save

acl-plug/pom.xml

 <?xml version="1.0"?>
 <project
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
-    xmlns="http://maven.apache.org/POM/4.0.0"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+    xmlns="http://maven.apache.org/POM/4.0.0">
     <modelVersion>4.0.0</modelVersion>
     <parent>
         <groupId>org.apache.rocketmq</groupId>

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/AccessContralAnalysis.java

@@ -22,13 +22,32 @@ import java.util.Iterator;
 import java.util.Map;
 import java.util.Map.Entry;
 
+import org.apache.commons.lang3.StringUtils;
 import org.apache.rocketmq.acl.plug.annotation.RequestCode;
 import org.apache.rocketmq.acl.plug.entity.AccessControl;
+import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
 
 public class AccessContralAnalysis {
 
     private Map<Class<?>, Map<Integer, Field>> classTocodeAndMentod = new HashMap<>();
 
+    private Map<String , Integer> fieldNameAndCode = new HashMap<>();
+    
+    public void analysisClass(Class<?> clazz) {
+    	Field[] fields = clazz.getDeclaredFields();
+    	try {
+	    	for(Field field : fields) {
+	    		if( field.getType().equals(int.class)) {
+		    		String name = StringUtils.replace(field.getName(), "_", "").toLowerCase();
+		    		fieldNameAndCode.put(name, (Integer)field.get(null));
+	    		}
+	
+	    	}
+		} catch (IllegalArgumentException | IllegalAccessException e) {
+			throw new AclPlugAccountAnalysisException(String.format("analysis on failure Class is %s", clazz.getName()), e);
+		}
+    }
+    
     public Map<Integer, Boolean> analysis(AccessControl accessControl) {
         Class<? extends AccessControl> clazz = accessControl.getClass();
         Map<Integer, Field> codeAndField = classTocodeAndMentod.get(clazz);
@@ -36,18 +55,19 @@ public class AccessContralAnalysis {
             codeAndField = new HashMap<>();
             Field[] fields = clazz.getDeclaredFields();
             for (Field field : fields) {
-                RequestCode requestCode = field.getAnnotation(RequestCode.class);
-                if (requestCode != null) {
-                    int code = requestCode.code();
-                    if (codeAndField.containsKey(code)) {
-
-                    } else {
-                        field.setAccessible(true);
-                        codeAndField.put(code, field);
-                    }
-                }
+            	if(!field.getType().equals(boolean.class)) 
+            		continue;
+        		Integer code = fieldNameAndCode.get(field.getName().toLowerCase());
+        		if(code == null) {	
+        			throw new AclPlugAccountAnalysisException(String.format("field nonexistent in code", field.getName()));
+        		}
+        		field.setAccessible( true );
+    			codeAndField.put(code, field);
 
             }
+            if(codeAndField.isEmpty()) {
+            	throw new AclPlugAccountAnalysisException(String.format("AccessControl nonexistent code , name %s" , accessControl.getClass().getName()));
+            }
             classTocodeAndMentod.put(clazz, codeAndField);
         }
         Iterator<Entry<Integer, Field>> it = codeAndField.entrySet().iterator();
@@ -57,8 +77,8 @@ public class AccessContralAnalysis {
                 Entry<Integer, Field> e = it.next();
                 authority.put(e.getKey(), (Boolean) e.getValue().get(accessControl));
             }
-        } catch (IllegalArgumentException | IllegalAccessException e1) {
-            e1.printStackTrace();
+        } catch (IllegalArgumentException | IllegalAccessException e) {
+            throw new AclPlugAccountAnalysisException(String.format("analysis on failure AccessControl is %s", AccessControl.class.getName()), e);
         }
         return authority;
     }

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/AclPlugController.java

@@ -47,7 +47,9 @@ public class AclPlugController {
     }
 
     public void doChannelCloseEvent(String remoteAddr) {
-        aclPlugEngine.deleteLoginInfo(remoteAddr);
+        if (this.startSucceed) {
+            aclPlugEngine.deleteLoginInfo(remoteAddr);
+        }
     }
 
     public boolean isStartSucceed() {

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/AclRemotingServer.java

@@ -16,14 +16,11 @@
  */
 package org.apache.rocketmq.acl.plug;
 
