package org.apache.activemq.artemis.tests.integration.server;

import java.lang.management.ManagementFactory;
import java.net.URL;
import java.util.HashMap;
import java.util.HashSet;
import org.apache.activemq.artemis.api.core.ActiveMQSecurityException;
import org.apache.activemq.artemis.api.core.ActiveMQSessionCreationException;
import org.apache.activemq.artemis.api.core.QueueConfiguration;
import org.apache.activemq.artemis.api.core.RoutingType;
import org.apache.activemq.artemis.api.core.SimpleString;
import org.apache.activemq.artemis.api.core.TransportConfiguration;
import org.apache.activemq.artemis.api.core.client.ActiveMQClient;
import org.apache.activemq.artemis.api.core.client.ClientSession;
import org.apache.activemq.artemis.api.core.client.ClientSessionFactory;
import org.apache.activemq.artemis.api.core.client.ServerLocator;
import org.apache.activemq.artemis.core.security.Role;
import org.apache.activemq.artemis.core.server.ActiveMQServer;
import org.apache.activemq.artemis.core.server.ActiveMQServers;
import org.apache.activemq.artemis.core.settings.impl.ResourceLimitSettings;
import org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager;
import org.apache.activemq.artemis.tests.integration.security.SecurityTest;
import org.apache.activemq.artemis.tests.util.ActiveMQTestBase;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:org/apache/activemq/artemis/tests/integration/server/ResourceLimitTestWithCerts.class */
public class ResourceLimitTestWithCerts extends ActiveMQTestBase {
    @Override // org.apache.activemq.artemis.tests.util.ActiveMQTestBase
    @BeforeEach
    public void setUp() throws Exception {
        super.setUp();
        ResourceLimitSettings resourceLimitSettings = new ResourceLimitSettings();
        resourceLimitSettings.setMaxConnections(1);
        resourceLimitSettings.setMaxQueues(1);
        resourceLimitSettings.setMatch(SimpleString.of("first"));
        ActiveMQServer addServer = addServer(ActiveMQServers.newActiveMQServer(createDefaultInVMConfig().setSecurityEnabled(true).addResourceLimitSettings(resourceLimitSettings), ManagementFactory.getPlatformMBeanServer(), new ActiveMQJAASSecurityManager("CertLogin"), false));
        HashMap hashMap = new HashMap();
        hashMap.put("sslEnabled", true);
        hashMap.put("keyStorePath", "server-keystore.jks");
        hashMap.put("keyStorePassword", "securepass");
        hashMap.put("trustStorePath", "client-ca-truststore.jks");
        hashMap.put("trustStorePassword", "securepass");
        hashMap.put("needClientAuth", true);
        addServer.getConfiguration().addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY, hashMap));
        HashSet hashSet = new HashSet();
        hashSet.add(new Role("programmers", true, true, true, true, true, true, true, true, true, true, false, false));
        addServer.getConfiguration().putSecurityRoles("#", hashSet);
        addServer.start();
    }

    @Test
    public void testSessionLimitForUser() throws Exception {
        TransportConfiguration transportConfiguration = new TransportConfiguration(NETTY_CONNECTOR_FACTORY);
        transportConfiguration.getParams().put("sslEnabled", true);
        transportConfiguration.getParams().put("trustStorePath", "server-ca-truststore.jks");
        transportConfiguration.getParams().put("trustStorePassword", "securepass");
        transportConfiguration.getParams().put("keyStorePath", "client-keystore.jks");
        transportConfiguration.getParams().put("keyStorePassword", "securepass");
        ServerLocator addServerLocator = addServerLocator(ActiveMQClient.createServerLocatorWithoutHA(new TransportConfiguration[]{transportConfiguration}));
        ClientSessionFactory createSessionFactory = createSessionFactory(addServerLocator);
        ClientSession createSession = createSessionFactory.createSession();
        try {
            addServerLocator.createSessionFactory().createSession();
            Assertions.fail("creating a session factory here should fail");
        } catch (Exception e) {
            Assertions.assertTrue(e instanceof ActiveMQSessionCreationException);
        }
        createSession.close();
        ClientSession createSession2 = createSessionFactory.createSession();
        try {
            addServerLocator.createSessionFactory().createSession();
            Assertions.fail("creating a session factory here should fail");
        } catch (Exception e2) {
            Assertions.assertTrue(e2 instanceof ActiveMQSessionCreationException);
        }
        createSession2.close();
        createSessionFactory.close();
    }

    @Test
    public void testQueueLimitForUser() throws Exception {
        TransportConfiguration transportConfiguration = new TransportConfiguration(NETTY_CONNECTOR_FACTORY);
        transportConfiguration.getParams().put("sslEnabled", true);
        transportConfiguration.getParams().put("trustStorePath", "server-ca-truststore.jks");
        transportConfiguration.getParams().put("trustStorePassword", "securepass");
        transportConfiguration.getParams().put("keyStorePath", "client-keystore.jks");
        transportConfiguration.getParams().put("keyStorePassword", "securepass");
        ClientSession createSession = createSessionFactory(addServerLocator(ActiveMQClient.createServerLocatorWithoutHA(new TransportConfiguration[]{transportConfiguration}))).createSession();
        createSession.createQueue(QueueConfiguration.of("queue").setAddress("address").setRoutingType(RoutingType.ANYCAST).setDurable(false));
        try {
            createSession.createQueue(QueueConfiguration.of("anotherQueue").setAddress("address").setRoutingType(RoutingType.ANYCAST).setDurable(false));
            Assertions.fail("Should have thrown an ActiveMQSecurityException");
        } catch (Exception e) {
            Assertions.assertTrue(e instanceof ActiveMQSecurityException);
        }
        createSession.deleteQueue("queue");
        createSession.createQueue(QueueConfiguration.of("queue").setAddress("address").setRoutingType(RoutingType.ANYCAST).setDurable(false));
        try {
            createSession.createQueue(QueueConfiguration.of("anotherQueue").setAddress("address").setRoutingType(RoutingType.ANYCAST).setDurable(false));
            Assertions.fail("Should have thrown an ActiveMQSecurityException");
        } catch (Exception e2) {
            Assertions.assertTrue(e2 instanceof ActiveMQSecurityException);
        }
        try {
            createSession.createSharedQueue(QueueConfiguration.of("anotherQueue").setAddress("address").setDurable(false));
            Assertions.fail("Should have thrown an ActiveMQSecurityException");
        } catch (Exception e3) {
            Assertions.assertTrue(e3 instanceof ActiveMQSecurityException);
        }
    }

    static {
        URL resource;
        if (System.getProperty("java.security.auth.login.config") != null || (resource = SecurityTest.class.getClassLoader().getResource("login.config")) == null) {
            return;
        }
        System.setProperty("java.security.auth.login.config", resource.getFile());
    }
}
