package com.mcafee;
import javax.jms.Connection;
import javax.jms.ConnectionFactory;
import javax.jms.JMSException;
import javax.naming.InitialContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* This class allows you to check if a Messaging broker supports
* anonymous authentication and also helps validated user credentials
* @author Gursev Singh Kalra @ McAfee, Inc.
*
*/
public class JmsAuthentication {
private static final Logger LOG = LoggerFactory.getLogger(JmsAuthentication.class);
private InitialContext initialContext;
private String cfName; //Connection Factory Name
private JMSException exception;
public JMSException getException() {
return exception;
}
public JmsAuthentication(InitialContext initialContext, String cfName) throws JmsDiggerException {
if(initialContext == null)
throw new JmsDiggerException("InitialContext was null");
this.initialContext = initialContext;
this.cfName = cfName;
}
/**
* Checks if the provided loginInfo (username/password) is valid.
* IMPORTANT: When anonymous authentication is enabled, any username and password combination allows
* access.
* @param loginInfo
* @return boolean
* @throws JMSException
*/
public boolean isLoginInfoValid(JmsLoginInfo loginInfo) throws JmsDiggerException
{
LOG.debug("Entering isLoginInfoValid method");
return chkAuthBool(loginInfo);
}
/**
* Checks if the initialContext allows anonymous authentication
* @return boolean
* @throws JMSException
*/
public boolean isAnonymousAuthAlowed() throws JmsDiggerException
{
LOG.debug("Entering isAnonymousAuthAlowed method");
return chkAuthBool(null);
}
/**
* This is the main method that performs all the lifting and validates user credentials or the
* anonymous authentication support. The return value is true or false.
* @param loginInfo
* @return boolean
* @throws JmsDiggerException
*/
private boolean chkAuthBool(JmsLoginInfo loginInfo) throws JmsDiggerException
{
LOG.debug("Entering chkAuth method");
boolean authStatus = false;
ConnectionFactory connFact = null;
Connection conn = null;
connFact = JmsHelper.getConnectionFactory(initialContext, cfName);
//ConnectionFactory cf = jConnFact.getConnectionFactory(cfName, result)
try
{
if(loginInfo == null)
{
//Attempt an anonymous connection
conn = connFact.createConnection();
}
else
{
//Attempt an connection with username and password
conn = connFact.createConnection(loginInfo.getUsername(), loginInfo.getPassword());
}
conn.start();
// It was also observed that JMSSecurityException was not thrown as suggested by the API documentation.
// But, JMSException was thrown (generated by java.lang.SecurityException).
authStatus = true;
}
catch(JMSException ex) // JmsSecurityException inherits from JmsException.
{
exception = ex;
if(loginInfo == null)
LOG.info("Anonymous authentication was rejected", ex);
else
LOG.info("Invalid " + loginInfo, ex);
authStatus = false;
}
finally
{
if(conn != null)
{
try{
conn.close();
}
catch(JMSException ex){
LOG.debug("Connection could not be closed", ex);
}
}
}
LOG.debug("Leaving chkAuth method");
return authStatus;
}
}