-import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo;
 import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
 import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl;
 
 public interface AclRemotingServer {
 
-    public AuthenticationInfo login();
-
     public AuthenticationResult eachCheck(LoginOrRequestAccessControl accessControl);
 
 }

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/Authentication.java

@@ -45,7 +45,7 @@ public class Authentication {
                 authenticationResult.setResultString(String.format("noPermitSendTopic include %s", topicName));
                 return false;
             }
-            return true;
+            return borker.getPermitSendTopic().isEmpty() ? true : false;
         } else if (code == 11) {
             if (borker.getPermitPullTopic().contains(topicName)) {
                 return true;
@@ -54,7 +54,7 @@ public class Authentication {
                 authenticationResult.setResultString(String.format("noPermitPullTopic include %s", topicName));
                 return false;
             }
-            return true;
+            return borker.getPermitPullTopic().isEmpty() ? true : false;
         }
         return true;
     }

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/DefaultAclRemotingServerImpl.java

@@ -17,7 +17,6 @@
 package org.apache.rocketmq.acl.plug;
 
 import org.apache.rocketmq.acl.plug.engine.AclPlugEngine;
-import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo;
 import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
 import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl;
 import org.apache.rocketmq.acl.plug.exception.AclPlugAuthenticationException;
@@ -32,12 +31,6 @@ public class DefaultAclRemotingServerImpl implements AclRemotingServer {
         this.aclPlugEngine = aclPlugEngine;
     }
 
-    @Override
-    public AuthenticationInfo login() {
-
-        return null;
-    }
-
     @Override
     public AuthenticationResult eachCheck(LoginOrRequestAccessControl accessControl) {
         AuthenticationResult authenticationResult = aclPlugEngine.eachCheckLoginAndAuthentication(accessControl);

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/AuthenticationInfoManagementAclPlugEngine.java

@@ -19,13 +19,13 @@ package org.apache.rocketmq.acl.plug.engine;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-
 import org.apache.rocketmq.acl.plug.AccessContralAnalysis;
 import org.apache.rocketmq.acl.plug.Authentication;
 import org.apache.rocketmq.acl.plug.entity.AccessControl;
 import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo;
 import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
 import org.apache.rocketmq.acl.plug.entity.BorkerAccessControlTransport;
+import org.apache.rocketmq.acl.plug.entity.ControllerParametersEntity;
 import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl;
 import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
 import org.apache.rocketmq.acl.plug.strategy.NetaddressStrategy;
@@ -48,7 +48,18 @@ public abstract class AuthenticationInfoManagementAclPlugEngine implements AclPl
 
     private Authentication authentication = new Authentication();
 
+    ControllerParametersEntity controllerParametersEntity;
+    
+    public AuthenticationInfoManagementAclPlugEngine(ControllerParametersEntity controllerParametersEntity)   {
+        this.controllerParametersEntity = controllerParametersEntity;
+        accessContralAnalysis.analysisClass(controllerParametersEntity.getAccessContralAnalysisClass());
+ }
+    
+    
     public void setAccessControl(AccessControl accessControl) throws AclPlugAccountAnalysisException {
+        if (accessControl.getAccount() == null || accessControl.getPassword() == null || accessControl.getAccount().length() <= 6 || accessControl.getPassword().length() <= 6) {
+            throw new AclPlugAccountAnalysisException(String.format("The account password cannot be null and is longer than 6, account is %s  password is %s", accessControl.getAccount(), accessControl.getPassword()));
+        }
         try {
             NetaddressStrategy netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
             Map<String, AuthenticationInfo> accessControlAddressMap = accessControlMap.get(accessControl.getAccount());

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/LoginInfoAclPlugEngine.java

@@ -22,6 +22,7 @@ import java.util.concurrent.ConcurrentHashMap;
 import org.apache.rocketmq.acl.plug.entity.AccessControl;
 import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo;
 import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
+import org.apache.rocketmq.acl.plug.entity.ControllerParametersEntity;
 import org.apache.rocketmq.acl.plug.entity.LoginInfo;
 import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl;
 
@@ -29,6 +30,11 @@ public abstract class LoginInfoAclPlugEngine extends AuthenticationInfoManagemen
 
     private Map<String, LoginInfo> loginInfoMap = new ConcurrentHashMap<>();
 
