[jboss-cvs] JBossAS SVN: r99680 - in projects/security/picketbox/trunk: security-jboss-sx/acl and 60 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Jan 20 17:21:34 EST 2010
Author: anil.saldhana at jboss.com
Date: 2010-01-20 17:21:31 -0500 (Wed, 20 Jan 2010)
New Revision: 99680
Added:
projects/security/picketbox/trunk/pom.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLConfigParserJBossXB.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLDefinition.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLInfoContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLProviderEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/SecurityActions.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/audit/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/audit/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/audit/config/AuditConfigEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/container/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/container/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/container/config/AuthModuleEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/AppConfigurationEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/AuthenticationInfoContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/JBossXBParsingUtil.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/LoginConfigObjectModelFactory.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/LoginModuleStackContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/ModuleOptionContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/SunConfigParser.jj
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/spi/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/spi/UsersObjectModelFactory.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/AuthorizationInfoContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/AuthorizationConfigEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/SecurityConfigObjectModelFactory.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/config/ApplicationPolicyContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/identitytrust/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/identitytrust/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/identitytrust/config/IdentityTrustConfigEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/jacc/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/jacc/JBossPolicyConfigurationFactory.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/mapping/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/mapping/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/mapping/config/MappingConfigContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/mapping/config/MappingConfigEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/AbstractJBossSXTest.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/DelegatingPolicyTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/JBossSXTestDelegate.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/acl/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/acl/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/JBossAuthenticationManagerUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/SecurityActions.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/AuthContextUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPILoginModuleDelgateUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIServerAuthenticationManagerUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/LoginModuleServerAuthModule.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/SecurityActions.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/TestLoginModule.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/TestServerAuthModule.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/WebJASPIAuthMgrUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthConfig.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthContext.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/AuthorizationContextUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/config/JBossXBSchemaBindingUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/identitytrust/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/identitytrust/IdentityTrustUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/identitytrust/SecurityActions.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/util/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/util/TestHttpServletRequest.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/authorization/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/authorization/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/authorization/config/authorization-policy.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/identitytrust-config.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jaspi-config-options.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jaspi-config.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jboss-acl.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/securityConfig41.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/securityConfig5.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/jndi.properties
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/roles.properties
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/users.properties
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/usersb64.properties
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigParser.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigParserStax.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLDefinitionObject.java
Removed:
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLDefinition.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLInfoContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLProviderEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/audit/config/AuditConfigEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/container/config/AuthModuleEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AppConfigurationEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AuthenticationInfoContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/JBossXBParsingUtil.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/LoginConfigObjectModelFactory.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/LoginModuleStackContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/ModuleOptionContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/SunConfigParser.jj
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsersObjectModelFactory.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/AuthorizationInfoContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/config/AuthorizationConfigEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/config/SecurityConfigObjectModelFactory.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicyContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/identitytrust/config/IdentityTrustConfigEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/jacc/JBossPolicyConfigurationFactory.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/config/MappingConfigContainer.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/config/MappingConfigEntryHolder.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/DelegatingPolicyTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/JBossAuthenticationManagerUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/WebJASPIAuthMgrUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/AuthContextUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPILoginModuleDelgateUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIServerAuthenticationManagerUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/LoginModuleServerAuthModule.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/TestLoginModule.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/TestServerAuthModule.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthConfig.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthContext.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/AuthorizationContextUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/JBossXBSchemaBindingUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/identitytrust/IdentityTrustUnitTestCase.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/authorization/config/authorization-policy.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/identitytrust-config.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jaspi-config-options.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jaspi-config.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jboss-acl.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/securityConfig41.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/securityConfig5.xml
Modified:
projects/security/picketbox/trunk/security-jboss-sx/acl/pom.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/pom.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/pom.xml
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfiguration.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java
projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java
projects/security/picketbox/trunk/security-jboss-sx/parent/pom.xml
Log:
work on splitting the jbosssx project to standalone as well as AS
Added: projects/security/picketbox/trunk/pom.xml
===================================================================
--- projects/security/picketbox/trunk/pom.xml (rev 0)
+++ projects/security/picketbox/trunk/pom.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,14 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.picketbox</groupId>
+ <artifactId>picketbox-aggregator-pom</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ <packaging>pom</packaging>
+ <name> PicketBox - Aggregator</name>
+ <url>http://jboss.org/picketbox</url>
+ <description>PicketBox is a security framework</description>
+ <modules>
+ <module>security-spi</module>
+ <module>security-jboss-sx</module>
+ </modules>
+</project>
Modified: projects/security/picketbox/trunk/security-jboss-sx/acl/pom.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/acl/pom.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/acl/pom.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -51,7 +51,7 @@
<dependencies>
<dependency>
<groupId>org.jboss.logging</groupId>
- <artifactId>jboss-logging-log4j</artifactId>
+ <artifactId>jboss-logging-spi</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
Modified: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/pom.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/pom.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/pom.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -89,6 +89,7 @@
</resources>
<plugins>
<!-- generate java files from grammar -->
+ <!--
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>javacc-maven-plugin</artifactId>
@@ -107,6 +108,7 @@
</execution>
</executions>
</plugin>
+ -->
</plugins>
</build>
<dependencies>
@@ -116,11 +118,6 @@
<scope>compile</scope>
</dependency>
<dependency>
- <groupId>org.jboss.logging</groupId>
- <artifactId>jboss-logging-log4j</artifactId>
- <scope>compile</scope>
- </dependency>
- <dependency>
<groupId>org.jboss.security</groupId>
<artifactId>jboss-security-spi</artifactId>
<scope>compile</scope>
@@ -135,6 +132,12 @@
<artifactId>jboss-security-acl-impl</artifactId>
<version>${project.version}</version>
<scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.jboss.security</groupId>
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigParser.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigParser.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigParser.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,39 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import java.io.InputStream;
+
+/**
+ * Parses the ACL Configuration
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 20, 2010
+ */
+public interface ACLConfigParser
+{
+ /**
+ * Given a stream of acl config, returns {@code ACLConfiguration}
+ * @param aclConfigFileStream
+ * @return
+ */
+ ACLConfiguration getConfiguration(InputStream aclConfigFileStream);
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigParserStax.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigParserStax.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigParserStax.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,40 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import java.io.InputStream;
+
+/**
+ * ACL Config Parser based on STAX
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 20, 2010
+ */
+public class ACLConfigParserStax implements ACLConfigParser
+{
+ /**
+ * @see ACLConfigParser#getConfiguration(InputStream)
+ */
+ public ACLConfiguration getConfiguration(InputStream aclConfigFileStream)
+ {
+ return null;
+ }
+}
\ No newline at end of file
Modified: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfiguration.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfiguration.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfiguration.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -45,7 +45,7 @@
{
/** the set of ACL definitions keyed by their resource identifier. */
- private final Map<String, ACLDefinition> definitions = new HashMap<String, ACLDefinition>();
+ private final Map<String, ACLDefinitionObject> definitions = new HashMap<String, ACLDefinitionObject>();
/**
* <p>
@@ -56,9 +56,9 @@
*/
public void addDefinition(Object definition)
{
- if (definition instanceof ACLDefinition)
+ if (definition instanceof ACLDefinitionObject)
{
- ACLDefinition aclDefinition = (ACLDefinition) definition;
+ ACLDefinitionObject aclDefinition = (ACLDefinitionObject) definition;
this.definitions.put(aclDefinition.getResource(), aclDefinition);
}
}
@@ -74,7 +74,7 @@
public Set<ACL> getConfiguredACLs()
{
Set<ACL> configuredACLs = new HashSet<ACL>();
- for (ACLDefinition definition : this.definitions.values())
+ for (ACLDefinitionObject definition : this.definitions.values())
{
Set<ACLEntry> entries = this.getEntries(definition, new ArrayList<String>());
ACLImpl acl = new ACLImpl(definition.getResource(), entries);
@@ -96,7 +96,7 @@
* specified definition.
* @throws RuntimeException if a circular dependency is detected among the {@code ACLDefinition} objects.
*/
- private Set<ACLEntry> getEntries(ACLDefinition definition, List<String> visitedACLs)
+ private Set<ACLEntry> getEntries(ACLDefinitionObject definition, List<String> visitedACLs)
{
if (visitedACLs.contains(definition.getResource()))
throw new RuntimeException("Circular dependency between ACLs has been detected");
@@ -104,7 +104,7 @@
visitedACLs.add(definition.getResource());
if (definition.getBaseResource() != null)
{
- ACLDefinition superDefinition = this.definitions.get(definition.getBaseResource());
+ ACLDefinitionObject superDefinition = this.definitions.get(definition.getBaseResource());
if (superDefinition != null)
{
Set<ACLEntry> superEntries = this.getEntries(superDefinition, visitedACLs);
Modified: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -24,11 +24,6 @@
import java.io.InputStream;
import org.jboss.logging.Logger;
-import org.jboss.xb.binding.JBossXBException;
-import org.jboss.xb.binding.Unmarshaller;
-import org.jboss.xb.binding.UnmarshallerFactory;
-import org.jboss.xb.binding.sunday.unmarshalling.SchemaBinding;
-import org.jboss.xb.binding.sunday.unmarshalling.XsdBinder;
/**
* <p>
@@ -39,11 +34,31 @@
*/
public class ACLConfigurationFactory
{
-
- private static final String schemaName = "schema/jboss-acl-config_1_0.xsd";
-
private static Logger log = Logger.getLogger(ACLConfigurationFactory.class);
+ private static ACLConfigParser aclParser = null;
+
+ static
+ {
+ //Let us try the JBossXB Parser if available
+ String className = "org.jboss.security.acl.config.ACLConfigParserJBossXB";
+ try
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ Class<?> clazz = tcl.loadClass(className);
+ aclParser = (ACLConfigParser) clazz.newInstance();
+ }
+ catch(Exception e)
+ {
+ if(log.isTraceEnabled())
+ {
+ log.trace("Exception initializing ACL Config Parser based on JBossXB", e);
+ }
+ //Fallback to general stax based parser
+ aclParser = new ACLConfigParserStax();
+ }
+ }
+
/**
* <p>
* Creates and return an {@code ACLConfiguration} object using the specified input stream to read the ACL
@@ -55,18 +70,17 @@
*/
public static ACLConfiguration getConfiguration(InputStream aclConfigFileStream)
{
- ClassLoader tcl = SecurityActions.getContextClassLoader();
- SchemaBinding schema = XsdBinder.bind(tcl.getResourceAsStream(schemaName), null);
- Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
- try
- {
- ACLConfiguration configuration = (ACLConfiguration) unmarshaller.unmarshal(aclConfigFileStream, schema);
- return configuration;
- }
- catch (JBossXBException e)
- {
- log.debug("Error parsing ACL configuration file", e);
- throw new RuntimeException(e);
- }
+ if(aclParser == null)
+ throw new IllegalStateException("ACL Config Parser is null");
+ return aclParser.getConfiguration(aclConfigFileStream);
}
-}
+
+ /**
+ * Set a new {@code ACLConfigParser}
+ * @param aclParserPassed
+ */
+ public static void setConfigParser(ACLConfigParser aclParserPassed)
+ {
+ aclParser = aclParserPassed;
+ }
+}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLDefinition.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLDefinition.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLDefinition.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,170 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.acl.config;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.logging.Logger;
-import org.jboss.security.acl.ACLEntry;
-import org.jboss.xb.binding.GenericValueContainer;
-
-/**
- * <p>
- * A container for holding the contents parsed from a {@code <acl-definition>} section of {@code jboss-acl.xml}.
- * </p>
- *
- * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
- */
-public class ACLDefinition implements GenericValueContainer
-{
-
- private static Logger logger = Logger.getLogger(ACLDefinition.class);
-
- private String resource;
-
- private String baseResource;
-
- private final Set<ACLEntry> entries = new HashSet<ACLEntry>();
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
- */
- public void addChild(QName name, Object value)
- {
- logger.debug("addChild: name=" + name + ", value=" + value);
-
- if ("resource".equals(name.getLocalPart()))
- {
- this.resource = (String) value;
- }
- else if ("extends".equals(name.getLocalPart()))
- {
- this.baseResource = (String) value;
- }
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#instantiate()
- */
- public Object instantiate()
- {
- return this;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#getTargetClass()
- */
- public Class<?> getTargetClass()
- {
- return ACLDefinition.class;
- }
-
- /**
- * <p>
- * Adds a parsed {@code ACLEntry} to the list of entries of this {@code ACLDefinition}.
- * </p>
- *
- * @param entry the {@code ACLEntry} to be added.
- */
- public void addACLEntry(Object entry)
- {
- logger.debug("addEntry: " + entry);
-
- if (entry instanceof ACLEntry)
- this.entries.add((ACLEntry) entry);
- }
-
- /**
- * <p>
- * Obtains the configured {@code <acl-definition>} resource.
- * </p>
- *
- * @return a {@code String} containing the resource as configured in the XML file.
- */
- public String getResource()
- {
- return resource;
- }
-
- /**
- * <p>
- * Obtains the configured {@code <acl-definition>} base-resource, as per the {@code extends} attribute in the XML
- * file.
- * </p>
- *
- * @return a {@code String} containing the base-resource as configured in the XML file, or {@code null} if no base
- * resource is available.
- */
- public String getBaseResource()
- {
- return baseResource;
- }
-
- /**
- * <p>
- * Obtains the ACL entries that have been configured in this ACL definition.
- * </p>
- *
- * @return a {@code List<ACLEntry>} containing the configured entries.
- */
- public Set<ACLEntry> getEntries()
- {
- return entries;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see java.lang.Object#equals(java.lang.Object)
- */
- @Override
- public boolean equals(Object obj)
- {
- if (obj instanceof ACLDefinition)
- {
- ACLDefinition other = (ACLDefinition) obj;
- return this.resource.equals(other.resource);
- }
- return false;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see java.lang.Object#hashCode()
- */
- @Override
- public int hashCode()
- {
- return this.resource.hashCode();
- }
-
-}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLDefinitionObject.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLDefinitionObject.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLDefinitionObject.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,124 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.acl.ACLEntry;
+
+/**
+ * Represents the acl-definition entry
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 20, 2010
+ */
+public class ACLDefinitionObject
+{
+ private static Logger logger = Logger.getLogger(ACLDefinitionObject.class);
+
+ protected String resource;
+
+ protected String baseResource;
+
+ protected final Set<ACLEntry> entries = new HashSet<ACLEntry>();
+
+ /**
+ * <p>
+ * Adds a parsed {@code ACLEntry} to the list of entries of this {@code ACLDefinition}.
+ * </p>
+ *
+ * @param entry the {@code ACLEntry} to be added.
+ */
+ public void addACLEntry(Object entry)
+ {
+ logger.debug("addEntry: " + entry);
+
+ if (entry instanceof ACLEntry)
+ this.entries.add((ACLEntry) entry);
+ }
+
+ /**
+ * <p>
+ * Obtains the configured {@code <acl-definition>} resource.
+ * </p>
+ *
+ * @return a {@code String} containing the resource as configured in the XML file.
+ */
+ public String getResource()
+ {
+ return resource;
+ }
+
+ /**
+ * <p>
+ * Obtains the configured {@code <acl-definition>} base-resource, as per the {@code extends} attribute in the XML
+ * file.
+ * </p>
+ *
+ * @return a {@code String} containing the base-resource as configured in the XML file, or {@code null} if no base
+ * resource is available.
+ */
+ public String getBaseResource()
+ {
+ return baseResource;
+ }
+
+ /**
+ * <p>
+ * Obtains the ACL entries that have been configured in this ACL definition.
+ * </p>
+ *
+ * @return a {@code List<ACLEntry>} containing the configured entries.
+ */
+ public Set<ACLEntry> getEntries()
+ {
+ return entries;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj)
+ {
+ if (obj instanceof ACLDefinitionObject)
+ {
+ ACLDefinitionObject other = (ACLDefinitionObject) obj;
+ return this.resource.equals(other.resource);
+ }
+ return false;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode()
+ {
+ return this.resource.hashCode();
+ }
+}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLEntryHolder.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,147 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.acl.config;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.logging.Logger;
-import org.jboss.security.acl.ACLEntry;
-import org.jboss.security.acl.ACLEntryImpl;
-import org.jboss.security.acl.BasicACLPermission;
-import org.jboss.security.acl.CompositeACLPermission;
-import org.jboss.security.identity.Identity;
-import org.jboss.security.identity.plugins.IdentityFactory;
-import org.jboss.xb.binding.GenericValueContainer;
-
-/**
- * <p>
- * A container for creating {@code ACLEntry} objects when a jboss-acl configuration is parsed by JBoss XB.
- * </p>
- *
- * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
- */
-public class ACLEntryHolder implements GenericValueContainer
-{
-
- private static Logger logger = Logger.getLogger(ACLEntryHolder.class);
-
- private Identity identity;
-
- private CompositeACLPermission permission;
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
- */
- public void addChild(QName name, Object value)
- {
- logger.debug("addChild: name=" + name + ", value=" + value);
-
- if ("identity-name".equals(name.getLocalPart()))
- {
- String identityName = (String) value;
- this.identity = this.getIdentityFromString(identityName);
- }
- else if ("permissions".equals(name.getLocalPart()))
- {
- String permissions = (String) value;
- this.permission = this.getPermissionsFromString(permissions);
- }
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#instantiate()
- */
- public Object instantiate()
- {
- return new ACLEntryImpl(this.permission, this.identity);
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#getTargetClass()
- */
- public Class<?> getTargetClass()
- {
- return ACLEntry.class;
- }
-
- /**
- * <p>
- * Creates an {@code Identity} object from the specified {@code identityName} parameter.
- * </p>
- *
- * @param identityName a {@code String} that represents the identity to be built.
- * @return the constructed {@code Identity} instance, or {@code null} if the {@code Identity} object cannot be built.
- */
- private Identity getIdentityFromString(String identityName)
- {
- try
- {
- return IdentityFactory.createIdentity(identityName);
- }
- catch (Exception e)
- {
- logger.debug("Exception caught while constructing Identity object", e);
- return null;
- }
- }
-
- /**
- * <p>
- * Creates a {@code CompositeACLPermission} from the specified {@code permissionString} parameter.
- * </p>
- *
- * @param permissionString a {@code String} containing the permissions assigned to the identity, separated by a comma
- * (e.g. {@code CREATE,READ,UPDATE}).
- * @return the constructed {@code CompositeACLPermission} object.
- */
- private CompositeACLPermission getPermissionsFromString(String permissionString)
- {
- List<BasicACLPermission> permissions = new ArrayList<BasicACLPermission>();
- if (permissionString != null)
- {
- // extract each permission from the permission string.
- String[] elements = permissionString.split(",");
- for (String element : elements)
- {
- try
- {
- permissions.add(BasicACLPermission.valueOf(element));
- }
- catch (RuntimeException re)
- {
- logger.debug("No BasicACLPermission named " + element + " found", re);
- }
- }
- }
-
- return new CompositeACLPermission(permissions.toArray(new BasicACLPermission[permissions.size()]));
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLInfoContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLInfoContainer.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLInfoContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,86 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.acl.config;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.logging.Logger;
-import org.jboss.security.config.ACLInfo;
-import org.jboss.xb.binding.GenericValueContainer;
-
-/**
- * <p>
- * A container for creating {@code ACLInfo} objects when an application policy that specifies ACL modules is parsed by
- * JBoss XB.
- * </p>
- *
- * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
- */
-public class ACLInfoContainer implements GenericValueContainer
-{
- private static Logger log = Logger.getLogger(ACLInfoContainer.class);
-
- private final List<ACLProviderEntry> providerEntries = new ArrayList<ACLProviderEntry>();
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
- */
- public void addChild(QName name, Object value)
- {
- if (log.isTraceEnabled())
- log.trace("addChild:Qname=" + name + ":value=" + value);
-
- if (value instanceof ACLProviderEntry)
- {
- ACLProviderEntry entry = (ACLProviderEntry) value;
- this.providerEntries.add(entry);
- }
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#instantiate()
- */
- public Object instantiate()
- {
- ACLInfo info = new ACLInfo("dummy");
- info.add(providerEntries);
- return info;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#getTargetClass()
- */
- public Class<?> getTargetClass()
- {
- return ACLInfo.class;
- }
-
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLProviderEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLProviderEntryHolder.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/acl/config/ACLProviderEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,125 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.acl.config;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.security.config.ControlFlag;
-import org.jboss.security.config.ModuleOption;
-import org.jboss.xb.binding.GenericValueContainer;
-
-/**
- * <p>
- * A container for creating {@code ACLProviderEntry} objects when an application policy that specifies ACL modules is
- * parsed by JBoss XB.
- * </p>
- *
- * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
- */
-public class ACLProviderEntryHolder implements GenericValueContainer
-{
- private String moduleName = null;
-
- private ControlFlag controlFlag = ControlFlag.REQUIRED;
-
- private final Map<String, Object> moduleOptions = new HashMap<String, Object>();
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
- */
- public void addChild(QName name, Object value)
- {
- // the fully-qualified class name of the ACLProvider.
- if ("code".equals(name.getLocalPart()))
- {
- this.moduleName = (String) value;
- }
- // the control flag.
- if ("flag".equals(name.getLocalPart()))
- {
- String flag = (String) value;
- if ("optional".equals(flag))
- this.controlFlag = ControlFlag.OPTIONAL;
- else if ("requisite".equals(flag))
- this.controlFlag = ControlFlag.REQUISITE;
- else if ("sufficient".equals(flag))
- this.controlFlag = ControlFlag.SUFFICIENT;
- }
- // the options of the ACLProvider.
- if (value instanceof ModuleOption)
- {
- ModuleOption option = (ModuleOption) value;
- this.moduleOptions.put(option.getName(), option.getValue());
- }
- }
-
- /**
- * <p>
- * Adds the specified option to the set of options used by the {@code ACLProvider}.
- * </p>
- *
- * @param option a {@code ModuleOption} instance representing the option to be added.
- */
- public void addOption(ModuleOption option)
- {
- moduleOptions.put(option.getName(), option.getValue());
- }
-
- /**
- * <p>
- * Constructs and returns an {@code ACLProviderEntry} with the information contained in this class.
- * </p>
- *
- * @return a reference to the constructed {@code ACLProviderEntry} object.
- */
- public ACLProviderEntry getEntry()
- {
- return (ACLProviderEntry) instantiate();
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#instantiate()
- */
- public Object instantiate()
- {
- ACLProviderEntry entry = new ACLProviderEntry(this.moduleName, this.moduleOptions);
- entry.setControlFlag(this.controlFlag);
- return entry;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#getTargetClass()
- */
- public Class<?> getTargetClass()
- {
- return ACLProviderEntry.class;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/audit/config/AuditConfigEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/audit/config/AuditConfigEntryHolder.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/audit/config/AuditConfigEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,78 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.audit.config;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.security.config.ModuleOption;
-import org.jboss.xb.binding.GenericValueContainer;
-
-//$Id$
-
-/**
- * A container for creating AuditConfigEntry during jbxb parse
- * @author Anil.Saldhana at redhat.com
- * @since Aug 14, 2007
- * @version $Revision$
- */
-public class AuditConfigEntryHolder implements GenericValueContainer
-{
- private Map<String,Object> moduleOptions = new HashMap<String,Object>();
- String moduleName = null;
-
- public void addChild(QName name, Object value)
- {
- if("code".equals(name.getLocalPart()))
- {
- moduleName = (String)value;
- }
- if(value instanceof ModuleOption)
- {
- ModuleOption mo = (ModuleOption)value;
- moduleOptions.put(mo.getName(),mo.getValue());
- }
- }
-
- public void addOption(ModuleOption option)
- {
- moduleOptions.put(option.getName(), option.getValue());
- }
-
- public AuditProviderEntry getEntry()
- {
- return (AuditProviderEntry)instantiate();
- }
-
- public Object instantiate()
- {
- AuditProviderEntry entry = new AuditProviderEntry( moduleName,moduleOptions );
- return entry;
- }
-
- public Class<?> getTargetClass()
- {
- return AuditProviderEntry.class;
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/container/config/AuthModuleEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/container/config/AuthModuleEntryHolder.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/container/config/AuthModuleEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,83 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.auth.container.config;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.security.config.ModuleOption;
-import org.jboss.xb.binding.GenericValueContainer;
-
-//$Id$
-
-/**
- * JBXB Container for parsing an AuthModuleEntry (A configuration entry for
- * JSR-196 Auth Modules that is similar to the JAAS AppConfigurationEntry)
- * @author <a href="mailto:anil.saldhana at jboss.org>anil.saldhana at jboss.org</a>
- * @since Dec 20, 2005
- */
-public class AuthModuleEntryHolder implements GenericValueContainer
-{
- private Map<String,Object> moduleOptions = new HashMap<String,Object>();
- String moduleName = null;
- String loginModuleStackRefName = null;
-
- public void addChild(QName name, Object value)
- {
- if("code".equals(name.getLocalPart()))
- {
- moduleName = (String)value;
- }
- else if( "login-module-stack-ref".equals(name.getLocalPart()))
- {
- loginModuleStackRefName = (String)value;
- }
- if(value instanceof ModuleOption)
- {
- ModuleOption mo = (ModuleOption)value;
- moduleOptions.put(mo.getName(),mo.getValue());
- }
- }
-
- public void addOption(ModuleOption option)
- {
- moduleOptions.put(option.getName(), option.getValue());
- }
-
- public AuthModuleEntry getEntry()
- {
- return new AuthModuleEntry( moduleName,moduleOptions,loginModuleStackRefName );
- }
-
- public Object instantiate()
- {
- return new AuthModuleEntry( moduleName,moduleOptions,loginModuleStackRefName );
- }
-
- public Class<?> getTargetClass()
- {
- return AuthModuleEntry.class;
- }
-
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AppConfigurationEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AppConfigurationEntryHolder.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AppConfigurationEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,117 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.auth.login;
-
-import java.util.HashMap;
-
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
-import javax.xml.namespace.QName;
-
-import org.jboss.security.config.ModuleOption;
-import org.jboss.xb.binding.GenericValueContainer;
-
-/**
- * A container for creating AppConfigurationEntry during jbxb parse.
- *
- * @author Scott.Stark at jboss.org
- * @version $Revision$
- */
-public class AppConfigurationEntryHolder
- implements GenericValueContainer
-{
- String code;
- LoginModuleControlFlag controlFlag = LoginModuleControlFlag.REQUIRED;
- HashMap<String,Object> options = new HashMap<String,Object>();
-
- // GenericValueContainer should have default ctor
- public AppConfigurationEntryHolder()
- {
- }
-
- AppConfigurationEntryHolder(String code, String flag)
- {
- this.code = code;
- controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
- if (flag != null)
- {
- // Lower case is what is used by the jdk1.4.1 implementation
- flag = flag.toLowerCase();
- if (AppConfigurationEntry.LoginModuleControlFlag.REQUIRED.toString().indexOf(flag) > 0)
- controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
- else if (AppConfigurationEntry.LoginModuleControlFlag.REQUISITE.toString().indexOf(flag) > 0)
- controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
- else if (AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT.toString().indexOf(flag) > 0)
- controlFlag = AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
- else if (AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL.toString().indexOf(flag) > 0)
- controlFlag = AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
- }
- }
-
- public AppConfigurationEntry getEntry()
- {
- AppConfigurationEntry entry = new AppConfigurationEntry(code, controlFlag, options);
- return entry;
- }
-
- public void addOption(ModuleOption option)
- {
- options.put(option.getName(), option.getValue());
- }
-
- // GenericValueContainer impl
-
- public void addChild(QName name, Object value)
- {
- if("code".equals(name.getLocalPart()))
- {
- this.code = (String)value;
- }
- else if("flag".equals(name.getLocalPart()))
- {
- // Lower case is what is used by the jdk1.4.1 implementation
- String flag = ((String)value).toLowerCase();
- if (AppConfigurationEntry.LoginModuleControlFlag.REQUIRED.toString().indexOf(flag) > 0)
- controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
- else if (AppConfigurationEntry.LoginModuleControlFlag.REQUISITE.toString().indexOf(flag) > 0)
- controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
- else if (AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT.toString().indexOf(flag) > 0)
- controlFlag = AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
- else if (AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL.toString().indexOf(flag) > 0)
- controlFlag = AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
- }
- else if("module-option".equals(name.getLocalPart()))
- {
- addOption((ModuleOption)value);
- }
- }
-
- public Object instantiate()
- {
- return new AppConfigurationEntry(code, controlFlag, options);
- }
-
- public Class<?> getTargetClass()
- {
- return AppConfigurationEntry.class;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AuthenticationInfoContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AuthenticationInfoContainer.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AuthenticationInfoContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,116 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.auth.login;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.xml.namespace.QName;
-
-import org.jboss.logging.Logger;
-import org.jboss.security.auth.container.config.AuthModuleEntry;
-import org.jboss.xb.binding.GenericValueContainer;
-
-/**
- * A container for creating AuthenticationInfo during jbxb parse.
- *
- * @author Scott.Stark at jboss.org
- * @author <a href="mailto:anil.saldhana at jboss.org>anil.saldhana at jboss.org</a>
- * @version $Revision$
- */
-public class AuthenticationInfoContainer
- implements GenericValueContainer
-{
- private static Logger log = Logger.getLogger(AuthenticationInfoContainer.class);
-
- BaseAuthenticationInfo info = null;
-
- String authName = null;
-
- @SuppressWarnings("unchecked")
- List moduleEntries = new ArrayList();
-
- @SuppressWarnings("unchecked")
- Map loginModuleStackMap = new HashMap();
-
- boolean isJASPIAuthentication = false;
-
- @SuppressWarnings("unchecked")
- public void addChild(QName name, Object value)
- {
- log.debug("addChild::" + name + ":" + value);
- if("name".equals(name.getLocalPart()))
- {
- authName = (String)value;
- }
- else if( value instanceof AppConfigurationEntryHolder )
- {
- AppConfigurationEntryHolder ace = (AppConfigurationEntryHolder) value;
- moduleEntries.add(ace.getEntry());
- }
- else if( value instanceof AppConfigurationEntry )
- {
- AppConfigurationEntry ace = (AppConfigurationEntry) value;
- moduleEntries.add(ace);
- }
- else if( value instanceof AuthModuleEntry )
- {
- AuthModuleEntry ame = (AuthModuleEntry)value;
- //Check if the authmodule needs a reference to a loginmodulestack
- String lmshName = ame.getLoginModuleStackHolderName();
- if( lmshName != null )
- ame.setLoginModuleStackHolder((LoginModuleStackHolder)loginModuleStackMap.get(lmshName));
- moduleEntries.add(ame);
- this.isJASPIAuthentication = true;
- }
- else if( value instanceof LoginModuleStackHolder )
- {
- LoginModuleStackHolder lmsh = (LoginModuleStackHolder)value;
- loginModuleStackMap.put( lmsh.getName(), lmsh );
- }
- }
-
- @SuppressWarnings("unchecked")
- public Object instantiate()
- {
- if(isJASPIAuthentication == false)
- {
- info = new AuthenticationInfo(authName);
- }
- else
- {
- info = new JASPIAuthenticationInfo(authName);
- }
-
- info.add(moduleEntries);
- return info;
- }
-
- public Class<?> getTargetClass()
- {
- return BaseAuthenticationInfo.class;
- }
-
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/JBossXBParsingUtil.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/JBossXBParsingUtil.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/JBossXBParsingUtil.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,94 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.auth.login;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.net.URL;
-import java.util.ArrayList;
-import java.util.Set;
-
-import org.jboss.security.auth.spi.UsersObjectModelFactory;
-import org.jboss.security.authorization.config.SecurityConfigObjectModelFactory;
-import org.jboss.security.config.ApplicationPolicy;
-import org.jboss.security.config.PolicyConfig;
-import org.jboss.security.config.SecurityConfiguration;
-import org.jboss.xb.binding.Unmarshaller;
-import org.jboss.xb.binding.UnmarshallerFactory;
-
-/**
- * Parsing utility using JBossXB
- * @author Anil.Saldhana at redhat.com
- * @since May 30, 2008
- */
-public class JBossXBParsingUtil
-{
- private XMLLoginConfigImpl xmlConfig = XMLLoginConfigImpl.getInstance();
-
- public void parse(URL loginConfigURL, ArrayList<String> configNames) throws Exception
- {
- LoginConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
- UsersObjectModelFactory uomf = new UsersObjectModelFactory();
-
- InputStreamReader xmlReader = loadURL(loginConfigURL);
- Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
- unmarshaller.mapFactoryToNamespace(uomf, "http://www.jboss.org/j2ee/schemas/XMLLoginModule");
- Object root = null;
- PolicyConfig config = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, root);
- Set<String> cnames = config.getConfigNames();
- configNames.addAll(cnames);
- xmlConfig.copy(config);
-
- // Add the config to SecurityConfiguration
- for (String cname : cnames)
- {
- ApplicationPolicy ap = config.get(cname);
- SecurityConfiguration.addApplicationPolicy(ap);
- handleJASPIDelegation(ap);
- }
-
- }
-
- private void handleJASPIDelegation(ApplicationPolicy aPolicy)
- {
- BaseAuthenticationInfo bai = aPolicy.getAuthenticationInfo();
- if (bai instanceof JASPIAuthenticationInfo)
- {
- JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
- LoginModuleStackHolder[] lmsharr = jai.getLoginModuleStackHolder();
- for (LoginModuleStackHolder lmsh : lmsharr)
- {
- xmlConfig.addAppConfig(lmsh.getName(), lmsh.getAppConfigurationEntry());
- }
- }
- }
-
- private InputStreamReader loadURL(URL configURL) throws IOException
- {
- InputStream is = configURL.openStream();
- if (is == null)
- throw new IOException("Failed to obtain InputStream from url: " + configURL);
- InputStreamReader xmlReader = new InputStreamReader(is);
- return xmlReader;
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/LoginConfigObjectModelFactory.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/LoginConfigObjectModelFactory.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/LoginConfigObjectModelFactory.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,361 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.auth.login;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.security.auth.login.AppConfigurationEntry;
-
-import org.jboss.logging.Logger;
-import org.jboss.security.auth.container.config.AuthModuleEntry;
-import org.jboss.security.config.ApplicationPolicy;
-import org.jboss.security.config.ControlFlag;
-import org.jboss.security.config.ModuleOption;
-import org.jboss.security.config.PolicyConfig;
-import org.jboss.util.StringPropertyReplacer;
-import org.jboss.xb.binding.ObjectModelFactory;
-import org.jboss.xb.binding.UnmarshallingContext;
-import org.xml.sax.Attributes;
-
-/**
- * A JBossXB object factory for parsing the login-config.xml object model.
- *
- * @author Scott.Stark at jboss.org
- * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil.Saldhana at jboss.org</a>
- * @version $Revision$
- */
-public class LoginConfigObjectModelFactory implements ObjectModelFactory
-{
- private static Logger log = Logger.getLogger(LoginConfigObjectModelFactory.class);
-
- private boolean trace;
-
- protected final Map<String, ControlFlag> controlFlags;
-
- public LoginConfigObjectModelFactory()
- {
- this.controlFlags = new HashMap<String, ControlFlag>();
- controlFlags.put("REQUIRED", ControlFlag.REQUIRED);
- controlFlags.put("REQUISITE", ControlFlag.REQUISITE);
- controlFlags.put("OPTIONAL", ControlFlag.OPTIONAL);
- controlFlags.put("SUFFICIENT", ControlFlag.SUFFICIENT);
- }
-
- public Object completeRoot(Object root, UnmarshallingContext ctx, String uri, String name)
- {
- if (trace)
- log.trace("completeRoot");
- return root;
- }
-
- public Object newRoot(Object root, UnmarshallingContext navigator, String namespaceURI, String localName,
- Attributes attrs)
- {
- trace = log.isTraceEnabled();
- if (!localName.equals("policy"))
- {
- throw new IllegalStateException("Unexpected root element: was expecting 'policy' but got '" + localName + "'");
- }
- if (trace)
- log.trace("newRoot, created PolicyConfig for policy element");
- return new PolicyConfig();
- }
-
- public Object newChild(PolicyConfig config, UnmarshallingContext navigator, String namespaceUri, String localName,
- Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.PolicyConfig, localName: " + localName);
- if ("application-policy".equals(localName))
- {
- String name = attrs.getValue("name");
- name = StringPropertyReplacer.replaceProperties(name);
- ApplicationPolicy aPolicy = new ApplicationPolicy(name);
- aPolicy.setPolicyConfig(config);
- String baseAppPolicyName = attrs.getValue("extends");
- if (baseAppPolicyName != null)
- aPolicy.setBaseApplicationPolicyName(baseAppPolicyName);
- if (trace)
- log.trace("newChild.PolicyConfig, AuthenticationInfo: " + name);
- child = aPolicy;
- }
- return child;
- }
-
- public Object newChild(ApplicationPolicy aPolicy, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.ApplicationPolicy, localName: " + localName);
- String name = aPolicy.getName();
- if ("authentication".equals(localName))
- {
- child = new AuthenticationInfo(name);
- if (trace)
- log.trace("newChild.PolicyConfig, AuthenticationInfo: " + name);
- }
- else if ("authentication-jaspi".equals(localName))
- {
- child = new JASPIAuthenticationInfo(name);
- if (trace)
- log.trace("newChild.PolicyConfig, AuthenticationInfo: " + name);
- }
- return child;
- }
-
- public Object newChild(BaseAuthenticationInfo info, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.AuthenticationInfo, localName: " + localName);
- if ("authentication".equals(localName))
- {
- child = new AuthenticationInfo(info.getName());
- if (trace)
- log.trace("newChild.PolicyConfig, AuthenticationInfo: " + info.getName());
- }
- else if ("authentication-jaspi".equals(localName))
- {
- child = new JASPIAuthenticationInfo(info.getName());
- if (trace)
- log.trace("newChild.PolicyConfig, AuthenticationInfo: " + info.getName());
- }
- return child;
- }
-
- public Object newChild(AuthenticationInfo info, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.AuthenticationInfo, localName: " + localName);
- if ("login-module".equals(localName))
- {
- String code = attrs.getValue("code");
- code = StringPropertyReplacer.replaceProperties(code.trim());
- String flag = attrs.getValue("flag");
- if (flag != null)
- flag = StringPropertyReplacer.replaceProperties(flag.trim());
- AppConfigurationEntryHolder holder = new AppConfigurationEntryHolder(code, flag);
- child = holder;
- if (trace)
- log.trace("newChild.AuthenticationInfo, login-module code: " + code);
- }
-
- return child;
- }
-
- public Object newChild(JASPIAuthenticationInfo info, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.AuthenticationJaspiInfo, localName: " + localName);
- if ("login-module-stack".equals(localName))
- {
- String lmsName = attrs.getValue("name");
- lmsName = StringPropertyReplacer.replaceProperties(lmsName.trim());
- child = new LoginModuleStackHolder(lmsName, null);
- if (trace)
- log.trace("newChild.AuthenticationInfo, login-module-stack: " + lmsName);
- }
- else if ("auth-module".equals(localName))
- {
- String code = attrs.getValue("code");
- AuthModuleEntry authModuleEntry = new AuthModuleEntry(code, null, null);
-
- String flag = attrs.getValue("flag");
- authModuleEntry.setControlFlag(getControlFlag(flag));
-
- String lmsRef = attrs.getValue("login-module-stack-ref");
- if (lmsRef != null)
- authModuleEntry.setLoginModuleStackHolder(info.getLoginModuleStackHolder(lmsRef));
- child = authModuleEntry;
- }
-
- return child;
- }
-
- public Object newChild(LoginModuleStackHolder entry, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.LoginModuleStackHolder, localName: " + localName);
- if ("login-module".equals(localName))
- {
- String code = attrs.getValue("code");
- code = StringPropertyReplacer.replaceProperties(code.trim());
- String flag = attrs.getValue("flag");
- flag = StringPropertyReplacer.replaceProperties(flag.trim());
- AppConfigurationEntryHolder holder = new AppConfigurationEntryHolder(code, flag);
- child = holder;
- if (trace)
- log.trace("newChild.AuthenticationInfo, login-module code: " + code);
- }
-
- return child;
- }
-
- public Object newChild(AppConfigurationEntryHolder entry, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.AppConfigurationEntryHolder, localName: " + localName);
- if ("module-option".equals(localName))
- {
- String name = attrs.getValue("name");
- child = new ModuleOption(name);
- if (trace)
- log.trace("newChild.AppConfigurationEntryHolder, module-option name: " + name);
- }
-
- return child;
- }
-
- public Object newChild(AuthModuleEntry entry, UnmarshallingContext navigator, String namespaceUri, String localName,
- Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.AppConfigurationEntryHolder, localName: " + localName);
- if ("module-option".equals(localName))
- {
- String name = attrs.getValue("name");
- child = new ModuleOption(name);
- if (trace)
- log.trace("newChild.AuthModuleEntry, module-option name: " + name);
- }
-
- return child;
- }
-
- public void setValue(ModuleOption option, UnmarshallingContext navigator, String namespaceUri, String localName,
- String value)
- {
- if ("module-option".equals(localName))
- {
- String valueWithReplacement = StringPropertyReplacer.replaceProperties(value.trim());
- option.setValue(valueWithReplacement);
- if (trace)
- log.trace("setValue.ModuleOption, name: " + localName + ":valueWithReplacement:" + valueWithReplacement);
- }
- }
-
- public void addChild(ModuleOption option, Object value, UnmarshallingContext navigator, String namespaceURI,
- String localName)
- {
- option.setValue(value);
- if (trace)
- log.trace("addChild.ModuleOption, name: " + option.getName());
- }
-
- public void addChild(AuthenticationInfo authInfo, AppConfigurationEntryHolder entryInfo,
- UnmarshallingContext navigator, String namespaceURI, String localName)
- {
- AppConfigurationEntry entry = entryInfo.getEntry();
- authInfo.addAppConfigurationEntry(entry);
- if (trace)
- log.trace("addChild.AuthenticationInfo, name: " + entry.getLoginModuleName());
- }
-
- public void addChild(AppConfigurationEntryHolder entryInfo, ModuleOption option, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- entryInfo.addOption(option);
- if (trace)
- log.trace("addChild.AppConfigurationEntryHolder, name: " + option.getName());
- }
-
- public void addChild(JASPIAuthenticationInfo authInfo, AuthModuleEntry entry, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- authInfo.add(entry);
- }
-
- public void addChild(LoginModuleStackHolder lmsh, AppConfigurationEntryHolder entryInfo,
- UnmarshallingContext navigator, String namespaceURI, String localName)
- {
- lmsh.addAppConfigurationEntry(entryInfo.getEntry());
- if (trace)
- log.trace("addChild.LoginModuleStackHolder, name: " + entryInfo.getEntry().getLoginModuleName());
- }
-
- public void addChild(AuthModuleEntry entry, ModuleOption option, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- entry.addOption(option);
- if (trace)
- log.trace("addChild.AppConfigurationEntryHolder, name: " + option.getName());
- }
-
- public void addChild(JASPIAuthenticationInfo authInfo, LoginModuleStackHolder lmsHolder,
- UnmarshallingContext navigator, String namespaceURI, String localName)
- {
- authInfo.add(lmsHolder);
- }
-
- public void addChild(ApplicationPolicy aPolicy, JASPIAuthenticationInfo authInfo, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- aPolicy.setAuthenticationInfo(authInfo);
- if (trace)
- log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
- }
-
- public void addChild(ApplicationPolicy aPolicy, AuthenticationInfo authInfo, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- aPolicy.setAuthenticationInfo(authInfo);
- if (trace)
- log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
- }
-
- public void addChild(PolicyConfig pc, ApplicationPolicy aPolicy, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- pc.add(aPolicy);
- if (trace)
- log.trace("Added ApplicationPolicy to PolicyConfig, name: " + aPolicy.getName());
- }
-
- public ControlFlag getControlFlag(String flag)
- {
- ControlFlag controlFlag = null;
-
- if(flag != null)
- {
- flag = StringPropertyReplacer.replaceProperties(flag.trim());
- controlFlag = this.controlFlags.get(flag.toUpperCase());
- }
- if (controlFlag == null)
- controlFlag = ControlFlag.REQUIRED;
-
- return controlFlag;
- }
-
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/LoginModuleStackContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/LoginModuleStackContainer.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/LoginModuleStackContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,66 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.auth.login;
-
-import java.util.ArrayList;
-
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.xml.namespace.QName;
-
-import org.jboss.xb.binding.GenericValueContainer;
-
-//$Id$
-
-/**
- * A container for creating LoginModuleStack during jbxb parse.
- * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
- * @since Dec 24, 2005
- * @version $Revision$
- */
- at SuppressWarnings("unchecked")
-public class LoginModuleStackContainer implements GenericValueContainer
-{
- String lmsName = null;
-
- private ArrayList appEntries = new ArrayList();
-
- public void addChild(QName name, Object value)
- {
- if("name".equals(name.getLocalPart()))
- {
- lmsName = (String)value;
- }
- if( value instanceof AppConfigurationEntry)
- appEntries.add(value);
- }
-
- public Object instantiate()
- {
- return new LoginModuleStackHolder(lmsName, appEntries);
- }
-
- public Class getTargetClass()
- {
- return LoginModuleStackHolder.class;
- }
-
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/ModuleOptionContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/ModuleOptionContainer.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/ModuleOptionContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,92 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.auth.login;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.security.config.ModuleOption;
-import org.jboss.xb.binding.GenericValueContainer;
-
-/**
- * ModuleOption declares a constructor that takes name as a parameter while the
- * value should be set with the setter. This use-case is not supported
- * out-of-the-box by jbxb, so, we use this container.
- *
- * @author <a href="mailto:alex at jboss.org">Alexey Loubyansky</a>
- * @version <tt>$Revision$</tt>
- */
-public class ModuleOptionContainer
- implements GenericValueContainer
-{
- private String name;
- private Object value;
-
-
- /**
- @return - the option value
- */
- public Object getValue()
- {
- return value;
- }
-
- /**
- Setter used when the module option is passed as the text body of the
- module-option element.
-
- @param value - text value
- */
- public void setValue(Object value)
- {
- this.value = value;
- }
-
- /**
- Add attributes or nested element content.
-
- @param name - the attribute or element name
- @param value - the attribute or element value
- */
- public void addChild(QName name, Object value)
- {
- if("name".equals(name.getLocalPart()))
- {
- this.name = (String)value;
- }
- else
- {
- this.value = value;
- }
- }
-
- public Object instantiate()
- {
- ModuleOption option = new ModuleOption(name);
- option.setValue(value);
- return option;
- }
-
- public Class<?> getTargetClass()
- {
- return ModuleOption.class;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/SunConfigParser.jj
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/SunConfigParser.jj 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/SunConfigParser.jj 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,265 +0,0 @@
-/* JBoss, the OpenSource J2EE WebOS
- *
- * Distributable under LGPL license.
- * See terms of license at gnu.org.
- */
-
-options {
- LOOKAHEAD=1;
- DEBUG_PARSER=true;
- DEBUG_LOOKAHEAD=true;
- DEBUG_TOKEN_MANAGER=false;
-}
-
-PARSER_BEGIN(SunConfigParser)
-
-package org.jboss.security.auth.login;
-
-import java.io.Reader;
-import java.io.StringReader;
-import java.util.ArrayList;
-import java.util.HashMap;
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
-
-/**
- * A JavaCC 2.1 grammar for the default JAAS configuration file provided by Sun.
- * The format of an entry is:
- Application {
- ModuleClass Flag ModuleOptions;
- ModuleClass Flag ModuleOptions;
- ModuleClass Flag ModuleOptions;
- };
-
- * @see http://www.webgain.com/products/metamata/java_doc.html
- *
- * @author Scott.Stark at jboss.org
- * @version $Revision: 16662 $
- */
-public class SunConfigParser
-{
- private XMLLoginConfigImpl loginConfig;
-
- public SunConfigParser()
- {
- // keep the parser from feaking out, init using one of
- // the JavaCC generated constructor
- this(new StringReader(""));
- }
-
- public void parse(Reader configFile, XMLLoginConfigImpl loginConfig)
- throws ParseException
- {
- parse(configFile, loginConfig, false);
- }
-
- public void parse(Reader configFile, XMLLoginConfigImpl loginConfig, boolean trace)
- throws ParseException
- {
- ReInit(configFile);
-
- // This will have no effect unless the debugging options are true
- if (trace)
- {
- this.enable_tracing();
- }
- else
- {
- this.disable_tracing();
- }
-
- this.loginConfig = loginConfig;
- this.config();
- }
-
- /**
- * Strip off the leading and trailing (quote) chars from the given string
- * and return it. Does not actually check to make sure they are '\'' chars.
- */
- private String stripQuotes(String image)
- {
- return image.substring(1, image.length() - 1);
- }
-
- public static void doParse(Reader configFile, XMLLoginConfigImpl loginConfig)
- throws ParseException
- {
- doParse(configFile, loginConfig, false);
- }
-
- public static void doParse(Reader configFile, XMLLoginConfigImpl loginConfig, boolean trace)
- throws ParseException
- {
- SunConfigParser parser = new SunConfigParser();
- parser.parse(configFile, loginConfig, trace);
- }
-}
-
-PARSER_END(SunConfigParser)
-
-/* IGNORE WHITESPACE */
-
-SKIP :
-{
- " "
- | "\r"
- | "\t"
- | "\n"
-}
-
-
-SPECIAL_TOKEN : /* COMMENTS */
-{
- <SINGLE_LINE_COMMENT: ("//"|"#") (~["\n","\r"])* ("\n"|"\r"|"\r\n")>
-| <MULTI_LINE_COMMENT: "/*" (~["*"])* "*" ("*" | (~["*","/"] (~["*"])* "*"))* "/">
-}
-
-TOKEN :
-{
- < OPEN_BKT: "{" >
- | < CLOSE_BKT: "}" >
- | < SEMI_COLON: ";" >
- | < EQUALS: "=" >
-
-}
-
-/* Literals */
-
-TOKEN :
-{
- < LONG: ( ["0" - "9"] )+ >
- | < DOUBLE: <FLOAT>
- | <FLOAT> ( ["e","E"] ([ "-","+"])? <LONG> )?
