[teiid-commits] teiid SVN: r1067 - in trunk: common-core/src/main/java/com/metamatrix/common/util and 47 other directories.
teiid-commits at lists.jboss.org
teiid-commits at lists.jboss.org
Thu Jun 18 12:08:35 EDT 2009
Author: shawkins
Date: 2009-06-18 12:08:34 -0400 (Thu, 18 Jun 2009)
New Revision: 1067
Added:
trunk/embedded/src/main/java/com/metamatrix/platform/
trunk/embedded/src/main/java/com/metamatrix/platform/PlatformPlugin.java
trunk/embedded/src/main/java/com/metamatrix/platform/security/
trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/
trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/service/
trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/service/AuthorizationServiceImpl.java
trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/spi/
trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/spi/AuthorizationSourceException.java
trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/
trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/service/
trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/service/MembershipServiceImpl.java
trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/
trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/MembershipDomain.java
trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/MembershipSourceException.java
trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/file/
trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/file/FileMembershipDomain.java
trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/ldap/
trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/ldap/LDAPMembershipDomain.java
trunk/embedded/src/main/java/com/metamatrix/platform/security/session/
trunk/embedded/src/main/java/com/metamatrix/platform/security/session/service/
trunk/embedded/src/main/java/com/metamatrix/platform/security/session/service/SessionServiceImpl.java
trunk/embedded/src/main/java/com/metamatrix/platform/util/
trunk/embedded/src/main/java/com/metamatrix/platform/util/ErrorMessageKeys.java
trunk/embedded/src/main/java/com/metamatrix/platform/util/LogMessageKeys.java
trunk/embedded/src/main/resources/com/metamatrix/platform/
trunk/embedded/src/main/resources/com/metamatrix/platform/i18n.properties
trunk/embedded/src/test/java/com/metamatrix/platform/
trunk/embedded/src/test/java/com/metamatrix/platform/security/
trunk/embedded/src/test/java/com/metamatrix/platform/security/api/
trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationObjectEditor.java
trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyFactory.java
trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyID.java
trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationRealm.java
trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestBasicAuthorizationPermission.java
trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestStandardAuthorizationActions.java
trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/
trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/service/
trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/service/TestMembershipServiceImpl.java
trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/
trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/file/
trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/file/TestFileMembershipDomain.java
trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/ldap/
trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/ldap/TestLDAPMembershipDomainConfiguration.java
trunk/embedded/src/test/java/com/metamatrix/platform/security/session/
trunk/embedded/src/test/java/com/metamatrix/platform/security/session/service/
trunk/embedded/src/test/java/com/metamatrix/platform/security/session/service/TestSessionServiceImpl.java
trunk/embedded/src/test/resources/groups.properties
trunk/embedded/src/test/resources/permissions.xml
trunk/embedded/src/test/resources/permissions2.xml
trunk/embedded/src/test/resources/users.properties
trunk/engine/src/main/java/com/metamatrix/platform/
trunk/engine/src/main/java/com/metamatrix/platform/security/
trunk/engine/src/main/java/com/metamatrix/platform/security/api/
trunk/engine/src/main/java/com/metamatrix/platform/security/api/MetaMatrixSessionInfo.java
trunk/engine/src/main/java/com/metamatrix/platform/security/api/UserEntitlementInfo.java
trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/
trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthenticationToken.java
trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthorizationServiceInterface.java
trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthorizationServicePropertyNames.java
trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/FailedAuthenticationToken.java
trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/MembershipServiceInterface.java
trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SessionServiceInterface.java
trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SuccessfulAuthenticationToken.java
trunk/engine/src/main/java/com/metamatrix/server/util/
trunk/engine/src/main/java/com/metamatrix/server/util/ServerAuditContexts.java
Modified:
trunk/client-jdbc/src/main/java/com/metamatrix/jdbc/EmbeddedDataSource.java
trunk/common-core/src/main/java/com/metamatrix/common/util/PropertiesUtils.java
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPolicyFactory.java
trunk/embedded/src/main/java/com/metamatrix/dqp/embedded/services/EmbeddedMetadataService.java
trunk/embedded/src/main/java/com/metamatrix/dqp/embedded/services/EmbeddedVDBService.java
trunk/embedded/src/main/java/com/metamatrix/jdbc/EmbeddedConnectionFactoryImpl.java
trunk/embedded/src/test/java/com/metamatrix/dqp/embedded/services/TestEmbeddedVDBService.java
trunk/engine/src/main/java/com/metamatrix/common/application/exception/ApplicationInitializationException.java
trunk/engine/src/main/java/com/metamatrix/dqp/service/VDBService.java
trunk/engine/src/main/java/org/teiid/dqp/internal/process/validator/AuthorizationValidationVisitor.java
trunk/engine/src/test/java/com/metamatrix/dqp/service/FakeVDBService.java
trunk/metadata/src/main/java/com/metamatrix/dqp/service/metadata/IndexMetadataService.java
trunk/metadata/src/test/java/com/metamatrix/connector/metadata/index/FakeVDBService.java
trunk/metadata/src/test/java/com/metamatrix/dqp/service/metadata/TestIndexMetadataService.java
trunk/server/src/main/java/com/metamatrix/server/dqp/service/PlatformVDBService.java
Log:
TEIID-663 TEIID-664 TEIID-665 TEIID-666 adding initial ports of services to embedded. these are not yet wired in for use and there is no concept yet of admin roles.
Modified: trunk/client-jdbc/src/main/java/com/metamatrix/jdbc/EmbeddedDataSource.java
===================================================================
--- trunk/client-jdbc/src/main/java/com/metamatrix/jdbc/EmbeddedDataSource.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/client-jdbc/src/main/java/com/metamatrix/jdbc/EmbeddedDataSource.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -34,8 +34,6 @@
*/
public class EmbeddedDataSource extends BaseDataSource {
- public static final String USE_LATEST_VDB_VERSION = "useLatestVDBVersion"; //$NON-NLS-1$
-
//*************************** EmbeddedDataSource Specific Properties
/**
* configFile -
Modified: trunk/common-core/src/main/java/com/metamatrix/common/util/PropertiesUtils.java
===================================================================
--- trunk/common-core/src/main/java/com/metamatrix/common/util/PropertiesUtils.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/common-core/src/main/java/com/metamatrix/common/util/PropertiesUtils.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -30,6 +30,8 @@
import java.io.InputStream;
import java.io.PrintStream;
import java.lang.reflect.Method;
+import java.net.MalformedURLException;
+import java.net.URL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
@@ -40,6 +42,7 @@
import java.util.Properties;
import com.metamatrix.common.properties.UnmodifiableProperties;
+import com.metamatrix.common.protocol.URLHelper;
import com.metamatrix.core.CorePlugin;
import com.metamatrix.core.MetaMatrixRuntimeException;
import com.metamatrix.core.util.ArgCheck;
@@ -440,6 +443,21 @@
}
}
}
+
+ public static Properties loadFromURL(String url) throws MalformedURLException, IOException {
+ Properties result = new Properties();
+ InputStream is = null;
+ try {
+ URL file = URLHelper.buildURL(url);
+ is = file.openStream();
+ result.load(is);
+ } finally {
+ if (is != null) {
+ is.close();
+ }
+ }
+ return result;
+ }
public static Properties loadAsResource(Class clazz, String resourceName) throws IOException {
InputStream is = null;
Modified: trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPolicyFactory.java
===================================================================
--- trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPolicyFactory.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPolicyFactory.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -80,7 +80,7 @@
StandardAuthorizationActions.DATA_READ_LABEL,
};
- public static Collection buildPolicies(String vdbName, String vdbVersion, char[] xmlContents)
+ public static Collection<AuthorizationPolicy> buildPolicies(String vdbName, String vdbVersion, char[] xmlContents)
throws SAXException, IOException, ParserConfigurationException {
DOMBuilder builder = new DOMBuilder();
@@ -119,7 +119,7 @@
AuthorizationRealm realm = new AuthorizationRealm(vdbName, vdbVersion);
BasicAuthorizationPermissionFactory bapf = new BasicAuthorizationPermissionFactory();
- List result = new ArrayList();
+ List<AuthorizationPolicy> result = new ArrayList<AuthorizationPolicy>();
for (final Iterator iter = dataRoles.iterator(); iter.hasNext();) {
final Element role = (Element)iter.next();
@@ -179,15 +179,14 @@
return result;
}
- public static char[] exportPolicies(Collection roles) throws IOException {
+ public static char[] exportPolicies(Collection<AuthorizationPolicy> roles) throws IOException {
Document doc = new Document(new Element(REALM));
Element rolesElement = new Element(ROLES);
doc.getRootElement().addContent(rolesElement);
- for (final Iterator policiesIter = roles.iterator(); policiesIter.hasNext();) {
- final AuthorizationPolicy policy = (AuthorizationPolicy)policiesIter.next();
+ for (AuthorizationPolicy policy : roles) {
AuthorizationPolicyID policyId = policy.getAuthorizationPolicyID();
Element roleElement = new Element(DATA_ROLE);
Modified: trunk/embedded/src/main/java/com/metamatrix/dqp/embedded/services/EmbeddedMetadataService.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/dqp/embedded/services/EmbeddedMetadataService.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/embedded/src/main/java/com/metamatrix/dqp/embedded/services/EmbeddedMetadataService.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -22,6 +22,7 @@
package com.metamatrix.dqp.embedded.services;
+import java.io.IOException;
import java.util.Properties;
import com.metamatrix.api.exception.MetaMatrixComponentException;
@@ -93,7 +94,11 @@
if(qmi == null) {
// First see if the vdbService can give the contents directly
VDBService vdbService = ((VDBService)lookupService(DQPServiceNames.VDB_SERVICE));
- return this.metadataCache.lookupMetadata(vdbName, vdbVersion, vdbService.getVDBResource(vdbName, vdbVersion));
+ try {
+ return this.metadataCache.lookupMetadata(vdbName, vdbVersion, vdbService.getVDB(vdbName, vdbVersion).getInputStream());
+ } catch (IOException e) {
+ throw new MetaMatrixComponentException(e);
+ }
}
return qmi;
}
Modified: trunk/embedded/src/main/java/com/metamatrix/dqp/embedded/services/EmbeddedVDBService.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/dqp/embedded/services/EmbeddedVDBService.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/embedded/src/main/java/com/metamatrix/dqp/embedded/services/EmbeddedVDBService.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -22,8 +22,6 @@
package com.metamatrix.dqp.embedded.services;
-import java.io.IOException;
-import java.io.InputStream;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
@@ -48,6 +46,9 @@
import com.metamatrix.dqp.embedded.DQPEmbeddedPlugin;
import com.metamatrix.dqp.service.VDBLifeCycleListener;
import com.metamatrix.dqp.service.VDBService;
+import com.metamatrix.jdbc.JDBCPlugin;
+import com.metamatrix.metadata.runtime.exception.VirtualDatabaseDoesNotExistException;
+import com.metamatrix.metadata.runtime.exception.VirtualDatabaseException;
import com.metamatrix.vdb.runtime.BasicModelInfo;
import com.metamatrix.vdb.runtime.BasicVDBDefn;
@@ -69,7 +70,7 @@
* @return vdb if one found; execption otherwise
* @since 4.3
*/
- VDBArchive getVDB(String vdbName, String vdbVersion)
+ public VDBArchive getVDB(String vdbName, String vdbVersion)
throws MetaMatrixComponentException {
VDBArchive vdb = getConfigurationService().getVDB(vdbName, vdbVersion);
// Make sure VDB is not null
@@ -195,19 +196,6 @@
}
/**
- * @see com.metamatrix.dqp.service.VDBService#getVDBResource(java.lang.String, java.lang.String)
- * @since 4.3
- */
- public InputStream getVDBResource(String vdbName, String vdbVersion) throws MetaMatrixComponentException {
- try {
- VDBArchive vdb = getVDB(vdbName, vdbVersion);
- return vdb.getInputStream();
- } catch (IOException e) {
- throw new MetaMatrixComponentException(e);
- }
- }
-
- /**
* @see com.metamatrix.dqp.service.VDBService#getMultiSourceModels(java.lang.String, java.lang.String)
* @since 4.3
*/
@@ -245,16 +233,6 @@
}
/**
- * @see com.metamatrix.dqp.service.VDBService#getVDBStatus(java.lang.String, java.lang.String)
- * @since 4.3
- */
- public int getVDBStatus(String vdbName, String vdbVersion)
- throws MetaMatrixComponentException {
- VDBArchive vdb = getVDB(vdbName, vdbVersion);
- return vdb.getStatus();
- }
-
- /**
* @see com.metamatrix.dqp.service.VDBService#changeVDBStatus(java.lang.String, java.lang.String, int)
* @since 4.3
*/
@@ -324,5 +302,34 @@
@Override
public void unloaded(String vdbName, String vdbVersion) {
this.contextCache.removeVDBScopedCache(vdbName, vdbVersion);
- }
+ }
+
+ @Override
+ public String getActiveVDBVersion(String vdbName, String vdbVersion) throws MetaMatrixComponentException, VirtualDatabaseException {
+ List<VDBArchive> vdbs = getAvailableVDBs();
+
+ // We are looking for the latest version find that now
+ if (vdbVersion == null) {
+ int latestVersion = 0;
+ for (VDBArchive vdb:vdbs) {
+ if(vdb.getName().equalsIgnoreCase(vdbName)) {
+ // Make sure the VDB Name and version number are the only parts of this vdb key
+ latestVersion = Math.max(latestVersion, Integer.parseInt(vdb.getVersion()));
+ }
+ }
+ if(latestVersion == 0) {
+ throw new VirtualDatabaseDoesNotExistException(DQPEmbeddedPlugin.Util.getString("VDBService.VDB_does_not_exist._2", vdbName, "latest")); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ vdbVersion = String.valueOf(latestVersion);
+ }
+
+ // This below call will load the VDB from configuration into VDB service
+ // if not already done so.
+ int status = getVDB(vdbName, vdbVersion).getStatus();
+ if (status != VDBStatus.ACTIVE) {
+ throw new VirtualDatabaseException(JDBCPlugin.Util.getString("VDBService.VDB_does_not_exist._2", vdbName, vdbVersion)); //$NON-NLS-1$
+ }
+ return vdbVersion;
+ }
+
}
Modified: trunk/embedded/src/main/java/com/metamatrix/jdbc/EmbeddedConnectionFactoryImpl.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/jdbc/EmbeddedConnectionFactoryImpl.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/embedded/src/main/java/com/metamatrix/jdbc/EmbeddedConnectionFactoryImpl.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -207,14 +207,14 @@
*/
private void checkConnectionProperties(Properties props) throws SQLException {
String vdbName = props.getProperty(BaseDataSource.VDB_NAME);
- String vdbVersion = props.getProperty(BaseDataSource.VDB_VERSION, EmbeddedDataSource.USE_LATEST_VDB_VERSION);
+ String vdbVersion = props.getProperty(BaseDataSource.VDB_VERSION);
try {
VDBService service = (VDBService)findService(DQPServiceNames.VDB_SERVICE);
List<VDBArchive> vdbs = service.getAvailableVDBs();
// We are looking for the latest version find that now
- if (vdbVersion.equals(EmbeddedDataSource.USE_LATEST_VDB_VERSION)) {
+ if (vdbVersion == null) {
vdbVersion = findLatestVersion(vdbName, vdbs);
}
@@ -222,7 +222,7 @@
// This below call will load the VDB from configuration into VDB service
// if not already done so.
- int status = service.getVDBStatus(vdbName, vdbVersion);
+ int status = service.getVDB(vdbName, vdbVersion).getStatus();
if (status != ACTIVE) {
throw new EmbeddedSQLException(JDBCPlugin.Util.getString("EmbeddedConnectionFactory.vdb_notactive", new Object[] {vdbName, vdbVersion})); //$NON-NLS-1$
}
@@ -250,7 +250,7 @@
if(latestVersion != 0) {
return String.valueOf(latestVersion);
}
- throw new EmbeddedSQLException(JDBCPlugin.Util.getString("EmbeddedConnectionFactory.vdb_notavailable", new Object[] {vdbName, EmbeddedDataSource.USE_LATEST_VDB_VERSION})); //$NON-NLS-1$
+ throw new EmbeddedSQLException(JDBCPlugin.Util.getString("EmbeddedConnectionFactory.vdb_notavailable", vdbName)); //$NON-NLS-1$
}
}
Added: trunk/embedded/src/main/java/com/metamatrix/platform/PlatformPlugin.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/PlatformPlugin.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/PlatformPlugin.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform;
+
+import java.util.ResourceBundle;
+
+import com.metamatrix.core.BundleUtil;
+
+/*
+ * TODO: remove me
+ *
+ */
+
+public class PlatformPlugin {
+
+ public static final String PLUGIN_ID = "com.metamatrix.platform" ; //$NON-NLS-1$
+ private static final String BUNDLE_NAME = PLUGIN_ID + ".i18n"; //$NON-NLS-1$
+ public static final BundleUtil Util = new BundleUtil(PLUGIN_ID,BUNDLE_NAME,ResourceBundle.getBundle(BUNDLE_NAME));
+
+
+}
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/PlatformPlugin.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/service/AuthorizationServiceImpl.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/service/AuthorizationServiceImpl.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/service/AuthorizationServiceImpl.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,511 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.authorization.service;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.teiid.dqp.internal.process.DQPWorkContext;
+import org.xml.sax.SAXException;
+
+import com.metamatrix.admin.api.exception.security.InvalidSessionException;
+import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException;
+import com.metamatrix.admin.api.server.AdminRoles;
+import com.metamatrix.api.exception.MetaMatrixComponentException;
+import com.metamatrix.api.exception.security.AuthorizationMgmtException;
+import com.metamatrix.api.exception.security.InvalidPrincipalException;
+import com.metamatrix.api.exception.security.MembershipServiceException;
+import com.metamatrix.common.application.ApplicationEnvironment;
+import com.metamatrix.common.application.exception.ApplicationInitializationException;
+import com.metamatrix.common.application.exception.ApplicationLifecycleException;
+import com.metamatrix.common.log.LogManager;
+import com.metamatrix.common.util.LogContextsUtil;
+import com.metamatrix.common.util.PropertiesUtils;
+import com.metamatrix.common.vdb.api.VDBArchive;
+import com.metamatrix.core.log.MessageLevel;
+import com.metamatrix.core.util.LRUCache;
+import com.metamatrix.dqp.service.AuditMessage;
+import com.metamatrix.dqp.service.AuthorizationService;
+import com.metamatrix.dqp.service.VDBService;
+import com.metamatrix.platform.PlatformPlugin;
+import com.metamatrix.platform.security.api.AuthorizationActions;
+import com.metamatrix.platform.security.api.AuthorizationPermission;
+import com.metamatrix.platform.security.api.AuthorizationPolicy;
+import com.metamatrix.platform.security.api.AuthorizationPolicyFactory;
+import com.metamatrix.platform.security.api.AuthorizationRealm;
+import com.metamatrix.platform.security.api.BasicAuthorizationPermission;
+import com.metamatrix.platform.security.api.BasicAuthorizationPermissionFactory;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipal;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
+import com.metamatrix.platform.security.api.SessionToken;
+import com.metamatrix.platform.security.api.StandardAuthorizationActions;
+import com.metamatrix.platform.security.api.service.AuthorizationServicePropertyNames;
+import com.metamatrix.platform.security.api.service.MembershipServiceInterface;
+import com.metamatrix.platform.security.util.LogSecurityConstants;
+import com.metamatrix.platform.security.util.RolePermissionFactory;
+import com.metamatrix.platform.util.ErrorMessageKeys;
+import com.metamatrix.server.util.ServerAuditContexts;
+import com.metamatrix.vdb.runtime.VDBKey;
+
+/**
+ * The Authorization Service is responsible for handling requests to determine
+ * whether a Principal is entitled to perform a given action on a given resource
+ * or set of resources.
+ * <p>
+ * Administration of the Authorization policies; creating/destroying Policies,
+ * adding/deleting Principals and Permissions is available to Principals that
+ * have the proper administrative role.
+ * </p>
+ */
+public class AuthorizationServiceImpl implements AuthorizationService {
+
+ /*
+ * Configuration state
+ */
+ private boolean useEntitlements;
+
+ /*
+ * Injected state
+ */
+ protected MembershipServiceInterface membershipServiceProxy;
+ protected VDBService vdbService;
+ protected LRUCache<VDBKey, Collection<AuthorizationPolicy>> policyCache = new LRUCache<VDBKey, Collection<AuthorizationPolicy>>();
+
+ // Permission factory is reusable and threadsafe
+ private static final BasicAuthorizationPermissionFactory PERMISSION_FACTORY = new BasicAuthorizationPermissionFactory();
+
+ /*
+ * @see com.metamatrix.common.application.ApplicationService#initialize(java.util.Properties)
+ */
+ public void initialize(Properties env) throws ApplicationInitializationException {
+ this.useEntitlements = PropertiesUtils.getBooleanProperty(env, AuthorizationServicePropertyNames.DATA_ACCESS_AUTHORIZATION_ENABLED, false);
+ }
+
+ /*
+ * @see com.metamatrix.common.application.ApplicationService#start(com.metamatrix.common.application.ApplicationEnvironment)
+ */
+ public void start(ApplicationEnvironment environment) throws ApplicationLifecycleException {
+ }
+
+ /*
+ * @see com.metamatrix.common.application.ApplicationService#stop()
+ */
+ public void stop() throws ApplicationLifecycleException {
+ }
+
+ /*
+ */
+ public Collection getInaccessibleResources(String connectionID, int action, Collection resources, int context)
+ throws MetaMatrixComponentException {
+ SessionToken token = DQPWorkContext.getWorkContext().getSessionToken();
+ AuthorizationRealm realm = getRealm(DQPWorkContext.getWorkContext());
+ AuthorizationActions actions = getActions(action);
+ Collection permissions = createPermissions(realm, resources, actions);
+ String auditContext = getAuditContext(context);
+ Collection inaccessableResources = Collections.EMPTY_LIST;
+ try {
+ inaccessableResources = getInaccessibleResources(token, auditContext, permissions);
+ } catch (AuthorizationMgmtException e) {
+ throw new MetaMatrixComponentException(e);
+ }
+
+ // Convert inaccessable resources from auth permissions to string resource names
+ Collection inaccessableResourceNames = Collections.EMPTY_LIST;
+ if ( inaccessableResources != null && inaccessableResources.size() > 0 ) {
+ inaccessableResourceNames = new ArrayList();
+ for ( Iterator permItr = inaccessableResources.iterator(); permItr.hasNext(); ) {
+ AuthorizationPermission permission = (AuthorizationPermission) permItr.next();
+ inaccessableResourceNames.add(permission.getResourceName());
+ }
+ }
+ return inaccessableResourceNames;
+ }
+
+ /**
+ * Of those resources specified, return the subset for which the specified account
+ * does <emph>NOT</emph> have authorization to access.
+ * @param sessionToken the session token of the principal that is calling this method
+ * @param contextName the name of the context for the caller (@see AuditContext)
+ * @param requests the permissions that detail the resources and the desired form of access
+ * @return the subset of <code>requests</code> that the account does <i>not</i> have access to
+ * @throws InvalidSessionException if the session token for this cache is not valid
+ * @throws AuthorizationMgmtException if this service is unable to locate resources required
+ * for this operation
+ */
+ public Collection getInaccessibleResources(SessionToken sessionToken, String contextName, Collection requests)
+ throws AuthorizationMgmtException {
+ LogManager.logDetail(LogSecurityConstants.CTX_AUTHORIZATION, new Object[]{"getInaccessibleResources(", sessionToken, ", ", contextName, ", ", requests, ")"}); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$
+
+ List resources = new ArrayList();
+ if (requests != null && ! requests.isEmpty()) {
+ Iterator permItr = requests.iterator();
+ while ( permItr.hasNext() ) {
+ resources.add(((AuthorizationPermission)permItr.next()).getResourceName());
+ }
+ }
+
+ // Audit - request
+ AuditMessage msg = new AuditMessage( contextName, "getInaccessibleResources-request", sessionToken.getUsername(), resources.toArray()); //$NON-NLS-1$
+ LogManager.log(MessageLevel.INFO, LogContextsUtil.CommonConstants.CTX_AUDITLOGGING, msg);
+
+ if (isEntitled(sessionToken.getUsername())) {
+ return Collections.EMPTY_LIST;
+ }
+
+ Collection results = new HashSet(requests);
+ try {
+ Collection policies = this.getPoliciesForPrincipal(new MetaMatrixPrincipalName(sessionToken.getUsername(), MetaMatrixPrincipal.TYPE_USER), sessionToken, getRequestedRealm(requests));
+
+ Iterator policyIter = policies.iterator();
+
+ while (policyIter.hasNext() && !results.isEmpty()) {
+ Iterator requestIter = results.iterator();
+ AuthorizationPolicy policy = (AuthorizationPolicy) policyIter.next();
+ while (requestIter.hasNext()) {
+ AuthorizationPermission request = (AuthorizationPermission) requestIter.next();
+ if (policy.implies(request)) {
+ requestIter.remove();
+ continue;
+ }
+ }
+ }
+ } catch (InvalidPrincipalException e) {
+ throw new AuthorizationMgmtException(e, PlatformPlugin.Util.getString(ErrorMessageKeys.SEC_AUTHORIZATION_0020));
+ }
+
+ if (results.isEmpty()) {
+ msg = new AuditMessage( contextName, "getInaccessibleResources-granted all", sessionToken.getUsername(), resources.toArray()); //$NON-NLS-1$
+ LogManager.log(MessageLevel.INFO, LogContextsUtil.CommonConstants.CTX_AUDITLOGGING, msg);
+ } else {
+ msg = new AuditMessage( contextName, "getInaccessibleResources-denied", sessionToken.getUsername(), resources.toArray()); //$NON-NLS-1$
+ LogManager.log(MessageLevel.INFO, LogContextsUtil.CommonConstants.CTX_AUDITLOGGING, msg);
+ }
+ return results;
+ }
+
+ /**
+ * Query <code>requests</code> for the <code>AuthorizationRealm</code> in
+ * which they belong.