+    
+    public LoginInfoAclPlugEngine(ControllerParametersEntity controllerParametersEntity)   {
+            super(controllerParametersEntity);
+     }
+    
     public LoginInfo getLoginInfo(AccessControl accessControl) {
         LoginInfo loginInfo = loginInfoMap.get(accessControl.getRecognition());
         if (loginInfo == null) {
@@ -51,9 +57,9 @@ public abstract class LoginInfoAclPlugEngine extends AuthenticationInfoManagemen
 
     protected AuthenticationInfo getAuthenticationInfo(LoginOrRequestAccessControl accessControl,
         AuthenticationResult authenticationResult) {
-        LoginInfo anthenticationInfo = getLoginInfo(accessControl);
-        if (anthenticationInfo != null && anthenticationInfo.getAuthenticationInfo() != null) {
-            return anthenticationInfo.getAuthenticationInfo();
+        LoginInfo loginInfo = getLoginInfo(accessControl);
+        if (loginInfo != null && loginInfo.getAuthenticationInfo() != null) {
+            return loginInfo.getAuthenticationInfo();
         }
         authenticationResult.setResultString("Login information does not exist, Please check login, password, IP");
         return null;

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngine.java

@@ -19,7 +19,6 @@ package org.apache.rocketmq.acl.plug.engine;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
-
 import org.apache.rocketmq.acl.plug.entity.BorkerAccessControlTransport;
 import org.apache.rocketmq.acl.plug.entity.ControllerParametersEntity;
 import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
@@ -29,9 +28,8 @@ public class PlainAclPlugEngine extends LoginInfoAclPlugEngine {
 
     private ControllerParametersEntity controllerParametersEntity;
 
-    public PlainAclPlugEngine(
-        ControllerParametersEntity controllerParametersEntity) throws AclPlugAccountAnalysisException {
-        this.controllerParametersEntity = controllerParametersEntity;
+    public PlainAclPlugEngine(ControllerParametersEntity controllerParametersEntity) throws AclPlugAccountAnalysisException {
+    	super(controllerParametersEntity);
         init();
     }
 

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/entity/AuthenticationInfo.java

@@ -19,7 +19,6 @@ package org.apache.rocketmq.acl.plug.entity;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Map.Entry;
-
 import org.apache.rocketmq.acl.plug.strategy.NetaddressStrategy;
 
 public class AuthenticationInfo {

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/entity/BorkerAccessControl.java

@@ -18,170 +18,117 @@ package org.apache.rocketmq.acl.plug.entity;
 
 import java.util.HashSet;
 import java.util.Set;
-
 import org.apache.rocketmq.acl.plug.annotation.RequestCode;
 
 public class BorkerAccessControl extends AccessControl {
 
-    public BorkerAccessControl() {
-
-    }
-
     private Set<String> permitSendTopic = new HashSet<>();
-
     private Set<String> noPermitSendTopic = new HashSet<>();
-
     private Set<String> permitPullTopic = new HashSet<>();
-
     private Set<String> noPermitPullTopic = new HashSet<>();
 
-    @RequestCode(code = 10)
     private boolean sendMessage = true;
-
-    @RequestCode(code = 310)
+    
     private boolean sendMessageV2 = true;
 
-    @RequestCode(code = 320)
     private boolean sendBatchMessage = true;
 
