[jboss-cvs] JBossAS SVN: r99913 - in projects/security/picketbox/fresh: picketbox and 21 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jan 25 13:10:24 EST 2010
Author: anil.saldhana at jboss.com
Date: 2010-01-25 13:10:24 -0500 (Mon, 25 Jan 2010)
New Revision: 99913
Added:
projects/security/picketbox/fresh/picketbox/
projects/security/picketbox/fresh/picketbox/.classpath
projects/security/picketbox/fresh/picketbox/.project
projects/security/picketbox/fresh/picketbox/.settings/
projects/security/picketbox/fresh/picketbox/.settings/org.eclipse.jdt.core.prefs
projects/security/picketbox/fresh/picketbox/pom.xml
projects/security/picketbox/fresh/picketbox/src/
projects/security/picketbox/fresh/picketbox/src/main/
projects/security/picketbox/fresh/picketbox/src/main/java/
projects/security/picketbox/fresh/picketbox/src/main/java/org/
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/config/
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/config/PicketBoxConfiguration.java
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/config/SecurityActions.java
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationFileNullException.java
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationParsingException.java
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationStreamNullException.java
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/factories/
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/factories/SecurityActions.java
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/factories/SecurityFactory.java
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/handlers/
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/handlers/HandlerContract.java
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/PicketBoxCallbackHandler.java
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/PicketBoxSecurityManagement.java
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/authorization/
projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/authorization/PicketBoxAuthorizationModule.java
projects/security/picketbox/fresh/picketbox/src/main/resources/
projects/security/picketbox/fresh/picketbox/src/main/resources/auth.conf
projects/security/picketbox/fresh/picketbox/src/test/
projects/security/picketbox/fresh/picketbox/src/test/java/
projects/security/picketbox/fresh/picketbox/src/test/java/org/
projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/
projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/
projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/
projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuditUnitTestCase.java
projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuthenticationUnitTestCase.java
projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuthorizationUnitTestCase.java
projects/security/picketbox/fresh/picketbox/src/test/resources/
projects/security/picketbox/fresh/picketbox/src/test/resources/config/
projects/security/picketbox/fresh/picketbox/src/test/resources/config/audit.conf
projects/security/picketbox/fresh/picketbox/src/test/resources/config/authentication.conf
projects/security/picketbox/fresh/picketbox/src/test/resources/config/authorization.conf
projects/security/picketbox/fresh/picketbox/src/test/resources/defaultRoles.properties
projects/security/picketbox/fresh/picketbox/src/test/resources/defaultUsers.properties
Modified:
projects/security/picketbox/fresh/pom.xml
Log:
add picketbox
Added: projects/security/picketbox/fresh/picketbox/.classpath
===================================================================
--- projects/security/picketbox/fresh/picketbox/.classpath (rev 0)
+++ projects/security/picketbox/fresh/picketbox/.classpath 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,13 @@
+<classpath>
+ <classpathentry kind="src" path="src/test/java" output="target/test-classes" including="**/*.java"/>
+ <classpathentry kind="src" path="src/test/resources" output="target/test-classes" excluding="**/*.java"/>
+ <classpathentry kind="src" path="src/main/java" including="**/*.java"/>
+ <classpathentry kind="src" path="src/main/resources" excluding="**/*.java"/>
+ <classpathentry kind="output" path="target/classes"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/logging/jboss-logging-spi/2.1.1.GA/jboss-logging-spi-2.1.1.GA.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-security-spi/2.1.0.20091223-SNAPSHOT/jboss-security-spi-2.1.0.20091223-SNAPSHOT.jar" sourcepath="M2_REPO/org/jboss/security/jboss-security-spi/2.1.0.20091223-SNAPSHOT/jboss-security-spi-2.1.0.20091223-SNAPSHOT-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/security/jbosssx/2.1.0.20091223-SNAPSHOT/jbosssx-2.1.0.20091223-SNAPSHOT.jar" sourcepath="M2_REPO/org/jboss/security/jbosssx/2.1.0.20091223-SNAPSHOT/jbosssx-2.1.0.20091223-SNAPSHOT-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/junit/junit/4.8.1/junit-4.8.1.jar"/>
+ <classpathentry kind="var" path="M2_REPO/stax/stax-api/1.0.1/stax-api-1.0.1.jar"/>