+ * @param requests
+ * @return The realm in which <i>all</i> the requests in the collection
+ * belong.
+ * @throws AuthorizationMgmtException if the request <i>do not all</i>
+ * belong to the same realm.
+ */
+ private static AuthorizationRealm getRequestedRealm(final Collection requests)
+ throws AuthorizationMgmtException {
+ AuthorizationRealm theRealm = null;
+ Iterator requestItr = requests.iterator();
+ while (requestItr.hasNext()) {
+ AuthorizationPermission aPerm = (AuthorizationPermission) requestItr.next();
+ AuthorizationRealm aRealm = aPerm.getRealm();
+ if ( theRealm != null ) {
+ if ( ! theRealm.equals(aRealm) ) {
+ throw new AuthorizationMgmtException(ErrorMessageKeys.SEC_AUTHORIZATION_0078,
+ PlatformPlugin.Util.getString(ErrorMessageKeys.SEC_AUTHORIZATION_0078));
+ }
+ } else {
+ theRealm = aRealm;
+ }
+ }
+ if ( theRealm == null ) {
+ throw new AuthorizationMgmtException(PlatformPlugin.Util.getString("AuthorizationServiceImpl.Authorization_Realm_is_null")); //$NON-NLS-1$
+ }
+ return theRealm;
+ }
+
+ public boolean hasRole(String connectionID, String roleType, String roleName) throws MetaMatrixComponentException {
+ SessionToken token = DQPWorkContext.getWorkContext().getSessionToken();
+
+ AuthorizationRealm realm = null;
+
+ if (ADMIN_ROLE.equalsIgnoreCase(roleType)) {
+ realm = RolePermissionFactory.getRealm();
+ } else if (DATA_ROLE.equalsIgnoreCase(roleType)){
+ realm = getRealm(DQPWorkContext.getWorkContext());
+ } else {
+ return false;
+ }
+
+ try {
+ return hasPolicy(token, realm, roleName);
+ } catch (AuthorizationMgmtException err) {
+ throw new MetaMatrixComponentException(err);
+ }
+ }
+
+ private boolean matchesPrincipal(Set<MetaMatrixPrincipalName> principals,
+ AuthorizationPolicy policy) {
+ for (MetaMatrixPrincipalName principal : principals) {
+ if (policy.getPrincipals().contains(principal)) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ public boolean hasPolicy(SessionToken caller, AuthorizationRealm realm,
+ String policyName) throws AuthorizationMgmtException {
+
+ if (isEntitled(caller.getUsername())) {
+ return true;
+ }
+
+ Collection policies;
+ try {
+ policies = getPoliciesForPrincipal(new MetaMatrixPrincipalName(
+ caller.getUsername(), MetaMatrixPrincipal.TYPE_USER),
+ caller, realm);
+ } catch (InvalidPrincipalException e) {
+ throw new AuthorizationMgmtException(e);
+ }
+
+ HashSet applicablePolicies = new HashSet();
+ applicablePolicies.add(policyName);
+
+ if (realm == RolePermissionFactory.getRealm()) {
+ if (AdminRoles.RoleName.ADMIN_PRODUCT.equals(policyName)) {
+ applicablePolicies.add(AdminRoles.RoleName.ADMIN_SYSTEM);
+ } else if (AdminRoles.RoleName.ADMIN_READONLY.equals(policyName)) {
+ applicablePolicies.add(AdminRoles.RoleName.ADMIN_PRODUCT);
+ applicablePolicies.add(AdminRoles.RoleName.ADMIN_SYSTEM);
+ }
+ }
+
+ for (Iterator i = policies.iterator(); i.hasNext();) {
+ AuthorizationPolicy policy = (AuthorizationPolicy) i.next();
+ if (applicablePolicies.contains(policy.getAuthorizationPolicyID()
+ .getDisplayName())) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Return a collection of all policies for which this principal has authorization, caching as needed.
+ * Policies are returned for the principal and all groups in which the principal has membership.
+ * <br><strong>NOTE:</strong> This method only goes to the authorization store when
+ * <emph>none</emph> of the given principal's policies are found in the cache.
+ * @param user the user account for which access is being checked; may not be null
+ * (this is not checked for, however)
+ * @return All policies for which the principal is authenticated - may be empty but never null.
+ * @throws AuthorizationMgmtException if this service has trouble connecting to services it uses.
+ * @throws InvalidPrincipalException if the principal is invalid.
+ * @throws MetaMatrixComponentException
+ */
+ private Collection<AuthorizationPolicy> getPoliciesForPrincipal(MetaMatrixPrincipalName user, SessionToken session, AuthorizationRealm realm)
+ throws AuthorizationMgmtException, InvalidPrincipalException {
+
+ Set<AuthorizationPolicy> result = new HashSet<AuthorizationPolicy>();
+
+ Set<MetaMatrixPrincipalName> principals = getGroupsForPrincipal(user);
+
+ if (principals == null || principals.size() == 0) {
+ return result;
+ }
+
+ if (realm.getSubRealmName() != null) {
+ VDBKey key = new VDBKey(realm.getRealmName(), realm.getSubRealmName());
+ Collection<AuthorizationPolicy> policies = null;
+ synchronized (this.policyCache) {
+ policies = this.policyCache.get(key);
+ if (policies == null) {
+ try {
+ VDBArchive vdb = vdbService.getVDB(realm.getRealmName(), realm.getSubRealmName());
+ if (vdb.getDataRoles() == null) {
+ policies = Collections.emptyList();
+ }
+ policies = AuthorizationPolicyFactory.buildPolicies(vdb.getName(), vdb.getVersion(), vdb.getDataRoles());
+ } catch (SAXException e) {
+ throw new AuthorizationMgmtException(e);
+ } catch (IOException e) {
+ throw new AuthorizationMgmtException(e);
+ } catch (ParserConfigurationException e) {
+ throw new AuthorizationMgmtException(e);
+ } catch (MetaMatrixComponentException e) {
+ throw new AuthorizationMgmtException(e);
+ }
+ this.policyCache.put(key, policies);
+ }
+ }
+ for (AuthorizationPolicy policy : policies) {
+ if (matchesPrincipal(principals, policy)) {
+ result.add(policy);
+ continue;
+ }
+ }
+ } else {
+ //TODO: looking for admin roles
+ }
+
+ return result;
+ }
+
+ /**
+ * Return all the groups that this prinicpal is a member of <i>and</i> the
+ * given principal (implies this principal is a member of itself).
+ * @param principal the principal for which to look for groups (may itself be a group).
+ * @return the given principal and all groups of which it is a member.
+ * @throws AuthorizationMgmtException if an error occurs while contacting the Membership svc.
+ * @throws InvalidPrincipalException if the given principal is invalid.
+ */
+ private Set<MetaMatrixPrincipalName> getGroupsForPrincipal(MetaMatrixPrincipalName principal)
+ throws AuthorizationMgmtException, InvalidPrincipalException {
+ LogManager.logDetail(LogSecurityConstants.CTX_AUTHORIZATION,
+ new Object[] {"getGroupsForPrincipal(", principal, ") - Getting all group memberships."}); //$NON-NLS-1$ //$NON-NLS-2$
+ // Get the set of all groups this Principal is a member of
+ Set<MetaMatrixPrincipalName> allPrincipals = new HashSet<MetaMatrixPrincipalName>();
+ try {
+ Collection groups = Collections.EMPTY_SET;
+ if (principal.getType() == MetaMatrixPrincipal.TYPE_USER ||
+ principal.getType() == MetaMatrixPrincipal.TYPE_ADMIN) {
+ groups = membershipServiceProxy.getGroupsForUser(principal.getName());
+ } else if (principal.getType() == MetaMatrixPrincipal.TYPE_GROUP) {
+ MetaMatrixPrincipal groupPrincipal = membershipServiceProxy.getPrincipal(principal);
+ groups = new HashSet();
+ groups.add(groupPrincipal.getName());
+ }
+ Iterator memberItr = groups.iterator();
+ // Add all principals that each orig is member of
+ while (memberItr.hasNext()) {
+ // HACK: Convert ALL member principals to MetaMatrixPrincipalName objs
+ // since Auth and Memb svcs don't speak the same language.
+ MetaMatrixPrincipalName member = new MetaMatrixPrincipalName((String) memberItr.next(), MetaMatrixPrincipal.TYPE_GROUP);
+ LogManager.logDetail(LogSecurityConstants.CTX_AUTHORIZATION,
+ new Object[]{"getGroupsForPrincipal(", principal, ") - Adding membership <", member, ">"}); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ allPrincipals.add(member);
+ }
+ // Add original Principal, now that we know he's been authenticated.
+ allPrincipals.add(principal);
+ } catch (InvalidPrincipalException e) {
+ throw e;
+ } catch (MetaMatrixSecurityException e) {
+ String msg = PlatformPlugin.Util.getString(ErrorMessageKeys.SEC_AUTHORIZATION_0035);
+ throw new AuthorizationMgmtException(e, ErrorMessageKeys.SEC_AUTHORIZATION_0035, msg);
+ }
+ return allPrincipals;
+ }
+
+ protected boolean isEntitled(String principal) {
+ try {
+ if (membershipServiceProxy.isSuperUser(principal) || !membershipServiceProxy.isSecurityEnabled()) {
+ LogManager.logDetail(LogSecurityConstants.CTX_AUTHORIZATION,
+ new Object[]{ "Automatically entitling principal", principal}); //$NON-NLS-1$
+ return true;
+ }
+ } catch (MembershipServiceException e) {
+ String msg = PlatformPlugin.Util.getString(ErrorMessageKeys.SEC_AUTHORIZATION_0075);
+ LogManager.logError(LogSecurityConstants.CTX_AUTHORIZATION, e, msg);
+ }
+ return false;
+ }
+
+ /**
+ * Determine whether entitlements checking is enabled on the server.
+ *
+ * @return <code>true</code> iff server-side entitlements checking is enabled.
+ */
+ public boolean checkingEntitlements() {
+ return useEntitlements;
+ }
+
+ /**
+ * Create realm based on token
+ * @param token Used to find info about this session
+ * @return Realm to use (based on vdb name and version)
+ */
+ private AuthorizationRealm getRealm(DQPWorkContext context) {
+ return
+ new AuthorizationRealm(
+ context.getVdbName(),
+ context.getVdbVersion());
+ }
+
+ private AuthorizationActions getActions(int actionCode) {
+ switch(actionCode) {
+ case AuthorizationService.ACTION_READ: return StandardAuthorizationActions.DATA_READ;
+ case AuthorizationService.ACTION_CREATE: return StandardAuthorizationActions.DATA_CREATE;
+ case AuthorizationService.ACTION_UPDATE: return StandardAuthorizationActions.DATA_UPDATE;
+ case AuthorizationService.ACTION_DELETE: return StandardAuthorizationActions.DATA_DELETE;
+ default: return StandardAuthorizationActions.DATA_READ;
+ }
+ }
+
+ /**
+ * Take a list of resources (Strings) and create a list of permissions
+ * suitable for sending to the authorization service.
+ * @param realm Realm to use
+ * @param resources Collection of String, listing resources
+ * @param actions Actions to check for
+ * @return Collection of BasicAuthorizationPermission
+ */
+ private Collection createPermissions(AuthorizationRealm realm, Collection resources, AuthorizationActions actions) {
+ List permissions = new ArrayList(resources.size());
+ Iterator iter = resources.iterator();
+ while(iter.hasNext()) {
+ String resource = (String) iter.next();
+
+ BasicAuthorizationPermission permission =
+ (BasicAuthorizationPermission) PERMISSION_FACTORY.create(resource, realm, actions);
+
+ permissions.add(permission);
+ }
+ return permissions;
+ }
+
+ private String getAuditContext(int auditCode) {
+ switch(auditCode) {
+ case AuthorizationService.CONTEXT_QUERY: return ServerAuditContexts.CTX_QUERY;
+ case AuthorizationService.CONTEXT_INSERT: return ServerAuditContexts.CTX_INSERT;
+ case AuthorizationService.CONTEXT_UPDATE: return ServerAuditContexts.CTX_UPDATE;
+ case AuthorizationService.CONTEXT_DELETE: return ServerAuditContexts.CTX_DELETE;
+ case AuthorizationService.CONTEXT_PROCEDURE: return ServerAuditContexts.CTX_PROCEDURE;
+ default: return ServerAuditContexts.CTX_QUERY;
+ }
+ }
+
+ public void setMembershipServiceProxy(
+ MembershipServiceInterface membershipServiceProxy) {
+ this.membershipServiceProxy = membershipServiceProxy;
+ }
+
+ public void setUseEntitlements(boolean useEntitlements) {
+ this.useEntitlements = useEntitlements;
+ }
+
+ public void setVdbService(VDBService vdbService) {
+ this.vdbService = vdbService;
+ }
+
+}
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/service/AuthorizationServiceImpl.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/spi/AuthorizationSourceException.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/spi/AuthorizationSourceException.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/spi/AuthorizationSourceException.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,88 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.authorization.spi;
+
+import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException;
+
+/**
+ * Thrown when an exception has occured in the Authorization Source.
+ * This exception will have been something other than a communication error
+ * with the source.
+ * @see AuthorizationSourceConnectionException
+ */
+public class AuthorizationSourceException extends MetaMatrixSecurityException {
+
+ /**
+ * No-arg CTOR
+ */
+ public AuthorizationSourceException( ) {
+ super( );
+ }
+ /**
+ * Constructs an instance of the exception with the specified detail message. A detail
+ * message is a String that describes this particular exception.
+ * @param the detail message
+ */
+ public AuthorizationSourceException(String message) {
+ super(message);
+ }
+ /**
+ * Constructs an instance of the exception with no detail message but with a
+ * single exception.
+ * @param e the exception that is encapsulated by this exception
+ */
+ public AuthorizationSourceException(Throwable e) {
+ super(e);
+ }
+ /**
+ * Constructs an instance of the exception with the specified detail message
+ * and a single exception. A detail message is a String that describes this
+ * particular exception.
+ * @param message the detail message
+ * @param e the exception that is encapsulated by this exception
+ */
+ public AuthorizationSourceException( Throwable e, String message ) {
+ super(e, message);
+ }
+ /**
+ * Construct an instance with an error code and message specified.
+ *
+ * @param message The error message
+ * @param code The error code
+ */
+ public AuthorizationSourceException( String code, String message ) {
+ super( code, message );
+ }
+ /**
+ * Construct an instance with a linked exception, and an error code and
+ * message, specified.
+ *
+ * @param e An exception to chain to this exception
+ * @param message The error message
+ * @param code The error code
+ */
+ public AuthorizationSourceException( Throwable e, String code, String message ) {
+ super( e, code, message );
+ }
+}
+
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/security/authorization/spi/AuthorizationSourceException.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/service/MembershipServiceImpl.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/service/MembershipServiceImpl.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/service/MembershipServiceImpl.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,643 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.membership.service;
+
+import java.io.IOException;
+import java.io.Serializable;
+import java.net.MalformedURLException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Properties;
+import java.util.Set;
+import java.util.regex.Pattern;
+
+import org.teiid.dqp.internal.process.DQPWorkContext;
+
+import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException;
+import com.metamatrix.api.exception.security.InvalidPrincipalException;
+import com.metamatrix.api.exception.security.InvalidUserException;
+import com.metamatrix.api.exception.security.LogonException;
+import com.metamatrix.api.exception.security.MembershipServiceException;
+import com.metamatrix.api.exception.security.UnsupportedCredentialException;
+import com.metamatrix.common.application.ApplicationEnvironment;
+import com.metamatrix.common.application.exception.ApplicationInitializationException;
+import com.metamatrix.common.application.exception.ApplicationLifecycleException;
+import com.metamatrix.common.config.CurrentConfiguration;
+import com.metamatrix.common.config.api.AuthenticationProviderType;
+import com.metamatrix.common.log.LogManager;
+import com.metamatrix.common.util.PropertiesUtils;
+import com.metamatrix.common.util.crypto.CryptoException;
+import com.metamatrix.common.util.crypto.CryptoUtil;
+import com.metamatrix.core.util.StringUtil;
+import com.metamatrix.platform.PlatformPlugin;
+import com.metamatrix.platform.security.api.BasicMetaMatrixPrincipal;
+import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipal;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
+import com.metamatrix.platform.security.api.service.AuthenticationToken;
+import com.metamatrix.platform.security.api.service.FailedAuthenticationToken;
+import com.metamatrix.platform.security.api.service.MembershipServiceInterface;
+import com.metamatrix.platform.security.api.service.SuccessfulAuthenticationToken;
+import com.metamatrix.platform.security.membership.spi.MembershipDomain;
+import com.metamatrix.platform.security.membership.spi.MembershipSourceException;
+import com.metamatrix.platform.security.util.LogSecurityConstants;
+import com.metamatrix.platform.util.ErrorMessageKeys;
+
+/**
+ * This class serves as the primary implementation of the
+ * Membership Service, and logically consists of a set of one or
+ * more MembershipDomainInterface instances. The Service is
+ * responsible for creating and intializing the set of domains,
+ * receiving requests from clients, and determining
+ * which domain or domains are to handle those requests.
+ */
+public class MembershipServiceImpl implements MembershipServiceInterface {
+
+ static class MembershipDomainHolder {
+
+ private MembershipDomain membershipDomain;
+ private String domainName;
+
+ public MembershipDomainHolder(MembershipDomain domain, String domainName) {
+ this.membershipDomain = domain;
+ this.domainName = domainName;
+ }
+
+ /**
+ * Get the unique name of this Membership domain.
+ * @return the domain name.
+ */
+ public String getDomainName() {
+ return domainName;
+ }
+
+ /**
+ * @return Returns the membershipDomain.
+ */
+ public MembershipDomain getMembershipDomain() {
+ return this.membershipDomain;
+ }
+
+ }
+
+ /*
+ * Configuration state
+ */
+ private String adminUsername = DEFAULT_ADMIN_USERNAME;
+ private String adminCredentials;
+ private Pattern allowedAddresses;
+ private boolean isSecurityEnabled = true;
+
+ private List<MembershipDomainHolder> domains = new ArrayList<MembershipDomainHolder>();
+
+ public MembershipServiceImpl() {
+ super();
+ }
+
+ // -----------------------------------------------------------------------------------
+ // S E R V I C E - R E L A T E D M E T H O D S
+ // -----------------------------------------------------------------------------------
+
+ /**
+ * Perform initialization and commence processing. This method is called only once.
+ * <p>Note: In order to perform the chaining of membership domains, this method assumes
+ * there exists a property in the given environment properties named
+ * {@link com.metamatrix.platform.security.api.service.MembershipServiceInterface#DOMAIN_ORDER DOMAIN_ORDER}
+ * that has an ordered value in the form of "A, X, ..., D"
+ * @throws ApplicationInitializationException
+ */
+ @Override
+ public void initialize(Properties env)
+ throws ApplicationInitializationException {
+
+ adminUsername = env.getProperty(ADMIN_USERNAME, DEFAULT_ADMIN_USERNAME);
+
+ adminCredentials = env.getProperty(ADMIN_PASSWORD);
+ if (adminCredentials == null || adminCredentials.length() == 0) {
+ throw new ApplicationInitializationException(PlatformPlugin.Util.getString("MembershipServiceImpl.Root_password_required")); //$NON-NLS-1$
+ }
+
+ String property = env.getProperty(ADMIN_HOSTS);
+ if (property != null && property.length() > 0) {
+ this.allowedAddresses = Pattern.compile(property);
+ }
+
+ isSecurityEnabled = Boolean.valueOf(env.getProperty(SECURITY_ENABLED)).booleanValue();
+ LogManager.logDetail(LogSecurityConstants.CTX_MEMBERSHIP, "Security Enabled: " + isSecurityEnabled); //$NON-NLS-1$
+
+ try {
+ //TODO: my caller should have already decrypted this for me
+ adminCredentials = CryptoUtil.stringDecrypt(adminCredentials);
+ } catch (CryptoException err) {
+ LogManager.logCritical(LogSecurityConstants.CTX_MEMBERSHIP, err, PlatformPlugin.Util.getString("MembershipServiceImpl.Root_password_decryption_failed")); //$NON-NLS-1$
+ throw new ApplicationInitializationException(err);
+ }
+
+ String domainNameOrder = env.getProperty(MembershipServiceInterface.DOMAIN_ORDER);
+ if (domainNameOrder == null || domainNameOrder.trim().length()==0) {
+ return;
+ }
+
+ List domainNames = StringUtil.split(domainNameOrder, ","); //$NON-NLS-1$
+
+ Iterator domainNameItr = domainNames.iterator();
+ while ( domainNameItr.hasNext() ) {
+ String domainName = ((String) domainNameItr.next()).trim();
+ try {
+ Properties domainProps = PropertiesUtils.getProperties(domainName + ".*", env); //$NON-NLS-1$
+ if (!Boolean.valueOf(domainProps.getProperty(DOMAIN_ACTIVE)).booleanValue()) {
+ LogManager.logDetail(LogSecurityConstants.CTX_MEMBERSHIP, "Skipping initilization of inactive domain " + domainName); //$NON-NLS-1$
+ continue;
+ }
+ MembershipDomain newDomain = createDomain(domainName, domainProps);
+ LogManager.logInfo(LogSecurityConstants.CTX_MEMBERSHIP, PlatformPlugin.Util.getString("MSG.014.407.0005", domainName)); //$NON-NLS-1$
+ if(newDomain!=null) {
+ this.domains.add(new MembershipDomainHolder(newDomain, domainName));
+ }
+ } catch (Exception e){
+ LogManager.logCritical(LogSecurityConstants.CTX_MEMBERSHIP, e, "Failed to load MembershipDomain"); //$NON-NLS-1$
+ }
+ }
+ }
+
+ /**
+ * Create the membership domain of the given name with the given properties. A domain is created
+ * by instantiating the domain factory found in <code>env</code>.
+ * @param domainName The domain to be instantiated.
+ * @param env All properties that the domain needs to be established <i>especially>/i> the domain
+ * factory class name.
+ * @return The newly instantiated domain.
+ * @throws ApplicationInitializationException
+ * @throws IOException
+ * @throws MalformedURLException
+ * @throws MembershipSourceException
+ */
+ private MembershipDomain createDomain(String domainName, Properties properties) throws ApplicationInitializationException, MalformedURLException, IOException, MembershipSourceException {
+
+ MembershipDomain domain = null;
+ String className = properties.getProperty(AuthenticationProviderType.Attributes.AUTHDOMAIN_CLASS);
+
+ if (className != null && className.length() > 0) {
+ try {
+ domain = (MembershipDomain) Thread.currentThread().getContextClassLoader().loadClass(className).newInstance();
+ } catch (Throwable e) {
+ String msg = PlatformPlugin.Util.getString(ErrorMessageKeys.SEC_MEMBERSHIP_0023, className);
+ throw new ApplicationInitializationException(e, ErrorMessageKeys.SEC_MEMBERSHIP_0023, msg);
+ }
+ } else {
+ String msg = PlatformPlugin.Util.getString(ErrorMessageKeys.SEC_MEMBERSHIP_0024, domainName);
+ throw new ApplicationInitializationException(ErrorMessageKeys.SEC_MEMBERSHIP_0024, msg);
+ }
+
+ properties.setProperty(DOMAIN_NAME, domainName);
+
+ String propsString = properties.getProperty(DOMAIN_PROPERTIES);
+
+ if (propsString != null) {
+ Properties customProps = PropertiesUtils.loadFromURL(propsString);
+ properties.putAll(customProps);
+ }
+
+ domain.initialize(properties);
+
+ return domain;
+ }
+
+ private void shutdownDomains() {
+ // Shut down the domain(s) ...
+ Iterator iter = this.domains.iterator();
+ while ( iter.hasNext() ) {
+ MembershipDomainHolder domainHolder = (MembershipDomainHolder) iter.next();
+ try {
+ domainHolder.getMembershipDomain().shutdown();
+ } catch ( Exception e ) {
+ LogManager.logError(LogSecurityConstants.CTX_MEMBERSHIP, e, ErrorMessageKeys.SEC_MEMBERSHIP_0026);
+ }
+ }
+ this.domains.clear();
+ }
+
+ void setAllowedAddresses(Pattern allowedAddresses) {
+ this.allowedAddresses = allowedAddresses;
+ }
+
+ void setAdminCredentials(String adminCredentials) {
+ this.adminCredentials = adminCredentials;
+ }
+
+ /**
+ * Authenticate a user with the specified username and credential
+ * for use with the specified application. The application name may also
+ * be used by the Membership Service to determine the appropriate authentication
+ * mechanism.
+ * <p>
+ * This method iterates through the domains and, on each domain, attempts to authenticate
+ * the principal with the specified credentials. Authentication is successful
+ * upon the first domain encountered that authenticates the principals.
+ * @param username
+ * @param credential
+ * @param trustedPayload
+ * @param applicationName
+ * @return
+ * @throws MetaMatrixSecurityException
+ * @throws MembershipServiceException
+ */
+ public AuthenticationToken authenticateUser(String username, Credentials credential, Serializable trustedPayload, String applicationName) {
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {"authenticateUser", username, applicationName}); //$NON-NLS-1$
+
+ if (credential != null) {
+ String password = new String(credential.getCredentialsAsCharArray());
+ if (CryptoUtil.isEncryptionEnabled() && CryptoUtil.isValueEncrypted(password)) {
+ try {
+ credential = new Credentials(CryptoUtil.stringDecrypt(password).toCharArray());
+ } catch (CryptoException err) {
+ //just log and allow the normal authentication flow
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.Decrypt_failed", username); //$NON-NLS-1$
+ LogManager.logWarning(LogSecurityConstants.CTX_MEMBERSHIP, err, msg);
+ }
+ }
+ }
+
+ if (!isSecurityEnabled) {
+ return new SuccessfulAuthenticationToken(trustedPayload, username);
+ }
+
+ if (isSuperUser(username)) {
+ if (isSecurityEnabled && allowedAddresses != null) {
+ String address = DQPWorkContext.getWorkContext().getClientAddress();
+ if (address == null) {
+ LogManager.logWarning(LogSecurityConstants.CTX_MEMBERSHIP, PlatformPlugin.Util.getString("MembershipServiceImpl.unknown_host")); //$NON-NLS-1$
+ return new FailedAuthenticationToken();
+ }
+ if (!allowedAddresses.matcher(address).matches() || address.equals(CurrentConfiguration.getInstance().getHostAddress().getHostAddress())) {
+ LogManager.logWarning(LogSecurityConstants.CTX_MEMBERSHIP, PlatformPlugin.Util.getString("MembershipServiceImpl.invalid_host", address, allowedAddresses.pattern())); //$NON-NLS-1$
+ return new FailedAuthenticationToken();
+ }
+ }
+ // decrypt admin password for comparison
+ if ((credential != null && adminCredentials.equals(String.valueOf(credential.getCredentialsAsCharArray())))) {
+ return new SuccessfulAuthenticationToken(trustedPayload, username);
+ }
+ return new FailedAuthenticationToken();
+ }
+
+ if (isWsdlUser(username)) {
+ // No need to check credentials. There is no password for the wsdl user.