-    @RequestCode(code = 36)
     private boolean consumerSendMsgBack = true;
-
     @RequestCode(code = 11)
     private boolean pullMessage = true;
-
     @RequestCode(code = 12)
     private boolean queryMessage = true;
-
     @RequestCode(code = 33)
     private boolean viewMessageById = true;
-
     @RequestCode(code = 34)
     private boolean heartBeat = true;
-
     @RequestCode(code = 35)
     private boolean unregisterClient = true;
-
     @RequestCode(code = 46)
     private boolean checkClientConfig = true;
-
     @RequestCode(code = 38)
     private boolean getConsumerListByGroup = true;
-
     @RequestCode(code = 15)
     private boolean updateConsumerOffset = true;
-
     @RequestCode(code = 14)
     private boolean queryConsumerOffset = true;
-
     @RequestCode(code = 37)
     private boolean endTransaction = true;
-
     @RequestCode(code = 17)
     private boolean updateAndCreateTopic = true;
-
     @RequestCode(code = 215)
     private boolean deleteTopicInbroker = true;
-
     @RequestCode(code = 21)
     private boolean getAllTopicConfig = true;
-
     @RequestCode(code = 25)
     private boolean updateBrokerConfig = true;
-
     @RequestCode(code = 26)
     private boolean getBrokerConfig = true;
-
     @RequestCode(code = 29)
     private boolean searchOffsetByTimestamp = true;
-
     @RequestCode(code = 30)
     private boolean getMaxOffset = true;
-
     @RequestCode(code = 31)
     private boolean getMixOffset = true;
-
     @RequestCode(code = 32)
     private boolean getEarliestMsgStoretime = true;
-
     @RequestCode(code = 28)
     private boolean getBrokerRuntimeInfo = true;
-
     @RequestCode(code = 41)
     private boolean lockBatchMQ = true;
-
     @RequestCode(code = 42)
     private boolean unlockBatchMQ = true;
-
     @RequestCode(code = 200)
     private boolean updateAndCreteSubscriptiongroup = true;
-
     @RequestCode(code = 201)
     private boolean getAllSubscriptiongroupConfig = true;
-
     @RequestCode(code = 207)
     private boolean deleteSubscriptiongroup = true;
-
     @RequestCode(code = 202)
     private boolean getTopicStatsInfo = true;
-
     @RequestCode(code = 203)
     private boolean getConsumerConnectionList = true;
-
     @RequestCode(code = 204)
     private boolean getProducerConnectionList = true;
-
     @RequestCode(code = 208)
     private boolean getConsumeStats = true;
-
     @RequestCode(code = 43)
     private boolean getAllConsumerOffset = true;
-
     @RequestCode(code = 25)
     private boolean getAllDelayOffset = true;
-
     @RequestCode(code = 222)
     private boolean invokeBrokerToresetOffset = true;
-
     @RequestCode(code = 300)
     private boolean queryTopicConsumByWho = true;
-
     @RequestCode(code = 301)
     private boolean registerFilterServer = true;
-
-    @RequestCode(code = 303)
+    
     private boolean queryConsumeTimeSpan = true;
 
-    @RequestCode(code = 305)
     private boolean getSystemTopicListFromBroker = true;
-
     @RequestCode(code = 306)
     private boolean cleanExpiredConsumequeue = true;
-
     @RequestCode(code = 316)
     private boolean cleanUnusedTopic = true;
-
     @RequestCode(code = 307)
     private boolean getConsumerRunningInfo = true;
-
     @RequestCode(code = 308)
     private boolean queryCorrectionOffset = true;
-
     @RequestCode(code = 309)
     private boolean consumeMessageDirectly = true;
-
     @RequestCode(code = 314)
     private boolean cloneGroupOffset = true;
-
     @RequestCode(code = 315)
     private boolean viewBrokerStatsData = true;
-
     @RequestCode(code = 317)
     private boolean getBrokerConsumeStats = true;
-
     @RequestCode(code = 321)
     private boolean queryConsumeQueue = true;
 
+    public BorkerAccessControl() {
+
+    }
+
     public Set<String> getPermitSendTopic() {
         return permitSendTopic;
     }

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/entity/ControllerParametersEntity.java

@@ -16,10 +16,14 @@
  */
 package org.apache.rocketmq.acl.plug.entity;
 
+import org.apache.rocketmq.common.protocol.RequestCode;
+
 public class ControllerParametersEntity {
 
     private String fileHome;
 
+    private Class<?> accessContralAnalysisClass = RequestCode.class;
+    
     public String getFileHome() {
         return fileHome;
     }
@@ -28,11 +32,21 @@ public class ControllerParametersEntity {
         this.fileHome = fileHome;
     }
 
-    @Override
-    public String toString() {
-        StringBuilder builder = new StringBuilder();
-        builder.append("ControllerParametersEntity [fileHome=").append(fileHome).append("]");
-        return builder.toString();
-    }
+    
+    public Class<?> getAccessContralAnalysisClass() {
+		return accessContralAnalysisClass;
+	}
+
+	public void setAccessContralAnalysisClass(Class<?> accessContralAnalysisClass) {
+		this.accessContralAnalysisClass = accessContralAnalysisClass;
+	}
+
+	@Override
+	public String toString() {
+		StringBuilder builder = new StringBuilder();
+		builder.append("ControllerParametersEntity [fileHome=").append(fileHome).append(", accessContralAnalysisClass=")
+				.append(accessContralAnalysisClass).append("]");
+		return builder.toString();
+	}
 
