[jboss-identity-commits] JBoss Identity SVN: r209 - in identity-federation/trunk/identity-fed-core/src/test: resources and 1 other directories.
jboss-identity-commits at lists.jboss.org
jboss-identity-commits at lists.jboss.org
Thu Jan 8 17:56:03 EST 2009
Author: anil.saldhana at jboss.com
Date: 2009-01-08 17:56:03 -0500 (Thu, 08 Jan 2009)
New Revision: 209
Added:
identity-federation/trunk/identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/SAMLXACMLUnitTestCase.java
identity-federation/trunk/identity-fed-core/src/test/resources/saml-xacml/
identity-federation/trunk/identity-fed-core/src/test/resources/saml-xacml/saml-xacml-request-2.xml
identity-federation/trunk/identity-fed-core/src/test/resources/saml-xacml/saml-xacml-request.xml
Log:
handle xacml
Added: identity-federation/trunk/identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/SAMLXACMLUnitTestCase.java
===================================================================
--- identity-federation/trunk/identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/SAMLXACMLUnitTestCase.java (rev 0)
+++ identity-federation/trunk/identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/util/SAMLXACMLUnitTestCase.java 2009-01-08 22:56:03 UTC (rev 209)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.core.util;
+
+import java.io.InputStream;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Unmarshaller;
+
+import junit.framework.TestCase;
+
+import org.jboss.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
+import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
+import org.jboss.security.xacml.core.model.context.RequestType;
+
+/**
+ * Read a SAML-XACML request
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 8, 2009
+ */
+public class SAMLXACMLUnitTestCase extends TestCase
+{
+ @SuppressWarnings("unchecked")
+ /**
+ * Usage of samlp with xsi-type
+ */
+ public void testSAML_XACML_Read() throws Exception
+ {
+ String resourceName = "saml-xacml/saml-xacml-request.xml";
+ String samlPath = "org.jboss.identity.federation.saml.v2.protocol";
+ String xacmlPath = "org.jboss.security.xacml.core.model.context";
+ String xsAssert = "org.jboss.identity.federation.saml.v2.profiles.xacml.assertion";
+ String xsProto = "org.jboss.identity.federation.saml.v2.profiles.xacml.protocol";
+ String path = samlPath + ":" + xacmlPath + ":" + xsAssert + ":" + xsProto;
+
+ JAXBContext jaxb = JAXBContext.newInstance(path);
+ Unmarshaller un = jaxb.createUnmarshaller();
+
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream is = tcl.getResourceAsStream(resourceName);
+
+ un.setEventHandler(new javax.xml.bind.helpers.DefaultValidationEventHandler());
+
+ JAXBElement<RequestAbstractType> jaxbRequestType = (JAXBElement<RequestAbstractType>) un.unmarshal(is);
+ RequestAbstractType req = jaxbRequestType.getValue();
+ assertNotNull(req);
+ assertTrue( req instanceof XACMLAuthzDecisionQueryType);
+
+ XACMLAuthzDecisionQueryType xadqt = (XACMLAuthzDecisionQueryType) req;
+ RequestType requestType = xadqt.getRequest();
+ assertNotNull(requestType);
+ }
+
+ @SuppressWarnings("unchecked")
+ /**
+ * Usage of xacml-samlp
+ */
+ public void testSAML_XACML_Read_2() throws Exception
+ {
+ String resourceName = "saml-xacml/saml-xacml-request-2.xml";
+ String samlPath = "org.jboss.identity.federation.saml.v2.protocol";
+ String xacmlPath = "org.jboss.security.xacml.core.model.context";
+ String xsAssert = "org.jboss.identity.federation.saml.v2.profiles.xacml.assertion";
+ String xsProto = "org.jboss.identity.federation.saml.v2.profiles.xacml.protocol";
+ String path = samlPath + ":" + xacmlPath + ":" + xsAssert + ":" + xsProto;
+
+ JAXBContext jaxb = JAXBContext.newInstance(path);
+ Unmarshaller un = jaxb.createUnmarshaller();
+
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream is = tcl.getResourceAsStream(resourceName);
+
+ un.setEventHandler(new javax.xml.bind.helpers.DefaultValidationEventHandler());
+
+ JAXBElement<RequestAbstractType> jaxbRequestType = (JAXBElement<RequestAbstractType>) un.unmarshal(is);
+ RequestAbstractType req = jaxbRequestType.getValue();
+ assertNotNull(req);
+ assertTrue( req instanceof XACMLAuthzDecisionQueryType);
+
+ XACMLAuthzDecisionQueryType xadqt = (XACMLAuthzDecisionQueryType) req;
+ RequestType requestType = xadqt.getRequest();
+ assertNotNull(requestType);
+ }
+}
\ No newline at end of file
Added: identity-federation/trunk/identity-fed-core/src/test/resources/saml-xacml/saml-xacml-request-2.xml
===================================================================
--- identity-federation/trunk/identity-fed-core/src/test/resources/saml-xacml/saml-xacml-request-2.xml (rev 0)
+++ identity-federation/trunk/identity-fed-core/src/test/resources/saml-xacml/saml-xacml-request-2.xml 2009-01-08 22:56:03 UTC (rev 209)
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xacml-samlp:XACMLAuthzDecisionQuery
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+xmlns:xacml-samlp="urn:oasis:xacml:2.0:saml:protocol:schema:os"
+xacml-samlp:InputContextOnly="true"
+xacml-samlp:ReturnContext="true"
+ID="s2846efb514a944cc3dc5b65ed8a76dde449787617" Version="2.0"
+IssueInstant="2008-03-19T22:18:42Z" Destination="destination-uri">
+<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">vaPepEntity</saml:Issuer>
+<xacml-context:Request
+ xmlns="urn:oasis:names:tc:xacml:2.0:context:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:context:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd">
+ <!-- **************************************************************** -->
+ <!-- Test case 1-01: Should be Perm: Dr A has all reqd perms -->
+ <!-- **************************************************************** -->
+
+ <!-- Sample request. In this case a physician is trying to access -->
+ <!-- The medical record of a patient. The record has been marked -->
+ <!-- with both the CDA and N confidentiality codes and -->
+ <!-- there is a registered consent for the record. -->
+ <xacml-context:Subject>