+ return new SuccessfulAuthenticationToken(trustedPayload, username);
+ }
+
+ String baseUsername = getBaseUsername(username);
+
+ // If username specifies a domain (user at domain) only that domain is authenticated against.
+ // If username specifies no domain, then all domains are tried in order.
+ Iterator iter = getDomainsForUser(username).iterator();
+ while ( iter.hasNext() ) {
+ MembershipDomainHolder entry = (MembershipDomainHolder)iter.next();
+ try {
+
+ SuccessfulAuthenticationToken auth = entry.getMembershipDomain().authenticateUser(baseUsername, credential, trustedPayload, applicationName);
+
+ if (auth != null) {
+ baseUsername = escapeName(auth.getUserName());
+ String domain = entry.getDomainName();
+
+ if (auth.getDomainName() != null) {
+ domain = auth.getDomainName();
+ }
+ return new SuccessfulAuthenticationToken(auth.getPayload(), baseUsername + MembershipServiceInterface.AT + domain);
+ }
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.Null_authentication", entry.getDomainName(), username ); //$NON-NLS-1$
+ LogManager.logError(LogSecurityConstants.CTX_MEMBERSHIP, msg);
+ return new FailedAuthenticationToken();
+ } catch (LogonException le) {
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.Logon_failed", entry.getDomainName(), username ); //$NON-NLS-1$
+ LogManager.logWarning(LogSecurityConstants.CTX_MEMBERSHIP, le, msg);
+ return new FailedAuthenticationToken();
+ } catch (InvalidUserException e) {
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.Invalid_user", entry.getDomainName(), username ); //$NON-NLS-1$
+ LogManager.logDetail(LogSecurityConstants.CTX_MEMBERSHIP, e, msg);
+ } catch (UnsupportedCredentialException e) {
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.Unsupported_credentials", entry.getDomainName(), username ); //$NON-NLS-1$
+ LogManager.logDetail(LogSecurityConstants.CTX_MEMBERSHIP, e, msg);
+ } catch (MembershipSourceException e) {
+ //just skip this domain for now
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.source_exception", entry.getDomainName()); //$NON-NLS-1$
+ LogManager.logError(LogSecurityConstants.CTX_MEMBERSHIP, e, msg);
+ }
+ }
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.Failed_authentication", username ); //$NON-NLS-1$
+ LogManager.logDetail(LogSecurityConstants.CTX_MEMBERSHIP, msg);
+ return new FailedAuthenticationToken();
+ }
+
+ static String getBaseUsername(String username) {
+ if (username == null) {
+ return username;
+ }
+
+ int index = getQualifierIndex(username);
+
+ String result = username;
+
+ if (index != -1) {
+ result = username.substring(0, index);
+ }
+
+ //strip the escape character from the remaining ats
+ return result.replaceAll("\\\\"+MembershipServiceInterface.AT, MembershipServiceInterface.AT); //$NON-NLS-1$
+ }
+
+ static String escapeName(String name) {
+ if (name == null) {
+ return name;
+ }
+
+ return name.replaceAll(MembershipServiceInterface.AT, "\\\\"+MembershipServiceInterface.AT); //$NON-NLS-1$
+ }
+
+ static String getDomainName(String username) {
+ if (username == null) {
+ return username;
+ }
+
+ int index = getQualifierIndex(username);
+
+ if (index != -1) {
+ return username.substring(index + 1);
+ }
+
+ return null;
+ }
+
+ static int getQualifierIndex(String username) {
+ int index = username.length();
+ while ((index = username.lastIndexOf(MembershipServiceInterface.AT, --index)) != -1) {
+ if (index > 0 && username.charAt(index - 1) != '\\') {
+ return index;
+ }
+ }
+
+ return -1;
+ }
+
+ private Collection getDomainsForUser(String username) {
+ // If username is null, return all domains
+ if (username == null) {
+ return domains;
+ // If username is admin account, return empty domain list
+ } else if (isSuperUser(username) || !isSecurityEnabled) {
+ return Collections.EMPTY_LIST;
+ }
+
+ String domain = getDomainName(username);
+
+ if (domain == null) {
+ return domains;
+ }
+
+ // ------------------------------------------
+ // Handle usernames having @ sign
+ // ------------------------------------------
+
+ MembershipDomainHolder domainHolder = null;
+ Iterator iter = domains.iterator();
+ while(iter.hasNext()) {
+ MembershipDomainHolder currentHolder = (MembershipDomainHolder)iter.next();
+ if(domain.equalsIgnoreCase(currentHolder.getDomainName())) {
+ domainHolder = currentHolder;
+ break;
+ }
+ }
+
+ if (domainHolder == null) {
+ return Collections.EMPTY_LIST;
+ }
+
+ LinkedList result = new LinkedList();
+
+ result.add(domainHolder);
+
+ return result;
+ }
+
+ /**
+ * Obtain the principal object that is representative of the principal
+ * @param principalName
+ * @param type
+ * @return
+ * @throws MetaMatrixSecurityException
+ * @throws InvalidPrincipalException
+ */
+ public MetaMatrixPrincipal getPrincipal(MetaMatrixPrincipalName principal)
+ throws MembershipServiceException, InvalidPrincipalException {
+ LogManager.logTrace( LogSecurityConstants.CTX_MEMBERSHIP, new Object[] { "getPrincipal", principal }); //$NON-NLS-1$
+
+ String name = principal.getName();
+
+ if (principal.getType() != MetaMatrixPrincipal.TYPE_GROUP) {
+ // Handle admin account user
+ if(isSuperUser(name) || !isSecurityEnabled) {
+ return new BasicMetaMatrixPrincipal(name, MetaMatrixPrincipal.TYPE_ADMIN,Collections.EMPTY_SET);
+ }
+
+ if (isWsdlUser(name)) {
+ return new BasicMetaMatrixPrincipal(name, MetaMatrixPrincipal.TYPE_USER,Collections.EMPTY_SET);
+ }
+ }
+
+ // Get base username (strip off everything after @)
+ String baseName = getBaseUsername(name);
+
+ // Get domains for the user
+ Collection userDomains = getDomainsForUser(name);
+
+ // If baseName is null, or domain cannot be uniquely determined throw exception
+ if (baseName==null || userDomains.size() != 1) {
+ throw new InvalidPrincipalException(ErrorMessageKeys.SEC_MEMBERSHIP_0031,PlatformPlugin.Util.getString(ErrorMessageKeys.SEC_MEMBERSHIP_0031, name));
+ }
+
+ MembershipDomainHolder domain = (MembershipDomainHolder) userDomains.iterator().next();
+ try {
+ if (principal.getType() != MetaMatrixPrincipal.TYPE_GROUP) {
+ Set results = getDomainSpecificGroups(domain.getMembershipDomain().getGroupNamesForUser(baseName), domain.getDomainName());
+ // Get the principal from this domain
+ BasicMetaMatrixPrincipal result = new BasicMetaMatrixPrincipal(name, MetaMatrixPrincipal.TYPE_USER, results);
+ // If there is a result, then return the principal ...
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[]{"The user \"",name,"\" was obtained from domain \"",domain.getDomainName(),"\""} ); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ return result;
+ }
+ if (domain.getMembershipDomain().getGroupNames().contains(baseName)) {
+ return new BasicMetaMatrixPrincipal(name, MetaMatrixPrincipal.TYPE_GROUP);
+ }
+ } catch ( InvalidPrincipalException e ) {
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.principal_does_not_exist", name, domain.getDomainName()); //$NON-NLS-1$
+ LogManager.logError(LogSecurityConstants.CTX_MEMBERSHIP, e, msg);
+ throw new InvalidPrincipalException(msg);
+ } catch (Throwable e) {
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.source_exception", domain.getDomainName()); //$NON-NLS-1$
+ LogManager.logError(LogSecurityConstants.CTX_MEMBERSHIP, e, msg);
+ throw new MembershipServiceException(msg);
+ }
+ throw new InvalidPrincipalException(PlatformPlugin.Util.getString("MembershipServiceImpl.principal_does_not_exist", name, domain.getDomainName())); //$NON-NLS-1$
+ }
+
+ private Set<String> getDomainSpecificGroups(Set<String> groups, String domainName) {
+ if (groups == null) {
+ return Collections.emptySet();
+ }
+ Set<String> results = new HashSet<String>();
+
+ for (Iterator<String> i = groups.iterator(); i.hasNext();) {
+ results.add(escapeName(i.next()) + MembershipServiceInterface.AT + domainName);
+ }
+ return results;
+ }
+
+ /**
+ * Obtain the set of groups to which this user belongs to.
+ * The result will come from the first domain that has the specified user.
+ *
+ * @return a set of Strings
+ */
+ public Set getGroupsForUser(String userName)
+ throws MembershipServiceException, InvalidPrincipalException {
+ LogManager.logTrace( LogSecurityConstants.CTX_MEMBERSHIP, new Object[] { "getGroupsForUser", userName}); //$NON-NLS-1$
+
+ MetaMatrixPrincipal principal = getPrincipal(new MetaMatrixPrincipalName(userName, MetaMatrixPrincipal.TYPE_USER));
+
+ return principal.getGroupNames();
+ }
+
+ public String toString() {
+ StringBuffer membershipDomains = new StringBuffer();
+ membershipDomains.append("\n*** MembershipService ***\n"); //$NON-NLS-1$
+ Iterator domainItr = this.domains.iterator();
+ while ( domainItr.hasNext() ) {
+ membershipDomains.append((domainItr.next()).toString());
+ }
+ return membershipDomains.toString();
+ }
+
+ /**
+ * @throws MembershipServiceException
+ * @see com.metamatrix.platform.security.api.service.MembershipServiceInterface#getGroupNames()
+ */
+ public Set getGroupNames() throws MembershipServiceException {
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {"getGroupNames"}); //$NON-NLS-1$
+
+ Set result = new HashSet();
+ Iterator iter = this.domains.iterator();
+ while ( iter.hasNext() ) {
+ MembershipDomainHolder domain = (MembershipDomainHolder) iter.next();
+ try {
+ result.addAll( getDomainSpecificGroups(domain.getMembershipDomain().getGroupNames(), domain.getDomainName()) );
+ } catch (Throwable e) {
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.source_exception", domain.getDomainName()); //$NON-NLS-1$
+ LogManager.logError(LogSecurityConstants.CTX_MEMBERSHIP, e, msg);
+ throw new MembershipServiceException(msg);
+ }
+ }
+ return result;
+ }
+
+ /**
+ * @return Returns the domains.
+ */
+ protected List getDomains() {
+ return this.domains;
+ }
+
+ public List getDomainNames() {
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {"getDomainNames"}); //$NON-NLS-1$
+
+ List names = new ArrayList();
+ Iterator iter = this.domains.iterator();
+ while(iter.hasNext()) {
+ MembershipDomainHolder domainHolder = (MembershipDomainHolder)iter.next();
+ String domainName = domainHolder.getDomainName();
+ if(domainName!=null) {
+ names.add( domainName );
+ }
+ }
+ return names;
+ }
+
+ public Set<String> getGroupsForDomain(String domainName) throws MembershipServiceException {
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {"getGroupsForDomain", domainName}); //$NON-NLS-1$
+
+ MembershipDomainHolder dHolder = null;
+ Iterator iter = this.domains.iterator();
+ while(iter.hasNext()) {
+ MembershipDomainHolder domainHolder = (MembershipDomainHolder)iter.next();
+ String holderName = domainHolder.getDomainName();
+ if(holderName!=null && holderName.equalsIgnoreCase(domainName)) {
+ dHolder = domainHolder;
+ }
+ }
+ if(dHolder==null) {
+ return Collections.emptySet();
+ }
+ try {
+ return getDomainSpecificGroups(dHolder.getMembershipDomain().getGroupNames(), domainName);
+ } catch (Throwable e) {
+ String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.source_exception", dHolder.getDomainName()); //$NON-NLS-1$
+ LogManager.logError(LogSecurityConstants.CTX_MEMBERSHIP, e, msg);
+ throw new MembershipServiceException(msg);
+ }
+ }
+
+ public boolean isSuperUser(String username) {
+ return adminUsername.equalsIgnoreCase(username);
+ }
+
+ public boolean isWsdlUser(String username) {
+ return DEFAULT_WSDL_USERNAME.equalsIgnoreCase(username);
+ }
+
+ /**
+ * @see com.metamatrix.platform.security.api.service.MembershipServiceInterface#isSecurityEnabled()
+ */
+ public boolean isSecurityEnabled() throws MembershipServiceException{
+ return isSecurityEnabled;
+ }
+
+ @Override
+ public void start(ApplicationEnvironment environment)
+ throws ApplicationLifecycleException {
+
+ }
+
+ @Override
+ public void stop() throws ApplicationLifecycleException {
+ shutdownDomains();
+ }
+
+}
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/service/MembershipServiceImpl.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/MembershipDomain.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/MembershipDomain.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/MembershipDomain.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,100 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.membership.spi;
+
+import java.io.Serializable;
+import java.util.Properties;
+import java.util.Set;
+
+import com.metamatrix.api.exception.security.InvalidUserException;
+import com.metamatrix.api.exception.security.LogonException;
+import com.metamatrix.api.exception.security.UnsupportedCredentialException;
+import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.platform.security.api.service.SuccessfulAuthenticationToken;
+
+/**
+ * Defines a Membership Domain for the Membership Service.
+ */
+public interface MembershipDomain {
+
+ /**
+ * Initialize this domain with the given properties.
+ *
+ * @param env contains the properties for this domain as set by the console
+ * @throws ServiceStateException
+ */
+ void initialize(Properties env) throws MembershipSourceException;
+
+ /**
+ * Shut down this domain to further work.
+ *
+ * @throws ServiceStateException
+ */
+ void shutdown() throws MembershipSourceException;
+
+ /**
+ * Authenticate a user with the specified username and credential for use with the specified application. The application name
+ * may also be used by the Membership Domain to determine the appropriate authentication mechanism.
+ *
+ * @param username
+ * The base username (without the domain suffix) of the individual attempting authentication. May be <code>null</code> if the
+ * membership domain implementation uses a mechanism other than username/credential authentication.
+ * @param credential
+ * The credentials belonging to the individual seeking authentication. May be <code>null</code> for anonymous authentications.
+ * @param trustedPayload
+ * The trusted payload set by the client. May be <code>null</code> if not set by the client.
+ * @param applicationName
+ * The name of the application to which the individual is attempting to authenticate. It's provided as a connection
+ * property when the individual connects (via URL or connection properties). This <code>applicationName</code>
+ * may be used by the authenticating membership domain as a basis for authentication and authorization.
+ * @return the SuccessfulAuthenticationToken containing the username and trustedPayload. The username in the
+ * SuccessfulAuthenticationToken will be used to identify this user in later calls. If the user is to be authenticated into a
+ * different domain, that domain name should be set on the SuccessfulAuthenticationToken.
+ * The return value should not be null.
+ * @throws InvalidUserException if the user does not exist in this domain
+ * @throws UnsupportedCredentialException if the credential or trustedPayload cannot be used to authenticate the user
+ * @throws LogonException if the user was unsuccessfully authenticated
+ * @throws MembershipSourceException if there was an internal error
+ */
+ SuccessfulAuthenticationToken authenticateUser(String username,
+ Credentials credential,
+ Serializable trustedPayload,
+ String applicationName) throws UnsupportedCredentialException, InvalidUserException, LogonException, MembershipSourceException;
+
+ /**
+ * Returns a String set all group names known to this domain. The returned values should not be fully qualified with a domain suffix.
+ * @return a set of String group names
+ * @throws MembershipSourceException if there was an internal error
+ */
+ Set getGroupNames() throws MembershipSourceException;
+
+ /**
+ * Returns a String set of all group names the given user is a member of. The returned values should not be fully qualified with a domain suffix.
+ * @param username
+ * @return a set of String group names
+ * @throws InvalidUserException if the user does not exist in this domain
+ * @throws MembershipSourceException if there was an internal error
+ */
+ Set getGroupNamesForUser(String username) throws InvalidUserException, MembershipSourceException;
+
+}
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/MembershipDomain.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/MembershipSourceException.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/MembershipSourceException.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/MembershipSourceException.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,82 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.membership.spi;
+
+import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException;
+
+public class MembershipSourceException extends MetaMatrixSecurityException {
+
+ /**
+ * No-arg CTOR
+ */
+ public MembershipSourceException( ) {
+ super( );
+ }
+ /**
+ * Constructs an instance of the exception with the specified detail message. A detail
+ * message is a String that describes this particular exception.
+ * @param the detail message
+ */
+ public MembershipSourceException(String message) {
+ super(message);
+ }
+ /**
+ * Constructs an instance of the exception with no detail message but with a
+ * single exception.
+ * @param e the exception that is encapsulated by this exception
+ */
+ public MembershipSourceException(Throwable e) {
+ super(e);
+ }
+ /**
+ * Constructs an instance of the exception with the specified detail message
+ * and a single exception. A detail message is a String that describes this
+ * particular exception.
+ * @param message the detail message
+ * @param e the exception that is encapsulated by this exception
+ */
+ public MembershipSourceException( Throwable e, String message ) {
+ super(e, message);
+ }
+ /**
+ * Construct an instance with an error code and message specified.
+ *
+ * @param message The error message
+ * @param code The error code
+ */
+ public MembershipSourceException( String code, String message ) {
+ super( code, message );
+ }
+ /**
+ * Construct an instance with a linked exception, and an error code and
+ * message, specified.
+ *
+ * @param e An exception to chain to this exception
+ * @param message The error message
+ * @param code The error code
+ */
+ public MembershipSourceException( Throwable e, String code, String message ) {
+ super( e, code, message );
+ }
+}
+
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/MembershipSourceException.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/file/FileMembershipDomain.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/file/FileMembershipDomain.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/file/FileMembershipDomain.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,197 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.membership.spi.file;
+
+import java.io.IOException;
+import java.io.Serializable;
+import java.net.MalformedURLException;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
+import com.metamatrix.api.exception.security.InvalidUserException;
+import com.metamatrix.api.exception.security.LogonException;
+import com.metamatrix.api.exception.security.UnsupportedCredentialException;
+import com.metamatrix.common.util.PropertiesUtils;
+import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.platform.security.api.service.SuccessfulAuthenticationToken;
+import com.metamatrix.platform.security.membership.spi.MembershipDomain;
+import com.metamatrix.platform.security.membership.spi.MembershipSourceException;
+
+/**
+ * A membership domain that loads user and group definitions from the file system.
+ */
+public class FileMembershipDomain implements MembershipDomain {
+
+ public static final String USERS_FILE = "usersFile"; //$NON-NLS-1$
+ public static final String GROUPS_FILE = "groupsFile"; //$NON-NLS-1$
+ public static final String CHECK_PASSWORD = "checkPassword"; //$NON-NLS-1$
+
+ private boolean checkPasswords;
+
+ private Properties users;
+ private HashMap groups = new HashMap();
+ private HashMap userGroups = new HashMap();
+
+ /**
+ * @throws MembershipSourceException
+ * @see com.metamatrix.platform.security.membership.spi.MembershipDomain#initialize(java.util.Properties)
+ */
+ public void initialize(Properties env) throws MembershipSourceException {
+ checkPasswords = Boolean.valueOf(env.getProperty(CHECK_PASSWORD, Boolean.TRUE.toString())).booleanValue();
+
+ String userFile = env.getProperty(USERS_FILE);
+ String groupFile = env.getProperty(GROUPS_FILE);
+
+ if (userFile == null) {
+ throw new MembershipSourceException("Required property " +USERS_FILE+ " was missing."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ users = loadFile(userFile);
+
+ if (groupFile == null) {
+ throw new MembershipSourceException("Required property " +GROUPS_FILE+ " was missing."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ groups.clear();
+ groups.putAll(loadFile(groupFile));
+ userGroups.clear();
+ for (Iterator i = groups.entrySet().iterator(); i.hasNext();) {
+ Map.Entry entry = (Map.Entry)i.next();
+ String group = (String)entry.getKey();
+ String userNames = (String)entry.getValue();
+ String[] groupUsers = userNames.split(","); //$NON-NLS-1$
+
+ for (int j = 0; j < groupUsers.length; j++) {
+ String user = groupUsers[j].trim();
+ Set uGroups = (Set)userGroups.get(user);
+ if (uGroups == null) {
+ uGroups = new HashSet();
+ userGroups.put(user, uGroups);
+ }
+ uGroups.add(group);
+ }
+ }
+ }
+
+ private Properties loadFile(String file) throws MembershipSourceException {
+ try {
+ return PropertiesUtils.loadFromURL(file);
+ } catch (MalformedURLException e) {
+ throw new MembershipSourceException(e, "Could not load file"); //$NON-NLS-1$
+ } catch (IOException e) {
+ throw new MembershipSourceException(e, "Could not load file"); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * @see com.metamatrix.platform.security.membership.spi.MembershipDomain#shutdown()
+ */
+ public void shutdown() {
+ }
+
+ /**
+ * @see com.metamatrix.platform.security.membership.spi.MembershipDomain#authenticateUser(java.lang.String, com.metamatrix.platform.security.api.Credentials, java.io.Serializable, java.lang.String)
+ */
+ public SuccessfulAuthenticationToken authenticateUser(String username,
+ Credentials credential,
+ Serializable trustedPayload,
+ String applicationName) throws UnsupportedCredentialException,
+ InvalidUserException,
+ LogonException,
+ MembershipSourceException {
+ if (username == null || credential == null) {
+ throw new UnsupportedCredentialException("a username and password must be supplied for this domain"); //$NON-NLS-1$
+ }
+
+ String password = (String)users.get(username);
+
+ if (password == null) {
+ throw new InvalidUserException("user " + username + " is invalid"); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ if (!checkPasswords || password.equals(String.valueOf(credential.getCredentialsAsCharArray()))) {
+ return new SuccessfulAuthenticationToken(trustedPayload, username);
+ }
+
+ throw new LogonException("user " + username + " could not be authenticated"); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ /**
+ * @see com.metamatrix.platform.security.membership.spi.MembershipDomain#getGroupNames()
+ */
+ public Set getGroupNames() throws MembershipSourceException {
+ Set resultNames = new HashSet(groups.keySet());
+ return resultNames;
+ }
+
+ /**
+ * @see com.metamatrix.platform.security.membership.spi.MembershipDomain#getGroupNamesForUser(java.lang.String)
+ */
+ public Set getGroupNamesForUser(String username) throws InvalidUserException,
+ MembershipSourceException {
+ // See if this user is in the domain
+ if (!users.containsKey(username)) {
+ throw new InvalidUserException("user " + username + " is invalid"); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ Set usersGroups = (Set)userGroups.get(username);
+ if (usersGroups == null) {
+ return Collections.EMPTY_SET;
+ }
+ return usersGroups;
+ }
+
+ /**
+ * @return Returns the checkPasswords.
+ */
+ protected boolean checkPasswords() {
+ return this.checkPasswords;
+ }
+
+ /**
+ * @return Returns the groups.
+ */
+ protected HashMap getGroups() {
+ return this.groups;
+ }
+
+ /**
+ * @return Returns the userGroups.
+ */
+ protected HashMap getUserGroups() {
+ return this.userGroups;
+ }
+
+ /**
+ * @return Returns the users.