 }

acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/MultipleNetaddressStrategy.java

@@ -18,7 +18,6 @@ package org.apache.rocketmq.acl.plug.strategy;
 
 import java.util.HashSet;
 import java.util.Set;
-
 import org.apache.rocketmq.acl.plug.entity.AccessControl;
 
 public class MultipleNetaddressStrategy extends AbstractNetaddressStrategy {

acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AccessContralAnalysisTest.java

+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.apache.rocketmq.acl.plug;
 
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Map.Entry;
 
+import org.apache.rocketmq.acl.plug.entity.AccessControl;
 import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl;
+import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
+import org.apache.rocketmq.common.protocol.RequestCode;
 import org.junit.Assert;
+import org.junit.Before;
 import org.junit.Test;
 
 public class AccessContralAnalysisTest {
 
+	AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis();
+	
+	@Before
+	public void init() {
+		accessContralAnalysis.analysisClass(RequestCode.class);
+	}
+	
     @Test
     public void analysisTest() {
-        AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis();
         BorkerAccessControl accessControl = new BorkerAccessControl();
         accessControl.setSendMessage(false);
         Map<Integer, Boolean> map = accessContralAnalysis.analysis(accessControl);
@@ -27,7 +53,13 @@ public class AccessContralAnalysisTest {
             }
         }
         Assert.assertEquals(num, 1);
-
+    }
+    
+    
+    @Test(expected=AclPlugAccountAnalysisException.class)
+    public void analysisExceptionTest(){
+    	AccessControl accessControl = new AccessControl();
+    	accessContralAnalysis.analysis(accessControl);
     }
 
 }

acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AclPlugControllerTest.java

+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.apache.rocketmq.acl.plug;
 
 public class AclPlugControllerTest {

acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AclUtilsTest.java

+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.apache.rocketmq.acl.plug;
 
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.List;
-
 import org.apache.commons.lang3.StringUtils;
 import org.junit.Assert;
 import org.junit.Test;

acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AuthenticationTest.java

+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.apache.rocketmq.acl.plug;
 
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
-
 import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo;
 import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
 import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl;
@@ -18,11 +33,16 @@ public class AuthenticationTest {
     Authentication authentication = new Authentication();
 
     AuthenticationInfo authenticationInfo;
+    
+    BorkerAccessControl borkerAccessControl;
+    
+    AuthenticationResult authenticationResult = new AuthenticationResult();
+    LoginOrRequestAccessControl loginOrRequestAccessControl = new LoginOrRequestAccessControl();
 
     @Before
     public void init() {
         OneNetaddressStrategy netaddressStrategy = new OneNetaddressStrategy("127.0.0.1");
-        BorkerAccessControl borkerAccessControl = new BorkerAccessControl();
+        borkerAccessControl = new BorkerAccessControl();
         //321
         borkerAccessControl.setQueryConsumeQueue(false);
 
@@ -51,8 +71,7 @@ public class AuthenticationTest {
     @Test
     public void authenticationTest() {
 
-        AuthenticationResult authenticationResult = new AuthenticationResult();
-        LoginOrRequestAccessControl loginOrRequestAccessControl = new LoginOrRequestAccessControl();
+        
         loginOrRequestAccessControl.setCode(317);
 
         boolean isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
@@ -81,7 +100,7 @@ public class AuthenticationTest {
 
         loginOrRequestAccessControl.setTopic("nopermitSendTopic");
         isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
-        Assert.assertTrue(isReturn);
+        Assert.assertFalse(isReturn);
 
         loginOrRequestAccessControl.setCode(11);
         loginOrRequestAccessControl.setTopic("permitPullTopic");
@@ -94,7 +113,29 @@ public class AuthenticationTest {
 
         loginOrRequestAccessControl.setTopic("nopermitPullTopic");
         isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
-        Assert.assertTrue(isReturn);
+        Assert.assertFalse(isReturn);
 