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5"/>
+</classpath>
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/.project
===================================================================
--- projects/security/picketbox/fresh/picketbox/.project (rev 0)
+++ projects/security/picketbox/fresh/picketbox/.project 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,13 @@
+<projectDescription>
+ <name>picketbox-bare</name>
+ <comment>PicketBox is a cross cutting project that handles security for Java projects.</comment>
+ <projects/>
+ <buildSpec>
+ <buildCommand>
+ <name>org.eclipse.jdt.core.javabuilder</name>
+ </buildCommand>
+ </buildSpec>
+ <natures>
+ <nature>org.eclipse.jdt.core.javanature</nature>
+ </natures>
+</projectDescription>
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/.settings/org.eclipse.jdt.core.prefs
===================================================================
--- projects/security/picketbox/fresh/picketbox/.settings/org.eclipse.jdt.core.prefs (rev 0)
+++ projects/security/picketbox/fresh/picketbox/.settings/org.eclipse.jdt.core.prefs 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,5 @@
+#Fri Jan 22 11:23:14 CST 2010
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.source=1.5
+org.eclipse.jdt.core.compiler.compliance=1.5
Added: projects/security/picketbox/fresh/picketbox/pom.xml
===================================================================
--- projects/security/picketbox/fresh/picketbox/pom.xml (rev 0)
+++ projects/security/picketbox/fresh/picketbox/pom.xml 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,49 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss</groupId>
+ <artifactId>jboss-parent</artifactId>
+ <version>4</version>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.picketbox</groupId>
+ <artifactId>picketbox-bare</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
+ <name>Picketbox</name>
+ <url>http://jboss.org/picketbox</url>
+ <description>PicketBox is a cross cutting project that handles security for Java projects.</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-security-spi</artifactId>
+ <version>2.1.0.20091223-SNAPSHOT</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jbosssx</artifactId>
+ <version>2.1.0.20091223-SNAPSHOT</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.logging</groupId>
+ <artifactId>jboss-logging-spi</artifactId>
+ <version>2.1.1.GA</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>stax</groupId>
+ <artifactId>stax-api</artifactId>
+ <version>1.0.1</version>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.8.1</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+</project>
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/config/PicketBoxConfiguration.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/config/PicketBoxConfiguration.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/config/PicketBoxConfiguration.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,85 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.config;
+
+import java.io.InputStream;
+import java.security.PrivilegedActionException;
+
+import javax.xml.stream.XMLStreamException;
+
+import org.jboss.security.config.parser.StaxBasedConfigParser;
+import org.picketbox.exceptions.ConfigurationFileNullException;
+import org.picketbox.exceptions.ConfigurationParsingException;
+import org.picketbox.exceptions.ConfigurationStreamNullException;
+
+/**
+ * Defines the PicketBox Configuration
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 22, 2010
+ */
+public class PicketBoxConfiguration
+{
+ /**
+ * Load a configuration file
+ * @param configFileName
+ * @throws ConfigurationFileNullException if the passed file name is null
+ * @throws ConfigurationParsingException parsing exception
+ */
+ public void load(String configFileName) throws ConfigurationFileNullException, ConfigurationParsingException
+ {
+ if(configFileName == null)
+ throw new ConfigurationFileNullException("configFileName is null");
+ try
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ InputStream configStream = tcl.getResourceAsStream(configFileName);
+ load(configStream);
+ }
+ catch (PrivilegedActionException e)
+ {
+ throw new RuntimeException(e.getCause());
+ }
+ }
+
+ /**
+ * Load the Configuration Stream
+ * @param configStream
+ * @throws ConfigurationStreamNullException if the configuration stream is null
+ * @throws ConfigurationParsingException if there is parsing exception
+ */
+ public void load(InputStream configStream) throws ConfigurationStreamNullException, ConfigurationParsingException
+ {
+ if(configStream == null)
+ throw new ConfigurationStreamNullException("configStream is null");
+
+ //Parser will parse the stream and update the XMLLoginConfigImpl
+ StaxBasedConfigParser parser = new StaxBasedConfigParser();
+ try
+ {
+ parser.parse(configStream);
+ }
+ catch (XMLStreamException e)
+ {
+ throw new ConfigurationParsingException(e);
+ }