+ */
+ protected Properties getUsers() {
+ return this.users;
+ }
+
+}
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/file/FileMembershipDomain.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/ldap/LDAPMembershipDomain.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/ldap/LDAPMembershipDomain.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/ldap/LDAPMembershipDomain.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,583 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.membership.spi.ldap;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Hashtable;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.naming.AuthenticationException;
+import javax.naming.Context;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.NamingSecurityException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+
+import com.metamatrix.api.exception.security.InvalidUserException;
+import com.metamatrix.api.exception.security.LogonException;
+import com.metamatrix.api.exception.security.UnsupportedCredentialException;
+import com.metamatrix.common.log.LogManager;
+import com.metamatrix.platform.PlatformPlugin;
+import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.platform.security.api.service.MembershipServiceInterface;
+import com.metamatrix.platform.security.api.service.SuccessfulAuthenticationToken;
+import com.metamatrix.platform.security.membership.spi.MembershipDomain;
+import com.metamatrix.platform.security.membership.spi.MembershipSourceException;
+import com.metamatrix.platform.security.util.LogSecurityConstants;
+
+public class LDAPMembershipDomain implements
+ MembershipDomain {
+
+ public static final String ONELEVEL_SCOPE_VALUE = "ONELEVEL_SCOPE"; //$NON-NLS-1$
+ public static final String OBJECT_SCOPE_VALUE = "OBJECT_SCOPE"; //$NON-NLS-1$
+ public static final String SUBTREE_SCOPE_VALUE = "SUBTREE_SCOPE"; //$NON-NLS-1$
+ // properties
+ public static final String GROUPS_GROUP_MEMBER_ATTRIBUTE = "groups.groupMember.attribute"; //$NON-NLS-1$
+ public static final String GROUPS_ROOT_CONTEXT = "groups.rootContext"; //$NON-NLS-1$
+ public static final String GROUPS_SEARCH_SCOPE = "groups.searchScope"; //$NON-NLS-1$
+ public static final String GROUPS_SEARCH_FILTER = "groups.searchFilter"; //$NON-NLS-1$
+ public static final String GROUPS_DISPLAY_NAME_ATTRIBUTE = "groups.displayName.attribute"; //$NON-NLS-1$
+ public static final String USERS_MEMBER_OF_ATTRIBUTE = "users.memberOf.attribute"; //$NON-NLS-1$
+ public static final String USERS_ROOT_CONTEXT = "users.rootContext"; //$NON-NLS-1$
+ public static final String USERS_SEARCH_SCOPE = "users.searchScope"; //$NON-NLS-1$
+ public static final String USERS_DISPLAY_NAME_ATTRIBUTE = "users.displayName.attribute"; //$NON-NLS-1$
+ public static final String USERS_SEARCH_FILTER = "users.searchFilter"; //$NON-NLS-1$
+ public static final String LDAP_URL = "ldapURL"; //$NON-NLS-1$
+ public static final String LDAP_ADMIN_PASSWORD = "ldapAdmin.password"; //$NON-NLS-1$
+ public static final String LDAP_ADMIN_DN = "ldapAdmin.dn"; //$NON-NLS-1$
+ public static final String TXN_TIMEOUT_IN_MILLIS = "txnTimeoutInMillis"; //$NON-NLS-1$
+
+ // default property values
+ public static final String LDAP_INITIAL_CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory"; //$NON-NLS-1$
+ public static final String LDAP_AUTH_TYPE = "simple"; //$NON-NLS-1$
+ public static final String LDAP_USER_OBJECT_TYPE = "person"; //$NON-NLS-1$
+ public static final String LDAP_REFERRAL_MODE = "follow"; //$NON-NLS-1$
+ public static final String DEFAULT_SEARCH_FILTER = "(objectclass=*)"; //$NON-NLS-1$
+ public static final String POOL_KEY = "com.sun.jndi.ldap.connect.pool"; //$NON-NLS-1$
+ public static final String TIMEOUT_KEY = "com.sun.jndi.ldap.connect.timeout"; //$NON-NLS-1$
+ public static final String DEFAULT_USERS_DISPLAY_NAME_ATTRIBUTE = "uid"; //$NON-NLS-1$
+ public static final String DEFAULT_GROUPS_DISPLAY_NAME_ATTRIBUTE = "cn"; //$NON-NLS-1$
+
+ static class UserEntry {
+
+ private String dn;
+ private Set groups;
+
+ public UserEntry(String dn,
+ Set groups) {
+ this.dn = dn;
+ this.groups = groups;
+ }
+
+ public String getDn() {
+ return this.dn;
+ }
+
+ public Set getGroups() {
+ return this.groups;
+ }
+
+ }
+
+ static class LdapContext {
+ String context;
+ String searchFilter = DEFAULT_SEARCH_FILTER;
+ String displayAttribute;
+ String memberOfAttribute;
+ int searchScope = SearchControls.SUBTREE_SCOPE;
+ }
+
+ private String domainName;
+ private String ldapURL;
+ private String ldapAdminUserDN;
+ private String ldapAdminUserPass;
+ private String ldapTxnTimeoutInMillis;
+
+ private List usersRootContexts;
+ private List groupsRootContexts;
+
+ private Hashtable adminContext = new Hashtable();
+
+ public void initialize(Properties props) throws MembershipSourceException {
+ this.domainName = props.getProperty(MembershipServiceInterface.DOMAIN_NAME);
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, "Initializing LDAP Domain: " + domainName); //$NON-NLS-1$
+
+ ldapTxnTimeoutInMillis = props.getProperty(TXN_TIMEOUT_IN_MILLIS);
+
+ ldapAdminUserDN = getPropertyValue(props, LDAP_ADMIN_DN, null);
+
+ ldapAdminUserPass = getPropertyValue(props, LDAP_ADMIN_PASSWORD, null);
+
+ ldapURL = getPropertyValue(props, LDAP_URL, null);
+ if (ldapURL == null) {
+ throw new MembershipSourceException(PlatformPlugin.Util.getString("LDAPMembershipDomain.Required_property", LDAP_URL)); //$NON-NLS-1$
+ }
+
+ usersRootContexts = buildContexts(USERS_ROOT_CONTEXT,
+ USERS_SEARCH_FILTER,
+ USERS_DISPLAY_NAME_ATTRIBUTE,
+ USERS_SEARCH_SCOPE,
+ USERS_MEMBER_OF_ATTRIBUTE,
+ DEFAULT_USERS_DISPLAY_NAME_ATTRIBUTE,
+ props);
+
+ groupsRootContexts = buildContexts(GROUPS_ROOT_CONTEXT,
+ GROUPS_SEARCH_FILTER,
+ GROUPS_DISPLAY_NAME_ATTRIBUTE,
+ GROUPS_SEARCH_SCOPE,
+ GROUPS_GROUP_MEMBER_ATTRIBUTE,
+ DEFAULT_GROUPS_DISPLAY_NAME_ATTRIBUTE,
+ props);
+
+ if (props.getProperty(USERS_MEMBER_OF_ATTRIBUTE, "").trim().length() == 0 //$NON-NLS-1$
+ && props.getProperty(GROUPS_GROUP_MEMBER_ATTRIBUTE, "").trim().length() == 0) { //$NON-NLS-1$
+ LogManager.logWarning(LogSecurityConstants.CTX_MEMBERSHIP, PlatformPlugin.Util.getString("LDAPMembershipDomain.Require_memberof_property", domainName ) ); //$NON-NLS-1$
+ }
+
+ // Create the root context.
+ adminContext.put(Context.INITIAL_CONTEXT_FACTORY, LDAP_INITIAL_CONTEXT_FACTORY);
+ adminContext.put(Context.PROVIDER_URL, this.ldapURL);
+ adminContext.put(Context.REFERRAL, LDAP_REFERRAL_MODE);
+ adminContext.put(POOL_KEY, Boolean.TRUE.toString());
+
+ // If password is blank, we will perform an anonymous bind.
+ if (ldapAdminUserDN != null && ldapAdminUserPass != null) {
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, domainName + ": Username was set to:" + ldapAdminUserDN); //$NON-NLS-1$
+ adminContext.put(Context.SECURITY_AUTHENTICATION, LDAP_AUTH_TYPE);
+ adminContext.put(Context.SECURITY_PRINCIPAL, this.ldapAdminUserDN);
+ adminContext.put(Context.SECURITY_CREDENTIALS, this.ldapAdminUserPass);
+ } else {
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, domainName
+ + ": admin dn was blank; performing anonymous bind."); //$NON-NLS-1$
+ adminContext.put(Context.SECURITY_AUTHENTICATION, "none"); //$NON-NLS-1$
+ }
+
+ if (ldapTxnTimeoutInMillis != null) {
+ adminContext.put(TIMEOUT_KEY, ldapTxnTimeoutInMillis);
+ }
+ }
+
+ private List buildContexts(String rootContextsProp,
+ String searchFilterProp,
+ String displayAttributeProp,
+ String searchScopeProp,
+ String memberOfAttributeProp, String defaultDisplayName, Properties props) throws MembershipSourceException {
+
+ String rootContextsStr = props.getProperty(rootContextsProp, null);
+ if (rootContextsStr == null) {
+ throw new MembershipSourceException(PlatformPlugin.Util.getString("LDAPMembershipDomain.Required_property", rootContextsProp)); //$NON-NLS-1$
+ }
+
+ String searchFilterStr = props.getProperty(searchFilterProp);
+ String searchScopeStr = props.getProperty(searchScopeProp);
+ String memberOfAttributeStr = props.getProperty(memberOfAttributeProp);
+ String displayAttributeStr = props.getProperty(displayAttributeProp);
+
+ String[] rootContexts = rootContextsStr.split("\\?"); //$NON-NLS-1$
+ String[] displayAttributes = (displayAttributeStr != null) ? displayAttributeStr.split("\\?") : null; //$NON-NLS-1$
+ String[] searchFilters = (searchFilterStr != null) ? searchFilterStr.split("\\?") : null; //$NON-NLS-1$
+ String[] searchScopes = (searchScopeStr != null) ? searchScopeStr.split("\\?") : null; //$NON-NLS-1$
+ String[] memberOfAttributes = (memberOfAttributeStr != null) ? memberOfAttributeStr.split("\\?") : null; //$NON-NLS-1$
+
+ List results = new ArrayList();
+
+ for (int i = 0; i < rootContexts.length; i++) {
+ LdapContext context = new LdapContext();
+ results.add(context);
+ context.context = rootContexts[i];
+
+ context.displayAttribute = getContextValue(displayAttributes, i, defaultDisplayName);
+ context.memberOfAttribute = getContextValue(memberOfAttributes, i, null);
+
+ context.searchFilter = getContextValue(searchFilters, i, context.searchFilter);
+ context.searchScope = getSearchScope(getContextValue(searchScopes, i, null));
+ }
+
+ return results;
+ }
+
+ private static String getContextValue(String[] values, int i, String defaultValue) {
+ String value = null;
+
+ if (values != null) {
+ if (values.length > i) {
+ value = values[i];
+ } else if (values.length == 1){
+ value = values[0];
+ }
+ }
+
+ if (value == null || value.trim().length() == 0) {
+ value = defaultValue;
+ }
+
+ return value;
+ }
+
+ private static String getPropertyValue(Properties props,
+ String key,
+ String defaultValue) {
+ String result = props.getProperty(key);
+ if (result == null || result.trim().length() == 0) {
+ return defaultValue;
+ }
+ return result.trim();
+ }
+
+ private int getSearchScope(String scope) {
+ if (scope == null) {
+ return SearchControls.SUBTREE_SCOPE;
+ }
+ if (scope.equals(OBJECT_SCOPE_VALUE)) {
+ return SearchControls.OBJECT_SCOPE;
+ }
+ if (scope.equals(ONELEVEL_SCOPE_VALUE)) {
+ return SearchControls.ONELEVEL_SCOPE;
+ }
+ return SearchControls.SUBTREE_SCOPE;
+ }
+
+ public void shutdown() {
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, domainName + ": shutdown()"); //$NON-NLS-1$
+ }
+
+ public SuccessfulAuthenticationToken authenticateUser(String username,
+ Credentials credential,
+ Serializable trustedPayload,
+ String applicationName) throws UnsupportedCredentialException,
+ InvalidUserException,
+ LogonException,
+ MembershipSourceException {
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {
+ domainName, "authenticateUser username", username, "applicationName", applicationName}); //$NON-NLS-1$ //$NON-NLS-2$
+
+ if (username == null) {
+ throw new UnsupportedCredentialException(PlatformPlugin.Util.getString("LDAPMembershipDomain.No_annonymous", domainName)); //$NON-NLS-1$
+ }
+
+ UserEntry ue = getUserEntry(username, false);
+
+ if (credential == null) {
+ throw new UnsupportedCredentialException(PlatformPlugin.Util.getString("LDAPMembershipDomain.No_annonymous", domainName)); //$NON-NLS-1$
+ }
+
+ Hashtable connenv = new Hashtable();
+ connenv.put(Context.INITIAL_CONTEXT_FACTORY, LDAP_INITIAL_CONTEXT_FACTORY);
+ connenv.put(Context.PROVIDER_URL, this.ldapURL);
+ connenv.put(Context.SECURITY_AUTHENTICATION, LDAP_AUTH_TYPE);
+ connenv.put(Context.SECURITY_PRINCIPAL, ue.getDn());
+ connenv.put(Context.SECURITY_CREDENTIALS, String.valueOf(credential.getCredentialsAsCharArray()));
+
+ DirContext ctx = null;
+ try {
+ ctx = new InitialDirContext(connenv);
+ } catch (NamingSecurityException nse) {
+ throw new LogonException(nse, nse.getMessage());
+ } catch (NamingException ne) {
+ throw new MembershipSourceException(ne, ne.getMessage());
+ } finally {
+ if (ctx != null) {
+ try {
+ ctx.close();
+ } catch (NamingException ne) {
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, ne, domainName + ": error closing context"); //$NON-NLS-1$
+ }
+ }
+ }
+
+ if(credential.getCredentialsAsCharArray().length == 0){
+ username = "";//$NON-NLS-1$
+ }
+
+ return new SuccessfulAuthenticationToken(trustedPayload, username);
+ }
+
+ public Set getGroupNames() throws MembershipSourceException {
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {
+ domainName, " getGroupNames() called"}); //$NON-NLS-1$
+
+ DirContext ctx = null;
+
+ try {
+ ctx = getAdminContext();
+ return new HashSet(getGroupNames(ctx, null, false).values());
+ } finally {
+ if (ctx != null) {
+ try {
+ ctx.close();
+ } catch (NamingException ne) {
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, ne, domainName + ": error closing context"); //$NON-NLS-1$
+ }
+ }
+ }
+ }
+
+ private DirContext getAdminContext() throws MembershipSourceException {
+ try {
+ return new InitialDirContext((Hashtable)adminContext.clone());
+ } catch (AuthenticationException err) {
+ throw new MembershipSourceException(err, PlatformPlugin.Util.getString("LDAPMembershipDomain.Admin_credentials", domainName)); //$NON-NLS-1$
+ } catch (NamingException err) {
+ throw new MembershipSourceException(err);
+ }
+ }
+
+ public Set getGroupNamesForUser(String username) throws InvalidUserException,
+ MembershipSourceException {
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "getGroupNamesForUser", username}); //$NON-NLS-1$
+
+ if(username.length() == 0){
+ return Collections.EMPTY_SET;
+ }
+
+ UserEntry ue = getUserEntry(username, true);
+
+ return ue.getGroups();
+ }
+
+ public static final String escapeLDAPSearchFilter(String filter) {
+ StringBuffer sb = new StringBuffer();
+ for (int i = 0; i < filter.length(); i++) {
+ char curChar = filter.charAt(i);
+ switch (curChar) {
+ case '\\':
+ sb.append("\\5c"); //$NON-NLS-1$
+ break;
+ case '*':
+ sb.append("\\2a"); //$NON-NLS-1$
+ break;
+ case '(':
+ sb.append("\\28"); //$NON-NLS-1$
+ break;
+ case ')':
+ sb.append("\\29"); //$NON-NLS-1$
+ break;
+ case '\u0000':
+ sb.append("\\00"); //$NON-NLS-1$
+ break;
+ default:
+ sb.append(curChar);
+ }
+ }
+ return sb.toString();
+ }
+
+ private UserEntry getUserEntry(String username,
+ boolean getGroups) throws MembershipSourceException,
+ InvalidUserException {
+
+ username = escapeLDAPSearchFilter(username);
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "getUserEntry", username, "getGroups", String.valueOf(getGroups)}); //$NON-NLS-1$ //$NON-NLS-2$
+
+ DirContext ctx = null;
+
+ try {
+
+ ctx = getAdminContext();
+
+ for (int i = 0; i < usersRootContexts.size(); i++) {
+
+ LdapContext context = (LdapContext)usersRootContexts.get(i);
+
+ String contextName = context.context;
+
+ SearchControls sControls = new SearchControls();
+ sControls.setSearchScope(context.searchScope);
+ if (context.memberOfAttribute != null) {
+ sControls.setReturningAttributes(new String[] {context.memberOfAttribute});
+ }
+ String singleUserSearchFilter = "(" + context.displayAttribute + "=" + username + ")"; //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+
+ if (context.searchFilter.length() > 0) {
+ singleUserSearchFilter = "(&" + singleUserSearchFilter + context.searchFilter + ")"; //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "searching context", contextName, "with filter", singleUserSearchFilter, "and search scope", String.valueOf(context.searchScope)}); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+
+ // We expect to receive only one user from this search, since the username attribute must be unique.
+ NamingEnumeration usersEnumeration = ctx.search(contextName, singleUserSearchFilter, sControls);
+ if (!usersEnumeration.hasMore()) {
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "no user match found in context", contextName}); //$NON-NLS-1$
+ continue;
+ }
+ SearchResult foundUser = (SearchResult)usersEnumeration.next();
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "found user", username, "in context", contextName}); //$NON-NLS-1$ //$NON-NLS-2$
+
+ if (usersEnumeration.hasMore()) {
+ LogManager
+ .logWarning(LogSecurityConstants.CTX_MEMBERSHIP,
+ domainName
+ + ": Only expected one user when performing lookup. Check to ensure the display name is unique."); //$NON-NLS-1$
+ }
+
+ String RDN = foundUser.getName();
+ String dn = RDN + ',' + contextName;
+ HashSet groupList = new HashSet();
+
+ if (getGroups) {
+ Map groupNames = getGroupNames(ctx, dn, context.memberOfAttribute == null);
+
+ if (context.memberOfAttribute != null) {
+ Attribute memberOfAttr = foundUser.getAttributes().get(context.memberOfAttribute);
+
+ if (memberOfAttr != null) {
+ int groupCount = memberOfAttr.size();
+ for (int j = 0; j < groupCount; j++) {
+ String groupDN = (String)memberOfAttr.get(i);
+ if (groupDN == null) {
+ continue;
+ }
+ String groupRdn = (String)groupNames.get(groupDN);
+ if (groupRdn == null) {
+ continue;
+ }
+ groupList.add(groupDN);
+ LogManager
+ .logTrace(LogSecurityConstants.CTX_MEMBERSHIP, domainName
+ + "-----Adding user's group: " + groupDN); //$NON-NLS-1$
+ }
+ }
+ } else {
+ groupList.addAll(groupNames.values());
+ }
+ }
+ UserEntry ue = new UserEntry(dn, groupList);
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "UserEntry retrieved for username", username, ue.getDn()}); //$NON-NLS-1$
+
+ return ue;
+ }
+ } catch (NamingException ne) {
+ throw new MembershipSourceException(ne);
+ } finally {
+ if (ctx != null) {
+ try {
+ ctx.close();
+ } catch (NamingException ne) {
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, ne, domainName + ": error closing context"); //$NON-NLS-1$
+ }
+ }
+ }
+
+ LogManager.logInfo(LogSecurityConstants.CTX_MEMBERSHIP,
+ domainName + ": No user DN found for user: " + username + ", could not authenticate."); //$NON-NLS-1$ //$NON-NLS-2$
+ throw new InvalidUserException(username);
+ }
+
+ private Map getGroupNames(DirContext ctx,
+ String userDn, boolean mustMatchDn) throws MembershipSourceException {
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "getGroupNames", userDn, "mustMatchDn", String.valueOf(mustMatchDn)}); //$NON-NLS-1$ //$NON-NLS-2$
+
+ Map groupNames = new HashMap();
+
+ try {
+
+ for (int i = 0; i < groupsRootContexts.size(); i++) {
+
+ LdapContext context = (LdapContext)groupsRootContexts.get(i);
+
+ String contextName = context.context;
+
+ // Set the search controls to search subdirectories, or just the current level.
+ SearchControls groupSC = new SearchControls();
+ groupSC.setSearchScope(context.searchScope);
+ groupSC.setReturningAttributes(new String[] {context.displayAttribute});
+
+ String searchFilter = context.searchFilter;
+
+ if (userDn != null && context.memberOfAttribute != null) {
+ searchFilter = "(&(" + context.memberOfAttribute + "=" + userDn + ")" + searchFilter + ")"; //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$
+ } else if (mustMatchDn) {
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "skipping group context"}); //$NON-NLS-1$
+ continue;
+ }
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "searching group context", contextName, "with filter", searchFilter, "and search scope", String.valueOf(context.searchScope)}); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+
+ NamingEnumeration groupsEnum = ctx.search(contextName, searchFilter, groupSC);
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "Parsing through groups search results."}); //$NON-NLS-1$
+
+ while (groupsEnum.hasMore()) {
+ SearchResult curGroup = (SearchResult)groupsEnum.next();
+ String groupRDN = curGroup.getName();
+
+ String groupDN = groupRDN + ',' + contextName;
+ // GHH - if the context here is a single group, we end up with the groupRDN being an empty string, in which
+ // case there is now an extra comma at the start of groupDN
+ if (groupDN.charAt(0) == ',') {
+ groupDN = groupDN.substring(1);
+ }
+ Attributes attrs = curGroup.getAttributes();
+ if (attrs == null) {
+ continue;
+ }
+ // Get the display name.
+ Attribute groupDisplayNameAttr = attrs.get(context.displayAttribute);
+ if (groupDisplayNameAttr == null) {
+ continue;
+ }
+ String groupDisplayName = (String)groupDisplayNameAttr.get();
+ if (groupDisplayName == null) {
+ continue;
+ }
+
+ groupNames.put(groupDN, groupDisplayName);
+
+ LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {domainName, "Found groupDN", groupDN, "with display name", groupDisplayName}); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ }
+ } catch (NamingException err) {
+ throw new MembershipSourceException(err);
+ }
+
+ return groupNames;
+ }
+
+ List getUsersRootContexts() {
+ return usersRootContexts;
+ }
+
+ List getGroupsRootContexts() {
+ return groupsRootContexts;
+ }
+
+}
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/security/membership/spi/ldap/LDAPMembershipDomain.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/java/com/metamatrix/platform/security/session/service/SessionServiceImpl.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/security/session/service/SessionServiceImpl.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/security/session/service/SessionServiceImpl.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,353 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.session.service;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Timer;
+import java.util.TimerTask;
+import java.util.concurrent.atomic.AtomicLong;
+
+import org.teiid.dqp.internal.process.DQPCore;
+
+import com.metamatrix.admin.api.exception.security.InvalidSessionException;
+import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException;
+import com.metamatrix.api.exception.MetaMatrixComponentException;
+import com.metamatrix.api.exception.security.AuthorizationException;
+import com.metamatrix.api.exception.security.MetaMatrixAuthenticationException;
+import com.metamatrix.api.exception.security.SessionServiceException;
+import com.metamatrix.common.api.MMURL;
+import com.metamatrix.common.application.ApplicationEnvironment;
+import com.metamatrix.common.application.exception.ApplicationInitializationException;
+import com.metamatrix.common.application.exception.ApplicationLifecycleException;
+import com.metamatrix.common.comm.api.ServerConnection;
+import com.metamatrix.common.log.LogManager;
+import com.metamatrix.core.util.ArgCheck;
+import com.metamatrix.dqp.service.VDBService;
+import com.metamatrix.metadata.runtime.exception.VirtualDatabaseDoesNotExistException;
+import com.metamatrix.metadata.runtime.exception.VirtualDatabaseException;
+import com.metamatrix.platform.PlatformPlugin;
+import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipal;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
+import com.metamatrix.platform.security.api.MetaMatrixSessionID;
+import com.metamatrix.platform.security.api.MetaMatrixSessionInfo;
+import com.metamatrix.platform.security.api.service.AuthenticationToken;
+import com.metamatrix.platform.security.api.service.MembershipServiceInterface;
+import com.metamatrix.platform.security.api.service.SessionServiceInterface;
+import com.metamatrix.platform.security.util.LogSecurityConstants;
+import com.metamatrix.platform.util.ErrorMessageKeys;
+import com.metamatrix.platform.util.LogMessageKeys;
+import com.metamatrix.platform.util.ProductInfoConstants;
+
+/**
+ * This class serves as the primary implementation of the Session Service.
+ */
+public class SessionServiceImpl implements SessionServiceInterface {
+
+ /*
+ * Configuration state
+ */
+ private long sessionMaxLimit;
+ private long sessionTimeLimit;
+
+ /*
+ * Injected state
+ */
+ private MembershipServiceInterface membershipService;
+ private DQPCore dqpCore;
+ private VDBService vdbService;
+
+ private Map<MetaMatrixSessionID, MetaMatrixSessionInfo> sessionCache = new HashMap<MetaMatrixSessionID, MetaMatrixSessionInfo>();
+ private Timer sessionMonitor;
+ private AtomicLong idSequence = new AtomicLong();
+
+ // -----------------------------------------------------------------------------------
+ // S E R V I C E - R E L A T E D M E T H O D S
+ // -----------------------------------------------------------------------------------
+
+ private void monitorSessions() {
+ long currentTime = System.currentTimeMillis();
+ for (MetaMatrixSessionInfo info : sessionCache.values()) {
+ try {
+ if (currentTime - info.getLastPingTime() > ServerConnection.PING_INTERVAL * 5) {
+ LogManager.logInfo(LogSecurityConstants.CTX_SESSION, PlatformPlugin.Util.getString( "SessionServiceImpl.keepaliveFailed", info.getSessionID())); //$NON-NLS-1$
+ closeSession(info.getSessionID());
+ } else if (sessionTimeLimit > 0 && currentTime - info.getTimeCreated() > sessionTimeLimit) {
+ LogManager.logInfo(LogSecurityConstants.CTX_SESSION, PlatformPlugin.Util.getString( "SessionServiceImpl.expireSession", info.getSessionID())); //$NON-NLS-1$
+ closeSession(info.getSessionID());
+ }
+ } catch (Exception e) {
+ LogManager.logDetail(LogSecurityConstants.CTX_SESSION, e, "error running session monitor, unable to monitor: " + info.getSessionID()); //$NON-NLS-1$
+ }
+ }
+ }
+
+ @Override
+ public void closeSession(MetaMatrixSessionID sessionID)
+ throws InvalidSessionException, SessionServiceException{
+ LogManager.logDetail(LogSecurityConstants.CTX_SESSION, new Object[] {"closeSession", sessionID}); //$NON-NLS-1$
+ MetaMatrixSessionInfo info = this.sessionCache.remove(sessionID);
+ if (info == null) {
+ throw new InvalidSessionException(ErrorMessageKeys.SEC_SESSION_0027, PlatformPlugin.Util.getString(ErrorMessageKeys.SEC_SESSION_0027, sessionID));
+ }
+ if (info.getProductInfo(ProductInfoConstants.VIRTUAL_DB) != null) {
+ try {
+ dqpCore.terminateConnection(info.getSessionToken().getSessionIDValue());
+ } catch (Exception e) {
+ LogManager.logWarning(LogSecurityConstants.CTX_SESSION,e,"Exception terminitating session"); //$NON-NLS-1$
+ }
+ }
+ }
+
+ @Override
+ public MetaMatrixSessionInfo createSession(String userName,
+ Credentials credentials, Serializable trustedToken,
+ String applicationName, Properties properties)
+ throws MetaMatrixAuthenticationException, SessionServiceException {
+ ArgCheck.isNotNull(applicationName);
+ ArgCheck.isNotNull(properties);
+
+ Properties productInfo = new Properties();
+
+ //
+ // Authenticate user...