- >
- | < #FLOAT: <LONG> ( "." (<LONG>)? )
- | "." <LONG>
- >
- | < STRING:
- (
- "'"
- ( (~["'","\n","\r"])
- | ("''")
- )*
- "'"
- )
- |
- (
- "\""
- ( (~["\"","\n","\r"])
- | ("\"\"")
- )*
- "\""
- ) >
-}
-
-TOKEN [IGNORE_CASE]:
-{
- <CONTROL_FLAG: "required" | "requisite" | "sufficient" | "optional">
-|
- <IDENTIFIER: <LETTER> (<LETTER>|<DIGIT>|"-"|"_")* >
-|
- <CLASSNAME: <LETTER> (<LETTER>|<DIGIT>)* ("." <LETTER> (<LETTER>|<DIGIT>)*)* >
-|
- <#LETTER: [ "_","$", "a"-"z", "A"-"Z" ] >
-|
- <#DIGIT: ["0" - "9"] >
-|
- <ANY: (<NOTSPACE_EQUALS>)+ >
-|
- <#NOTSPACE_EQUALS: (~[" ","\t","\n","\r","=",";"]) >
-}
-
-/** Start of the grammar */
-
-void config() :
-{
-}
-{
- ( appConfig() )* <EOF>
-}
-
-void appConfig() :
-{
- Token t = null;
- String appName;
- AppConfigurationEntry entry;
- ArrayList entries = new ArrayList();
-}
-{
- t=<IDENTIFIER> { appName = t.image; } <OPEN_BKT>
- (
- entry = loginModuleConfig()
- {
- entries.add(entry);
- }
- ) +
- <CLOSE_BKT> <SEMI_COLON>
- {
- AppConfigurationEntry[] appConfig = new AppConfigurationEntry[entries.size()];
- entries.toArray(appConfig);
- loginConfig.addAppConfig(appName, appConfig);
- }
-}
-
-AppConfigurationEntry loginModuleConfig() :
-{
- Token t = null;
- String loginModuleClassName;
- HashMap optionsMap = new HashMap();
- LoginModuleControlFlag controlFlag;
- AppConfigurationEntry entry;
-}
-{
- t=<CLASSNAME> { loginModuleClassName = t.image; }
- controlFlag = controlFlag()
- ( moduleOptions(optionsMap) )*
- <SEMI_COLON>
- {
- entry = new AppConfigurationEntry(loginModuleClassName, controlFlag, optionsMap);
- return entry;
- }
-}
-
-LoginModuleControlFlag controlFlag() :
-{
- Token t;
- LoginModuleControlFlag flag = null;
-}
-{
- t=<CONTROL_FLAG>
- {
- if( LoginModuleControlFlag.REQUIRED.toString().indexOf(t.image) > 0 )
- flag = LoginModuleControlFlag.REQUIRED;
- else if( LoginModuleControlFlag.REQUISITE.toString().indexOf(t.image) > 0 )
- flag = LoginModuleControlFlag.REQUISITE;
- else if( LoginModuleControlFlag.SUFFICIENT.toString().indexOf(t.image) > 0 )
- flag = LoginModuleControlFlag.SUFFICIENT;
- else if( LoginModuleControlFlag.OPTIONAL.toString().indexOf(t.image) > 0 )
- flag = LoginModuleControlFlag.OPTIONAL;
- return flag;
- }
-}
-
-void moduleOptions(HashMap optionsMap) :
-{
- Token t;
- String name, value;
-}
-{
- ( t=<IDENTIFIER> | t=<CLASSNAME> )
- { name = t.image; }
- <EQUALS>
- (
- ( t=<IDENTIFIER> | t=<CLASSNAME> | t=<DOUBLE> | t=<LONG> | t=<ANY> )
- {
- value = t.image;
- optionsMap.put(name, value);
- }
- | t=<STRING>
- {
- value = stripQuotes(t.image);
- optionsMap.put(name, value);
- }
- )
-}
-
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,449 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.auth.login;
-
-import java.io.File;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.Serializable;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.util.ArrayList;
-
-import javax.security.auth.AuthPermission;
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
-
-import org.jboss.logging.Logger;
-import org.jboss.security.config.ApplicationPolicy;
-import org.jboss.security.config.ApplicationPolicyRegistration;
-import org.jboss.security.config.PolicyConfig;
-import org.jboss.security.config.SecurityConfiguration;
-
-/**
- * An concrete implementation of the javax.security.auth.login.Configuration class that parses an xml configuration of
- * the form:
- *
- * <policy> <application-policy name = "test-domain"> <authentication> <login-module code =
- * "org.jboss.security.plugins.samples.IdentityLoginModule" flag = "required"> <module-option name = "principal">starksm</module-option>
- * </login-module> </authentication> </application-policy> </policy>
- *
- * @see javax.security.auth.login.Configuration
- *
- * @author Scott.Stark at jboss.org
- * @author Anil.Saldhana at jboss.org
- * @version $Revision: 57482 $
- */
-public class XMLLoginConfigImpl extends Configuration implements Serializable, ApplicationPolicyRegistration
-{
- /** The serialVersionUID */
- private static final long serialVersionUID = -8965860493224188277L;
-
- private static final String DEFAULT_APP_CONFIG_NAME = "other";
-
- private static final AuthPermission REFRESH_PERM = new AuthPermission("refreshLoginConfiguration");
-
- private static Logger log = Logger.getLogger(XMLLoginConfigImpl.class);
- private boolean trace = log.isTraceEnabled();
-
- transient PolicyConfig appConfigs = new PolicyConfig();
-
- /** The URL to the XML or Sun login configuration */
- protected URL loginConfigURL;
-
- /** The inherited configuration we delegate to */
- protected Configuration parentConfig;
-
- /** A flag indicating if XML configs should be validated */
- private boolean validateDTD = true;
-
- private static final XMLLoginConfigImpl instance = new XMLLoginConfigImpl();
-
- /**
- * <p>
- * Private constructor to implement the singleton pattern.
- * </p>
- */
- private XMLLoginConfigImpl()
- {
- }
-
- /**
- * <p>
- * Obtains a reference to the singleton.
- * </p>
- *
- * @return a reference to the singleton {@code XMLLoginConfigImpl} instance.
- */
- public static XMLLoginConfigImpl getInstance()
- {
- return instance;
- }
-
- // --- Begin Configuration method overrrides
- @Override
- public void refresh()
- {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null)
- sm.checkPermission(REFRESH_PERM);
- if (log.isTraceEnabled())
- log.trace("Begin refresh");
- appConfigs.clear();
- loadConfig();
- if (log.isTraceEnabled())
- log.trace("End refresh");
- }
-
- @Override
- public AppConfigurationEntry[] getAppConfigurationEntry(String appName)
- {
- if (log.isTraceEnabled())
- log.trace("Begin getAppConfigurationEntry(" + appName + "), size=" + appConfigs.size());
-
- // Load the config if PolicyConfig is empty
- if (this.appConfigs.size() == 0)
- this.loadConfig();
-
- AppConfigurationEntry[] entry = null;
- ApplicationPolicy aPolicy = this.getApplicationPolicy(appName);
- BaseAuthenticationInfo authInfo = null;
- if (aPolicy != null)
- authInfo = aPolicy.getAuthenticationInfo();
-
- if (authInfo == null)
- {
- if (log.isTraceEnabled())
- log.trace("getAppConfigurationEntry(" + appName + "), no entry in appConfigs, tyring parentCont: "
- + parentConfig);
- if (parentConfig != null)
- entry = parentConfig.getAppConfigurationEntry(appName);
- if (entry == null)
- {
- if (log.isTraceEnabled())
- log.trace("getAppConfigurationEntry(" + appName + "), no entry in parentConfig, trying: "
- + DEFAULT_APP_CONFIG_NAME);
- }
- ApplicationPolicy defPolicy = appConfigs.get(DEFAULT_APP_CONFIG_NAME);
- authInfo = defPolicy != null ? (AuthenticationInfo) defPolicy.getAuthenticationInfo() : null;
- }
-
- if (authInfo != null)
- {
- if (log.isTraceEnabled())
- log.trace("End getAppConfigurationEntry(" + appName + "), authInfo=" + authInfo);
- // Make a copy of the authInfo object
- final BaseAuthenticationInfo theAuthInfo = authInfo;
- PrivilegedAction<AppConfigurationEntry[]> action = new PrivilegedAction<AppConfigurationEntry[]>()
- {
- public AppConfigurationEntry[] run()
- {
- return theAuthInfo.copyAppConfigurationEntry();
- }
- };
- entry = AccessController.doPrivileged(action);
- }
- else
- {
- if (log.isTraceEnabled())
- log.trace("End getAppConfigurationEntry(" + appName + "), failed to find entry");
- }
-
- return entry;
- }
-
- // --- End Configuration method overrrides
-
- /**
- * Set the URL of the XML login configuration file that should be loaded by this mbean on startup.
- */
- public URL getConfigURL()
- {
- return loginConfigURL;
- }
-
- /**
- * Set the URL of the XML login configuration file that should be loaded by this mbean on startup.
- */
- public void setConfigURL(URL loginConfigURL)
- {
- this.loginConfigURL = loginConfigURL;
- }
-
- public void setConfigResource(String resourceName) throws IOException
- {
- ClassLoader tcl = SecurityActions.getContextClassLoader();
- loginConfigURL = tcl.getResource(resourceName);
- if (loginConfigURL == null)
- throw new IOException("Failed to find resource: " + resourceName);
- }
-
- public void setParentConfig(Configuration parentConfig)
- {
- this.parentConfig = parentConfig;
- }
-
- /**
- * Get whether the login config xml document is validated againsts its DTD
- */
- public boolean getValidateDTD()
- {
- return this.validateDTD;
- }
-
- /**
- * Set whether the login config xml document is validated againsts its DTD
- */
- public void setValidateDTD(boolean flag)
- {
- this.validateDTD = flag;
- }
-
- /**
- * @see ApplicationPolicyRegistration#addApplicationPolicy(String, ApplicationPolicy)
- */
- public void addApplicationPolicy(String appName, ApplicationPolicy aPolicy)
- {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null)
- sm.checkPermission(REFRESH_PERM);
- appConfigs.add(aPolicy);
- handleJASPIDelegation(aPolicy);
- SecurityConfiguration.addApplicationPolicy(aPolicy);
- }
-
- /**
- * Add an application configuration
- */
- public void addAppConfig(String appName, AppConfigurationEntry[] entries)
- {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null)
- sm.checkPermission(REFRESH_PERM);
- AuthenticationInfo authInfo = new AuthenticationInfo(appName);
- authInfo.setAppConfigurationEntry(entries);
- if (log.isTraceEnabled())
- log.trace("addAppConfig(" + appName + "), authInfo=" + authInfo);
- ApplicationPolicy aPolicy = new ApplicationPolicy(appName, authInfo);
- appConfigs.add(aPolicy);
- SecurityConfiguration.addApplicationPolicy(aPolicy);
- }
-
- public void copy(PolicyConfig policyConfig)
- {
- this.appConfigs.copy(policyConfig);
- }
-
- /**
- * @deprecated
- * @see #removeApplicationPolicy(String)
- * @param appName
- */
- @Deprecated
- public void removeAppConfig(String appName)
- {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null)
- sm.checkPermission(REFRESH_PERM);
- if (log.isTraceEnabled())
- log.trace("removeAppConfig, appName=" + appName);
- appConfigs.remove(appName);
- SecurityConfiguration.removeApplicationPolicy(appName);
- }
-
- /**
- * @see ApplicationPolicyRegistration#getApplicationPolicy(String)
- */
- public ApplicationPolicy getApplicationPolicy(String domainName)
- {
- if (appConfigs == null || appConfigs.size() == 0)
- loadConfig();
- ApplicationPolicy aPolicy = null;
- if(appConfigs != null )
- aPolicy = appConfigs.get(domainName);
- if (aPolicy != null)
- SecurityConfiguration.addApplicationPolicy(aPolicy);
- return aPolicy;
- }
-
- /**
- * @see ApplicationPolicyRegistration#removeApplicationPolicy(String)
- */
- public boolean removeApplicationPolicy(String appName)
- {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null)
- sm.checkPermission(REFRESH_PERM);
- if (log.isTraceEnabled())
- log.trace("removeAppConfig, appName=" + appName);
- appConfigs.remove(appName);
- SecurityConfiguration.removeApplicationPolicy(appName);
- return true;
- }
-
- /**
- * Method that returns the parsed AuthenticationInfo needed by the JASPI framework until a seperate Configuration
- * mechanism for JASPI is established
- *
- * @return the parsed AuthenticationInfo object
- */
- public BaseAuthenticationInfo getAuthenticationInfo(String domainName)
- {
- ApplicationPolicy aPolicy = getApplicationPolicy(domainName);
- return aPolicy != null ? aPolicy.getAuthenticationInfo() : null;
- }
-
- public void clear()
- {
-
- }
-
- /**
- * Called to try to load the config from the java.security.auth.login.config property value when there is no
- * loginConfigURL.
- */
- public void loadConfig()
- {
- // Try to load the java.security.auth.login.config property
- String loginConfig = System.getProperty("java.security.auth.login.config");
- if (loginConfig == null)
- loginConfig = "login-config.xml";
-
- // If there is no loginConfigURL build it from the loginConfig
- if (loginConfigURL == null)
- {
- try
- {
- // Try as a URL
- loginConfigURL = new URL(loginConfig);
- }
- catch (MalformedURLException e)
- {
- // Try as a resource
- try
- {
- setConfigResource(loginConfig);
- }
- catch (IOException ignore)
- {
- // Try as a file
- File configFile = new File(loginConfig);
- try
- {
- setConfigURL(configFile.toURL());
- }
- catch (MalformedURLException ignore2)
- {
- }
- }
- }
- }
-
- if (loginConfigURL == null)
- {
- log.warn("Failed to find config: " + loginConfig);
- return;
- }
-
- if (log.isTraceEnabled())
- log.trace("Begin loadConfig, loginConfigURL=" + loginConfigURL);
- // Try to load the config if found
- try
- {
- loadConfig(loginConfigURL);
- if (log.isTraceEnabled())
- log.trace("End loadConfig, loginConfigURL=" + loginConfigURL);
- }
- catch (Exception e)
- {
- log.warn("End loadConfig, failed to load config: " + loginConfigURL, e);
- }
- }
-
- @SuppressWarnings("unchecked")
- protected String[] loadConfig(URL config) throws Exception
- {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null)
- sm.checkPermission(REFRESH_PERM);
-
- ArrayList configNames = new ArrayList();
- log.debug("Try loading config as XML, url=" + config);
- try
- {
- loadXMLConfig(config, configNames);
- }
- catch (Throwable e)
- {
- if(trace)
- {
- log.debug("Failed to load config as XML", e);
- log.debug("Try loading config as Sun format, url=" + config);
- }
- loadSunConfig(config, configNames);
- }
- String[] names = new String[configNames.size()];
- configNames.toArray(names);
- return names;
- }
-
- /**
- * Handle the case when JASPI Info may have login module stack holder which delegates to a login module stack
- *
- * @param aPolicy
- */
- private void handleJASPIDelegation(ApplicationPolicy aPolicy)
- {
- BaseAuthenticationInfo bai = aPolicy.getAuthenticationInfo();
- if (bai instanceof JASPIAuthenticationInfo)
- {
- JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
- LoginModuleStackHolder[] lmsharr = jai.getLoginModuleStackHolder();
- for (LoginModuleStackHolder lmsh : lmsharr)
- {
- this.addAppConfig(lmsh.getName(), lmsh.getAppConfigurationEntry());
- }
- }
- }
-
- @SuppressWarnings("unchecked")
- private void loadSunConfig(URL sunConfig, ArrayList configNames) throws Exception
- {
- InputStream is = sunConfig.openStream();
- if (is == null)
- throw new IOException("InputStream is null for: " + sunConfig);
-
- InputStreamReader configFile = new InputStreamReader(is);
- boolean trace = log.isTraceEnabled();
- SunConfigParser.doParse(configFile, this, trace);
- }
-
- @SuppressWarnings("unchecked")
- private void loadXMLConfig(URL loginConfigURL, ArrayList configNames) throws Exception
- {
- JBossXBParsingUtil xbUtil = new JBossXBParsingUtil();
- xbUtil.parse(loginConfigURL, configNames);
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsersObjectModelFactory.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsersObjectModelFactory.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/UsersObjectModelFactory.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,103 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.auth.spi;
-
-import org.jboss.logging.Logger;
-import org.jboss.xb.binding.ObjectModelFactory;
-import org.jboss.xb.binding.UnmarshallingContext;
-import org.xml.sax.Attributes;
-
-/** A JBossXB object factory for parsing the
- * @author Scott.Stark at jboss.org
- * @version $Revision$
- */
-public class UsersObjectModelFactory implements ObjectModelFactory
-{
- private static Logger log = Logger.getLogger(UsersObjectModelFactory.class);
- private boolean trace = log.isTraceEnabled();
-
- public Object newRoot(Object root, UnmarshallingContext navigator,
- String namespaceURI, String localName, Attributes attrs)
- {
- if (!localName.equals("users"))
- {
- throw new IllegalStateException("Unexpected root element: was expecting 'users' but got '" + localName + "'");
- }
- if(trace)
- log.trace("newRoot, root="+root);
- return new Users();
- }
-
- public Object completeRoot(Object root, UnmarshallingContext ctx, String uri, String name)
- {
- return root;
- }
-
- public void setValue(Users users, UnmarshallingContext navigator,
- String namespaceUri, String localName, String value)
- {
- }
-
- public Object newChild(Users users, UnmarshallingContext navigator,
- String namespaceUri, String localName, Attributes attrs)
- {
- Users.User child = null;
- if("user".equals(localName))
- {
- String name = attrs.getValue("name");
- child = new Users.User(name);
- String password = attrs.getValue("password");
- child.setPassword(password);
- String encoding = attrs.getValue("encoding");
- child.setEncoding(encoding);
- if(trace)
- log.trace("newChild, user="+child);
- }
- return child;
- }
-
- public void addChild(Users users, Users.User user,
- UnmarshallingContext navigator, String namespaceURI, String localName)
- {
- users.addUser(user);
- }
-
- public Object newChild(Users.User user, UnmarshallingContext navigator,
- String namespaceUri, String localName, Attributes attrs)
- {
- String[] roleInfo = {null, "Roles"};
- if("role".equals(localName))
- {
- roleInfo[0] = attrs.getValue("name");
- roleInfo[1] = attrs.getValue("group");
- if( roleInfo[1] == null )
- roleInfo[1] = "Roles";
- }
- return roleInfo;
- }
-
- public void addChild(Users.User user, String[] roleInfo,
- UnmarshallingContext navigator, String namespaceURI, String localName)
- {
- user.addRole(roleInfo[0], roleInfo[1]);
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/AuthorizationInfoContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/AuthorizationInfoContainer.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/AuthorizationInfoContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,79 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authorization;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.logging.Logger;
-import org.jboss.security.authorization.config.AuthorizationConfigEntryHolder;
-import org.jboss.security.authorization.config.AuthorizationModuleEntry;
-import org.jboss.security.config.AuthorizationInfo;
-import org.jboss.xb.binding.GenericValueContainer;
-
-//$Id$
-
-/**
- * A container for creating AuthorizationInfo during jbxb parse.
- *
- * @author anil.saldhana at jboss.org
- * @version $Revision$
- */
-public class AuthorizationInfoContainer
- implements GenericValueContainer
-{
- private static Logger log = Logger.getLogger(AuthorizationInfoContainer.class);
-
- AuthorizationInfo info = null;
-
- String authName = null;
-
- List<AuthorizationModuleEntry> moduleEntries = new ArrayList<AuthorizationModuleEntry>();
-
- public void addChild(QName name, Object value)
- {
- log.debug("addChild::" + name + ":" + value);
- if("name".equals(name.getLocalPart()))
- {
- authName = (String)value;
- }
- else if( value instanceof AuthorizationConfigEntryHolder )
- {
- AuthorizationConfigEntryHolder ace = (AuthorizationConfigEntryHolder) value;
- moduleEntries.add(ace.getEntry());
- }
- }
-
- public Object instantiate()
- {
- info = new AuthorizationInfo(authName);
- info.add(moduleEntries);
- return info;
- }
-
- public Class<?> getTargetClass()
- {
- return AuthorizationInfo.class;
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/config/AuthorizationConfigEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/config/AuthorizationConfigEntryHolder.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/config/AuthorizationConfigEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,94 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.authorization.config;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.security.config.ControlFlag;
-import org.jboss.security.config.ModuleOption;
-import org.jboss.xb.binding.GenericValueContainer;
-
-//$Id$
-
-/**
- * A container for creating AuthorizationConfigurationEntry during jbxb parse.
- * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
- * @since Jun 9, 2006
- * @version $Revision$
- */
-public class AuthorizationConfigEntryHolder implements GenericValueContainer
-{
- private Map<String,Object> moduleOptions = new HashMap<String,Object>();
- String moduleName = null;
- ControlFlag controlFlag = ControlFlag.REQUIRED;
-
- public void addChild(QName name, Object value)
- {
- if("code".equals(name.getLocalPart()))
- {
- moduleName = (String)value;
- }
- if("flag".equals(name.getLocalPart()))
- {
- String tempVal = (String)value;
- if("optional".equals(tempVal))
- controlFlag = ControlFlag.OPTIONAL;
- else
- if("requisite".equals(tempVal))
- controlFlag = ControlFlag.REQUISITE;
- else
- if("sufficient".equals(tempVal))
- controlFlag = ControlFlag.SUFFICIENT;
- }
- if(value instanceof ModuleOption)
- {
- ModuleOption mo = (ModuleOption)value;
- moduleOptions.put(mo.getName(),mo.getValue());
- }
- }
-
- public void addOption(ModuleOption option)
- {
- moduleOptions.put(option.getName(), option.getValue());
- }
-
- public AuthorizationModuleEntry getEntry()
- {
- return (AuthorizationModuleEntry)instantiate();
- }
-
- public Object instantiate()
- {
- AuthorizationModuleEntry entry = new AuthorizationModuleEntry( moduleName,moduleOptions );
- entry.setControlFlag(controlFlag);
- return entry;
- }
-
- public Class<?> getTargetClass()
- {
- return AuthorizationModuleEntry.class;
- }
-
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/config/SecurityConfigObjectModelFactory.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/config/SecurityConfigObjectModelFactory.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/authorization/config/SecurityConfigObjectModelFactory.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,479 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.authorization.config;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.jboss.logging.Logger;
-import org.jboss.security.acl.config.ACLProviderEntry;
-import org.jboss.security.audit.config.AuditProviderEntry;
-import org.jboss.security.auth.login.LoginConfigObjectModelFactory;
-import org.jboss.security.config.ACLInfo;
-import org.jboss.security.config.ApplicationPolicy;
-import org.jboss.security.config.AuditInfo;
-import org.jboss.security.config.AuthorizationInfo;
-import org.jboss.security.config.ControlFlag;
-import org.jboss.security.config.IdentityTrustInfo;
-import org.jboss.security.config.MappingInfo;
-import org.jboss.security.config.ModuleOption;
-import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
-import org.jboss.security.mapping.config.MappingModuleEntry;
-import org.jboss.util.StringPropertyReplacer;
-import org.jboss.xb.binding.UnmarshallingContext;
-import org.xml.sax.Attributes;
-
-// $Id$
-
-/**
- * JBossXB Object Factory capable of parsing the security configuration file that can include both
- * authentication,authorization and mapping module configuration
- *
- * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
- * @since Jun 9, 2006
- * @version $Revision$
- */
-public class SecurityConfigObjectModelFactory extends LoginConfigObjectModelFactory
-{
- private static Logger log = Logger.getLogger(SecurityConfigObjectModelFactory.class);
-
- private final boolean trace = log.isTraceEnabled();
-
- /**
- * <p>
- * Creates an instance of {@code SecurityConfigObjectModelFactory}.
- * </p>
- */
- public SecurityConfigObjectModelFactory()
- {
- }
-
- @Override
- public Object newChild(ApplicationPolicy aPolicy, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = super.newChild(aPolicy, navigator, namespaceUri, localName, attrs);
- if (child == null && "authorization".equals(localName))
- {
- child = new AuthorizationInfo(aPolicy.getName());
- }
- else if (child == null && "acl".equals(localName))
- {
- child = new ACLInfo(aPolicy.getName());
- }
- else if (child == null && "mapping".equals(localName))
- {
- child = new MappingInfo(aPolicy.getName());
- }
- else if (child == null && "rolemapping".equals(localName))
- {
- child = new MappingInfo(aPolicy.getName());
- }
- else if (child == null && "audit".equals(localName))
- {
- child = new AuditInfo(aPolicy.getName());
- }
- else if (child == null && "identity-trust".equals(localName))
- {
- child = new IdentityTrustInfo(aPolicy.getName());
- }
- return child;
- }
-
- // authorization
- public Object newChild(AuthorizationInfo info, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.AuthorizationInfo, localName: " + localName);
- if ("policy-module".equals(localName))
- {
- String code = attrs.getValue("code");
- code = StringPropertyReplacer.replaceProperties(code.trim());
-
- String flag = attrs.getValue("flag");
- if (flag == null)
- flag = "REQUIRED";
- flag = StringPropertyReplacer.replaceProperties(flag.trim());
-
- ControlFlag controlFlag = this.controlFlags.get(flag.toUpperCase());
- if (controlFlag == null)
- controlFlag = ControlFlag.REQUIRED;
-
- AuthorizationModuleEntry entry = new AuthorizationModuleEntry(code);
- entry.setControlFlag(controlFlag);
-
- child = entry;
- if (trace)
- log.trace("newChild.AuthorizationInfo, policy-module code: " + code);
- }
-
- return child;
- }
-
- public Object newChild(AuthorizationModuleEntry entry, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.AppConfigurationEntryHolder, localName: " + localName);
- if ("module-option".equals(localName))
- {
- String name = attrs.getValue("name");
- child = new ModuleOption(name);
- if (trace)
- log.trace("newChild.AuthModuleEntry, module-option name: " + name);
- }
-
- return child;
- }
-
- public void addChild(ApplicationPolicy aPolicy, AuthorizationInfo authInfo, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- aPolicy.setAuthorizationInfo(authInfo);
- if (trace)
- log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
- }
-
- public void addChild(AuthorizationInfo authInfo, AuthorizationConfigEntryHolder entryInfo,
- UnmarshallingContext navigator, String namespaceURI, String localName)
- {
- AuthorizationModuleEntry entry = entryInfo.getEntry();
- authInfo.add(entry);
- if (trace)
- log.trace("addChild.AuthorizationInfo, name: " + entry.getPolicyModuleName());
- }
-
- public void addChild(AuthorizationConfigEntryHolder entryInfo, ModuleOption option, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- entryInfo.addOption(option);
- if (trace)
- log.trace("addChild.AuthorizationConfigEntryHolder, name: " + option.getName());
- }
-
- public void addChild(AuthorizationInfo authInfo, AuthorizationModuleEntry entry, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- authInfo.add(entry);
- }
-
- public void addChild(AuthorizationModuleEntry entry, ModuleOption option, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- entry.add(option);
- if (trace)
- log.trace("addChild.AuthorizationModuleEntry, name: " + option.getName());
- }
-
- // Instance-based authorization (ACL)
- public Object newChild(ACLInfo info, UnmarshallingContext navigator, String namespaceUri, String localName,
- Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.ACLInfo, localName: " + localName);
- if ("acl-module".equals(localName))
- {
- String code = attrs.getValue("code");
- code = StringPropertyReplacer.replaceProperties(code.trim());
-
- String flag = attrs.getValue("flag");
- if (flag == null)
- flag = "REQUIRED";
- flag = StringPropertyReplacer.replaceProperties(flag.trim());
-
- ControlFlag controlFlag = this.controlFlags.get(flag.toUpperCase());
- if (controlFlag == null)
- controlFlag = ControlFlag.REQUIRED;
-
- ACLProviderEntry entry = new ACLProviderEntry(code);
- entry.setControlFlag(controlFlag);
-
- child = entry;
- if (trace)
- log.trace("newChild.ACLInfo, acl-module code: " + code);
- }
-
- return child;
- }
-
- public Object newChild(ACLProviderEntry entry, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.ACLProviderEntry, localName: " + localName);
- if ("module-option".equals(localName))
- {
- String name = attrs.getValue("name");
- child = new ModuleOption(name);
- if (trace)
- log.trace("newChild.trustProviderEntry, module-option name: " + name);
- }
-
- return child;
- }
-
- public void addChild(ApplicationPolicy aPolicy, ACLInfo aclInfo, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- aPolicy.setAclInfo(aclInfo);
- if (trace)
- log.trace("Adding ACLInfo as a child of ApplicationPolicy " + aPolicy.getName());
- }
-
- public void addChild(ACLInfo aclInfo, ACLProviderEntry aclEntry, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- aclInfo.add(aclEntry);
- if (trace)
- log.trace("Adding ACLProviderEntry " + aclEntry.getAclProviderName() + " to ACLInfo " + aclInfo.getName());
- }
-
- public void addChild(ACLProviderEntry aclEntry, ModuleOption option, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- aclEntry.add(option);
- if (trace)
- log.trace("Adding module-option " + option.getName() + " to ACLProviderEntry " + aclEntry.getAclProviderName());
- }
-
- // Mapping
- public Object newChild(MappingInfo info, UnmarshallingContext navigator, String namespaceUri, String localName,
- Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.MappingInfo, localName: " + localName);
- if ("mapping-module".equals(localName))
- {
- String code = attrs.getValue("code");
- code = StringPropertyReplacer.replaceProperties(code.trim());
- String type = attrs.getValue("type");
- if(type != null)
- type = StringPropertyReplacer.replaceProperties(type.trim());
- else
- type = "role";
-
- child = new MappingModuleEntry(code, new HashMap<String,Object>(), type);
- if (trace)
- log.trace("newChild.MappingInfo, mapping-module code: " + code +
- ", mapping-module type: " + type);
- }
-
- return child;
- }
-
- public Object newChild(MappingModuleEntry entry, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.MappingModuleEntry, localName: " + localName);
- if ("module-option".equals(localName))
- {
- String name = attrs.getValue("name");
- child = new ModuleOption(name);
- if (trace)
- log.trace("newChild.MappingModuleEntry, module-option name: " + name);
- }
-
- return child;
- }
-
- public void addChild(ApplicationPolicy aPolicy, MappingInfo authInfo, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- // first organize the mapping modules by type.
- Map<String,List<MappingModuleEntry>> mappings = new HashMap<String,List<MappingModuleEntry>>();
- for(MappingModuleEntry entry : authInfo.getModuleEntries())
- {
- String type = entry.getMappingModuleType();
- if(mappings.containsKey(type))
- mappings.get(type).add(entry);
- else
- {
- List<MappingModuleEntry> entries = new ArrayList<MappingModuleEntry>();
- entries.add(entry);
- mappings.put(type, entries);
- }
- }
- // now set all mapping infos by type.
- for(Map.Entry<String,List<MappingModuleEntry>> entry : mappings.entrySet())
- {
- MappingInfo info = new MappingInfo(authInfo.getName());
- info.add(entry.getValue());
- aPolicy.setMappingInfo(entry.getKey(), info);
- }
- if (trace)
- log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
- }
-
- public void addChild(MappingModuleEntry entry, ModuleOption option, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- entry.add(option);
- if (trace)
- log.trace("addChild.MappingModuleEntry, name: " + option.getName());
- }
-
- public void addChild(MappingInfo authInfo, MappingModuleEntry entry, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- authInfo.add(entry);
- }
-
- // Audit Info
- public Object newChild(AuditInfo info, UnmarshallingContext navigator, String namespaceUri, String localName,
- Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.AuditInfo, localName: " + localName);
- if ("provider-module".equals(localName))
- {
- String code = attrs.getValue("code");
- code = StringPropertyReplacer.replaceProperties(code.trim());
- AuditProviderEntry entry = new AuditProviderEntry(code);
- child = entry;
- if (trace)
- log.trace("newChild.AuditInfo, provider-module code: " + code);
- }
-
- return child;
- }
-
- public Object newChild(AuditProviderEntry entry, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.AuditProviderEntry, localName: " + localName);
- if ("module-option".equals(localName))
- {
- String name = attrs.getValue("name");
- child = new ModuleOption(name);
- if (trace)
- log.trace("newChild.AuditProviderEntry, module-option name: " + name);
- }
-
- return child;
- }
-
- public void addChild(ApplicationPolicy aPolicy, AuditInfo auditInfo, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- aPolicy.setAuditInfo(auditInfo);
- if (trace)
- log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
- }
-
- public void addChild(AuditProviderEntry entry, ModuleOption option, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- entry.add(option);
- if (trace)
- log.trace("addChild.MappingModuleEntry, name: " + option.getName());
- }
-
- public void addChild(AuditInfo auditInfo, AuditProviderEntry entry, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- auditInfo.add(entry);
- }
-
- // Identity Trust
- public Object newChild(IdentityTrustInfo info, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.IdentityTrustInfo, localName: " + localName);
- if ("trust-module".equals(localName))
- {
- String code = attrs.getValue("code");
- code = StringPropertyReplacer.replaceProperties(code.trim());
-
- String flag = attrs.getValue("flag");
- if (flag == null)
- flag = "REQUIRED";
- flag = StringPropertyReplacer.replaceProperties(flag.trim());
-
- ControlFlag controlFlag = this.controlFlags.get(flag.toUpperCase());
- if (controlFlag == null)
- controlFlag = ControlFlag.REQUIRED;
-
- IdentityTrustModuleEntry entry = new IdentityTrustModuleEntry(code);
- entry.setControlFlag(controlFlag);
-
- child = entry;
- if (trace)
- log.trace("newChild.IdentityTrustInfo, trust-module code: " + code);
- }
-
- return child;
- }
-
- public Object newChild(IdentityTrustModuleEntry entry, UnmarshallingContext navigator, String namespaceUri,
- String localName, Attributes attrs)
- {
- Object child = null;
- if (trace)
- log.trace("newChild.trustProviderEntry, localName: " + localName);
- if ("module-option".equals(localName))
- {
- String name = attrs.getValue("name");
- child = new ModuleOption(name);
- if (trace)
- log.trace("newChild.trustProviderEntry, module-option name: " + name);
- }
-
- return child;
- }
-
- public void addChild(ApplicationPolicy aPolicy, IdentityTrustInfo auditInfo, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- aPolicy.setIdentityTrustInfo(auditInfo);
- if (trace)
- log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
- }
-
- public void addChild(IdentityTrustModuleEntry entry, ModuleOption option, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- entry.add(option);
- if (trace)
- log.trace("addChild.MappingModuleEntry, name: " + option.getName());
- }
-
- public void addChild(IdentityTrustInfo auditInfo, IdentityTrustModuleEntry entry, UnmarshallingContext navigator,
- String namespaceURI, String localName)
- {
- auditInfo.add(entry);
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicyContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicyContainer.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicyContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,267 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.config;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.xml.namespace.QName;
-
-import org.jboss.logging.Logger;
-import org.jboss.security.audit.config.AuditProviderEntry;
-import org.jboss.security.auth.container.config.AuthModuleEntry;
-import org.jboss.security.auth.login.AppConfigurationEntryHolder;
-import org.jboss.security.auth.login.AuthenticationInfo;
-import org.jboss.security.auth.login.BaseAuthenticationInfo;
-import org.jboss.security.auth.login.JASPIAuthenticationInfo;
-import org.jboss.security.auth.login.LoginModuleStackHolder;
-import org.jboss.security.authorization.config.AuthorizationConfigEntryHolder;
-import org.jboss.security.authorization.config.AuthorizationModuleEntry;
-import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
-import org.jboss.xb.binding.GenericValueContainer;
-
-// $Id$
-
-/**
- * A container for creating ApplicationPolicy during jbxb parse.
- *
- * @author Anil.Saldhana at jboss.org
- * @version $Revision$
- */
-public class ApplicationPolicyContainer implements GenericValueContainer
-{
- private static Logger log = Logger.getLogger(ApplicationPolicyContainer.class);
-
- ApplicationPolicy info = null;
-
- String authName = null;
-
- String baseAppPolicyName = null;
-
- @SuppressWarnings("unchecked")
- List authenticationModuleEntries = new ArrayList();
-
- List<AuthorizationModuleEntry> authorizationModuleEntries = new ArrayList<AuthorizationModuleEntry>();
-
- List<AuditProviderEntry> auditProviderEntries = new ArrayList<AuditProviderEntry>();
-
- List<IdentityTrustModuleEntry> identityTrustModuleEntries = new ArrayList<IdentityTrustModuleEntry>();
-
- Map<String, LoginModuleStackHolder> loginModuleStackMap = new HashMap<String, LoginModuleStackHolder>();
-
- boolean isJASPIAuthentication = false;
-
- boolean isJAASAuthentication = false;
-
- boolean isAuthorization = false;
-
- boolean containsAudit = false;
-
- boolean containsIdentityTrust = false;
-
- boolean containsRoleMapping = false;
-
- // Mapping Info Object
- Map<String,MappingInfo> mappingInfos = new HashMap<String,MappingInfo>();
-
- ACLInfo aclInfo = null;
-
- AuditInfo auditInfo = null;
-
- IdentityTrustInfo identityTrustInfo = null;
-
- /**
- * @see GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
- */
- @SuppressWarnings("unchecked")
- public void addChild(QName name, Object value)
- {
- log.debug("addChild::" + name + ":" + value);
- if ("name".equals(name.getLocalPart()))
- {
- authName = (String) value;
- }
- else if ("extends".equals(name.getLocalPart()))
- {
- baseAppPolicyName = (String) value;
- }
- else if (value instanceof AppConfigurationEntryHolder)
- {
- AppConfigurationEntryHolder ace = (AppConfigurationEntryHolder) value;
- authenticationModuleEntries.add(ace.getEntry());
- isJAASAuthentication = true;
- }
- else if (value instanceof AppConfigurationEntry)
- {
- AppConfigurationEntry ace = (AppConfigurationEntry) value;
- authenticationModuleEntries.add(ace);
- isJAASAuthentication = true;
- }
- else if (value instanceof AuthModuleEntry)
- {
- AuthModuleEntry ame = (AuthModuleEntry) value;
- // Check if the authmodule needs a reference to a loginmodulestack
- String lmshName = ame.getLoginModuleStackHolderName();
- if (lmshName != null)
- ame.setLoginModuleStackHolder(loginModuleStackMap.get(lmshName));
- authenticationModuleEntries.add(ame);
- isJASPIAuthentication = true;
- }
- else if (value instanceof LoginModuleStackHolder)
- {
- LoginModuleStackHolder lmsh = (LoginModuleStackHolder) value;
- loginModuleStackMap.put(lmsh.getName(), lmsh);
- isJASPIAuthentication = true;
- }
- else if (value instanceof AuthorizationModuleEntry)
- {
- AuthorizationModuleEntry ame = (AuthorizationModuleEntry) value;
- if (!authorizationModuleEntries.contains(ame))
- authorizationModuleEntries.add(ame);
- isAuthorization = true;
- }
- else if (value instanceof AuthorizationConfigEntryHolder)
- {
- AuthorizationConfigEntryHolder ame = (AuthorizationConfigEntryHolder) value;
- AuthorizationModuleEntry ameEntry = ame.getEntry();
- if (!authorizationModuleEntries.contains(ameEntry))
- authorizationModuleEntries.add(ameEntry);
- isAuthorization = true;
- }
- else if (value instanceof AuditProviderEntry)
- {
- AuditProviderEntry ameEntry = (AuditProviderEntry) value;
- if (!auditProviderEntries.contains(ameEntry))
- auditProviderEntries.add(ameEntry);
- containsAudit = true;
- }
- else if (value instanceof IdentityTrustModuleEntry)
- {
- IdentityTrustModuleEntry ameEntry = (IdentityTrustModuleEntry) value;
- if (!identityTrustModuleEntries.contains(ameEntry))
- identityTrustModuleEntries.add(ameEntry);
- containsIdentityTrust = true;
- }
- }
-
- /**
- * Mapping Objects are added to the Application Policy
- *
- * @param obj
- */
- @SuppressWarnings("unchecked")
- public void addMappingInfo(Object obj)
- {
- log.debug(obj);
- if (obj instanceof Map)
- {
- this.mappingInfos.putAll((Map) obj);
- for(MappingInfo info: this.mappingInfos.values())
- info.setName(authName);
- this.containsRoleMapping = true;
- }
- }
-
- /**
- * <p>
- * Adds the {@code ACLInfo} object constructed by the XB parse to the application policy.
- * </p>
- *
- * @param info a reference to the {@code ACLInfo} being added.
- */
- public void addACLInfo(Object info)
- {
- if (info instanceof ACLInfo)
- {
- this.aclInfo = (ACLInfo) info;
- this.aclInfo.setName(this.authName);
- }
- }
-
- /**
- * @see GenericValueContainer#instantiate()
- */
- @SuppressWarnings("unchecked")
- public Object instantiate()
- {
- info = new ApplicationPolicy(authName);
- if (baseAppPolicyName != null)
- info.setBaseApplicationPolicyName(baseAppPolicyName);
-
- BaseAuthenticationInfo binfo = null;
- AuthorizationInfo ainfo = null;
-
- if (isJAASAuthentication)
- {
- binfo = new AuthenticationInfo(authName);
- SecurityActions.addModules(binfo, authenticationModuleEntries);
- info.setAuthenticationInfo(binfo);
- }
- if (isJASPIAuthentication)
- {
- JASPIAuthenticationInfo jaspiInfo = new JASPIAuthenticationInfo(authName);
- SecurityActions.addModules(jaspiInfo, authenticationModuleEntries);
- for (LoginModuleStackHolder holder : this.loginModuleStackMap.values())
- jaspiInfo.add(holder);
- info.setAuthenticationInfo(jaspiInfo);
- }
- if (isAuthorization)
- {
- ainfo = new AuthorizationInfo(authName);
- SecurityActions.addModules(ainfo, authorizationModuleEntries);
- info.setAuthorizationInfo(ainfo);
- }
- if (this.aclInfo != null)
- {
- info.setAclInfo(this.aclInfo);
- }
- if (containsRoleMapping)
- {
- for(String type : this.mappingInfos.keySet())
- info.setMappingInfo(type, this.mappingInfos.get(type));
- }
- if (containsAudit)
- {
- auditInfo = new AuditInfo(authName);
- SecurityActions.addModules(auditInfo, auditProviderEntries);
- info.setAuditInfo(auditInfo);
- }
- if (containsIdentityTrust)
- {
- identityTrustInfo = new IdentityTrustInfo(authName);
- SecurityActions.addModules(identityTrustInfo, identityTrustModuleEntries);
- info.setIdentityTrustInfo(identityTrustInfo);
- }
- return info;
- }
-
- /**
- * @see GenericValueContainer#getTargetClass()
- */
- public Class<?> getTargetClass()
- {
- return ApplicationPolicy.class;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/identitytrust/config/IdentityTrustConfigEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/identitytrust/config/IdentityTrustConfigEntryHolder.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/identitytrust/config/IdentityTrustConfigEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,78 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.identitytrust.config;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.security.config.ModuleOption;
-import org.jboss.xb.binding.GenericValueContainer;
-
-//$Id$
-
-/**
- * A container for creating AuditConfigEntry during jbxb parse
- * @author Anil.Saldhana at redhat.com
- * @since Aug 14, 2007
- * @version $Revision$
- */
-public class IdentityTrustConfigEntryHolder implements GenericValueContainer
-{
- private Map<String,Object> moduleOptions = new HashMap<String,Object>();
- String moduleName = null;
-
- public void addChild(QName name, Object value)
- {
- if("code".equals(name.getLocalPart()))
- {
- moduleName = (String)value;
- }
- if(value instanceof ModuleOption)
- {
- ModuleOption mo = (ModuleOption)value;
- moduleOptions.put(mo.getName(),mo.getValue());
- }
- }
-
- public void addOption(ModuleOption option)
- {
- moduleOptions.put(option.getName(), option.getValue());
- }
-
- public IdentityTrustModuleEntry getEntry()
- {
- return (IdentityTrustModuleEntry)instantiate();
- }
-
- public Object instantiate()
- {
- IdentityTrustModuleEntry entry = new IdentityTrustModuleEntry( moduleName,moduleOptions );
- return entry;
- }
-
- public Class<?> getTargetClass()
- {
- return IdentityTrustModuleEntry.class;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/jacc/JBossPolicyConfigurationFactory.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/jacc/JBossPolicyConfigurationFactory.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/jacc/JBossPolicyConfigurationFactory.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,101 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.jacc;
-
-import java.net.URL;
-import java.security.Policy;
-import java.util.concurrent.ConcurrentHashMap;
-
-import javax.security.jacc.PolicyConfiguration;
-import javax.security.jacc.PolicyConfigurationFactory;
-import javax.security.jacc.PolicyContextException;
-
-import org.jboss.util.state.StateMachine;
-import org.jboss.util.state.xml.StateMachineParser;
-
-/** org.jboss.security.provider
- *
- * @author Scott.Stark at jboss.org
- * @version $Revision$
- */
-public class JBossPolicyConfigurationFactory
- extends PolicyConfigurationFactory
-{
- private StateMachine configStateMachine;
- private ConcurrentHashMap<String,JBossPolicyConfiguration> policyConfigMap
- = new ConcurrentHashMap<String,JBossPolicyConfiguration>();
- private DelegatingPolicy policy;
-
- /** Build the JACC policy configuration state machine from the
- * jacc-policy-config-states.xml file.
- *
- */
- public JBossPolicyConfigurationFactory()
- {
- try
- {
- // Setup the state machine config
- ClassLoader loader = SecurityActions.getContextClassLoader();
- URL states = SecurityActions.getResource(loader,"org/jboss/security/jacc/jacc-policy-config-states.xml");
- StateMachineParser smp = new StateMachineParser();
- configStateMachine = smp.parse(states);
- }
- catch(Exception e)
- {
- IllegalStateException ex = new IllegalStateException("Failed to parse jacc-policy-config-states.xml",e);
- ex.initCause(e);
- throw ex;
- }
- // Get the DelegatingPolicy
- Policy p = SecurityActions.getPolicy();
- if( (p instanceof DelegatingPolicy) == false )
- {
- // Assume that the installed policy delegates to the DelegatingPolicy
- p = DelegatingPolicy.getInstance();
- }
- policy = (DelegatingPolicy) p;
- }
-
- public PolicyConfiguration getPolicyConfiguration(String contextID, boolean remove)
- throws PolicyContextException
- {
- JBossPolicyConfiguration pc = (JBossPolicyConfiguration) policyConfigMap.get(contextID);
- if( pc == null )
- {
- StateMachine sm = (StateMachine) configStateMachine.clone();
- pc = new JBossPolicyConfiguration(contextID, policy, sm);
- policyConfigMap.put(contextID, pc);
- }
- pc.initPolicyConfiguration(remove);
- return pc;
- }
-
- public boolean inService(String contextID)
- throws PolicyContextException
- {
- boolean inService = false;
- JBossPolicyConfiguration pc = (JBossPolicyConfiguration) policyConfigMap.get(contextID);
- if( pc != null )
- inService = pc.inService();
- return inService;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/config/MappingConfigContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/config/MappingConfigContainer.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/config/MappingConfigContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,105 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.mapping.config;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.logging.Logger;
-import org.jboss.security.config.MappingInfo;
-import org.jboss.xb.binding.GenericValueContainer;
-
-// $Id: RoleMappingConfigContainer.java 45942 2006-06-28 02:14:46Z asaldhana $
-
-/**
- * A container for creating RoleMappingConfig during jbxb parse.
- *
- * @author Anil.Saldhana at jboss.org
- * @version $Revision: 45942 $
- */
-public class MappingConfigContainer implements GenericValueContainer
-{
- private static Logger MappingConfigContainer = Logger.getLogger(MappingConfigContainer.class);
-
- private final Map<String, List<MappingModuleEntry>> moduleEntries = new HashMap<String, List<MappingModuleEntry>>();
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
- */
- public void addChild(QName name, Object value)
- {
- if (MappingConfigContainer.isTraceEnabled())
- MappingConfigContainer.trace("addChild:Qname=" + name + ":value=" + value);
- if (value instanceof MappingModuleEntry)
- {
- MappingModuleEntry mme = (MappingModuleEntry) value;
- String type = mme.getMappingModuleType();
- // organize the mapping modules in groups according to their type.
- if (this.moduleEntries.containsKey(type))
- {
- this.moduleEntries.get(type).add(mme);
- }
- else
- {
- List<MappingModuleEntry> entries = new ArrayList<MappingModuleEntry>();
- entries.add(mme);
- this.moduleEntries.put(type, entries);
- }
- }
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#instantiate()
- */
- public Object instantiate()
- {
- Map<String, MappingInfo> infos = new HashMap<String, MappingInfo>();
-
- // create a MappingInfo instance of each group of mapping modules.
- for (String type : this.moduleEntries.keySet())
- {
- // application policy name will be reset in ApplicationPolicyContainer.
- MappingInfo mapping = new MappingInfo("dummy");
- mapping.add(this.moduleEntries.get(type));
- infos.put(type, mapping);
- }
- return infos;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.xb.binding.GenericValueContainer#getTargetClass()
- */
- public Class<?> getTargetClass()
- {
- return MappingInfo.class;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/config/MappingConfigEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/config/MappingConfigEntryHolder.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/config/MappingConfigEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,85 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.mapping.config;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.xml.namespace.QName;
-
-import org.jboss.security.config.ModuleOption;
-import org.jboss.security.mapping.MappingType;
-import org.jboss.xb.binding.GenericValueContainer;
-
-//$Id: MappingConfigEntryHolder.java 46201 2006-07-11 17:51:23Z asaldhana $
-
-/**
- * A container for creating MappingConfigEntry during jbxb parse.
- * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
- * @since August 26, 2006
- * @version $Revision: 46201 $
- */
-public class MappingConfigEntryHolder implements GenericValueContainer
-{
- private final Map<String,Object> moduleOptions = new HashMap<String,Object>();
- String moduleName = null;
- String type = MappingType.ROLE.toString();
-
- public void addChild(QName name, Object value)
- {
- if("code".equals(name.getLocalPart()))
- {
- moduleName = (String)value;
- }
- else if("type".equals(name.getLocalPart()))
- {
- this.type = (String) value;
- }
- if(value instanceof ModuleOption)
- {
- ModuleOption mo = (ModuleOption)value;
- moduleOptions.put(mo.getName(),mo.getValue());
- }
- }
-
- public void addOption(ModuleOption option)
- {
- moduleOptions.put(option.getName(), option.getValue());
- }
-
- public MappingModuleEntry getEntry()
- {
- return (MappingModuleEntry)instantiate();
- }
-
- public Object instantiate()
- {
- MappingModuleEntry entry = new MappingModuleEntry(this.moduleName, this.moduleOptions, this.type);
- return entry;
- }
-
- public Class<?> getTargetClass()
- {
- return MappingModuleEntry.class;
- }
-
-}
\ No newline at end of file
Modified: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -174,6 +174,8 @@
else if (PolicyRegistration.ACL.equalsIgnoreCase(type))
{
ACLConfiguration configuration = ACLConfigurationFactory.getConfiguration(stream);
+ if(configuration == null)
+ throw new IllegalStateException("ACL Configuration parsed is null");
Set<ACL> configuredACLs = configuration.getConfiguredACLs();
// register the configured ACLs
this.contextIDToACLs.put(contextID, configuredACLs);
@@ -194,7 +196,7 @@
{
if (PolicyRegistration.XACML.equalsIgnoreCase(type))
{
- if(objectModel instanceof JAXBElement == false)
+ if(objectModel instanceof JAXBElement<?> == false)
throw new IllegalArgumentException("Unsupported model:" + objectModel);
try
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/DelegatingPolicyTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/DelegatingPolicyTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/DelegatingPolicyTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,233 +0,0 @@
-/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.test;
-
-import java.lang.reflect.Constructor;
-import java.security.AccessControlContext;
-import java.security.AccessControlException;
-import java.security.AccessController;
-import java.security.CodeSource;
-import java.security.Policy;
-import java.security.Principal;
-import java.security.PrivilegedAction;
-import java.security.ProtectionDomain;
-import java.util.Set;
-
-import javax.security.auth.Subject;
-import javax.security.jacc.EJBMethodPermission;
-import javax.security.jacc.PolicyConfiguration;
-import javax.security.jacc.PolicyConfigurationFactory;
-import javax.security.jacc.PolicyContext;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-import org.apache.log4j.Logger;
-import org.jboss.security.SecurityConstants;
-import org.jboss.security.SimplePrincipal;
-import org.jboss.security.jacc.DelegatingPolicy;
-import org.jboss.security.jacc.SubjectPolicyContextHandler;
-
-public class DelegatingPolicyTestCase extends TestCase
-{
- private static Logger log = Logger.getLogger(DelegatingPolicyTestCase.class);
- private static Policy oldPolicy;
- private static Policy jaccPolicy;
-
- public DelegatingPolicyTestCase(String name)
- {
- super(name);
- }
-
- static void setUpPolicy() throws Exception
- {
- // Get the current Policy impl
- oldPolicy = Policy.getPolicy();
-
- String provider = "org.jboss.security.jacc.DelegatingPolicy";
- ClassLoader loader = Thread.currentThread().getContextClassLoader();
- Class providerClass = loader.loadClass(provider);
- try
- {
- // Look for a ctor(Policy) signature
- Class[] ctorSig = {Policy.class};
- Constructor ctor = providerClass.getConstructor(ctorSig);
- Object[] ctorArgs = {oldPolicy};
- jaccPolicy = (Policy) ctor.newInstance(ctorArgs);
- }
- catch(NoSuchMethodException e)
- {
- log.debug("Provider does not support ctor(Policy)");
- jaccPolicy = (Policy) providerClass.newInstance();
- }
-
- // Install the JACC policy provider
- Policy.setPolicy(jaccPolicy);
-
- // Have the policy load/update itself
- jaccPolicy.refresh();
-
- // Register the default active Subject PolicyContextHandler
- SubjectPolicyContextHandler handler = new SubjectPolicyContextHandler();
- PolicyContext.registerHandler(SecurityConstants.SUBJECT_CONTEXT_KEY,
- handler, false);
- }
-
- /**
- * Basic test that a PolicyConfiguration is included in the Policy and its
- * permissions are implied through the Policy.