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/config/SecurityActions.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/config/SecurityActions.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/config/SecurityActions.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,62 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.config;
+
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+//$Id$
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Oct 11, 2007
+ * @version $Revision$
+ */
+class SecurityActions
+{
+ @SuppressWarnings("unchecked")
+ static ClassLoader getContextClassLoader() throws PrivilegedActionException
+ {
+ return (ClassLoader) AccessController.doPrivileged(new PrivilegedExceptionAction()
+ {
+ public Object run() throws Exception
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ @SuppressWarnings("unchecked")
+ static Class<Object> loadClass(final String fqn) throws PrivilegedActionException
+ {
+ return (Class) AccessController.doPrivileged(new PrivilegedExceptionAction()
+ {
+ public Object run() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ return tcl.loadClass(fqn);
+ }
+ });
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationFileNullException.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationFileNullException.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationFileNullException.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,52 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.exceptions;
+
+/**
+ * Exception indicating that the configuration file passed is null
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 22, 2010
+ */
+public class ConfigurationFileNullException extends IllegalArgumentException
+{
+ private static final long serialVersionUID = 1L;
+
+ public ConfigurationFileNullException()
+ {
+ super();
+ }
+
+ public ConfigurationFileNullException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+
+ public ConfigurationFileNullException(String s)
+ {
+ super(s);
+ }
+
+ public ConfigurationFileNullException(Throwable cause)
+ {
+ super(cause);
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationParsingException.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationParsingException.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationParsingException.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,53 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.exceptions;
+
+/**
+ * Indicates parsing exception during configuration parsing
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 25, 2010
+ */
+public class ConfigurationParsingException extends IllegalStateException
+{
+ private static final long serialVersionUID = 1L;
+
+ public ConfigurationParsingException()
+ {
+ super();
+ }
+
+ public ConfigurationParsingException(String arg0, Throwable arg1)
+ {
+ super(arg0, arg1);
+ }
+
+ public ConfigurationParsingException(String arg0)
+ {
+ super(arg0);
+ }
+
+ public ConfigurationParsingException(Throwable arg0)
+ {
+ super(arg0);
+ }
+
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationStreamNullException.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationStreamNullException.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/exceptions/ConfigurationStreamNullException.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,52 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.exceptions;
+
+/**
+ * Exception indicating the Configuration {@code java.io.InputStream} is null
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 22, 2010
+ */
+public class ConfigurationStreamNullException extends IllegalArgumentException
+{
+ private static final long serialVersionUID = 1L;
+
+ public ConfigurationStreamNullException()
+ {
+ super();
+ }
+
+ public ConfigurationStreamNullException(String arg0, Throwable arg1)
+ {
+ super(arg0, arg1);
+ }
+
+ public ConfigurationStreamNullException(String arg0)
+ {
+ super(arg0);
+ }
+
+ public ConfigurationStreamNullException(Throwable arg0)
+ {
+ super(arg0);
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/factories/SecurityActions.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/factories/SecurityActions.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/factories/SecurityActions.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,71 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.factories;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since November 19, 2008
+ */
+class SecurityActions
+{
+
+ @SuppressWarnings("unchecked")
+ static ClassLoader getContextClassLoader() throws PrivilegedActionException
+ {
+ return (ClassLoader) AccessController.doPrivileged(new PrivilegedExceptionAction()
+ {
+ public Object run() throws Exception
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ static String getSystemProperty(final String key, final String defaultValue)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty(key, defaultValue);
+ }
+ });
+ }
+
+ static void setSystemProperty(final String key, final String value)
