[jboss-cvs] JBossAS SVN: r62888 - in projects/security/security-jboss-sx/trunk/src/tests: resources and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue May 8 17:02:01 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-05-08 17:02:01 -0400 (Tue, 08 May 2007)
New Revision: 62888
Added:
projects/security/security-jboss-sx/trunk/src/tests/resources/
projects/security/security-jboss-sx/trunk/src/tests/resources/authorization/
projects/security/security-jboss-sx/trunk/src/tests/resources/authorization/xacml/
projects/security/security-jboss-sx/trunk/src/tests/resources/authorization/xacml/jboss-xacml-ejb-policy.xml
projects/security/security-jboss-sx/trunk/src/tests/resources/authorization/xacml/jboss-xacml-web-policy.xml
projects/security/security-jboss-sx/trunk/src/tests/resources/login-config.conf
projects/security/security-jboss-sx/trunk/src/tests/resources/login-config.xml
projects/security/security-jboss-sx/trunk/src/tests/resources/roles.properties
projects/security/security-jboss-sx/trunk/src/tests/resources/tst-policy.xml
projects/security/security-jboss-sx/trunk/src/tests/resources/tst.policy
projects/security/security-jboss-sx/trunk/src/tests/resources/users.properties
projects/security/security-jboss-sx/trunk/src/tests/resources/usersb64.properties
Log:
resources for tests
Added: projects/security/security-jboss-sx/trunk/src/tests/resources/authorization/xacml/jboss-xacml-ejb-policy.xml
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/resources/authorization/xacml/jboss-xacml-ejb-policy.xml (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/resources/authorization/xacml/jboss-xacml-ejb-policy.xml 2007-05-08 21:02:01 UTC (rev 62888)
@@ -0,0 +1,82 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ access_control-xacml-2.0-policy-schema-os.xsd"
+ PolicyId="urn:oasis:names:tc:xacml:2.0:jboss-test:XV:policy"
+ RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description> Policy for Subject RBAC</Description>
+ <Target/>
+ <Rule RuleId="urn:oasis:names:tc:xacml:2.0:jboss-test:XVI:rule"
+ Effect="Permit">
+ <Description>
+ scott can create,remove and invoke echo method of StatelessSession EJB when he has a role of ProjectUser
+ </Description>
+ <Target>
+ <Subjects>
+ <Subject>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">scott</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">ProjectUser</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ </Subject>
+ </Subjects>
+ <Resources>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">StatelessSession</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ <Actions>
+ <Action>
+ <ActionMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">create</AttributeValue>
+ <ActionAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ActionMatch>
+ </Action>
+ <Action>
+ <ActionMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">remove</AttributeValue>
+ <ActionAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ActionMatch>
+ </Action>
+ <Action>
+ <ActionMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">echo</AttributeValue>
+ <ActionAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ActionMatch>
+ </Action>
+ </Actions>
+ </Target>
+ </Rule>
+</Policy>
Added: projects/security/security-jboss-sx/trunk/src/tests/resources/authorization/xacml/jboss-xacml-web-policy.xml
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/resources/authorization/xacml/jboss-xacml-web-policy.xml (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/resources/authorization/xacml/jboss-xacml-web-policy.xml 2007-05-08 21:02:01 UTC (rev 62888)
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ access_control-xacml-2.0-policy-schema-os.xsd"
+ PolicyId="urn:oasis:names:tc:xacml:2.0:jboss-test:XV:policy"
+ RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description> Policy for Subject RBAC</Description>
+ <Target/>
+ <Rule RuleId="urn:oasis:names:tc:xacml:2.0:jboss-test:XVI:rule"
+ Effect="Permit">
+ <Description>
+ jduke can read or write resource information when he has a role of ServletUserRole
+ </Description>
+ <Target>
+ <Subjects>
+ <Subject>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">jduke</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ <SubjectMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">ServletUserRole</AttributeValue>
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </SubjectMatch>
+ </Subject>
+ </Subjects>
+ <Resources>
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#anyURI">/xacml-subjectrole/test</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
+ DataType="http://www.w3.org/2001/XMLSchema#anyURI"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ <Actions>
+ <Action>
+ <ActionMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue>
+ <ActionAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ActionMatch>
+ </Action>
+ <Action>
+ <ActionMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue>
+ <ActionAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ActionMatch>
+ </Action>
+ </Actions>
+ </Target>
+ </Rule>
+</Policy>
Added: projects/security/security-jboss-sx/trunk/src/tests/resources/login-config.conf
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/resources/login-config.conf (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/resources/login-config.conf 2007-05-08 21:02:01 UTC (rev 62888)
@@ -0,0 +1,72 @@
+/* Tests of the behvior of the control flags with multiple
+login modules.
+
+1) Required - The LoginModule is required to succeed.
+ If it succeeds or fails, authentication still continues
+ to proceed down the LoginModule list.
+
+2) Requisite - The LoginModule is required to succeed.