- *
- * @throws Exception
- */
- public void testPolicyConfiguration() throws Exception
- {
- PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory();
- PolicyConfiguration pc = pcf.getPolicyConfiguration("context-a", false);
- EJBMethodPermission someEJB = new EJBMethodPermission("someEJB", null);
- pc.addToExcludedPolicy(someEJB);
- pc.commit();
-
- Policy sysPolicy = Policy.getPolicy();
- assertTrue("Policy isa DelegatingPolicy", sysPolicy instanceof DelegatingPolicy);
- sysPolicy.refresh();
-
- // Act like the ejb container and check a permission
- PolicyContext.setContextID("context-a");
- EJBMethodPermission methodX = new EJBMethodPermission("someEJB", "methodX,,int");
- assertTrue("methodX denied", sysPolicy.implies(null, methodX) == false);
-
- pc = pcf.getPolicyConfiguration("context-a", true);
- pc.addToUncheckedPolicy(someEJB);
- pc.commit();
- sysPolicy.refresh();
- assertTrue("methodX allowed", sysPolicy.implies(null, methodX) == true);
-
- pc.delete();
- pc = pcf.getPolicyConfiguration("context-a", false);
- pc.addToRole("callerX", someEJB);
- pc.commit();
- sysPolicy.refresh();
- SimplePrincipal[] callers = {new SimplePrincipal("callerX")};
- ProtectionDomain pd = new ProtectionDomain(null, null, null, callers);
- assertTrue("methodX allowed", sysPolicy.implies(pd, methodX) == true);
-
- callers = new SimplePrincipal[]{new SimplePrincipal("callerY")};
- pd = new ProtectionDomain(null, null, null, callers);
- assertTrue("methodX denied", sysPolicy.implies(pd, methodX) == false);
-
- }
-
- /**
- * Test that uncommitted configurations in the Open state are not seen in
- * the current Policy permission set.
- *
- * @throws Exception
- */
- public void testOpenConfigurations() throws Exception
- {
- PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory();
- PolicyConfiguration pc = pcf.getPolicyConfiguration("context-a", false);
- EJBMethodPermission someEJB = new EJBMethodPermission("someEJB", null);
- pc.addToRole("callerX", someEJB);
- Policy sysPolicy = Policy.getPolicy();
-
- pc = pcf.getPolicyConfiguration("context-a", true);
- pc.addToUncheckedPolicy(someEJB);
- sysPolicy.refresh();
- EJBMethodPermission methodX = new EJBMethodPermission("someEJB", "methodX,,int");
- // This perm should be denied since the policy config has not been comitted
- boolean implied = sysPolicy.implies(null, methodX);
- assertFalse("methodX allowed",implied == true);
-
- pc.commit();
- sysPolicy.refresh();
- // Now it should be allowed since the policy config has been comitted
- implied = sysPolicy.implies(null, methodX);
- assertTrue("methodX allowed", implied == true);
- }
-
- public void testSubjectDoAs() throws Exception
- {
- PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory();
- PolicyConfiguration pc = pcf.getPolicyConfiguration("context-a", true);
- EJBMethodPermission someEJB = new EJBMethodPermission("someEJB", null);
- pc.addToRole("callerX", someEJB);
- pc.commit();
-
- log.debug("EJBMethodPermission.CS: "+EJBMethodPermission.class.getProtectionDomain());
- final EJBMethodPermission methodX = new EJBMethodPermission("someEJB", "methodX");
- final Subject caller = new Subject();
- caller.getPrincipals().add(new SimplePrincipal("callerX"));
- Set principalsSet = caller.getPrincipals();
- Principal[] principals = new Principal[principalsSet.size()];
- principalsSet.toArray(principals);
- CodeSource cs = getClass().getProtectionDomain().getCodeSource();
- final ProtectionDomain[] pds = {new ProtectionDomain (cs, null, null, principals)};
- AccessControlContext acc = new AccessControlContext(pds);
- /*
- AccessControlContext acc = new AccessControlContext(new AccessControlContext(pds),
- new SubjectDomainCombiner(caller));
- */
-
- Boolean allowed = (Boolean) Subject.doAsPrivileged(caller, new PrivilegedAction()
- {
- public Object run()
- {
- AccessControlContext acc = AccessController.getContext();
- Boolean ok = Boolean.FALSE;
- try
- {
- acc.checkPermission(methodX);
- ok = Boolean.TRUE;
- }
- catch(AccessControlException e)
- {
-
- }
- return ok;
- }
- }, acc
- );
- assertTrue("methodX allowed", allowed == Boolean.TRUE );
-
- }
-
- public static Test suite()
- {
- TestSuite suite = new TestSuite(DelegatingPolicyTestCase.class);
-
- // Create an initializer for the test suite
- TestSetup wrapper = new TestSetup(suite)
- {
- protected void setUp() throws Exception
- {
- setUpPolicy();
- }
- protected void tearDown() throws Exception
- {
- }
- };
- return wrapper;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,156 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.acl.config;
-
-import java.util.Collection;
-
-import org.jboss.security.acl.ACL;
-import org.jboss.security.acl.ACLEntry;
-import org.jboss.security.acl.ACLImpl;
-import org.jboss.security.acl.BasicACLPermission;
-import org.jboss.security.acl.CompositeACLPermission;
-import org.jboss.security.acl.config.ACLConfiguration;
-import org.jboss.security.identity.plugins.IdentityFactory;
-import org.jboss.test.AbstractJBossSXTest;
-import org.jboss.xb.binding.Unmarshaller;
-import org.jboss.xb.binding.UnmarshallerFactory;
-import org.jboss.xb.binding.sunday.unmarshalling.SchemaBinding;
-import org.jboss.xb.binding.sunday.unmarshalling.XsdBinder;
-
-/**
- * <p>
- * Tests the configuration of ACLs using an XML file that adheres to the {@code jboss-acl-configuration} schema.
- * </p>
- *
- * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
- */
-public class JBossACLSchemaBindingUnitTestCase extends AbstractJBossSXTest
-{
-
- private final String schemaFile = "schema/jboss-acl-config_1_0.xsd";
-
- private final String xmlFile = "config/jboss-acl.xml";
-
- private ACLConfiguration configuration;
-
- /**
- * <p>
- * Creates an instance of {@code JBossACLSchemaBindingUnitTestCase} with the specified name.
- * </p>
- *
- * @param name a {@code String} containing the name of this test case.
- */
- public JBossACLSchemaBindingUnitTestCase(String name)
- {
- super(name);
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.test.AbstractJBossSXTest#setUp()
- */
- @Override
- protected void setUp() throws Exception
- {
- super.setUp();
-
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- SchemaBinding schema = XsdBinder.bind(tcl.getResourceAsStream(schemaFile), null);
- Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
- this.configuration = (ACLConfiguration) unmarshaller.unmarshal(tcl.getResourceAsStream(xmlFile), schema);
- }
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.test.AbstractTestCaseWithSetup#tearDown()
- */
- @Override
- protected void tearDown() throws Exception
- {
- this.configuration = null;
- }
-
- /**
- * <p>
- * Tests the correct creation of {@code ACL} objects according to the ACLs specified in the {@code jboss-acl.xml}
- * test file.
- * </p>
- *
- * @throws Exception if an error occurs while running the test.
- */
- public void testACLConfiguration() throws Exception
- {
- assertNotNull("Unexpected null ACLConfiguration", this.configuration);
- Collection<ACL> configuredACLs = this.configuration.getConfiguredACLs();
- assertEquals("Invalid number of ACLs found", 2, configuredACLs.size());
-
- boolean validatedJavaCompACL = false;
- boolean validatedJavaCompEnvACL = false;
-
- // validate the two ACLs returned.
- for (ACL acl : configuredACLs)
- {
- ACLImpl aclImpl = (ACLImpl) acl;
- if (aclImpl.getResourceAsString().equals("org.jboss.test.authorization.acl.ACLTestResource:10"))
- {
- assertEquals("Invalid number of entries", 2, aclImpl.getEntries().size());
- // one entry should assign the CREATE,READ,UPDATE,DELETE permissions to Administrator.
- ACLEntry entry = aclImpl.getEntry(IdentityFactory.createIdentity("Administrator"));
- assertNotNull("Unexpected null value for Administrator entry", entry);
- CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
- assertEquals("Unexpected permissions assigned for Administrator", expectedPermission, entry.getPermission());
- // the other entry should assign the READ permission to Guest.
- entry = aclImpl.getEntry(IdentityFactory.createIdentity("Guest"));
- assertNotNull("Unexpected null value for Guest entry", entry);
- expectedPermission = new CompositeACLPermission(BasicACLPermission.READ);
- assertEquals("Unexpected permissions assigned for Guest", expectedPermission, entry.getPermission());
- validatedJavaCompACL = true;
- }
- else if (aclImpl.getResourceAsString().equals("org.jboss.test.authorization.acl.ACLTestResource:20"))
- {
- assertEquals("Invalid number of entries", 3, aclImpl.getEntries().size());
- // one entry should assign the CREATE,READ,UPDATE,DELETE permissions to Administrator.
- ACLEntry entry = aclImpl.getEntry(IdentityFactory.createIdentity("Administrator"));
- assertNotNull("Unexpected null value for Administrator entry", entry);
- CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
- assertEquals("Unexpected permissions assigned for Administrator", expectedPermission, entry.getPermission());
- // one other entry should assign the READ,UPDATE permissions to Guest.
- entry = aclImpl.getEntry(IdentityFactory.createIdentity("Guest"));
- assertNotNull("Unexpected null value for Guest entry", entry);
- expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
- assertEquals("Unexpected permissions assigned for Guest", expectedPermission, entry.getPermission());
- // the final entry should assign the READ,UPDATE permissions to Regular_User.
- entry = aclImpl.getEntry(IdentityFactory.createIdentity("Regular_User"));
- assertNotNull("Unexpected null value for Regular_User entry", entry);
- expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
- assertEquals("Unexpected permissions assigned for Regular_User", expectedPermission, entry.getPermission());
- validatedJavaCompEnvACL = true;
- }
- else
- fail("Invalid ACL found: " + aclImpl.getResourceAsString());
- }
- assertTrue("org.jboss.jnp.NamingService:java/comp ACL has not been validated", validatedJavaCompACL);
- assertTrue("org.jboss.jnp.NamingService:java/comp/env ACL has not been validated", validatedJavaCompEnvACL);
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/JBossAuthenticationManagerUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/JBossAuthenticationManagerUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/JBossAuthenticationManagerUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,104 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication;
-
-import java.security.Principal;
-import java.util.HashMap;
-
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
-import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.AuthenticationManager;
-import org.jboss.security.SimplePrincipal;
-import org.jboss.security.auth.callback.AppCallbackHandler;
-import org.jboss.security.plugins.JBossAuthenticationManager;
-import org.jboss.test.SecurityActions;
-
-//$Id$
-
-/**
- * Unit tests for the JBossAuthenticationManager
- * @author Anil.Saldhana at redhat.com
- * @since May 10, 2007
- * @version $Revision$
- */
-public class JBossAuthenticationManagerUnitTestCase extends TestCase
-{
- @Override
- protected void setUp() throws Exception
- {
- super.setUp();
- establishSecurityConfiguration();
- }
-
- public void testSecurityDomain() throws Exception
- {
- AuthenticationManager am = new JBossAuthenticationManager("test1",
- new AppCallbackHandler("a","b".toCharArray()));
- assertEquals("test1", am.getSecurityDomain());
- }
-
- public void testLogin() throws Exception
- {
- Principal p = new SimplePrincipal("jduke");
- AppCallbackHandler acbh = new AppCallbackHandler("jduke","theduke".toCharArray());
- AuthenticationManager am = new JBossAuthenticationManager("test",acbh);
- assertTrue(am.isValid(p, "theduke"));
- }
-
- public void testUnsuccessfulLogin() throws Exception
- {
- Principal p = new SimplePrincipal("jduke");
- AppCallbackHandler acbh = new AppCallbackHandler("jduke","bad".toCharArray());
- AuthenticationManager am = new JBossAuthenticationManager("test",acbh);
- assertFalse(am.isValid(p, "bad"));
- }
-
- private void establishSecurityConfiguration()
- {
- SecurityActions.setJAASConfiguration((Configuration)new TestConfig());
- }
-
- public class TestConfig extends Configuration
- {
- @Override
- public AppConfigurationEntry[] getAppConfigurationEntry(String name)
- {
- HashMap<String,Object> map = new HashMap<String,Object>();
- map.put("usersProperties", "users.properties");
- map.put("rolesProperties", "roles.properties");
- String moduleName = "org.jboss.security.auth.spi.UsersRolesLoginModule";
- AppConfigurationEntry ace = new AppConfigurationEntry(moduleName,
- LoginModuleControlFlag.REQUIRED, map);
-
- return new AppConfigurationEntry[]{ace};
- }
-
- @Override
- public void refresh()
- {
- }
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/WebJASPIAuthMgrUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/WebJASPIAuthMgrUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/WebJASPIAuthMgrUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,101 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication;
-
-import java.net.URL;
-
-import javax.security.auth.Subject;
-import javax.security.auth.message.MessageInfo;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.jboss.security.SecurityContextAssociation;
-import org.jboss.security.ServerAuthenticationManager;
-import org.jboss.security.SimplePrincipal;
-import org.jboss.security.auth.callback.AppCallbackHandler;
-import org.jboss.security.auth.callback.JBossCallbackHandler;
-import org.jboss.security.auth.login.XMLLoginConfigImpl;
-import org.jboss.security.auth.message.GenericMessageInfo;
-import org.jboss.security.plugins.JBossSecurityContext;
-import org.jboss.security.plugins.auth.JASPIServerAuthenticationManager;
-import org.jboss.test.SecurityActions;
-import org.jboss.test.util.TestHttpServletRequest;
-
-/**
- * Unit tests for the JBossAuthenticationManager with JASPI
- *
- * @author Anil.Saldhana at redhat.com
- * @since May 10, 2007
- * @version $Revision$
- */
-public class WebJASPIAuthMgrUnitTestCase extends JBossAuthenticationManagerUnitTestCase
-{
- String securityDomain = "web-jaspi";
-
- AppCallbackHandler acbh = new AppCallbackHandler();
-
- @Override
- protected void setUp() throws Exception
- {
- super.setUp();
- JBossSecurityContext jsc = new JBossSecurityContext(securityDomain);
- SecurityContextAssociation.setSecurityContext(jsc);
- establishSecurityConfiguration();
- }
-
- @Override
- public void testLogin() throws Exception
- {
- HttpServletRequest hsr = getHttpServletRequest("jduke", "theduke");
- MessageInfo mi = new GenericMessageInfo(hsr, (HttpServletResponse) null);
- ServerAuthenticationManager am = new JASPIServerAuthenticationManager(securityDomain, acbh);
- assertTrue(am.isValid(mi, (Subject)null, "HTTP", new JBossCallbackHandler()));
- }
-
- @Override
- public void testUnsuccessfulLogin() throws Exception
- {
- HttpServletRequest hsr = getHttpServletRequest("jduke", "BAD");
- MessageInfo mi = new GenericMessageInfo(hsr, (HttpServletResponse) null);
- ServerAuthenticationManager am = new JASPIServerAuthenticationManager(securityDomain, acbh);
- assertFalse(am.isValid(mi, (Subject)null, "HTTP", null));
- }
-
- private void establishSecurityConfiguration()
- {
- XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
- SecurityActions.setJAASConfiguration(xli);
- URL configURL = Thread.currentThread().getContextClassLoader().getResource("config/jaspi-config.xml");
- assertNotNull("Config URL", configURL);
- xli.setConfigURL(configURL);
- xli.loadConfig();
- }
-
- @SuppressWarnings("unchecked")
- public HttpServletRequest getHttpServletRequest(String username, String pass)
- {
- HttpServletRequest hsr = new TestHttpServletRequest(new SimplePrincipal(username), pass, "GET");
- hsr.getParameterMap().put("j_username", username);
- hsr.getParameterMap().put("j_password", pass);
- return hsr;
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/AuthContextUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/AuthContextUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/AuthContextUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,231 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi;
-
-
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.net.URL;
-import java.security.Principal;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestSuite;
-
-import org.jboss.security.SecurityContext;
-import org.jboss.security.SecurityContextAssociation;
-import org.jboss.security.auth.message.GenericMessageInfo;
-import org.jboss.security.auth.spi.UsersObjectModelFactory;
-import org.jboss.security.authorization.config.SecurityConfigObjectModelFactory;
-import org.jboss.security.config.ApplicationPolicy;
-import org.jboss.security.config.PolicyConfig;
-import org.jboss.security.config.SecurityConfiguration;
-import org.jboss.security.plugins.JBossSecurityContext;
-import org.jboss.security.plugins.auth.JASPIServerAuthenticationManager;
-import org.jboss.test.JBossTestCase;
-import org.jboss.test.JBossTestSetup;
-import org.jboss.xb.binding.Unmarshaller;
-import org.jboss.xb.binding.UnmarshallerFactory;
-
-
-/**
- * Test the JASPI options (required, requisite, sufficient, optional) behavior
- *
- * @author Anil.Saldhana at redhat.com
- * @since Jul 16, 2007
- * @version $Revision$
- */
-public class AuthContextUnitTestCase extends JBossTestCase
-{
- private static PolicyConfig policyConfig = null;
-
- public AuthContextUnitTestCase(String name)
- {
- super(name);
- }
-
-
- public static Test suite() throws Exception
- {
- TestSuite suite = new TestSuite();
- suite.addTest(new TestSuite(AuthContextUnitTestCase.class));
- // Create an initializer for the test suite
- TestSetup wrapper = new JBossTestSetup(suite)
- {
- protected void setUp() throws Exception
- {
- super.setUp();
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL url = tcl.getResource("config/jaspi-config-options.xml");
- if(url == null)
- throw new IllegalStateException("config url is null");
- loadXMLConfig(url);
-
- for(ApplicationPolicy policy : policyConfig.getPolicies())
- SecurityConfiguration.addApplicationPolicy(policy);
- }
- protected void tearDown() throws Exception
- {
- super.tearDown();
- }
- };
- return wrapper;
- }
-
-
- /**
- * Test the AuthorizationModule required behavior
- */
- public void testRequiredOptionBehavior() throws Exception
- {
- assertNotNull("PolicyConfig != null", policyConfig);
- boolean result = getResult("required-permit-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("required-deny-policy");
- assertTrue("DENY?", false == result);
- }
-
- /**
- * Test the AuthorizationModule requisite behavior
- */
- public void testRequisiteOptionBehavior() throws Exception
- {
- assertNotNull("PolicyConfig != null", policyConfig);
- boolean result = getResult("requisite-permit-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("requisite-deny-policy");
- assertTrue("DENY?", false == result);
- }
-
-
- /**
- * Test the AuthorizationModule sufficient behavior
- */
- public void testSufficientOptionBehavior() throws Exception
- {
- assertNotNull("PolicyConfig != null", policyConfig);
- boolean result = getResult("sufficient-permit-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("sufficient-deny-policy");
- assertTrue("DENY?", false == result);
- }
-
-
- /**
- * Test the AuthorizationModule optional behavior
- */
- public void testOptionalOptionBehavior() throws Exception
- {
- assertNotNull("PolicyConfig != null", policyConfig);
- boolean result = getResult("optional-permit-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("optional-deny-policy");
- assertTrue("DENY?", false == result);
- }
-
- /**
- * Test the AuthorizationModules combination behavior
- */
- public void testCombinationBehavior() throws Exception
- {
- assertNotNull("PolicyConfig != null", policyConfig);
- boolean result = getResult("required-deny-sufficient-permit-policy");
- assertTrue("DENY?", false == result);
- result = getResult("required-permit-sufficient-deny-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("required-permit-required-deny-policy");
- assertTrue("DENY?", false == result);
- result = getResult("required-permit-required-permit-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("required-permit-required-permit-sufficient-deny-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("required-permit-required-permit-requisite-deny-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("required-permit-required-permit-optional-deny-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("required-permit-required-deny-requisite-permit-policy");
- assertTrue("DENY?", false == result);
- result = getResult("requisite-permit-requisite-permit-sufficient-deny-policy");
- assertTrue("PERMIT?", true == result);
-
- result = getResult("sufficient-permit-required-deny-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("sufficient-permit-sufficient-deny-policy");
- assertTrue("PERMIT?", true == result);
- result = getResult("optional-deny-sufficient-permit-required-deny-policy");
- assertTrue("PERMIT?", true == result);
-
- result = getResult("sufficient-deny-optional-deny-policy");
- assertTrue("DENY?", false == result);
- }
-
- private boolean getResult(String policyName) throws Exception
- {
- SecurityContext securityContext = new JBossSecurityContext(policyName);
- SecurityContextAssociation.setSecurityContext(securityContext);
-
- CallbackHandler handler = new TestCallbackHandler();
- JASPIServerAuthenticationManager aContext = new JASPIServerAuthenticationManager(policyName,
- handler);
- GenericMessageInfo requestMessage = new GenericMessageInfo(new Object(), new Object());
- return aContext.isValid(requestMessage, new Subject(), "HttpServlet",
- handler);
- }
-
- /**
- * Use JBossXB to parse the security config file
- * @param loginConfigURL
- * @throws Exception
- */
- private static void loadXMLConfig(URL loginConfigURL)
- throws Exception
- {
- if(loginConfigURL == null)
- throw new IllegalArgumentException("loginConfigURL is null");
- SecurityConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
- UsersObjectModelFactory uomf = new UsersObjectModelFactory();
-
- InputStreamReader xmlReader = new InputStreamReader(loginConfigURL.openStream());
- Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
- unmarshaller.mapFactoryToNamespace(uomf, "http://www.jboss.org/j2ee/schemas/XMLLoginModule");
- policyConfig = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, (Object)null);
- }
-
- /**
- * Dummy CallbackHandler
- */
- private static class TestCallbackHandler implements CallbackHandler
- {
- public void setSecurityInfo(Principal p, Object cred)
- {}
-
- public void handle(Callback[] arg0)
- throws IOException, UnsupportedCallbackException
- {
- }
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,148 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi;
-
-import java.net.URL;
-import java.util.HashMap;
-
-import javax.security.auth.Subject;
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
-import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.config.AuthConfigFactory;
-import javax.security.auth.message.config.AuthConfigProvider;
-import javax.security.auth.message.config.ClientAuthConfig;
-import javax.security.auth.message.config.ClientAuthContext;
-import javax.security.auth.message.config.ServerAuthConfig;
-import javax.security.auth.message.config.ServerAuthContext;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.SecurityContextAssociation;
-import org.jboss.security.auth.callback.AppCallbackHandler;
-import org.jboss.security.auth.login.XMLLoginConfigImpl;
-import org.jboss.security.auth.message.GenericMessageInfo;
-import org.jboss.security.plugins.JBossSecurityContext;
-import org.jboss.test.SecurityActions;
-import org.jboss.test.authentication.jaspi.helpers.TestAuthConfigProvider;
-
-
-/**
- * Unit Tests for the JASPI Configuration
- * @author Anil.Saldhana at redhat.com
- * @since Jul 11, 2007
- * @version $Revision$
- */
-public class JASPIConfigUnitTestCase extends TestCase
-{
- AuthConfigFactory factory = null;
-
- @Override
- public void setUp()
- {
- factory = AuthConfigFactory.getFactory();
- factory.registerConfigProvider(new TestAuthConfigProvider(), "TEST", "APP",
- "Test Config Provider");
- }
-
- @SuppressWarnings("unchecked")
- public void testServerFactoryConfig() throws Exception
- {
- assertNotNull("AuthConfigFactory is ! null", factory);
- AuthConfigProvider provider = factory.getConfigProvider("TEST", "APP", null);
- assertNotNull("AuthConfigProvider is ! null", provider);
-
- ServerAuthConfig serverConfig =
- provider.getServerAuthConfig("TEST", "APP",
- new AppCallbackHandler("anil","anil".toCharArray()));
- assertNotNull("ServerAuthConfig ! null", serverConfig);
- MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
- String authContextID = serverConfig.getAuthContextID(mi);
- assertNotNull("AuthContext ID != null",authContextID);
- ServerAuthContext sctx = serverConfig.getAuthContext(authContextID,
- new Subject(), new HashMap());
- assertNotNull("ServerAuthContext != null",sctx);
- }
-
- @SuppressWarnings("unchecked")
- public void testClientFactoryConfig() throws Exception
- {
- assertNotNull("AuthConfigFactory is ! null", factory);
- AuthConfigProvider provider = factory.getConfigProvider("TEST", "APP", null);
- assertNotNull("AuthConfigProvider is ! null", provider);
-
- ClientAuthConfig clientConfig =
- provider.getClientAuthConfig("TEST", "APP",
- new AppCallbackHandler("anil","anil".toCharArray()));
- assertNotNull("ClientAuthConfig ! null", clientConfig);
- MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
- String authContextID = clientConfig.getAuthContextID(mi);
- assertNotNull("AuthContext ID != null",authContextID);
- ClientAuthContext sctx = clientConfig.getAuthContext(authContextID,
- new Subject(), new HashMap());
- assertNotNull("ClientAuthContext != null",sctx);
- }
-
- public void testLoginConfigStackHolder() throws Exception
- {
- String securityDomain = "conf-jaspi";
- JBossSecurityContext jsc = new JBossSecurityContext(securityDomain);
- SecurityContextAssociation.setSecurityContext(jsc);
-
- String configFile = "config/jaspi-config.xml";
- loadConfig(configFile);
-
- //Lets validate the configuration
- Configuration config = Configuration.getConfiguration();
- AppConfigurationEntry[] appConfigEntries = config.getAppConfigurationEntry(securityDomain);
- assertTrue(appConfigEntries.length > 0);
- for(AppConfigurationEntry appConfigEntry: appConfigEntries)
- {
- assertEquals("org.jboss.test.authentication.jaspi.TestLoginModule",
- appConfigEntry.getLoginModuleName());
- assertEquals(LoginModuleControlFlag.OPTIONAL, appConfigEntry.getControlFlag());
- }
-
- appConfigEntries = config.getAppConfigurationEntry("lm-stack");
- assertTrue(appConfigEntries.length > 0);
- for(AppConfigurationEntry appConfigEntry: appConfigEntries)
- {
- assertEquals("org.jboss.test.authentication.jaspi.TestLoginModule",
- appConfigEntry.getLoginModuleName());
- assertEquals(LoginModuleControlFlag.OPTIONAL, appConfigEntry.getControlFlag());
- }
- }
-
- private void loadConfig(String configFile)
- {
- XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
- SecurityActions.setJAASConfiguration(xli);
-
- URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
- assertNotNull("Config URL", configURL);
-
- xli.setConfigURL(configURL);
- xli.loadConfig();
- }
-
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPILoginModuleDelgateUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPILoginModuleDelgateUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPILoginModuleDelgateUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,127 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi;
-
-import java.net.URL;
-import java.util.HashMap;
-
-import javax.security.auth.Subject;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.config.AuthConfigFactory;
-import javax.security.auth.message.config.AuthConfigProvider;
-import javax.security.auth.message.config.ServerAuthConfig;
-import javax.security.auth.message.config.ServerAuthContext;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.SecurityConstants;
-import org.jboss.security.SecurityContextAssociation;
-import org.jboss.security.auth.callback.AppCallbackHandler;
-import org.jboss.security.auth.login.XMLLoginConfigImpl;
-import org.jboss.security.auth.message.GenericMessageInfo;
-import org.jboss.security.auth.message.config.JBossAuthConfigProvider;
-import org.jboss.security.plugins.JBossSecurityContext;
-import org.jboss.test.SecurityActions;
-
-// $Id$
-
-/**
- * Test the delegation to a JAAS Login Module by a Server Auth Module
- *
- * @author Anil.Saldhana at redhat.com
- * @since Jul 27, 2007
- * @version $Revision$
- */
-public class JASPILoginModuleDelgateUnitTestCase extends TestCase
-{
- AuthConfigFactory factory = null;
-
- String layer = SecurityConstants.SERVLET_LAYER;
-
- String appId = "localhost /petstore";
-
- String configFile = "config/jaspi-config.xml";
-
- @Override
- protected void setUp() throws Exception
- {
- factory = AuthConfigFactory.getFactory();
- factory.registerConfigProvider(new JBossAuthConfigProvider(new HashMap()), layer, appId, "Test Config Provider");
-
- JBossSecurityContext jsc = new JBossSecurityContext("conf-jaspi-2");
- SecurityContextAssociation.setSecurityContext(jsc);
-
- XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
- SecurityActions.setJAASConfiguration(xli);
-
- URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
- assertNotNull("Config URL", configURL);
-
- xli.setConfigURL(configURL);
- xli.loadConfig();
- }
-
- public void testSuccessfulJASPI() throws Exception
- {
- AuthConfigProvider provider = factory.getConfigProvider(layer, appId, null);
- ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer, appId, new AppCallbackHandler("jduke",
- "theduke".toCharArray()));
- assertNotNull("ServerAuthConfig is not null", serverConfig);
-
- MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
- String authContextID = serverConfig.getAuthContextID(mi);
- assertNotNull("AuthContext ID != null", authContextID);
- ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, new Subject(), new HashMap());
- assertNotNull("ServerAuthContext != null", sctx);
- Subject clientSubject = new Subject();
- Subject serviceSubject = new Subject();
- AuthStatus status = sctx.validateRequest(mi, clientSubject, serviceSubject);
- assertEquals(AuthStatus.SUCCESS, status);
- }
-
- public void testUnSuccessfulJASPI() throws Exception
- {
- AuthConfigProvider provider = factory.getConfigProvider(layer, appId, null);
- ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer, appId, new AppCallbackHandler("jduke",
- "badpwd".toCharArray()));
- assertNotNull("ServerAuthConfig is not null", serverConfig);
-
- MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
- String authContextID = serverConfig.getAuthContextID(mi);
- assertNotNull("AuthContext ID != null", authContextID);
- ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, new Subject(), new HashMap());
- assertNotNull("ServerAuthContext != null", sctx);
- Subject clientSubject = new Subject();
- Subject serviceSubject = new Subject();
- try
- {
- AuthStatus status = sctx.validateRequest(mi, clientSubject, serviceSubject);
- assertEquals(AuthStatus.FAILURE, status);
- }
- catch (AuthException ae)
- {
- // Pass
- }
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIServerAuthenticationManagerUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIServerAuthenticationManagerUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIServerAuthenticationManagerUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,99 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi;
-
-import java.net.URL;
-import java.util.HashMap;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.config.AuthConfigFactory;
-
-import org.jboss.security.SecurityConstants;
-import org.jboss.security.SecurityContext;
-import org.jboss.security.SecurityContextAssociation;
-import org.jboss.security.auth.callback.AppCallbackHandler;
-import org.jboss.security.auth.login.XMLLoginConfigImpl;
-import org.jboss.security.auth.message.GenericMessageInfo;
-import org.jboss.security.auth.message.config.JBossAuthConfigProvider;
-import org.jboss.security.plugins.JBossSecurityContext;
-import org.jboss.security.plugins.auth.JASPIServerAuthenticationManager;
-import org.jboss.test.SecurityActions;
-
-import junit.framework.TestCase;
-
-/**
- * Unit Test the JASPIServerAuthenticationManager
- * @author Anil.Saldhana at redhat.com
- */
-public class JASPIServerAuthenticationManagerUnitTestCase extends TestCase
-{
- AuthConfigFactory factory = null;
-
- String layer = SecurityConstants.SERVLET_LAYER;
-
- String appId = "localhost /petstore";
-
- String configFile = "config/jaspi-config.xml";
-
- @SuppressWarnings("unchecked")
- protected void setUp() throws Exception
- {
- factory = AuthConfigFactory.getFactory();
- factory.registerConfigProvider(new JBossAuthConfigProvider(new HashMap()), layer, appId, "Test Config Provider");
-
- SecurityContext jsc = new JBossSecurityContext("conf-jaspi");
- SecurityContextAssociation.setSecurityContext(jsc);
-
- XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
- SecurityActions.setJAASConfiguration(xli);
-
- URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
- assertNotNull("Config URL", configURL);
-
- xli.setConfigURL(configURL);
- xli.loadConfig();
- }
-
- public void testIsValid()
- {
- CallbackHandler cbh = new AppCallbackHandler("anil",
- "anilpwd".toCharArray());
- MessageInfo messageInfo = new GenericMessageInfo(new Object(), new Object());
- JASPIServerAuthenticationManager jaspiManager = new JASPIServerAuthenticationManager();
- boolean valid = jaspiManager.isValid(messageInfo, new Subject(), layer,
- cbh);
- assertTrue(valid);
- }
-
- public void testIsInValid()
- {
- CallbackHandler cbh = new AppCallbackHandler("anil",
- "dead".toCharArray());
- MessageInfo messageInfo = new GenericMessageInfo(new Object(), new Object());
- JASPIServerAuthenticationManager jaspiManager = new JASPIServerAuthenticationManager();
- boolean valid = jaspiManager.isValid(messageInfo, new Subject(), layer,
- cbh);
- assertFalse(valid);
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,157 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi;
-
-import java.net.URL;
-import java.util.HashMap;
-
-import javax.security.auth.Subject;
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
-import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.config.AuthConfigFactory;
-import javax.security.auth.message.config.AuthConfigProvider;
-import javax.security.auth.message.config.ServerAuthConfig;
-import javax.security.auth.message.config.ServerAuthContext;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.SecurityConstants;
-import org.jboss.security.SecurityContext;
-import org.jboss.security.SecurityContextAssociation;
-import org.jboss.security.auth.callback.AppCallbackHandler;
-import org.jboss.security.auth.login.XMLLoginConfigImpl;
-import org.jboss.security.auth.message.GenericMessageInfo;
-import org.jboss.security.auth.message.config.JBossAuthConfigProvider;
-import org.jboss.security.plugins.JBossSecurityContext;
-import org.jboss.test.SecurityActions;
-
-
-/**
- * Test the Server side workflow for JASPI
- *
- * @author Anil.Saldhana at redhat.com
- * @since Jul 16, 2007
- * @version $Revision$
- */
-public class JASPIWorkflowUnitTestCase extends TestCase
-{
- AuthConfigFactory factory = null;
-
- String layer = SecurityConstants.SERVLET_LAYER;
-
- String appId = "localhost /petstore";
-
- String configFile = "config/jaspi-config.xml";
-
- @SuppressWarnings("unchecked")
- @Override
- protected void setUp() throws Exception
- {
- factory = AuthConfigFactory.getFactory();
- factory.registerConfigProvider(new JBossAuthConfigProvider(new HashMap()), layer, appId, "Test Config Provider");
-
- SecurityContext jsc = new JBossSecurityContext("conf-jaspi");
- SecurityContextAssociation.setSecurityContext(jsc);
-
- XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
- SecurityActions.setJAASConfiguration(xli);
-
- URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
- assertNotNull("Config URL", configURL);
-
- xli.setConfigURL(configURL);
- xli.loadConfig();
- }
-
- @SuppressWarnings("unchecked")
- public void testSuccessfulJASPI() throws Exception
- {
- AuthConfigProvider provider = factory.getConfigProvider(layer, appId, null);
- ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer, appId, new AppCallbackHandler("anil",
- "anilpwd".toCharArray()));
- assertNotNull("ServerAuthConfig is not null", serverConfig);
-
- MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
- String authContextID = serverConfig.getAuthContextID(mi);
- assertNotNull("AuthContext ID != null", authContextID);
- ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, new Subject(), new HashMap());
- assertNotNull("ServerAuthContext != null", sctx);
- Subject clientSubject = new Subject();
- Subject serviceSubject = new Subject();
- AuthStatus status = sctx.validateRequest(mi, clientSubject, serviceSubject);
- assertEquals(AuthStatus.SUCCESS, status);
- }
-
- @SuppressWarnings("unchecked")
- public void testUnSuccessfulJASPI() throws Exception
- {
- AuthConfigProvider provider = factory.getConfigProvider(layer, appId, null);
- ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer, appId, new AppCallbackHandler("anil",
- "badpwd".toCharArray()));
- assertNotNull("ServerAuthConfig is not null", serverConfig);
-
- validateJAASConfiguration();
- MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
- String authContextID = serverConfig.getAuthContextID(mi);
- assertNotNull("AuthContext ID != null", authContextID);
- ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, new Subject(), new HashMap());
- assertNotNull("ServerAuthContext != null", sctx);
- Subject clientSubject = new Subject();
- Subject serviceSubject = new Subject();
- try
- {
- AuthStatus status = sctx.validateRequest(mi, clientSubject, serviceSubject);
- assertEquals(AuthStatus.FAILURE, status);
- }
- catch(AuthException ae)
- {
- //Ignore - we are fine
- }
- }
-
- private void validateJAASConfiguration()
- {
- //Lets validate the configuration
- Configuration config = Configuration.getConfiguration();
- AppConfigurationEntry[] appConfigEntries = config.getAppConfigurationEntry("conf-jaspi");
- assertTrue(appConfigEntries.length > 0);
- for(AppConfigurationEntry appConfigEntry: appConfigEntries)
- {
- assertEquals("org.jboss.test.authentication.jaspi.TestLoginModule",
- appConfigEntry.getLoginModuleName());
- assertEquals(LoginModuleControlFlag.OPTIONAL, appConfigEntry.getControlFlag());
- }
-
- appConfigEntries = config.getAppConfigurationEntry("lm-stack");
- assertTrue(appConfigEntries.length > 0);
- for(AppConfigurationEntry appConfigEntry: appConfigEntries)
- {
- assertEquals("org.jboss.test.authentication.jaspi.TestLoginModule",
- appConfigEntry.getLoginModuleName());
- assertEquals(LoginModuleControlFlag.OPTIONAL, appConfigEntry.getControlFlag());
- }
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/LoginModuleServerAuthModule.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/LoginModuleServerAuthModule.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/LoginModuleServerAuthModule.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,57 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi;
-
-import javax.security.auth.Subject;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessageInfo;
-
-import org.jboss.security.auth.container.modules.AbstractServerAuthModule;
-
-//$Id$
-
-/**
- * Test Server Auth Module that delegates to a login module
- * @author Anil.Saldhana at redhat.com
- * @since Jul 25, 2007
- * @version $Revision$
- */
-public class LoginModuleServerAuthModule extends AbstractServerAuthModule
-{
-
- public LoginModuleServerAuthModule()
- {
- this.supportedTypes.add(Object.class);
- }
-
- @Override
- protected boolean validate( Subject clientSubject, MessageInfo messageInfo) throws AuthException
- {
- throw new IllegalStateException("Configure a login module in the module options");
- }
-
- public AuthStatus secureResponse(MessageInfo arg0, Subject arg1) throws AuthException
- {
- return null;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/TestLoginModule.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/TestLoginModule.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/TestLoginModule.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,98 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi;
-
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.NameCallback;
-import javax.security.auth.callback.PasswordCallback;
-import javax.security.auth.login.LoginException;
-import javax.security.auth.spi.LoginModule;
-
-import org.jboss.security.SimplePrincipal;
-
-
-/**
- * Test Login Module
- * @author Anil.Saldhana at redhat.com
- * @since Jul 26, 2007
- * @version $Revision$
- */
-public class TestLoginModule implements LoginModule
-{
- private Subject subject;
- private CallbackHandler cbh;
- private Map<String, ?> sharedState;
- private Map<String, ?> options;
-
- private String username = null;
-
- public boolean abort() throws LoginException
- {
- return true;
- }
-
- public boolean commit() throws LoginException
- {
- subject.getPrincipals().add(new SimplePrincipal(username));
- return true;
- }
-
- public void initialize(Subject subject,
- CallbackHandler cbh,
- Map<String, ?> sharedState,
- Map<String, ?> options)
- {
- this.subject = subject;
- this.cbh = cbh;
- this.sharedState = sharedState;
- this.options = options;
- }
-
- public boolean login() throws LoginException
- {
- NameCallback nc = new NameCallback("UserName=", "guest");
- PasswordCallback pwd = new PasswordCallback("Password=", false);
- try
- {
- cbh.handle(new Callback[]{nc,pwd});
- username = nc.getName();
- String p = new String(pwd.getPassword());
- if(username.equals(options.get("principal")) && p.equals(options.get("pass")))
- return true;
- }
- catch (Exception e)
- {
- throw new LoginException(e.getLocalizedMessage());
- }
- return false;
- }
-
- public boolean logout() throws LoginException
- {
- subject = null;
- return false;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/TestServerAuthModule.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/TestServerAuthModule.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/TestServerAuthModule.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,115 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi;
-
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.MessagePolicy;
-
-import org.jboss.security.auth.container.modules.AbstractServerAuthModule;
-
-
-/**
- * Test Server Auth Module that delegates to a login module stack
- * @author Anil.Saldhana at redhat.com
- * @since Jul 25, 2007
- * @version $Revision$
- */
-public class TestServerAuthModule extends AbstractServerAuthModule
-{
- private LoginContext loginContext;
- private String loginContextName = null;
-
- public TestServerAuthModule(String loginContextName)
- {
- this.loginContextName = loginContextName;
- }
-
- @SuppressWarnings("unchecked")
- public void initialize(MessagePolicy messagePolicyReq, MessagePolicy messagePolicyResp,
- CallbackHandler cbh, Map options) throws AuthException
- {
- this.options = options;
- try
- {
- this.validateJAASConfiguration();
- loginContext = new LoginContext(loginContextName, cbh);
- }
- catch (LoginException e)
- {
- throw new RuntimeException(e.getLocalizedMessage());
- }
-
- }
-
- public void cleanSubject(MessageInfo mi, Subject subj) throws AuthException
- {
- super.cleanSubject(mi, subj);
- if(this.loginContext != null)
- try
- {
- loginContext.logout();
- }
- catch (LoginException e)
- {
- throw new RuntimeException(e.getLocalizedMessage());
- }
- }
-
- public AuthStatus secureResponse(MessageInfo mi, Subject clientSubject) throws AuthException
- {
- return null;
- }
-
- @Override
- protected boolean validate(Subject clientSubject, MessageInfo messageInfo) throws AuthException
- {
- try
- {
- validateJAASConfiguration();
- this.loginContext.login();
- }
- catch (LoginException e)
- {
- throw new AuthException(e.getLocalizedMessage());
- }
- return true;
- }
-
- private void validateJAASConfiguration()
- {
- //Lets validate the configuration
- Configuration config = Configuration.getConfiguration();
- AppConfigurationEntry[] appConfigEntries = config.getAppConfigurationEntry(loginContextName);
- if(appConfigEntries.length < 0)
- throw new RuntimeException("No entries for " + loginContextName);
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,56 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi.helpers;
-
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.config.AuthConfigProvider;
-import javax.security.auth.message.config.ClientAuthConfig;
-import javax.security.auth.message.config.ServerAuthConfig;
-
-
-/**
- * Test AuthConfigProvider
- * @author Anil.Saldhana at redhat.com
- * @since Jul 11, 2007
- * @version $Revision$
- */
-public class TestAuthConfigProvider implements AuthConfigProvider
-{
- public ClientAuthConfig getClientAuthConfig(String layer,
- String appcontext, CallbackHandler handler) throws AuthException,
- SecurityException
- {
- return new TestClientAuthConfig();
- }
-
- public ServerAuthConfig getServerAuthConfig(String layer,
- String appcontext, CallbackHandler handler) throws AuthException,
- SecurityException
- {
- return new TestServerAuthConfig() ;
- }
-
- public void refresh() throws AuthException, SecurityException
- {
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,71 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi.helpers;
-
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.config.ClientAuthConfig;
-import javax.security.auth.message.config.ClientAuthContext;
-
-/**
- * Test ClientAuthConfig
- * @author Anil.Saldhana at redhat.com
- * @since Jul 16, 2007
- * @version $Revision$
- */
-public class TestClientAuthConfig implements ClientAuthConfig
-{
-
- public ClientAuthContext getAuthContext(String authContextID,
- Subject clientSubject, Map properties)
- throws AuthException
- {
- return new TestClientAuthContext();
- }
-
- public String getAppContext()
- {
- return "TEST";
- }
-
- public String getAuthContextID(MessageInfo messageInfo)
- {
- return "AUTHCONTEXTID";
- }
-
- public String getMessageLayer()
- {
- return "TESTCLIENT";
- }
-
- public boolean isProtected()
- {
- return false;
- }
-
- public void refresh() throws AuthException, SecurityException
- {
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,57 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi.helpers;
-
-import javax.security.auth.Subject;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.config.ClientAuthContext;
-
-//$Id$
-
-/**
- * Test ClientAuthContext
- * @author Anil.Saldhana at redhat.com
- * @since Jul 16, 2007
- * @version $Revision$
- */
-public class TestClientAuthContext implements ClientAuthContext
-{
- public void cleanSubject(MessageInfo messageInfo, Subject arg1)
- throws AuthException
- {
- }
-
- public AuthStatus secureRequest(MessageInfo messageInfo, Subject arg1)
- throws AuthException
- {
- return null;
- }
-
- public AuthStatus validateResponse(MessageInfo messageInfo,
- Subject arg1, Subject arg2)
- throws AuthException
- {
- return null;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthConfig.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthConfig.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthConfig.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,70 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi.helpers;
-
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.config.ServerAuthConfig;
-import javax.security.auth.message.config.ServerAuthContext;
-
-
-/**
- * Test ServerAuthConfig
- * @author Anil.Saldhana at redhat.com
- * @since Jul 11, 2007
- * @version $Revision$
- */
-public class TestServerAuthConfig implements ServerAuthConfig
-{
- public ServerAuthContext getAuthContext(String authContextID,
- Subject serviceSubject, Map properties)
- {
- return new TestServerAuthContext();
- }
-
- public String getAppContext()
- {
- return null;
- }
-
- public String getAuthContextID(MessageInfo messageInfo)
- {
- return "AUTHCONTEXTID";
- }
-
- public String getMessageLayer()
- {
- return "TEST";
- }
-
- public boolean isProtected()
- {
- return false;
- }
-
- public void refresh() throws AuthException, SecurityException
- {
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthContext.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthContext.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthContext.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,55 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authentication.jaspi.helpers;
-
-import javax.security.auth.Subject;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.config.ServerAuthContext;
-
-//$Id$
-
-/**
- * Test ServerAuthContext
- * @author Anil.Saldhana at redhat.com
- * @since Jul 12, 2007
- * @version $Revision$
- */
-public class TestServerAuthContext implements ServerAuthContext
-{
- public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
- {
- }
-
- public AuthStatus secureResponse(MessageInfo messageInfo, Subject subject)
- throws AuthException
- {
- return null;
- }
-
- public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
- Subject serviceSubject) throws AuthException
- {
- return null;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/AuthorizationContextUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/AuthorizationContextUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/AuthorizationContextUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,235 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authorization;
-
-
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.net.URL;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestSuite;
-
-import org.jboss.security.auth.spi.UsersObjectModelFactory;
-import org.jboss.security.authorization.AuthorizationContext;
-import org.jboss.security.authorization.AuthorizationException;
-import org.jboss.security.authorization.Resource;
-import org.jboss.security.authorization.ResourceType;
-import org.jboss.security.authorization.config.SecurityConfigObjectModelFactory;
-import org.jboss.security.config.PolicyConfig;
-import org.jboss.security.plugins.authorization.JBossAuthorizationContext;
-import org.jboss.test.JBossTestCase;
-import org.jboss.test.JBossTestSetup;
-import org.jboss.xb.binding.Unmarshaller;
-import org.jboss.xb.binding.UnmarshallerFactory;
-
-
-public class AuthorizationContextUnitTestCase extends JBossTestCase
-{
- private static PolicyConfig policyConfig = null;
-
- public AuthorizationContextUnitTestCase(String name)
- {
- super(name);
- }
-
-
- public static Test suite() throws Exception
- {
- TestSuite suite = new TestSuite();
- suite.addTest(new TestSuite(AuthorizationContextUnitTestCase.class));
- // Create an initializer for the test suite
- TestSetup wrapper = new JBossTestSetup(suite)
- {
- protected void setUp() throws Exception
- {
- super.setUp();
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL url = tcl.getResource("authorization/config/authorization-policy.xml");
- if(url == null)
- throw new IllegalStateException("config url is null");
- loadXMLConfig(url);
- }
- protected void tearDown() throws Exception
- {
- super.tearDown();
- }
- };
- return wrapper;
- }
-
-
- /**
- * Test the AuthorizationModule required behavior
- */
- public void testRequiredOptionBehavior() throws Exception
- {
- assertNotNull("PolicyConfig != null", policyConfig);
- int result = getResult("required-permit-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("required-deny-policy");
- assertTrue("DENY?", AuthorizationContext.DENY == result);
- }
-
- /**
- * Test the AuthorizationModule requisite behavior
- */
- public void testRequisiteOptionBehavior() throws Exception
- {
- assertNotNull("PolicyConfig != null", policyConfig);
- int result = getResult("requisite-permit-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("requisite-deny-policy");
- assertTrue("DENY?", AuthorizationContext.DENY == result);
- }
-
-
- /**
- * Test the AuthorizationModule sufficient behavior
- */
- public void testSufficientOptionBehavior() throws Exception
- {
- assertNotNull("PolicyConfig != null", policyConfig);
- int result = getResult("sufficient-permit-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("sufficient-deny-policy");
- assertTrue("DENY?", AuthorizationContext.DENY == result);
- }
-
-
- /**
- * Test the AuthorizationModule optional behavior
- */
- public void testOptionalOptionBehavior() throws Exception
- {
- assertNotNull("PolicyConfig != null", policyConfig);
- int result = getResult("optional-permit-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("optional-deny-policy");
- assertTrue("DENY?", AuthorizationContext.DENY == result);
- }
-
- /**
- * Test the AuthorizationModules combination behavior
- */
- public void testCombinationBehavior() throws Exception
- {
- assertNotNull("PolicyConfig != null", policyConfig);
- int result = getResult("required-deny-sufficient-permit-policy");
- assertTrue("DENY?", AuthorizationContext.DENY == result);
- result = getResult("required-permit-sufficient-deny-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("required-permit-required-deny-policy");
- assertTrue("DENY?", AuthorizationContext.DENY == result);
- result = getResult("required-permit-required-permit-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("required-permit-required-permit-sufficient-deny-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("required-permit-required-permit-requisite-deny-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("required-permit-required-permit-optional-deny-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("required-permit-required-deny-requisite-permit-policy");
- assertTrue("DENY?", AuthorizationContext.DENY == result);
- result = getResult("requisite-permit-requisite-permit-sufficient-deny-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
-
- result = getResult("sufficient-permit-required-deny-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("sufficient-permit-sufficient-deny-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
- result = getResult("optional-deny-sufficient-permit-required-deny-policy");
- assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
-
- result = getResult("sufficient-deny-optional-deny-policy");
- assertTrue("DENY?", AuthorizationContext.DENY == result);
- }
-
- private int getResult(String policyName) throws Exception
- {
- int result = AuthorizationContext.DENY;
-
- JBossAuthorizationContext aContext = new JBossAuthorizationContext(policyName,
- new Subject(),
- new TestCallbackHandler());
- aContext.setApplicationPolicy(policyConfig.get(policyName));
- try
- {
- result = aContext.authorize(new Resource()
- {
- public ResourceType getLayer()
- {
- return ResourceType.WEB;
- }
-
- @SuppressWarnings("unchecked")
- public Map getMap()
- {
- return new HashMap();
- }
- });
- }
- catch(AuthorizationException e)
- {
- result = AuthorizationContext.DENY;
- }
- return result;
- }
-
- /**
- * Use JBossXB to parse the security config file
- * @param loginConfigURL
- * @throws Exception
- */
- private static void loadXMLConfig(URL loginConfigURL)
- throws Exception
- {
- if(loginConfigURL == null)
- throw new IllegalArgumentException("loginConfigURL is null");
- SecurityConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
- UsersObjectModelFactory uomf = new UsersObjectModelFactory();
-
- InputStreamReader xmlReader = new InputStreamReader(loginConfigURL.openStream());
- Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
- unmarshaller.mapFactoryToNamespace(uomf, "http://www.jboss.org/j2ee/schemas/XMLLoginModule");
- policyConfig = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, (Object)null);
- }
-
- /**
- * Dummy CallbackHandler
- */
- private static class TestCallbackHandler implements CallbackHandler
- {
- public void handle(Callback[] arg0)
- throws IOException, UnsupportedCallbackException
- {
- }
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,86 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authorization.acl;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.jboss.security.authorization.Resource;
-import org.jboss.security.authorization.ResourceType;
-
-//$Id$
-
-/**
- * Test Resource For ACL
- * @author Anil.Saldhana at redhat.com
- * @since Jan 30, 2008
- * @version $Revision$
- */
-public class ACLTestResource implements Resource
-{
-
- private final int id;
-
- private final Map<String, Object> context = new HashMap<String, Object>();
-
- /**
- * <p>
- * Creates an instance of {@code ACLTestResource} with the specified id.