+ // if not authenticated, this method throws exception
+ //
+ AuthenticationToken authenticatedToken = this.authenticateUser(userName, credentials, trustedToken, applicationName);
+
+ String authenticatedUserName = authenticatedToken.getUserName();
+
+ //
+ // Validate VDB and version if logging on to server product...
+ //
+ String vdbName = properties.getProperty(ProductInfoConstants.VIRTUAL_DB);
+ if (vdbName != null) {
+ String vdbVersion = properties.getProperty(ProductInfoConstants.VDB_VERSION);
+ try {
+ vdbVersion = vdbService.getActiveVDBVersion(vdbName, vdbVersion);
+ } catch (VirtualDatabaseDoesNotExistException e) {
+ throw new SessionServiceException(e);
+ } catch (VirtualDatabaseException e) {
+ if (vdbVersion == null) {
+ throw new SessionServiceException(e,PlatformPlugin.Util.getString("SessionServiceImpl.Unexpected_error_finding_latest_version_of_Virtual_Database", new Object[] {vdbName})); //$NON-NLS-1$
+ }
+ throw new SessionServiceException(e,PlatformPlugin.Util.getString("SessionServiceImpl.Unexpected_error_finding_latest_version_of_Virtual_Database_{0}_of_version_{1}", new Object[] {vdbName, vdbVersion})); //$NON-NLS-1$
+ } catch (MetaMatrixComponentException e) {
+ throw new SessionServiceException(e);
+ }
+ // Reset product info with validated constants
+ productInfo.put(ProductInfoConstants.VIRTUAL_DB, vdbName);
+ productInfo.put(ProductInfoConstants.VDB_VERSION, vdbVersion);
+ }
+
+ if (sessionMaxLimit > 0 && getActiveSessionsCount() >= sessionMaxLimit) {
+ throw new SessionServiceException(LogMessageKeys.SEC_SESSION_0067,PlatformPlugin.Util.getString(LogMessageKeys.SEC_SESSION_0067, new Object[] {new Long(sessionMaxLimit)}));
+ }
+
+ long creationTime = System.currentTimeMillis();
+
+ // Get a new ID for this new session record
+ MetaMatrixSessionID id = new MetaMatrixSessionID(idSequence.getAndIncrement());
+
+ // Return a new session info object
+ MetaMatrixSessionInfo newSession = new MetaMatrixSessionInfo(id,
+ authenticatedUserName,
+ creationTime,
+ applicationName,
+ productInfo,
+ properties.getProperty(MMURL.CONNECTION.CLIENT_IP_ADDRESS),
+ properties.getProperty(MMURL.CONNECTION.CLIENT_HOSTNAME));
+ newSession.setTrustedToken(trustedToken);
+ this.sessionCache.put(newSession.getSessionID(), newSession);
+ return newSession;
+ }
+
+ private AuthenticationToken authenticateUser(String userName,
+ Credentials credentials, Serializable trustedToken,
+ String applicationName) throws SessionServiceException,
+ MetaMatrixAuthenticationException {
+ AuthenticationToken authenticatedToken = null;
+ // Authenticate the principal ...
+ try {
+ authenticatedToken = this.membershipService.authenticateUser(userName,
+ credentials, trustedToken, applicationName);
+ }catch (MetaMatrixSecurityException e) {
+ String msg = PlatformPlugin.Util
+ .getString(
+ "SessionServiceImpl.Membership_service_could_not_authenticate_user", new Object[] { userName }); //$NON-NLS-1$
+ SessionServiceException se = new SessionServiceException(e, msg);
+ throw se;
+ }
+
+ // Throw exception if not authenticated
+ // Log the failure as a warning as it is not a system level failure, but
+ // rather a processing
+ // level issue.
+ if (!authenticatedToken.isAuthenticated()) {
+ Object[] params = new Object[] { userName };
+ String msg = PlatformPlugin.Util.getString("SessionServiceImpl.The_username_0_and/or_password_are_incorrect", params); //$NON-NLS-1$
+ throw new MetaMatrixAuthenticationException(msg);
+ }
+
+ return authenticatedToken;
+ }
+
+ @Override
+ public Collection<MetaMatrixSessionInfo> getActiveSessions() throws SessionServiceException {
+ return new ArrayList<MetaMatrixSessionInfo>(this.sessionCache.values());
+ }
+
+ @Override
+ public int getActiveSessionsCount() throws SessionServiceException{
+ return this.sessionCache.size();
+ }
+
+ @Override
+ public MetaMatrixPrincipal getPrincipal(MetaMatrixSessionID sessionID)
+ throws InvalidSessionException, SessionServiceException {
+
+ MetaMatrixSessionInfo sessionInfo = this.getSessionInfo(sessionID);
+
+ try {
+ return membershipService.getPrincipal(new MetaMatrixPrincipalName(sessionInfo.getUserName(), MetaMatrixPrincipal.TYPE_USER));
+ } catch (MetaMatrixSecurityException e) {
+ throw new SessionServiceException(e, LogMessageKeys.SEC_SESSION_0043,PlatformPlugin.Util.getString(LogMessageKeys.SEC_SESSION_0043,sessionInfo.getUserName()));
+ }
+ }
+
+ @Override
+ public Collection<MetaMatrixSessionInfo> getSessionsLoggedInToVDB(String VDBName, String VDBVersion)
+ throws SessionServiceException {
+ if (VDBName == null || VDBVersion == null) {
+ return Collections.emptyList();
+ }
+ ArrayList<MetaMatrixSessionInfo> results = new ArrayList<MetaMatrixSessionInfo>();
+ for (MetaMatrixSessionInfo info : this.sessionCache.values()) {
+ if (VDBName.equals(info.getProductInfo(ProductInfoConstants.VIRTUAL_DB)) && VDBVersion.equals(info.getProductInfo(ProductInfoConstants.VIRTUAL_DB))) {
+ results.add(info);
+ }
+ }
+ return results;
+ }
+
+ @Override
+ public void pingServer(MetaMatrixSessionID sessionID)
+ throws InvalidSessionException {
+ MetaMatrixSessionInfo info = getSessionInfo(sessionID);
+ info.setLastPingTime(System.currentTimeMillis());
+ this.sessionCache.put(sessionID, info);
+ }
+
+ @Override
+ public boolean terminateSession(MetaMatrixSessionID terminatedSessionID,
+ MetaMatrixSessionID adminSessionID) throws
+ AuthorizationException, SessionServiceException {
+ Object[] params = {adminSessionID, terminatedSessionID};
+ LogManager.logInfo(LogSecurityConstants.CTX_SESSION, PlatformPlugin.Util.getString( "SessionServiceImpl.terminateSession", params)); //$NON-NLS-1$
+ try {
+ closeSession(terminatedSessionID);
+ return true;
+ } catch (InvalidSessionException e) {
+ LogManager.logWarning(LogSecurityConstants.CTX_SESSION,e,PlatformPlugin.Util.getString(LogMessageKeys.SEC_SESSION_0034, new Object[] {e.getMessage()}));
+ return false;
+ }
+ }
+
+ @Override
+ public MetaMatrixSessionInfo validateSession(MetaMatrixSessionID sessionID)
+ throws InvalidSessionException, SessionServiceException {
+ MetaMatrixSessionInfo info = getSessionInfo(sessionID);
+ return info;
+ }
+
+ private MetaMatrixSessionInfo getSessionInfo(MetaMatrixSessionID sessionID)
+ throws InvalidSessionException {
+ MetaMatrixSessionInfo info = this.sessionCache.get(sessionID);
+ if (info == null) {
+ throw new InvalidSessionException(ErrorMessageKeys.SEC_SESSION_0027, PlatformPlugin.Util.getString(ErrorMessageKeys.SEC_SESSION_0027, sessionID));
+ }
+ return info;
+ }
+
+ void setMembershipService(MembershipServiceInterface membershipService) {
+ this.membershipService = membershipService;
+ }
+
+ public long getSessionMaxLimit() {
+ return sessionMaxLimit;
+ }
+
+ public void setSessionMaxLimit(long sessionMaxLimit) {
+ this.sessionMaxLimit = sessionMaxLimit;
+ }
+
+ public long getSessionTimeLimit() {
+ return sessionTimeLimit;
+ }
+
+ public void setSessionTimeLimit(long sessionTimeLimit) {
+ this.sessionTimeLimit = sessionTimeLimit;
+ }
+
+ public void setDqpCore(DQPCore dqpCore) {
+ this.dqpCore = dqpCore;
+ }
+
+ @Override
+ public void initialize(Properties props)
+ throws ApplicationInitializationException {
+
+ }
+
+ @Override
+ public void start(ApplicationEnvironment environment)
+ throws ApplicationLifecycleException {
+ this.sessionMonitor = new Timer("SessionMonitor", true); //$NON-NLS-1$
+ this.sessionMonitor.schedule(new TimerTask() {
+ @Override
+ public void run() {
+ monitorSessions();
+ }
+ }, 0, ServerConnection.PING_INTERVAL * 5);
+ }
+
+ @Override
+ public void stop() throws ApplicationLifecycleException {
+ this.sessionMonitor.cancel();
+ }
+
+ public void setVdbService(VDBService vdbService) {
+ this.vdbService = vdbService;
+ }
+
+ public VDBService getVdbService() {
+ return vdbService;
+ }
+
+}
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/security/session/service/SessionServiceImpl.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/java/com/metamatrix/platform/util/ErrorMessageKeys.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/util/ErrorMessageKeys.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/util/ErrorMessageKeys.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,926 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.util;
+
+/**
+ */
+public class ErrorMessageKeys {
+
+ /** admin package (001) */
+ public static final String ADMIN_0001 = "ERR.014.001.0001"; //$NON-NLS-1$
+ public static final String ADMIN_0002 = "ERR.014.001.0002"; //$NON-NLS-1$
+ public static final String ADMIN_0003 = "ERR.014.001.0003"; //$NON-NLS-1$
+ public static final String ADMIN_0004 = "ERR.014.001.0004"; //$NON-NLS-1$
+ public static final String ADMIN_0005 = "ERR.014.001.0005"; //$NON-NLS-1$
+ public static final String ADMIN_0006 = "ERR.014.001.0006"; //$NON-NLS-1$
+ public static final String ADMIN_0007 = "ERR.014.001.0007"; //$NON-NLS-1$
+ public static final String ADMIN_0008 = "ERR.014.001.0008"; //$NON-NLS-1$
+ public static final String ADMIN_0009 = "ERR.014.001.0009"; //$NON-NLS-1$
+ public static final String ADMIN_0010 = "ERR.014.001.0010"; //$NON-NLS-1$
+ public static final String ADMIN_0011 = "ERR.014.001.0011"; //$NON-NLS-1$
+ public static final String ADMIN_0012 = "ERR.014.001.0012"; //$NON-NLS-1$
+ public static final String ADMIN_0013 = "ERR.014.001.0013"; //$NON-NLS-1$
+ public static final String ADMIN_0014 = "ERR.014.001.0014"; //$NON-NLS-1$
+ public static final String ADMIN_0015 = "ERR.014.001.0015"; //$NON-NLS-1$
+ public static final String ADMIN_0016 = "ERR.014.001.0016"; //$NON-NLS-1$
+ public static final String ADMIN_0017 = "ERR.014.001.0017"; //$NON-NLS-1$
+ public static final String ADMIN_0018 = "ERR.014.001.0018"; //$NON-NLS-1$
+ public static final String ADMIN_0019 = "ERR.014.001.0019"; //$NON-NLS-1$
+ public static final String ADMIN_0020 = "ERR.014.001.0020"; //$NON-NLS-1$
+ public static final String ADMIN_0021 = "ERR.014.001.0021"; //$NON-NLS-1$
+ public static final String ADMIN_0022 = "ERR.014.001.0022"; //$NON-NLS-1$
+ public static final String ADMIN_0023 = "ERR.014.001.0023"; //$NON-NLS-1$
+ public static final String ADMIN_0024 = "ERR.014.001.0024"; //$NON-NLS-1$
+ public static final String ADMIN_0025 = "ERR.014.001.0025"; //$NON-NLS-1$
+ public static final String ADMIN_0026 = "ERR.014.001.0026"; //$NON-NLS-1$
+ public static final String ADMIN_0027 = "ERR.014.001.0027"; //$NON-NLS-1$
+ public static final String ADMIN_0028 = "ERR.014.001.0028"; //$NON-NLS-1$
+ public static final String ADMIN_0029 = "ERR.014.001.0029"; //$NON-NLS-1$
+ public static final String ADMIN_0030 = "ERR.014.001.0030"; //$NON-NLS-1$
+ public static final String ADMIN_0031 = "ERR.014.001.0031"; //$NON-NLS-1$
+ public static final String ADMIN_0032 = "ERR.014.001.0032"; //$NON-NLS-1$
+ public static final String ADMIN_0033 = "ERR.014.001.0033"; //$NON-NLS-1$
+ public static final String ADMIN_0034 = "ERR.014.001.0034"; //$NON-NLS-1$
+ public static final String ADMIN_0035 = "ERR.014.001.0035"; //$NON-NLS-1$
+ public static final String ADMIN_0036 = "ERR.014.001.0036"; //$NON-NLS-1$
+ public static final String ADMIN_0037 = "ERR.014.001.0037"; //$NON-NLS-1$
+ public static final String ADMIN_0038 = "ERR.014.001.0038"; //$NON-NLS-1$
+ public static final String ADMIN_0039 = "ERR.014.001.0039"; //$NON-NLS-1$
+ public static final String ADMIN_0040 = "ERR.014.001.0040"; //$NON-NLS-1$
+ public static final String ADMIN_0041 = "ERR.014.001.0041"; //$NON-NLS-1$
+ public static final String ADMIN_0042 = "ERR.014.001.0042"; //$NON-NLS-1$
+ public static final String ADMIN_0043 = "ERR.014.001.0043"; //$NON-NLS-1$
+ public static final String ADMIN_0044 = "ERR.014.001.0044"; //$NON-NLS-1$
+ public static final String ADMIN_0045 = "ERR.014.001.0045"; //$NON-NLS-1$
+ public static final String ADMIN_0046 = "ERR.014.001.0046"; //$NON-NLS-1$
+ public static final String ADMIN_0047 = "ERR.014.001.0047"; //$NON-NLS-1$
+ public static final String ADMIN_0048 = "ERR.014.001.0048"; //$NON-NLS-1$
+ public static final String ADMIN_0049 = "ERR.014.001.0049"; //$NON-NLS-1$
+ public static final String ADMIN_0050 = "ERR.014.001.0050"; //$NON-NLS-1$
+ public static final String ADMIN_0051 = "ERR.014.001.0051"; //$NON-NLS-1$
+ public static final String ADMIN_0052 = "ERR.014.001.0052"; //$NON-NLS-1$
+ public static final String ADMIN_0053 = "ERR.014.001.0053"; //$NON-NLS-1$
+ public static final String ADMIN_0054 = "ERR.014.001.0054"; //$NON-NLS-1$
+
+ public static final String ADMIN_0056 = "ERR.014.001.0056"; //$NON-NLS-1$
+
+ public static final String ADMIN_0058 = "ERR.014.001.0058"; //$NON-NLS-1$
+
+
+ public static final String ADMIN_0067 = "ERR.014.001.0067"; //$NON-NLS-1$
+ public static final String ADMIN_0068 = "ERR.014.001.0068"; //$NON-NLS-1$
+ public static final String ADMIN_0069 = "ERR.014.001.0069"; //$NON-NLS-1$
+ public static final String ADMIN_0070 = "ERR.014.001.0070"; //$NON-NLS-1$
+ public static final String ADMIN_0073 = "ERR.014.001.0073"; //$NON-NLS-1$
+ public static final String ADMIN_0074 = "ERR.014.001.0074"; //$NON-NLS-1$
+
+ public static final String ADMIN_0076 = "ERR.014.001.0076"; //$NON-NLS-1$
+ public static final String ADMIN_0083 = "ERR.014.001.0083"; //$NON-NLS-1$
+ public static final String ADMIN_0084 = "ERR.014.001.0084"; //$NON-NLS-1$
+
+ public static final String ADMIN_0086 = "ERR.014.001.0086"; //$NON-NLS-1$
+
+
+
+
+
+ public static final String ADMIN_0094 = "ERR.014.001.0094"; //$NON-NLS-1$
+ public static final String ADMIN_0095 = "ERR.014.001.0095"; //$NON-NLS-1$
+ public static final String ADMIN_0096 = "ERR.014.001.0096"; //$NON-NLS-1$
+ public static final String ADMIN_0097 = "ERR.014.001.0097"; //$NON-NLS-1$
+ public static final String ADMIN_0099 = "ERR.014.001.0099"; //$NON-NLS-1$
+ public static final String ADMIN_0100 = "ERR.014.001.0100"; //$NON-NLS-1$
+ public static final String ADMIN_0101 = "ERR.014.001.0101"; //$NON-NLS-1$
+ public static final String ADMIN_0102 = "ERR.014.001.0102"; //$NON-NLS-1$
+ public static final String ADMIN_0103 = "ERR.014.001.0103"; //$NON-NLS-1$
+ public static final String ADMIN_0104 = "ERR.014.001.0104"; //$NON-NLS-1$
+ public static final String ADMIN_0105 = "ERR.014.001.0105"; //$NON-NLS-1$
+ public static final String ADMIN_0106 = "ERR.014.001.0106"; //$NON-NLS-1$
+ public static final String ADMIN_0107 = "ERR.014.001.0107"; //$NON-NLS-1$
+ public static final String ADMIN_0108 = "ERR.014.001.0108"; //$NON-NLS-1$
+ public static final String ADMIN_0109 = "ERR.014.001.0109"; //$NON-NLS-1$
+ public static final String ADMIN_0110 = "ERR.014.001.0110"; //$NON-NLS-1$
+ public static final String ADMIN_0111 = "ERR.014.001.0111"; //$NON-NLS-1$
+ public static final String ADMIN_0112 = "ERR.014.001.0112"; //$NON-NLS-1$
+ public static final String ADMIN_0113 = "ERR.014.001.0113"; //$NON-NLS-1$
+ public static final String ADMIN_0114 = "ERR.014.001.0114"; //$NON-NLS-1$
+
+
+ /** config package (002) */
+ public static final String CONFIG_0001 = "ERR.014.002.0001"; //$NON-NLS-1$
+ public static final String CONFIG_0002 = "ERR.014.002.0002"; //$NON-NLS-1$
+ public static final String CONFIG_0003 = "ERR.014.002.0003"; //$NON-NLS-1$
+ public static final String CONFIG_0004 = "ERR.014.002.0004"; //$NON-NLS-1$
+ public static final String CONFIG_0005 = "ERR.014.002.0005"; //$NON-NLS-1$
+ public static final String CONFIG_0006 = "ERR.014.002.0006"; //$NON-NLS-1$
+ public static final String CONFIG_0007 = "ERR.014.002.0007"; //$NON-NLS-1$
+ public static final String CONFIG_0008 = "ERR.014.002.0008"; //$NON-NLS-1$
+ public static final String CONFIG_0009 = "ERR.014.002.0009"; //$NON-NLS-1$
+ public static final String CONFIG_0010 = "ERR.014.002.0010"; //$NON-NLS-1$
+ public static final String CONFIG_0011 = "ERR.014.002.0011"; //$NON-NLS-1$
+ public static final String CONFIG_0012 = "ERR.014.002.0012"; //$NON-NLS-1$
+ public static final String CONFIG_0013 = "ERR.014.002.0013"; //$NON-NLS-1$
+ public static final String CONFIG_0014 = "ERR.014.002.0014"; //$NON-NLS-1$
+ public static final String CONFIG_0015 = "ERR.014.002.0015"; //$NON-NLS-1$
+ public static final String CONFIG_0016 = "ERR.014.002.0016"; //$NON-NLS-1$
+ public static final String CONFIG_0017 = "ERR.014.002.0017"; //$NON-NLS-1$
+ public static final String CONFIG_0018 = "ERR.014.002.0018"; //$NON-NLS-1$
+ public static final String CONFIG_0019 = "ERR.014.002.0019"; //$NON-NLS-1$
+ public static final String CONFIG_0020 = "ERR.014.002.0020"; //$NON-NLS-1$
+ public static final String CONFIG_0021 = "ERR.014.002.0021"; //$NON-NLS-1$
+ public static final String CONFIG_0022 = "ERR.014.002.0022"; //$NON-NLS-1$
+ public static final String CONFIG_0023 = "ERR.014.002.0023"; //$NON-NLS-1$
+ public static final String CONFIG_0024 = "ERR.014.002.0024"; //$NON-NLS-1$
+ public static final String CONFIG_0025 = "ERR.014.002.0025"; //$NON-NLS-1$
+ public static final String CONFIG_0026 = "ERR.014.002.0026"; //$NON-NLS-1$
+ public static final String CONFIG_0027 = "ERR.014.002.0027"; //$NON-NLS-1$
+ public static final String CONFIG_0028 = "ERR.014.002.0028"; //$NON-NLS-1$
+ public static final String CONFIG_0029 = "ERR.014.002.0029"; //$NON-NLS-1$
+ public static final String CONFIG_0030 = "ERR.014.002.0030"; //$NON-NLS-1$
+ public static final String CONFIG_0031 = "ERR.014.002.0031"; //$NON-NLS-1$
+ public static final String CONFIG_0032 = "ERR.014.002.0032"; //$NON-NLS-1$
+ public static final String CONFIG_0033 = "ERR.014.002.0033"; //$NON-NLS-1$
+ public static final String CONFIG_0034 = "ERR.014.002.0034"; //$NON-NLS-1$
+ public static final String CONFIG_0035 = "ERR.014.002.0035"; //$NON-NLS-1$
+ public static final String CONFIG_0036 = "ERR.014.002.0036"; //$NON-NLS-1$
+ public static final String CONFIG_0037 = "ERR.014.002.0037"; //$NON-NLS-1$
+ public static final String CONFIG_0038 = "ERR.014.002.0038"; //$NON-NLS-1$
+ public static final String CONFIG_0039 = "ERR.014.002.0049"; //$NON-NLS-1$
+ public static final String CONFIG_0040 = "ERR.014.002.0040"; //$NON-NLS-1$
+ public static final String CONFIG_0041 = "ERR.014.002.0041"; //$NON-NLS-1$
+ public static final String CONFIG_0042 = "ERR.014.002.0042"; //$NON-NLS-1$
+ public static final String CONFIG_0043 = "ERR.014.002.0043"; //$NON-NLS-1$
+ public static final String CONFIG_0044 = "ERR.014.002.0044"; //$NON-NLS-1$
+ public static final String CONFIG_0045 = "ERR.014.002.0045"; //$NON-NLS-1$
+ public static final String CONFIG_0046 = "ERR.014.002.0046"; //$NON-NLS-1$
+ public static final String CONFIG_0047 = "ERR.014.002.0047"; //$NON-NLS-1$
+ public static final String CONFIG_0048 = "ERR.014.002.0048"; //$NON-NLS-1$
+ public static final String CONFIG_0049 = "ERR.014.002.0049"; //$NON-NLS-1$
+ public static final String CONFIG_0050 = "ERR.014.002.0050"; //$NON-NLS-1$
+ public static final String CONFIG_0051 = "ERR.014.002.0051"; //$NON-NLS-1$
+ public static final String CONFIG_0052 = "ERR.014.002.0052"; //$NON-NLS-1$
+ public static final String CONFIG_0053 = "ERR.014.002.0053"; //$NON-NLS-1$
+ public static final String CONFIG_0054 = "ERR.014.002.0054"; //$NON-NLS-1$
+ public static final String CONFIG_0055 = "ERR.014.002.0055"; //$NON-NLS-1$
+ public static final String CONFIG_0056 = "ERR.014.002.0056"; //$NON-NLS-1$
+ public static final String CONFIG_0057 = "ERR.014.002.0057"; //$NON-NLS-1$
+ public static final String CONFIG_0058 = "ERR.014.002.0058"; //$NON-NLS-1$
+ public static final String CONFIG_0059 = "ERR.014.002.0059"; //$NON-NLS-1$
+ public static final String CONFIG_0060 = "ERR.014.002.0060"; //$NON-NLS-1$
+ public static final String CONFIG_0061 = "ERR.014.002.0061"; //$NON-NLS-1$
+ public static final String CONFIG_0062 = "ERR.014.002.0062"; //$NON-NLS-1$
+ public static final String CONFIG_0063 = "ERR.014.002.0063"; //$NON-NLS-1$
+ public static final String CONFIG_0064 = "ERR.014.002.0064"; //$NON-NLS-1$
+ public static final String CONFIG_0065 = "ERR.014.002.0065"; //$NON-NLS-1$
+ public static final String CONFIG_0066 = "ERR.014.002.0066"; //$NON-NLS-1$
+ public static final String CONFIG_0067 = "ERR.014.002.0067"; //$NON-NLS-1$
+ public static final String CONFIG_0068 = "ERR.014.002.0068"; //$NON-NLS-1$
+ public static final String CONFIG_0069 = "ERR.014.002.0069"; //$NON-NLS-1$
+ public static final String CONFIG_0070 = "ERR.014.002.0070"; //$NON-NLS-1$
+ public static final String CONFIG_0071 = "ERR.014.002.0071"; //$NON-NLS-1$
+ public static final String CONFIG_0072 = "ERR.014.002.0072"; //$NON-NLS-1$
+ public static final String CONFIG_0073 = "ERR.014.002.0073"; //$NON-NLS-1$
+ public static final String CONFIG_0074 = "ERR.014.002.0074"; //$NON-NLS-1$
+ public static final String CONFIG_0075 = "ERR.014.002.0075"; //$NON-NLS-1$
+ public static final String CONFIG_0076 = "ERR.014.002.0076"; //$NON-NLS-1$
+ public static final String CONFIG_0077 = "ERR.014.002.0077"; //$NON-NLS-1$
+ public static final String CONFIG_0078 = "ERR.014.002.0078"; //$NON-NLS-1$
+ public static final String CONFIG_0079 = "ERR.014.002.0079"; //$NON-NLS-1$
+ public static final String CONFIG_0080 = "ERR.014.002.0080"; //$NON-NLS-1$
+ public static final String CONFIG_0081 = "ERR.014.002.0081"; //$NON-NLS-1$
+ public static final String CONFIG_0082 = "ERR.014.002.0082"; //$NON-NLS-1$
+ public static final String CONFIG_0083 = "ERR.014.002.0083"; //$NON-NLS-1$
+ public static final String CONFIG_0084 = "ERR.014.002.0084"; //$NON-NLS-1$
+ public static final String CONFIG_0085 = "ERR.014.002.0085"; //$NON-NLS-1$
+ public static final String CONFIG_0086 = "ERR.014.002.0086"; //$NON-NLS-1$
+ public static final String CONFIG_0087 = "ERR.014.002.0087"; //$NON-NLS-1$
+ public static final String CONFIG_0088 = "ERR.014.002.0088"; //$NON-NLS-1$
+ public static final String CONFIG_0089 = "ERR.014.002.0089"; //$NON-NLS-1$
+ public static final String CONFIG_0090 = "ERR.014.002.0090"; //$NON-NLS-1$
+ public static final String CONFIG_0091 = "ERR.014.002.0091"; //$NON-NLS-1$
+ public static final String CONFIG_0092 = "ERR.014.002.0092"; //$NON-NLS-1$
+ public static final String CONFIG_0093 = "ERR.014.002.0093"; //$NON-NLS-1$
+ public static final String CONFIG_0094 = "ERR.014.002.0094"; //$NON-NLS-1$
+ public static final String CONFIG_0095 = "ERR.014.002.0095"; //$NON-NLS-1$
+ public static final String CONFIG_0096 = "ERR.014.002.0096"; //$NON-NLS-1$
+ public static final String CONFIG_0097 = "ERR.014.002.0097"; //$NON-NLS-1$
+ public static final String CONFIG_0098 = "ERR.014.002.0098"; //$NON-NLS-1$
+ public static final String CONFIG_0099 = "ERR.014.002.0099"; //$NON-NLS-1$
+ public static final String CONFIG_0100 = "ERR.014.002.0100"; //$NON-NLS-1$
+ public static final String CONFIG_0101 = "ERR.014.002.0101"; //$NON-NLS-1$
+ public static final String CONFIG_0102 = "ERR.014.002.0102"; //$NON-NLS-1$
+ public static final String CONFIG_0103 = "ERR.014.002.0103"; //$NON-NLS-1$
+ public static final String CONFIG_0104 = "ERR.014.002.0104"; //$NON-NLS-1$
+ public static final String CONFIG_0105 = "ERR.014.002.0105"; //$NON-NLS-1$
+ public static final String CONFIG_0106 = "ERR.014.002.0106"; //$NON-NLS-1$
+ public static final String CONFIG_0107 = "ERR.014.002.0107"; //$NON-NLS-1$
+ public static final String CONFIG_0108 = "ERR.014.002.0108"; //$NON-NLS-1$
+ public static final String CONFIG_0109 = "ERR.014.002.0109"; //$NON-NLS-1$
+ public static final String CONFIG_0110 = "ERR.014.002.0110"; //$NON-NLS-1$
+ public static final String CONFIG_0111 = "ERR.014.002.0111"; //$NON-NLS-1$
+ public static final String CONFIG_0112 = "ERR.014.002.0112"; //$NON-NLS-1$
+ public static final String CONFIG_0113 = "ERR.014.002.0113"; //$NON-NLS-1$
+ public static final String CONFIG_0114 = "ERR.014.002.0114"; //$NON-NLS-1$
+ public static final String CONFIG_0115 = "ERR.014.002.0115"; //$NON-NLS-1$
+ public static final String CONFIG_0116 = "ERR.014.002.0116"; //$NON-NLS-1$
+ public static final String CONFIG_0117 = "ERR.014.002.0117"; //$NON-NLS-1$
+ public static final String CONFIG_0118 = "ERR.014.002.0118"; //$NON-NLS-1$
+ public static final String CONFIG_0119 = "ERR.014.002.0119"; //$NON-NLS-1$
+ public static final String CONFIG_0120 = "ERR.014.002.0120"; //$NON-NLS-1$
+ public static final String CONFIG_0121 = "ERR.014.002.0121"; //$NON-NLS-1$
+ public static final String CONFIG_0122 = "ERR.014.002.0122"; //$NON-NLS-1$
+ public static final String CONFIG_0123 = "ERR.014.002.0123"; //$NON-NLS-1$
+ public static final String CONFIG_0124 = "ERR.014.002.0124"; //$NON-NLS-1$
+ public static final String CONFIG_0125 = "ERR.014.002.0125"; //$NON-NLS-1$
+ public static final String CONFIG_0126 = "ERR.014.002.0126"; //$NON-NLS-1$
+ public static final String CONFIG_0127 = "ERR.014.002.0127"; //$NON-NLS-1$
+ public static final String CONFIG_0128 = "ERR.014.002.0128"; //$NON-NLS-1$
+ public static final String CONFIG_0129 = "ERR.014.002.0129"; //$NON-NLS-1$
+ public static final String CONFIG_0130 = "ERR.014.002.0130"; //$NON-NLS-1$
+ public static final String CONFIG_0131 = "ERR.014.002.0131"; //$NON-NLS-1$
+ public static final String CONFIG_0132 = "ERR.014.002.0132"; //$NON-NLS-1$
+ public static final String CONFIG_0133 = "ERR.014.002.0133"; //$NON-NLS-1$
+ public static final String CONFIG_0134 = "ERR.014.002.0134"; //$NON-NLS-1$
+ public static final String CONFIG_0135 = "ERR.014.002.0135"; //$NON-NLS-1$
+ public static final String CONFIG_0136 = "ERR.014.002.0136"; //$NON-NLS-1$
+ public static final String CONFIG_0137 = "ERR.014.002.0137"; //$NON-NLS-1$
+ public static final String CONFIG_0138 = "ERR.014.002.0138"; //$NON-NLS-1$
+ public static final String CONFIG_0139 = "ERR.014.002.0139"; //$NON-NLS-1$
+ public static final String CONFIG_0140 = "ERR.014.002.0140"; //$NON-NLS-1$
+ public static final String CONFIG_0141 = "ERR.014.002.0141"; //$NON-NLS-1$
+ public static final String CONFIG_0142 = "ERR.014.002.0142"; //$NON-NLS-1$
+ public static final String CONFIG_0143 = "ERR.014.002.0143"; //$NON-NLS-1$
+ public static final String CONFIG_0144 = "ERR.014.002.0144"; //$NON-NLS-1$
+ public static final String CONFIG_0145 = "ERR.014.002.0145"; //$NON-NLS-1$
+ public static final String CONFIG_0146 = "ERR.014.002.0146"; //$NON-NLS-1$
+ public static final String CONFIG_0147 = "ERR.014.002.0147"; //$NON-NLS-1$
+ public static final String CONFIG_0148 = "ERR.014.002.0148"; //$NON-NLS-1$
+ public static final String CONFIG_0149 = "ERR.014.002.0149"; //$NON-NLS-1$
+ public static final String CONFIG_0150 = "ERR.014.002.0150"; //$NON-NLS-1$
+ public static final String CONFIG_0151 = "ERR.014.002.0151"; //$NON-NLS-1$
+ public static final String CONFIG_0152 = "ERR.014.002.0152"; //$NON-NLS-1$
+ public static final String CONFIG_0153 = "ERR.014.002.0153"; //$NON-NLS-1$