+ If it succeeds, authentication continues down the
+ LoginModule list. If it fails,
+ control immediately returns to the application
+ (authentication does not proceed down the
+ LoginModule list).
+
+3) Sufficient - The LoginModule is not required to
+ succeed. If it does succeed, control immediately
+ returns to the application (authentication does not
+ proceed down the LoginModule list).
+ If it fails, authentication continues down the
+ LoginModule list.
+
+4) Optional - The LoginModule is not required to
+ succeed. If it succeeds or fails,
+ authentication still continues to proceed down the
+ LoginModule list.
+*/
+case1 {
+ org.jboss.test.TestLoginModule required
+ name=1.1
+ succeed=true
+ throwEx='false'
+ ;
+# A comment
+ org.jboss.test.TestLoginModule optional
+ name=1.2
+ succeed=false
+ throwEx="true"
+ ;
+};
+
+// Another comment
+case2 {
+ org.jboss.test.TestLoginModule optional
+ name=2.1
+ succeed=true
+ throwEx='false'
+ ;
+# A comment
+ org.jboss.test.TestLoginModule optional
+ name=2.2
+ succeed=false
+ throwEx="true"
+ ;
+};
+
+srp-test {
+ // Put your login modules that work without jBoss here
+ org.jboss.security.srp.jaas.SRPLoginModule required
+ password-stacking="useFirstPass"
+ principalClassName="org.jboss.security.SimplePrincipal"
+ srpServerJndiName="SRPServerInterface"
+ debug=true
+ ;
+
+ // jBoss LoginModule
+ org.jboss.security.ClientLoginModule required
+ password-stacking="useFirstPass"
+ ;
+
+ // Put your login modules that need jBoss here
+};
+
Added: projects/security/security-jboss-sx/trunk/src/tests/resources/login-config.xml
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/resources/login-config.xml (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/resources/login-config.xml 2007-05-08 21:02:01 UTC (rev 62888)
@@ -0,0 +1,416 @@
+<?xml version='1.0'?>
+<!DOCTYPE policy PUBLIC
+ "-//JBoss//DTD JBOSS Security Config 3.0//EN"
+ "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+
+<!-- Tests of the behvior of the control flags with multiple
+login modules.
+
+1) Required - The LoginModule is required to succeed.
+ If it succeeds or fails, authentication still continues
+ to proceed down the LoginModule list.
+
+2) Requisite - The LoginModule is required to succeed.
+ If it succeeds, authentication continues down the
+ LoginModule list. If it fails,
+ control immediately returns to the application
+ (authentication does not proceed down the
+ LoginModule list).
+
+3) Sufficient - The LoginModule is not required to
+ succeed. If it does succeed, control immediately
+ returns to the application (authentication does not
+ proceed down the LoginModule list).
+ If it fails, authentication continues down the
+ LoginModule list.
+
+4) Optional - The LoginModule is not required to
+ succeed. If it succeeds or fails,
+ authentication still continues to proceed down the
+ LoginModule list.
+-->
+<policy>
+
+ <application-policy name = "case1">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">1.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">1.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case2">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">2.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">2.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case3">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">3.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">3.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case4">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">4.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">4.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case5">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "requisite">
+ <module-option name = "name">5.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">5.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case6">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">6.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">6.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case7">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">7.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">7.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case8">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "requisite">
+ <module-option name = "name">8.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">8.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case9">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "requisite">
+ <module-option name = "name">9.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">9.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case10">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">10.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">10.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case11">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">11.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">11.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case12">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">12.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">12.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case13">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">13.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">13.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case14">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">14.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "initEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">14.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case15">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">15.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">15.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "initEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case16">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">16.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">16.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "initEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case17">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">17.1</module-option>
+ <module-option name = "initEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">17.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case18">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "requisite">
+ <module-option name = "name">18.1</module-option>
+ <module-option name = "initEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">18.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">18.3</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case19">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">19.1</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">19.2</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case20">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">20.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">20.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">20.3</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case21">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">21.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">21.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">21.3</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case22">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">22.1</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">22.2</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">22.3</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+</policy>
Added: projects/security/security-jboss-sx/trunk/src/tests/resources/roles.properties
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/resources/roles.properties (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/resources/roles.properties 2007-05-08 21:02:01 UTC (rev 62888)
@@ -0,0 +1,12 @@
+scott=Echo
+stark=Java,Coder
+stark.CallerPrincipal=callerStark
+
+starksm.Roles=ProjectUser
+starksm.CallerPrincipal=callerStarksm
+scott.Roles=ProjectUser
+scott.CallerPrincipal=callerScott
+
+jduke=Role1,Role2
+jdukeman=Role2,Role3
+jdukeman.CallerPrincipal=callerJdukeman
\ No newline at end of file
Added: projects/security/security-jboss-sx/trunk/src/tests/resources/tst-policy.xml
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/resources/tst-policy.xml (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/resources/tst-policy.xml 2007-05-08 21:02:01 UTC (rev 62888)
@@ -0,0 +1,43 @@
+<?xml version = "1.0" encoding = "UTF-8"?>
+<policy>
+<!-- A test application policy that creates a SimplePrincipal with
+a name of 'starksm' for testing the subject based policy permissions.