- * </p>
- *
- * @param id an {@code int} representing the resource's id.
- */
- public ACLTestResource(int id)
- {
- this.id = id;
- }
-
- /*
- * (non-Javadoc)
- * @see org.jboss.security.authorization.Resource#getLayer()
- */
- public ResourceType getLayer()
- {
- return ResourceType.ACL;
- }
-
- /*
- * (non-Javadoc)
- * @see org.jboss.security.authorization.Resource#getMap()
- */
- public Map<String, Object> getMap()
- {
- return this.context;
- }
-
- /**
- * <p>
- * Obtains the id of this test resource.
- * </p>
- *
- * @return an {@code int} representing this resource's id.
- */
- public int getId()
- {
- return this.id;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,224 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authorization.acl;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.acl.BasicACLPermission;
-import org.jboss.security.acl.CompositeACLPermission;
-import org.jboss.security.acl.EntitlementEntry;
-import org.jboss.security.acl.config.ACLProviderEntry;
-import org.jboss.security.authorization.AuthorizationContext;
-import org.jboss.security.authorization.EntitlementHolder;
-import org.jboss.security.authorization.PolicyRegistration;
-import org.jboss.security.authorization.Resource;
-import org.jboss.security.authorization.ResourceKeys;
-import org.jboss.security.config.ACLInfo;
-import org.jboss.security.config.ApplicationPolicy;
-import org.jboss.security.config.SecurityConfiguration;
-import org.jboss.security.identity.Identity;
-import org.jboss.security.identity.plugins.IdentityFactory;
-import org.jboss.security.plugins.JBossAuthorizationManager;
-import org.jboss.security.plugins.JBossPolicyRegistration;
-
-/**
- * ACL Unit Tests using JBossAuthorizationManager
- *
- * @author Anil.Saldhana at redhat.com
- * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
- * @since Jan 30, 2008
- * @version $Revision$
- */
-public class JBossAuthorizationManagerACLUnitTestCase extends TestCase
-{
-
- /*
- * (non-Javadoc)
- *
- * @see junit.framework.TestCase#setUp()
- */
- @Override
- protected void setUp()
- {
- // register an ACL policy containing ACL definitions with the PolicyRegistration.
- PolicyRegistration registration = new JBossPolicyRegistration();
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- registration.registerPolicy("ID", PolicyRegistration.ACL, tcl.getResourceAsStream("config/jboss-acl.xml"));
-
- // create an application policy that contains an ACL configuration.
- ApplicationPolicy ap = new ApplicationPolicy("test-acl");
- ACLInfo aclInfo = new ACLInfo("test-acl");
- // set the TestACLProvider with the PolicyRegistration created above.
- Map<String, Object> options = new HashMap<String, Object>();
- options.put("policyRegistration", registration);
- ACLProviderEntry ame = new ACLProviderEntry(TestACLProvider.class.getName(), options);
- aclInfo.add(ame);
- ap.setAclInfo(aclInfo);
- // register the application policy.
- SecurityConfiguration.addApplicationPolicy(ap);
- }
-
- @Override
- protected void tearDown() throws Exception
- {
- // unregister the application policy.
- SecurityConfiguration.removeApplicationPolicy("test-acl");
- }
-
- /**
- * <p>
- * Tests the results of the {@code AuthorizationManager#getEntitlements} method when the ACLs have been specified in
- * an ACL configuration file and registered with the {@code PolicyRegistration}.
- * </p>
- *
- * @throws Exception if an error occurs while running the test.
- */
- public void testGetEntitlements() throws Exception
- {
- Resource resource1 = new ACLTestResource(10);
- Resource resource2 = new ACLTestResource(20);
- // for testing purposes, lets say resource2 is a child of resource1.
- Collection<Resource> childResources = new ArrayList<Resource>();
- // resource 1 has resource 2 as child.
- childResources.add(resource2);
- resource1.getMap().put(ResourceKeys.CHILD_RESOURCES, childResources);
- resource2.getMap().put(ResourceKeys.PARENT_RESOURCE, resource1);
-
- // using the authorization manager, check the entitlements assigned to some of the identities.
- JBossAuthorizationManager jam = new JBossAuthorizationManager("test-acl");
-
- // start with the Administrator identity.
- EntitlementHolder<EntitlementEntry> holder = jam.getEntitlements(EntitlementEntry.class, resource1,
- IdentityFactory.createIdentity("Administrator"));
- assertNotNull("Unexpected null EntitlementHolder", holder);
- Set<EntitlementEntry> entitled = holder.getEntitled();
- assertNotNull("Unexpected null set of entitlement entries", entitled);
- assertEquals("Unexpected number of entitlement entries", 2, entitled.size());
- // Administrator should have all permissions on both resources.
- Map<Integer, EntitlementEntry> entriesMap = this.getEntriesByResourceID(entitled);
- CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
- assertTrue("Entry for ACLTestResource with id 10 missing", entriesMap.containsKey(10));
- assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(10).getPermission());
- assertTrue("Entry for ACLTestResource with id 20 missing", entriesMap.containsKey(20));
- assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(20).getPermission());
-
- // now check the permissions entitled to Regular_User.
- holder = jam.getEntitlements(EntitlementEntry.class, resource1, IdentityFactory.createIdentity("Regular_User"));
- assertNotNull("Unexpected null EntitlementHolder", holder);
- entitled = holder.getEntitled();
- assertNotNull("Unexpected null set of entitlement entries", entitled);
- // Regular_User should get an empty set when calling getEntitlements with resource1.
- assertEquals("Unexpected number of entitlement entries", 0, entitled.size());
- holder = jam.getEntitlements(EntitlementEntry.class, resource2, IdentityFactory.createIdentity("Regular_User"));
- assertNotNull("Unexpected null EntitlementHolder", holder);
- entitled = holder.getEntitled();
- assertNotNull("Unexpected null set of entitlement entries", entitled);
- assertEquals("Unexpected number of entitlement entries", 1, entitled.size());
- // Regular_User should have READ and UPDATE permissions on resource 2.
- entriesMap = this.getEntriesByResourceID(entitled);
- expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
- assertTrue("Entry for ACLTestResource with id 20 missing", entriesMap.containsKey(20));
- assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(20).getPermission());
- }
-
- /**
- * <p>
- * Tests the results of the {@code AuthorizationManager#authorize} method when the ACLs have been specified in an ACL
- * configuration file and registered with the {@code PolicyRegistration}.
- * </p>
- *
- * @throws Exception if an error occurs while running the test.
- */
- public void testAuthorize() throws Exception
- {
- Resource resource1 = new ACLTestResource(10);
- Resource resource2 = new ACLTestResource(20);
-
- // using the authorization manager, check if the identities have the expected permissions.
- JBossAuthorizationManager jam = new JBossAuthorizationManager("test-acl");
-
- // check that Administrator has all permissions on both resources.
- Identity identity = IdentityFactory.createIdentity("Administrator");
- assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource1, identity, new CompositeACLPermission(
- BasicACLPermission.values())));
- assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, new CompositeACLPermission(
- BasicACLPermission.values())));
-
- // check that Guest has only READ permission on resource1.
- identity = IdentityFactory.createIdentity("Guest");
- assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource1, identity, BasicACLPermission.READ));
- assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.CREATE));
- assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.UPDATE));
- assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.DELETE));
-
- // check that Guest has READ and UPDATE permissions on resource2.
- assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.READ));
- assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.UPDATE));
- assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, new CompositeACLPermission(
- BasicACLPermission.READ, BasicACLPermission.UPDATE)));
- assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.CREATE));
- assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.DELETE));
- assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, new CompositeACLPermission(
- BasicACLPermission.values())));
-
- // check that Regular_User doesn't have any permissions on resource1.
- identity = IdentityFactory.createIdentity("Regular_User");
- for(BasicACLPermission permission : BasicACLPermission.values())
- assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, permission));
-
- // check that Regular_User has READ and UPDATE permissions on resource2.
- assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.READ));
- assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.UPDATE));
- assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, new CompositeACLPermission(
- BasicACLPermission.READ, BasicACLPermission.UPDATE)));
- assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.CREATE));
- assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.DELETE));
- assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, new CompositeACLPermission(
- BasicACLPermission.values())));
- }
-
- /**
- * <p>
- * Creates and returns a map that contains the specified set of {@code EntitlementEntry} objects keyed by their
- * resources ids.
- * </p>
- *
- * @param entries the set of {@code EntitlementEntry} objects to be keyed.
- * @return the constructed {@code Map} instance.
- */
- private Map<Integer, EntitlementEntry> getEntriesByResourceID(Set<EntitlementEntry> entries)
- {
- Map<Integer, EntitlementEntry> entriesMap = new HashMap<Integer, EntitlementEntry>();
- for (EntitlementEntry entry : entries)
- {
- ACLTestResource testResource = (ACLTestResource) entry.getResource();
- entriesMap.put(testResource.getId(), entry);
- }
- return entriesMap;
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,58 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.authorization.acl;
-
-import java.util.Map;
-
-import org.jboss.security.acl.ACLProviderImpl;
-import org.jboss.security.authorization.PolicyRegistration;
-import org.jboss.security.plugins.acl.PolicyRegistrationStrategy;
-
-// $Id$
-
-/**
- * <p>
- * This is an {@code ACLProvider} implementation used in tests that uses an instance of
- * {@code PolicyRegistrationStrategy} to look up the ACLs.
- * </p>
- *
- * @author Anil.Saldhana at redhat.com
- * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
- * @since Jan 30, 2008
- * @version $Revision$
- */
-public class TestACLProvider extends ACLProviderImpl
-{
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.security.acl.ACLProviderImpl#initialize(java.util.Map, java.util.Map)
- */
- @Override
- public void initialize(Map<String, Object> sharedState, Map<String, Object> options)
- {
- // test implementation: create an instance of PolicyRegistrationStrategy and sets the PolicyRegistration.
- PolicyRegistration registration = (PolicyRegistration) options.get("policyRegistration");
- this.setPersistenceStrategy(new PolicyRegistrationStrategy(registration));
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/JBossXBSchemaBindingUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/JBossXBSchemaBindingUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/JBossXBSchemaBindingUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,59 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.security.config;
-
-import org.jboss.security.config.PolicyConfig;
-import org.jboss.xb.binding.Unmarshaller;
-import org.jboss.xb.binding.UnmarshallerFactory;
-import org.jboss.xb.binding.sunday.unmarshalling.SchemaBinding;
-import org.jboss.xb.binding.sunday.unmarshalling.XsdBinder;
-
-//$Id$
-
-/**
- * Validate JBossXB SchemaBinding
- * @author Anil.Saldhana at redhat.com
- * @since Aug 14, 2007
- * @version $Revision$
- */
-public class JBossXBSchemaBindingUnitTestCase extends SecurityConfigurationUnitTestCase
-{
-
- public JBossXBSchemaBindingUnitTestCase(String name)
- {
- super(name);
- }
-
- protected void setUp() throws Exception
- {
- super.setUp();
-
- // **** UNCOMMENT TO ENABLE TRACE ***
- //this.enableTrace("org.jboss.xb.binding.sunday.unmarshalling.XsdBinder");
-
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- SchemaBinding schema = XsdBinder.bind(tcl.getResourceAsStream(schemaFile), null);
- Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
- config = (PolicyConfig) unmarshaller.unmarshal(tcl.getResourceAsStream(xmlFile), schema);
- assertNotNull(config);
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,366 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.security.config;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.net.URL;
-import java.util.List;
-import java.util.Map;
-
-import javax.security.auth.login.AppConfigurationEntry;
-
-import junit.framework.Assert;
-
-import org.jboss.security.acl.config.ACLProviderEntry;
-import org.jboss.security.audit.config.AuditProviderEntry;
-import org.jboss.security.auth.container.config.AuthModuleEntry;
-import org.jboss.security.auth.login.BaseAuthenticationInfo;
-import org.jboss.security.auth.login.LoginConfigObjectModelFactory;
-import org.jboss.security.auth.login.LoginModuleStackHolder;
-import org.jboss.security.auth.spi.UsersObjectModelFactory;
-import org.jboss.security.authorization.config.AuthorizationModuleEntry;
-import org.jboss.security.authorization.config.SecurityConfigObjectModelFactory;
-import org.jboss.security.config.ACLInfo;
-import org.jboss.security.config.ApplicationPolicy;
-import org.jboss.security.config.AuditInfo;
-import org.jboss.security.config.AuthorizationInfo;
-import org.jboss.security.config.ControlFlag;
-import org.jboss.security.config.IdentityTrustInfo;
-import org.jboss.security.config.MappingInfo;
-import org.jboss.security.config.PolicyConfig;
-import org.jboss.security.config.SecurityConfiguration;
-import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
-import org.jboss.security.mapping.MappingType;
-import org.jboss.security.mapping.config.MappingModuleEntry;
-import org.jboss.test.AbstractJBossSXTest;
-import org.jboss.xb.binding.Unmarshaller;
-import org.jboss.xb.binding.UnmarshallerFactory;
-
-/**
- * Security Configuration Unit Test Case
- *
- * @author Anil.Saldhana at redhat.com
- * @since Jul 25, 2007
- * @version $Revision$
- */
-public class SecurityConfigurationUnitTestCase extends AbstractJBossSXTest
-{
- protected String schemaFile = "schema/security-config_5_0.xsd";
-
- protected String xmlFile = "config/securityConfig5.xml";
-
- protected PolicyConfig config = null;
-
- public SecurityConfigurationUnitTestCase(String name)
- {
- super(name);
- }
-
- @Override
- protected void setUp() throws Exception
- {
- super.setUp();
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
-
- LoginConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
- UsersObjectModelFactory uomf = new UsersObjectModelFactory();
- URL xmlFileURL = tcl.getResource(xmlFile);
- assertNotNull("XML File URL is not null", xmlFileURL);
- InputStreamReader xmlReader = loadURL(xmlFileURL);
- Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
- unmarshaller.mapFactoryToNamespace(uomf, "http://www.jboss.org/j2ee/schemas/XMLLoginModule");
- unmarshaller.setSchemaValidation(true);
- unmarshaller.setNamespaceAware(true);
- unmarshaller.setFeature(Unmarshaller.SCHEMA_VALIDATION, Boolean.TRUE);
- Object root = null;
- config = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, root);
- assertNotNull("PolicyConfig is not null", config);
- }
-
- public void testValidateJAASConfiguration()
- {
- ApplicationPolicy jaasConfig = config.get("conf-jaas");
- BaseAuthenticationInfo authInfo = jaasConfig.getAuthenticationInfo();
- List<?> entries = authInfo.getModuleEntries();
- assertEquals("Number of entries = 2", 2, entries.size());
-
- // First Entry
- Object entry = entries.get(0);
- assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
- AppConfigurationEntry ace = (AppConfigurationEntry) entry;
- assertEquals("LM Name", "org.jboss.test.TestLoginModule", ace.getLoginModuleName());
- assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
- Map<String, ?> aceOptions = ace.getOptions();
- assertEquals("Number of options = 3", 3, aceOptions.size());
- assertEquals("name=1.1", "1.1", aceOptions.get("name"));
- assertEquals("succeed=true", "true", aceOptions.get("succeed"));
- assertEquals("throwEx=false", "false", aceOptions.get("throwEx"));
-
- // Second Entry
- entry = entries.get(1);
- assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
- ace = (AppConfigurationEntry) entry;
- assertEquals("LM Name", "org.jboss.test.TestLoginModule2", ace.getLoginModuleName());
- assertEquals("Optional expected", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, ace.getControlFlag());
- aceOptions = ace.getOptions();
- assertEquals("Number of options = 4", 4, aceOptions.size());
- assertEquals("name=1.2", "1.2", aceOptions.get("name"));
- assertEquals("succeed=false", "false", aceOptions.get("succeed"));
- assertEquals("throwEx=true", "true", aceOptions.get("throwEx"));
- assertEquals("dummy=d", "d", aceOptions.get("dummy"));
-
- }
-
- public void testValidateJASPIConfiguration()
- {
- ApplicationPolicy jaspiConfig = config.get("conf-jaspi");
- BaseAuthenticationInfo authInfo = jaspiConfig.getAuthenticationInfo();
- List<?> entries = authInfo.getModuleEntries();
- assertEquals("Number of entries = 2", 2, entries.size());
-
- // First Entry
- Object entry = entries.get(0);
- assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
- AuthModuleEntry ace = (AuthModuleEntry) entry;
- assertEquals("LM Name", "TestAuthModule", ace.getAuthModuleName());
- assertEquals("Required", ControlFlag.REQUIRED, ace.getControlFlag());
- Map<String, ?> aceOptions = ace.getOptions();
- assertEquals("Number of options = 3", 3, aceOptions.size());
- assertEquals("usersProperties=u", "u", aceOptions.get("usersProperties"));
- assertEquals("rolesProperties=r", "r", aceOptions.get("rolesProperties"));
- assertEquals("unauthenticatedIdentity=anonymous", "anonymous", aceOptions.get("unauthenticatedIdentity"));
-
- // Second Entry
- entry = entries.get(1);
- assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
- ace = (AuthModuleEntry) entry;
- assertEquals("LM Name", "TestAuthModule2", ace.getAuthModuleName());
- assertEquals("Required", ControlFlag.REQUIRED, ace.getControlFlag());
- aceOptions = ace.getOptions();
- assertEquals("Number of options = 0", 0, aceOptions.size());
- LoginModuleStackHolder lmsh = ace.getLoginModuleStackHolder();
- assertEquals("lm-stack", "lm-stack", lmsh.getName());
- AppConfigurationEntry[] appEntries = lmsh.getAppConfigurationEntry();
- assertEquals("App Entries in LMSH=1", 1, appEntries.length);
-
- Object appEntry = appEntries[0];
- assertTrue("Entry instanceof AppConfigurationEntry", appEntry instanceof AppConfigurationEntry);
- AppConfigurationEntry appace = (AppConfigurationEntry) appEntry;
- assertEquals("LM Name", "org.jboss.security.auth.spi.UsersRolesLoginModule", appace.getLoginModuleName());
- assertEquals("Optional", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, appace.getControlFlag());
- Map<String, ?> appaceOptions = appace.getOptions();
- assertEquals("Number of options = 3", 3, appaceOptions.size());
- assertEquals("usersProperties=u", "u", appaceOptions.get("usersProperties"));
- assertEquals("rolesProperties=r", "r", appaceOptions.get("rolesProperties"));
- assertEquals("unauthenticatedIdentity=anonymous", "anonymous", appaceOptions.get("unauthenticatedIdentity"));
- }
-
- public void testValidateCompleteConfiguration()
- {
- ApplicationPolicy completeConfig = config.get("conf-complete");
- BaseAuthenticationInfo authInfo = completeConfig.getAuthenticationInfo();
- List<?> entries = authInfo.getModuleEntries();
- assertEquals("Number of entries = 1", 1, entries.size());
-
- // First Entry
- Object entry = entries.get(0);
- assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
- AppConfigurationEntry ace = (AppConfigurationEntry) entry;
- assertEquals("LM Name", "org.jboss.test.TestLoginModule", ace.getLoginModuleName());
- assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
- Map<String, ?> aceOptions = ace.getOptions();
- assertEquals("Number of options = 3", 3, aceOptions.size());
- assertEquals("name=1.1", "1.1", aceOptions.get("name"));
- assertEquals("succeed=true", "true", aceOptions.get("succeed"));
- assertEquals("throwEx=false", "false", aceOptions.get("throwEx"));
-
- // Authorization
- AuthorizationInfo authzInfo = completeConfig.getAuthorizationInfo();
- assertNotNull("AuthorizationInfo is not null", authzInfo);
- AuthorizationModuleEntry[] authzEntries = authzInfo.getAuthorizationModuleEntry();
- assertEquals("Length of authorization entries = 1", 1, authzEntries.length);
- AuthorizationModuleEntry authzEntry = authzEntries[0];
- assertEquals("TestPolicyModule", "org.jboss.test.TestPolicyModule", authzEntry.getPolicyModuleName());
- assertEquals("Required", ControlFlag.REQUIRED, authzEntry.getControlFlag());
- Map<String, ?> authzoptions = authzEntry.getOptions();
- assertEquals("Number of options = 2", 2, authzoptions.size());
- assertEquals("name=authz", "authz", authzoptions.get("name"));
- assertEquals("succeed=true", "true", authzoptions.get("succeed"));
-
- // ACL (instance-based authorization)
- ACLInfo aclInfo = completeConfig.getAclInfo();
- assertNotNull("Unexpected null ACLInfo found", aclInfo);
- ACLProviderEntry[] aclEntries = aclInfo.getACLProviderEntry();
- assertNotNull("Unexpected null set of acl entries", aclEntries);
- assertEquals("Invalid number of acl entries", 2, aclEntries.length);
- // first entry should be org.jboss.security.authz.ACLModule1.
- Assert.assertEquals("org.jboss.security.authz.ACLModule1", aclEntries[0].getAclProviderName());
- Assert.assertEquals("REQUIRED", aclEntries[0].getControlFlag().toString());
- Map<String, ?> options = aclEntries[0].getOptions();
- Assert.assertNotNull("Unexpected null options map", options);
- Assert.assertTrue("Option aclOption1 was not found", options.containsKey("aclOption1"));
- Assert.assertEquals("value1", options.get("aclOption1"));
- Assert.assertTrue("Option aclOption2 was not found", options.containsKey("aclOption2"));
- Assert.assertEquals("value2", options.get("aclOption2"));
- // second entry should be the org.jboss.security.authz.ACLModule2.
- Assert.assertEquals("org.jboss.security.authz.ACLModule2", aclEntries[1].getAclProviderName());
- Assert.assertEquals("REQUIRED", aclEntries[1].getControlFlag().toString());
- options = aclEntries[1].getOptions();
- Assert.assertNotNull("Unexpected null options map", options);
- Assert.assertTrue("Option aclOption3 was not found", options.containsKey("aclOption3"));
- Assert.assertEquals("value3", options.get("aclOption3"));
- Assert.assertTrue("Option aclOption4 was not found", options.containsKey("aclOption4"));
- Assert.assertEquals("value4", options.get("aclOption4"));
-
- // Mapping
- MappingInfo mappingInfo = completeConfig.getMappingInfo(MappingType.PRINCIPAL.toString());
- assertNotNull("MappingInfo is not null", mappingInfo);
- MappingModuleEntry[] mappingEntries = mappingInfo.getMappingModuleEntry();
- assertEquals("Invalid number of entries", 1, mappingEntries.length);
- MappingModuleEntry mappingEntry = mappingEntries[0];
- assertEquals("org.jboss.test.mapping.MappingModule1", mappingEntry.getMappingModuleName());
- Map<String, ?> mappingOptions = mappingEntry.getOptions();
- assertEquals("Invalid number of options", 1, mappingOptions.size());
- Assert.assertTrue("Option option1 was not found", mappingOptions.containsKey("option1"));
- assertEquals("value1", mappingOptions.get("option1"));
-
- // Role Mapping
- mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
- assertNotNull("MappingInfo is not null", mappingInfo);
- MappingModuleEntry[] mmearr = mappingInfo.getMappingModuleEntry();
- assertEquals("Mapping entry length=1", 1, mmearr.length);
- MappingModuleEntry mme = mmearr[0];
- assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
- Map<String, ?> mmOptions = mme.getOptions();
- assertEquals("Number of options = 2", 2, mmOptions.size());
- assertEquals("name=rolemap", "rolemap", mmOptions.get("name"));
- assertEquals("succeed=true", "true", mmOptions.get("succeed"));
-
- // Audit
- AuditInfo ai = completeConfig.getAuditInfo();
- assertNotNull("AuditInfo", ai);
- AuditProviderEntry[] apelist = ai.getAuditProviderEntry();
- assertEquals("Audit entry length=1", 1, apelist.length);
- AuditProviderEntry ape = apelist[0];
- assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
- Map<String, ?> auditOptions = ape.getOptions();
- assertEquals("Number of options = 2", 2, auditOptions.size());
- assertEquals("name=auditprovider", "auditprovider", auditOptions.get("name"));
- assertEquals("succeed=false", "false", auditOptions.get("succeed"));
-
- // Identity Trust
- IdentityTrustInfo iti = completeConfig.getIdentityTrustInfo();
- assertNotNull("IdentityTrustInfo", iti);
- IdentityTrustModuleEntry[] itilist = iti.getIdentityTrustModuleEntry();
- assertEquals("IdentityTrustModuleEntry length=1", 1, itilist.length);
- IdentityTrustModuleEntry itie = itilist[0];
- assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
- Map<String, ?> itieOptions = itie.getOptions();
- assertEquals("Number of options = 3", 3, itieOptions.size());
- assertEquals("name=trustprovider", "trustprovider", itieOptions.get("name"));
- assertEquals("succeed=true", "true", itieOptions.get("succeed"));
- assertEquals("dummy=dr", "dr", itieOptions.get("dummy"));
- }
-
- public void testApplicationPolicyExtension()
- {
- ApplicationPolicy completeConfig = config.get("conf-jaas-extend");
- assertNotNull("conf-jaas-extend is not null", completeConfig);
- BaseAuthenticationInfo bai = completeConfig.getAuthenticationInfo();
- assertNotNull("BaseAuthenticationInfo is not null", bai);
- assertEquals("3 login modules", 3, bai.getModuleEntries().size());
-
- // Authorization
- AuthorizationInfo azi = completeConfig.getAuthorizationInfo();
- assertNotNull("AuthorizationInfo is not null", azi);
- assertEquals("3 authz modules", 3, azi.getModuleEntries().size());
-
- // ACL
- ACLInfo aclInfo = completeConfig.getAclInfo();
- assertNotNull("Unexpected null ACLInfo", aclInfo);
- assertEquals("Unexpected number of acl modules", 3, aclInfo.getModuleEntries().size());
-
- // Role Mapping
- MappingInfo mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
- assertNotNull("MappingInfo is not null", mappingInfo);
- // we expect 2 modules because one has been configured as a mapping of type "role"
- assertEquals("2 map modules", 2, mappingInfo.getModuleEntries().size());
-
- // Mapping
- mappingInfo = completeConfig.getMappingInfo(MappingType.PRINCIPAL.toString());
- assertNotNull("MappingInfo is not null", mappingInfo);
- MappingModuleEntry[] mappingEntries = mappingInfo.getMappingModuleEntry();
- assertEquals("Invalid number of entries", 2, mappingEntries.length);
- assertEquals("org.jboss.test.mapping.MappingModule1", mappingEntries[0].getMappingModuleName());
- assertEquals("org.jboss.test.mapping.MappingModule3", mappingEntries[1].getMappingModuleName());
- // same test as above: we expect 2 role-mapping modules: 1 from rolemapping and 1 from mapping with type "role".
- mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
- assertNotNull("MappingInfo is not null", mappingInfo);
- mappingEntries = mappingInfo.getMappingModuleEntry();
- assertEquals("Invalid number of entries", 2, mappingEntries.length);
- assertEquals("org.jboss.test.TestMappingModule", mappingEntries[0].getMappingModuleName());
- assertEquals("org.jboss.test.mapping.MappingModule2", mappingEntries[1].getMappingModuleName());
-
- // Audit
- AuditInfo ai = completeConfig.getAuditInfo();
- assertNotNull("AuditInfo", ai);
- AuditProviderEntry[] apelist = ai.getAuditProviderEntry();
- assertEquals("Audit entry length=1", 1, apelist.length);
-
- // Identity Trust
- IdentityTrustInfo iti = completeConfig.getIdentityTrustInfo();
- assertNotNull("IdentityTrustInfo", iti);
- IdentityTrustModuleEntry[] itilist = iti.getIdentityTrustModuleEntry();
- assertEquals("IdentityTrustModuleEntry length=1", 1, itilist.length);
-
- // JASPI authentication policy extension
- ApplicationPolicy jaspiPolicy = config.get("conf-jaspi-extend");
- assertNotNull("Unexpected null conf-jaspi-extend application policy", jaspiPolicy);
- BaseAuthenticationInfo authInfo = jaspiPolicy.getAuthenticationInfo();
- assertNotNull("Unexpected null jaspi configuration", authInfo);
- List<?> entries = authInfo.getModuleEntries();
- assertEquals("Invalid number of auth modules", 3, entries.size());
- }
-
- public void testAddDeletionOfApplicationPolicies()
- {
- ApplicationPolicy aPolicy = new ApplicationPolicy("test");
- SecurityConfiguration.addApplicationPolicy(aPolicy);
- ApplicationPolicy ap = SecurityConfiguration.getApplicationPolicy("test");
- assertNotNull("Application Policy for test != null", ap);
- assertEquals("Application Policy Name = test", "test", ap.getName());
-
- SecurityConfiguration.removeApplicationPolicy("test");
- assertNull("Application Policy for test is null", SecurityConfiguration.getApplicationPolicy("test"));
- }
-
- private InputStreamReader loadURL(URL configURL) throws IOException
- {
- InputStream is = configURL.openStream();
- if (is == null)
- throw new IOException("Failed to obtain InputStream from url: " + configURL);
- InputStreamReader xmlReader = new InputStreamReader(is);
- return xmlReader;
- }
-}
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/identitytrust/IdentityTrustUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/identitytrust/IdentityTrustUnitTestCase.java 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/identitytrust/IdentityTrustUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,191 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.security.identitytrust;
-
-import java.net.URL;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.RunAs;
-import org.jboss.security.RunAsIdentity;
-import org.jboss.security.auth.login.XMLLoginConfigImpl;
-import org.jboss.security.identitytrust.IdentityTrustManager;
-import org.jboss.security.identitytrust.IdentityTrustManager.TrustDecision;
-import org.jboss.security.plugins.JBossSecurityContext;
-import org.jboss.test.SecurityActions;
-
-// $Id$
-
-/**
- * Test the IdentityTrust framework
- *
- * @author Anil.Saldhana at redhat.com
- * @since Aug 2, 2007
- * @version $Revision$
- */
-public class IdentityTrustUnitTestCase extends TestCase
-{
- String configFile = "config/identitytrust-config.xml";
-
- @Override
- protected void setUp() throws Exception
- {
- XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
- SecurityActions.setJAASConfiguration(xli);
- URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
- assertNotNull("Config URL", configURL);
-
- xli.setConfigURL(configURL);
- xli.loadConfig();
- }
-
- public void testPermit_Permit_Permit() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("Permit-Permit-Permit");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
- }
-
- public void testPermit_Permit_Deny() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("Permit-Permit-Deny");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted Deny", TrustDecision.Deny, itm.isTrusted(sc));
- }
-
- public void testPermit_Deny_Permit() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("Permit-Deny-Permit");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted Deny", TrustDecision.Deny, itm.isTrusted(sc));
- }
-
- public void testDeny_Permit_Permit() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("Deny-Permit-Permit");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted Deny", TrustDecision.Deny, itm.isTrusted(sc));
- }
-
- public void testPermit_Permit_NotApplicable() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("Permit-Permit-NotApplicable");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
- }
-
- public void testNotApplicable_Permit_Permit() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("NotApplicable-Permit-Permit");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
- }
-
- public void testNotApplicable_Required__Permit_Optional() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("NotApplicable_Required-Permit_Optional");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted not applicable", TrustDecision.NotApplicable, itm.isTrusted(sc));
- }
-
- public void testPermit_Required__Deny_Optional() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("Permit_Required-Deny_Optional");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
- }
-
- public void testNotApplicable_Required__Deny_Optional() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("NotApplicable_Required-Deny_Optional");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted false", TrustDecision.NotApplicable, itm.isTrusted(sc));
- }
-
- public void testPermit_Sufficient__Deny_Optional() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("Permit_Sufficient-Deny_Optional");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
- }
-
- @SuppressWarnings("unchecked")
- public void testJavaEERunAsIdentity() throws Exception
- {
- JBossSecurityContext sc = new JBossSecurityContext("conf-javaee");
- sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
- assertNotNull("SecurityContext is not null", sc);
- IdentityTrustManager itm = sc.getIdentityTrustManager();
- assertNotNull("IdentityTrustManager is not null", itm);
- assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
-
- sc.setIncomingRunAs(new RunAs()
- {
- public <T> T getIdentity()
- {
- return (T) "BAD";
- }
-
- public <T> T getProof()
- {
- return (T) "BAD";
- }
-
- public String getName()
- {
- return "BAD";
- }
- });
-
- assertEquals("Is Trusted is false", TrustDecision.NotApplicable, itm.isTrusted(sc));
- }
-}
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/authorization/config/authorization-policy.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/authorization/config/authorization-policy.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/authorization/config/authorization-policy.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,155 +0,0 @@
-<jbsx:policy xsi:schemaLocation="urn:jboss:security-config:5.0 resource:security-config_5_0.xsd" xmlns:jbsx="urn:jboss:security-config:5.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-
- <jbsx:application-policy name="xacml-domain">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.XACMLAuthorizationModule" flag="required" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="requisite-permit-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="requisite" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="requisite-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="requisite" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="sufficient-permit-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="sufficient-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="optional-permit-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="optional-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-deny-sufficient-permit-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-sufficient-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-permit-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-permit-sufficient-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-permit-requisite-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="requisite" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-permit-optional-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="optional" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-deny-requisite-permit-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="requisite" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="requisite-permit-requisite-permit-sufficient-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="requisite" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="requisite" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="sufficient-permit-required-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="sufficient-permit-sufficient-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="optional-deny-sufficient-permit-required-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="optional" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="sufficient-deny-optional-deny-policy">
- <jbsx:authorization>
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
- <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="optional" />
- </jbsx:authorization>
- </jbsx:application-policy>
-
-</jbsx:policy>
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/identitytrust-config.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/identitytrust-config.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/identitytrust-config.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,90 +0,0 @@
-<?xml version='1.0'?>
-
-<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="urn:jboss:security-config:5.0"
- xmlns="urn:jboss:security-config:5.0">
-
- <application-policy name="conf-javaee">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.JavaEETrustModule"/>
- </identity-trust>
- </application-policy>
-
- <application-policy name="Permit-Permit-Permit">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- </identity-trust>
- </application-policy>
-
- <application-policy name="Permit-Permit-Deny">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule"/>
- </identity-trust>
- </application-policy>
-
- <application-policy name="Permit-Deny-Permit">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- </identity-trust>
- </application-policy>
-
- <application-policy name="Deny-Permit-Permit">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule"/> <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- </identity-trust>
- </application-policy>
-
- <application-policy name="Permit-Permit-NotApplicable">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysNotApplicableTrustModule"/>
- </identity-trust>
- </application-policy>
-
- <application-policy name="NotApplicable-Permit-Permit">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysNotApplicableTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- </identity-trust>
- </application-policy>
-
- <application-policy name="NotApplicable_Required-Permit_Optional">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysNotApplicableTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule" flag="optional"/>
- </identity-trust>
- </application-policy>
-
- <application-policy name="Permit_Required-Deny_Optional">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule" flag="optional"/>
- </identity-trust>
- </application-policy>
-
- <application-policy name="NotApplicable_Required-Deny_Optional">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysNotApplicableTrustModule"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule" flag="optional"/>
- </identity-trust>
- </application-policy>
-
- <application-policy name="Permit_Sufficient-Deny_Optional">
- <identity-trust>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysNotApplicableTrustModule"
- flag="sufficient"/>
- <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule" flag="optional"/>
- </identity-trust>
- </application-policy>
-
-</policy>
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jaspi-config-options.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jaspi-config-options.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jaspi-config-options.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,150 +0,0 @@
-<jbsx:policy xsi:schemaLocation="urn:jboss:security-config:5.0 resource:security-config_5_0.xsd" xmlns:jbsx="urn:jboss:security-config:5.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-
- <jbsx:application-policy name="required-permit-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule"
- flag="required" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="requisite-permit-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="requisite" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="requisite-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="requisite" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="sufficient-permit-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="sufficient-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="optional-permit-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="optional-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-deny-sufficient-permit-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-sufficient-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-permit-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-permit-sufficient-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-permit-requisite-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="requisite" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-permit-optional-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="optional" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="required-permit-required-deny-requisite-permit-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="requisite" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="requisite-permit-requisite-permit-sufficient-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="requisite" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="requisite" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="sufficient-permit-required-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="sufficient-permit-sufficient-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="optional-deny-sufficient-permit-required-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="optional" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
- <jbsx:application-policy name="sufficient-deny-optional-deny-policy">
- <jbsx:authentication-jaspi>
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
- <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="optional" />
- </jbsx:authentication-jaspi>
- </jbsx:application-policy>
-
-</jbsx:policy>
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jaspi-config.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jaspi-config.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jaspi-config.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,52 +0,0 @@
-<?xml version='1.0'?>
-
-<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="urn:jboss:security-config:5.0"
- xmlns="urn:jboss:security-config:5.0">
-
- <application-policy name="conf-jaspi">
- <authentication-jaspi>
- <login-module-stack name="lm-stack">
- <login-module
- code="org.jboss.test.authentication.jaspi.TestLoginModule"
- flag="optional">
- <module-option name="principal">anil</module-option>
- <module-option name="pass">anilpwd</module-option>
- </login-module>
- </login-module-stack>
- <auth-module code="org.jboss.security.auth.container.modules.SimpleServerAuthModule">
- <module-option name="principal">anil</module-option>
- <module-option name="pass">anilpwd</module-option>
- </auth-module>
- <auth-module code="org.jboss.test.authentication.jaspi.TestServerAuthModule"
- login-module-stack-ref="lm-stack"/>
- </authentication-jaspi>
- </application-policy>
-
- <application-policy name="conf-jaspi-2">
- <authentication-jaspi>
- <auth-module code="org.jboss.test.authentication.jaspi.LoginModuleServerAuthModule">
- <module-option name="login-module-delegate">org.jboss.security.auth.spi.UsersRolesLoginModule</module-option>
- <module-option name="usersProperties">users.properties</module-option>
- <module-option name="rolesProperties">roles.properties</module-option>
- </auth-module>
- </authentication-jaspi>
- </application-policy>
-
- <application-policy name="web-jaspi">
- <authentication-jaspi>
- <login-module-stack name="jaas-lm-stack">
- <login-module
- code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
- <module-option name="usersProperties">users.properties</module-option>
- <module-option name="rolesProperties">roles.properties</module-option>
- </login-module>
- </login-module-stack>
- <auth-module code="org.jboss.security.auth.container.modules.HttpServletServerAuthModule"
- login-module-stack-ref="jaas-lm-stack">
- <module-option name="userNameParam">j_username</module-option>
- <module-option name="passwordParam">j_password</module-option>
- </auth-module>
- </authentication-jaspi>
- </application-policy>
-</policy>
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jboss-acl.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jboss-acl.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/jboss-acl.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,30 +0,0 @@
-<jboss-acl xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="urn:jboss:jboss-acl-config:1.0"
- xmlns="urn:jboss:jboss-acl-config:1.0"
- xmlns:jbxb="urn:jboss:jboss-acl-config:1.0">
-
- <acl-definition resource="org.jboss.test.authorization.acl.ACLTestResource:10">
- <entry>
- <identity-name>Administrator</identity-name>
- <permissions>CREATE,READ,UPDATE,DELETE</permissions>
- </entry>
- <entry>
- <identity-name>Guest</identity-name>
- <permissions>READ</permissions>
- </entry>
- </acl-definition>
-
- <!-- An extends attribute allows an ACL to inherit all the entries from its parent ACL -->
- <acl-definition resource="org.jboss.test.authorization.acl.ACLTestResource:20" extends="org.jboss.test.authorization.acl.ACLTestResource:10">
- <entry>
- <identity-name>Regular_User</identity-name>
- <permissions>READ,UPDATE</permissions>
- </entry>
- <!-- This overrides the definition from the parent ACL -->
- <entry>
- <identity-name>Guest</identity-name>
- <permissions>READ,UPDATE</permissions>
- </entry>
- </acl-definition>
-
-</jboss-acl>
\ No newline at end of file
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/securityConfig41.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/securityConfig41.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/securityConfig41.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,50 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- $Id: config.xml 34316 2005-07-31 23:13:44Z starksm $ -->
-
-<jaas:policy
- xsi:schemaLocation="urn:jboss:security-config security-config_4_1.xsd"
- xmlns:jaas="urn:jboss:security-config:4.1"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- >
- <jaas:application-policy name="conf1">
- <jaas:authentication>
- <jaas:login-module code="org.jboss.security.auth.spi.XMLLoginModule"
- flag="required">
- <jaas:module-option name="userInfo">
- <ur:users
- xsi:schemaLocation="urn:jboss:user-roles user-roles_1_0.xsd"
- xmlns:ur="urn:jboss:user-roles">
- <ur:user name="jduke" password="theduke">
- <ur:role name="Role1"/>
- <ur:role name="Role2"/>
- <ur:role name="Echo"/>
- <ur:role name="callerJduke" group="CallerPrincipal"/>
- </ur:user>
- <ur:user name="scott" password="echoman">
- <ur:role name="Echo"/>
- <ur:role name="ProjectUser"/>
- <ur:role name="callerScott" group="CallerPrincipal"/>
- </ur:user>
- <ur:user name="stark" password="javaman">
- <ur:role name="Java"/>
- <ur:role name="Coder"/>
- <ur:role name="callerStark" group="CallerPrincipal"/>
- </ur:user>
- <ur:user name="jdukeman" password="anotherduke">
- <ur:role name="Role2"/>
- <ur:role name="Role3"/>
- <ur:role name="callerJdukeman" group="CallerPrincipal"/>
- </ur:user>
- <ur:user name="invoker" password="invoker">
- <ur:role name="HttpInvoker"/>
- </ur:user>
- <ur:user name="admin" password="admin">
- <ur:role name="JBossAdmin"/>
- </ur:user>
- </ur:users>
- </jaas:module-option>
- <jaas:module-option name="unauthenticatedIdentity">guest</jaas:module-option>
- </jaas:login-module>
- </jaas:authentication>
- </jaas:application-policy>
-</jaas:policy>
Deleted: projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/securityConfig5.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/securityConfig5.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx/src/test/resources/config/securityConfig5.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -1,155 +0,0 @@
-<?xml version='1.0'?>
-
-<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="urn:jboss:security-config:5.0"
- xmlns="urn:jboss:security-config:5.0"
- xmlns:jbxb="urn:jboss:security-config:5.0">
- <application-policy name = "conf-jaas">
- <authentication>
- <login-module code = "org.jboss.test.TestLoginModule"
- flag = "required">
- <module-option name = "name">1.1</module-option>
- <module-option name = "succeed">true</module-option>
- <module-option name = "throwEx">false</module-option>
- </login-module>
- <login-module code = "org.jboss.test.TestLoginModule2"
- flag = "optional">
- <module-option name = "name">1.2</module-option>
- <module-option name = "succeed">false</module-option>
- <module-option name = "throwEx">true</module-option>
- <module-option name = "dummy">d</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <application-policy name="conf-jaspi">
- <authentication-jaspi>
- <login-module-stack name="lm-stack">
- <login-module
- code="org.jboss.security.auth.spi.UsersRolesLoginModule"
- flag="optional">
- <module-option name="usersProperties">u</module-option>
- <module-option name="rolesProperties">r</module-option>
- <module-option name="unauthenticatedIdentity">anonymous</module-option>
- </login-module>
- </login-module-stack>
- <auth-module code="TestAuthModule">
- <module-option name="usersProperties">u</module-option>
- <module-option name="rolesProperties">r</module-option>
- <module-option name="unauthenticatedIdentity">anonymous</module-option>
- </auth-module>
- <auth-module code="TestAuthModule2" login-module-stack-ref="lm-stack"/>
- </authentication-jaspi>
- </application-policy>
-
- <application-policy name="conf-complete">
- <authentication>
- <login-module code = "org.jboss.test.TestLoginModule"
- flag = "required">
- <module-option name = "name">1.1</module-option>
- <module-option name = "succeed">true</module-option>
- <module-option name = "throwEx">false</module-option>
- </login-module>
- </authentication>
- <authorization>
- <policy-module code = "org.jboss.test.TestPolicyModule"
- flag = "required">
- <module-option name = "name">authz</module-option>
- <module-option name = "succeed">true</module-option>
- </policy-module>
- </authorization>
- <acl>
- <acl-module code="org.jboss.security.authz.ACLModule1" flag="required">
- <module-option name="aclOption1">value1</module-option>
- <module-option name="aclOption2">value2</module-option>
- </acl-module>
- <acl-module code="org.jboss.security.authz.ACLModule2" flag="required">
- <module-option name="aclOption3">value3</module-option>
- <module-option name="aclOption4">value4</module-option>
- </acl-module>
- </acl>
- <rolemapping>
- <mapping-module code = "org.jboss.test.TestMappingModule">
- <module-option name = "name">rolemap</module-option>
- <module-option name = "succeed">true</module-option>
- </mapping-module>
- </rolemapping>
- <mapping>
- <mapping-module code = "org.jboss.test.mapping.MappingModule1" type="principal">
- <module-option name = "option1">value1</module-option>
- </mapping-module>
- </mapping>
- <audit>
- <provider-module code = "org.jboss.test.TestProviderModule"
- flag = "required">
- <module-option name = "name">auditprovider</module-option>
- <module-option name = "succeed">false</module-option>
- </provider-module>
- </audit>
- <identity-trust>
- <trust-module code = "org.jboss.test.TestTrustModule"
- flag = "required">
- <module-option name = "name">trustprovider</module-option>
- <module-option name = "succeed">true</module-option>
- <module-option name = "dummy">dr</module-option>
- </trust-module>
- </identity-trust>
- </application-policy>
-
- <application-policy name = "conf-jaas-extend" extends = "conf-complete">
- <authentication>
- <login-module code = "org.jboss.test.TestLoginModule"
- flag = "required">
- <module-option name = "name">1.3</module-option>
- <module-option name = "succeed">true</module-option>
- <module-option name = "throwEx">false</module-option>
- </login-module>
- <login-module code = "org.jboss.test.TestLoginModule"
- flag = "required">
- <module-option name = "name">1.4</module-option>
- <module-option name = "succeed">true</module-option>
- <module-option name = "throwEx">false</module-option>
- </login-module>
- </authentication>
- <authorization>
- <policy-module code = "org.jboss.test.TestPolicyModule"
- flag = "required">
- <module-option name = "name">authz1</module-option>
- <module-option name = "succeed">true</module-option>
- </policy-module>
- <policy-module code = "org.jboss.test.TestPolicyModule"
- flag = "required">
- <module-option name = "name">authz2</module-option>
- <module-option name = "succeed">true</module-option>
- </policy-module>
- </authorization>
- <acl>
- <acl-module code="org.jboss.security.authz.ACLModule3" flag="optional">
- <module-option name="aclOption5">value5</module-option>
- <module-option name="aclOption6">value6</module-option>
- </acl-module>
- </acl>
- <mapping>
- <mapping-module code = "org.jboss.test.mapping.MappingModule2" type="role">
- <module-option name = "option2">value2</module-option>
- </mapping-module>
- <mapping-module code = "org.jboss.test.mapping.MappingModule3" type="principal">
- <module-option name = "option3">value3</module-option>
- </mapping-module>
- </mapping>
- </application-policy>
-
- <application-policy name="conf-jaspi-extend" extends="conf-jaspi">
- <authentication-jaspi>
- <login-module-stack name="lm-stack2">
- <login-module code="org.jboss.security.TestModule2" flag="requisite">
- <module-option name="prop1">value1</module-option>
- <module-option name="prop2">value2</module-option>
- </login-module>
- </login-module-stack>
- <auth-module code="org.jboss.security.JASPITestModule" login-module-stack-ref="lm-stack2">
- <module-option name="auth.option">auth.value</module-option>
- </auth-module>
- </authentication-jaspi>
- </application-policy>
-</policy>
Modified: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/pom.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/pom.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/pom.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -12,6 +12,57 @@
<name>JBoss Microcontainer Security Integration</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
<description>JBoss Security is a cross cutting project that handles security for the JEMS projects</description>
+ <build>
+ <finalName>${artifactId}</finalName>
+ <resources>
+ <resource>
+ <directory>src/main/java</directory>
+ <includes>
+ <include>**/*.xml</include>
+ </includes>
+ </resource>
+ <resource>
+ <directory>${basedir}</directory>
+ <includes>
+ <include>JBossORG-EULA.txt</include>
+ </includes>
+ </resource>
+ <resource>
+ <directory>src/main/resources</directory>
+ <includes>
+ <include>**/*.dtd</include>
+ <include>**/*.xsd</include>
+ </includes>
+ </resource>
+ <resource>
+ <directory>target/generated-sources/javacc</directory>
+ <includes>
+ <include>**/*.class</include>
+ </includes>
+ </resource>
+ </resources>
+ <plugins>
+ <!-- generate java files from grammar -->
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>javacc-maven-plugin</artifactId>
+ <version>2.6</version>
+ <configuration>
+ <packageName>org/jboss/security/auth/login</packageName>
+ <sourceDirectory>src/main/java</sourceDirectory>
+ <isStatic>false</isStatic>
+ </configuration>
+ <executions>
+ <execution>
+ <goals>
+ <goal>javacc</goal>
+ </goals>
+ <id>javacc</id>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
<dependencies>
<!-- Global dependencies -->
<dependency>
@@ -19,13 +70,19 @@
<artifactId>jboss-logging-spi</artifactId>
</dependency>
<dependency>
- <groupId>org.jboss.logging</groupId>
- <artifactId>jboss-logging-log4j</artifactId>
- </dependency>
- <dependency>
<groupId>org.jboss.security</groupId>
<artifactId>jbosssx-bare</artifactId>
<version>${project.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.jboss</groupId>
+ <artifactId>jboss-common-core</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>jboss</groupId>
+ <artifactId>jboss-common-core</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.jboss</groupId>
@@ -55,14 +112,14 @@
<version>2.0.2.GA</version>
<scope>runtime</scope>
</dependency>
-
- <!-- Test dependencies -->
<dependency>
<groupId>org.jboss</groupId>
<artifactId>jboss-common-core</artifactId>
<version>2.2.17.GA</version>
- <scope>test</scope>
+ <scope>compile</scope>
</dependency>
+
+ <!-- Test dependencies -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLConfigParserJBossXB.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLConfigParserJBossXB.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLConfigParserJBossXB.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,60 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import java.io.InputStream;
+
+import org.jboss.logging.Logger;
+import org.jboss.xb.binding.JBossXBException;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+import org.jboss.xb.binding.sunday.unmarshalling.SchemaBinding;
+import org.jboss.xb.binding.sunday.unmarshalling.XsdBinder;
+
+/**
+ * A JBossXB based acl config parser
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 20, 2010
+ */
+public class ACLConfigParserJBossXB implements ACLConfigParser
+{
+ private static final String schemaName = "schema/jboss-acl-config_1_0.xsd";
+
+ private static Logger log = Logger.getLogger(ACLConfigParserJBossXB.class);
+
+ public ACLConfiguration getConfiguration(InputStream aclConfigFileStream)
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ SchemaBinding schema = XsdBinder.bind(tcl.getResourceAsStream(schemaName), null);
+ Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
+ try
+ {
+ ACLConfiguration configuration = (ACLConfiguration) unmarshaller.unmarshal(aclConfigFileStream, schema);
+ return configuration;
+ }
+ catch (JBossXBException e)
+ {
+ log.debug("Error parsing ACL configuration file", e);
+ throw new RuntimeException(e);
+ }
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,72 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import java.io.InputStream;
+
+import org.jboss.logging.Logger;
+import org.jboss.xb.binding.JBossXBException;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+import org.jboss.xb.binding.sunday.unmarshalling.SchemaBinding;
+import org.jboss.xb.binding.sunday.unmarshalling.XsdBinder;
+
+/**
+ * <p>
+ * Factory for {@code ACLConfiguration} objects.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class ACLConfigurationFactory
+{
+
+ private static final String schemaName = "schema/jboss-acl-config_1_0.xsd";
+
+ private static Logger log = Logger.getLogger(ACLConfigurationFactory.class);
+
+ /**
+ * <p>
+ * Creates and return an {@code ACLConfiguration} object using the specified input stream to read the ACL
+ * configuration file.