+ public static final String CONFIG_0154 = "ERR.014.002.0154"; //$NON-NLS-1$
+ public static final String CONFIG_0155 = "ERR.014.002.0155"; //$NON-NLS-1$
+ public static final String CONFIG_0156 = "ERR.014.002.0156"; //$NON-NLS-1$
+ public static final String CONFIG_0157 = "ERR.014.002.0157"; //$NON-NLS-1$
+ public static final String CONFIG_0158 = "ERR.014.002.0158"; //$NON-NLS-1$
+ public static final String CONFIG_0159 = "ERR.014.002.0159"; //$NON-NLS-1$
+ public static final String CONFIG_0160 = "ERR.014.002.0160"; //$NON-NLS-1$
+ public static final String CONFIG_0161 = "ERR.014.002.0161"; //$NON-NLS-1$
+ public static final String CONFIG_0162 = "ERR.014.002.0162"; //$NON-NLS-1$
+ public static final String CONFIG_0163 = "ERR.014.002.0163"; //$NON-NLS-1$
+ public static final String CONFIG_0164 = "ERR.014.002.0164"; //$NON-NLS-1$
+ public static final String CONFIG_0165 = "ERR.014.002.0165"; //$NON-NLS-1$
+ public static final String CONFIG_0166 = "ERR.014.002.0166"; //$NON-NLS-1$
+ public static final String CONFIG_0167 = "ERR.014.002.0167"; //$NON-NLS-1$
+ public static final String CONFIG_0168 = "ERR.014.002.0168"; //$NON-NLS-1$
+ public static final String CONFIG_0169 = "ERR.014.002.0169"; //$NON-NLS-1$
+ public static final String CONFIG_0170 = "ERR.014.002.0170"; //$NON-NLS-1$
+ public static final String CONFIG_0171 = "ERR.014.002.0171"; //$NON-NLS-1$
+ public static final String CONFIG_0172 = "ERR.014.002.0172"; //$NON-NLS-1$
+ public static final String CONFIG_0173 = "ERR.014.002.0173"; //$NON-NLS-1$
+ public static final String CONFIG_0174 = "ERR.014.002.0174"; //$NON-NLS-1$
+ public static final String CONFIG_0175 = "ERR.014.002.0175"; //$NON-NLS-1$
+ public static final String CONFIG_0176 = "ERR.014.002.0176"; //$NON-NLS-1$
+ public static final String CONFIG_0177 = "ERR.014.002.0177"; //$NON-NLS-1$
+ public static final String CONFIG_0178 = "ERR.014.002.0178"; //$NON-NLS-1$
+ public static final String CONFIG_0179 = "ERR.014.002.0179"; //$NON-NLS-1$
+ public static final String CONFIG_0180 = "ERR.014.002.0180"; //$NON-NLS-1$
+ public static final String CONFIG_0181 = "ERR.014.002.0181"; //$NON-NLS-1$
+ public static final String CONFIG_0182 = "ERR.014.002.0182"; //$NON-NLS-1$
+ public static final String CONFIG_0183 = "ERR.014.002.0183"; //$NON-NLS-1$
+ public static final String CONFIG_0184 = "ERR.014.002.0184"; //$NON-NLS-1$
+ public static final String CONFIG_0185 = "ERR.014.002.0185"; //$NON-NLS-1$
+ public static final String CONFIG_0186 = "ERR.014.002.0186"; //$NON-NLS-1$
+ public static final String CONFIG_0187 = "ERR.014.002.0187"; //$NON-NLS-1$
+ public static final String CONFIG_0188 = "ERR.014.002.0188"; //$NON-NLS-1$
+ public static final String CONFIG_0189 = "ERR.014.002.0189"; //$NON-NLS-1$
+ public static final String CONFIG_0190 = "ERR.014.002.0190"; //$NON-NLS-1$
+ public static final String CONFIG_0191 = "ERR.014.002.0191"; //$NON-NLS-1$
+
+ /** host package (005) */
+ public static final String HOST_0001 = "ERR.014.005.0001"; //$NON-NLS-1$
+ public static final String HOST_0002 = "ERR.014.005.0002"; //$NON-NLS-1$
+ public static final String HOST_0003 = "ERR.014.005.0003"; //$NON-NLS-1$
+ public static final String HOST_0004 = "ERR.014.005.0004"; //$NON-NLS-1$
+ public static final String HOST_0005 = "ERR.014.005.0005"; //$NON-NLS-1$
+ public static final String HOST_0006 = "ERR.014.005.0006"; //$NON-NLS-1$
+ public static final String HOST_0007 = "ERR.014.005.0007"; //$NON-NLS-1$
+ public static final String HOST_0008 = "ERR.014.005.0008"; //$NON-NLS-1$
+ public static final String HOST_0009 = "ERR.014.005.0009"; //$NON-NLS-1$
+ public static final String HOST_0010 = "ERR.014.005.0010"; //$NON-NLS-1$
+ public static final String HOST_0011 = "ERR.014.005.0011"; //$NON-NLS-1$
+
+ /** registry package (006) */
+ public static final String REGISTRY_0001 = "ERR.014.006.0001"; //$NON-NLS-1$
+ public static final String REGISTRY_0002 = "ERR.014.006.0002"; //$NON-NLS-1$
+ public static final String REGISTRY_0003 = "ERR.014.006.0003"; //$NON-NLS-1$
+ public static final String REGISTRY_0004 = "ERR.014.006.0004"; //$NON-NLS-1$
+ public static final String REGISTRY_0005 = "ERR.014.006.0005"; //$NON-NLS-1$
+ public static final String REGISTRY_0006 = "ERR.014.006.0006"; //$NON-NLS-1$
+ public static final String REGISTRY_0007 = "ERR.014.006.0007"; //$NON-NLS-1$
+ public static final String REGISTRY_0008 = "ERR.014.006.0008"; //$NON-NLS-1$
+ public static final String REGISTRY_0009 = "ERR.014.006.0009"; //$NON-NLS-1$
+ public static final String REGISTRY_0010 = "ERR.014.006.0010"; //$NON-NLS-1$
+ public static final String REGISTRY_0011 = "ERR.014.006.0011"; //$NON-NLS-1$
+ public static final String REGISTRY_0012 = "ERR.014.006.0012"; //$NON-NLS-1$
+ public static final String REGISTRY_0013 = "ERR.014.006.0013"; //$NON-NLS-1$
+ public static final String REGISTRY_0014 = "ERR.014.006.0014"; //$NON-NLS-1$
+ public static final String REGISTRY_0015 = "ERR.014.006.0015"; //$NON-NLS-1$
+ public static final String REGISTRY_0016 = "ERR.014.006.0016"; //$NON-NLS-1$
+ public static final String REGISTRY_0017 = "ERR.014.006.0017"; //$NON-NLS-1$
+ public static final String REGISTRY_0018 = "ERR.014.006.0018"; //$NON-NLS-1$
+ public static final String REGISTRY_0019 = "ERR.014.006.0019"; //$NON-NLS-1$
+ public static final String REGISTRY_0020 = "ERR.014.006.0020"; //$NON-NLS-1$
+ public static final String REGISTRY_0021 = "ERR.014.006.0021"; //$NON-NLS-1$
+ public static final String REGISTRY_0022 = "ERR.014.006.0022"; //$NON-NLS-1$
+ public static final String REGISTRY_0023 = "ERR.014.006.0023"; //$NON-NLS-1$
+ public static final String REGISTRY_0024 = "ERR.014.006.0024"; //$NON-NLS-1$
+ public static final String REGISTRY_0025 = "ERR.014.006.0025"; //$NON-NLS-1$
+ public static final String REGISTRY_0026 = "ERR.014.006.0026"; //$NON-NLS-1$
+ public static final String REGISTRY_0027 = "ERR.014.006.0027"; //$NON-NLS-1$
+
+ /** security.api package (107) */
+ public static final String SEC_API_0001 = "ERR.014.107.0001"; //$NON-NLS-1$
+ public static final String SEC_API_0002 = "ERR.014.107.0002"; //$NON-NLS-1$
+ public static final String SEC_API_0003 = "ERR.014.107.0003"; //$NON-NLS-1$
+ public static final String SEC_API_0004 = "ERR.014.107.0004"; //$NON-NLS-1$
+ public static final String SEC_API_0005 = "ERR.014.107.0005"; //$NON-NLS-1$
+ public static final String SEC_API_0006 = "ERR.014.107.0006"; //$NON-NLS-1$
+ public static final String SEC_API_0007 = "ERR.014.107.0007"; //$NON-NLS-1$
+ public static final String SEC_API_0008 = "ERR.014.107.0008"; //$NON-NLS-1$
+ public static final String SEC_API_0009 = "ERR.014.107.0009"; //$NON-NLS-1$
+ public static final String SEC_API_0010 = "ERR.014.107.0010"; //$NON-NLS-1$
+ public static final String SEC_API_0011 = "ERR.014.107.0011"; //$NON-NLS-1$
+ public static final String SEC_API_0012 = "ERR.014.107.0012"; //$NON-NLS-1$
+ public static final String SEC_API_0013 = "ERR.014.107.0013"; //$NON-NLS-1$
+ public static final String SEC_API_0014 = "ERR.014.107.0014"; //$NON-NLS-1$
+ public static final String SEC_API_0015 = "ERR.014.107.0015"; //$NON-NLS-1$
+ public static final String SEC_API_0016 = "ERR.014.107.0016"; //$NON-NLS-1$
+ public static final String SEC_API_0017 = "ERR.014.107.0017"; //$NON-NLS-1$
+ public static final String SEC_API_0018 = "ERR.014.107.0018"; //$NON-NLS-1$
+ public static final String SEC_API_0019 = "ERR.014.107.0019"; //$NON-NLS-1$
+ public static final String SEC_API_0020 = "ERR.014.107.0020"; //$NON-NLS-1$
+ public static final String SEC_API_0021 = "ERR.014.107.0021"; //$NON-NLS-1$
+ public static final String SEC_API_0022 = "ERR.014.107.0022"; //$NON-NLS-1$
+ public static final String SEC_API_0023 = "ERR.014.107.0023"; //$NON-NLS-1$
+ public static final String SEC_API_0024 = "ERR.014.107.0024"; //$NON-NLS-1$
+ public static final String SEC_API_0025 = "ERR.014.107.0025"; //$NON-NLS-1$
+ public static final String SEC_API_0026 = "ERR.014.107.0026"; //$NON-NLS-1$
+ public static final String SEC_API_0027 = "ERR.014.107.0027"; //$NON-NLS-1$
+ public static final String SEC_API_0028 = "ERR.014.107.0028"; //$NON-NLS-1$
+ public static final String SEC_API_0029 = "ERR.014.107.0029"; //$NON-NLS-1$
+ public static final String SEC_API_0030 = "ERR.014.107.0030"; //$NON-NLS-1$
+ public static final String SEC_API_0031 = "ERR.014.107.0031"; //$NON-NLS-1$
+ public static final String SEC_API_0032 = "ERR.014.107.0032"; //$NON-NLS-1$
+ public static final String SEC_API_0033 = "ERR.014.107.0033"; //$NON-NLS-1$
+ public static final String SEC_API_0034 = "ERR.014.107.0034"; //$NON-NLS-1$
+ public static final String SEC_API_0035 = "ERR.014.107.0035"; //$NON-NLS-1$
+ public static final String SEC_API_0036 = "ERR.014.107.0036"; //$NON-NLS-1$
+ public static final String SEC_API_0037 = "ERR.014.107.0037"; //$NON-NLS-1$
+ public static final String SEC_API_0038 = "ERR.014.107.0038"; //$NON-NLS-1$
+ public static final String SEC_API_0043 = "ERR.014.107.0043"; //$NON-NLS-1$
+ public static final String SEC_API_0044 = "ERR.014.107.0044"; //$NON-NLS-1$
+ public static final String SEC_API_0045 = "ERR.014.107.0045"; //$NON-NLS-1$
+ public static final String SEC_API_0046 = "ERR.014.107.0046"; //$NON-NLS-1$
+ public static final String SEC_API_0047 = "ERR.014.107.0047"; //$NON-NLS-1$
+ public static final String SEC_API_0048 = "ERR.014.107.0048"; //$NON-NLS-1$
+ public static final String SEC_API_0049 = "ERR.014.107.0049"; //$NON-NLS-1$
+ public static final String SEC_API_0050 = "ERR.014.107.0050"; //$NON-NLS-1$
+ public static final String SEC_API_0051 = "ERR.014.107.0051"; //$NON-NLS-1$
+ public static final String SEC_API_0052 = "ERR.014.107.0052"; //$NON-NLS-1$
+ public static final String SEC_API_0053 = "ERR.014.107.0053"; //$NON-NLS-1$
+ public static final String SEC_API_0054 = "ERR.014.107.0054"; //$NON-NLS-1$
+ public static final String SEC_API_0055 = "ERR.014.107.0055"; //$NON-NLS-1$
+ public static final String SEC_API_0056 = "ERR.014.107.0056"; //$NON-NLS-1$
+ public static final String SEC_API_0057 = "ERR.014.107.0057"; //$NON-NLS-1$
+ public static final String SEC_API_0058 = "ERR.014.107.0058"; //$NON-NLS-1$
+ public static final String SEC_API_0059 = "ERR.014.107.0059"; //$NON-NLS-1$
+ public static final String SEC_API_0060 = "ERR.014.107.0060"; //$NON-NLS-1$
+ public static final String SEC_API_0061 = "ERR.014.107.0061"; //$NON-NLS-1$
+ public static final String SEC_API_0062 = "ERR.014.107.0062"; //$NON-NLS-1$
+ public static final String SEC_API_0063 = "ERR.014.107.0063"; //$NON-NLS-1$
+ public static final String SEC_API_0064 = "ERR.014.107.0064"; //$NON-NLS-1$
+ public static final String SEC_API_0065 = "ERR.014.107.0065"; //$NON-NLS-1$
+ public static final String SEC_API_0066 = "ERR.014.107.0066"; //$NON-NLS-1$
+ public static final String SEC_API_0067 = "ERR.014.107.0067"; //$NON-NLS-1$
+ public static final String SEC_API_0068 = "ERR.014.107.0068"; //$NON-NLS-1$
+ public static final String SEC_API_0069 = "ERR.014.107.0069"; //$NON-NLS-1$
+ public static final String SEC_API_0070 = "ERR.014.107.0070"; //$NON-NLS-1$
+ public static final String SEC_API_0071 = "ERR.014.107.0071"; //$NON-NLS-1$
+ public static final String SEC_API_0072 = "ERR.014.107.0072"; //$NON-NLS-1$
+ public static final String SEC_API_0073 = "ERR.014.107.0073"; //$NON-NLS-1$
+ public static final String SEC_API_0074 = "ERR.014.107.0074"; //$NON-NLS-1$
+ public static final String SEC_API_0075 = "ERR.014.107.0075"; //$NON-NLS-1$
+ public static final String SEC_API_0076 = "ERR.014.107.0076"; //$NON-NLS-1$
+ public static final String SEC_API_0077 = "ERR.014.107.0077"; //$NON-NLS-1$
+ public static final String SEC_API_0078 = "ERR.014.107.0078"; //$NON-NLS-1$
+ public static final String SEC_API_0079 = "ERR.014.107.0079"; //$NON-NLS-1$
+ public static final String SEC_API_0080 = "ERR.014.107.0080"; //$NON-NLS-1$
+ public static final String SEC_API_0081 = "ERR.014.107.0081"; //$NON-NLS-1$
+ public static final String SEC_API_0082 = "ERR.014.107.0082"; //$NON-NLS-1$
+ public static final String SEC_API_0083 = "ERR.014.107.0083"; //$NON-NLS-1$
+ public static final String SEC_API_0084 = "ERR.014.107.0084"; //$NON-NLS-1$
+ public static final String SEC_API_0085 = "ERR.014.107.0085"; //$NON-NLS-1$
+ public static final String SEC_API_0086 = "ERR.014.107.0086"; //$NON-NLS-1$
+ public static final String SEC_API_0087 = "ERR.014.107.0087"; //$NON-NLS-1$
+ public static final String SEC_API_0088 = "ERR.014.107.0088"; //$NON-NLS-1$
+ public static final String SEC_API_0089 = "ERR.014.107.0089"; //$NON-NLS-1$
+
+ /** security.audit package (207) */
+ public static final String SEC_AUDIT_0001 = "ERR.014.207.0001"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0002 = "ERR.014.207.0002"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0003 = "ERR.014.207.0003"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0004 = "ERR.014.207.0004"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0005 = "ERR.014.207.0005"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0006 = "ERR.014.207.0006"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0007 = "ERR.014.207.0007"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0008 = "ERR.014.207.0008"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0009 = "ERR.014.207.0009"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0010 = "ERR.014.207.0010"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0011 = "ERR.014.207.0011"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0012 = "ERR.014.207.0012"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0013 = "ERR.014.207.0013"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0014 = "ERR.014.207.0014"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0015 = "ERR.014.207.0015"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0016 = "ERR.014.207.0016"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0017 = "ERR.014.207.0017"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0018 = "ERR.014.207.0018"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0019 = "ERR.014.207.0019"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0020 = "ERR.014.207.0020"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0021 = "ERR.014.207.0021"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0022 = "ERR.014.207.0022"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0023 = "ERR.014.207.0023"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0024 = "ERR.014.207.0024"; //$NON-NLS-1$
+
+ /** security.authorization package (307) */
+ public static final String SEC_AUTHORIZATION_0001 = "ERR.014.307.0001"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0002 = "ERR.014.307.0002"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0003 = "ERR.014.307.0003"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0004 = "ERR.014.307.0004"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0005 = "ERR.014.307.0005"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0006 = "ERR.014.307.0006"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0007 = "ERR.014.307.0007"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0008 = "ERR.014.307.0008"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0009 = "ERR.014.307.0009"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0010 = "ERR.014.307.0010"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0011 = "ERR.014.307.0011"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0012 = "ERR.014.307.0012"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0013 = "ERR.014.307.0013"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0014 = "ERR.014.307.0014"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0015 = "ERR.014.307.0015"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0016 = "ERR.014.307.0016"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0017 = "ERR.014.307.0017"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0018 = "ERR.014.307.0018"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0019 = "ERR.014.307.0019"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0020 = "ERR.014.307.0020"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0021 = "ERR.014.307.0021"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0022 = "ERR.014.307.0022"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0023 = "ERR.014.307.0023"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0024 = "ERR.014.307.0024"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0025 = "ERR.014.307.0025"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0026 = "ERR.014.307.0026"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0027 = "ERR.014.307.0027"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0028 = "ERR.014.307.0028"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0029 = "ERR.014.307.0029"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0030 = "ERR.014.307.0030"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0031 = "ERR.014.307.0031"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0032 = "ERR.014.307.0032"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0033 = "ERR.014.307.0033"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0034 = "ERR.014.307.0034"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0035 = "ERR.014.307.0035"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0036 = "ERR.014.307.0036"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0037 = "ERR.014.307.0037"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0038 = "ERR.014.307.0038"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0039 = "ERR.014.307.0039"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0040 = "ERR.014.307.0040"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0041 = "ERR.014.307.0041"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0042 = "ERR.014.307.0042"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0043 = "ERR.014.307.0043"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0044 = "ERR.014.307.0044"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0045 = "ERR.014.307.0045"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0046 = "ERR.014.307.0046"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0047 = "ERR.014.307.0047"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0048 = "ERR.014.307.0048"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0049 = "ERR.014.307.0049"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0050 = "ERR.014.307.0050"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0051 = "ERR.014.307.0051"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0052 = "ERR.014.307.0052"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0053 = "ERR.014.307.0053"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0054 = "ERR.014.307.0054"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0055 = "ERR.014.307.0055"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0056 = "ERR.014.307.0056"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0057 = "ERR.014.307.0057"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0058 = "ERR.014.307.0058"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0059 = "ERR.014.307.0059"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0060 = "ERR.014.307.0060"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0061 = "ERR.014.307.0061"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0062 = "ERR.014.307.0062"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0063 = "ERR.014.307.0063"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0064 = "ERR.014.307.0064"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0065 = "ERR.014.307.0065"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0066 = "ERR.014.307.0066"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0067 = "ERR.014.307.0067"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0068 = "ERR.014.307.0068"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0069 = "ERR.014.307.0069"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0070 = "ERR.014.307.0070"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0071 = "ERR.014.307.0071"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0072 = "ERR.014.307.0072"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0073 = "ERR.014.307.0073"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0074 = "ERR.014.307.0074"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0075 = "ERR.014.307.0075"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0076 = "ERR.014.307.0076"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0077 = "ERR.014.307.0077"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0078 = "ERR.014.307.0078"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0079 = "ERR.014.307.0079"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0080 = "ERR.014.307.0080"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0081 = "ERR.014.307.0081"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0082 = "ERR.014.307.0082"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0083 = "ERR.014.307.0083"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0084 = "ERR.014.307.0084"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0085 = "ERR.014.307.0085"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0086 = "ERR.014.307.0086"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0087 = "ERR.014.307.0087"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0088 = "ERR.014.307.0088"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0089 = "ERR.014.307.0089"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0090 = "ERR.014.307.0090"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0091 = "ERR.014.307.0091"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0092 = "ERR.014.307.0092"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0093 = "ERR.014.307.0093"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0094 = "ERR.014.307.0094"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0095 = "ERR.014.307.0095"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0096 = "ERR.014.307.0096"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0097 = "ERR.014.307.0097"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0098 = "ERR.014.307.0098"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0099 = "ERR.014.307.0099"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0100 = "ERR.014.307.0100"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0101 = "ERR.014.307.0101"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0102 = "ERR.014.307.0102"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0103 = "ERR.014.307.0103"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0104 = "ERR.014.307.0104"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0105 = "ERR.014.307.0105"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0106 = "ERR.014.307.0106"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0107 = "ERR.014.307.0107"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0108 = "ERR.014.307.0108"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0109 = "ERR.014.307.0109"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0110 = "ERR.014.307.0110"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0111 = "ERR.014.307.0111"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0112 = "ERR.014.307.0112"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0113 = "ERR.014.307.0113"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0114 = "ERR.014.307.0114"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0115 = "ERR.014.307.0115"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0116 = "ERR.014.307.0116"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0117 = "ERR.014.307.0117"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0118 = "ERR.014.307.0118"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0119 = "ERR.014.307.0119"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0120 = "ERR.014.307.0120"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0121 = "ERR.014.307.0121"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0122 = "ERR.014.307.0122"; //$NON-NLS-1$
+
+ /** security.membership package (407) */
