try
{
server.start();
HierarchicalRepository<Set<Role>> securityRepository = server.getSecurityRepository();
HornetQSecurityManager securityManager = server.getSecurityManager();
securityManager.addUser("auser", "pass");
securityManager.addUser("guest", "guest");
securityManager.addRole("guest", "guest");
securityManager.setDefaultUser("guest");
Role role = new Role("arole", false, false, false, false, false, false, false);
System.out.println("guest:" + role);
Role sendRole = new Role("guest", true, false, true, false, false, false, false);
System.out.println("guest:" + sendRole);
Role receiveRole = new Role("receiver", false, true, false, false, false, false, false);
System.out.println("guest:" + receiveRole);
Set<Role> roles = new HashSet<Role>();
roles.add(sendRole);
roles.add(role);
roles.add(receiveRole);
securityRepository.addMatch(SecurityTest.addressA, roles);
securityManager.addRole("auser", "arole");
ClientSessionFactory cf = createInVMFactory();
ClientSession senSession = cf.createSession(false, true, true);
ClientSession session = cf.createSession("auser", "pass", false, true, true, false, -1);
senSession.createQueue(SecurityTest.addressA, SecurityTest.queueA, true);
ClientProducer cp = senSession.createProducer(SecurityTest.addressA);
cp.send(session.createMessage(false));
try
{
session.createConsumer(SecurityTest.queueA);
}
catch (HornetQException e)
{
Assert.assertEquals(HornetQException.SECURITY_EXCEPTION, e.getCode());
}
securityManager.addRole("auser", "receiver");
ClientConsumer consumer = session.createConsumer(SecurityTest.queueA);
// Removing the Role... the check should be cached... but we used setSecurityInvalidationInterval(0), so the
// next createConsumer should fail
securityManager.removeRole("auser", "guest");
ClientSession sendingSession = cf.createSession("auser", "pass", false, false, false, false, 0);
ClientProducer prod = sendingSession.createProducer(SecurityTest.addressA);
prod.send(createTextMessage(sendingSession, "Test", true));
prod.send(createTextMessage(sendingSession, "Test", true));