     }
+    
+    @Test
+    public void isEmptyTest() {
+    	loginOrRequestAccessControl.setCode(10);
+    	loginOrRequestAccessControl.setTopic("absentTopic");
+    	boolean isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
+    	Assert.assertFalse(isReturn);
+    	
+    	Set<String> permitSendTopic = new HashSet<>();
+    	borkerAccessControl.setPermitSendTopic(permitSendTopic);
+    	isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
+    	Assert.assertTrue(isReturn);
+    	
+    	loginOrRequestAccessControl.setCode(11);
+    	isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
+    	Assert.assertFalse(isReturn);
+    	
+    	borkerAccessControl.setPermitPullTopic(permitSendTopic);
+    	isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
+    	Assert.assertTrue(isReturn);    	
+    }
+    
 }

acl-plug/src/test/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngineTest.java

+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.apache.rocketmq.acl.plug.engine;
 
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
-import java.lang.reflect.Field;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
-
 import org.apache.rocketmq.acl.plug.entity.AccessControl;
 import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo;
 import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
@@ -54,13 +68,13 @@ public class PlainAclPlugEngineTest {
 
         accessControl = new BorkerAccessControl();
         accessControl.setAccount("rokcetmq");
-        accessControl.setPassword("aliyun");
+        accessControl.setPassword("aliyun11");
         accessControl.setNetaddress("127.0.0.1");
         accessControl.setRecognition("127.0.0.1:1");
 
         accessControlTwo = new BorkerAccessControl();
-        accessControlTwo.setAccount("rokcet");
-        accessControlTwo.setPassword("aliyun");
+        accessControlTwo.setAccount("rokcet1");
+        accessControlTwo.setPassword("aliyun1");
         accessControlTwo.setNetaddress("127.0.0.1");
         accessControlTwo.setRecognition("127.0.0.1:2");
 
@@ -69,6 +83,31 @@ public class PlainAclPlugEngineTest {
 
     }
 
+   
+    @Test(expected = AclPlugAccountAnalysisException.class)
+    public void accountNullTest() {
+    	accessControl.setAccount(null);
+    	plainAclPlugEngine.setAccessControl(accessControl);
+    }
+    
+    @Test(expected = AclPlugAccountAnalysisException.class)
+    public void accountThanTest() {
+    	accessControl.setAccount("123");
+    	plainAclPlugEngine.setAccessControl(accessControl);
+    }
+    
+    @Test(expected = AclPlugAccountAnalysisException.class)
+    public void passWordtNullTest() {
+    	accessControl.setAccount(null);
+    	plainAclPlugEngine.setAccessControl(accessControl);
+    }
+    
+    @Test(expected = AclPlugAccountAnalysisException.class)
+    public void passWordThanTest() {
+    	accessControl.setAccount("123");
+    	plainAclPlugEngine.setAccessControl(accessControl);
+    }
+    
     @Test(expected = AclPlugAccountAnalysisException.class)
     public void testPlainAclPlugEngineInit() {
         ControllerParametersEntity controllerParametersEntity = new ControllerParametersEntity();
@@ -88,7 +127,7 @@ public class PlainAclPlugEngineTest {
 
         AccessControl testAccessControl = new AccessControl();
         testAccessControl.setAccount("rokcetmq");
-        testAccessControl.setPassword("aliyun");
+        testAccessControl.setPassword("aliyun11");
         testAccessControl.setNetaddress("127.0.0.1");
         testAccessControl.setRecognition("127.0.0.1:1");
 
@@ -97,7 +136,7 @@ public class PlainAclPlugEngineTest {
         Assert.assertNull(authenticationInfo);
 
         testAccessControl.setAccount("rokcetmq");
-        testAccessControl.setPassword("1");
+        testAccessControl.setPassword("1234567");
         authenticationInfo = aclPlugEngine.getAccessControl(testAccessControl);
         Assert.assertNull(authenticationInfo);
 
@@ -128,6 +167,8 @@ public class PlainAclPlugEngineTest {
     public void setNetaddressAccessControl() {
         AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine;
         AccessControl accessControl = new BorkerAccessControl();
+        accessControl.setAccount("RocketMQ");
+        accessControl.setPassword("RocketMQ");
         accessControl.setNetaddress("127.0.0.1");
         aclPlugEngine.setAccessControl(accessControl);
         aclPlugEngine.setNetaddressAccessControl(accessControl);
@@ -162,6 +203,8 @@ public class PlainAclPlugEngineTest {
 
         AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine;
         AccessControl accessControl = new BorkerAccessControl();
+        accessControl.setAccount("RocketMQ");
+        accessControl.setPassword("RocketMQ");
         accessControl.setNetaddress("127.0.0.1");
         aclPlugEngine.setAccessControl(accessControl);
         AuthenticationInfo authenticationInfo = aclPlugEngine.getAccessControl(accessControl);
@@ -201,7 +244,7 @@ public class PlainAclPlugEngineTest {
     public void getAuthenticationInfo() {
         LoginOrRequestAccessControl loginOrRequestAccessControl = new LoginOrRequestAccessControl();
         loginOrRequestAccessControl.setAccount("rokcetmq");
-        loginOrRequestAccessControl.setPassword("aliyun");
+        loginOrRequestAccessControl.setPassword("aliyun11");
         loginOrRequestAccessControl.setNetaddress("127.0.0.1");
         loginOrRequestAccessControl.setRecognition("127.0.0.1:1");
 

acl-plug/src/test/java/org/apache/rocketmq/acl/plug/strategy/NetaddressStrategyTest.java

+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.apache.rocketmq.acl.plug.strategy;
 
 import org.apache.rocketmq.acl.plug.entity.AccessControl;

acl-plug/src/test/resources/conf/transport.yml

@@ -4,14 +4,14 @@ onlyNetAddress:
   - broker-a
 
 list:
-- account: laohu
-  password: 123456
+- account: rocketMQ
+  password: 1234567
   netaddress: 192.0.0.*
   permitSendTopic:
   - test1
   - test2
-- account: laohu
-  password: 123456
+- account: rocketMQ
+  password: 1234567
   netaddress: 192.0.2.1
   permitSendTopic:
   - test3

broker/pom.xml

@@ -9,81 +9,81 @@
 	OF ANY KIND, either express or implied. See the License for the specific 
 	language governing permissions and limitations under the License. -->
 
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<parent>
-		<groupId>org.apache.rocketmq</groupId>
-		<artifactId>rocketmq-all</artifactId>
-		<version>4.4.0-SNAPSHOT</version>
-	</parent>
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xmlns="http://maven.apache.org/POM/4.0.0"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <groupId>org.apache.rocketmq</groupId>
+        <artifactId>rocketmq-all</artifactId>
+        <version>4.4.0-SNAPSHOT</version>
+    </parent>
 
-	<modelVersion>4.0.0</modelVersion>
-	<packaging>jar</packaging>
-	<artifactId>rocketmq-broker</artifactId>
-	<name>rocketmq-broker ${project.version}</name>
+    <modelVersion>4.0.0</modelVersion>
+    <packaging>jar</packaging>
+    <artifactId>rocketmq-broker</artifactId>
+    <name>rocketmq-broker ${project.version}</name>
 
-	<dependencies>
-		<dependency>
-			<groupId>${project.groupId}</groupId>
-			<artifactId>rocketmq-common</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>${project.groupId}</groupId>
-			<artifactId>rocketmq-store</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>${project.groupId}</groupId>
-			<artifactId>rocketmq-remoting</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>${project.groupId}</groupId>
-			<artifactId>rocketmq-client</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>${project.groupId}</groupId>
-			<artifactId>rocketmq-srvutil</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>${project.groupId}</groupId>
-			<artifactId>rocketmq-filter</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>${project.groupId}</groupId>
-			<artifactId>rocketmq-acl-plug</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>ch.qos.logback</groupId>
-			<artifactId>logback-classic</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>ch.qos.logback</groupId>
-			<artifactId>logback-core</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>com.alibaba</groupId>
-			<artifactId>fastjson</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.javassist</groupId>
-			<artifactId>javassist</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-api</artifactId>
-		</dependency>
-	</dependencies>
+    <dependencies>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>rocketmq-common</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>rocketmq-store</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>rocketmq-remoting</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>rocketmq-client</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>rocketmq-srvutil</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>rocketmq-filter</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>rocketmq-acl-plug</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>ch.qos.logback</groupId>
+            <artifactId>logback-classic</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>ch.qos.logback</groupId>
+            <artifactId>logback-core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>fastjson</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.javassist</groupId>
+            <artifactId>javassist</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+        </dependency>
+    </dependencies>
 
