[jboss-cvs] JBossAS SVN: r63126 - projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authorization.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu May 17 16:24:01 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-05-17 16:24:01 -0400 (Thu, 17 May 2007)
New Revision: 63126
Added:
projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authorization/JBossAuthorizationManagerUnitTestCase.java
Log:
authorizationmgr test
Added: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authorization/JBossAuthorizationManagerUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authorization/JBossAuthorizationManagerUnitTestCase.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authorization/JBossAuthorizationManagerUnitTestCase.java 2007-05-17 20:24:01 UTC (rev 63126)
@@ -0,0 +1,116 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authorization;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.HashMap;
+
+import javax.security.auth.Subject;
+import javax.security.jacc.PolicyContext;
+
+import org.jboss.security.AuthorizationManager;
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SimpleGroup;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.authorization.ResourceKeys;
+import org.jboss.security.authorization.config.AuthorizationModuleEntry;
+import org.jboss.security.authorization.resources.WebResource;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.AuthorizationInfo;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.security.jacc.SubjectPolicyContextHandler;
+import org.jboss.security.plugins.JBossAuthorizationManager;
+import org.jboss.security.plugins.SecurityContextAssociation;
+import org.jboss.security.plugins.SecurityContextFactory;
+import org.jboss.test.authorization.xacml.TestHttpServletRequest;
+
+import junit.framework.TestCase;
+
+//$Id$
+
+/**
+ * Unit test the JBossAuthorizationManager
+ * @author Anil.Saldhana at redhat.com
+ * @since May 17, 2007
+ * @version $Revision$
+ */
+public class JBossAuthorizationManagerUnitTestCase extends TestCase
+{
+ private Principal p = new SimplePrincipal("jduke");
+ private String contextID = "web.jar";
+ private String uri = "/xacml-subjectrole/test";
+
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ setSecurityContext();
+ setUpPolicyContext();
+ setSecurityConfiguration();
+ }
+
+ public void testAuthorization() throws Exception
+ {
+ HashMap cmap = new HashMap();
+ cmap.put(ResourceKeys.WEB_REQUEST, new TestHttpServletRequest(p,"test", "get"));
+ WebResource wr = new WebResource(cmap);
+ AuthorizationManager am = new JBossAuthorizationManager("other");
+ am.authorize(wr);//This should just pass as the default module PERMITS all
+ }
+
+ private Group getRoleGroup()
+ {
+ Group gp = new SimpleGroup(SecurityConstants.ROLES_IDENTIFIER);
+ gp.addMember(new SimplePrincipal("ServletUserRole"));
+ return gp;
+ }
+
+ private void setSecurityContext()
+ {
+ Subject subj = new Subject();
+ subj.getPrincipals().add(p);
+ SecurityContext sc = SecurityContextFactory.createSecurityContext("other");
+ sc.getUtil().createSubjectInfo(p, "cred", subj);
+ sc.getUtil().setRoles(getRoleGroup());
+ SecurityContextAssociation.setSecurityContext(sc);
+ }
+
+ private void setUpPolicyContext() throws Exception
+ {
+ PolicyContext.setContextID(contextID);
+ PolicyContext.registerHandler(SecurityConstants.SUBJECT_CONTEXT_KEY,
+ new SubjectPolicyContextHandler(), true);
+ }
+
+ private void setSecurityConfiguration() throws Exception
+ {
+ String name = "org.jboss.security.authorization.modules.web.WebAuthorizationModule";
+ ApplicationPolicy ap = new ApplicationPolicy("other");
+ AuthorizationInfo ai = new AuthorizationInfo("other");
+ AuthorizationModuleEntry ame = new AuthorizationModuleEntry(name);
+ ai.add(ame);
+ ap.setAuthorizationInfo(ai);
+ SecurityConfiguration.addApplicationPolicy(ap);
+ }
+
+}
More information about the jboss-cvs-commits
mailing list