+ * </p>
+ *
+ * @param aclConfigFileStream an {@code InputStream} that reads the contents of the ACL configuration file.
+ * @return the constructed {@code ACLConfiguration} object that contains the configured ACLs.
+ */
+ public static ACLConfiguration getConfiguration(InputStream aclConfigFileStream)
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ SchemaBinding schema = XsdBinder.bind(tcl.getResourceAsStream(schemaName), null);
+ Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
+ try
+ {
+ ACLConfiguration configuration = (ACLConfiguration) unmarshaller.unmarshal(aclConfigFileStream, schema);
+ return configuration;
+ }
+ catch (JBossXBException e)
+ {
+ log.debug("Error parsing ACL configuration file", e);
+ throw new RuntimeException(e);
+ }
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLDefinition.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLDefinition.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLDefinition.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,105 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.logging.Logger;
+import org.jboss.xb.binding.GenericValueContainer;
+
+/**
+ * <p>
+ * A container for holding the contents parsed from a {@code <acl-definition>} section of {@code jboss-acl.xml}.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class ACLDefinition extends ACLDefinitionObject implements GenericValueContainer
+{
+ private static Logger logger = Logger.getLogger(ACLDefinition.class);
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
+ */
+ public void addChild(QName name, Object value)
+ {
+ logger.debug("addChild: name=" + name + ", value=" + value);
+
+ if ("resource".equals(name.getLocalPart()))
+ {
+ this.resource = (String) value;
+ }
+ else if ("extends".equals(name.getLocalPart()))
+ {
+ this.baseResource = (String) value;
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#instantiate()
+ */
+ public Object instantiate()
+ {
+ return this;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#getTargetClass()
+ */
+ public Class<?> getTargetClass()
+ {
+ return ACLDefinition.class;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj)
+ {
+ if (obj instanceof ACLDefinition)
+ {
+ ACLDefinition other = (ACLDefinition) obj;
+ return this.resource.equals(other.resource);
+ }
+ return false;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode()
+ {
+ return this.resource.hashCode();
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLEntryHolder.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,147 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.acl.ACLEntry;
+import org.jboss.security.acl.ACLEntryImpl;
+import org.jboss.security.acl.BasicACLPermission;
+import org.jboss.security.acl.CompositeACLPermission;
+import org.jboss.security.identity.Identity;
+import org.jboss.security.identity.plugins.IdentityFactory;
+import org.jboss.xb.binding.GenericValueContainer;
+
+/**
+ * <p>
+ * A container for creating {@code ACLEntry} objects when a jboss-acl configuration is parsed by JBoss XB.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class ACLEntryHolder implements GenericValueContainer
+{
+
+ private static Logger logger = Logger.getLogger(ACLEntryHolder.class);
+
+ private Identity identity;
+
+ private CompositeACLPermission permission;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
+ */
+ public void addChild(QName name, Object value)
+ {
+ logger.debug("addChild: name=" + name + ", value=" + value);
+
+ if ("identity-name".equals(name.getLocalPart()))
+ {
+ String identityName = (String) value;
+ this.identity = this.getIdentityFromString(identityName);
+ }
+ else if ("permissions".equals(name.getLocalPart()))
+ {
+ String permissions = (String) value;
+ this.permission = this.getPermissionsFromString(permissions);
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#instantiate()
+ */
+ public Object instantiate()
+ {
+ return new ACLEntryImpl(this.permission, this.identity);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#getTargetClass()
+ */
+ public Class<?> getTargetClass()
+ {
+ return ACLEntry.class;
+ }
+
+ /**
+ * <p>
+ * Creates an {@code Identity} object from the specified {@code identityName} parameter.
+ * </p>
+ *
+ * @param identityName a {@code String} that represents the identity to be built.
+ * @return the constructed {@code Identity} instance, or {@code null} if the {@code Identity} object cannot be built.
+ */
+ private Identity getIdentityFromString(String identityName)
+ {
+ try
+ {
+ return IdentityFactory.createIdentity(identityName);
+ }
+ catch (Exception e)
+ {
+ logger.debug("Exception caught while constructing Identity object", e);
+ return null;
+ }
+ }
+
+ /**
+ * <p>
+ * Creates a {@code CompositeACLPermission} from the specified {@code permissionString} parameter.
+ * </p>
+ *
+ * @param permissionString a {@code String} containing the permissions assigned to the identity, separated by a comma
+ * (e.g. {@code CREATE,READ,UPDATE}).
+ * @return the constructed {@code CompositeACLPermission} object.
+ */
+ private CompositeACLPermission getPermissionsFromString(String permissionString)
+ {
+ List<BasicACLPermission> permissions = new ArrayList<BasicACLPermission>();
+ if (permissionString != null)
+ {
+ // extract each permission from the permission string.
+ String[] elements = permissionString.split(",");
+ for (String element : elements)
+ {
+ try
+ {
+ permissions.add(BasicACLPermission.valueOf(element));
+ }
+ catch (RuntimeException re)
+ {
+ logger.debug("No BasicACLPermission named " + element + " found", re);
+ }
+ }
+ }
+
+ return new CompositeACLPermission(permissions.toArray(new BasicACLPermission[permissions.size()]));
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLInfoContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLInfoContainer.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLInfoContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,86 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.config.ACLInfo;
+import org.jboss.xb.binding.GenericValueContainer;
+
+/**
+ * <p>
+ * A container for creating {@code ACLInfo} objects when an application policy that specifies ACL modules is parsed by
+ * JBoss XB.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class ACLInfoContainer implements GenericValueContainer
+{
+ private static Logger log = Logger.getLogger(ACLInfoContainer.class);
+
+ private final List<ACLProviderEntry> providerEntries = new ArrayList<ACLProviderEntry>();
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
+ */
+ public void addChild(QName name, Object value)
+ {
+ if (log.isTraceEnabled())
+ log.trace("addChild:Qname=" + name + ":value=" + value);
+
+ if (value instanceof ACLProviderEntry)
+ {
+ ACLProviderEntry entry = (ACLProviderEntry) value;
+ this.providerEntries.add(entry);
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#instantiate()
+ */
+ public Object instantiate()
+ {
+ ACLInfo info = new ACLInfo("dummy");
+ info.add(providerEntries);
+ return info;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#getTargetClass()
+ */
+ public Class<?> getTargetClass()
+ {
+ return ACLInfo.class;
+ }
+
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLProviderEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLProviderEntryHolder.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/ACLProviderEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,125 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.ModuleOption;
+import org.jboss.xb.binding.GenericValueContainer;
+
+/**
+ * <p>
+ * A container for creating {@code ACLProviderEntry} objects when an application policy that specifies ACL modules is
+ * parsed by JBoss XB.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class ACLProviderEntryHolder implements GenericValueContainer
+{
+ private String moduleName = null;
+
+ private ControlFlag controlFlag = ControlFlag.REQUIRED;
+
+ private final Map<String, Object> moduleOptions = new HashMap<String, Object>();
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
+ */
+ public void addChild(QName name, Object value)
+ {
+ // the fully-qualified class name of the ACLProvider.
+ if ("code".equals(name.getLocalPart()))
+ {
+ this.moduleName = (String) value;
+ }
+ // the control flag.
+ if ("flag".equals(name.getLocalPart()))
+ {
+ String flag = (String) value;
+ if ("optional".equals(flag))
+ this.controlFlag = ControlFlag.OPTIONAL;
+ else if ("requisite".equals(flag))
+ this.controlFlag = ControlFlag.REQUISITE;
+ else if ("sufficient".equals(flag))
+ this.controlFlag = ControlFlag.SUFFICIENT;
+ }
+ // the options of the ACLProvider.
+ if (value instanceof ModuleOption)
+ {
+ ModuleOption option = (ModuleOption) value;
+ this.moduleOptions.put(option.getName(), option.getValue());
+ }
+ }
+
+ /**
+ * <p>
+ * Adds the specified option to the set of options used by the {@code ACLProvider}.
+ * </p>
+ *
+ * @param option a {@code ModuleOption} instance representing the option to be added.
+ */
+ public void addOption(ModuleOption option)
+ {
+ moduleOptions.put(option.getName(), option.getValue());
+ }
+
+ /**
+ * <p>
+ * Constructs and returns an {@code ACLProviderEntry} with the information contained in this class.
+ * </p>
+ *
+ * @return a reference to the constructed {@code ACLProviderEntry} object.
+ */
+ public ACLProviderEntry getEntry()
+ {
+ return (ACLProviderEntry) instantiate();
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#instantiate()
+ */
+ public Object instantiate()
+ {
+ ACLProviderEntry entry = new ACLProviderEntry(this.moduleName, this.moduleOptions);
+ entry.setControlFlag(this.controlFlag);
+ return entry;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#getTargetClass()
+ */
+ public Class<?> getTargetClass()
+ {
+ return ACLProviderEntry.class;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/SecurityActions.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/SecurityActions.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/acl/config/SecurityActions.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,44 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 18, 2009
+ */
+class SecurityActions
+{
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/audit/config/AuditConfigEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/audit/config/AuditConfigEntryHolder.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/audit/config/AuditConfigEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,78 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.audit.config;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.security.config.ModuleOption;
+import org.jboss.xb.binding.GenericValueContainer;
+
+//$Id$
+
+/**
+ * A container for creating AuditConfigEntry during jbxb parse
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 14, 2007
+ * @version $Revision$
+ */
+public class AuditConfigEntryHolder implements GenericValueContainer
+{
+ private Map<String,Object> moduleOptions = new HashMap<String,Object>();
+ String moduleName = null;
+
+ public void addChild(QName name, Object value)
+ {
+ if("code".equals(name.getLocalPart()))
+ {
+ moduleName = (String)value;
+ }
+ if(value instanceof ModuleOption)
+ {
+ ModuleOption mo = (ModuleOption)value;
+ moduleOptions.put(mo.getName(),mo.getValue());
+ }
+ }
+
+ public void addOption(ModuleOption option)
+ {
+ moduleOptions.put(option.getName(), option.getValue());
+ }
+
+ public AuditProviderEntry getEntry()
+ {
+ return (AuditProviderEntry)instantiate();
+ }
+
+ public Object instantiate()
+ {
+ AuditProviderEntry entry = new AuditProviderEntry( moduleName,moduleOptions );
+ return entry;
+ }
+
+ public Class<?> getTargetClass()
+ {
+ return AuditProviderEntry.class;
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/container/config/AuthModuleEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/container/config/AuthModuleEntryHolder.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/container/config/AuthModuleEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,83 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.auth.container.config;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.security.config.ModuleOption;
+import org.jboss.xb.binding.GenericValueContainer;
+
+//$Id: AuthModuleEntryHolder.java 69508 2008-01-31 19:55:23Z anil.saldhana at jboss.com $
+
+/**
+ * JBXB Container for parsing an AuthModuleEntry (A configuration entry for
+ * JSR-196 Auth Modules that is similar to the JAAS AppConfigurationEntry)
+ * @author <a href="mailto:anil.saldhana at jboss.org>anil.saldhana at jboss.org</a>
+ * @since Dec 20, 2005
+ */
+public class AuthModuleEntryHolder implements GenericValueContainer
+{
+ private Map<String,Object> moduleOptions = new HashMap<String,Object>();
+ String moduleName = null;
+ String loginModuleStackRefName = null;
+
+ public void addChild(QName name, Object value)
+ {
+ if("code".equals(name.getLocalPart()))
+ {
+ moduleName = (String)value;
+ }
+ else if( "login-module-stack-ref".equals(name.getLocalPart()))
+ {
+ loginModuleStackRefName = (String)value;
+ }
+ if(value instanceof ModuleOption)
+ {
+ ModuleOption mo = (ModuleOption)value;
+ moduleOptions.put(mo.getName(),mo.getValue());
+ }
+ }
+
+ public void addOption(ModuleOption option)
+ {
+ moduleOptions.put(option.getName(), option.getValue());
+ }
+
+ public AuthModuleEntry getEntry()
+ {
+ return new AuthModuleEntry( moduleName,moduleOptions,loginModuleStackRefName );
+ }
+
+ public Object instantiate()
+ {
+ return new AuthModuleEntry( moduleName,moduleOptions,loginModuleStackRefName );
+ }
+
+ public Class<?> getTargetClass()
+ {
+ return AuthModuleEntry.class;
+ }
+
+}
\ No newline at end of file
Property changes on: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/container/config/AuthModuleEntryHolder.java
___________________________________________________________________
Name: svn:executable
+ *
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/AppConfigurationEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/AppConfigurationEntryHolder.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/AppConfigurationEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,117 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.auth.login;
+
+import java.util.HashMap;
+
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+import javax.xml.namespace.QName;
+
+import org.jboss.security.config.ModuleOption;
+import org.jboss.xb.binding.GenericValueContainer;
+
+/**
+ * A container for creating AppConfigurationEntry during jbxb parse.
+ *
+ * @author Scott.Stark at jboss.org
+ * @version $Revision: 69508 $
+ */
+public class AppConfigurationEntryHolder
+ implements GenericValueContainer
+{
+ String code;
+ LoginModuleControlFlag controlFlag = LoginModuleControlFlag.REQUIRED;
+ HashMap<String,Object> options = new HashMap<String,Object>();
+
+ // GenericValueContainer should have default ctor
+ public AppConfigurationEntryHolder()
+ {
+ }
+
+ AppConfigurationEntryHolder(String code, String flag)
+ {
+ this.code = code;
+ controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
+ if (flag != null)
+ {
+ // Lower case is what is used by the jdk1.4.1 implementation
+ flag = flag.toLowerCase();
+ if (AppConfigurationEntry.LoginModuleControlFlag.REQUIRED.toString().indexOf(flag) > 0)
+ controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
+ else if (AppConfigurationEntry.LoginModuleControlFlag.REQUISITE.toString().indexOf(flag) > 0)
+ controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
+ else if (AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT.toString().indexOf(flag) > 0)
+ controlFlag = AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
+ else if (AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL.toString().indexOf(flag) > 0)
+ controlFlag = AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
+ }
+ }
+
+ public AppConfigurationEntry getEntry()
+ {
+ AppConfigurationEntry entry = new AppConfigurationEntry(code, controlFlag, options);
+ return entry;
+ }
+
+ public void addOption(ModuleOption option)
+ {
+ options.put(option.getName(), option.getValue());
+ }
+
+ // GenericValueContainer impl
+
+ public void addChild(QName name, Object value)
+ {
+ if("code".equals(name.getLocalPart()))
+ {
+ this.code = (String)value;
+ }
+ else if("flag".equals(name.getLocalPart()))
+ {
+ // Lower case is what is used by the jdk1.4.1 implementation
+ String flag = ((String)value).toLowerCase();
+ if (AppConfigurationEntry.LoginModuleControlFlag.REQUIRED.toString().indexOf(flag) > 0)
+ controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
+ else if (AppConfigurationEntry.LoginModuleControlFlag.REQUISITE.toString().indexOf(flag) > 0)
+ controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
+ else if (AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT.toString().indexOf(flag) > 0)
+ controlFlag = AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
+ else if (AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL.toString().indexOf(flag) > 0)
+ controlFlag = AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
+ }
+ else if("module-option".equals(name.getLocalPart()))
+ {
+ addOption((ModuleOption)value);
+ }
+ }
+
+ public Object instantiate()
+ {
+ return new AppConfigurationEntry(code, controlFlag, options);
+ }
+
+ public Class<?> getTargetClass()
+ {
+ return AppConfigurationEntry.class;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/AuthenticationInfoContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/AuthenticationInfoContainer.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/AuthenticationInfoContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,116 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.auth.login;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.xml.namespace.QName;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.xb.binding.GenericValueContainer;
+
+/**
+ * A container for creating AuthenticationInfo during jbxb parse.
+ *
+ * @author Scott.Stark at jboss.org
+ * @author <a href="mailto:anil.saldhana at jboss.org>anil.saldhana at jboss.org</a>
+ * @version $Revision: 73520 $
+ */
+public class AuthenticationInfoContainer
+ implements GenericValueContainer
+{
+ private static Logger log = Logger.getLogger(AuthenticationInfoContainer.class);
+
+ BaseAuthenticationInfo info = null;
+
+ String authName = null;
+
+ @SuppressWarnings("unchecked")
+ List moduleEntries = new ArrayList();
+
+ @SuppressWarnings("unchecked")
+ Map loginModuleStackMap = new HashMap();
+
+ boolean isJASPIAuthentication = false;
+
+ @SuppressWarnings("unchecked")
+ public void addChild(QName name, Object value)
+ {
+ log.debug("addChild::" + name + ":" + value);
+ if("name".equals(name.getLocalPart()))
+ {
+ authName = (String)value;
+ }
+ else if( value instanceof AppConfigurationEntryHolder )
+ {
+ AppConfigurationEntryHolder ace = (AppConfigurationEntryHolder) value;
+ moduleEntries.add(ace.getEntry());
+ }
+ else if( value instanceof AppConfigurationEntry )
+ {
+ AppConfigurationEntry ace = (AppConfigurationEntry) value;
+ moduleEntries.add(ace);
+ }
+ else if( value instanceof AuthModuleEntry )
+ {
+ AuthModuleEntry ame = (AuthModuleEntry)value;
+ //Check if the authmodule needs a reference to a loginmodulestack
+ String lmshName = ame.getLoginModuleStackHolderName();
+ if( lmshName != null )
+ ame.setLoginModuleStackHolder((LoginModuleStackHolder)loginModuleStackMap.get(lmshName));
+ moduleEntries.add(ame);
+ this.isJASPIAuthentication = true;
+ }
+ else if( value instanceof LoginModuleStackHolder )
+ {
+ LoginModuleStackHolder lmsh = (LoginModuleStackHolder)value;
+ loginModuleStackMap.put( lmsh.getName(), lmsh );
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ public Object instantiate()
+ {
+ if(isJASPIAuthentication == false)
+ {
+ info = new AuthenticationInfo(authName);
+ }
+ else
+ {
+ info = new JASPIAuthenticationInfo(authName);
+ }
+
+ info.add(moduleEntries);
+ return info;
+ }
+
+ public Class<?> getTargetClass()
+ {
+ return BaseAuthenticationInfo.class;
+ }
+
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/JBossXBParsingUtil.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/JBossXBParsingUtil.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/JBossXBParsingUtil.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,94 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.auth.login;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.Set;
+
+import org.jboss.security.auth.spi.UsersObjectModelFactory;
+import org.jboss.security.authorization.config.SecurityConfigObjectModelFactory;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.PolicyConfig;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+
+/**
+ * Parsing utility using JBossXB
+ * @author Anil.Saldhana at redhat.com
+ * @since May 30, 2008
+ */
+public class JBossXBParsingUtil
+{
+ private XMLLoginConfigImpl xmlConfig = XMLLoginConfigImpl.getInstance();
+
+ public void parse(URL loginConfigURL, ArrayList<String> configNames) throws Exception
+ {
+ LoginConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
+ UsersObjectModelFactory uomf = new UsersObjectModelFactory();
+
+ InputStreamReader xmlReader = loadURL(loginConfigURL);
+ Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
+ unmarshaller.mapFactoryToNamespace(uomf, "http://www.jboss.org/j2ee/schemas/XMLLoginModule");
+ Object root = null;
+ PolicyConfig config = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, root);
+ Set<String> cnames = config.getConfigNames();
+ configNames.addAll(cnames);
+ xmlConfig.copy(config);
+
+ // Add the config to SecurityConfiguration
+ for (String cname : cnames)
+ {
+ ApplicationPolicy ap = config.get(cname);
+ SecurityConfiguration.addApplicationPolicy(ap);
+ handleJASPIDelegation(ap);
+ }
+
+ }
+
+ private void handleJASPIDelegation(ApplicationPolicy aPolicy)
+ {
+ BaseAuthenticationInfo bai = aPolicy.getAuthenticationInfo();
+ if (bai instanceof JASPIAuthenticationInfo)
+ {
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
+ LoginModuleStackHolder[] lmsharr = jai.getLoginModuleStackHolder();
+ for (LoginModuleStackHolder lmsh : lmsharr)
+ {
+ xmlConfig.addAppConfig(lmsh.getName(), lmsh.getAppConfigurationEntry());
+ }
+ }
+ }
+
+ private InputStreamReader loadURL(URL configURL) throws IOException
+ {
+ InputStream is = configURL.openStream();
+ if (is == null)
+ throw new IOException("Failed to obtain InputStream from url: " + configURL);
+ InputStreamReader xmlReader = new InputStreamReader(is);
+ return xmlReader;
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/LoginConfigObjectModelFactory.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/LoginConfigObjectModelFactory.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/LoginConfigObjectModelFactory.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,361 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.auth.login;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.login.AppConfigurationEntry;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.ModuleOption;
+import org.jboss.security.config.PolicyConfig;
+import org.jboss.util.StringPropertyReplacer;
+import org.jboss.xb.binding.ObjectModelFactory;
+import org.jboss.xb.binding.UnmarshallingContext;
+import org.xml.sax.Attributes;
+
+/**
+ * A JBossXB object factory for parsing the login-config.xml object model.
+ *
+ * @author Scott.Stark at jboss.org
+ * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil.Saldhana at jboss.org</a>
+ * @version $Revision: 79683 $
+ */
+public class LoginConfigObjectModelFactory implements ObjectModelFactory
+{
+ private static Logger log = Logger.getLogger(LoginConfigObjectModelFactory.class);
+
+ private boolean trace;
+
+ protected final Map<String, ControlFlag> controlFlags;
+
+ public LoginConfigObjectModelFactory()
+ {
+ this.controlFlags = new HashMap<String, ControlFlag>();
+ controlFlags.put("REQUIRED", ControlFlag.REQUIRED);
+ controlFlags.put("REQUISITE", ControlFlag.REQUISITE);
+ controlFlags.put("OPTIONAL", ControlFlag.OPTIONAL);
+ controlFlags.put("SUFFICIENT", ControlFlag.SUFFICIENT);
+ }
+
+ public Object completeRoot(Object root, UnmarshallingContext ctx, String uri, String name)
+ {
+ if (trace)
+ log.trace("completeRoot");
+ return root;
+ }
+
+ public Object newRoot(Object root, UnmarshallingContext navigator, String namespaceURI, String localName,
+ Attributes attrs)
+ {
+ trace = log.isTraceEnabled();
+ if (!localName.equals("policy"))
+ {
+ throw new IllegalStateException("Unexpected root element: was expecting 'policy' but got '" + localName + "'");
+ }
+ if (trace)
+ log.trace("newRoot, created PolicyConfig for policy element");
+ return new PolicyConfig();
+ }
+
+ public Object newChild(PolicyConfig config, UnmarshallingContext navigator, String namespaceUri, String localName,
+ Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.PolicyConfig, localName: " + localName);
+ if ("application-policy".equals(localName))
+ {
+ String name = attrs.getValue("name");
+ name = StringPropertyReplacer.replaceProperties(name);
+ ApplicationPolicy aPolicy = new ApplicationPolicy(name);
+ aPolicy.setPolicyConfig(config);
+ String baseAppPolicyName = attrs.getValue("extends");
+ if (baseAppPolicyName != null)
+ aPolicy.setBaseApplicationPolicyName(baseAppPolicyName);
+ if (trace)
+ log.trace("newChild.PolicyConfig, AuthenticationInfo: " + name);
+ child = aPolicy;
+ }
+ return child;
+ }
+
+ public Object newChild(ApplicationPolicy aPolicy, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.ApplicationPolicy, localName: " + localName);
+ String name = aPolicy.getName();
+ if ("authentication".equals(localName))
+ {
+ child = new AuthenticationInfo(name);
+ if (trace)
+ log.trace("newChild.PolicyConfig, AuthenticationInfo: " + name);
+ }
+ else if ("authentication-jaspi".equals(localName))
+ {
+ child = new JASPIAuthenticationInfo(name);
+ if (trace)
+ log.trace("newChild.PolicyConfig, AuthenticationInfo: " + name);
+ }
+ return child;
+ }
+
+ public Object newChild(BaseAuthenticationInfo info, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.AuthenticationInfo, localName: " + localName);
+ if ("authentication".equals(localName))
+ {
+ child = new AuthenticationInfo(info.getName());
+ if (trace)
+ log.trace("newChild.PolicyConfig, AuthenticationInfo: " + info.getName());
+ }
+ else if ("authentication-jaspi".equals(localName))
+ {
+ child = new JASPIAuthenticationInfo(info.getName());
+ if (trace)
+ log.trace("newChild.PolicyConfig, AuthenticationInfo: " + info.getName());
+ }
+ return child;
+ }
+
+ public Object newChild(AuthenticationInfo info, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.AuthenticationInfo, localName: " + localName);
+ if ("login-module".equals(localName))
+ {
+ String code = attrs.getValue("code");
+ code = StringPropertyReplacer.replaceProperties(code.trim());
+ String flag = attrs.getValue("flag");
+ if (flag != null)
+ flag = StringPropertyReplacer.replaceProperties(flag.trim());
+ AppConfigurationEntryHolder holder = new AppConfigurationEntryHolder(code, flag);
+ child = holder;
+ if (trace)
+ log.trace("newChild.AuthenticationInfo, login-module code: " + code);
+ }
+
+ return child;
+ }
+
+ public Object newChild(JASPIAuthenticationInfo info, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.AuthenticationJaspiInfo, localName: " + localName);
+ if ("login-module-stack".equals(localName))
+ {
+ String lmsName = attrs.getValue("name");
+ lmsName = StringPropertyReplacer.replaceProperties(lmsName.trim());
+ child = new LoginModuleStackHolder(lmsName, null);
+ if (trace)
+ log.trace("newChild.AuthenticationInfo, login-module-stack: " + lmsName);
+ }
+ else if ("auth-module".equals(localName))
+ {
+ String code = attrs.getValue("code");
+ AuthModuleEntry authModuleEntry = new AuthModuleEntry(code, null, null);
+
+ String flag = attrs.getValue("flag");
+ authModuleEntry.setControlFlag(getControlFlag(flag));
+
+ String lmsRef = attrs.getValue("login-module-stack-ref");
+ if (lmsRef != null)
+ authModuleEntry.setLoginModuleStackHolder(info.getLoginModuleStackHolder(lmsRef));
+ child = authModuleEntry;
+ }
+
+ return child;
+ }
+
+ public Object newChild(LoginModuleStackHolder entry, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.LoginModuleStackHolder, localName: " + localName);
+ if ("login-module".equals(localName))
+ {
+ String code = attrs.getValue("code");
+ code = StringPropertyReplacer.replaceProperties(code.trim());
+ String flag = attrs.getValue("flag");
+ flag = StringPropertyReplacer.replaceProperties(flag.trim());
+ AppConfigurationEntryHolder holder = new AppConfigurationEntryHolder(code, flag);
+ child = holder;
+ if (trace)
+ log.trace("newChild.AuthenticationInfo, login-module code: " + code);
+ }
+
+ return child;
+ }
+
+ public Object newChild(AppConfigurationEntryHolder entry, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.AppConfigurationEntryHolder, localName: " + localName);
+ if ("module-option".equals(localName))
+ {
+ String name = attrs.getValue("name");
+ child = new ModuleOption(name);
+ if (trace)
+ log.trace("newChild.AppConfigurationEntryHolder, module-option name: " + name);
+ }
+
+ return child;
+ }
+
+ public Object newChild(AuthModuleEntry entry, UnmarshallingContext navigator, String namespaceUri, String localName,
+ Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.AppConfigurationEntryHolder, localName: " + localName);
+ if ("module-option".equals(localName))
+ {
+ String name = attrs.getValue("name");
+ child = new ModuleOption(name);
+ if (trace)
+ log.trace("newChild.AuthModuleEntry, module-option name: " + name);
+ }
+
+ return child;
+ }
+
+ public void setValue(ModuleOption option, UnmarshallingContext navigator, String namespaceUri, String localName,
+ String value)
+ {
+ if ("module-option".equals(localName))
+ {
+ String valueWithReplacement = StringPropertyReplacer.replaceProperties(value.trim());
+ option.setValue(valueWithReplacement);
+ if (trace)
+ log.trace("setValue.ModuleOption, name: " + localName + ":valueWithReplacement:" + valueWithReplacement);
+ }
+ }
+
+ public void addChild(ModuleOption option, Object value, UnmarshallingContext navigator, String namespaceURI,
+ String localName)
+ {
+ option.setValue(value);
+ if (trace)
+ log.trace("addChild.ModuleOption, name: " + option.getName());
+ }
+
+ public void addChild(AuthenticationInfo authInfo, AppConfigurationEntryHolder entryInfo,
+ UnmarshallingContext navigator, String namespaceURI, String localName)
+ {
+ AppConfigurationEntry entry = entryInfo.getEntry();
+ authInfo.addAppConfigurationEntry(entry);
+ if (trace)
+ log.trace("addChild.AuthenticationInfo, name: " + entry.getLoginModuleName());
+ }
+
+ public void addChild(AppConfigurationEntryHolder entryInfo, ModuleOption option, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ entryInfo.addOption(option);
+ if (trace)
+ log.trace("addChild.AppConfigurationEntryHolder, name: " + option.getName());
+ }
+
+ public void addChild(JASPIAuthenticationInfo authInfo, AuthModuleEntry entry, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ authInfo.add(entry);
+ }
+
+ public void addChild(LoginModuleStackHolder lmsh, AppConfigurationEntryHolder entryInfo,
+ UnmarshallingContext navigator, String namespaceURI, String localName)
+ {
+ lmsh.addAppConfigurationEntry(entryInfo.getEntry());
+ if (trace)
+ log.trace("addChild.LoginModuleStackHolder, name: " + entryInfo.getEntry().getLoginModuleName());
+ }
+
+ public void addChild(AuthModuleEntry entry, ModuleOption option, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ entry.addOption(option);
+ if (trace)
+ log.trace("addChild.AppConfigurationEntryHolder, name: " + option.getName());
+ }
+
+ public void addChild(JASPIAuthenticationInfo authInfo, LoginModuleStackHolder lmsHolder,
+ UnmarshallingContext navigator, String namespaceURI, String localName)
+ {
+ authInfo.add(lmsHolder);
+ }
+
+ public void addChild(ApplicationPolicy aPolicy, JASPIAuthenticationInfo authInfo, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ aPolicy.setAuthenticationInfo(authInfo);
+ if (trace)
+ log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
+ }
+
+ public void addChild(ApplicationPolicy aPolicy, AuthenticationInfo authInfo, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ aPolicy.setAuthenticationInfo(authInfo);
+ if (trace)
+ log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
+ }
+
+ public void addChild(PolicyConfig pc, ApplicationPolicy aPolicy, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ pc.add(aPolicy);
+ if (trace)
+ log.trace("Added ApplicationPolicy to PolicyConfig, name: " + aPolicy.getName());
+ }
+
+ public ControlFlag getControlFlag(String flag)
+ {
+ ControlFlag controlFlag = null;
+
+ if(flag != null)
+ {
+ flag = StringPropertyReplacer.replaceProperties(flag.trim());
+ controlFlag = this.controlFlags.get(flag.toUpperCase());
+ }
+ if (controlFlag == null)
+ controlFlag = ControlFlag.REQUIRED;
+
+ return controlFlag;
+ }
+
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/LoginModuleStackContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/LoginModuleStackContainer.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/LoginModuleStackContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,66 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.auth.login;
+
+import java.util.ArrayList;
+
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.xml.namespace.QName;
+
+import org.jboss.xb.binding.GenericValueContainer;
+
+//$Id: LoginModuleStackContainer.java 73520 2008-05-20 12:27:24Z anil.saldhana at jboss.com $
+
+/**
+ * A container for creating LoginModuleStack during jbxb parse.
+ * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @since Dec 24, 2005
+ * @version $Revision: 73520 $
+ */
+ at SuppressWarnings("unchecked")
+public class LoginModuleStackContainer implements GenericValueContainer
+{
+ String lmsName = null;
+
+ private ArrayList appEntries = new ArrayList();
+
+ public void addChild(QName name, Object value)
+ {
+ if("name".equals(name.getLocalPart()))
+ {
+ lmsName = (String)value;
+ }
+ if( value instanceof AppConfigurationEntry)
+ appEntries.add(value);
+ }
+
+ public Object instantiate()
+ {
+ return new LoginModuleStackHolder(lmsName, appEntries);
+ }
+
+ public Class getTargetClass()
+ {
+ return LoginModuleStackHolder.class;
+ }
+
+}
Property changes on: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/LoginModuleStackContainer.java
___________________________________________________________________
Name: svn:executable
+ *
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/ModuleOptionContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/ModuleOptionContainer.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/ModuleOptionContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,92 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.auth.login;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.security.config.ModuleOption;
+import org.jboss.xb.binding.GenericValueContainer;
+
+/**
+ * ModuleOption declares a constructor that takes name as a parameter while the
+ * value should be set with the setter. This use-case is not supported
+ * out-of-the-box by jbxb, so, we use this container.
+ *
+ * @author <a href="mailto:alex at jboss.org">Alexey Loubyansky</a>
+ * @version <tt>$Revision: 69508 $</tt>
+ */
+public class ModuleOptionContainer
+ implements GenericValueContainer
+{
+ private String name;
+ private Object value;
+
+
+ /**
+ @return - the option value
+ */
+ public Object getValue()
+ {
+ return value;
+ }
+
+ /**
+ Setter used when the module option is passed as the text body of the
+ module-option element.
+
+ @param value - text value
+ */
+ public void setValue(Object value)
+ {
+ this.value = value;
+ }
+
+ /**
+ Add attributes or nested element content.
+
+ @param name - the attribute or element name
+ @param value - the attribute or element value
+ */
+ public void addChild(QName name, Object value)
+ {
+ if("name".equals(name.getLocalPart()))
+ {
+ this.name = (String)value;
+ }
+ else
+ {
+ this.value = value;
+ }
+ }
+
+ public Object instantiate()
+ {
+ ModuleOption option = new ModuleOption(name);
+ option.setValue(value);
+ return option;
+ }
+
+ public Class<?> getTargetClass()
+ {
+ return ModuleOption.class;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/SunConfigParser.jj
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/SunConfigParser.jj (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/SunConfigParser.jj 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,265 @@
+/* JBoss, the OpenSource J2EE WebOS
+ *
+ * Distributable under LGPL license.
+ * See terms of license at gnu.org.
+ */
+
+options {
+ LOOKAHEAD=1;
+ DEBUG_PARSER=true;
+ DEBUG_LOOKAHEAD=true;
+ DEBUG_TOKEN_MANAGER=false;
+}
+
+PARSER_BEGIN(SunConfigParser)
+
+package org.jboss.security.auth.login;
+
+import java.io.Reader;
+import java.io.StringReader;
+import java.util.ArrayList;
+import java.util.HashMap;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+
+/**
+ * A JavaCC 2.1 grammar for the default JAAS configuration file provided by Sun.
+ * The format of an entry is:
+ Application {
+ ModuleClass Flag ModuleOptions;
+ ModuleClass Flag ModuleOptions;
+ ModuleClass Flag ModuleOptions;
+ };
+
+ * @see http://www.webgain.com/products/metamata/java_doc.html
+ *
+ * @author Scott.Stark at jboss.org
+ * @version $Revision: 16662 $
+ */
+public class SunConfigParser
+{
+ private XMLLoginConfigImpl loginConfig;
+
+ public SunConfigParser()
+ {
+ // keep the parser from feaking out, init using one of
+ // the JavaCC generated constructor
+ this(new StringReader(""));
+ }
+
+ public void parse(Reader configFile, XMLLoginConfigImpl loginConfig)
+ throws ParseException
+ {
+ parse(configFile, loginConfig, false);
+ }
+
+ public void parse(Reader configFile, XMLLoginConfigImpl loginConfig, boolean trace)
+ throws ParseException
+ {
+ ReInit(configFile);
+
+ // This will have no effect unless the debugging options are true
+ if (trace)
+ {
+ this.enable_tracing();
+ }
+ else
+ {
+ this.disable_tracing();
+ }
+
+ this.loginConfig = loginConfig;
+ this.config();
+ }
+
+ /**
+ * Strip off the leading and trailing (quote) chars from the given string
+ * and return it. Does not actually check to make sure they are '\'' chars.
+ */
+ private String stripQuotes(String image)
+ {
+ return image.substring(1, image.length() - 1);
+ }
+
+ public static void doParse(Reader configFile, XMLLoginConfigImpl loginConfig)
+ throws ParseException
+ {
+ doParse(configFile, loginConfig, false);
+ }
+
+ public static void doParse(Reader configFile, XMLLoginConfigImpl loginConfig, boolean trace)
+ throws ParseException
+ {
+ SunConfigParser parser = new SunConfigParser();
+ parser.parse(configFile, loginConfig, trace);
+ }
+}
+
+PARSER_END(SunConfigParser)
+
+/* IGNORE WHITESPACE */
+
+SKIP :
+{
+ " "
+ | "\r"
+ | "\t"
+ | "\n"
+}
+
+
+SPECIAL_TOKEN : /* COMMENTS */
+{
+ <SINGLE_LINE_COMMENT: ("//"|"#") (~["\n","\r"])* ("\n"|"\r"|"\r\n")>
+| <MULTI_LINE_COMMENT: "/*" (~["*"])* "*" ("*" | (~["*","/"] (~["*"])* "*"))* "/">
+}
+
+TOKEN :
+{
+ < OPEN_BKT: "{" >
+ | < CLOSE_BKT: "}" >
+ | < SEMI_COLON: ";" >
+ | < EQUALS: "=" >
+
+}
+
+/* Literals */
+
+TOKEN :
+{
+ < LONG: ( ["0" - "9"] )+ >
+ | < DOUBLE: <FLOAT>
+ | <FLOAT> ( ["e","E"] ([ "-","+"])? <LONG> )?
+ >
+ | < #FLOAT: <LONG> ( "." (<LONG>)? )
+ | "." <LONG>
+ >
+ | < STRING:
+ (
+ "'"
+ ( (~["'","\n","\r"])
+ | ("''")
+ )*
+ "'"
+ )
+ |
+ (
+ "\""
+ ( (~["\"","\n","\r"])
+ | ("\"\"")
+ )*
+ "\""
+ ) >
+}
+
+TOKEN [IGNORE_CASE]:
+{
+ <CONTROL_FLAG: "required" | "requisite" | "sufficient" | "optional">
+|
+ <IDENTIFIER: <LETTER> (<LETTER>|<DIGIT>|"-"|"_")* >
+|
+ <CLASSNAME: <LETTER> (<LETTER>|<DIGIT>)* ("." <LETTER> (<LETTER>|<DIGIT>)*)* >
+|
+ <#LETTER: [ "_","$", "a"-"z", "A"-"Z" ] >
+|
+ <#DIGIT: ["0" - "9"] >
+|
+ <ANY: (<NOTSPACE_EQUALS>)+ >
+|
+ <#NOTSPACE_EQUALS: (~[" ","\t","\n","\r","=",";"]) >
+}
+
+/** Start of the grammar */
+
+void config() :
+{
+}
+{
+ ( appConfig() )* <EOF>
+}
+
+void appConfig() :
+{
+ Token t = null;
+ String appName;
+ AppConfigurationEntry entry;
+ ArrayList entries = new ArrayList();
+}
+{
+ t=<IDENTIFIER> { appName = t.image; } <OPEN_BKT>
+ (
+ entry = loginModuleConfig()
+ {
+ entries.add(entry);
+ }
+ ) +
+ <CLOSE_BKT> <SEMI_COLON>
+ {
+ AppConfigurationEntry[] appConfig = new AppConfigurationEntry[entries.size()];
+ entries.toArray(appConfig);
+ loginConfig.addAppConfig(appName, appConfig);
+ }
+}
+
+AppConfigurationEntry loginModuleConfig() :
+{
+ Token t = null;
+ String loginModuleClassName;
+ HashMap optionsMap = new HashMap();
+ LoginModuleControlFlag controlFlag;
+ AppConfigurationEntry entry;
+}
+{
+ t=<CLASSNAME> { loginModuleClassName = t.image; }
+ controlFlag = controlFlag()
+ ( moduleOptions(optionsMap) )*
+ <SEMI_COLON>
+ {
+ entry = new AppConfigurationEntry(loginModuleClassName, controlFlag, optionsMap);
+ return entry;
+ }
+}
+
+LoginModuleControlFlag controlFlag() :
+{
+ Token t;
+ LoginModuleControlFlag flag = null;
+}
+{
+ t=<CONTROL_FLAG>
+ {
+ if( LoginModuleControlFlag.REQUIRED.toString().indexOf(t.image) > 0 )
+ flag = LoginModuleControlFlag.REQUIRED;
+ else if( LoginModuleControlFlag.REQUISITE.toString().indexOf(t.image) > 0 )
+ flag = LoginModuleControlFlag.REQUISITE;
+ else if( LoginModuleControlFlag.SUFFICIENT.toString().indexOf(t.image) > 0 )
+ flag = LoginModuleControlFlag.SUFFICIENT;
+ else if( LoginModuleControlFlag.OPTIONAL.toString().indexOf(t.image) > 0 )
+ flag = LoginModuleControlFlag.OPTIONAL;
+ return flag;
+ }
+}
+
+void moduleOptions(HashMap optionsMap) :
+{
+ Token t;
+ String name, value;
+}
+{
+ ( t=<IDENTIFIER> | t=<CLASSNAME> )
+ { name = t.image; }
+ <EQUALS>
+ (
+ ( t=<IDENTIFIER> | t=<CLASSNAME> | t=<DOUBLE> | t=<LONG> | t=<ANY> )
+ {
+ value = t.image;
+ optionsMap.put(name, value);
+ }
+ | t=<STRING>
+ {
+ value = stripQuotes(t.image);
+ optionsMap.put(name, value);
+ }
+ )
+}
+
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,449 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.auth.login;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.Serializable;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.util.ArrayList;
+
+import javax.security.auth.AuthPermission;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.ApplicationPolicyRegistration;
+import org.jboss.security.config.PolicyConfig;
+import org.jboss.security.config.SecurityConfiguration;
+
+/**
+ * An concrete implementation of the javax.security.auth.login.Configuration class that parses an xml configuration of
+ * the form:
+ *
+ * <policy> <application-policy name = "test-domain"> <authentication> <login-module code =
+ * "org.jboss.security.plugins.samples.IdentityLoginModule" flag = "required"> <module-option name = "principal">starksm</module-option>
+ * </login-module> </authentication> </application-policy> </policy>
+ *
+ * @see javax.security.auth.login.Configuration
+ *
+ * @author Scott.Stark at jboss.org
+ * @author Anil.Saldhana at jboss.org
+ * @version $Revision: 57482 $
+ */
+public class XMLLoginConfigImpl extends Configuration implements Serializable, ApplicationPolicyRegistration
+{
+ /** The serialVersionUID */
+ private static final long serialVersionUID = -8965860493224188277L;
+
+ private static final String DEFAULT_APP_CONFIG_NAME = "other";
+
+ private static final AuthPermission REFRESH_PERM = new AuthPermission("refreshLoginConfiguration");
+
+ private static Logger log = Logger.getLogger(XMLLoginConfigImpl.class);
+ private boolean trace = log.isTraceEnabled();
+
+ transient PolicyConfig appConfigs = new PolicyConfig();
+
+ /** The URL to the XML or Sun login configuration */
+ protected URL loginConfigURL;
+
+ /** The inherited configuration we delegate to */
+ protected Configuration parentConfig;
+
+ /** A flag indicating if XML configs should be validated */
+ private boolean validateDTD = true;
+
+ private static final XMLLoginConfigImpl instance = new XMLLoginConfigImpl();
+
+ /**
+ * <p>
+ * Private constructor to implement the singleton pattern.
+ * </p>
+ */
+ private XMLLoginConfigImpl()
+ {
+ }
+
+ /**
+ * <p>
+ * Obtains a reference to the singleton.
+ * </p>
+ *
+ * @return a reference to the singleton {@code XMLLoginConfigImpl} instance.
+ */
+ public static XMLLoginConfigImpl getInstance()
+ {
+ return instance;
+ }
+
+ // --- Begin Configuration method overrrides
+ @Override
+ public void refresh()
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+ if (log.isTraceEnabled())
+ log.trace("Begin refresh");
+ appConfigs.clear();
+ loadConfig();
+ if (log.isTraceEnabled())
+ log.trace("End refresh");
+ }
+
+ @Override
+ public AppConfigurationEntry[] getAppConfigurationEntry(String appName)
+ {
+ if (log.isTraceEnabled())
+ log.trace("Begin getAppConfigurationEntry(" + appName + "), size=" + appConfigs.size());
+
+ // Load the config if PolicyConfig is empty
+ if (this.appConfigs.size() == 0)
+ this.loadConfig();
+
+ AppConfigurationEntry[] entry = null;
+ ApplicationPolicy aPolicy = this.getApplicationPolicy(appName);
+ BaseAuthenticationInfo authInfo = null;
+ if (aPolicy != null)
+ authInfo = aPolicy.getAuthenticationInfo();
+
+ if (authInfo == null)
+ {
+ if (log.isTraceEnabled())
+ log.trace("getAppConfigurationEntry(" + appName + "), no entry in appConfigs, tyring parentCont: "
+ + parentConfig);
+ if (parentConfig != null)
+ entry = parentConfig.getAppConfigurationEntry(appName);
+ if (entry == null)
+ {
+ if (log.isTraceEnabled())
+ log.trace("getAppConfigurationEntry(" + appName + "), no entry in parentConfig, trying: "
+ + DEFAULT_APP_CONFIG_NAME);
+ }
+ ApplicationPolicy defPolicy = appConfigs.get(DEFAULT_APP_CONFIG_NAME);
+ authInfo = defPolicy != null ? (AuthenticationInfo) defPolicy.getAuthenticationInfo() : null;
+ }
+
+ if (authInfo != null)
+ {
+ if (log.isTraceEnabled())
+ log.trace("End getAppConfigurationEntry(" + appName + "), authInfo=" + authInfo);
+ // Make a copy of the authInfo object
+ final BaseAuthenticationInfo theAuthInfo = authInfo;
+ PrivilegedAction<AppConfigurationEntry[]> action = new PrivilegedAction<AppConfigurationEntry[]>()
+ {
+ public AppConfigurationEntry[] run()
+ {
+ return theAuthInfo.copyAppConfigurationEntry();
+ }
+ };
+ entry = AccessController.doPrivileged(action);
+ }
+ else
+ {
+ if (log.isTraceEnabled())
+ log.trace("End getAppConfigurationEntry(" + appName + "), failed to find entry");
+ }
+
+ return entry;
+ }
+
+ // --- End Configuration method overrrides
+
+ /**
+ * Set the URL of the XML login configuration file that should be loaded by this mbean on startup.
+ */
+ public URL getConfigURL()
+ {
+ return loginConfigURL;
+ }
+
+ /**
+ * Set the URL of the XML login configuration file that should be loaded by this mbean on startup.