+ {
+ AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ public Object run()
+ {
+ System.setProperty(key, value);
+ return null;
+ }
+ });
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/factories/SecurityFactory.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/factories/SecurityFactory.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/factories/SecurityFactory.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,128 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.factories;
+
+import java.net.URL;
+
+import javax.security.auth.login.Configuration;
+
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.AuthorizationManager;
+import org.jboss.security.ISecurityManagement;
+import org.jboss.security.audit.AuditManager;
+import org.jboss.security.config.ApplicationPolicyRegistration;
+import org.jboss.security.config.StandaloneConfiguration;
+import org.picketbox.plugins.PicketBoxSecurityManagement;
+
+/**
+ * Security Factory
+ * This is the main factory for PicketBox
+ *
+ * Two methods that are important are {@link #prepare()} and {@link #release()}
+ * <a href="mailto:anil.saldhana at redhat.com>Anil Saldhana</a>
+ */
+public class SecurityFactory
+{
+ private static ISecurityManagement securityManagement = new PicketBoxSecurityManagement();
+
+ private static Configuration parentConfiguration = null;
+
+ static
+ {
+ try
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ URL configLocation = tcl.getResource("auth.conf");
+ String prop = "java.security.auth.login.config";
+ if(SecurityActions.getSystemProperty(prop, null) == null)
+ SecurityActions.setSystemProperty(prop, configLocation.toExternalForm());
+
+ parentConfiguration = Configuration.getConfiguration();
+ }
+ catch(Exception e)
+ {
+ throw new RuntimeException("Unable to init SecurityFactory:", e);
+ }
+ }
+
+ private static StandaloneConfiguration standaloneConfiguration = StandaloneConfiguration.getInstance();
+
+ public static AuthenticationManager getAuthenticationManager(String securityDomain)
+ {
+ validate();
+ return securityManagement.getAuthenticationManager(securityDomain);
+ }
+
+ public static AuthorizationManager getAuthorizationManager(String securityDomain)
+ {
+ validate();
+ return securityManagement.getAuthorizationManager(securityDomain);
+ }
+
+ public static AuditManager getAuditManager(String securityDomain)
+ {
+ validate();
+ return securityManagement.getAuditManager(securityDomain);
+ }
+
+ public static ISecurityManagement getSecurityManagement()
+ {
+ return securityManagement;
+ }
+
+ public static void setSecurityManagement(ISecurityManagement iSecurityManagement)
+ {
+ securityManagement = iSecurityManagement;
+ }
+
+ /**
+ * Prepare for security operations. One of the operations
+ * that is undertaken is to establish the JAAS {@code Configuration}
+ * that uses our xml based configuration.
+ * @see #release() to release the configuration
+ */
+ public static void prepare()
+ {
+ if(Configuration.getConfiguration() instanceof ApplicationPolicyRegistration == false)
+ {
+ standaloneConfiguration.setParentConfig(parentConfiguration);
+ Configuration.setConfiguration(standaloneConfiguration);
+ }
+ }
+
+ /**
+ * Will release anything that was done during {@link #prepare()} step
+ */
+ public static void release()
+ {
+ Configuration config = Configuration.getConfiguration();
+ if(config == standaloneConfiguration)
+ {
+ Configuration.setConfiguration(parentConfiguration); //Set back the previously valid configuration
+ }
+ }
+
+ private static void validate()
+ {
+ assert(securityManagement != null);
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/handlers/HandlerContract.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/handlers/HandlerContract.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/handlers/HandlerContract.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,38 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.handlers;
+
+import java.security.Principal;
+
+/**
+ * Basic contract expected of callback handlers
+ * <a href="mailto:anil.saldhana at redhat.com>Anil Saldhana</a>
+ */
+public interface HandlerContract
+{
+ /**
+ * Set the security context
+ * @param principal Principal to be used
+ * @param credential Credential to be used
+ */
+ void setSecurityInfo(Principal principal, Object credential);
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/PicketBoxCallbackHandler.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/PicketBoxCallbackHandler.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/PicketBoxCallbackHandler.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,96 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.plugins;
+
+import java.io.IOException;
+import java.security.Principal;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.jboss.security.auth.callback.ObjectCallback;
+import org.picketbox.handlers.HandlerContract;
+
+/**
+ * Default Callbackhandler that primarily uses the {@link}HandlerContract