-	<build>
-		<plugins>
-			<plugin>
-				<artifactId>maven-surefire-plugin</artifactId>
-				<version>2.19.1</version>
-				<configuration>
-					<forkCount>1</forkCount>
-					<reuseForks>false</reuseForks>
-				</configuration>
-			</plugin>
-		</plugins>
-	</build>
+    <build>
+        <plugins>
+            <plugin>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>2.19.1</version>
+                <configuration>
+                    <forkCount>1</forkCount>
+                    <reuseForks>false</reuseForks>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
 </project>

broker/src/main/java/org/apache/rocketmq/broker/BrokerController.java

@@ -302,7 +302,6 @@ public class BrokerController {
                 this.heartbeatThreadPoolQueue,
                 new ThreadFactoryImpl("HeartbeatThread_", true));
 
-
             this.endTransactionExecutor = new BrokerFixedThreadPoolExecutor(
                 this.brokerConfig.getEndTransactionThreadPoolNums(),
                 this.brokerConfig.getEndTransactionThreadPoolNums(),
@@ -1101,12 +1100,12 @@ public class BrokerController {
         this.transactionalMessageCheckListener = transactionalMessageCheckListener;
     }
 
-<<<<<<< HEAD
     public AclPlugController getAclPlugController() {
         return this.aclPlugController;
-=======
+    }
+
     public BlockingQueue<Runnable> getEndTransactionThreadPoolQueue() {
         return endTransactionThreadPoolQueue;
->>>>>>> 53a63460d3a1599a6c51058bb51a73746233022d
+
     }
 }

broker/src/main/java/org/apache/rocketmq/broker/client/ClientHousekeepingService.java

@@ -72,7 +72,9 @@ public class ClientHousekeepingService implements ChannelEventListener {
         this.brokerController.getProducerManager().doChannelCloseEvent(remoteAddr, channel);
         this.brokerController.getConsumerManager().doChannelCloseEvent(remoteAddr, channel);
         this.brokerController.getFilterServerManager().doChannelCloseEvent(remoteAddr, channel);
-        this.brokerController.getAclPlugController().doChannelCloseEvent(remoteAddr);
+        if (this.brokerController.getAclPlugController() != null && this.brokerController.getAclPlugController().isStartSucceed()) {
+            this.brokerController.getAclPlugController().doChannelCloseEvent(remoteAddr);
+        }
     }
 
     @Override

common/src/main/java/org/apache/rocketmq/common/BrokerConfig.java

@@ -70,7 +70,6 @@ public class BrokerConfig {
      */
     private int endTransactionThreadPoolNums = 8 + Runtime.getRuntime().availableProcessors() * 2;
 
-
     private int flushConsumerOffsetInterval = 1000 * 5;
 
     private int flushConsumerOffsetHistoryInterval = 1000 * 60;
@@ -174,6 +173,16 @@ public class BrokerConfig {
 
     private boolean isAclPlug;
 
+    public static String localHostName() {
+        try {
+            return InetAddress.getLocalHost().getHostName();
+        } catch (UnknownHostException e) {
+            log.error("Failed to obtain the host name", e);
+        }
+
+        return "DEFAULT_BROKER";
+    }
+
     public boolean isTraceOn() {
         return traceOn;
     }
@@ -238,16 +247,6 @@ public class BrokerConfig {
         this.slaveReadEnable = slaveReadEnable;
     }
 
-    public static String localHostName() {
-        try {
-            return InetAddress.getLocalHost().getHostName();
-        } catch (UnknownHostException e) {
-            log.error("Failed to obtain the host name", e);
-        }
-
-        return "DEFAULT_BROKER";
-    }
-
     public int getRegisterBrokerTimeoutMills() {
         return registerBrokerTimeoutMills;
     }
@@ -712,7 +711,6 @@ public class BrokerConfig {
         this.transactionCheckInterval = transactionCheckInterval;
     }
 
-
     public boolean isAclPlug() {
         return isAclPlug;
     }

distribution/conf/transport.yml

@@ -4,14 +4,14 @@ onlyNetAddress:
     - broker-a
 
 list:
-  - account: laohu
-    password: 123456
+  - account: RocketMQ
+    password: 1234567
     netaddress: 192.0.0.*
     permitSendTopic:
       - test1
       - test2
-  - account: laohu
-    password: 123456
+  - account: RocketMQ
+    password: 1234567
     netaddress: 192.0.2.1
     permitSendTopic:
       - test3