This is an automated email from the ASF dual-hosted git repository. jbertram pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/artemis.git
commit ad85b2053b31f651a1b0d758a498eeb08bebb2b7 Author: gchuf <[email protected]> AuthorDate: Thu Apr 16 10:25:39 2026 +0200 ARTEMIS-6010 - Move logging to SecurityManagerUtil.authorize --- .../artemis/spi/core/security/ActiveMQBasicSecurityManager.java | 5 ----- .../artemis/spi/core/security/ActiveMQJAASSecurityManager.java | 6 ------ .../org/apache/activemq/artemis/utils/SecurityManagerUtil.java | 8 ++++++++ 3 files changed, 8 insertions(+), 11 deletions(-) diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQBasicSecurityManager.java b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQBasicSecurityManager.java index fb52093bc4..3a0cb58f61 100644 --- a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQBasicSecurityManager.java +++ b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQBasicSecurityManager.java @@ -108,11 +108,6 @@ public class ActiveMQBasicSecurityManager implements ActiveMQSecurityManager5, U final CheckType checkType, final String address) { boolean authorized = SecurityManagerUtil.authorize(subject, roles, checkType, RolePrincipal.class); - if (authorized) { - logger.trace("user is authorized"); - } else { - logger.trace("user is NOT authorized"); - } return authorized; } diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQJAASSecurityManager.java b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQJAASSecurityManager.java index a0aaed7641..fb81e525f5 100644 --- a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQJAASSecurityManager.java +++ b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/ActiveMQJAASSecurityManager.java @@ -116,12 +116,6 @@ public class ActiveMQJAASSecurityManager implements ActiveMQSecurityManager5 { final String address) { boolean authorized = SecurityManagerUtil.authorize(subject, roles, checkType, rolePrincipalClass); - if (authorized) { - logger.trace("user is authorized"); - } else { - logger.trace("user is NOT authorized"); - } - return authorized; } diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/utils/SecurityManagerUtil.java b/artemis-server/src/main/java/org/apache/activemq/artemis/utils/SecurityManagerUtil.java index 6ec9bbcffd..16646229f4 100644 --- a/artemis-server/src/main/java/org/apache/activemq/artemis/utils/SecurityManagerUtil.java +++ b/artemis-server/src/main/java/org/apache/activemq/artemis/utils/SecurityManagerUtil.java @@ -17,6 +17,8 @@ package org.apache.activemq.artemis.utils; import javax.security.auth.Subject; + +import java.lang.invoke.MethodHandles; import java.lang.reflect.Constructor; import java.lang.reflect.Method; import java.security.Principal; @@ -27,9 +29,13 @@ import org.apache.activemq.artemis.core.security.CheckType; import org.apache.activemq.artemis.core.security.Role; import org.apache.activemq.artemis.core.server.ActiveMQServerLogger; import org.apache.activemq.artemis.spi.core.security.jaas.RolePrincipal; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class SecurityManagerUtil { + private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass()); + private static final String WILDCARD = "*"; public static Set<RolePrincipal> getPrincipalsInRole(final CheckType checkType, final Set<Role> roles, final Class rolePrincipalClass) { @@ -128,11 +134,13 @@ public class SecurityManagerUtil { if (!rolesForSubject.isEmpty() && !rolesWithPermission.isEmpty()) { for (Principal subjectRole : rolesForSubject) { if (rolesWithPermission.contains(subjectRole)) { + logger.trace("user is authorized"); return true; } } } } + logger.trace("user is NOT authorized"); return false; } } --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