+ * for the Principal/Credential combination
+ * <a href="mailto:anil.saldhana at redhat.com>Anil Saldhana</a>
+ */
+public class PicketBoxCallbackHandler implements CallbackHandler, HandlerContract
+{
+ private Principal principal = null;
+ private Object credential = null;
+
+ /**
+ * @see CallbackHandler#handle(Callback[])
+ */
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException
+ {
+ int len = callbacks.length;
+ if(len > 0)
+ {
+ for(Callback cb: callbacks)
+ {
+ if(cb instanceof NameCallback)
+ {
+ NameCallback nameCallback = (NameCallback) cb;
+ nameCallback.setName(principal.getName());
+ }
+ else
+ if(cb instanceof ObjectCallback)
+ {
+ ((ObjectCallback)cb).setCredential(credential);
+ }
+ else
+ if(cb instanceof PasswordCallback)
+ {
+ char[] passwd = null;
+ if(credential instanceof String)
+ {
+ passwd = ((String)credential).toCharArray();
+ }
+ else if(credential instanceof char[])
+ {
+ passwd = (char[]) credential;
+ }
+ ((PasswordCallback)cb).setPassword(passwd);
+ }
+ else
+ throw new RuntimeException(getClass().getName() + " does not handle a callback of type " +
+ cb.getClass().getCanonicalName());
+ }
+ }
+ }
+
+ /**
+ * @see HandlerContract#setSecurityInfo(Principal, Object)
+ */
+ public void setSecurityInfo(Principal principal, Object credential)
+ {
+ this.principal = principal;
+ this.credential = credential;
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/PicketBoxSecurityManagement.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/PicketBoxSecurityManagement.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/PicketBoxSecurityManagement.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,86 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.plugins;
+
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.AuthorizationManager;
+import org.jboss.security.ISecurityManagement;
+import org.jboss.security.audit.AuditManager;
+import org.jboss.security.identitytrust.IdentityTrustManager;
+import org.jboss.security.mapping.MappingManager;
+import org.jboss.security.plugins.JBossAuthenticationManager;
+import org.jboss.security.plugins.JBossAuthorizationManager;
+import org.jboss.security.plugins.audit.JBossAuditManager;
+import org.jboss.security.plugins.identitytrust.JBossIdentityTrustManager;
+import org.jboss.security.plugins.mapping.JBossMappingManager;
+
+/**
+ * Default Implementation of the ISecurityManagement interface
+ * <a href="mailto:anil.saldhana at redhat.com>Anil Saldhana</a>
+ * @since May 29, 2008
+ */
+public class PicketBoxSecurityManagement implements ISecurityManagement
+{
+ /** */
+ private static final long serialVersionUID = 1L;
+
+ /**
+ * @see ISecurityManagement#getAuditManager(String)
+ */
+ public AuditManager getAuditManager(String securityDomain)
+ {
+ return new JBossAuditManager(securityDomain);
+ }
+
+ /**
+ * @see ISecurityManagement#getAuthenticationManager(String)
+ */
+ public AuthenticationManager getAuthenticationManager(String securityDomain)
+ {
+ return new JBossAuthenticationManager(securityDomain,
+ new PicketBoxCallbackHandler());
+ }
+
+ /**
+ * @see ISecurityManagement#getAuthorizationManager(String)
+ */
+ public AuthorizationManager getAuthorizationManager(String securityDomain)
+ {
+ return new JBossAuthorizationManager(securityDomain);
+ }
+
+ /**
+ * @see ISecurityManagement#getIdentityTrustManager(String)
+ */
+ public IdentityTrustManager getIdentityTrustManager(String securityDomain)
+ {
+ return new JBossIdentityTrustManager(securityDomain);
+ }
+
+ /**
+ * @see ISecurityManagement#getMappingManager(String)
+ */
+ public MappingManager getMappingManager(String securityDomain)
+ {
+ return new JBossMappingManager(securityDomain);
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/authorization/PicketBoxAuthorizationModule.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/authorization/PicketBoxAuthorizationModule.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/java/org/picketbox/plugins/authorization/PicketBoxAuthorizationModule.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,120 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.plugins.authorization;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.StringTokenizer;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+
+import org.jboss.security.authorization.AuthorizationContext;
+import org.jboss.security.authorization.AuthorizationException;
+import org.jboss.security.authorization.AuthorizationModule;
+import org.jboss.security.authorization.Resource;
+import org.jboss.security.identity.RoleGroup;
+
+/**
+ * Simple Authorization Module that authorizes users with
+ * the configured roles
+ * <a href="mailto:anil.saldhana at redhat.com>Anil Saldhana</a>
+ */
+public class PicketBoxAuthorizationModule implements AuthorizationModule
+{
+ private Set<String> rolesSet = new HashSet<String>();
+ private Subject subject = null;
+
+ public boolean abort() throws AuthorizationException
