instanceof OpenAMSecurityContext) {
                ((OpenAMSecurityContext)s).getLoginContext().logout();
            }
            context.setSecurityContext(null);

     * Refresh all the logged into users.
     */
    public void refresh() {
        LOG.info(String.format("%s.%s", getClass().getSimpleName(), "refresh"));
        for (Iterator<SecurityContext> iter = securityContexts.iterator(); iter.hasNext();) {
            SecurityContext sc = iter.next();
            sc.getAuthorizedReadDests().clear();
            sc.getAuthorizedWriteDests().clear();
        }
    }