Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
qpid-java-broker-7.0.8, qpid-java-broker-7.1.4
-
None
Description
ACL rule properties 'from_network' and 'from_hostname' are lost on loading ACL from file in 'RuleBased' access control provider.
The following unit test fails:
@Test public void testLoadFirewallRules() { final Map<String, Object> attributes = Collections.singletonMap(RuleBasedAccessControlProvider.NAME, getTestName()); final Broker<?> broker = BrokerTestHelper.createBrokerMock(); final RuleBasedAccessControlProviderImpl aclProvider = new RuleBasedAccessControlProviderImpl(attributes, broker); aclProvider.create(); final String acl = "ACL ALLOW-LOG guest ACCESS VIRTUALHOST from_hostname=\"localhost\""; final String data = DataUrlUtils.getDataUrlForBytes(acl.getBytes(UTF_8)); aclProvider.loadFromFile(data); final List<AclRule> rules = aclProvider.getRules(); assertThat(rules, is(notNullValue())); assertThat(rules.size(), is(equalTo(1))); final AclRule rule = rules.get(0); assertThat(rule, is(notNullValue())); assertThat(rule.getObjectType(), is(equalTo(ObjectType.VIRTUALHOST))); assertThat(rule.getIdentity(), is(equalTo("guest"))); assertThat(rule.getOperation(), is(equalTo(LegacyOperation.ACCESS))); assertThat(rule.getOutcome(), is(equalTo(RuleOutcome.ALLOW_LOG))); assertThat(rule.getAttributes(), is(equalTo(Collections.singletonMap("from_hostname", "localhost")))); }
The workaround for this defect would changing the ACL rules directly using 'rules' attribute.