+ */
+ public void setConfigURL(URL loginConfigURL)
+ {
+ this.loginConfigURL = loginConfigURL;
+ }
+
+ public void setConfigResource(String resourceName) throws IOException
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ loginConfigURL = tcl.getResource(resourceName);
+ if (loginConfigURL == null)
+ throw new IOException("Failed to find resource: " + resourceName);
+ }
+
+ public void setParentConfig(Configuration parentConfig)
+ {
+ this.parentConfig = parentConfig;
+ }
+
+ /**
+ * Get whether the login config xml document is validated againsts its DTD
+ */
+ public boolean getValidateDTD()
+ {
+ return this.validateDTD;
+ }
+
+ /**
+ * Set whether the login config xml document is validated againsts its DTD
+ */
+ public void setValidateDTD(boolean flag)
+ {
+ this.validateDTD = flag;
+ }
+
+ /**
+ * @see ApplicationPolicyRegistration#addApplicationPolicy(String, ApplicationPolicy)
+ */
+ public void addApplicationPolicy(String appName, ApplicationPolicy aPolicy)
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+ appConfigs.add(aPolicy);
+ handleJASPIDelegation(aPolicy);
+ SecurityConfiguration.addApplicationPolicy(aPolicy);
+ }
+
+ /**
+ * Add an application configuration
+ */
+ public void addAppConfig(String appName, AppConfigurationEntry[] entries)
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+ AuthenticationInfo authInfo = new AuthenticationInfo(appName);
+ authInfo.setAppConfigurationEntry(entries);
+ if (log.isTraceEnabled())
+ log.trace("addAppConfig(" + appName + "), authInfo=" + authInfo);
+ ApplicationPolicy aPolicy = new ApplicationPolicy(appName, authInfo);
+ appConfigs.add(aPolicy);
+ SecurityConfiguration.addApplicationPolicy(aPolicy);
+ }
+
+ public void copy(PolicyConfig policyConfig)
+ {
+ this.appConfigs.copy(policyConfig);
+ }
+
+ /**
+ * @deprecated
+ * @see #removeApplicationPolicy(String)
+ * @param appName
+ */
+ @Deprecated
+ public void removeAppConfig(String appName)
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+ if (log.isTraceEnabled())
+ log.trace("removeAppConfig, appName=" + appName);
+ appConfigs.remove(appName);
+ SecurityConfiguration.removeApplicationPolicy(appName);
+ }
+
+ /**
+ * @see ApplicationPolicyRegistration#getApplicationPolicy(String)
+ */
+ public ApplicationPolicy getApplicationPolicy(String domainName)
+ {
+ if (appConfigs == null || appConfigs.size() == 0)
+ loadConfig();
+ ApplicationPolicy aPolicy = null;
+ if(appConfigs != null )
+ aPolicy = appConfigs.get(domainName);
+ if (aPolicy != null)
+ SecurityConfiguration.addApplicationPolicy(aPolicy);
+ return aPolicy;
+ }
+
+ /**
+ * @see ApplicationPolicyRegistration#removeApplicationPolicy(String)
+ */
+ public boolean removeApplicationPolicy(String appName)
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+ if (log.isTraceEnabled())
+ log.trace("removeAppConfig, appName=" + appName);
+ appConfigs.remove(appName);
+ SecurityConfiguration.removeApplicationPolicy(appName);
+ return true;
+ }
+
+ /**
+ * Method that returns the parsed AuthenticationInfo needed by the JASPI framework until a seperate Configuration
+ * mechanism for JASPI is established
+ *
+ * @return the parsed AuthenticationInfo object
+ */
+ public BaseAuthenticationInfo getAuthenticationInfo(String domainName)
+ {
+ ApplicationPolicy aPolicy = getApplicationPolicy(domainName);
+ return aPolicy != null ? aPolicy.getAuthenticationInfo() : null;
+ }
+
+ public void clear()
+ {
+
+ }
+
+ /**
+ * Called to try to load the config from the java.security.auth.login.config property value when there is no
+ * loginConfigURL.
+ */
+ public void loadConfig()
+ {
+ // Try to load the java.security.auth.login.config property
+ String loginConfig = System.getProperty("java.security.auth.login.config");
+ if (loginConfig == null)
+ loginConfig = "login-config.xml";
+
+ // If there is no loginConfigURL build it from the loginConfig
+ if (loginConfigURL == null)
+ {
+ try
+ {
+ // Try as a URL
+ loginConfigURL = new URL(loginConfig);
+ }
+ catch (MalformedURLException e)
+ {
+ // Try as a resource
+ try
+ {
+ setConfigResource(loginConfig);
+ }
+ catch (IOException ignore)
+ {
+ // Try as a file
+ File configFile = new File(loginConfig);
+ try
+ {
+ setConfigURL(configFile.toURL());
+ }
+ catch (MalformedURLException ignore2)
+ {
+ }
+ }
+ }
+ }
+
+ if (loginConfigURL == null)
+ {
+ log.warn("Failed to find config: " + loginConfig);
+ return;
+ }
+
+ if (log.isTraceEnabled())
+ log.trace("Begin loadConfig, loginConfigURL=" + loginConfigURL);
+ // Try to load the config if found
+ try
+ {
+ loadConfig(loginConfigURL);
+ if (log.isTraceEnabled())
+ log.trace("End loadConfig, loginConfigURL=" + loginConfigURL);
+ }
+ catch (Exception e)
+ {
+ log.warn("End loadConfig, failed to load config: " + loginConfigURL, e);
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ protected String[] loadConfig(URL config) throws Exception
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+
+ ArrayList configNames = new ArrayList();
+ log.debug("Try loading config as XML, url=" + config);
+ try
+ {
+ loadXMLConfig(config, configNames);
+ }
+ catch (Throwable e)
+ {
+ if(trace)
+ {
+ log.debug("Failed to load config as XML", e);
+ log.debug("Try loading config as Sun format, url=" + config);
+ }
+ loadSunConfig(config, configNames);
+ }
+ String[] names = new String[configNames.size()];
+ configNames.toArray(names);
+ return names;
+ }
+
+ /**
+ * Handle the case when JASPI Info may have login module stack holder which delegates to a login module stack
+ *
+ * @param aPolicy
+ */
+ private void handleJASPIDelegation(ApplicationPolicy aPolicy)
+ {
+ BaseAuthenticationInfo bai = aPolicy.getAuthenticationInfo();
+ if (bai instanceof JASPIAuthenticationInfo)
+ {
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
+ LoginModuleStackHolder[] lmsharr = jai.getLoginModuleStackHolder();
+ for (LoginModuleStackHolder lmsh : lmsharr)
+ {
+ this.addAppConfig(lmsh.getName(), lmsh.getAppConfigurationEntry());
+ }
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ private void loadSunConfig(URL sunConfig, ArrayList configNames) throws Exception
+ {
+ InputStream is = sunConfig.openStream();
+ if (is == null)
+ throw new IOException("InputStream is null for: " + sunConfig);
+
+ InputStreamReader configFile = new InputStreamReader(is);
+ boolean trace = log.isTraceEnabled();
+ SunConfigParser.doParse(configFile, this, trace);
+ }
+
+ @SuppressWarnings("unchecked")
+ private void loadXMLConfig(URL loginConfigURL, ArrayList configNames) throws Exception
+ {
+ JBossXBParsingUtil xbUtil = new JBossXBParsingUtil();
+ xbUtil.parse(loginConfigURL, configNames);
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/spi/UsersObjectModelFactory.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/spi/UsersObjectModelFactory.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/auth/spi/UsersObjectModelFactory.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,103 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.auth.spi;
+
+import org.jboss.logging.Logger;
+import org.jboss.xb.binding.ObjectModelFactory;
+import org.jboss.xb.binding.UnmarshallingContext;
+import org.xml.sax.Attributes;
+
+/** A JBossXB object factory for parsing the
+ * @author Scott.Stark at jboss.org
+ * @version $Revision: 93322 $
+ */
+public class UsersObjectModelFactory implements ObjectModelFactory
+{
+ private static Logger log = Logger.getLogger(UsersObjectModelFactory.class);
+ private boolean trace = log.isTraceEnabled();
+
+ public Object newRoot(Object root, UnmarshallingContext navigator,
+ String namespaceURI, String localName, Attributes attrs)
+ {
+ if (!localName.equals("users"))
+ {
+ throw new IllegalStateException("Unexpected root element: was expecting 'users' but got '" + localName + "'");
+ }
+ if(trace)
+ log.trace("newRoot, root="+root);
+ return new Users();
+ }
+
+ public Object completeRoot(Object root, UnmarshallingContext ctx, String uri, String name)
+ {
+ return root;
+ }
+
+ public void setValue(Users users, UnmarshallingContext navigator,
+ String namespaceUri, String localName, String value)
+ {
+ }
+
+ public Object newChild(Users users, UnmarshallingContext navigator,
+ String namespaceUri, String localName, Attributes attrs)
+ {
+ Users.User child = null;
+ if("user".equals(localName))
+ {
+ String name = attrs.getValue("name");
+ child = new Users.User(name);
+ String password = attrs.getValue("password");
+ child.setPassword(password);
+ String encoding = attrs.getValue("encoding");
+ child.setEncoding(encoding);
+ if(trace)
+ log.trace("newChild, user="+child);
+ }
+ return child;
+ }
+
+ public void addChild(Users users, Users.User user,
+ UnmarshallingContext navigator, String namespaceURI, String localName)
+ {
+ users.addUser(user);
+ }
+
+ public Object newChild(Users.User user, UnmarshallingContext navigator,
+ String namespaceUri, String localName, Attributes attrs)
+ {
+ String[] roleInfo = {null, "Roles"};
+ if("role".equals(localName))
+ {
+ roleInfo[0] = attrs.getValue("name");
+ roleInfo[1] = attrs.getValue("group");
+ if( roleInfo[1] == null )
+ roleInfo[1] = "Roles";
+ }
+ return roleInfo;
+ }
+
+ public void addChild(Users.User user, String[] roleInfo,
+ UnmarshallingContext navigator, String namespaceURI, String localName)
+ {
+ user.addRole(roleInfo[0], roleInfo[1]);
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/AuthorizationInfoContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/AuthorizationInfoContainer.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/AuthorizationInfoContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,79 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authorization;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.authorization.config.AuthorizationConfigEntryHolder;
+import org.jboss.security.authorization.config.AuthorizationModuleEntry;
+import org.jboss.security.config.AuthorizationInfo;
+import org.jboss.xb.binding.GenericValueContainer;
+
+//$Id: AuthorizationInfoContainer.java 73520 2008-05-20 12:27:24Z anil.saldhana at jboss.com $
+
+/**
+ * A container for creating AuthorizationInfo during jbxb parse.
+ *
+ * @author anil.saldhana at jboss.org
+ * @version $Revision: 73520 $
+ */
+public class AuthorizationInfoContainer
+ implements GenericValueContainer
+{
+ private static Logger log = Logger.getLogger(AuthorizationInfoContainer.class);
+
+ AuthorizationInfo info = null;
+
+ String authName = null;
+
+ List<AuthorizationModuleEntry> moduleEntries = new ArrayList<AuthorizationModuleEntry>();
+
+ public void addChild(QName name, Object value)
+ {
+ log.debug("addChild::" + name + ":" + value);
+ if("name".equals(name.getLocalPart()))
+ {
+ authName = (String)value;
+ }
+ else if( value instanceof AuthorizationConfigEntryHolder )
+ {
+ AuthorizationConfigEntryHolder ace = (AuthorizationConfigEntryHolder) value;
+ moduleEntries.add(ace.getEntry());
+ }
+ }
+
+ public Object instantiate()
+ {
+ info = new AuthorizationInfo(authName);
+ info.add(moduleEntries);
+ return info;
+ }
+
+ public Class<?> getTargetClass()
+ {
+ return AuthorizationInfo.class;
+ }
+}
\ No newline at end of file
Property changes on: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/AuthorizationInfoContainer.java
___________________________________________________________________
Name: svn:executable
+ *
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/AuthorizationConfigEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/AuthorizationConfigEntryHolder.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/AuthorizationConfigEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,94 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.authorization.config;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.ModuleOption;
+import org.jboss.xb.binding.GenericValueContainer;
+
+//$Id: AuthorizationConfigEntryHolder.java 73520 2008-05-20 12:27:24Z anil.saldhana at jboss.com $
+
+/**
+ * A container for creating AuthorizationConfigurationEntry during jbxb parse.
+ * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @since Jun 9, 2006
+ * @version $Revision: 73520 $
+ */
+public class AuthorizationConfigEntryHolder implements GenericValueContainer
+{
+ private Map<String,Object> moduleOptions = new HashMap<String,Object>();
+ String moduleName = null;
+ ControlFlag controlFlag = ControlFlag.REQUIRED;
+
+ public void addChild(QName name, Object value)
+ {
+ if("code".equals(name.getLocalPart()))
+ {
+ moduleName = (String)value;
+ }
+ if("flag".equals(name.getLocalPart()))
+ {
+ String tempVal = (String)value;
+ if("optional".equals(tempVal))
+ controlFlag = ControlFlag.OPTIONAL;
+ else
+ if("requisite".equals(tempVal))
+ controlFlag = ControlFlag.REQUISITE;
+ else
+ if("sufficient".equals(tempVal))
+ controlFlag = ControlFlag.SUFFICIENT;
+ }
+ if(value instanceof ModuleOption)
+ {
+ ModuleOption mo = (ModuleOption)value;
+ moduleOptions.put(mo.getName(),mo.getValue());
+ }
+ }
+
+ public void addOption(ModuleOption option)
+ {
+ moduleOptions.put(option.getName(), option.getValue());
+ }
+
+ public AuthorizationModuleEntry getEntry()
+ {
+ return (AuthorizationModuleEntry)instantiate();
+ }
+
+ public Object instantiate()
+ {
+ AuthorizationModuleEntry entry = new AuthorizationModuleEntry( moduleName,moduleOptions );
+ entry.setControlFlag(controlFlag);
+ return entry;
+ }
+
+ public Class<?> getTargetClass()
+ {
+ return AuthorizationModuleEntry.class;
+ }
+
+}
\ No newline at end of file
Property changes on: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/AuthorizationConfigEntryHolder.java
___________________________________________________________________
Name: svn:executable
+ *
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/SecurityConfigObjectModelFactory.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/SecurityConfigObjectModelFactory.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/SecurityConfigObjectModelFactory.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,479 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.authorization.config;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.acl.config.ACLProviderEntry;
+import org.jboss.security.audit.config.AuditProviderEntry;
+import org.jboss.security.auth.login.LoginConfigObjectModelFactory;
+import org.jboss.security.config.ACLInfo;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.AuditInfo;
+import org.jboss.security.config.AuthorizationInfo;
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.IdentityTrustInfo;
+import org.jboss.security.config.MappingInfo;
+import org.jboss.security.config.ModuleOption;
+import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
+import org.jboss.security.mapping.config.MappingModuleEntry;
+import org.jboss.util.StringPropertyReplacer;
+import org.jboss.xb.binding.UnmarshallingContext;
+import org.xml.sax.Attributes;
+
+// $Id: SecurityConfigObjectModelFactory.java 79683 2008-10-18 00:54:23Z anil.saldhana at jboss.com $
+
+/**
+ * JBossXB Object Factory capable of parsing the security configuration file that can include both
+ * authentication,authorization and mapping module configuration
+ *
+ * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @since Jun 9, 2006
+ * @version $Revision: 79683 $
+ */
+public class SecurityConfigObjectModelFactory extends LoginConfigObjectModelFactory
+{
+ private static Logger log = Logger.getLogger(SecurityConfigObjectModelFactory.class);
+
+ private final boolean trace = log.isTraceEnabled();
+
+ /**
+ * <p>
+ * Creates an instance of {@code SecurityConfigObjectModelFactory}.
+ * </p>
+ */
+ public SecurityConfigObjectModelFactory()
+ {
+ }
+
+ @Override
+ public Object newChild(ApplicationPolicy aPolicy, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = super.newChild(aPolicy, navigator, namespaceUri, localName, attrs);
+ if (child == null && "authorization".equals(localName))
+ {
+ child = new AuthorizationInfo(aPolicy.getName());
+ }
+ else if (child == null && "acl".equals(localName))
+ {
+ child = new ACLInfo(aPolicy.getName());
+ }
+ else if (child == null && "mapping".equals(localName))
+ {
+ child = new MappingInfo(aPolicy.getName());
+ }
+ else if (child == null && "rolemapping".equals(localName))
+ {
+ child = new MappingInfo(aPolicy.getName());
+ }
+ else if (child == null && "audit".equals(localName))
+ {
+ child = new AuditInfo(aPolicy.getName());
+ }
+ else if (child == null && "identity-trust".equals(localName))
+ {
+ child = new IdentityTrustInfo(aPolicy.getName());
+ }
+ return child;
+ }
+
+ // authorization
+ public Object newChild(AuthorizationInfo info, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.AuthorizationInfo, localName: " + localName);
+ if ("policy-module".equals(localName))
+ {
+ String code = attrs.getValue("code");
+ code = StringPropertyReplacer.replaceProperties(code.trim());
+
+ String flag = attrs.getValue("flag");
+ if (flag == null)
+ flag = "REQUIRED";
+ flag = StringPropertyReplacer.replaceProperties(flag.trim());
+
+ ControlFlag controlFlag = this.controlFlags.get(flag.toUpperCase());
+ if (controlFlag == null)
+ controlFlag = ControlFlag.REQUIRED;
+
+ AuthorizationModuleEntry entry = new AuthorizationModuleEntry(code);
+ entry.setControlFlag(controlFlag);
+
+ child = entry;
+ if (trace)
+ log.trace("newChild.AuthorizationInfo, policy-module code: " + code);
+ }
+
+ return child;
+ }
+
+ public Object newChild(AuthorizationModuleEntry entry, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.AppConfigurationEntryHolder, localName: " + localName);
+ if ("module-option".equals(localName))
+ {
+ String name = attrs.getValue("name");
+ child = new ModuleOption(name);
+ if (trace)
+ log.trace("newChild.AuthModuleEntry, module-option name: " + name);
+ }
+
+ return child;
+ }
+
+ public void addChild(ApplicationPolicy aPolicy, AuthorizationInfo authInfo, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ aPolicy.setAuthorizationInfo(authInfo);
+ if (trace)
+ log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
+ }
+
+ public void addChild(AuthorizationInfo authInfo, AuthorizationConfigEntryHolder entryInfo,
+ UnmarshallingContext navigator, String namespaceURI, String localName)
+ {
+ AuthorizationModuleEntry entry = entryInfo.getEntry();
+ authInfo.add(entry);
+ if (trace)
+ log.trace("addChild.AuthorizationInfo, name: " + entry.getPolicyModuleName());
+ }
+
+ public void addChild(AuthorizationConfigEntryHolder entryInfo, ModuleOption option, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ entryInfo.addOption(option);
+ if (trace)
+ log.trace("addChild.AuthorizationConfigEntryHolder, name: " + option.getName());
+ }
+
+ public void addChild(AuthorizationInfo authInfo, AuthorizationModuleEntry entry, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ authInfo.add(entry);
+ }
+
+ public void addChild(AuthorizationModuleEntry entry, ModuleOption option, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ entry.add(option);
+ if (trace)
+ log.trace("addChild.AuthorizationModuleEntry, name: " + option.getName());
+ }
+
+ // Instance-based authorization (ACL)
+ public Object newChild(ACLInfo info, UnmarshallingContext navigator, String namespaceUri, String localName,
+ Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.ACLInfo, localName: " + localName);
+ if ("acl-module".equals(localName))
+ {
+ String code = attrs.getValue("code");
+ code = StringPropertyReplacer.replaceProperties(code.trim());
+
+ String flag = attrs.getValue("flag");
+ if (flag == null)
+ flag = "REQUIRED";
+ flag = StringPropertyReplacer.replaceProperties(flag.trim());
+
+ ControlFlag controlFlag = this.controlFlags.get(flag.toUpperCase());
+ if (controlFlag == null)
+ controlFlag = ControlFlag.REQUIRED;
+
+ ACLProviderEntry entry = new ACLProviderEntry(code);
+ entry.setControlFlag(controlFlag);
+
+ child = entry;
+ if (trace)
+ log.trace("newChild.ACLInfo, acl-module code: " + code);
+ }
+
+ return child;
+ }
+
+ public Object newChild(ACLProviderEntry entry, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.ACLProviderEntry, localName: " + localName);
+ if ("module-option".equals(localName))
+ {
+ String name = attrs.getValue("name");
+ child = new ModuleOption(name);
+ if (trace)
+ log.trace("newChild.trustProviderEntry, module-option name: " + name);
+ }
+
+ return child;
+ }
+
+ public void addChild(ApplicationPolicy aPolicy, ACLInfo aclInfo, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ aPolicy.setAclInfo(aclInfo);
+ if (trace)
+ log.trace("Adding ACLInfo as a child of ApplicationPolicy " + aPolicy.getName());
+ }
+
+ public void addChild(ACLInfo aclInfo, ACLProviderEntry aclEntry, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ aclInfo.add(aclEntry);
+ if (trace)
+ log.trace("Adding ACLProviderEntry " + aclEntry.getAclProviderName() + " to ACLInfo " + aclInfo.getName());
+ }
+
+ public void addChild(ACLProviderEntry aclEntry, ModuleOption option, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ aclEntry.add(option);
+ if (trace)
+ log.trace("Adding module-option " + option.getName() + " to ACLProviderEntry " + aclEntry.getAclProviderName());
+ }
+
+ // Mapping
+ public Object newChild(MappingInfo info, UnmarshallingContext navigator, String namespaceUri, String localName,
+ Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.MappingInfo, localName: " + localName);
+ if ("mapping-module".equals(localName))
+ {
+ String code = attrs.getValue("code");
+ code = StringPropertyReplacer.replaceProperties(code.trim());
+ String type = attrs.getValue("type");
+ if(type != null)
+ type = StringPropertyReplacer.replaceProperties(type.trim());
+ else
+ type = "role";
+
+ child = new MappingModuleEntry(code, new HashMap<String,Object>(), type);
+ if (trace)
+ log.trace("newChild.MappingInfo, mapping-module code: " + code +
+ ", mapping-module type: " + type);
+ }
+
+ return child;
+ }
+
+ public Object newChild(MappingModuleEntry entry, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.MappingModuleEntry, localName: " + localName);
+ if ("module-option".equals(localName))
+ {
+ String name = attrs.getValue("name");
+ child = new ModuleOption(name);
+ if (trace)
+ log.trace("newChild.MappingModuleEntry, module-option name: " + name);
+ }
+
+ return child;
+ }
+
+ public void addChild(ApplicationPolicy aPolicy, MappingInfo authInfo, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ // first organize the mapping modules by type.
+ Map<String,List<MappingModuleEntry>> mappings = new HashMap<String,List<MappingModuleEntry>>();
+ for(MappingModuleEntry entry : authInfo.getModuleEntries())
+ {
+ String type = entry.getMappingModuleType();
+ if(mappings.containsKey(type))
+ mappings.get(type).add(entry);
+ else
+ {
+ List<MappingModuleEntry> entries = new ArrayList<MappingModuleEntry>();
+ entries.add(entry);
+ mappings.put(type, entries);
+ }
+ }
+ // now set all mapping infos by type.
+ for(Map.Entry<String,List<MappingModuleEntry>> entry : mappings.entrySet())
+ {
+ MappingInfo info = new MappingInfo(authInfo.getName());
+ info.add(entry.getValue());
+ aPolicy.setMappingInfo(entry.getKey(), info);
+ }
+ if (trace)
+ log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
+ }
+
+ public void addChild(MappingModuleEntry entry, ModuleOption option, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ entry.add(option);
+ if (trace)
+ log.trace("addChild.MappingModuleEntry, name: " + option.getName());
+ }
+
+ public void addChild(MappingInfo authInfo, MappingModuleEntry entry, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ authInfo.add(entry);
+ }
+
+ // Audit Info
+ public Object newChild(AuditInfo info, UnmarshallingContext navigator, String namespaceUri, String localName,
+ Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.AuditInfo, localName: " + localName);
+ if ("provider-module".equals(localName))
+ {
+ String code = attrs.getValue("code");
+ code = StringPropertyReplacer.replaceProperties(code.trim());
+ AuditProviderEntry entry = new AuditProviderEntry(code);
+ child = entry;
+ if (trace)
+ log.trace("newChild.AuditInfo, provider-module code: " + code);
+ }
+
+ return child;
+ }
+
+ public Object newChild(AuditProviderEntry entry, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.AuditProviderEntry, localName: " + localName);
+ if ("module-option".equals(localName))
+ {
+ String name = attrs.getValue("name");
+ child = new ModuleOption(name);
+ if (trace)
+ log.trace("newChild.AuditProviderEntry, module-option name: " + name);
+ }
+
+ return child;
+ }
+
+ public void addChild(ApplicationPolicy aPolicy, AuditInfo auditInfo, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ aPolicy.setAuditInfo(auditInfo);
+ if (trace)
+ log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
+ }
+
+ public void addChild(AuditProviderEntry entry, ModuleOption option, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ entry.add(option);
+ if (trace)
+ log.trace("addChild.MappingModuleEntry, name: " + option.getName());
+ }
+
+ public void addChild(AuditInfo auditInfo, AuditProviderEntry entry, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ auditInfo.add(entry);
+ }
+
+ // Identity Trust
+ public Object newChild(IdentityTrustInfo info, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.IdentityTrustInfo, localName: " + localName);
+ if ("trust-module".equals(localName))
+ {
+ String code = attrs.getValue("code");
+ code = StringPropertyReplacer.replaceProperties(code.trim());
+
+ String flag = attrs.getValue("flag");
+ if (flag == null)
+ flag = "REQUIRED";
+ flag = StringPropertyReplacer.replaceProperties(flag.trim());
+
+ ControlFlag controlFlag = this.controlFlags.get(flag.toUpperCase());
+ if (controlFlag == null)
+ controlFlag = ControlFlag.REQUIRED;
+
+ IdentityTrustModuleEntry entry = new IdentityTrustModuleEntry(code);
+ entry.setControlFlag(controlFlag);
+
+ child = entry;
+ if (trace)
+ log.trace("newChild.IdentityTrustInfo, trust-module code: " + code);
+ }
+
+ return child;
+ }
+
+ public Object newChild(IdentityTrustModuleEntry entry, UnmarshallingContext navigator, String namespaceUri,
+ String localName, Attributes attrs)
+ {
+ Object child = null;
+ if (trace)
+ log.trace("newChild.trustProviderEntry, localName: " + localName);
+ if ("module-option".equals(localName))
+ {
+ String name = attrs.getValue("name");
+ child = new ModuleOption(name);
+ if (trace)
+ log.trace("newChild.trustProviderEntry, module-option name: " + name);
+ }
+
+ return child;
+ }
+
+ public void addChild(ApplicationPolicy aPolicy, IdentityTrustInfo auditInfo, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ aPolicy.setIdentityTrustInfo(auditInfo);
+ if (trace)
+ log.trace("addChild.ApplicationPolicy, name: " + aPolicy.getName());
+ }
+
+ public void addChild(IdentityTrustModuleEntry entry, ModuleOption option, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ entry.add(option);
+ if (trace)
+ log.trace("addChild.MappingModuleEntry, name: " + option.getName());
+ }
+
+ public void addChild(IdentityTrustInfo auditInfo, IdentityTrustModuleEntry entry, UnmarshallingContext navigator,
+ String namespaceURI, String localName)
+ {
+ auditInfo.add(entry);
+ }
+}
Property changes on: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/authorization/config/SecurityConfigObjectModelFactory.java
___________________________________________________________________
Name: svn:executable
+ *
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/config/ApplicationPolicyContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/config/ApplicationPolicyContainer.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/config/ApplicationPolicyContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,267 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.config;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.xml.namespace.QName;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.audit.config.AuditProviderEntry;
+import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.security.auth.login.AppConfigurationEntryHolder;
+import org.jboss.security.auth.login.AuthenticationInfo;
+import org.jboss.security.auth.login.BaseAuthenticationInfo;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
+import org.jboss.security.auth.login.LoginModuleStackHolder;
+import org.jboss.security.authorization.config.AuthorizationConfigEntryHolder;
+import org.jboss.security.authorization.config.AuthorizationModuleEntry;
+import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
+import org.jboss.xb.binding.GenericValueContainer;
+
+// $Id: ApplicationPolicyContainer.java 79566 2008-10-16 01:57:27Z sguilhen at redhat.com $
+
+/**
+ * A container for creating ApplicationPolicy during jbxb parse.
+ *
+ * @author Anil.Saldhana at jboss.org
+ * @version $Revision: 79566 $
+ */
+public class ApplicationPolicyContainer implements GenericValueContainer
+{
+ private static Logger log = Logger.getLogger(ApplicationPolicyContainer.class);
+
+ ApplicationPolicy info = null;
+
+ String authName = null;
+
+ String baseAppPolicyName = null;
+
+ @SuppressWarnings("unchecked")
+ List authenticationModuleEntries = new ArrayList();
+
+ List<AuthorizationModuleEntry> authorizationModuleEntries = new ArrayList<AuthorizationModuleEntry>();
+
+ List<AuditProviderEntry> auditProviderEntries = new ArrayList<AuditProviderEntry>();
+
+ List<IdentityTrustModuleEntry> identityTrustModuleEntries = new ArrayList<IdentityTrustModuleEntry>();
+
+ Map<String, LoginModuleStackHolder> loginModuleStackMap = new HashMap<String, LoginModuleStackHolder>();
+
+ boolean isJASPIAuthentication = false;
+
+ boolean isJAASAuthentication = false;
+
+ boolean isAuthorization = false;
+
+ boolean containsAudit = false;
+
+ boolean containsIdentityTrust = false;
+
+ boolean containsRoleMapping = false;
+
+ // Mapping Info Object
+ Map<String,MappingInfo> mappingInfos = new HashMap<String,MappingInfo>();
+
+ ACLInfo aclInfo = null;
+
+ AuditInfo auditInfo = null;
+
+ IdentityTrustInfo identityTrustInfo = null;
+
+ /**
+ * @see GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
+ */
+ @SuppressWarnings("unchecked")
+ public void addChild(QName name, Object value)
+ {
+ log.debug("addChild::" + name + ":" + value);
+ if ("name".equals(name.getLocalPart()))
+ {
+ authName = (String) value;
+ }
+ else if ("extends".equals(name.getLocalPart()))
+ {
+ baseAppPolicyName = (String) value;
+ }
+ else if (value instanceof AppConfigurationEntryHolder)
+ {
+ AppConfigurationEntryHolder ace = (AppConfigurationEntryHolder) value;
+ authenticationModuleEntries.add(ace.getEntry());
+ isJAASAuthentication = true;
+ }
+ else if (value instanceof AppConfigurationEntry)
+ {
+ AppConfigurationEntry ace = (AppConfigurationEntry) value;
+ authenticationModuleEntries.add(ace);
+ isJAASAuthentication = true;
+ }
+ else if (value instanceof AuthModuleEntry)
+ {
+ AuthModuleEntry ame = (AuthModuleEntry) value;
+ // Check if the authmodule needs a reference to a loginmodulestack
+ String lmshName = ame.getLoginModuleStackHolderName();
+ if (lmshName != null)
+ ame.setLoginModuleStackHolder(loginModuleStackMap.get(lmshName));
+ authenticationModuleEntries.add(ame);
+ isJASPIAuthentication = true;
+ }
+ else if (value instanceof LoginModuleStackHolder)
+ {
+ LoginModuleStackHolder lmsh = (LoginModuleStackHolder) value;
+ loginModuleStackMap.put(lmsh.getName(), lmsh);
+ isJASPIAuthentication = true;
+ }
+ else if (value instanceof AuthorizationModuleEntry)
+ {
+ AuthorizationModuleEntry ame = (AuthorizationModuleEntry) value;
+ if (!authorizationModuleEntries.contains(ame))
+ authorizationModuleEntries.add(ame);
+ isAuthorization = true;
+ }
+ else if (value instanceof AuthorizationConfigEntryHolder)
+ {
+ AuthorizationConfigEntryHolder ame = (AuthorizationConfigEntryHolder) value;
+ AuthorizationModuleEntry ameEntry = ame.getEntry();
+ if (!authorizationModuleEntries.contains(ameEntry))
+ authorizationModuleEntries.add(ameEntry);
+ isAuthorization = true;
+ }
+ else if (value instanceof AuditProviderEntry)
+ {
+ AuditProviderEntry ameEntry = (AuditProviderEntry) value;
+ if (!auditProviderEntries.contains(ameEntry))
+ auditProviderEntries.add(ameEntry);
+ containsAudit = true;
+ }
+ else if (value instanceof IdentityTrustModuleEntry)
+ {
+ IdentityTrustModuleEntry ameEntry = (IdentityTrustModuleEntry) value;
+ if (!identityTrustModuleEntries.contains(ameEntry))
+ identityTrustModuleEntries.add(ameEntry);
+ containsIdentityTrust = true;
+ }
+ }
+
+ /**
+ * Mapping Objects are added to the Application Policy
+ *
+ * @param obj
+ */
+ @SuppressWarnings("unchecked")
+ public void addMappingInfo(Object obj)
+ {
+ log.debug(obj);
+ if (obj instanceof Map)
+ {
+ this.mappingInfos.putAll((Map) obj);
+ for(MappingInfo info: this.mappingInfos.values())
+ info.setName(authName);
+ this.containsRoleMapping = true;
+ }
+ }
+
+ /**
+ * <p>
+ * Adds the {@code ACLInfo} object constructed by the XB parse to the application policy.
+ * </p>
+ *
+ * @param info a reference to the {@code ACLInfo} being added.
+ */
+ public void addACLInfo(Object info)
+ {
+ if (info instanceof ACLInfo)
+ {
+ this.aclInfo = (ACLInfo) info;
+ this.aclInfo.setName(this.authName);
+ }
+ }
+
+ /**
+ * @see GenericValueContainer#instantiate()
+ */
+ @SuppressWarnings("unchecked")
+ public Object instantiate()
+ {
+ info = new ApplicationPolicy(authName);
+ if (baseAppPolicyName != null)
+ info.setBaseApplicationPolicyName(baseAppPolicyName);
+
+ BaseAuthenticationInfo binfo = null;
+ AuthorizationInfo ainfo = null;
+
+ if (isJAASAuthentication)
+ {
+ binfo = new AuthenticationInfo(authName);
+ SecurityActions.addModules(binfo, authenticationModuleEntries);
+ info.setAuthenticationInfo(binfo);
+ }
+ if (isJASPIAuthentication)
+ {
+ JASPIAuthenticationInfo jaspiInfo = new JASPIAuthenticationInfo(authName);
+ SecurityActions.addModules(jaspiInfo, authenticationModuleEntries);
+ for (LoginModuleStackHolder holder : this.loginModuleStackMap.values())
+ jaspiInfo.add(holder);
+ info.setAuthenticationInfo(jaspiInfo);
+ }
+ if (isAuthorization)
+ {
+ ainfo = new AuthorizationInfo(authName);
+ SecurityActions.addModules(ainfo, authorizationModuleEntries);
+ info.setAuthorizationInfo(ainfo);
+ }
+ if (this.aclInfo != null)
+ {
+ info.setAclInfo(this.aclInfo);
+ }
+ if (containsRoleMapping)
+ {
+ for(String type : this.mappingInfos.keySet())
+ info.setMappingInfo(type, this.mappingInfos.get(type));
+ }
+ if (containsAudit)
+ {
+ auditInfo = new AuditInfo(authName);
+ SecurityActions.addModules(auditInfo, auditProviderEntries);
+ info.setAuditInfo(auditInfo);
+ }
+ if (containsIdentityTrust)
+ {
+ identityTrustInfo = new IdentityTrustInfo(authName);
+ SecurityActions.addModules(identityTrustInfo, identityTrustModuleEntries);
+ info.setIdentityTrustInfo(identityTrustInfo);
+ }
+ return info;
+ }
+
+ /**
+ * @see GenericValueContainer#getTargetClass()
+ */
+ public Class<?> getTargetClass()
+ {
+ return ApplicationPolicy.class;
+ }
+}
Property changes on: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/config/ApplicationPolicyContainer.java
___________________________________________________________________
Name: svn:executable
+ *
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/identitytrust/config/IdentityTrustConfigEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/identitytrust/config/IdentityTrustConfigEntryHolder.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/identitytrust/config/IdentityTrustConfigEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,78 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.identitytrust.config;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.security.config.ModuleOption;
+import org.jboss.xb.binding.GenericValueContainer;
+
+//$Id$
+
+/**
+ * A container for creating AuditConfigEntry during jbxb parse
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 14, 2007
+ * @version $Revision$
+ */
+public class IdentityTrustConfigEntryHolder implements GenericValueContainer
+{
+ private Map<String,Object> moduleOptions = new HashMap<String,Object>();
+ String moduleName = null;
+
+ public void addChild(QName name, Object value)
+ {
+ if("code".equals(name.getLocalPart()))
+ {
+ moduleName = (String)value;
+ }
+ if(value instanceof ModuleOption)
+ {
+ ModuleOption mo = (ModuleOption)value;
+ moduleOptions.put(mo.getName(),mo.getValue());
+ }
+ }
+
+ public void addOption(ModuleOption option)
+ {
+ moduleOptions.put(option.getName(), option.getValue());
+ }
+
+ public IdentityTrustModuleEntry getEntry()
+ {
+ return (IdentityTrustModuleEntry)instantiate();
+ }
+
+ public Object instantiate()
+ {
+ IdentityTrustModuleEntry entry = new IdentityTrustModuleEntry( moduleName,moduleOptions );
+ return entry;
+ }
+
+ public Class<?> getTargetClass()
+ {
+ return IdentityTrustModuleEntry.class;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/jacc/JBossPolicyConfigurationFactory.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/jacc/JBossPolicyConfigurationFactory.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/jacc/JBossPolicyConfigurationFactory.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,101 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.jacc;
+
+import java.net.URL;
+import java.security.Policy;
+import java.util.concurrent.ConcurrentHashMap;
+
+import javax.security.jacc.PolicyConfiguration;
+import javax.security.jacc.PolicyConfigurationFactory;
+import javax.security.jacc.PolicyContextException;
+
+import org.jboss.util.state.StateMachine;
+import org.jboss.util.state.xml.StateMachineParser;
+
+/** org.jboss.security.provider
+ *
+ * @author Scott.Stark at jboss.org
+ * @version $Revision: 70600 $
+ */
+public class JBossPolicyConfigurationFactory
+ extends PolicyConfigurationFactory
+{
+ private StateMachine configStateMachine;
+ private ConcurrentHashMap<String,JBossPolicyConfiguration> policyConfigMap
+ = new ConcurrentHashMap<String,JBossPolicyConfiguration>();
+ private DelegatingPolicy policy;
+
+ /** Build the JACC policy configuration state machine from the
+ * jacc-policy-config-states.xml file.
+ *
+ */
+ public JBossPolicyConfigurationFactory()
+ {
+ try
+ {
+ // Setup the state machine config
+ ClassLoader loader = SecurityActions.getContextClassLoader();
+ URL states = SecurityActions.getResource(loader,"org/jboss/security/jacc/jacc-policy-config-states.xml");
+ StateMachineParser smp = new StateMachineParser();
+ configStateMachine = smp.parse(states);
+ }
+ catch(Exception e)
+ {
+ IllegalStateException ex = new IllegalStateException("Failed to parse jacc-policy-config-states.xml",e);
+ ex.initCause(e);
+ throw ex;
+ }
+ // Get the DelegatingPolicy
+ Policy p = SecurityActions.getPolicy();
+ if( (p instanceof DelegatingPolicy) == false )
+ {
+ // Assume that the installed policy delegates to the DelegatingPolicy
+ p = DelegatingPolicy.getInstance();
+ }
+ policy = (DelegatingPolicy) p;
+ }
+
+ public PolicyConfiguration getPolicyConfiguration(String contextID, boolean remove)
+ throws PolicyContextException
+ {
+ JBossPolicyConfiguration pc = (JBossPolicyConfiguration) policyConfigMap.get(contextID);
+ if( pc == null )
+ {
+ StateMachine sm = (StateMachine) configStateMachine.clone();
+ pc = new JBossPolicyConfiguration(contextID, policy, sm);
+ policyConfigMap.put(contextID, pc);
+ }
+ pc.initPolicyConfiguration(remove);
+ return pc;
+ }
+
+ public boolean inService(String contextID)
+ throws PolicyContextException
+ {
+ boolean inService = false;
+ JBossPolicyConfiguration pc = (JBossPolicyConfiguration) policyConfigMap.get(contextID);
+ if( pc != null )
+ inService = pc.inService();
+ return inService;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/mapping/config/MappingConfigContainer.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/mapping/config/MappingConfigContainer.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/mapping/config/MappingConfigContainer.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,105 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.mapping.config;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.config.MappingInfo;
+import org.jboss.xb.binding.GenericValueContainer;
+
+// $Id: RoleMappingConfigContainer.java 45942 2006-06-28 02:14:46Z asaldhana $
+
+/**
+ * A container for creating RoleMappingConfig during jbxb parse.
+ *
+ * @author Anil.Saldhana at jboss.org
+ * @version $Revision: 45942 $
+ */
+public class MappingConfigContainer implements GenericValueContainer
+{
+ private static Logger MappingConfigContainer = Logger.getLogger(MappingConfigContainer.class);
+
+ private final Map<String, List<MappingModuleEntry>> moduleEntries = new HashMap<String, List<MappingModuleEntry>>();
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#addChild(javax.xml.namespace.QName, java.lang.Object)
+ */
+ public void addChild(QName name, Object value)
+ {
+ if (MappingConfigContainer.isTraceEnabled())
+ MappingConfigContainer.trace("addChild:Qname=" + name + ":value=" + value);
+ if (value instanceof MappingModuleEntry)
+ {
+ MappingModuleEntry mme = (MappingModuleEntry) value;
+ String type = mme.getMappingModuleType();
+ // organize the mapping modules in groups according to their type.
+ if (this.moduleEntries.containsKey(type))
+ {
+ this.moduleEntries.get(type).add(mme);
+ }
+ else
+ {
+ List<MappingModuleEntry> entries = new ArrayList<MappingModuleEntry>();
+ entries.add(mme);
+ this.moduleEntries.put(type, entries);
+ }
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#instantiate()
+ */
+ public Object instantiate()
+ {
+ Map<String, MappingInfo> infos = new HashMap<String, MappingInfo>();
+
+ // create a MappingInfo instance of each group of mapping modules.
+ for (String type : this.moduleEntries.keySet())
+ {
+ // application policy name will be reset in ApplicationPolicyContainer.
+ MappingInfo mapping = new MappingInfo("dummy");
+ mapping.add(this.moduleEntries.get(type));
+ infos.put(type, mapping);
+ }
+ return infos;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.xb.binding.GenericValueContainer#getTargetClass()
+ */
+ public Class<?> getTargetClass()
+ {
+ return MappingInfo.class;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/mapping/config/MappingConfigEntryHolder.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/mapping/config/MappingConfigEntryHolder.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/main/java/org/jboss/security/mapping/config/MappingConfigEntryHolder.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,85 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.mapping.config;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+
+import org.jboss.security.config.ModuleOption;
+import org.jboss.security.mapping.MappingType;
+import org.jboss.xb.binding.GenericValueContainer;
+
+//$Id: MappingConfigEntryHolder.java 46201 2006-07-11 17:51:23Z asaldhana $
+
+/**
+ * A container for creating MappingConfigEntry during jbxb parse.
+ * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @since August 26, 2006
+ * @version $Revision: 46201 $
+ */
+public class MappingConfigEntryHolder implements GenericValueContainer
+{
+ private final Map<String,Object> moduleOptions = new HashMap<String,Object>();
+ String moduleName = null;
+ String type = MappingType.ROLE.toString();
+
+ public void addChild(QName name, Object value)
+ {
+ if("code".equals(name.getLocalPart()))
+ {
+ moduleName = (String)value;
+ }
+ else if("type".equals(name.getLocalPart()))
+ {
+ this.type = (String) value;
+ }
+ if(value instanceof ModuleOption)
+ {
+ ModuleOption mo = (ModuleOption)value;
+ moduleOptions.put(mo.getName(),mo.getValue());
+ }
+ }
+
+ public void addOption(ModuleOption option)
+ {
+ moduleOptions.put(option.getName(), option.getValue());
+ }
+
+ public MappingModuleEntry getEntry()
+ {
+ return (MappingModuleEntry)instantiate();
+ }
+
+ public Object instantiate()
+ {
+ MappingModuleEntry entry = new MappingModuleEntry(this.moduleName, this.moduleOptions, this.type);
+ return entry;
+ }
+
+ public Class<?> getTargetClass()
+ {
+ return MappingModuleEntry.class;
+ }
+
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/AbstractJBossSXTest.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/AbstractJBossSXTest.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/AbstractJBossSXTest.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,63 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+
+//$Id$
+
+/**
+ * Abstract JBossSX Test Base
+ * making use of the JBoss Test Setup
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 15, 2007
+ * @version $Revision$
+ */
+public class AbstractJBossSXTest extends AbstractTestCaseWithSetup
+{
+ public AbstractJBossSXTest(String name)
+ {
+ super(name);
+ }
+
+ public static AbstractTestDelegate getDelegate(Class clazz) throws Exception
+ {
+ return new JBossSXTestDelegate(clazz);
+ }
+
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ configureLogging();
+ }
+
+ public SecurityContext getSecurityContext()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }
+
+ public void setSecurityContext(SecurityContext sc)
+ {
+ SecurityContextAssociation.setSecurityContext(sc);
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/DelegatingPolicyTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/DelegatingPolicyTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/DelegatingPolicyTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,233 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.lang.reflect.Constructor;
+import java.security.AccessControlContext;
+import java.security.AccessControlException;
+import java.security.AccessController;
+import java.security.CodeSource;
+import java.security.Policy;
+import java.security.Principal;
+import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.jacc.EJBMethodPermission;
+import javax.security.jacc.PolicyConfiguration;
+import javax.security.jacc.PolicyConfigurationFactory;
+import javax.security.jacc.PolicyContext;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.jacc.DelegatingPolicy;
+import org.jboss.security.jacc.SubjectPolicyContextHandler;
+
+public class DelegatingPolicyTestCase extends TestCase
+{
+ private static Logger log = Logger.getLogger(DelegatingPolicyTestCase.class);
+ private static Policy oldPolicy;
+ private static Policy jaccPolicy;
+
+ public DelegatingPolicyTestCase(String name)
+ {
+ super(name);
+ }
+
+ static void setUpPolicy() throws Exception
+ {
+ // Get the current Policy impl
+ oldPolicy = Policy.getPolicy();
+
+ String provider = "org.jboss.security.jacc.DelegatingPolicy";
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ Class providerClass = loader.loadClass(provider);
+ try
+ {
+ // Look for a ctor(Policy) signature
+ Class[] ctorSig = {Policy.class};
+ Constructor ctor = providerClass.getConstructor(ctorSig);
+ Object[] ctorArgs = {oldPolicy};
+ jaccPolicy = (Policy) ctor.newInstance(ctorArgs);
+ }
+ catch(NoSuchMethodException e)
+ {
+ log.debug("Provider does not support ctor(Policy)");
+ jaccPolicy = (Policy) providerClass.newInstance();
+ }
+
+ // Install the JACC policy provider
+ Policy.setPolicy(jaccPolicy);
+
+ // Have the policy load/update itself
+ jaccPolicy.refresh();
+
+ // Register the default active Subject PolicyContextHandler
+ SubjectPolicyContextHandler handler = new SubjectPolicyContextHandler();
+ PolicyContext.registerHandler(SecurityConstants.SUBJECT_CONTEXT_KEY,
+ handler, false);
+ }
+
+ /**
+ * Basic test that a PolicyConfiguration is included in the Policy and its
+ * permissions are implied through the Policy.
+ *
+ * @throws Exception
+ */
+ public void testPolicyConfiguration() throws Exception
+ {
+ PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory();
+ PolicyConfiguration pc = pcf.getPolicyConfiguration("context-a", false);
+ EJBMethodPermission someEJB = new EJBMethodPermission("someEJB", null);
+ pc.addToExcludedPolicy(someEJB);
+ pc.commit();
+
+ Policy sysPolicy = Policy.getPolicy();
+ assertTrue("Policy isa DelegatingPolicy", sysPolicy instanceof DelegatingPolicy);
+ sysPolicy.refresh();
+
+ // Act like the ejb container and check a permission
+ PolicyContext.setContextID("context-a");
+ EJBMethodPermission methodX = new EJBMethodPermission("someEJB", "methodX,,int");
+ assertTrue("methodX denied", sysPolicy.implies(null, methodX) == false);
+
+ pc = pcf.getPolicyConfiguration("context-a", true);
+ pc.addToUncheckedPolicy(someEJB);
+ pc.commit();
+ sysPolicy.refresh();
+ assertTrue("methodX allowed", sysPolicy.implies(null, methodX) == true);
+
+ pc.delete();
+ pc = pcf.getPolicyConfiguration("context-a", false);
+ pc.addToRole("callerX", someEJB);
+ pc.commit();
+ sysPolicy.refresh();
+ SimplePrincipal[] callers = {new SimplePrincipal("callerX")};
+ ProtectionDomain pd = new ProtectionDomain(null, null, null, callers);
+ assertTrue("methodX allowed", sysPolicy.implies(pd, methodX) == true);
+
+ callers = new SimplePrincipal[]{new SimplePrincipal("callerY")};
+ pd = new ProtectionDomain(null, null, null, callers);
+ assertTrue("methodX denied", sysPolicy.implies(pd, methodX) == false);
+
+ }
+
+ /**
+ * Test that uncommitted configurations in the Open state are not seen in
+ * the current Policy permission set.