+ public static final String SEC_MEMBERSHIP_0001 = "ERR.014.407.0001"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0002 = "ERR.014.407.0002"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0003 = "ERR.014.407.0003"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0004 = "ERR.014.407.0004"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0005 = "ERR.014.407.0005"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0006 = "ERR.014.407.0006"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0007 = "ERR.014.407.0007"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0008 = "ERR.014.407.0008"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0009 = "ERR.014.407.0009"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0010 = "ERR.014.407.0010"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0011 = "ERR.014.407.0011"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0012 = "ERR.014.407.0012"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0013 = "ERR.014.407.0013"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0014 = "ERR.014.407.0014"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0015 = "ERR.014.407.0015"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0016 = "ERR.014.407.0016"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0017 = "ERR.014.407.0017"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0018 = "ERR.014.407.0018"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0019 = "ERR.014.407.0019"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0020 = "ERR.014.407.0020"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0021 = "ERR.014.407.0021"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0022 = "ERR.014.407.0022"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0023 = "ERR.014.407.0023"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0024 = "ERR.014.407.0024"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0025 = "ERR.014.407.0025"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0026 = "ERR.014.407.0026"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0027 = "ERR.014.407.0027"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0028 = "ERR.014.407.0028"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0029 = "ERR.014.407.0029"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0030 = "ERR.014.407.0030"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0031 = "ERR.014.407.0031"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0032 = "ERR.014.407.0032"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0033 = "ERR.014.407.0033"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0034 = "ERR.014.407.0034"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0035 = "ERR.014.407.0035"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0036 = "ERR.014.407.0036"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0037 = "ERR.014.407.0037"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0038 = "ERR.014.407.0038"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0039 = "ERR.014.407.0039"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0040 = "ERR.014.407.0040"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0041 = "ERR.014.407.0041"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0042 = "ERR.014.407.0042"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0043 = "ERR.014.407.0043"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0044 = "ERR.014.407.0044"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0045 = "ERR.014.407.0045"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0046 = "ERR.014.407.0046"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0047 = "ERR.014.407.0047"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0048 = "ERR.014.407.0048"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0049 = "ERR.014.407.0049"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0050 = "ERR.014.407.0050"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0051 = "ERR.014.407.0051"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0052 = "ERR.014.407.0052"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0053 = "ERR.014.407.0053"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0054 = "ERR.014.407.0054"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0055 = "ERR.014.407.0055"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0056 = "ERR.014.407.0056"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0057 = "ERR.014.407.0057"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0058 = "ERR.014.407.0058"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0059 = "ERR.014.407.0059"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0060 = "ERR.014.407.0060"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0061 = "ERR.014.407.0061"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0062 = "ERR.014.407.0062"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0063 = "ERR.014.407.0063"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0064 = "ERR.014.407.0064"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0065 = "ERR.014.407.0065"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0066 = "ERR.014.407.0066"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0067 = "ERR.014.407.0067"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0068 = "ERR.014.407.0068"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0069 = "ERR.014.407.0069"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0070 = "ERR.014.407.0070"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0071 = "ERR.014.407.0071"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0072 = "ERR.014.407.0072"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0073 = "ERR.014.407.0073"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0074 = "ERR.014.407.0074"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0075 = "ERR.014.407.0075"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0076 = "ERR.014.407.0076"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0077 = "ERR.014.407.0077"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0078 = "ERR.014.407.0078"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0079 = "ERR.014.407.0079"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0080 = "ERR.014.407.0080"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0081 = "ERR.014.407.0081"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0082 = "ERR.014.407.0082"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0083 = "ERR.014.407.0083"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0084 = "ERR.014.407.0084"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0085 = "ERR.014.407.0085"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0086 = "ERR.014.407.0086"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0087 = "ERR.014.407.0087"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0088 = "ERR.014.407.0088"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0089 = "ERR.014.407.0089"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0090 = "ERR.014.407.0090"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0091 = "ERR.014.407.0091"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0092 = "ERR.014.407.0092"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0093 = "ERR.014.407.0093"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0094 = "ERR.014.407.0094"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0095 = "ERR.014.407.0095"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0096 = "ERR.014.407.0096"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0097 = "ERR.014.407.0097"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0098 = "ERR.014.407.0098"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0099 = "ERR.014.407.0099"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0100 = "ERR.014.407.0100"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0101 = "ERR.014.407.0101"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0102 = "ERR.014.407.0102"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0103 = "ERR.014.407.0103"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0104 = "ERR.014.407.0104"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0105 = "ERR.014.407.0105"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0106 = "ERR.014.407.0106"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0107 = "ERR.014.407.0107"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0108 = "ERR.014.407.0108"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0109 = "ERR.014.407.0109"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0110 = "ERR.014.407.0110"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0111 = "ERR.014.407.0111"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0112 = "ERR.014.407.0112"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0113 = "ERR.014.407.0113"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0114 = "ERR.014.407.0114"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0115 = "ERR.014.407.0115"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0116 = "ERR.014.407.0116"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0117 = "ERR.014.407.0117"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0118 = "ERR.014.407.0118"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0119 = "ERR.014.407.0119"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0120 = "ERR.014.407.0120"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0121 = "ERR.014.407.0121"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0122 = "ERR.014.407.0122"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0123 = "ERR.014.407.0123"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0124 = "ERR.014.407.0124"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0125 = "ERR.014.407.0125"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0126 = "ERR.014.407.0126"; //$NON-NLS-1$
+
+ /** security.session package (507) */
+ public static final String SEC_SESSION_0001 = "ERR.014.507.0001"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0002 = "ERR.014.507.0002"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0003 = "ERR.014.507.0003"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0004 = "ERR.014.507.0004"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0005 = "ERR.014.507.0005"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0006 = "ERR.014.507.0006"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0007 = "ERR.014.507.0007"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0008 = "ERR.014.507.0008"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0009 = "ERR.014.507.0009"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0010 = "ERR.014.507.0010"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0011 = "ERR.014.507.0011"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0012 = "ERR.014.507.0012"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0013 = "ERR.014.507.0013"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0014 = "ERR.014.507.0014"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0015 = "ERR.014.507.0015"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0016 = "ERR.014.507.0016"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0017 = "ERR.014.507.0017"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0018 = "ERR.014.507.0018"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0019 = "ERR.014.507.0019"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0020 = "ERR.014.507.0020"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0021 = "ERR.014.507.0021"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0022 = "ERR.014.507.0022"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0023 = "ERR.014.507.0023"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0024 = "ERR.014.507.0024"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0025 = "ERR.014.507.0025"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0026 = "ERR.014.507.0026"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0027 = "ERR.014.507.0027"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0028 = "ERR.014.507.0028"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0029 = "ERR.014.507.0029"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0030 = "ERR.014.507.0030"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0031 = "ERR.014.507.0031"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0032 = "ERR.014.507.0032"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0033 = "ERR.014.507.0033"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0034 = "ERR.014.507.0034"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0035 = "ERR.014.507.0035"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0036 = "ERR.014.507.0036"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0037 = "ERR.014.507.0037"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0038 = "ERR.014.507.0038"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0039 = "ERR.014.507.0039"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0040 = "ERR.014.507.0040"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0041 = "ERR.014.507.0041"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0042 = "ERR.014.507.0042"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0043 = "ERR.014.507.0043"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0044 = "ERR.014.507.0044"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0045 = "ERR.014.507.0045"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0046 = "ERR.014.507.0046"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0047 = "ERR.014.507.0047"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0048 = "ERR.014.507.0048"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0049 = "ERR.014.507.0049"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0050 = "ERR.014.507.0050"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0051 = "ERR.014.507.0051"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0052 = "ERR.014.507.0052"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0053 = "ERR.014.507.0053"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0054 = "ERR.014.507.0054"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0055 = "ERR.014.507.0055"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0056 = "ERR.014.507.0056"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0057 = "ERR.014.507.0057"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0058 = "ERR.014.507.0058"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0059 = "ERR.014.507.0059"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0060 = "ERR.014.507.0060"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0061 = "ERR.014.507.0061"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0062 = "ERR.014.507.0062"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0063 = "ERR.014.507.0063"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0064 = "ERR.014.507.0064"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0065 = "ERR.014.507.0065"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0066 = "ERR.014.507.0066"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0067 = "ERR.014.507.0067"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0068 = "ERR.014.507.0068"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0069 = "ERR.014.507.0069"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0070 = "ERR.014.507.0070"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0071 = "ERR.014.507.0071"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0072 = "ERR.014.507.0072"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0073 = "ERR.014.507.0073"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0074 = "ERR.014.507.0074"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0075 = "ERR.014.507.0075"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0076 = "ERR.014.507.0076"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0077 = "ERR.014.507.0077"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0078 = "ERR.014.507.0078"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0079 = "ERR.014.507.0079"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0080 = "ERR.014.507.0080"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0081 = "ERR.014.507.0081"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0082 = "ERR.014.507.0082"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0083 = "ERR.014.507.0083"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0084 = "ERR.014.507.0084"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0085 = "ERR.014.507.0085"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0086 = "ERR.014.507.0086"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0087 = "ERR.014.507.0087"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0088 = "ERR.014.507.0088"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0089 = "ERR.014.507.0089"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0090 = "ERR.014.507.0090"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0091 = "ERR.014.507.0091"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0092 = "ERR.014.507.0092"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0093 = "ERR.014.507.0093"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0094 = "ERR.014.507.0094"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0095 = "ERR.014.507.0095"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0096 = "ERR.014.507.0096"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0097 = "ERR.014.507.0097"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0098 = "ERR.014.507.0098"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0099 = "ERR.014.507.0099"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0100 = "ERR.014.507.0100"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0101 = "ERR.014.507.0101"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0102 = "ERR.014.507.0102"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0103 = "ERR.014.507.0103"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0104 = "ERR.014.507.0104"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0105 = "ERR.014.507.0105"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0106 = "ERR.014.507.0106"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0107 = "ERR.014.507.0107"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0108 = "ERR.014.507.0108"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0109 = "ERR.014.507.0109"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0110 = "ERR.014.507.0110"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0111 = "ERR.014.507.0111"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0112 = "ERR.014.507.0112"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0113 = "ERR.014.507.0113"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0114 = "ERR.014.507.0114"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0115 = "ERR.014.507.0115"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0116 = "ERR.014.507.0116"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0117 = "ERR.014.507.0117"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0118 = "ERR.014.507.0118"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0119 = "ERR.014.507.0119"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0120 = "ERR.014.507.0120"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0121 = "ERR.014.507.0121"; //$NON-NLS-1$
+
+ /** security.util package (607) */
+ public static final String SEC_UTIL_0001 = "ERR.014.607.0001"; //$NON-NLS-1$
+ public static final String SEC_UTIL_0002 = "ERR.014.607.0002"; //$NON-NLS-1$
+ public static final String SEC_UTIL_0003 = "ERR.014.607.0003"; //$NON-NLS-1$
+
+ /** service package (008) */
+ public static final String SERVICE_0001 = "ERR.014.008.0001"; //$NON-NLS-1$
+ public static final String SERVICE_0002 = "ERR.014.008.0002"; //$NON-NLS-1$
+ public static final String SERVICE_0003 = "ERR.014.008.0003"; //$NON-NLS-1$
+ public static final String SERVICE_0004 = "ERR.014.008.0004"; //$NON-NLS-1$
+ public static final String SERVICE_0005 = "ERR.014.008.0005"; //$NON-NLS-1$
+ public static final String SERVICE_0008 = "ERR.014.008.0008"; //$NON-NLS-1$
+ public static final String SERVICE_0009 = "ERR.014.008.0009"; //$NON-NLS-1$
+ public static final String SERVICE_0010 = "ERR.014.008.0010"; //$NON-NLS-1$
+ public static final String SERVICE_0012 = "ERR.014.008.0012"; //$NON-NLS-1$
+ public static final String SERVICE_0013 = "ERR.014.008.0013"; //$NON-NLS-1$
+ public static final String SERVICE_0014 = "ERR.014.008.0014"; //$NON-NLS-1$
+ public static final String SERVICE_0015 = "ERR.014.008.0015"; //$NON-NLS-1$
+ public static final String SERVICE_0016 = "ERR.014.008.0016"; //$NON-NLS-1$
+ public static final String SERVICE_0017 = "ERR.014.008.0017"; //$NON-NLS-1$
+ public static final String SERVICE_0018 = "ERR.014.008.0018"; //$NON-NLS-1$
+ public static final String SERVICE_0019 = "ERR.014.008.0019"; //$NON-NLS-1$
+ public static final String SERVICE_0025 = "ERR.014.008.0025"; //$NON-NLS-1$
+ public static final String SERVICE_0026 = "ERR.014.008.0026"; //$NON-NLS-1$
+ public static final String SERVICE_0027 = "ERR.014.008.0027"; //$NON-NLS-1$
+ public static final String SERVICE_0028 = "ERR.014.008.0028"; //$NON-NLS-1$
+ public static final String SERVICE_0029 = "ERR.014.008.0029"; //$NON-NLS-1$
+ public static final String SERVICE_0030 = "ERR.014.008.0030"; //$NON-NLS-1$
+ public static final String SERVICE_0031 = "ERR.014.008.0031"; //$NON-NLS-1$
+ public static final String SERVICE_0032 = "ERR.014.008.0032"; //$NON-NLS-1$
+ public static final String SERVICE_0033 = "ERR.014.008.0033"; //$NON-NLS-1$
+ public static final String SERVICE_0034 = "ERR.014.008.0034"; //$NON-NLS-1$
+ public static final String SERVICE_0035 = "ERR.014.008.0035"; //$NON-NLS-1$
+ public static final String SERVICE_0036 = "ERR.014.008.0036"; //$NON-NLS-1$
+ public static final String SERVICE_0037 = "ERR.014.008.0037"; //$NON-NLS-1$
+ public static final String SERVICE_0038 = "ERR.014.008.0038"; //$NON-NLS-1$
+ public static final String SERVICE_0039 = "ERR.014.008.0039"; //$NON-NLS-1$
+ public static final String SERVICE_0040 = "ERR.014.008.0040"; //$NON-NLS-1$
+ public static final String SERVICE_0041 = "ERR.014.008.0041"; //$NON-NLS-1$
+ public static final String SERVICE_0042 = "ERR.014.008.0042"; //$NON-NLS-1$
+ public static final String SERVICE_0043 = "ERR.014.008.0043"; //$NON-NLS-1$
+ public static final String SERVICE_0044 = "ERR.014.008.0044"; //$NON-NLS-1$
+ public static final String SERVICE_0045 = "ERR.014.008.0045"; //$NON-NLS-1$
+ public static final String SERVICE_0046 = "ERR.014.008.0046"; //$NON-NLS-1$
+ public static final String SERVICE_0047 = "ERR.014.008.0047"; //$NON-NLS-1$
+ public static final String SERVICE_0048 = "ERR.014.008.0048"; //$NON-NLS-1$
+ public static final String SERVICE_0049 = "ERR.014.008.0049"; //$NON-NLS-1$
+ public static final String SERVICE_0050 = "ERR.014.008.0050"; //$NON-NLS-1$
+ public static final String SERVICE_0051 = "ERR.014.008.0051"; //$NON-NLS-1$
+ public static final String SERVICE_0052 = "ERR.014.008.0052"; //$NON-NLS-1$
+ public static final String SERVICE_0053 = "ERR.014.008.0053"; //$NON-NLS-1$
+ public static final String SERVICE_0054 = "ERR.014.008.0054"; //$NON-NLS-1$
+ public static final String SERVICE_0055 = "ERR.014.008.0055"; //$NON-NLS-1$
+ public static final String SERVICE_0056 = "ERR.014.008.0056"; //$NON-NLS-1$
+ public static final String SERVICE_0057 = "ERR.014.008.0057"; //$NON-NLS-1$
+ public static final String SERVICE_0058 = "ERR.014.008.0058"; //$NON-NLS-1$
+ public static final String SERVICE_0059 = "ERR.014.008.0059"; //$NON-NLS-1$
+ public static final String SERVICE_0060 = "ERR.014.008.0060"; //$NON-NLS-1$
+ public static final String SERVICE_0061 = "ERR.014.008.0061"; //$NON-NLS-1$
+ public static final String SERVICE_0062 = "ERR.014.008.0062"; //$NON-NLS-1$
+ public static final String SERVICE_0063 = "ERR.014.008.0063"; //$NON-NLS-1$
+ public static final String SERVICE_0064 = "ERR.014.008.0064"; //$NON-NLS-1$
+ public static final String SERVICE_0065 = "ERR.014.008.0065"; //$NON-NLS-1$
+ public static final String SERVICE_0066 = "ERR.014.008.0066"; //$NON-NLS-1$
+ public static final String SERVICE_0067 = "ERR.014.008.0067"; //$NON-NLS-1$
+ public static final String SERVICE_0068 = "ERR.014.008.0068"; //$NON-NLS-1$
+ public static final String SERVICE_0069 = "ERR.014.008.0069"; //$NON-NLS-1$
+ public static final String SERVICE_0070 = "ERR.014.008.0070"; //$NON-NLS-1$
+
+ /** vm.controller package (010) */
+ public static final String VM_0001 = "ERR.014.010.0001"; //$NON-NLS-1$
+ public static final String VM_0003 = "ERR.014.010.0003"; //$NON-NLS-1$
+ public static final String VM_0004 = "ERR.014.010.0004"; //$NON-NLS-1$
+
+}
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/util/ErrorMessageKeys.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/java/com/metamatrix/platform/util/LogMessageKeys.java
===================================================================
--- trunk/embedded/src/main/java/com/metamatrix/platform/util/LogMessageKeys.java (rev 0)
+++ trunk/embedded/src/main/java/com/metamatrix/platform/util/LogMessageKeys.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,263 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.util;
+
+/**
+ */
+public class LogMessageKeys {
+
+ /** admin package (001) */
+ public static final String ADMIN_0001 = "MSG.014.001.0001"; //$NON-NLS-1$
+ public static final String ADMIN_0002 = "MSG.014.001.0002"; //$NON-NLS-1$
+ public static final String ADMIN_0003 = "MSG.014.001.0003"; //$NON-NLS-1$
+ public static final String ADMIN_0004 = "MSG.014.001.0004"; //$NON-NLS-1$
+ public static final String ADMIN_0005 = "MSG.014.001.0005"; //$NON-NLS-1$
+ public static final String ADMIN_0006 = "MSG.014.001.0006"; //$NON-NLS-1$
+ public static final String ADMIN_0009 = "MSG.014.001.0009"; //$NON-NLS-1$
+ public static final String ADMIN_0010 = "MSG.014.001.0010"; //$NON-NLS-1$
+ public static final String ADMIN_0013 = "MSG.014.001.0013"; //$NON-NLS-1$
+ public static final String ADMIN_0014 = "MSG.014.001.0014"; //$NON-NLS-1$
+ public static final String ADMIN_0015 = "MSG.014.001.0015"; //$NON-NLS-1$
+ public static final String ADMIN_0016 = "MSG.014.001.0016"; //$NON-NLS-1$
+ public static final String ADMIN_0019 = "MSG.014.001.0019"; //$NON-NLS-1$
+ public static final String ADMIN_0020 = "MSG.014.001.0020"; //$NON-NLS-1$
+ public static final String ADMIN_0021 = "MSG.014.001.0021"; //$NON-NLS-1$
+ public static final String ADMIN_0022 = "MSG.014.001.0022"; //$NON-NLS-1$
+ public static final String ADMIN_0023 = "MSG.014.001.0023"; //$NON-NLS-1$
+ public static final String ADMIN_0026 = "MSG.014.001.0026"; //$NON-NLS-1$
+ public static final String ADMIN_0027 = "MSG.014.001.0027"; //$NON-NLS-1$
+ public static final String ADMIN_0028 = "MSG.014.001.0028"; //$NON-NLS-1$
+ public static final String ADMIN_0029 = "MSG.014.001.0029"; //$NON-NLS-1$
+
+ /** config package (002) */
+ public static final String CONFIG_0001 = "MSG.014.002.0001"; //$NON-NLS-1$
+ public static final String CONFIG_0002 = "MSG.014.002.0002"; //$NON-NLS-1$
+ public static final String CONFIG_0003 = "MSG.014.002.0003"; //$NON-NLS-1$
+ public static final String CONFIG_0004 = "MSG.014.002.0004"; //$NON-NLS-1$
+ public static final String CONFIG_0005 = "MSG.014.002.0005"; //$NON-NLS-1$
+ public static final String CONFIG_0006 = "MSG.014.002.0006"; //$NON-NLS-1$
+ public static final String CONFIG_0007 = "MSG.014.002.0007"; //$NON-NLS-1$
+ public static final String CONFIG_0008 = "MSG.014.002.0008"; //$NON-NLS-1$
+ public static final String CONFIG_0009 = "MSG.014.002.0009"; //$NON-NLS-1$
+
+ /** host package (005) */
+ public static final String HOST_0001 = "MSG.014.005.0001"; //$NON-NLS-1$
+ public static final String HOST_0002 = "MSG.014.005.0002"; //$NON-NLS-1$
+ public static final String HOST_0003 = "MSG.014.005.0003"; //$NON-NLS-1$
+ public static final String HOST_0004 = "MSG.014.005.0004"; //$NON-NLS-1$
+ public static final String HOST_0005 = "MSG.014.005.0005"; //$NON-NLS-1$
+ public static final String HOST_0006 = "MSG.014.005.0006"; //$NON-NLS-1$
+ public static final String HOST_0007 = "MSG.014.005.0007"; //$NON-NLS-1$
+ public static final String HOST_0008 = "MSG.014.005.0008"; //$NON-NLS-1$
+ public static final String HOST_0009 = "MSG.014.005.0009"; //$NON-NLS-1$
+ public static final String HOST_0010 = "MSG.014.005.0010"; //$NON-NLS-1$
+ public static final String HOST_0011 = "MSG.014.005.0011"; //$NON-NLS-1$
+ public static final String HOST_0012 = "MSG.014.005.0012"; //$NON-NLS-1$
+
+ /** security.api package (107) */
+ public static final String SEC_API_0001 = "MSG.014.107.0001"; //$NON-NLS-1$
+
+ /** security.audit package (207) */
+ public static final String SEC_AUDIT_0001 = "MSG.014.207.0001"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0002 = "MSG.014.207.0002"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0003 = "MSG.014.207.0003"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0004 = "MSG.014.207.0004"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0005 = "MSG.014.207.0005"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0006 = "MSG.014.207.0006"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0007 = "MSG.014.207.0007"; //$NON-NLS-1$
+ public static final String SEC_AUDIT_0008 = "MSG.014.207.0008"; //$NON-NLS-1$
+