+ {
+ return true;
+ }
+
+ public int authorize(Resource resource)
+ {
+ Set<Principal> principals = subject.getPrincipals();
+ for(Principal p: principals)
+ {
+ if(p instanceof Group)
+ {
+ Group group = (Group) p;
+ if(group.getName().equalsIgnoreCase("Roles"))
+ {
+ Enumeration<? extends Principal> roles = group.members();
+ while(roles.hasMoreElements())
+ {
+ Principal role = roles.nextElement();
+ if(rolesSet.contains(role.getName()))
+ return AuthorizationContext.PERMIT;
+ }
+ }
+ }
+ }
+ return AuthorizationContext.DENY;
+ }
+
+ public boolean commit() throws AuthorizationException
+ {
+ return true;
+ }
+
+ public boolean destroy()
+ {
+ return true;
+ }
+
+
+ /**
+ * Initialize the module
+ *
+ * @param subject the authenticated subject
+ * @param handler CallbackHandler
+ * @param sharedState state shared with other configured modules
+ * @param options options specified in the Configuration
+ * for this particular module
+ * @param roles Roles of the subject
+ */
+ public void initialize(Subject subject, CallbackHandler handler,
+ Map<String,Object> sharedState, Map<String,Object> options, RoleGroup roles)
+ {
+ String configuredRoles = (String) options.get("roles");
+ getRoles(configuredRoles);
+ this.subject = subject;
+ }
+
+ /**
+ * Get the role names from the comma separated list of role names
+ * @param commaStr
+ */
+ private void getRoles(String commaStr)
+ {
+ StringTokenizer st = new StringTokenizer(commaStr, ",");
+ while(st.hasMoreTokens())
+ {
+ this.rolesSet.add(st.nextToken());
+ }
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/main/resources/auth.conf
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/main/resources/auth.conf (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/main/resources/auth.conf 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,6 @@
+// The common client side JAAS login config used by the security layer
+
+other {
+ org.jboss.security.ClientLoginModule required
+ ;
+};
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuditUnitTestCase.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuditUnitTestCase.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuditUnitTestCase.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,135 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.test.api;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.audit.AuditEvent;
+import org.jboss.security.audit.AuditLevel;
+import org.jboss.security.audit.AuditManager;
+import org.jboss.security.audit.AuditProvider;
+import org.picketbox.config.PicketBoxConfiguration;
+import org.picketbox.factories.SecurityFactory;
+
+/**
+ * Authentication Unit Tests
+ * <a href="mailto:anil.saldhana at redhat.com>Anil Saldhana</a>
+ * @since May 30, 2008
+ */
+public class AuditUnitTestCase extends TestCase
+{
+ private final String securityDomainName = "test";
+
+ public void testValidAuthentication() throws Exception
+ {
+ SecurityFactory.prepare();
+ try
+ {
+ String configFile = "config/audit.conf";
+ PicketBoxConfiguration idtrustConfig = new PicketBoxConfiguration();
+ idtrustConfig.load(configFile);
+
+ AuthenticationManager am = SecurityFactory.getAuthenticationManager(securityDomainName);
+ assertNotNull(am);
+
+ Subject subject = new Subject();
+ Principal principal = getPrincipal("anil");
+ Object credential = new String("pass");
+
+ boolean result = am.isValid(principal, credential, subject);
+ assertTrue("Valid Auth", result);
+ assertTrue("Subject has principals", subject.getPrincipals().size() > 0);
+
+ Map<String,Object> contextMap = new HashMap<String,Object>();
+ AuditEvent auditEvent = new AuditEvent(AuditLevel.SUCCESS,contextMap);
+ AuditManager auditManager = SecurityFactory.getAuditManager(securityDomainName);
+ auditManager.audit(auditEvent);
+ assertTrue("Audit Event is contained in the static map of Audit Provider",
+ TestAuditProvider.eventList.contains(auditEvent));
+ }
+ finally
+ {
+ SecurityFactory.release();
+ }
+ }
+
+ public void testInvalidAuthenticationAudit() throws Exception
+ {
+ SecurityFactory.prepare();
+ try
+ {
+ String configFile = "config/audit.conf";
+ PicketBoxConfiguration idtrustConfig = new PicketBoxConfiguration();
+ idtrustConfig.load(configFile);
+
+ AuthenticationManager am = SecurityFactory.getAuthenticationManager(securityDomainName);
+ assertNotNull(am);
+
+ Principal principal = getPrincipal("anil");
+ Object credential = new String("BADGUY");
+
+ boolean result = am.isValid(principal, credential);
+ assertFalse("Valid Auth", result);
+ Map<String,Object> contextMap = new HashMap<String,Object>();
+ contextMap.put("Message:", "Auth Failure for "+principal);
+ AuditEvent auditEvent = new AuditEvent(AuditLevel.FAILURE, contextMap);
+ AuditManager auditManager = SecurityFactory.getAuditManager(securityDomainName);
+ auditManager.audit(auditEvent);
+ assertTrue("Audit Event is contained in the static map of Audit Provider",
+ TestAuditProvider.eventList.contains(auditEvent));
+ }