+ *
+ * @throws Exception
+ */
+ public void testOpenConfigurations() throws Exception
+ {
+ PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory();
+ PolicyConfiguration pc = pcf.getPolicyConfiguration("context-a", false);
+ EJBMethodPermission someEJB = new EJBMethodPermission("someEJB", null);
+ pc.addToRole("callerX", someEJB);
+ Policy sysPolicy = Policy.getPolicy();
+
+ pc = pcf.getPolicyConfiguration("context-a", true);
+ pc.addToUncheckedPolicy(someEJB);
+ sysPolicy.refresh();
+ EJBMethodPermission methodX = new EJBMethodPermission("someEJB", "methodX,,int");
+ // This perm should be denied since the policy config has not been comitted
+ boolean implied = sysPolicy.implies(null, methodX);
+ assertFalse("methodX allowed",implied == true);
+
+ pc.commit();
+ sysPolicy.refresh();
+ // Now it should be allowed since the policy config has been comitted
+ implied = sysPolicy.implies(null, methodX);
+ assertTrue("methodX allowed", implied == true);
+ }
+
+ public void testSubjectDoAs() throws Exception
+ {
+ PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory();
+ PolicyConfiguration pc = pcf.getPolicyConfiguration("context-a", true);
+ EJBMethodPermission someEJB = new EJBMethodPermission("someEJB", null);
+ pc.addToRole("callerX", someEJB);
+ pc.commit();
+
+ log.debug("EJBMethodPermission.CS: "+EJBMethodPermission.class.getProtectionDomain());
+ final EJBMethodPermission methodX = new EJBMethodPermission("someEJB", "methodX");
+ final Subject caller = new Subject();
+ caller.getPrincipals().add(new SimplePrincipal("callerX"));
+ Set principalsSet = caller.getPrincipals();
+ Principal[] principals = new Principal[principalsSet.size()];
+ principalsSet.toArray(principals);
+ CodeSource cs = getClass().getProtectionDomain().getCodeSource();
+ final ProtectionDomain[] pds = {new ProtectionDomain (cs, null, null, principals)};
+ AccessControlContext acc = new AccessControlContext(pds);
+ /*
+ AccessControlContext acc = new AccessControlContext(new AccessControlContext(pds),
+ new SubjectDomainCombiner(caller));
+ */
+
+ Boolean allowed = (Boolean) Subject.doAsPrivileged(caller, new PrivilegedAction()
+ {
+ public Object run()
+ {
+ AccessControlContext acc = AccessController.getContext();
+ Boolean ok = Boolean.FALSE;
+ try
+ {
+ acc.checkPermission(methodX);
+ ok = Boolean.TRUE;
+ }
+ catch(AccessControlException e)
+ {
+
+ }
+ return ok;
+ }
+ }, acc
+ );
+ assertTrue("methodX allowed", allowed == Boolean.TRUE );
+
+ }
+
+ public static Test suite()
+ {
+ TestSuite suite = new TestSuite(DelegatingPolicyTestCase.class);
+
+ // Create an initializer for the test suite
+ TestSetup wrapper = new TestSetup(suite)
+ {
+ protected void setUp() throws Exception
+ {
+ setUpPolicy();
+ }
+ protected void tearDown() throws Exception
+ {
+ }
+ };
+ return wrapper;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/JBossSXTestDelegate.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/JBossSXTestDelegate.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/JBossSXTestDelegate.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,38 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test;
+
+//$Id$
+
+/**
+ * JBossSXTestDelegate
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 15, 2007
+ * @version $Revision$
+ */
+public class JBossSXTestDelegate extends AbstractTestDelegate
+{
+ public JBossSXTestDelegate(Class clazz)
+ {
+ super(clazz);
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,156 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.acl.config;
+
+import java.util.Collection;
+
+import org.jboss.security.acl.ACL;
+import org.jboss.security.acl.ACLEntry;
+import org.jboss.security.acl.ACLImpl;
+import org.jboss.security.acl.BasicACLPermission;
+import org.jboss.security.acl.CompositeACLPermission;
+import org.jboss.security.acl.config.ACLConfiguration;
+import org.jboss.security.identity.plugins.IdentityFactory;
+import org.jboss.test.AbstractJBossSXTest;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+import org.jboss.xb.binding.sunday.unmarshalling.SchemaBinding;
+import org.jboss.xb.binding.sunday.unmarshalling.XsdBinder;
+
+/**
+ * <p>
+ * Tests the configuration of ACLs using an XML file that adheres to the {@code jboss-acl-configuration} schema.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class JBossACLSchemaBindingUnitTestCase extends AbstractJBossSXTest
+{
+
+ private final String schemaFile = "schema/jboss-acl-config_1_0.xsd";
+
+ private final String xmlFile = "config/jboss-acl.xml";
+
+ private ACLConfiguration configuration;
+
+ /**
+ * <p>
+ * Creates an instance of {@code JBossACLSchemaBindingUnitTestCase} with the specified name.
+ * </p>
+ *
+ * @param name a {@code String} containing the name of this test case.
+ */
+ public JBossACLSchemaBindingUnitTestCase(String name)
+ {
+ super(name);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.test.AbstractJBossSXTest#setUp()
+ */
+ @Override
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ SchemaBinding schema = XsdBinder.bind(tcl.getResourceAsStream(schemaFile), null);
+ Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
+ this.configuration = (ACLConfiguration) unmarshaller.unmarshal(tcl.getResourceAsStream(xmlFile), schema);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.test.AbstractTestCaseWithSetup#tearDown()
+ */
+ @Override
+ protected void tearDown() throws Exception
+ {
+ this.configuration = null;
+ }
+
+ /**
+ * <p>
+ * Tests the correct creation of {@code ACL} objects according to the ACLs specified in the {@code jboss-acl.xml}
+ * test file.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testACLConfiguration() throws Exception
+ {
+ assertNotNull("Unexpected null ACLConfiguration", this.configuration);
+ Collection<ACL> configuredACLs = this.configuration.getConfiguredACLs();
+ assertEquals("Invalid number of ACLs found", 2, configuredACLs.size());
+
+ boolean validatedJavaCompACL = false;
+ boolean validatedJavaCompEnvACL = false;
+
+ // validate the two ACLs returned.
+ for (ACL acl : configuredACLs)
+ {
+ ACLImpl aclImpl = (ACLImpl) acl;
+ if (aclImpl.getResourceAsString().equals("org.jboss.test.authorization.acl.ACLTestResource:10"))
+ {
+ assertEquals("Invalid number of entries", 2, aclImpl.getEntries().size());
+ // one entry should assign the CREATE,READ,UPDATE,DELETE permissions to Administrator.
+ ACLEntry entry = aclImpl.getEntry(IdentityFactory.createIdentity("Administrator"));
+ assertNotNull("Unexpected null value for Administrator entry", entry);
+ CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
+ assertEquals("Unexpected permissions assigned for Administrator", expectedPermission, entry.getPermission());
+ // the other entry should assign the READ permission to Guest.
+ entry = aclImpl.getEntry(IdentityFactory.createIdentity("Guest"));
+ assertNotNull("Unexpected null value for Guest entry", entry);
+ expectedPermission = new CompositeACLPermission(BasicACLPermission.READ);
+ assertEquals("Unexpected permissions assigned for Guest", expectedPermission, entry.getPermission());
+ validatedJavaCompACL = true;
+ }
+ else if (aclImpl.getResourceAsString().equals("org.jboss.test.authorization.acl.ACLTestResource:20"))
+ {
+ assertEquals("Invalid number of entries", 3, aclImpl.getEntries().size());
+ // one entry should assign the CREATE,READ,UPDATE,DELETE permissions to Administrator.
+ ACLEntry entry = aclImpl.getEntry(IdentityFactory.createIdentity("Administrator"));
+ assertNotNull("Unexpected null value for Administrator entry", entry);
+ CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
+ assertEquals("Unexpected permissions assigned for Administrator", expectedPermission, entry.getPermission());
+ // one other entry should assign the READ,UPDATE permissions to Guest.
+ entry = aclImpl.getEntry(IdentityFactory.createIdentity("Guest"));
+ assertNotNull("Unexpected null value for Guest entry", entry);
+ expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
+ assertEquals("Unexpected permissions assigned for Guest", expectedPermission, entry.getPermission());
+ // the final entry should assign the READ,UPDATE permissions to Regular_User.
+ entry = aclImpl.getEntry(IdentityFactory.createIdentity("Regular_User"));
+ assertNotNull("Unexpected null value for Regular_User entry", entry);
+ expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
+ assertEquals("Unexpected permissions assigned for Regular_User", expectedPermission, entry.getPermission());
+ validatedJavaCompEnvACL = true;
+ }
+ else
+ fail("Invalid ACL found: " + aclImpl.getResourceAsString());
+ }
+ assertTrue("org.jboss.jnp.NamingService:java/comp ACL has not been validated", validatedJavaCompACL);
+ assertTrue("org.jboss.jnp.NamingService:java/comp/env ACL has not been validated", validatedJavaCompEnvACL);
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/JBossAuthenticationManagerUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/JBossAuthenticationManagerUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/JBossAuthenticationManagerUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,102 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication;
+
+import java.security.Principal;
+import java.util.HashMap;
+
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.auth.callback.AppCallbackHandler;
+import org.jboss.security.plugins.JBossAuthenticationManager;
+
+
+/**
+ * Unit tests for the JBossAuthenticationManager
+ * @author Anil.Saldhana at redhat.com
+ * @since May 10, 2007
+ * @version $Revision$
+ */
+public class JBossAuthenticationManagerUnitTestCase extends TestCase
+{
+ @Override
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ establishSecurityConfiguration();
+ }
+
+ public void testSecurityDomain() throws Exception
+ {
+ AuthenticationManager am = new JBossAuthenticationManager("test1",
+ new AppCallbackHandler("a","b".toCharArray()));
+ assertEquals("test1", am.getSecurityDomain());
+ }
+
+ public void testLogin() throws Exception
+ {
+ Principal p = new SimplePrincipal("jduke");
+ AppCallbackHandler acbh = new AppCallbackHandler("jduke","theduke".toCharArray());
+ AuthenticationManager am = new JBossAuthenticationManager("test",acbh);
+ assertTrue(am.isValid(p, "theduke"));
+ }
+
+ public void testUnsuccessfulLogin() throws Exception
+ {
+ Principal p = new SimplePrincipal("jduke");
+ AppCallbackHandler acbh = new AppCallbackHandler("jduke","bad".toCharArray());
+ AuthenticationManager am = new JBossAuthenticationManager("test",acbh);
+ assertFalse(am.isValid(p, "bad"));
+ }
+
+ private void establishSecurityConfiguration()
+ {
+ SecurityActions.setJAASConfiguration((Configuration)new TestConfig());
+ }
+
+ public class TestConfig extends Configuration
+ {
+ @Override
+ public AppConfigurationEntry[] getAppConfigurationEntry(String name)
+ {
+ HashMap<String,Object> map = new HashMap<String,Object>();
+ map.put("usersProperties", "users.properties");
+ map.put("rolesProperties", "roles.properties");
+ String moduleName = "org.jboss.security.auth.spi.UsersRolesLoginModule";
+ AppConfigurationEntry ace = new AppConfigurationEntry(moduleName,
+ LoginModuleControlFlag.REQUIRED, map);
+
+ return new AppConfigurationEntry[]{ace};
+ }
+
+ @Override
+ public void refresh()
+ {
+ }
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/SecurityActions.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/SecurityActions.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/SecurityActions.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,77 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication;
+
+import java.security.AccessController;
+import java.security.Principal;
+import java.security.PrivilegedAction;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.Configuration;
+import javax.security.jacc.PolicyContext;
+
+//$Id$
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Sep 25, 2007
+ * @version $Revision$
+ */
+public class SecurityActions
+{
+ public static void addPrincipalToSubject(final Subject subj, final Principal p)
+ {
+ AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ subj.getPrincipals().add(p);
+ return null;
+ }
+ });
+ }
+
+ public static void setJAASConfiguration(final Configuration configuration)
+ {
+ AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ Configuration.setConfiguration(configuration);
+ return null;
+ }
+ });
+ }
+
+ public static void setPolicyContextID(final String contextID)
+ {
+ AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ PolicyContext.setContextID(contextID);
+ return null;
+ }
+ });
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/AuthContextUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/AuthContextUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/AuthContextUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,231 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.net.URL;
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+import org.jboss.security.auth.message.GenericMessageInfo;
+import org.jboss.security.auth.spi.UsersObjectModelFactory;
+import org.jboss.security.authorization.config.SecurityConfigObjectModelFactory;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.PolicyConfig;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.security.plugins.JBossSecurityContext;
+import org.jboss.security.plugins.auth.JASPIServerAuthenticationManager;
+import org.jboss.test.JBossTestCase;
+import org.jboss.test.JBossTestSetup;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+
+
+/**
+ * Test the JASPI options (required, requisite, sufficient, optional) behavior
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 16, 2007
+ * @version $Revision$
+ */
+public class AuthContextUnitTestCase extends JBossTestCase
+{
+ private static PolicyConfig policyConfig = null;
+
+ public AuthContextUnitTestCase(String name)
+ {
+ super(name);
+ }
+
+
+ public static Test suite() throws Exception
+ {
+ TestSuite suite = new TestSuite();
+ suite.addTest(new TestSuite(AuthContextUnitTestCase.class));
+ // Create an initializer for the test suite
+ TestSetup wrapper = new JBossTestSetup(suite)
+ {
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL url = tcl.getResource("config/jaspi-config-options.xml");
+ if(url == null)
+ throw new IllegalStateException("config url is null");
+ loadXMLConfig(url);
+
+ for(ApplicationPolicy policy : policyConfig.getPolicies())
+ SecurityConfiguration.addApplicationPolicy(policy);
+ }
+ protected void tearDown() throws Exception
+ {
+ super.tearDown();
+ }
+ };
+ return wrapper;
+ }
+
+
+ /**
+ * Test the AuthorizationModule required behavior
+ */
+ public void testRequiredOptionBehavior() throws Exception
+ {
+ assertNotNull("PolicyConfig != null", policyConfig);
+ boolean result = getResult("required-permit-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-deny-policy");
+ assertTrue("DENY?", false == result);
+ }
+
+ /**
+ * Test the AuthorizationModule requisite behavior
+ */
+ public void testRequisiteOptionBehavior() throws Exception
+ {
+ assertNotNull("PolicyConfig != null", policyConfig);
+ boolean result = getResult("requisite-permit-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("requisite-deny-policy");
+ assertTrue("DENY?", false == result);
+ }
+
+
+ /**
+ * Test the AuthorizationModule sufficient behavior
+ */
+ public void testSufficientOptionBehavior() throws Exception
+ {
+ assertNotNull("PolicyConfig != null", policyConfig);
+ boolean result = getResult("sufficient-permit-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("sufficient-deny-policy");
+ assertTrue("DENY?", false == result);
+ }
+
+
+ /**
+ * Test the AuthorizationModule optional behavior
+ */
+ public void testOptionalOptionBehavior() throws Exception
+ {
+ assertNotNull("PolicyConfig != null", policyConfig);
+ boolean result = getResult("optional-permit-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("optional-deny-policy");
+ assertTrue("DENY?", false == result);
+ }
+
+ /**
+ * Test the AuthorizationModules combination behavior
+ */
+ public void testCombinationBehavior() throws Exception
+ {
+ assertNotNull("PolicyConfig != null", policyConfig);
+ boolean result = getResult("required-deny-sufficient-permit-policy");
+ assertTrue("DENY?", false == result);
+ result = getResult("required-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-permit-required-deny-policy");
+ assertTrue("DENY?", false == result);
+ result = getResult("required-permit-required-permit-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-permit-required-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-permit-required-permit-requisite-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-permit-required-permit-optional-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-permit-required-deny-requisite-permit-policy");
+ assertTrue("DENY?", false == result);
+ result = getResult("requisite-permit-requisite-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", true == result);
+
+ result = getResult("sufficient-permit-required-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("sufficient-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("optional-deny-sufficient-permit-required-deny-policy");
+ assertTrue("PERMIT?", true == result);
+
+ result = getResult("sufficient-deny-optional-deny-policy");
+ assertTrue("DENY?", false == result);
+ }
+
+ private boolean getResult(String policyName) throws Exception
+ {
+ SecurityContext securityContext = new JBossSecurityContext(policyName);
+ SecurityContextAssociation.setSecurityContext(securityContext);
+
+ CallbackHandler handler = new TestCallbackHandler();
+ JASPIServerAuthenticationManager aContext = new JASPIServerAuthenticationManager(policyName,
+ handler);
+ GenericMessageInfo requestMessage = new GenericMessageInfo(new Object(), new Object());
+ return aContext.isValid(requestMessage, new Subject(), "HttpServlet",
+ handler);
+ }
+
+ /**
+ * Use JBossXB to parse the security config file
+ * @param loginConfigURL
+ * @throws Exception
+ */
+ private static void loadXMLConfig(URL loginConfigURL)
+ throws Exception
+ {
+ if(loginConfigURL == null)
+ throw new IllegalArgumentException("loginConfigURL is null");
+ SecurityConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
+ UsersObjectModelFactory uomf = new UsersObjectModelFactory();
+
+ InputStreamReader xmlReader = new InputStreamReader(loginConfigURL.openStream());
+ Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
+ unmarshaller.mapFactoryToNamespace(uomf, "http://www.jboss.org/j2ee/schemas/XMLLoginModule");
+ policyConfig = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, (Object)null);
+ }
+
+ /**
+ * Dummy CallbackHandler
+ */
+ private static class TestCallbackHandler implements CallbackHandler
+ {
+ public void setSecurityInfo(Principal p, Object cred)
+ {}
+
+ public void handle(Callback[] arg0)
+ throws IOException, UnsupportedCallbackException
+ {
+ }
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,147 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.net.URL;
+import java.util.HashMap;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ClientAuthContext;
+import javax.security.auth.message.config.ServerAuthConfig;
+import javax.security.auth.message.config.ServerAuthContext;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.SecurityContextAssociation;
+import org.jboss.security.auth.callback.AppCallbackHandler;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.auth.message.GenericMessageInfo;
+import org.jboss.security.plugins.JBossSecurityContext;
+import org.jboss.test.authentication.jaspi.helpers.TestAuthConfigProvider;
+
+
+/**
+ * Unit Tests for the JASPI Configuration
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 11, 2007
+ * @version $Revision$
+ */
+public class JASPIConfigUnitTestCase extends TestCase
+{
+ AuthConfigFactory factory = null;
+
+ @Override
+ public void setUp()
+ {
+ factory = AuthConfigFactory.getFactory();
+ factory.registerConfigProvider(new TestAuthConfigProvider(), "TEST", "APP",
+ "Test Config Provider");
+ }
+
+ @SuppressWarnings("unchecked")
+ public void testServerFactoryConfig() throws Exception
+ {
+ assertNotNull("AuthConfigFactory is ! null", factory);
+ AuthConfigProvider provider = factory.getConfigProvider("TEST", "APP", null);
+ assertNotNull("AuthConfigProvider is ! null", provider);
+
+ ServerAuthConfig serverConfig =
+ provider.getServerAuthConfig("TEST", "APP",
+ new AppCallbackHandler("anil","anil".toCharArray()));
+ assertNotNull("ServerAuthConfig ! null", serverConfig);
+ MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
+ String authContextID = serverConfig.getAuthContextID(mi);
+ assertNotNull("AuthContext ID != null",authContextID);
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID,
+ new Subject(), new HashMap());
+ assertNotNull("ServerAuthContext != null",sctx);
+ }
+
+ @SuppressWarnings("unchecked")
+ public void testClientFactoryConfig() throws Exception
+ {
+ assertNotNull("AuthConfigFactory is ! null", factory);
+ AuthConfigProvider provider = factory.getConfigProvider("TEST", "APP", null);
+ assertNotNull("AuthConfigProvider is ! null", provider);
+
+ ClientAuthConfig clientConfig =
+ provider.getClientAuthConfig("TEST", "APP",
+ new AppCallbackHandler("anil","anil".toCharArray()));
+ assertNotNull("ClientAuthConfig ! null", clientConfig);
+ MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
+ String authContextID = clientConfig.getAuthContextID(mi);
+ assertNotNull("AuthContext ID != null",authContextID);
+ ClientAuthContext sctx = clientConfig.getAuthContext(authContextID,
+ new Subject(), new HashMap());
+ assertNotNull("ClientAuthContext != null",sctx);
+ }
+
+ public void testLoginConfigStackHolder() throws Exception
+ {
+ String securityDomain = "conf-jaspi";
+ JBossSecurityContext jsc = new JBossSecurityContext(securityDomain);
+ SecurityContextAssociation.setSecurityContext(jsc);
+
+ String configFile = "config/jaspi-config.xml";
+ loadConfig(configFile);
+
+ //Lets validate the configuration
+ Configuration config = Configuration.getConfiguration();
+ AppConfigurationEntry[] appConfigEntries = config.getAppConfigurationEntry(securityDomain);
+ assertTrue(appConfigEntries.length > 0);
+ for(AppConfigurationEntry appConfigEntry: appConfigEntries)
+ {
+ assertEquals("org.jboss.test.authentication.jaspi.TestLoginModule",
+ appConfigEntry.getLoginModuleName());
+ assertEquals(LoginModuleControlFlag.OPTIONAL, appConfigEntry.getControlFlag());
+ }
+
+ appConfigEntries = config.getAppConfigurationEntry("lm-stack");
+ assertTrue(appConfigEntries.length > 0);
+ for(AppConfigurationEntry appConfigEntry: appConfigEntries)
+ {
+ assertEquals("org.jboss.test.authentication.jaspi.TestLoginModule",
+ appConfigEntry.getLoginModuleName());
+ assertEquals(LoginModuleControlFlag.OPTIONAL, appConfigEntry.getControlFlag());
+ }
+ }
+
+ private void loadConfig(String configFile)
+ {
+ XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
+ SecurityActions.setJAASConfiguration(xli);
+
+ URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
+ assertNotNull("Config URL", configURL);
+
+ xli.setConfigURL(configURL);
+ xli.loadConfig();
+ }
+
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPILoginModuleDelgateUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPILoginModuleDelgateUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPILoginModuleDelgateUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,126 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.net.URL;
+import java.util.HashMap;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ServerAuthConfig;
+import javax.security.auth.message.config.ServerAuthContext;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContextAssociation;
+import org.jboss.security.auth.callback.AppCallbackHandler;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.auth.message.GenericMessageInfo;
+import org.jboss.security.auth.message.config.JBossAuthConfigProvider;
+import org.jboss.security.plugins.JBossSecurityContext;
+
+// $Id$
+
+/**
+ * Test the delegation to a JAAS Login Module by a Server Auth Module
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 27, 2007
+ * @version $Revision$
+ */
+public class JASPILoginModuleDelgateUnitTestCase extends TestCase
+{
+ AuthConfigFactory factory = null;
+
+ String layer = SecurityConstants.SERVLET_LAYER;
+
+ String appId = "localhost /petstore";
+
+ String configFile = "config/jaspi-config.xml";
+
+ @Override
+ protected void setUp() throws Exception
+ {
+ factory = AuthConfigFactory.getFactory();
+ factory.registerConfigProvider(new JBossAuthConfigProvider(new HashMap()), layer, appId, "Test Config Provider");
+
+ JBossSecurityContext jsc = new JBossSecurityContext("conf-jaspi-2");
+ SecurityContextAssociation.setSecurityContext(jsc);
+
+ XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
+ SecurityActions.setJAASConfiguration(xli);
+
+ URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
+ assertNotNull("Config URL", configURL);
+
+ xli.setConfigURL(configURL);
+ xli.loadConfig();
+ }
+
+ public void testSuccessfulJASPI() throws Exception
+ {
+ AuthConfigProvider provider = factory.getConfigProvider(layer, appId, null);
+ ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer, appId, new AppCallbackHandler("jduke",
+ "theduke".toCharArray()));
+ assertNotNull("ServerAuthConfig is not null", serverConfig);
+
+ MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
+ String authContextID = serverConfig.getAuthContextID(mi);
+ assertNotNull("AuthContext ID != null", authContextID);
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, new Subject(), new HashMap());
+ assertNotNull("ServerAuthContext != null", sctx);
+ Subject clientSubject = new Subject();
+ Subject serviceSubject = new Subject();
+ AuthStatus status = sctx.validateRequest(mi, clientSubject, serviceSubject);
+ assertEquals(AuthStatus.SUCCESS, status);
+ }
+
+ public void testUnSuccessfulJASPI() throws Exception
+ {
+ AuthConfigProvider provider = factory.getConfigProvider(layer, appId, null);
+ ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer, appId, new AppCallbackHandler("jduke",
+ "badpwd".toCharArray()));
+ assertNotNull("ServerAuthConfig is not null", serverConfig);
+
+ MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
+ String authContextID = serverConfig.getAuthContextID(mi);
+ assertNotNull("AuthContext ID != null", authContextID);
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, new Subject(), new HashMap());
+ assertNotNull("ServerAuthContext != null", sctx);
+ Subject clientSubject = new Subject();
+ Subject serviceSubject = new Subject();
+ try
+ {
+ AuthStatus status = sctx.validateRequest(mi, clientSubject, serviceSubject);
+ assertEquals(AuthStatus.FAILURE, status);
+ }
+ catch (AuthException ae)
+ {
+ // Pass
+ }
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIServerAuthenticationManagerUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIServerAuthenticationManagerUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIServerAuthenticationManagerUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,98 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.net.URL;
+import java.util.HashMap;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.AuthConfigFactory;
+
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+import org.jboss.security.auth.callback.AppCallbackHandler;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.auth.message.GenericMessageInfo;
+import org.jboss.security.auth.message.config.JBossAuthConfigProvider;
+import org.jboss.security.plugins.JBossSecurityContext;
+import org.jboss.security.plugins.auth.JASPIServerAuthenticationManager;
+
+import junit.framework.TestCase;
+
+/**
+ * Unit Test the JASPIServerAuthenticationManager
+ * @author Anil.Saldhana at redhat.com
+ */
+public class JASPIServerAuthenticationManagerUnitTestCase extends TestCase
+{
+ AuthConfigFactory factory = null;
+
+ String layer = SecurityConstants.SERVLET_LAYER;
+
+ String appId = "localhost /petstore";
+
+ String configFile = "config/jaspi-config.xml";
+
+ @SuppressWarnings("unchecked")
+ protected void setUp() throws Exception
+ {
+ factory = AuthConfigFactory.getFactory();
+ factory.registerConfigProvider(new JBossAuthConfigProvider(new HashMap()), layer, appId, "Test Config Provider");
+
+ SecurityContext jsc = new JBossSecurityContext("conf-jaspi");
+ SecurityContextAssociation.setSecurityContext(jsc);
+
+ XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
+ SecurityActions.setJAASConfiguration(xli);
+
+ URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
+ assertNotNull("Config URL", configURL);
+
+ xli.setConfigURL(configURL);
+ xli.loadConfig();
+ }
+
+ public void testIsValid()
+ {
+ CallbackHandler cbh = new AppCallbackHandler("anil",
+ "anilpwd".toCharArray());
+ MessageInfo messageInfo = new GenericMessageInfo(new Object(), new Object());
+ JASPIServerAuthenticationManager jaspiManager = new JASPIServerAuthenticationManager();
+ boolean valid = jaspiManager.isValid(messageInfo, new Subject(), layer,
+ cbh);
+ assertTrue(valid);
+ }
+
+ public void testIsInValid()
+ {
+ CallbackHandler cbh = new AppCallbackHandler("anil",
+ "dead".toCharArray());
+ MessageInfo messageInfo = new GenericMessageInfo(new Object(), new Object());
+ JASPIServerAuthenticationManager jaspiManager = new JASPIServerAuthenticationManager();
+ boolean valid = jaspiManager.isValid(messageInfo, new Subject(), layer,
+ cbh);
+ assertFalse(valid);
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,156 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.net.URL;
+import java.util.HashMap;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ServerAuthConfig;
+import javax.security.auth.message.config.ServerAuthContext;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+import org.jboss.security.auth.callback.AppCallbackHandler;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.auth.message.GenericMessageInfo;
+import org.jboss.security.auth.message.config.JBossAuthConfigProvider;
+import org.jboss.security.plugins.JBossSecurityContext;
+
+
+/**
+ * Test the Server side workflow for JASPI
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 16, 2007
+ * @version $Revision$
+ */
+public class JASPIWorkflowUnitTestCase extends TestCase
+{
+ AuthConfigFactory factory = null;
+
+ String layer = SecurityConstants.SERVLET_LAYER;
+
+ String appId = "localhost /petstore";
+
+ String configFile = "config/jaspi-config.xml";
+
+ @SuppressWarnings("unchecked")
+ @Override
+ protected void setUp() throws Exception
+ {
+ factory = AuthConfigFactory.getFactory();
+ factory.registerConfigProvider(new JBossAuthConfigProvider(new HashMap()), layer, appId, "Test Config Provider");
+
+ SecurityContext jsc = new JBossSecurityContext("conf-jaspi");
+ SecurityContextAssociation.setSecurityContext(jsc);
+
+ XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
+ SecurityActions.setJAASConfiguration(xli);
+
+ URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
+ assertNotNull("Config URL", configURL);
+
+ xli.setConfigURL(configURL);
+ xli.loadConfig();
+ }
+
+ @SuppressWarnings("unchecked")
+ public void testSuccessfulJASPI() throws Exception
+ {
+ AuthConfigProvider provider = factory.getConfigProvider(layer, appId, null);
+ ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer, appId, new AppCallbackHandler("anil",
+ "anilpwd".toCharArray()));
+ assertNotNull("ServerAuthConfig is not null", serverConfig);
+
+ MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
+ String authContextID = serverConfig.getAuthContextID(mi);
+ assertNotNull("AuthContext ID != null", authContextID);
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, new Subject(), new HashMap());
+ assertNotNull("ServerAuthContext != null", sctx);
+ Subject clientSubject = new Subject();
+ Subject serviceSubject = new Subject();
+ AuthStatus status = sctx.validateRequest(mi, clientSubject, serviceSubject);
+ assertEquals(AuthStatus.SUCCESS, status);
+ }
+
+ @SuppressWarnings("unchecked")
+ public void testUnSuccessfulJASPI() throws Exception
+ {
+ AuthConfigProvider provider = factory.getConfigProvider(layer, appId, null);
+ ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer, appId, new AppCallbackHandler("anil",
+ "badpwd".toCharArray()));
+ assertNotNull("ServerAuthConfig is not null", serverConfig);
+
+ validateJAASConfiguration();
+ MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
+ String authContextID = serverConfig.getAuthContextID(mi);
+ assertNotNull("AuthContext ID != null", authContextID);
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, new Subject(), new HashMap());
+ assertNotNull("ServerAuthContext != null", sctx);
+ Subject clientSubject = new Subject();
+ Subject serviceSubject = new Subject();
+ try
+ {
+ AuthStatus status = sctx.validateRequest(mi, clientSubject, serviceSubject);
+ assertEquals(AuthStatus.FAILURE, status);
+ }
+ catch(AuthException ae)
+ {
+ //Ignore - we are fine
+ }
+ }
+
+ private void validateJAASConfiguration()
+ {
+ //Lets validate the configuration
+ Configuration config = Configuration.getConfiguration();
+ AppConfigurationEntry[] appConfigEntries = config.getAppConfigurationEntry("conf-jaspi");
+ assertTrue(appConfigEntries.length > 0);
+ for(AppConfigurationEntry appConfigEntry: appConfigEntries)
+ {
+ assertEquals("org.jboss.test.authentication.jaspi.TestLoginModule",
+ appConfigEntry.getLoginModuleName());
+ assertEquals(LoginModuleControlFlag.OPTIONAL, appConfigEntry.getControlFlag());
+ }
+
+ appConfigEntries = config.getAppConfigurationEntry("lm-stack");
+ assertTrue(appConfigEntries.length > 0);
+ for(AppConfigurationEntry appConfigEntry: appConfigEntries)
+ {
+ assertEquals("org.jboss.test.authentication.jaspi.TestLoginModule",
+ appConfigEntry.getLoginModuleName());
+ assertEquals(LoginModuleControlFlag.OPTIONAL, appConfigEntry.getControlFlag());
+ }
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/LoginModuleServerAuthModule.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/LoginModuleServerAuthModule.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/LoginModuleServerAuthModule.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+
+import org.jboss.security.auth.container.modules.AbstractServerAuthModule;
+
+//$Id$
+
+/**
+ * Test Server Auth Module that delegates to a login module
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 25, 2007
+ * @version $Revision$
+ */
+public class LoginModuleServerAuthModule extends AbstractServerAuthModule
+{
+
+ public LoginModuleServerAuthModule()
+ {
+ this.supportedTypes.add(Object.class);
+ }
+
+ @Override
+ protected boolean validate( Subject clientSubject, MessageInfo messageInfo) throws AuthException
+ {
+ throw new IllegalStateException("Configure a login module in the module options");
+ }
+
+ public AuthStatus secureResponse(MessageInfo arg0, Subject arg1) throws AuthException
+ {
+ return null;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/SecurityActions.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/SecurityActions.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/SecurityActions.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,77 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.security.AccessController;
+import java.security.Principal;
+import java.security.PrivilegedAction;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.Configuration;
+import javax.security.jacc.PolicyContext;
+
+//$Id$
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Sep 25, 2007
+ * @version $Revision$
+ */
+public class SecurityActions
+{
+ public static void addPrincipalToSubject(final Subject subj, final Principal p)
+ {
+ AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ subj.getPrincipals().add(p);
+ return null;
+ }
+ });
+ }
+
+ public static void setJAASConfiguration(final Configuration configuration)
+ {
+ AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ Configuration.setConfiguration(configuration);
+ return null;
+ }
+ });
+ }
+
+ public static void setPolicyContextID(final String contextID)
+ {
+ AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ PolicyContext.setContextID(contextID);
+ return null;
+ }
+ });
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/TestLoginModule.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/TestLoginModule.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/TestLoginModule.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,98 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.jboss.security.SimplePrincipal;
+
+
+/**
+ * Test Login Module
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 26, 2007
+ * @version $Revision$
+ */
+public class TestLoginModule implements LoginModule
+{
+ private Subject subject;
+ private CallbackHandler cbh;
+ private Map<String, ?> sharedState;
+ private Map<String, ?> options;
+
+ private String username = null;
+
+ public boolean abort() throws LoginException
+ {
+ return true;
+ }
+
+ public boolean commit() throws LoginException
+ {
+ subject.getPrincipals().add(new SimplePrincipal(username));
+ return true;
+ }
+
+ public void initialize(Subject subject,
+ CallbackHandler cbh,
+ Map<String, ?> sharedState,
+ Map<String, ?> options)
+ {
+ this.subject = subject;
+ this.cbh = cbh;
+ this.sharedState = sharedState;
+ this.options = options;
+ }
+
+ public boolean login() throws LoginException
+ {
+ NameCallback nc = new NameCallback("UserName=", "guest");
+ PasswordCallback pwd = new PasswordCallback("Password=", false);
+ try
+ {
+ cbh.handle(new Callback[]{nc,pwd});
+ username = nc.getName();
+ String p = new String(pwd.getPassword());
+ if(username.equals(options.get("principal")) && p.equals(options.get("pass")))
+ return true;
+ }
+ catch (Exception e)
+ {
+ throw new LoginException(e.getLocalizedMessage());
+ }
+ return false;
+ }
+
+ public boolean logout() throws LoginException
+ {
+ subject = null;
+ return false;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/TestServerAuthModule.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/TestServerAuthModule.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/TestServerAuthModule.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,115 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.MessagePolicy;
+
+import org.jboss.security.auth.container.modules.AbstractServerAuthModule;
+
+
+/**
+ * Test Server Auth Module that delegates to a login module stack
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 25, 2007
+ * @version $Revision$
+ */
+public class TestServerAuthModule extends AbstractServerAuthModule
+{
+ private LoginContext loginContext;
+ private String loginContextName = null;
+
+ public TestServerAuthModule(String loginContextName)
+ {
+ this.loginContextName = loginContextName;
+ }
+
+ @SuppressWarnings("unchecked")
+ public void initialize(MessagePolicy messagePolicyReq, MessagePolicy messagePolicyResp,
+ CallbackHandler cbh, Map options) throws AuthException
+ {
+ this.options = options;
+ try
+ {
+ this.validateJAASConfiguration();
+ loginContext = new LoginContext(loginContextName, cbh);
+ }
+ catch (LoginException e)
+ {
+ throw new RuntimeException(e.getLocalizedMessage());
+ }
+
+ }
+
+ public void cleanSubject(MessageInfo mi, Subject subj) throws AuthException
+ {
+ super.cleanSubject(mi, subj);
+ if(this.loginContext != null)
+ try
+ {
+ loginContext.logout();
+ }
+ catch (LoginException e)
+ {
+ throw new RuntimeException(e.getLocalizedMessage());
+ }
+ }
+
+ public AuthStatus secureResponse(MessageInfo mi, Subject clientSubject) throws AuthException
+ {
+ return null;
+ }
+
+ @Override
+ protected boolean validate(Subject clientSubject, MessageInfo messageInfo) throws AuthException
+ {
+ try
+ {
+ validateJAASConfiguration();
+ this.loginContext.login();
+ }
+ catch (LoginException e)
+ {
+ throw new AuthException(e.getLocalizedMessage());
+ }
+ return true;
+ }
+
+ private void validateJAASConfiguration()
+ {
+ //Lets validate the configuration
+ Configuration config = Configuration.getConfiguration();
+ AppConfigurationEntry[] appConfigEntries = config.getAppConfigurationEntry(loginContextName);
+ if(appConfigEntries.length < 0)
+ throw new RuntimeException("No entries for " + loginContextName);
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/WebJASPIAuthMgrUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/WebJASPIAuthMgrUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/WebJASPIAuthMgrUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,101 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.net.URL;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.MessageInfo;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.security.SecurityContextAssociation;
+import org.jboss.security.ServerAuthenticationManager;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.auth.callback.AppCallbackHandler;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.auth.message.GenericMessageInfo;
+import org.jboss.security.plugins.JBossSecurityContext;
+import org.jboss.security.plugins.auth.JASPIServerAuthenticationManager;
+import org.jboss.test.authentication.JBossAuthenticationManagerUnitTestCase;
+import org.jboss.test.util.TestHttpServletRequest;
+
+/**
+ * Unit tests for the JBossAuthenticationManager with JASPI
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since May 10, 2007
+ * @version $Revision$
+ */
+public class WebJASPIAuthMgrUnitTestCase extends JBossAuthenticationManagerUnitTestCase
+{
+ String securityDomain = "web-jaspi";
+
+ AppCallbackHandler acbh = new AppCallbackHandler();
+
+ @Override
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ JBossSecurityContext jsc = new JBossSecurityContext(securityDomain);
+ SecurityContextAssociation.setSecurityContext(jsc);
+ establishSecurityConfiguration();
+ }
+
+ @Override
+ public void testLogin() throws Exception
+ {
+ HttpServletRequest hsr = getHttpServletRequest("jduke", "theduke");
+ MessageInfo mi = new GenericMessageInfo(hsr, (HttpServletResponse) null);
+ ServerAuthenticationManager am = new JASPIServerAuthenticationManager(securityDomain, acbh);
+ assertTrue(am.isValid(mi, (Subject)null, "HTTP", new JBossCallbackHandler()));
+ }
+
+ @Override
+ public void testUnsuccessfulLogin() throws Exception
+ {
+ HttpServletRequest hsr = getHttpServletRequest("jduke", "BAD");
+ MessageInfo mi = new GenericMessageInfo(hsr, (HttpServletResponse) null);
+ ServerAuthenticationManager am = new JASPIServerAuthenticationManager(securityDomain, acbh);
+ assertFalse(am.isValid(mi, (Subject)null, "HTTP", null));
+ }
+
+ private void establishSecurityConfiguration()
+ {
+ XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
+ SecurityActions.setJAASConfiguration(xli);
+ URL configURL = Thread.currentThread().getContextClassLoader().getResource("config/jaspi-config.xml");
+ assertNotNull("Config URL", configURL);
+ xli.setConfigURL(configURL);
+ xli.loadConfig();
+ }
+
+ @SuppressWarnings("unchecked")
+ public HttpServletRequest getHttpServletRequest(String username, String pass)
+ {
+ HttpServletRequest hsr = new TestHttpServletRequest(new SimplePrincipal(username), pass, "GET");
+ hsr.getParameterMap().put("j_username", username);
+ hsr.getParameterMap().put("j_password", pass);
+ return hsr;
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,56 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi.helpers;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ServerAuthConfig;
+
+
+/**
+ * Test AuthConfigProvider
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 11, 2007
+ * @version $Revision$
+ */
+public class TestAuthConfigProvider implements AuthConfigProvider
+{
+ public ClientAuthConfig getClientAuthConfig(String layer,
+ String appcontext, CallbackHandler handler) throws AuthException,
+ SecurityException
+ {
+ return new TestClientAuthConfig();
+ }
+
+ public ServerAuthConfig getServerAuthConfig(String layer,
+ String appcontext, CallbackHandler handler) throws AuthException,
+ SecurityException
+ {
+ return new TestServerAuthConfig() ;
+ }
+
+ public void refresh() throws AuthException, SecurityException
+ {
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,71 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi.helpers;
+
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ClientAuthContext;
+
+/**
+ * Test ClientAuthConfig
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 16, 2007
+ * @version $Revision$
+ */
+public class TestClientAuthConfig implements ClientAuthConfig
+{
+
+ public ClientAuthContext getAuthContext(String authContextID,
+ Subject clientSubject, Map properties)
+ throws AuthException
+ {
+ return new TestClientAuthContext();
+ }
+
+ public String getAppContext()
+ {
+ return "TEST";
+ }
+
+ public String getAuthContextID(MessageInfo messageInfo)
+ {
+ return "AUTHCONTEXTID";
+ }
+
+ public String getMessageLayer()
+ {
+ return "TESTCLIENT";
+ }
+
+ public boolean isProtected()
+ {
+ return false;
+ }
+
+ public void refresh() throws AuthException, SecurityException
+ {
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi.helpers;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthContext;
+
+//$Id$
+
+/**
+ * Test ClientAuthContext
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 16, 2007
+ * @version $Revision$
+ */
+public class TestClientAuthContext implements ClientAuthContext
+{
+ public void cleanSubject(MessageInfo messageInfo, Subject arg1)
+ throws AuthException
+ {
+ }
+
+ public AuthStatus secureRequest(MessageInfo messageInfo, Subject arg1)
+ throws AuthException
+ {
+ return null;
+ }
+
+ public AuthStatus validateResponse(MessageInfo messageInfo,
+ Subject arg1, Subject arg2)
+ throws AuthException
+ {
+ return null;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthConfig.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthConfig.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthConfig.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,70 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi.helpers;
+
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ServerAuthConfig;
+import javax.security.auth.message.config.ServerAuthContext;
+
+
+/**
+ * Test ServerAuthConfig
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 11, 2007
+ * @version $Revision$
+ */
+public class TestServerAuthConfig implements ServerAuthConfig
+{
+ public ServerAuthContext getAuthContext(String authContextID,
+ Subject serviceSubject, Map properties)
+ {
+ return new TestServerAuthContext();
+ }
+
+ public String getAppContext()
+ {
+ return null;
+ }
+
+ public String getAuthContextID(MessageInfo messageInfo)
+ {
+ return "AUTHCONTEXTID";
+ }
+
+ public String getMessageLayer()
+ {
+ return "TEST";
+ }
+
+ public boolean isProtected()
+ {
+ return false;
+ }
+
+ public void refresh() throws AuthException, SecurityException
+ {
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthContext.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthContext.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authentication/jaspi/helpers/TestServerAuthContext.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,55 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi.helpers;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ServerAuthContext;
+
+//$Id$
+
+/**
+ * Test ServerAuthContext
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 12, 2007
+ * @version $Revision$
+ */
+public class TestServerAuthContext implements ServerAuthContext
+{
+ public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
+ {
+ }
+
+ public AuthStatus secureResponse(MessageInfo messageInfo, Subject subject)
+ throws AuthException
+ {
+ return null;
+ }
+
+ public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
+ Subject serviceSubject) throws AuthException
+ {
+ return null;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/AuthorizationContextUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/AuthorizationContextUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/AuthorizationContextUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,235 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authorization;
+
+
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.jboss.security.auth.spi.UsersObjectModelFactory;
+import org.jboss.security.authorization.AuthorizationContext;
+import org.jboss.security.authorization.AuthorizationException;
+import org.jboss.security.authorization.Resource;
+import org.jboss.security.authorization.ResourceType;
+import org.jboss.security.authorization.config.SecurityConfigObjectModelFactory;
+import org.jboss.security.config.PolicyConfig;
+import org.jboss.security.plugins.authorization.JBossAuthorizationContext;
+import org.jboss.test.JBossTestCase;
+import org.jboss.test.JBossTestSetup;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+
+
+public class AuthorizationContextUnitTestCase extends JBossTestCase
+{
+ private static PolicyConfig policyConfig = null;
+
+ public AuthorizationContextUnitTestCase(String name)
+ {
+ super(name);
+ }
+
+
+ public static Test suite() throws Exception
+ {
+ TestSuite suite = new TestSuite();
+ suite.addTest(new TestSuite(AuthorizationContextUnitTestCase.class));
+ // Create an initializer for the test suite
+ TestSetup wrapper = new JBossTestSetup(suite)
+ {
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL url = tcl.getResource("authorization/config/authorization-policy.xml");
+ if(url == null)
+ throw new IllegalStateException("config url is null");
+ loadXMLConfig(url);
+ }
+ protected void tearDown() throws Exception
+ {
+ super.tearDown();
+ }
+ };
+ return wrapper;
+ }
+
+
+ /**
+ * Test the AuthorizationModule required behavior
+ */
+ public void testRequiredOptionBehavior() throws Exception
+ {
+ assertNotNull("PolicyConfig != null", policyConfig);
+ int result = getResult("required-permit-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ }
+
+ /**
+ * Test the AuthorizationModule requisite behavior
+ */
+ public void testRequisiteOptionBehavior() throws Exception
+ {
+ assertNotNull("PolicyConfig != null", policyConfig);
+ int result = getResult("requisite-permit-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("requisite-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ }
+
+
+ /**
+ * Test the AuthorizationModule sufficient behavior
+ */
+ public void testSufficientOptionBehavior() throws Exception
+ {
+ assertNotNull("PolicyConfig != null", policyConfig);
+ int result = getResult("sufficient-permit-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("sufficient-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ }
+
+
+ /**
+ * Test the AuthorizationModule optional behavior
+ */
+ public void testOptionalOptionBehavior() throws Exception
+ {
+ assertNotNull("PolicyConfig != null", policyConfig);
+ int result = getResult("optional-permit-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("optional-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ }
+
+ /**
+ * Test the AuthorizationModules combination behavior
+ */
+ public void testCombinationBehavior() throws Exception
+ {
+ assertNotNull("PolicyConfig != null", policyConfig);
+ int result = getResult("required-deny-sufficient-permit-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ result = getResult("required-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-permit-required-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ result = getResult("required-permit-required-permit-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-permit-required-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-permit-required-permit-requisite-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-permit-required-permit-optional-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-permit-required-deny-requisite-permit-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ result = getResult("requisite-permit-requisite-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+
+ result = getResult("sufficient-permit-required-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("sufficient-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("optional-deny-sufficient-permit-required-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+
+ result = getResult("sufficient-deny-optional-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ }
+
+ private int getResult(String policyName) throws Exception
+ {
+ int result = AuthorizationContext.DENY;
+
+ JBossAuthorizationContext aContext = new JBossAuthorizationContext(policyName,
+ new Subject(),
+ new TestCallbackHandler());
+ aContext.setApplicationPolicy(policyConfig.get(policyName));
+ try
+ {
+ result = aContext.authorize(new Resource()
+ {
+ public ResourceType getLayer()
+ {
+ return ResourceType.WEB;
+ }
+
+ @SuppressWarnings("unchecked")
+ public Map getMap()
+ {
+ return new HashMap();
+ }
+ });
+ }
+ catch(AuthorizationException e)
+ {
+ result = AuthorizationContext.DENY;
+ }
+ return result;
+ }
+
+ /**
+ * Use JBossXB to parse the security config file
+ * @param loginConfigURL
+ * @throws Exception
+ */
+ private static void loadXMLConfig(URL loginConfigURL)
+ throws Exception
+ {
+ if(loginConfigURL == null)
+ throw new IllegalArgumentException("loginConfigURL is null");
+ SecurityConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
+ UsersObjectModelFactory uomf = new UsersObjectModelFactory();
+
+ InputStreamReader xmlReader = new InputStreamReader(loginConfigURL.openStream());
+ Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
+ unmarshaller.mapFactoryToNamespace(uomf, "http://www.jboss.org/j2ee/schemas/XMLLoginModule");
+ policyConfig = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, (Object)null);
+ }
+
+ /**
+ * Dummy CallbackHandler
+ */
+ private static class TestCallbackHandler implements CallbackHandler
+ {
+ public void handle(Callback[] arg0)
+ throws IOException, UnsupportedCallbackException
+ {
+ }
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,86 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authorization.acl;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.jboss.security.authorization.Resource;
+import org.jboss.security.authorization.ResourceType;
+
+//$Id$
+
+/**
+ * Test Resource For ACL
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 30, 2008
+ * @version $Revision$
+ */
+public class ACLTestResource implements Resource
+{
+
+ private final int id;
+
+ private final Map<String, Object> context = new HashMap<String, Object>();
+
+ /**
+ * <p>
+ * Creates an instance of {@code ACLTestResource} with the specified id.
+ * </p>
+ *
+ * @param id an {@code int} representing the resource's id.
+ */
+ public ACLTestResource(int id)
+ {
+ this.id = id;
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.jboss.security.authorization.Resource#getLayer()
+ */
+ public ResourceType getLayer()
+ {
+ return ResourceType.ACL;
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.jboss.security.authorization.Resource#getMap()
+ */
+ public Map<String, Object> getMap()
+ {
+ return this.context;
+ }
+
+ /**
+ * <p>
+ * Obtains the id of this test resource.
+ * </p>
+ *
+ * @return an {@code int} representing this resource's id.
+ */
+ public int getId()
+ {
+ return this.id;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,224 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authorization.acl;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.acl.BasicACLPermission;
+import org.jboss.security.acl.CompositeACLPermission;
+import org.jboss.security.acl.EntitlementEntry;
+import org.jboss.security.acl.config.ACLProviderEntry;
+import org.jboss.security.authorization.AuthorizationContext;
+import org.jboss.security.authorization.EntitlementHolder;
+import org.jboss.security.authorization.PolicyRegistration;
+import org.jboss.security.authorization.Resource;
+import org.jboss.security.authorization.ResourceKeys;
+import org.jboss.security.config.ACLInfo;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.security.identity.Identity;
+import org.jboss.security.identity.plugins.IdentityFactory;
+import org.jboss.security.plugins.JBossAuthorizationManager;
+import org.jboss.security.plugins.JBossPolicyRegistration;
+
+/**
+ * ACL Unit Tests using JBossAuthorizationManager
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ * @since Jan 30, 2008
+ * @version $Revision$
+ */
+public class JBossAuthorizationManagerACLUnitTestCase extends TestCase
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see junit.framework.TestCase#setUp()
+ */
+ @Override
+ protected void setUp()
+ {
+ // register an ACL policy containing ACL definitions with the PolicyRegistration.
+ PolicyRegistration registration = new JBossPolicyRegistration();
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ registration.registerPolicy("ID", PolicyRegistration.ACL, tcl.getResourceAsStream("config/jboss-acl.xml"));
+
+ // create an application policy that contains an ACL configuration.
+ ApplicationPolicy ap = new ApplicationPolicy("test-acl");
+ ACLInfo aclInfo = new ACLInfo("test-acl");
+ // set the TestACLProvider with the PolicyRegistration created above.
+ Map<String, Object> options = new HashMap<String, Object>();
+ options.put("policyRegistration", registration);
+ ACLProviderEntry ame = new ACLProviderEntry(TestACLProvider.class.getName(), options);
+ aclInfo.add(ame);
+ ap.setAclInfo(aclInfo);
+ // register the application policy.
+ SecurityConfiguration.addApplicationPolicy(ap);
+ }
+
+ @Override
+ protected void tearDown() throws Exception
+ {
+ // unregister the application policy.
+ SecurityConfiguration.removeApplicationPolicy("test-acl");
+ }
+
+ /**
+ * <p>
+ * Tests the results of the {@code AuthorizationManager#getEntitlements} method when the ACLs have been specified in
+ * an ACL configuration file and registered with the {@code PolicyRegistration}.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testGetEntitlements() throws Exception
+ {
+ Resource resource1 = new ACLTestResource(10);
+ Resource resource2 = new ACLTestResource(20);
+ // for testing purposes, lets say resource2 is a child of resource1.
+ Collection<Resource> childResources = new ArrayList<Resource>();
+ // resource 1 has resource 2 as child.
+ childResources.add(resource2);
+ resource1.getMap().put(ResourceKeys.CHILD_RESOURCES, childResources);
+ resource2.getMap().put(ResourceKeys.PARENT_RESOURCE, resource1);
+
+ // using the authorization manager, check the entitlements assigned to some of the identities.
+ JBossAuthorizationManager jam = new JBossAuthorizationManager("test-acl");
+
+ // start with the Administrator identity.