+ <xacml-context:Attribute
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>Dr. Alice</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-003</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-005</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-006</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-009</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-010</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-012</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-017</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ </xacml-context:Subject>
+ <xacml-context:Resource>
+ <xacml-context:Attribute
+ AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>Anthony Gurrola</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-003</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-005</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-006</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-009</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-010</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-012</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-017</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:confidentiality-code"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>xxx-DummyConfCode</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:dissented-subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>Dr. Alice</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:medical-record</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ </xacml-context:Resource>
+ <xacml-context:Action/>
+ <xacml-context:Environment>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:environment:locality"
+ DataType="http://www.w3.org/2001/XMLSchema#string" >
+ <xacml-context:AttributeValue>Facility A</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ </xacml-context:Environment>
+</xacml-context:Request>
+</xacml-samlp:XACMLAuthzDecisionQuery>
\ No newline at end of file
Added: identity-federation/trunk/identity-fed-core/src/test/resources/saml-xacml/saml-xacml-request.xml
===================================================================
--- identity-federation/trunk/identity-fed-core/src/test/resources/saml-xacml/saml-xacml-request.xml (rev 0)
+++ identity-federation/trunk/identity-fed-core/src/test/resources/saml-xacml/saml-xacml-request.xml 2009-01-08 22:56:03 UTC (rev 209)
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<samlp:RequestAbstract xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+xsi:type="xacml-samlp:XACMLAuthzDecisionQueryType"
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+xmlns:xacml-samlp="urn:oasis:xacml:2.0:saml:protocol:schema:os"
+xacml-samlp:InputContextOnly="true"
+xacml-samlp:ReturnContext="true"
+ID="s2846efb514a944cc3dc5b65ed8a76dde449787617" Version="2.0"
+IssueInstant="2008-03-19T22:18:42Z" Destination="destination-uri">
+<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">vaPepEntity</saml:Issuer>
+<xacml-context:Request
+ xmlns="urn:oasis:names:tc:xacml:2.0:context:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:context:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd">
+ <!-- **************************************************************** -->
+ <!-- Test case 1-01: Should be Perm: Dr A has all reqd perms -->
+ <!-- **************************************************************** -->
+
+ <!-- Sample request. In this case a physician is trying to access -->
+ <!-- The medical record of a patient. The record has been marked -->
+ <!-- with both the CDA and N confidentiality codes and -->
+ <!-- there is a registered consent for the record. -->
+ <xacml-context:Subject>
+ <xacml-context:Attribute
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>Dr. Alice</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-003</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-005</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-006</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-009</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-010</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-012</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-017</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ </xacml-context:Subject>
+ <xacml-context:Resource>
+ <xacml-context:Attribute
+ AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>Anthony Gurrola</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:permission"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-003</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-005</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-006</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-009</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-010</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-012</xacml-context:AttributeValue>
+ <xacml-context:AttributeValue>urn:va:xacml:2.0:interop:rsa8:hl7:prd-017</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:confidentiality-code"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>xxx-DummyConfCode</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:dissented-subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue>Dr. Alice</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:resource:hl7:type"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <xacml-context:AttributeValue
+ >urn:va:xacml:2.0:interop:rsa8:resource:hl7:medical-record</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ </xacml-context:Resource>
+ <xacml-context:Action/>
+ <xacml-context:Environment>
+ <xacml-context:Attribute
+ AttributeId="urn:va:xacml:2.0:interop:rsa8:environment:locality"
+ DataType="http://www.w3.org/2001/XMLSchema#string" >
+ <xacml-context:AttributeValue>Facility A</xacml-context:AttributeValue>
+ </xacml-context:Attribute>
+ </xacml-context:Environment>
+</xacml-context:Request>
+</samlp:RequestAbstract>
\ No newline at end of file
More information about the jboss-identity-commits
mailing list