[jboss-cvs] JBossAS SVN: r86223 - in projects/security/security-xacml/trunk/jboss-sunxacml/src/test: resources/policies and 1 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Mon Mar 23 14:48:07 EDT 2009 

Author: anil.saldhana at jboss.com
Date: 2009-03-23 14:48:07 -0400 (Mon, 23 Mar 2009)
New Revision: 86223

Added:
   projects/security/security-xacml/trunk/jboss-sunxacml/src/test/resources/policies/function-match/
   projects/security/security-xacml/trunk/jboss-sunxacml/src/test/resources/policies/function-match/function-match-policy-01.xml
Modified:
   projects/security/security-xacml/trunk/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java
Log:
test for function match urn:oasis:names:tc:xacml:2.0:function:anyURI-regexp-match

Modified: projects/security/security-xacml/trunk/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java	2009-03-23 18:37:41 UTC (rev 86222)
+++ projects/security/security-xacml/trunk/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java	2009-03-23 18:48:07 UTC (rev 86223)
@@ -43,6 +43,12 @@
    }
    
    
+   public void testFunctionMatch() throws Exception
+   {   
+      String fileName = "src/test/resources/policies/function-match/function-match-policy-01.xml";
+      readPolicyIntoPDP(fileName);
+   }
+   
    public void testHimmss09_01() throws Exception
    {
       String fileName = "src/test/resources/policies/himss09/himss-policy-01.xml";
@@ -53,6 +59,6 @@
    {
       String[] policies = new String[] {fileName};
       SimplePDP pdp = new SimplePDP(policies);
-      assertNotNull(pdp);
+      assertNotNull(pdp); 
    }
 }
\ No newline at end of file

Added: projects/security/security-xacml/trunk/jboss-sunxacml/src/test/resources/policies/function-match/function-match-policy-01.xml
===================================================================
--- projects/security/security-xacml/trunk/jboss-sunxacml/src/test/resources/policies/function-match/function-match-policy-01.xml	                        (rev 0)
+++ projects/security/security-xacml/trunk/jboss-sunxacml/src/test/resources/policies/function-match/function-match-policy-01.xml	2009-03-23 18:48:07 UTC (rev 86223)
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="utf-8"?>
+<PolicySet xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" 
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+           xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-os.xsd" 
+           PolicySetId="urn:oasis:names:tc:xspa:1.0" 
+           PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+  <Target />
+  <PolicySet PolicySetId="urn:oasis:names:tc:xspa:1.0:org" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+    <Description>Contains all organizational policies which are evaluated on all requests.</Description>
+    <Target />    
+    <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org:allowed:organizations" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+      <Description>
+        The organization denies the request if the subject is attempting to access 
+        a resource and is not a member of the allowed organizations.
+      </Description>
+      <Target>
+        <Subjects/>
+         <Resources>
+           <Resource>
+              <!-- to view everything under the resource collection -->
+             <ResourceMatch MatchId="urn:oasis:names:tc:xacml:2.0:function:anyURI-regexp-match">
+               <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/.*</AttributeValue>
+                   <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#anyURI" />
+             </ResourceMatch>
+          </Resource>
+        </Resources>
+       <Actions/>
+      </Target>
+      <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:allowed:organizations:deny" Effect="Deny">
+        <Description>Evaluates the allowed-organizations (if available) against the subject's locality.</Description>
+        <Target />
+        <Condition>
+          <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+            <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+              <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+                <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+                  <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:allowed-organizations" DataType="http://www.w3.org/2001/XMLSchema#string" />
+                </Apply>
+                <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+              </Apply>
+            </Apply>
+           </Apply>
+        </Condition>
+      </Rule>
+    </Policy> 
+  </PolicySet>
+</PolicySet>

More information about the jboss-cvs-commits mailing list