+ EntitlementHolder<EntitlementEntry> holder = jam.getEntitlements(EntitlementEntry.class, resource1,
+ IdentityFactory.createIdentity("Administrator"));
+ assertNotNull("Unexpected null EntitlementHolder", holder);
+ Set<EntitlementEntry> entitled = holder.getEntitled();
+ assertNotNull("Unexpected null set of entitlement entries", entitled);
+ assertEquals("Unexpected number of entitlement entries", 2, entitled.size());
+ // Administrator should have all permissions on both resources.
+ Map<Integer, EntitlementEntry> entriesMap = this.getEntriesByResourceID(entitled);
+ CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
+ assertTrue("Entry for ACLTestResource with id 10 missing", entriesMap.containsKey(10));
+ assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(10).getPermission());
+ assertTrue("Entry for ACLTestResource with id 20 missing", entriesMap.containsKey(20));
+ assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(20).getPermission());
+
+ // now check the permissions entitled to Regular_User.
+ holder = jam.getEntitlements(EntitlementEntry.class, resource1, IdentityFactory.createIdentity("Regular_User"));
+ assertNotNull("Unexpected null EntitlementHolder", holder);
+ entitled = holder.getEntitled();
+ assertNotNull("Unexpected null set of entitlement entries", entitled);
+ // Regular_User should get an empty set when calling getEntitlements with resource1.
+ assertEquals("Unexpected number of entitlement entries", 0, entitled.size());
+ holder = jam.getEntitlements(EntitlementEntry.class, resource2, IdentityFactory.createIdentity("Regular_User"));
+ assertNotNull("Unexpected null EntitlementHolder", holder);
+ entitled = holder.getEntitled();
+ assertNotNull("Unexpected null set of entitlement entries", entitled);
+ assertEquals("Unexpected number of entitlement entries", 1, entitled.size());
+ // Regular_User should have READ and UPDATE permissions on resource 2.
+ entriesMap = this.getEntriesByResourceID(entitled);
+ expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
+ assertTrue("Entry for ACLTestResource with id 20 missing", entriesMap.containsKey(20));
+ assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(20).getPermission());
+ }
+
+ /**
+ * <p>
+ * Tests the results of the {@code AuthorizationManager#authorize} method when the ACLs have been specified in an ACL
+ * configuration file and registered with the {@code PolicyRegistration}.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testAuthorize() throws Exception
+ {
+ Resource resource1 = new ACLTestResource(10);
+ Resource resource2 = new ACLTestResource(20);
+
+ // using the authorization manager, check if the identities have the expected permissions.
+ JBossAuthorizationManager jam = new JBossAuthorizationManager("test-acl");
+
+ // check that Administrator has all permissions on both resources.
+ Identity identity = IdentityFactory.createIdentity("Administrator");
+ assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource1, identity, new CompositeACLPermission(
+ BasicACLPermission.values())));
+ assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, new CompositeACLPermission(
+ BasicACLPermission.values())));
+
+ // check that Guest has only READ permission on resource1.
+ identity = IdentityFactory.createIdentity("Guest");
+ assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource1, identity, BasicACLPermission.READ));
+ assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.CREATE));
+ assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.UPDATE));
+ assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.DELETE));
+
+ // check that Guest has READ and UPDATE permissions on resource2.
+ assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.READ));
+ assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.UPDATE));
+ assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, new CompositeACLPermission(
+ BasicACLPermission.READ, BasicACLPermission.UPDATE)));
+ assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.CREATE));
+ assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.DELETE));
+ assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, new CompositeACLPermission(
+ BasicACLPermission.values())));
+
+ // check that Regular_User doesn't have any permissions on resource1.
+ identity = IdentityFactory.createIdentity("Regular_User");
+ for(BasicACLPermission permission : BasicACLPermission.values())
+ assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, permission));
+
+ // check that Regular_User has READ and UPDATE permissions on resource2.
+ assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.READ));
+ assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.UPDATE));
+ assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, new CompositeACLPermission(
+ BasicACLPermission.READ, BasicACLPermission.UPDATE)));
+ assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.CREATE));
+ assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.DELETE));
+ assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, new CompositeACLPermission(
+ BasicACLPermission.values())));
+ }
+
+ /**
+ * <p>
+ * Creates and returns a map that contains the specified set of {@code EntitlementEntry} objects keyed by their
+ * resources ids.
+ * </p>
+ *
+ * @param entries the set of {@code EntitlementEntry} objects to be keyed.
+ * @return the constructed {@code Map} instance.
+ */
+ private Map<Integer, EntitlementEntry> getEntriesByResourceID(Set<EntitlementEntry> entries)
+ {
+ Map<Integer, EntitlementEntry> entriesMap = new HashMap<Integer, EntitlementEntry>();
+ for (EntitlementEntry entry : entries)
+ {
+ ACLTestResource testResource = (ACLTestResource) entry.getResource();
+ entriesMap.put(testResource.getId(), entry);
+ }
+ return entriesMap;
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,58 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authorization.acl;
+
+import java.util.Map;
+
+import org.jboss.security.acl.ACLProviderImpl;
+import org.jboss.security.authorization.PolicyRegistration;
+import org.jboss.security.plugins.acl.PolicyRegistrationStrategy;
+
+// $Id$
+
+/**
+ * <p>
+ * This is an {@code ACLProvider} implementation used in tests that uses an instance of
+ * {@code PolicyRegistrationStrategy} to look up the ACLs.
+ * </p>
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ * @since Jan 30, 2008
+ * @version $Revision$
+ */
+public class TestACLProvider extends ACLProviderImpl
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.acl.ACLProviderImpl#initialize(java.util.Map, java.util.Map)
+ */
+ @Override
+ public void initialize(Map<String, Object> sharedState, Map<String, Object> options)
+ {
+ // test implementation: create an instance of PolicyRegistrationStrategy and sets the PolicyRegistration.
+ PolicyRegistration registration = (PolicyRegistration) options.get("policyRegistration");
+ this.setPersistenceStrategy(new PolicyRegistrationStrategy(registration));
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/config/JBossXBSchemaBindingUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/config/JBossXBSchemaBindingUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/config/JBossXBSchemaBindingUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,59 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.config;
+
+import org.jboss.security.config.PolicyConfig;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+import org.jboss.xb.binding.sunday.unmarshalling.SchemaBinding;
+import org.jboss.xb.binding.sunday.unmarshalling.XsdBinder;
+
+//$Id$
+
+/**
+ * Validate JBossXB SchemaBinding
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 14, 2007
+ * @version $Revision$
+ */
+public class JBossXBSchemaBindingUnitTestCase extends SecurityConfigurationUnitTestCase
+{
+
+ public JBossXBSchemaBindingUnitTestCase(String name)
+ {
+ super(name);
+ }
+
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+
+ // **** UNCOMMENT TO ENABLE TRACE ***
+ //this.enableTrace("org.jboss.xb.binding.sunday.unmarshalling.XsdBinder");
+
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ SchemaBinding schema = XsdBinder.bind(tcl.getResourceAsStream(schemaFile), null);
+ Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
+ config = (PolicyConfig) unmarshaller.unmarshal(tcl.getResourceAsStream(xmlFile), schema);
+ assertNotNull(config);
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,366 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.config;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.net.URL;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.login.AppConfigurationEntry;
+
+import junit.framework.Assert;
+
+import org.jboss.security.acl.config.ACLProviderEntry;
+import org.jboss.security.audit.config.AuditProviderEntry;
+import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.security.auth.login.BaseAuthenticationInfo;
+import org.jboss.security.auth.login.LoginConfigObjectModelFactory;
+import org.jboss.security.auth.login.LoginModuleStackHolder;
+import org.jboss.security.auth.spi.UsersObjectModelFactory;
+import org.jboss.security.authorization.config.AuthorizationModuleEntry;
+import org.jboss.security.authorization.config.SecurityConfigObjectModelFactory;
+import org.jboss.security.config.ACLInfo;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.AuditInfo;
+import org.jboss.security.config.AuthorizationInfo;
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.IdentityTrustInfo;
+import org.jboss.security.config.MappingInfo;
+import org.jboss.security.config.PolicyConfig;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
+import org.jboss.security.mapping.MappingType;
+import org.jboss.security.mapping.config.MappingModuleEntry;
+import org.jboss.test.AbstractJBossSXTest;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+
+/**
+ * Security Configuration Unit Test Case
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 25, 2007
+ * @version $Revision$
+ */
+public class SecurityConfigurationUnitTestCase extends AbstractJBossSXTest
+{
+ protected String schemaFile = "schema/security-config_5_0.xsd";
+
+ protected String xmlFile = "config/securityConfig5.xml";
+
+ protected PolicyConfig config = null;
+
+ public SecurityConfigurationUnitTestCase(String name)
+ {
+ super(name);
+ }
+
+ @Override
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+
+ LoginConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
+ UsersObjectModelFactory uomf = new UsersObjectModelFactory();
+ URL xmlFileURL = tcl.getResource(xmlFile);
+ assertNotNull("XML File URL is not null", xmlFileURL);
+ InputStreamReader xmlReader = loadURL(xmlFileURL);
+ Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
+ unmarshaller.mapFactoryToNamespace(uomf, "http://www.jboss.org/j2ee/schemas/XMLLoginModule");
+ unmarshaller.setSchemaValidation(true);
+ unmarshaller.setNamespaceAware(true);
+ unmarshaller.setFeature(Unmarshaller.SCHEMA_VALIDATION, Boolean.TRUE);
+ Object root = null;
+ config = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, root);
+ assertNotNull("PolicyConfig is not null", config);
+ }
+
+ public void testValidateJAASConfiguration()
+ {
+ ApplicationPolicy jaasConfig = config.get("conf-jaas");
+ BaseAuthenticationInfo authInfo = jaasConfig.getAuthenticationInfo();
+ List<?> entries = authInfo.getModuleEntries();
+ assertEquals("Number of entries = 2", 2, entries.size());
+
+ // First Entry
+ Object entry = entries.get(0);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
+ AppConfigurationEntry ace = (AppConfigurationEntry) entry;
+ assertEquals("LM Name", "org.jboss.test.TestLoginModule", ace.getLoginModuleName());
+ assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
+ Map<String, ?> aceOptions = ace.getOptions();
+ assertEquals("Number of options = 3", 3, aceOptions.size());
+ assertEquals("name=1.1", "1.1", aceOptions.get("name"));
+ assertEquals("succeed=true", "true", aceOptions.get("succeed"));
+ assertEquals("throwEx=false", "false", aceOptions.get("throwEx"));
+
+ // Second Entry
+ entry = entries.get(1);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
+ ace = (AppConfigurationEntry) entry;
+ assertEquals("LM Name", "org.jboss.test.TestLoginModule2", ace.getLoginModuleName());
+ assertEquals("Optional expected", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, ace.getControlFlag());
+ aceOptions = ace.getOptions();
+ assertEquals("Number of options = 4", 4, aceOptions.size());
+ assertEquals("name=1.2", "1.2", aceOptions.get("name"));
+ assertEquals("succeed=false", "false", aceOptions.get("succeed"));
+ assertEquals("throwEx=true", "true", aceOptions.get("throwEx"));
+ assertEquals("dummy=d", "d", aceOptions.get("dummy"));
+
+ }
+
+ public void testValidateJASPIConfiguration()
+ {
+ ApplicationPolicy jaspiConfig = config.get("conf-jaspi");
+ BaseAuthenticationInfo authInfo = jaspiConfig.getAuthenticationInfo();
+ List<?> entries = authInfo.getModuleEntries();
+ assertEquals("Number of entries = 2", 2, entries.size());
+
+ // First Entry
+ Object entry = entries.get(0);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
+ AuthModuleEntry ace = (AuthModuleEntry) entry;
+ assertEquals("LM Name", "TestAuthModule", ace.getAuthModuleName());
+ assertEquals("Required", ControlFlag.REQUIRED, ace.getControlFlag());
+ Map<String, ?> aceOptions = ace.getOptions();
+ assertEquals("Number of options = 3", 3, aceOptions.size());
+ assertEquals("usersProperties=u", "u", aceOptions.get("usersProperties"));
+ assertEquals("rolesProperties=r", "r", aceOptions.get("rolesProperties"));
+ assertEquals("unauthenticatedIdentity=anonymous", "anonymous", aceOptions.get("unauthenticatedIdentity"));
+
+ // Second Entry
+ entry = entries.get(1);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
+ ace = (AuthModuleEntry) entry;
+ assertEquals("LM Name", "TestAuthModule2", ace.getAuthModuleName());
+ assertEquals("Required", ControlFlag.REQUIRED, ace.getControlFlag());
+ aceOptions = ace.getOptions();
+ assertEquals("Number of options = 0", 0, aceOptions.size());
+ LoginModuleStackHolder lmsh = ace.getLoginModuleStackHolder();
+ assertEquals("lm-stack", "lm-stack", lmsh.getName());
+ AppConfigurationEntry[] appEntries = lmsh.getAppConfigurationEntry();
+ assertEquals("App Entries in LMSH=1", 1, appEntries.length);
+
+ Object appEntry = appEntries[0];
+ assertTrue("Entry instanceof AppConfigurationEntry", appEntry instanceof AppConfigurationEntry);
+ AppConfigurationEntry appace = (AppConfigurationEntry) appEntry;
+ assertEquals("LM Name", "org.jboss.security.auth.spi.UsersRolesLoginModule", appace.getLoginModuleName());
+ assertEquals("Optional", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, appace.getControlFlag());
+ Map<String, ?> appaceOptions = appace.getOptions();
+ assertEquals("Number of options = 3", 3, appaceOptions.size());
+ assertEquals("usersProperties=u", "u", appaceOptions.get("usersProperties"));
+ assertEquals("rolesProperties=r", "r", appaceOptions.get("rolesProperties"));
+ assertEquals("unauthenticatedIdentity=anonymous", "anonymous", appaceOptions.get("unauthenticatedIdentity"));
+ }
+
+ public void testValidateCompleteConfiguration()
+ {
+ ApplicationPolicy completeConfig = config.get("conf-complete");
+ BaseAuthenticationInfo authInfo = completeConfig.getAuthenticationInfo();
+ List<?> entries = authInfo.getModuleEntries();
+ assertEquals("Number of entries = 1", 1, entries.size());
+
+ // First Entry
+ Object entry = entries.get(0);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
+ AppConfigurationEntry ace = (AppConfigurationEntry) entry;
+ assertEquals("LM Name", "org.jboss.test.TestLoginModule", ace.getLoginModuleName());
+ assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
+ Map<String, ?> aceOptions = ace.getOptions();
+ assertEquals("Number of options = 3", 3, aceOptions.size());
+ assertEquals("name=1.1", "1.1", aceOptions.get("name"));
+ assertEquals("succeed=true", "true", aceOptions.get("succeed"));
+ assertEquals("throwEx=false", "false", aceOptions.get("throwEx"));
+
+ // Authorization
+ AuthorizationInfo authzInfo = completeConfig.getAuthorizationInfo();
+ assertNotNull("AuthorizationInfo is not null", authzInfo);
+ AuthorizationModuleEntry[] authzEntries = authzInfo.getAuthorizationModuleEntry();
+ assertEquals("Length of authorization entries = 1", 1, authzEntries.length);
+ AuthorizationModuleEntry authzEntry = authzEntries[0];
+ assertEquals("TestPolicyModule", "org.jboss.test.TestPolicyModule", authzEntry.getPolicyModuleName());
+ assertEquals("Required", ControlFlag.REQUIRED, authzEntry.getControlFlag());
+ Map<String, ?> authzoptions = authzEntry.getOptions();
+ assertEquals("Number of options = 2", 2, authzoptions.size());
+ assertEquals("name=authz", "authz", authzoptions.get("name"));
+ assertEquals("succeed=true", "true", authzoptions.get("succeed"));
+
+ // ACL (instance-based authorization)
+ ACLInfo aclInfo = completeConfig.getAclInfo();
+ assertNotNull("Unexpected null ACLInfo found", aclInfo);
+ ACLProviderEntry[] aclEntries = aclInfo.getACLProviderEntry();
+ assertNotNull("Unexpected null set of acl entries", aclEntries);
+ assertEquals("Invalid number of acl entries", 2, aclEntries.length);
+ // first entry should be org.jboss.security.authz.ACLModule1.
+ Assert.assertEquals("org.jboss.security.authz.ACLModule1", aclEntries[0].getAclProviderName());
+ Assert.assertEquals("REQUIRED", aclEntries[0].getControlFlag().toString());
+ Map<String, ?> options = aclEntries[0].getOptions();
+ Assert.assertNotNull("Unexpected null options map", options);
+ Assert.assertTrue("Option aclOption1 was not found", options.containsKey("aclOption1"));
+ Assert.assertEquals("value1", options.get("aclOption1"));
+ Assert.assertTrue("Option aclOption2 was not found", options.containsKey("aclOption2"));
+ Assert.assertEquals("value2", options.get("aclOption2"));
+ // second entry should be the org.jboss.security.authz.ACLModule2.
+ Assert.assertEquals("org.jboss.security.authz.ACLModule2", aclEntries[1].getAclProviderName());
+ Assert.assertEquals("REQUIRED", aclEntries[1].getControlFlag().toString());
+ options = aclEntries[1].getOptions();
+ Assert.assertNotNull("Unexpected null options map", options);
+ Assert.assertTrue("Option aclOption3 was not found", options.containsKey("aclOption3"));
+ Assert.assertEquals("value3", options.get("aclOption3"));
+ Assert.assertTrue("Option aclOption4 was not found", options.containsKey("aclOption4"));
+ Assert.assertEquals("value4", options.get("aclOption4"));
+
+ // Mapping
+ MappingInfo mappingInfo = completeConfig.getMappingInfo(MappingType.PRINCIPAL.toString());
+ assertNotNull("MappingInfo is not null", mappingInfo);
+ MappingModuleEntry[] mappingEntries = mappingInfo.getMappingModuleEntry();
+ assertEquals("Invalid number of entries", 1, mappingEntries.length);
+ MappingModuleEntry mappingEntry = mappingEntries[0];
+ assertEquals("org.jboss.test.mapping.MappingModule1", mappingEntry.getMappingModuleName());
+ Map<String, ?> mappingOptions = mappingEntry.getOptions();
+ assertEquals("Invalid number of options", 1, mappingOptions.size());
+ Assert.assertTrue("Option option1 was not found", mappingOptions.containsKey("option1"));
+ assertEquals("value1", mappingOptions.get("option1"));
+
+ // Role Mapping
+ mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
+ assertNotNull("MappingInfo is not null", mappingInfo);
+ MappingModuleEntry[] mmearr = mappingInfo.getMappingModuleEntry();
+ assertEquals("Mapping entry length=1", 1, mmearr.length);
+ MappingModuleEntry mme = mmearr[0];
+ assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
+ Map<String, ?> mmOptions = mme.getOptions();
+ assertEquals("Number of options = 2", 2, mmOptions.size());
+ assertEquals("name=rolemap", "rolemap", mmOptions.get("name"));
+ assertEquals("succeed=true", "true", mmOptions.get("succeed"));
+
+ // Audit
+ AuditInfo ai = completeConfig.getAuditInfo();
+ assertNotNull("AuditInfo", ai);
+ AuditProviderEntry[] apelist = ai.getAuditProviderEntry();
+ assertEquals("Audit entry length=1", 1, apelist.length);
+ AuditProviderEntry ape = apelist[0];
+ assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
+ Map<String, ?> auditOptions = ape.getOptions();
+ assertEquals("Number of options = 2", 2, auditOptions.size());
+ assertEquals("name=auditprovider", "auditprovider", auditOptions.get("name"));
+ assertEquals("succeed=false", "false", auditOptions.get("succeed"));
+
+ // Identity Trust
+ IdentityTrustInfo iti = completeConfig.getIdentityTrustInfo();
+ assertNotNull("IdentityTrustInfo", iti);
+ IdentityTrustModuleEntry[] itilist = iti.getIdentityTrustModuleEntry();
+ assertEquals("IdentityTrustModuleEntry length=1", 1, itilist.length);
+ IdentityTrustModuleEntry itie = itilist[0];
+ assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
+ Map<String, ?> itieOptions = itie.getOptions();
+ assertEquals("Number of options = 3", 3, itieOptions.size());
+ assertEquals("name=trustprovider", "trustprovider", itieOptions.get("name"));
+ assertEquals("succeed=true", "true", itieOptions.get("succeed"));
+ assertEquals("dummy=dr", "dr", itieOptions.get("dummy"));
+ }
+
+ public void testApplicationPolicyExtension()
+ {
+ ApplicationPolicy completeConfig = config.get("conf-jaas-extend");
+ assertNotNull("conf-jaas-extend is not null", completeConfig);
+ BaseAuthenticationInfo bai = completeConfig.getAuthenticationInfo();
+ assertNotNull("BaseAuthenticationInfo is not null", bai);
+ assertEquals("3 login modules", 3, bai.getModuleEntries().size());
+
+ // Authorization
+ AuthorizationInfo azi = completeConfig.getAuthorizationInfo();
+ assertNotNull("AuthorizationInfo is not null", azi);
+ assertEquals("3 authz modules", 3, azi.getModuleEntries().size());
+
+ // ACL
+ ACLInfo aclInfo = completeConfig.getAclInfo();
+ assertNotNull("Unexpected null ACLInfo", aclInfo);
+ assertEquals("Unexpected number of acl modules", 3, aclInfo.getModuleEntries().size());
+
+ // Role Mapping
+ MappingInfo mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
+ assertNotNull("MappingInfo is not null", mappingInfo);
+ // we expect 2 modules because one has been configured as a mapping of type "role"
+ assertEquals("2 map modules", 2, mappingInfo.getModuleEntries().size());
+
+ // Mapping
+ mappingInfo = completeConfig.getMappingInfo(MappingType.PRINCIPAL.toString());
+ assertNotNull("MappingInfo is not null", mappingInfo);
+ MappingModuleEntry[] mappingEntries = mappingInfo.getMappingModuleEntry();
+ assertEquals("Invalid number of entries", 2, mappingEntries.length);
+ assertEquals("org.jboss.test.mapping.MappingModule1", mappingEntries[0].getMappingModuleName());
+ assertEquals("org.jboss.test.mapping.MappingModule3", mappingEntries[1].getMappingModuleName());
+ // same test as above: we expect 2 role-mapping modules: 1 from rolemapping and 1 from mapping with type "role".
+ mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
+ assertNotNull("MappingInfo is not null", mappingInfo);
+ mappingEntries = mappingInfo.getMappingModuleEntry();
+ assertEquals("Invalid number of entries", 2, mappingEntries.length);
+ assertEquals("org.jboss.test.TestMappingModule", mappingEntries[0].getMappingModuleName());
+ assertEquals("org.jboss.test.mapping.MappingModule2", mappingEntries[1].getMappingModuleName());
+
+ // Audit
+ AuditInfo ai = completeConfig.getAuditInfo();
+ assertNotNull("AuditInfo", ai);
+ AuditProviderEntry[] apelist = ai.getAuditProviderEntry();
+ assertEquals("Audit entry length=1", 1, apelist.length);
+
+ // Identity Trust
+ IdentityTrustInfo iti = completeConfig.getIdentityTrustInfo();
+ assertNotNull("IdentityTrustInfo", iti);
+ IdentityTrustModuleEntry[] itilist = iti.getIdentityTrustModuleEntry();
+ assertEquals("IdentityTrustModuleEntry length=1", 1, itilist.length);
+
+ // JASPI authentication policy extension
+ ApplicationPolicy jaspiPolicy = config.get("conf-jaspi-extend");
+ assertNotNull("Unexpected null conf-jaspi-extend application policy", jaspiPolicy);
+ BaseAuthenticationInfo authInfo = jaspiPolicy.getAuthenticationInfo();
+ assertNotNull("Unexpected null jaspi configuration", authInfo);
+ List<?> entries = authInfo.getModuleEntries();
+ assertEquals("Invalid number of auth modules", 3, entries.size());
+ }
+
+ public void testAddDeletionOfApplicationPolicies()
+ {
+ ApplicationPolicy aPolicy = new ApplicationPolicy("test");
+ SecurityConfiguration.addApplicationPolicy(aPolicy);
+ ApplicationPolicy ap = SecurityConfiguration.getApplicationPolicy("test");
+ assertNotNull("Application Policy for test != null", ap);
+ assertEquals("Application Policy Name = test", "test", ap.getName());
+
+ SecurityConfiguration.removeApplicationPolicy("test");
+ assertNull("Application Policy for test is null", SecurityConfiguration.getApplicationPolicy("test"));
+ }
+
+ private InputStreamReader loadURL(URL configURL) throws IOException
+ {
+ InputStream is = configURL.openStream();
+ if (is == null)
+ throw new IOException("Failed to obtain InputStream from url: " + configURL);
+ InputStreamReader xmlReader = new InputStreamReader(is);
+ return xmlReader;
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/identitytrust/IdentityTrustUnitTestCase.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/identitytrust/IdentityTrustUnitTestCase.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/identitytrust/IdentityTrustUnitTestCase.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,190 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.identitytrust;
+
+import java.net.URL;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.RunAs;
+import org.jboss.security.RunAsIdentity;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.identitytrust.IdentityTrustManager;
+import org.jboss.security.identitytrust.IdentityTrustManager.TrustDecision;
+import org.jboss.security.plugins.JBossSecurityContext;
+
+// $Id$
+
+/**
+ * Test the IdentityTrust framework
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 2, 2007
+ * @version $Revision$
+ */
+public class IdentityTrustUnitTestCase extends TestCase
+{
+ String configFile = "config/identitytrust-config.xml";
+
+ @Override
+ protected void setUp() throws Exception
+ {
+ XMLLoginConfigImpl xli = XMLLoginConfigImpl.getInstance();
+ SecurityActions.setJAASConfiguration(xli);
+ URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
+ assertNotNull("Config URL", configURL);
+
+ xli.setConfigURL(configURL);
+ xli.loadConfig();
+ }
+
+ public void testPermit_Permit_Permit() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("Permit-Permit-Permit");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
+ }
+
+ public void testPermit_Permit_Deny() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("Permit-Permit-Deny");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted Deny", TrustDecision.Deny, itm.isTrusted(sc));
+ }
+
+ public void testPermit_Deny_Permit() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("Permit-Deny-Permit");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted Deny", TrustDecision.Deny, itm.isTrusted(sc));
+ }
+
+ public void testDeny_Permit_Permit() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("Deny-Permit-Permit");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted Deny", TrustDecision.Deny, itm.isTrusted(sc));
+ }
+
+ public void testPermit_Permit_NotApplicable() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("Permit-Permit-NotApplicable");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
+ }
+
+ public void testNotApplicable_Permit_Permit() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("NotApplicable-Permit-Permit");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
+ }
+
+ public void testNotApplicable_Required__Permit_Optional() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("NotApplicable_Required-Permit_Optional");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted not applicable", TrustDecision.NotApplicable, itm.isTrusted(sc));
+ }
+
+ public void testPermit_Required__Deny_Optional() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("Permit_Required-Deny_Optional");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
+ }
+
+ public void testNotApplicable_Required__Deny_Optional() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("NotApplicable_Required-Deny_Optional");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted false", TrustDecision.NotApplicable, itm.isTrusted(sc));
+ }
+
+ public void testPermit_Sufficient__Deny_Optional() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("Permit_Sufficient-Deny_Optional");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
+ }
+
+ @SuppressWarnings("unchecked")
+ public void testJavaEERunAsIdentity() throws Exception
+ {
+ JBossSecurityContext sc = new JBossSecurityContext("conf-javaee");
+ sc.setIncomingRunAs(new RunAsIdentity("theduke", "jduke"));
+ assertNotNull("SecurityContext is not null", sc);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", itm);
+ assertEquals("Is Trusted", TrustDecision.Permit, itm.isTrusted(sc));
+
+ sc.setIncomingRunAs(new RunAs()
+ {
+ public <T> T getIdentity()
+ {
+ return (T) "BAD";
+ }
+
+ public <T> T getProof()
+ {
+ return (T) "BAD";
+ }
+
+ public String getName()
+ {
+ return "BAD";
+ }
+ });
+
+ assertEquals("Is Trusted is false", TrustDecision.NotApplicable, itm.isTrusted(sc));
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/identitytrust/SecurityActions.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/identitytrust/SecurityActions.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/security/identitytrust/SecurityActions.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,78 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.identitytrust;
+
+import java.security.AccessController;
+import java.security.Principal;
+import java.security.PrivilegedAction;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.Configuration;
+import javax.security.jacc.PolicyContext;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Sep 25, 2007
+ * @version $Revision$
+ */
+public class SecurityActions
+{
+ @SuppressWarnings("unchecked")
+ public static void addPrincipalToSubject(final Subject subj, final Principal p)
+ {
+ AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ subj.getPrincipals().add(p);
+ return null;
+ }
+ });
+ }
+
+ @SuppressWarnings("unchecked")
+ public static void setJAASConfiguration(final Configuration configuration)
+ {
+ AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ Configuration.setConfiguration(configuration);
+ return null;
+ }
+ });
+ }
+
+ @SuppressWarnings("unchecked")
+ public static void setPolicyContextID(final String contextID)
+ {
+ AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ PolicyContext.setContextID(contextID);
+ return null;
+ }
+ });
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/util/TestHttpServletRequest.java
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/util/TestHttpServletRequest.java (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/java/org/jboss/test/util/TestHttpServletRequest.java 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,329 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.util;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.security.Principal;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Vector;
+
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+//$Id$
+
+/**
+ * Test Http Servlet Request
+ * @author Anil.Saldhana at redhat.com
+ * @since May 8, 2007
+ * @version $Revision$
+ */
+public class TestHttpServletRequest implements HttpServletRequest
+{
+ private Principal p = null;
+ private String uri;
+ private String meth;
+
+ private Map<String,Object> parameterMap = new HashMap<String,Object>();
+
+ public TestHttpServletRequest(Principal p, String uri, String meth)
+ {
+ this.p = p;
+ this.uri = uri;
+ this.meth = meth;
+ }
+
+ public String getAuthType()
+ {
+ return null;
+ }
+
+ public String getContextPath()
+ {
+ return null;
+ }
+
+ public Cookie[] getCookies()
+ {
+ return null;
+ }
+
+ public long getDateHeader(String arg0)
+ {
+ return 0;
+ }
+
+ public String getHeader(String arg0)
+ {
+ return null;
+ }
+
+ public Enumeration<String> getHeaderNames()
+ {
+ return null;
+ }
+
+ public Enumeration<String> getHeaders(String arg0)
+ {
+ return null;
+ }
+
+ public int getIntHeader(String arg0)
+ {
+ return 0;
+ }
+
+ public String getMethod()
+ {
+ return meth;
+ }
+
+ public String getPathInfo()
+ {
+ return null;
+ }
+
+ public String getPathTranslated()
+ {
+ return null;
+ }
+
+ public String getQueryString()
+ {
+ return null;
+ }
+
+ public String getRemoteUser()
+ {
+ return null;
+ }
+
+ public String getRequestURI()
+ {
+ return uri;
+ }
+
+ public StringBuffer getRequestURL()
+ {
+ return null;
+ }
+
+ public String getRequestedSessionId()
+ {
+ return null;
+ }
+
+ public String getServletPath()
+ {
+ return null;
+ }
+
+ public HttpSession getSession()
+ {
+ return null;
+ }
+
+ public HttpSession getSession(boolean arg0)
+ {
+ return null;
+ }
+
+ public Principal getUserPrincipal()
+ {
+ return p;
+ }
+
+ public boolean isRequestedSessionIdFromCookie()
+ {
+ return false;
+ }
+
+ public boolean isRequestedSessionIdFromURL()
+ {
+ return false;
+ }
+
+ public boolean isRequestedSessionIdFromUrl()
+ {
+ return false;
+ }
+
+ public boolean isRequestedSessionIdValid()
+ {
+ return false;
+ }
+
+ public boolean isUserInRole(String arg0)
+ {
+ return false;
+ }
+
+ public Object getAttribute(String arg0)
+ {
+ return null;
+ }
+
+ public Enumeration<String> getAttributeNames()
+ {
+ return null;
+ }
+
+ public String getCharacterEncoding()
+ {
+ return null;
+ }
+
+ public int getContentLength()
+ {
+ return 0;
+ }
+
+ public String getContentType()
+ {
+ return null;
+ }
+
+ public ServletInputStream getInputStream() throws IOException
+ {
+ return null;
+ }
+
+ public String getLocalAddr()
+ {
+ return null;
+ }
+
+ public String getLocalName()
+ {
+ return null;
+ }
+
+ public int getLocalPort()
+ {
+ return 0;
+ }
+
+ public Locale getLocale()
+ {
+ return null;
+ }
+
+ public Enumeration<String> getLocales()
+ {
+ return null;
+ }
+
+ public String getParameter(String arg)
+ {
+ return (String) parameterMap.get(arg);
+ }
+
+ public Map<String,Object> getParameterMap()
+ {
+ return parameterMap;
+ }
+
+ public Enumeration<String> getParameterNames()
+ {
+ return (new Vector<String>()).elements();
+ }
+
+ public String[] getParameterValues(String arg0)
+ {
+ return null;
+ }
+
+ public String getProtocol()
+ {
+ return null;
+ }
+
+ public BufferedReader getReader() throws IOException
+ {
+ return null;
+ }
+
+ public String getRealPath(String arg0)
+ {
+ return null;
+ }
+
+ public String getRemoteAddr()
+ {
+ return null;
+ }
+
+ public String getRemoteHost()
+ {
+ return null;
+ }
+
+ public int getRemotePort()
+ {
+ return 0;
+ }
+
+ public RequestDispatcher getRequestDispatcher(String arg0)
+ {
+ return null;
+ }
+
+ public String getScheme()
+ {
+ return null;
+ }
+
+ public String getServerName()
+ {
+ return null;
+ }
+
+ public int getServerPort()
+ {
+ return 0;
+ }
+
+ public boolean isSecure()
+ {
+ return false;
+ }
+
+ public void removeAttribute(String arg0)
+ {
+ }
+
+ public void setAttribute(String arg0, Object arg1)
+ {
+ }
+
+ public void setCharacterEncoding(String arg0) throws UnsupportedEncodingException
+ {
+ }
+}
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/authorization/config/authorization-policy.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/authorization/config/authorization-policy.xml (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/authorization/config/authorization-policy.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,155 @@
+<jbsx:policy xsi:schemaLocation="urn:jboss:security-config:5.0 resource:security-config_5_0.xsd" xmlns:jbsx="urn:jboss:security-config:5.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+
+ <jbsx:application-policy name="xacml-domain">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.XACMLAuthorizationModule" flag="required" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="requisite-permit-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="requisite" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="requisite-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="requisite" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="sufficient-permit-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="sufficient-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="optional-permit-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="optional-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-deny-sufficient-permit-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-sufficient-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-permit-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-permit-sufficient-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-permit-requisite-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="requisite" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-permit-optional-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="optional" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-deny-requisite-permit-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="requisite" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="requisite-permit-requisite-permit-sufficient-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="requisite" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="requisite" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="sufficient-permit-required-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="sufficient-permit-sufficient-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="optional-deny-sufficient-permit-required-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="optional" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllPermitAuthorizationModule" flag="sufficient" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="required" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="sufficient-deny-optional-deny-policy">
+ <jbsx:authorization>
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="sufficient" />
+ <jbsx:policy-module code="org.jboss.security.authorization.modules.AllDenyAuthorizationModule" flag="optional" />
+ </jbsx:authorization>
+ </jbsx:application-policy>
+
+</jbsx:policy>
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/identitytrust-config.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/identitytrust-config.xml (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/identitytrust-config.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,90 @@
+<?xml version='1.0'?>
+
+<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:security-config:5.0"
+ xmlns="urn:jboss:security-config:5.0">
+
+ <application-policy name="conf-javaee">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.JavaEETrustModule"/>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name="Permit-Permit-Permit">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name="Permit-Permit-Deny">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule"/>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name="Permit-Deny-Permit">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name="Deny-Permit-Permit">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule"/> <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name="Permit-Permit-NotApplicable">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysNotApplicableTrustModule"/>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name="NotApplicable-Permit-Permit">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysNotApplicableTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name="NotApplicable_Required-Permit_Optional">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysNotApplicableTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule" flag="optional"/>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name="Permit_Required-Deny_Optional">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysPermitTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule" flag="optional"/>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name="NotApplicable_Required-Deny_Optional">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysNotApplicableTrustModule"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule" flag="optional"/>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name="Permit_Sufficient-Deny_Optional">
+ <identity-trust>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysNotApplicableTrustModule"
+ flag="sufficient"/>
+ <trust-module code="org.jboss.security.identitytrust.modules.AlwaysDenyTrustModule" flag="optional"/>
+ </identity-trust>
+ </application-policy>
+
+</policy>
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jaspi-config-options.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jaspi-config-options.xml (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jaspi-config-options.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,150 @@
+<jbsx:policy xsi:schemaLocation="urn:jboss:security-config:5.0 resource:security-config_5_0.xsd" xmlns:jbsx="urn:jboss:security-config:5.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+
+ <jbsx:application-policy name="required-permit-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule"
+ flag="required" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="requisite-permit-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="requisite" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="requisite-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="requisite" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="sufficient-permit-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="sufficient-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="optional-permit-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="optional-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-deny-sufficient-permit-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-sufficient-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-permit-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-permit-sufficient-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-permit-requisite-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="requisite" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-permit-optional-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="optional" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="required-permit-required-deny-requisite-permit-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="requisite" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="requisite-permit-requisite-permit-sufficient-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="requisite" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="requisite" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="sufficient-permit-required-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="sufficient-permit-sufficient-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="optional-deny-sufficient-permit-required-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="optional" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllSuccessServerAuthModule" flag="sufficient" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="required" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+ <jbsx:application-policy name="sufficient-deny-optional-deny-policy">
+ <jbsx:authentication-jaspi>
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="sufficient" />
+ <jbsx:auth-module code="org.jboss.security.auth.container.modules.AllFailureServerAuthModule" flag="optional" />
+ </jbsx:authentication-jaspi>
+ </jbsx:application-policy>
+
+</jbsx:policy>
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jaspi-config.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jaspi-config.xml (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jaspi-config.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,52 @@
+<?xml version='1.0'?>
+
+<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:security-config:5.0"
+ xmlns="urn:jboss:security-config:5.0">
+
+ <application-policy name="conf-jaspi">
+ <authentication-jaspi>
+ <login-module-stack name="lm-stack">
+ <login-module
+ code="org.jboss.test.authentication.jaspi.TestLoginModule"
+ flag="optional">
+ <module-option name="principal">anil</module-option>
+ <module-option name="pass">anilpwd</module-option>
+ </login-module>
+ </login-module-stack>
+ <auth-module code="org.jboss.security.auth.container.modules.SimpleServerAuthModule">
+ <module-option name="principal">anil</module-option>
+ <module-option name="pass">anilpwd</module-option>
+ </auth-module>
+ <auth-module code="org.jboss.test.authentication.jaspi.TestServerAuthModule"
+ login-module-stack-ref="lm-stack"/>
+ </authentication-jaspi>
+ </application-policy>
+
+ <application-policy name="conf-jaspi-2">
+ <authentication-jaspi>
+ <auth-module code="org.jboss.test.authentication.jaspi.LoginModuleServerAuthModule">
+ <module-option name="login-module-delegate">org.jboss.security.auth.spi.UsersRolesLoginModule</module-option>
+ <module-option name="usersProperties">users.properties</module-option>
+ <module-option name="rolesProperties">roles.properties</module-option>
+ </auth-module>
+ </authentication-jaspi>
+ </application-policy>
+
+ <application-policy name="web-jaspi">
+ <authentication-jaspi>
+ <login-module-stack name="jaas-lm-stack">
+ <login-module
+ code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
+ <module-option name="usersProperties">users.properties</module-option>
+ <module-option name="rolesProperties">roles.properties</module-option>
+ </login-module>
+ </login-module-stack>
+ <auth-module code="org.jboss.security.auth.container.modules.HttpServletServerAuthModule"
+ login-module-stack-ref="jaas-lm-stack">
+ <module-option name="userNameParam">j_username</module-option>
+ <module-option name="passwordParam">j_password</module-option>
+ </auth-module>
+ </authentication-jaspi>
+ </application-policy>
+</policy>
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jboss-acl.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jboss-acl.xml (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/jboss-acl.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,30 @@
+<jboss-acl xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:jboss-acl-config:1.0"
+ xmlns="urn:jboss:jboss-acl-config:1.0"
+ xmlns:jbxb="urn:jboss:jboss-acl-config:1.0">
+
+ <acl-definition resource="org.jboss.test.authorization.acl.ACLTestResource:10">
+ <entry>
+ <identity-name>Administrator</identity-name>
+ <permissions>CREATE,READ,UPDATE,DELETE</permissions>
+ </entry>
+ <entry>
+ <identity-name>Guest</identity-name>
+ <permissions>READ</permissions>
+ </entry>
+ </acl-definition>
+
+ <!-- An extends attribute allows an ACL to inherit all the entries from its parent ACL -->
+ <acl-definition resource="org.jboss.test.authorization.acl.ACLTestResource:20" extends="org.jboss.test.authorization.acl.ACLTestResource:10">
+ <entry>
+ <identity-name>Regular_User</identity-name>
+ <permissions>READ,UPDATE</permissions>
+ </entry>
+ <!-- This overrides the definition from the parent ACL -->
+ <entry>
+ <identity-name>Guest</identity-name>
+ <permissions>READ,UPDATE</permissions>
+ </entry>
+ </acl-definition>
+
+</jboss-acl>
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/securityConfig41.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/securityConfig41.xml (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/securityConfig41.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- $Id: config.xml 34316 2005-07-31 23:13:44Z starksm $ -->
+
+<jaas:policy
+ xsi:schemaLocation="urn:jboss:security-config security-config_4_1.xsd"
+ xmlns:jaas="urn:jboss:security-config:4.1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ >
+ <jaas:application-policy name="conf1">
+ <jaas:authentication>
+ <jaas:login-module code="org.jboss.security.auth.spi.XMLLoginModule"
+ flag="required">
+ <jaas:module-option name="userInfo">
+ <ur:users
+ xsi:schemaLocation="urn:jboss:user-roles user-roles_1_0.xsd"
+ xmlns:ur="urn:jboss:user-roles">
+ <ur:user name="jduke" password="theduke">
+ <ur:role name="Role1"/>
+ <ur:role name="Role2"/>
+ <ur:role name="Echo"/>
+ <ur:role name="callerJduke" group="CallerPrincipal"/>
+ </ur:user>
+ <ur:user name="scott" password="echoman">
+ <ur:role name="Echo"/>
+ <ur:role name="ProjectUser"/>
+ <ur:role name="callerScott" group="CallerPrincipal"/>
+ </ur:user>
+ <ur:user name="stark" password="javaman">
+ <ur:role name="Java"/>
+ <ur:role name="Coder"/>
+ <ur:role name="callerStark" group="CallerPrincipal"/>
+ </ur:user>
+ <ur:user name="jdukeman" password="anotherduke">
+ <ur:role name="Role2"/>
+ <ur:role name="Role3"/>
+ <ur:role name="callerJdukeman" group="CallerPrincipal"/>
+ </ur:user>
+ <ur:user name="invoker" password="invoker">
+ <ur:role name="HttpInvoker"/>
+ </ur:user>
+ <ur:user name="admin" password="admin">
+ <ur:role name="JBossAdmin"/>
+ </ur:user>
+ </ur:users>
+ </jaas:module-option>
+ <jaas:module-option name="unauthenticatedIdentity">guest</jaas:module-option>
+ </jaas:login-module>
+ </jaas:authentication>
+ </jaas:application-policy>
+</jaas:policy>
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/securityConfig5.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/securityConfig5.xml (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/config/securityConfig5.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,155 @@
+<?xml version='1.0'?>
+
+<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:security-config:5.0"
+ xmlns="urn:jboss:security-config:5.0"
+ xmlns:jbxb="urn:jboss:security-config:5.0">
+ <application-policy name = "conf-jaas">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">1.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule2"
+ flag = "optional">
+ <module-option name = "name">1.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ <module-option name = "dummy">d</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name="conf-jaspi">
+ <authentication-jaspi>
+ <login-module-stack name="lm-stack">
+ <login-module
+ code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="optional">
+ <module-option name="usersProperties">u</module-option>
+ <module-option name="rolesProperties">r</module-option>
+ <module-option name="unauthenticatedIdentity">anonymous</module-option>
+ </login-module>
+ </login-module-stack>
+ <auth-module code="TestAuthModule">
+ <module-option name="usersProperties">u</module-option>
+ <module-option name="rolesProperties">r</module-option>
+ <module-option name="unauthenticatedIdentity">anonymous</module-option>
+ </auth-module>
+ <auth-module code="TestAuthModule2" login-module-stack-ref="lm-stack"/>
+ </authentication-jaspi>
+ </application-policy>
+
+ <application-policy name="conf-complete">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">1.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ <authorization>
+ <policy-module code = "org.jboss.test.TestPolicyModule"
+ flag = "required">
+ <module-option name = "name">authz</module-option>
+ <module-option name = "succeed">true</module-option>
+ </policy-module>
+ </authorization>
+ <acl>
+ <acl-module code="org.jboss.security.authz.ACLModule1" flag="required">
+ <module-option name="aclOption1">value1</module-option>
+ <module-option name="aclOption2">value2</module-option>
+ </acl-module>
+ <acl-module code="org.jboss.security.authz.ACLModule2" flag="required">
+ <module-option name="aclOption3">value3</module-option>
+ <module-option name="aclOption4">value4</module-option>
+ </acl-module>
+ </acl>
+ <rolemapping>
+ <mapping-module code = "org.jboss.test.TestMappingModule">
+ <module-option name = "name">rolemap</module-option>
+ <module-option name = "succeed">true</module-option>
+ </mapping-module>
+ </rolemapping>
+ <mapping>
+ <mapping-module code = "org.jboss.test.mapping.MappingModule1" type="principal">
+ <module-option name = "option1">value1</module-option>
+ </mapping-module>
+ </mapping>
+ <audit>
+ <provider-module code = "org.jboss.test.TestProviderModule"
+ flag = "required">
+ <module-option name = "name">auditprovider</module-option>
+ <module-option name = "succeed">false</module-option>
+ </provider-module>
+ </audit>
+ <identity-trust>
+ <trust-module code = "org.jboss.test.TestTrustModule"
+ flag = "required">
+ <module-option name = "name">trustprovider</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "dummy">dr</module-option>
+ </trust-module>
+ </identity-trust>
+ </application-policy>
+
+ <application-policy name = "conf-jaas-extend" extends = "conf-complete">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">1.3</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">1.4</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ <authorization>
+ <policy-module code = "org.jboss.test.TestPolicyModule"
+ flag = "required">
+ <module-option name = "name">authz1</module-option>
+ <module-option name = "succeed">true</module-option>
+ </policy-module>
+ <policy-module code = "org.jboss.test.TestPolicyModule"
+ flag = "required">
+ <module-option name = "name">authz2</module-option>
+ <module-option name = "succeed">true</module-option>
+ </policy-module>
+ </authorization>
+ <acl>
+ <acl-module code="org.jboss.security.authz.ACLModule3" flag="optional">
+ <module-option name="aclOption5">value5</module-option>
+ <module-option name="aclOption6">value6</module-option>
+ </acl-module>
+ </acl>
+ <mapping>
+ <mapping-module code = "org.jboss.test.mapping.MappingModule2" type="role">
+ <module-option name = "option2">value2</module-option>
+ </mapping-module>
+ <mapping-module code = "org.jboss.test.mapping.MappingModule3" type="principal">
+ <module-option name = "option3">value3</module-option>
+ </mapping-module>
+ </mapping>
+ </application-policy>
+
+ <application-policy name="conf-jaspi-extend" extends="conf-jaspi">
+ <authentication-jaspi>
+ <login-module-stack name="lm-stack2">
+ <login-module code="org.jboss.security.TestModule2" flag="requisite">
+ <module-option name="prop1">value1</module-option>
+ <module-option name="prop2">value2</module-option>
+ </login-module>
+ </login-module-stack>
+ <auth-module code="org.jboss.security.JASPITestModule" login-module-stack-ref="lm-stack2">
+ <module-option name="auth.option">auth.value</module-option>
+ </auth-module>
+ </authentication-jaspi>
+ </application-policy>
+</policy>
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/jndi.properties
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/jndi.properties (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/jndi.properties 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,3 @@
+java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
+java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
+java.naming.provider.url=jnp://localhost:1099
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/roles.properties
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/roles.properties (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/roles.properties 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,12 @@
+scott=Echo
+stark=Java,Coder
+stark.CallerPrincipal=callerStark
+
+starksm.Roles=ProjectUser
+starksm.CallerPrincipal=callerStarksm
+scott.Roles=ProjectUser
+scott.CallerPrincipal=callerScott
+
+jduke=Role1,Role2
+jdukeman=Role2,Role3
+jdukeman.CallerPrincipal=callerJdukeman
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/users.properties
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/users.properties (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/users.properties 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1,4 @@
+scott=echoman
+stark=javaman
+jduke=theduke
+jdukeman=anotherduke
\ No newline at end of file
Added: projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/usersb64.properties
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/usersb64.properties (rev 0)
+++ projects/security/picketbox/trunk/security-jboss-sx/jbosssx-mc-int/src/test/resources/usersb64.properties 2010-01-20 22:21:31 UTC (rev 99680)
@@ -0,0 +1 @@
+scott=ug1tko1om/N1IdWSSQxwRA==
\ No newline at end of file
Modified: projects/security/picketbox/trunk/security-jboss-sx/parent/pom.xml
===================================================================
--- projects/security/picketbox/trunk/security-jboss-sx/parent/pom.xml 2010-01-20 20:59:01 UTC (rev 99679)
+++ projects/security/picketbox/trunk/security-jboss-sx/parent/pom.xml 2010-01-20 22:21:31 UTC (rev 99680)
@@ -92,11 +92,6 @@
<version>2.1.1.GA</version>
</dependency>
<dependency>
- <groupId>org.jboss.logging</groupId>
- <artifactId>jboss-logging-log4j</artifactId>
- <version>2.1.1.GA</version>
- </dependency>
- <dependency>
<groupId>org.jboss.javaee</groupId>
<artifactId>jboss-jacc-api</artifactId>
<version>1.1.0.${org.jboss.javaee.version}</version>
@@ -107,6 +102,12 @@
<artifactId>jboss-jaspi-api</artifactId>
<version>1.0.0.${org.jboss.javaee.version}</version>
<scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.jboss</groupId>
+ <artifactId>jboss-common-core</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.jboss.security</groupId>
@@ -121,12 +122,6 @@
</dependency>
<dependency>
<groupId>sun-jaxb</groupId>
- <artifactId>jaxb-api</artifactId>
- <version>2.1.9</version>
- <scope>compile</scope>
- </dependency>
- <dependency>
- <groupId>sun-jaxb</groupId>
<artifactId>jaxb-impl</artifactId>
<version>2.1.9</version>
<scope>runtime</scope>
@@ -134,7 +129,7 @@
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
- <version>3.8.1</version>
+ <version>4.8.1</version>
<scope>test</scope>
</dependency>
<dependency>
More information about the jboss-cvs-commits
mailing list