+ finally
+ {
+ SecurityFactory.release();
+ }
+ }
+
+ private Principal getPrincipal(final String name)
+ {
+ return new Principal()
+ {
+ public String getName()
+ {
+ return name;
+ }
+ };
+ }
+
+ public static class TestAuditProvider implements AuditProvider
+ {
+ public static List<AuditEvent> eventList = new ArrayList<AuditEvent>();
+
+ public void audit(AuditEvent auditEvent)
+ {
+ eventList.add(auditEvent);
+ }
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuthenticationUnitTestCase.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuthenticationUnitTestCase.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuthenticationUnitTestCase.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,106 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.test.api;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.AuthenticationManager;
+import org.picketbox.config.PicketBoxConfiguration;
+import org.picketbox.factories.SecurityFactory;
+
+/**
+ * Authentication Unit Tests
+ * <a href="mailto:anil.saldhana at redhat.com>Anil Saldhana</a>
+ * @since May 30, 2008
+ */
+public class AuthenticationUnitTestCase extends TestCase
+{
+ private final String securityDomainName = "test";
+
+ public void testValidAuthentication() throws Exception
+ {
+ SecurityFactory.prepare();
+ try
+ {
+
+ String configFile = "config/authentication.conf";
+ PicketBoxConfiguration idtrustConfig = new PicketBoxConfiguration();
+ idtrustConfig.load(configFile);
+
+ AuthenticationManager am = SecurityFactory.getAuthenticationManager(securityDomainName);
+ assertNotNull(am);
+
+ Subject subject = new Subject();
+ Principal principal = getPrincipal("anil");
+ Object credential = new String("pass");
+
+ boolean result = am.isValid(principal, credential);
+ assertTrue("Valid Auth", result);
+ result = am.isValid(principal, credential, subject);
+ assertTrue("Valid Auth", result);
+ assertTrue("Subject has principals", subject.getPrincipals().size() > 0);
+ }
+ finally
+ {
+ SecurityFactory.release();
+ }
+ }
+
+ public void testInvalidAuthentication() throws Exception
+ {
+ SecurityFactory.prepare();
+ try
+ {
+ String configFile = "config/authentication.conf";
+ PicketBoxConfiguration idtrustConfig = new PicketBoxConfiguration();
+ idtrustConfig.load(configFile);
+
+ AuthenticationManager am = SecurityFactory.getAuthenticationManager(securityDomainName);
+ assertNotNull(am);
+
+ Principal principal = getPrincipal("anil");
+ Object credential = new String("BADGUY");
+
+ boolean result = am.isValid(principal, credential);
+ assertFalse("Valid Auth", result);
+ }
+ finally
+ {
+ SecurityFactory.release();
+ }
+ }
+
+ private Principal getPrincipal(final String name)
+ {
+ return new Principal()
+ {
+ public String getName()
+ {
+ return name;
+ }
+ };
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuthorizationUnitTestCase.java
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuthorizationUnitTestCase.java (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/test/java/org/picketbox/test/api/AuthorizationUnitTestCase.java 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,138 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.test.api;
+
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.AuthorizationManager;
+import org.jboss.security.authorization.AuthorizationContext;
+import org.jboss.security.authorization.Resource;
+import org.jboss.security.authorization.ResourceType;
+import org.picketbox.config.PicketBoxConfiguration;
+import org.picketbox.factories.SecurityFactory;
+
+/**
+ * Authorization Unit Tests
+ * <a href="mailto:anil.saldhana at redhat.com>Anil Saldhana</a>
+ * @since May 31, 2008
+ */
+public class AuthorizationUnitTestCase extends TestCase
+{
+ private final String securityDomainName = "test";
+ private final String configFile = "config/authorization.conf";
+
+ public void testValidAuthorization() throws Exception
+ {
+ SecurityFactory.prepare();
+ try
+ {
+ PicketBoxConfiguration idtrustConfig = new PicketBoxConfiguration();
+ idtrustConfig.load(configFile);
+
+ AuthenticationManager am = SecurityFactory.getAuthenticationManager(securityDomainName);
+ assertNotNull(am);
+
+ Subject subject = new Subject();
+ Principal principal = getPrincipal("anil");
+ Object credential = new String("pass");
+
+ boolean result = am.isValid(principal, credential, subject);
+ assertTrue("Valid Auth", result);
+ assertTrue("Subject has principals", subject.getPrincipals().size() > 0);
+
+ AuthorizationManager authzM = SecurityFactory.getAuthorizationManager(securityDomainName);
+ assertNotNull(authzM);
+ Resource resource = getResource();
+ int decision = authzM.authorize(resource, subject);
+ assertTrue(decision == AuthorizationContext.PERMIT);
+ }
+ finally
+ {
+ SecurityFactory.release();
+ }
+ }
+
+ public void testInvalidAuthorization() throws Exception
+ {
+ SecurityFactory.prepare();
+ try
+ {
+ PicketBoxConfiguration idtrustConfig = new PicketBoxConfiguration();
+ idtrustConfig.load(configFile);