+-->
+ <application-policy name = "test-domain">
+ <authentication>
+ <login-module code = "org.jboss.security.plugins.samples.IdentityLoginModule" flag = "required">
+ <module-option name = "principal">starksm</module-option>
+ </login-module>
+ </authentication>
+ <authorization>
+ <grant>
+ <principal code = "org.jboss.security.SimplePrincipal" name = "scott"/>
+ <permission code = "org.jboss.test.NamespacePermission" name = "Project1" actions = "rwxd"/>
+ <permission code = "org.jboss.test.NamespacePermission" name = "Project1/Documents/Private" actions = "rw-d"/>
+ </grant>
+ <grant>
+ <principal code = "org.jboss.security.SimplePrincipal" name = "starksm"/>
+ <permission code = "org.jboss.test.NamespacePermission" name = "Project1/Documents/Public" actions = "r---"/>
+ </grant>
+ </authorization>
+ </application-policy>
+
+<!-- A application policy that specifies the SRPLoginModule + JBoss
+ ClientLogin module for testing the secure authentication link.
+-->
+ <application-policy name = "srp-login">
+ <authentication>
+ <login-module code = "org.jboss.security.srp.jaas.SRPLoginModule" flag = "required">
+ <module-option name = "password-stacking">useFirstPass</module-option>
+ <module-option name = "principalClassName">org.jboss.security.SimplePrincipal</module-option>
+ <module-option name = "srpServerJndiName">SRPServerInterface</module-option>
+ <module-option name = "debug">true</module-option>
+ </login-module>
+
+ <login-module code = "org.jboss.security.ClientLoginModule" flag = "required">
+ <module-option name = "password-stacking">useFirstPass</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+</policy>
Added: projects/security/security-jboss-sx/trunk/src/tests/resources/tst.policy
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/resources/tst.policy (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/resources/tst.policy 2007-05-08 21:02:01 UTC (rev 62888)
@@ -0,0 +1,55 @@
+// The login module jar
+
+grant codeBase "file:${output.dir}/tests/jbosssx-tests.jar" {
+ permission javax.security.auth.AuthPermission "modifyPrincipals";
+ permission javax.security.auth.AuthPermission "modifyPublicCredentials";
+ permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
+ permission javax.security.auth.AuthPermission "refreshCredential";
+ permission javax.security.auth.AuthPermission "destroyCredential";
+};
+
+// The LoginContext client classes
+
+grant codeBase "file:${output.dir}/classes/-" {
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+ permission java.io.FilePermission "hypersonic", "write";
+ permission java.io.FilePermission "hypersonic${/}*", "delete,write";
+ permission java.io.FilePermission "LoginModulesTestCase.log", "write";
+ permission java.lang.RuntimePermission "setIO";
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
+ permission java.net.SocketPermission "*", "accept,connect";
+ permission java.security.SecurityPermission "insertProvider.JBossSX";
+ permission java.security.SecurityPermission "removeProvider.JBossSX";
+ permission java.security.SecurityPermission "putProviderProperty.JBossSX";
+ permission java.util.PropertyPermission "*", "read, write";
+ permission javax.security.auth.AuthPermission "setLoginConfiguration";
+ permission javax.security.auth.AuthPermission "getLoginConfiguration";
+ permission javax.security.auth.AuthPermission "createLoginContext";
+ permission javax.security.auth.AuthPermission "createLoginContext.*";
+ permission javax.security.auth.AuthPermission "modifyPrincipals";
+ permission javax.security.auth.AuthPermission "modifyPublicCredentials";
+ permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
+ permission javax.security.auth.PrivateCredentialPermission "java.lang.String * \"*\"", "read";
+};
+
+grant codeBase "file:${jboss.home}/tools/-" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:${jboss.home}/common/output/-" {
+ permission java.io.FilePermission "<<ALL FILES>>", "read, write";
+ permission java.util.PropertyPermission "*", "read";
+};
+grant codeBase "file:${jboss.home}/naming/output/-" {
+ permission java.net.SocketPermission "*", "accept,connect";
+ permission java.util.PropertyPermission "*", "read,write";
+};
+
+
+// The security layer classes
+grant codeBase "file:${jboss.home}/thirdparty/-" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:${output.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
Added: projects/security/security-jboss-sx/trunk/src/tests/resources/users.properties
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/resources/users.properties (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/resources/users.properties 2007-05-08 21:02:01 UTC (rev 62888)
@@ -0,0 +1,4 @@
+scott=echoman
+stark=javaman
+jduke=theduke
+jdukeman=anotherduke
\ No newline at end of file
Added: projects/security/security-jboss-sx/trunk/src/tests/resources/usersb64.properties
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/resources/usersb64.properties (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/resources/usersb64.properties 2007-05-08 21:02:01 UTC (rev 62888)
@@ -0,0 +1 @@
+scott=ug1tko1om/N1IdWSSQxwRA==
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list