+
+ AuthenticationManager am = SecurityFactory.getAuthenticationManager(securityDomainName);
+ assertNotNull(am);
+
+ Subject subject = new Subject();
+ Principal principal = getPrincipal("anil");
+ Object credential = new String("pass");
+
+ boolean result = am.isValid(principal, credential, subject);
+ assertTrue("Valid Auth", result);
+ assertTrue("Subject has principals", subject.getPrincipals().size() > 0);
+
+ AuthorizationManager authzM = SecurityFactory.getAuthorizationManager(securityDomainName);
+ assertNotNull(authzM);
+ Resource resource = getResource();
+ int decision = authzM.authorize(resource, subject);
+ assertTrue(decision == AuthorizationContext.PERMIT);
+ }
+ finally
+ {
+ SecurityFactory.release();
+ }
+ }
+
+ private Principal getPrincipal(final String name)
+ {
+ return new Principal()
+ {
+ public String getName()
+ {
+ return name;
+ }
+ };
+ }
+
+ private Resource getResource()
+ {
+ return new Resource()
+ {
+ public ResourceType getLayer()
+ {
+ return ResourceType.IDTRUST;
+ }
+
+ public Map<String, Object> getMap()
+ {
+ return new HashMap<String,Object>();
+ }
+ };
+ }
+}
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/test/resources/config/audit.conf
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/test/resources/config/audit.conf (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/test/resources/config/audit.conf 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,17 @@
+<?xml version='1.0'?>
+
+<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:security-config:5.0"
+ xmlns="urn:jboss:security-config:5.0"
+ xmlns:jbxb="urn:jboss:security-config:5.0">
+ <application-policy name = "test">
+ <authentication>
+ <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required">
+ </login-module>
+ </authentication>
+ <audit>
+ <provider-module code="org.picketbox.test.api.AuditUnitTestCase$TestAuditProvider"/>
+ </audit>
+ </application-policy>
+</policy>
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/test/resources/config/authentication.conf
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/test/resources/config/authentication.conf (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/test/resources/config/authentication.conf 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,14 @@
+<?xml version='1.0'?>
+
+<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:security-config:5.0"
+ xmlns="urn:jboss:security-config:5.0"
+ xmlns:jbxb="urn:jboss:security-config:5.0">
+ <application-policy name = "test">
+ <authentication>
+ <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required">
+ </login-module>
+ </authentication>
+ </application-policy>
+</policy>
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/test/resources/config/authorization.conf
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/test/resources/config/authorization.conf (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/test/resources/config/authorization.conf 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1,23 @@
+<?xml version='1.0'?>
+
+<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:security-config:5.0"
+ xmlns="urn:jboss:security-config:5.0"
+ xmlns:jbxb="urn:jboss:security-config:5.0">
+ <application-policy name = "test">
+ <authentication>
+ <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required">
+ <module-option name = "name">1.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ <authorization>
+ <policy-module
+ code="org.picketbox.plugins.authorization.PicketBoxAuthorizationModule">
+ <module-option name="roles">validuser</module-option>
+ </policy-module>
+ </authorization>
+ </application-policy>
+</policy>
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/test/resources/defaultRoles.properties
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/test/resources/defaultRoles.properties (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/test/resources/defaultRoles.properties 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1 @@
+anil=validuser
\ No newline at end of file
Added: projects/security/picketbox/fresh/picketbox/src/test/resources/defaultUsers.properties
===================================================================
--- projects/security/picketbox/fresh/picketbox/src/test/resources/defaultUsers.properties (rev 0)
+++ projects/security/picketbox/fresh/picketbox/src/test/resources/defaultUsers.properties 2010-01-25 18:10:24 UTC (rev 99913)
@@ -0,0 +1 @@
+anil=pass
\ No newline at end of file
Modified: projects/security/picketbox/fresh/pom.xml
===================================================================
--- projects/security/picketbox/fresh/pom.xml 2010-01-25 18:08:59 UTC (rev 99912)
+++ projects/security/picketbox/fresh/pom.xml 2010-01-25 18:10:24 UTC (rev 99913)
@@ -10,5 +10,6 @@
<modules>
<module>security-spi</module>
<module>security-jboss-sx</module>
+ <module>picketbox</module>
</modules>
</project>
More information about the jboss-cvs-commits
mailing list