+ /** security.authorization package (307) */
+ public static final String SEC_AUTHORIZATION_0001 = "MSG.014.307.0001"; //$NON-NLS-1$
+ public static final String SEC_AUTHORIZATION_0002 = "MSG.014.307.0002"; //$NON-NLS-1$
+
+ /** security.membership package (407) */
+ public static final String SEC_MEMBERSHIP_0001 = "MSG.014.407.0001"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0002 = "MSG.014.407.0002"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0003 = "MSG.014.407.0003"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0004 = "MSG.014.407.0004"; //$NON-NLS-1$
+ public static final String SEC_MEMBERSHIP_0005 = "MSG.014.407.0005"; //$NON-NLS-1$
+
+ /** security.session package (507) */
+ public static final String SEC_SESSION_0001 = "MSG.014.507.0001"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0002 = "MSG.014.507.0002"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0003 = "MSG.014.507.0003"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0004 = "MSG.014.507.0004"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0005 = "MSG.014.507.0005"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0006 = "MSG.014.507.0006"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0007 = "MSG.014.507.0007"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0008 = "MSG.014.507.0008"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0009 = "MSG.014.507.0009"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0010 = "MSG.014.507.0010"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0011 = "MSG.014.507.0011"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0012 = "MSG.014.507.0012"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0013 = "MSG.014.507.0013"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0014 = "MSG.014.507.0014"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0015 = "MSG.014.507.0015"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0016 = "MSG.014.507.0016"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0017 = "MSG.014.507.0017"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0018 = "MSG.014.507.0018"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0019 = "MSG.014.507.0019"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0020 = "MSG.014.507.0020"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0021 = "MSG.014.507.0021"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0022 = "MSG.014.507.0022"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0023 = "MSG.014.507.0023"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0024 = "MSG.014.507.0024"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0025 = "MSG.014.507.0025"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0026 = "MSG.014.507.0026"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0027 = "MSG.014.507.0027"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0028 = "MSG.014.507.0028"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0029 = "MSG.014.507.0029"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0030 = "MSG.014.507.0030"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0031 = "MSG.014.507.0031"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0032 = "MSG.014.507.0032"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0033 = "MSG.014.507.0033"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0034 = "MSG.014.507.0034"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0035 = "MSG.014.507.0035"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0036 = "MSG.014.507.0036"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0037 = "MSG.014.507.0037"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0038 = "MSG.014.507.0038"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0039 = "MSG.014.507.0039"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0040 = "MSG.014.507.0040"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0041 = "MSG.014.507.0041"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0042 = "MSG.014.507.0042"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0043 = "MSG.014.507.0043"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0044 = "MSG.014.507.0044"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0045 = "MSG.014.507.0045"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0046 = "MSG.014.507.0046"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0047 = "MSG.014.507.0047"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0048 = "MSG.014.507.0048"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0049 = "MSG.014.507.0049"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0050 = "MSG.014.507.0050"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0051 = "MSG.014.507.0051"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0052 = "MSG.014.507.0052"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0053 = "MSG.014.507.0053"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0054 = "MSG.014.507.0054"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0055 = "MSG.014.507.0055"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0056 = "MSG.014.507.0056"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0057 = "MSG.014.507.0057"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0058 = "MSG.014.507.0058"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0059 = "MSG.014.507.0059"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0060 = "MSG.014.507.0060"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0061 = "MSG.014.507.0061"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0062 = "MSG.014.507.0062"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0063 = "MSG.014.507.0063"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0064 = "MSG.014.507.0064"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0065 = "MSG.014.507.0065"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0066 = "MSG.014.507.0066"; //$NON-NLS-1$
+ public static final String SEC_SESSION_0067 = "MSG.014.507.0067"; //$NON-NLS-1$
+
+ /** security.util package (607) */
+ public static final String SEC_UTIL_0001 = "MSG.014.607.0001"; //$NON-NLS-1$
+
+ /** service.controller package (008) */
+ public static final String SERVICE_0001 = "MSG.014.008.0001"; //$NON-NLS-1$
+ public static final String SERVICE_0002 = "MSG.014.008.0002"; //$NON-NLS-1$
+ public static final String SERVICE_0003 = "MSG.014.008.0003"; //$NON-NLS-1$
+ public static final String SERVICE_0004 = "MSG.014.008.0004"; //$NON-NLS-1$
+ public static final String SERVICE_0005 = "MSG.014.008.0005"; //$NON-NLS-1$
+ public static final String SERVICE_0006 = "MSG.014.008.0006"; //$NON-NLS-1$
+ public static final String SERVICE_0007 = "MSG.014.008.0007"; //$NON-NLS-1$
+ public static final String SERVICE_0008 = "MSG.014.008.0008"; //$NON-NLS-1$
+ public static final String SERVICE_0009 = "MSG.014.008.0009"; //$NON-NLS-1$
+ public static final String SERVICE_0010 = "MSG.014.008.0010"; //$NON-NLS-1$
+ public static final String SERVICE_0011 = "MSG.014.008.0011"; //$NON-NLS-1$
+ public static final String SERVICE_0012 = "MSG.014.008.0012"; //$NON-NLS-1$
+ public static final String SERVICE_0013 = "MSG.014.008.0013"; //$NON-NLS-1$
+ public static final String SERVICE_0014 = "MSG.014.008.0014"; //$NON-NLS-1$
+ public static final String SERVICE_0015 = "MSG.014.008.0015"; //$NON-NLS-1$
+ public static final String SERVICE_0016 = "MSG.014.008.0016"; //$NON-NLS-1$
+ public static final String SERVICE_0017 = "MSG.014.008.0017"; //$NON-NLS-1$
+ public static final String SERVICE_0018 = "MSG.014.008.0018"; //$NON-NLS-1$
+ public static final String SERVICE_0019 = "MSG.014.008.0019"; //$NON-NLS-1$
+ public static final String SERVICE_0020 = "MSG.014.008.0020"; //$NON-NLS-1$
+ public static final String SERVICE_0021 = "MSG.014.008.0021"; //$NON-NLS-1$
+ public static final String SERVICE_0022 = "MSG.014.008.0022"; //$NON-NLS-1$
+ public static final String SERVICE_0023 = "MSG.014.008.0023"; //$NON-NLS-1$
+ public static final String SERVICE_0024 = "MSG.014.008.0024"; //$NON-NLS-1$
+ public static final String SERVICE_0025 = "MSG.014.008.0025"; //$NON-NLS-1$
+ public static final String SERVICE_0026 = "MSG.014.008.0026"; //$NON-NLS-1$
+ public static final String SERVICE_0027 = "MSG.014.008.0027"; //$NON-NLS-1$
+ public static final String SERVICE_0028 = "MSG.014.008.0028"; //$NON-NLS-1$
+ public static final String SERVICE_0029 = "MSG.014.008.0029"; //$NON-NLS-1$
+ public static final String SERVICE_0030 = "MSG.014.008.0030"; //$NON-NLS-1$
+ public static final String SERVICE_0031 = "MSG.014.008.0031"; //$NON-NLS-1$
+ public static final String SERVICE_0032 = "MSG.014.008.0032"; //$NON-NLS-1$
+ public static final String SERVICE_0033 = "MSG.014.008.0033"; //$NON-NLS-1$
+
+ /** vm.controller package (010) */
+ public static final String VM_0001 = "MSG.014.010.0001"; //$NON-NLS-1$
+ public static final String VM_0002 = "MSG.014.010.0002"; //$NON-NLS-1$
+ public static final String VM_0003 = "MSG.014.010.0003"; //$NON-NLS-1$
+ public static final String VM_0004 = "MSG.014.010.0004"; //$NON-NLS-1$
+ public static final String VM_0005 = "MSG.014.010.0005"; //$NON-NLS-1$
+ public static final String VM_0006 = "MSG.014.010.0006"; //$NON-NLS-1$
+ public static final String VM_0007 = "MSG.014.010.0007"; //$NON-NLS-1$
+ public static final String VM_0008 = "MSG.014.010.0008"; //$NON-NLS-1$
+ public static final String VM_0009 = "MSG.014.010.0009"; //$NON-NLS-1$
+ public static final String VM_0010 = "MSG.014.010.0010"; //$NON-NLS-1$
+ public static final String VM_0011 = "MSG.014.010.0011"; //$NON-NLS-1$
+ public static final String VM_0012 = "MSG.014.010.0012"; //$NON-NLS-1$
+ public static final String VM_0013 = "MSG.014.010.0013"; //$NON-NLS-1$
+ public static final String VM_0014 = "MSG.014.010.0014"; //$NON-NLS-1$
+ public static final String VM_0015 = "MSG.014.010.0015"; //$NON-NLS-1$
+ public static final String VM_0016 = "MSG.014.010.0016"; //$NON-NLS-1$
+ public static final String VM_0017 = "MSG.014.010.0017"; //$NON-NLS-1$
+ public static final String VM_0018 = "MSG.014.010.0018"; //$NON-NLS-1$
+ public static final String VM_0019 = "MSG.014.010.0019"; //$NON-NLS-1$
+ public static final String VM_0020 = "MSG.014.010.0020"; //$NON-NLS-1$
+ public static final String VM_0021 = "MSG.014.010.0021"; //$NON-NLS-1$
+ public static final String VM_0022 = "MSG.014.010.0022"; //$NON-NLS-1$
+ public static final String VM_0023 = "MSG.014.010.0023"; //$NON-NLS-1$
+ public static final String VM_0024 = "MSG.014.010.0024"; //$NON-NLS-1$
+ public static final String VM_0025 = "MSG.014.010.0025"; //$NON-NLS-1$
+ public static final String VM_0026 = "MSG.014.010.0026"; //$NON-NLS-1$
+ public static final String VM_0027 = "MSG.014.010.0027"; //$NON-NLS-1$
+ public static final String VM_0028 = "MSG.014.010.0028"; //$NON-NLS-1$
+ public static final String VM_0029 = "MSG.014.010.0029"; //$NON-NLS-1$
+ public static final String VM_0030 = "MSG.014.010.0030"; //$NON-NLS-1$
+ public static final String VM_0031 = "MSG.014.010.0031"; //$NON-NLS-1$
+ public static final String VM_0032 = "MSG.014.010.0032"; //$NON-NLS-1$
+ public static final String VM_0033 = "MSG.014.010.0033"; //$NON-NLS-1$
+ public static final String VM_0034 = "MSG.014.010.0034"; //$NON-NLS-1$
+ public static final String VM_0035 = "MSG.014.010.0035"; //$NON-NLS-1$
+ public static final String VM_0036 = "MSG.014.010.0036"; //$NON-NLS-1$
+ public static final String VM_0037 = "MSG.014.010.0037"; //$NON-NLS-1$
+ public static final String VM_0038 = "MSG.014.010.0038"; //$NON-NLS-1$
+ public static final String VM_0040 = "MSG.014.010.0040"; //$NON-NLS-1$
+ public static final String VM_0041 = "MSG.014.010.0041"; //$NON-NLS-1$
+ public static final String VM_0042 = "MSG.014.010.0042"; //$NON-NLS-1$
+ public static final String VM_0043 = "MSG.014.010.0043"; //$NON-NLS-1$
+ public static final String VM_0044 = "MSG.014.010.0044"; //$NON-NLS-1$
+ public static final String VM_0045 = "MSG.014.010.0045"; //$NON-NLS-1$
+ public static final String VM_0046 = "MSG.014.010.0046"; //$NON-NLS-1$
+ public static final String VM_0047 = "MSG.014.010.0047"; //$NON-NLS-1$
+ public static final String VM_0048 = "MSG.014.010.0048"; //$NON-NLS-1$
+ public static final String VM_0049 = "MSG.014.010.0049"; //$NON-NLS-1$
+ public static final String VM_0050 = "MSG.014.010.0050"; //$NON-NLS-1$
+ public static final String VM_0051 = "MSG.014.010.0051"; //$NON-NLS-1$
+ public static final String VM_0052 = "MSG.014.010.0052"; //$NON-NLS-1$
+ public static final String VM_0053 = "MSG.014.010.0053"; //$NON-NLS-1$
+ public static final String VM_0054 = "MSG.014.010.0054"; //$NON-NLS-1$
+
+}
Property changes on: trunk/embedded/src/main/java/com/metamatrix/platform/util/LogMessageKeys.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/main/resources/com/metamatrix/platform/i18n.properties
===================================================================
--- trunk/embedded/src/main/resources/com/metamatrix/platform/i18n.properties (rev 0)
+++ trunk/embedded/src/main/resources/com/metamatrix/platform/i18n.properties 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,1292 @@
+#
+# JBoss, Home of Professional Open Source.
+# See the COPYRIGHT.txt file distributed with this work for information
+# regarding copyright ownership. Some portions may be licensed
+# to Red Hat, Inc. under one or more contributor license agreements.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 USA.
+#
+
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+# Note: All new messages should have been looked up before being logged! DON'T use I18nLogManager!
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+# ==========================================
+# Error Messages for the Platform Package (014)
+# ==========================================
+#
+# example ERR.014.001.0001=Test Error Message for Platform Package
+
+# admin (001)
+ERR.014.001.0001 = Lost communication with the AdminAPI - the connection has been closed.
+ERR.014.001.0002 = Lost communication with the AdminAPI.
+ERR.014.001.0003 = Error closing admin connection.
+ERR.014.001.0004 = Cannot initialize AdminHelper: {0}
+ERR.014.001.0005 = Connection cannot be null.
+ERR.014.001.0006 = Pingable cannot be null.
+ERR.014.001.0007 = Pinging server failed after {0} retries
+ERR.014.001.0008 = The client is not authorized to attempt this operation. User: {0} Role: {1}
+ERR.014.001.0009 = The server was unable to obtain an authorization service to authorize the client. Unable to check roles for {0}
+ERR.014.001.0010 = The server was unable to obtain a session service instance to validate session ID.
+ERR.014.001.0011 = Unable to check roles for {0} the session is invalid.
+ERR.014.001.0012 = Session "{0}" is not valid.
+ERR.014.001.0013 = Unknown Session Service exception.
+ERR.014.001.0014 = Lost communication with the Authorization service.
+ERR.014.001.0015 = Error exporting {0} object.
+ERR.014.001.0016 = Unable to generate ObjectID from previously defined MetaBase uuid: {0}
+ERR.014.001.0017 = Lost communication with the Configuration service.
+ERR.014.001.0018 = The {0} reference may not be null.
+ERR.014.001.0019 = The specified ComponentObject is not an instance of PropertiedObject.
+ERR.014.001.0020 = Could not initialize {0}
+ERR.014.001.0021 = Cannot instantiate {0}
+ERR.014.001.0022 = Error retrieving property definitions from configuration.
+ERR.014.001.0023 = Session is invalid.
+ERR.014.001.0024 = Authorization exception retrieving property definitions from configuration.
+ERR.014.001.0025 = Component exception retrieving property definitions from configuration.
+ERR.014.001.0026 = Error retrieving component types from configuration.
+ERR.014.001.0027 = Authorization exception retrieving component types from configuration.
+ERR.014.001.0028 = Component exception retrieving component types from configuration.
+ERR.014.001.0029 = Property value Object was not a String as expected.
+ERR.014.001.0030 = Transaction has already begun.
+ERR.014.001.0031 = Commit has failed due to exception from ConfigurationAdminAPI.
+ERR.014.001.0032 = The specified PropertiedObject is not an instance of ComponentObject.
+ERR.014.001.0033 = Error retrieving system config IDs from system.
+ERR.014.001.0034 = Authorization exception retrieving system config IDs from system.
+ERR.014.001.0035 = Component exception retrieving system config IDs from system.
+ERR.014.001.0036 = Lost communication with the remote system.
+ERR.014.001.0037 = Lost communication with the Membership service.
+ERR.014.001.0038 = The nodeType <{0}> is out of range.
+ERR.014.001.0039 = Attempt to compare null.
+ERR.014.001.0040 = The Resource <{0}> is not permitted for the Actions <{0}>
+ERR.014.001.0041 = The referenced object is not a {0}.
+ERR.014.001.0042 = Unable to find a data node containing resource: {0}
+ERR.014.001.0043 = Attempt to compare {0} to PrincipalAttributeImpl
+ERR.014.001.0044 = Error retrieving resource pools from configuration.
+ERR.014.001.0045 = Authorization exception retrieving resource pools from configuration.
+ERR.014.001.0046 = Component exception retrieving resource pools from configuration.
+ERR.014.001.0047 = Error applying configuration changes for resources.
+ERR.014.001.0048 = Lost communication with RuntimeState Admin implementation.
+ERR.014.001.0049 = host parameter must not be null or empty.
+ERR.014.001.0050 = process parameter must not be null or empty.
+ERR.014.001.0051 = Error getting the state of the system.
+ERR.014.001.0052 = Error shutting down server.
+ERR.014.001.0053 = Could not restart server.
+ERR.014.001.0054 = 1 or more error occurred while attempting to synchronize the server: {0}
+ERR.014.001.0056 = {0} is not running.
+ERR.014.001.0058 = Error: 1 or more services/processes could not be shutdown.
+ERR.014.001.0067 = {0} is already running.
+ERR.014.001.0068 = Could not start host {0}. Error communicating with HostController.
+ERR.014.001.0069 = Services cannot be started, Process {1} is not running.
+ERR.014.001.0070 = Services cannot be started, error accessing Process {0} on Host {1}
+ERR.014.001.0073 = Error starting 1 or more services in Process {0} on Host {1}
+ERR.014.001.0074 = Error stopping PSC {0}. error accessing {1}
+ERR.014.001.0076 = Error stopping 1 or more services in {0}
+ERR.014.001.0083 = Error reading server startup time.
+ERR.014.001.0084 = ModificationException while setting log config on configuration: {0}
+ERR.014.001.0086 = RemoteException(s): Log config MAY not have been set in 1 or more processes: {0}
+
+ERR.014.001.0094 = Lost communication with the Session service.
+ERR.014.001.0095 = Error creating AdminAPIBean, Exception: {0}
+ERR.014.001.0096 = The product {0} has not been licensed.
+ERR.014.001.0097 = Could not create admin API for {0}: {1}
+ERR.014.001.0099 = The user parameter may not be null or empty.
+ERR.014.001.0100 = The user password may not be null or empty.
+ERR.014.001.0101 = NamingException while getting new initialcontext for LogonAPI.
+ERR.014.001.0102 = Error trying to connect to server: {0} at {1}
+ERR.014.001.0103 = CreateException while getting home interface for LogonAPI.
+ERR.014.001.0104 = RemoteException while getting home interface for LogonAPI.
+ERR.014.001.0105 = Unknown error while obtaining a reference to LogonAPI.
+ERR.014.001.0106 = NamingException while getting new initialcontext for AdminAPI.
+ERR.014.001.0107 = NamingException while getting home interface for AdminAPI.
+ERR.014.001.0108 = CreateException while getting home interface for AdminAPI.
+ERR.014.001.0109 = RemoteException while getting home interface for AdminAPI.
+ERR.014.001.0110 = Unknown error while obtaining a reference to AdminAPI for user <{0}>
+ERR.014.001.0111 = Error while attempting log on for user <{0}>: Unable to encrypt user password.
+ERR.014.001.0112 = Error while attempting log on for user <{0}>
+ERR.014.001.0113 = Logon attempt failed - session ID is null.
+ERR.014.001.0114 = Unexpected exception while attempting log on for user <{0}>
+
+
+# config (002)
+ERR.014.002.0001 = ConfigurationModelContainer processing error: The configuration has not been set.
+ERR.014.002.0002 = ConfigurationModelContainer processing error: The configuration cannot override and existing one.
+ERR.014.002.0003 = Error Initializing XMLConfiguration: Object of type {0} has not been coded for.
+ERR.014.002.0004 = ConfigurationModelContainer processing error: The container has already been initially populated.
+ERR.014.002.0005 = This {0} instance (ID={0}) cannot be cloned.
+ERR.014.002.0006 = ConfigurationModelContainer Cloning Error on configuration: {0} message: {1}
+ERR.014.002.0007 = The collection of IDs in the ConfigurationEvent must be provided.
+ERR.014.002.0008 = The changed id in the ConfigurationEvent must be provided.
+ERR.014.002.0009 = RepositoryPesistence Error: property {0} was not defined.
+ERR.014.002.0010 = Unable to create class instance, the object class must be specified.
+ERR.014.002.0011 = {0} not found.
+ERR.014.002.0012 = Unable to link the object class ({0})
+ERR.014.002.0013 = Unable to instantiate the object class ({0})
+ERR.014.002.0014 = Unable to access the object class ({0})
+ERR.014.002.0015 = Unable to create class ({0})
+ERR.014.002.0016 = Unable to import input stream for configuration {0}
+ERR.014.002.0017 = Unable to export output stream for configuration {0}
+ERR.014.002.0018 = Unable to read a file persistent Configuration, configurationID argument was not passed.
+ERR.014.002.0019 = Error reading configuration model {0}
+ERR.014.002.0020 = Unable to read configuration file {0}, it does not exist.
+ERR.014.002.0021 = Unable to read configuration file {0}, error in reading file.
+ERR.014.002.0022 = Unable to write persistent Configuration, model argument was not passed.
+ERR.014.002.0023 = Unable to write persistent Configuration, principal argument was not passed.
+ERR.014.002.0024 = Unable to write configuration model {0}
+ERR.014.002.0025 = Unable to delete configuration model {0}
+ERR.014.002.0026 = Invalid Configuration ID, configID {0} is not a defined configuration.
+ERR.014.002.0027 = Unable to copy file {0} to {1}
+ERR.014.002.0028 = Unable to delete configuration model {0}
+ERR.014.002.0029 = Unable to create File Persistence, {0} was not specified
+ERR.014.002.0030 = Missing JDBC driver class name.
+ERR.014.002.0031 = Missing JDBC protocol name.
+ERR.014.002.0032 = Missing JDBC database name.
+ERR.014.002.0033 = Unable to establish a connection in the JDBCPersistentConnnection.
+ERR.014.002.0034 = Failed to initialize the Crypto Factory.
+ERR.014.002.0035 = Failed to obtain a connection from the resource pool. No Descriptor Created.
+ERR.014.002.0036 = Connection to the database could not be obtained from the resource pool. No Descriptor Created.
+ERR.014.002.0037 = Unable to set the history limit to a negative number.
+ERR.014.002.0038 = Error initializing service for {0}
+ERR.014.002.0039 = Method baselineCurrentConfiguration is no longer supported.
+ERR.014.002.0040 = Unable to find the {0} configuration.
+ERR.014.002.0041 = Unable to close transaction.
+ERR.014.002.0042 = No current configuration id found.
+ERR.014.002.0043 = Unable to find the configuration model.
+ERR.014.002.0044 = Unable to find the configuration {0}
+ERR.014.002.0045 = The {0} reference may not be null.
+ERR.014.002.0046 = Unable to find the configuration and dependent objects from configuration {0}
+ERR.014.002.0047 = Unable to retrieve the global objects from the database.
+ERR.014.002.0048 = Unable to find the component type {0}
+ERR.014.002.0049 = Unable to find all the component types.
+ERR.014.002.0050 = Unable to find monitored component types.
+ERR.014.002.0051 = Unable to find component type definitions for {0}
+ERR.014.002.0052 = Error processing transaction reading dependent component type definitions.
+ERR.014.002.0053 = ComponentTypeID {0} not found in the list of component types.
+ERR.014.002.0054 = Error obtaining super component type definitions.
+ERR.014.002.0055 = Unable to find the hosts.
+ERR.014.002.0056 = Error obtains a list of component defns.
+ERR.014.002.0057 = Unable to close transaction when getting a list of component defns.
+ERR.014.002.0058 = Unable to find component defn for id {0}
+ERR.014.002.0059 = Unable to close transaction when getting component defn for id {0}
+ERR.014.002.0060 = Error obtaining a list of resource descriptors.
+ERR.014.002.0061 = Unable to close transaction when getting a list of resource descriptors.
+ERR.014.002.0062 = Error executing transaction to save resource changes.
+ERR.014.002.0063 = Error rolling back transaction after failing to save resource changes.
+ERR.014.002.0064 = Error executing transaction for user {0} with actions {1}
+ERR.014.002.0065 = Error rolling back transaction for user {0} after failing to execute actions {1}
+ERR.014.002.0066 = The executeInsertTransaction method can only accept CreateObject actions.
+ERR.014.002.0067 = Error preparing insert transaction for multiple actions: {0}
+ERR.014.002.0068 = Unable to undo {0} actions.
+ERR.014.002.0069 = Unable to undo actions.
+ERR.014.002.0070 = Unable to retrieve server start time.
+ERR.014.002.0071 = Unable to execute action upon the unsupported target of: {0}
+ERR.014.002.0072 = Configuration model was not found in the transaction for {0}
+ERR.014.002.0073 = The connection pool ("{0}") already exists and may not be recreated.
+ERR.014.002.0074 = The connection pool "{0}" does not exist.
+ERR.014.002.0075 = Action {0} is not supported on a Host.
+ERR.014.002.0076 = The deployed component ("{0}") already exists and may not be recreated.
+ERR.014.002.0077 = The deployed component "{0}" is not of a deployable type. Verify its ComponentType is flagged as Deployable.
+ERR.014.002.0078 = The deployed component "{0}" does not exist.
+ERR.014.002.0079 = Action {0} is not supported on a DeployedComponent.
+ERR.014.002.0080 = The PSC ("{0}") already exists and may not be recreated.
+ERR.014.002.0081 = The PSC definition "{0}" does not exist.
+ERR.014.002.0082 = The component definition {0} is not a ProductServiceConfig.
+ERR.014.002.0083 = The component definition ("{0}") already exists and may not be recreated.
+ERR.014.002.0084 = The component definition "{0}" does not exist.
+ERR.014.002.0085 = Action {0} is not supported on component definition {1}
+ERR.014.002.0086 = Action {0} is not implemented for ServiceComponentDefn.
+ERR.014.002.0087 = The component definition {0} is not a ServiceComponentDefn.
+ERR.014.002.0088 = The VM component definition ("{0}") already exists and may not be recreated.
+ERR.014.002.0089 = The VM component definition "{0}" does not exist.
+ERR.014.002.0090 = Action {0} is not supported on VM component definition {1}
+ERR.014.002.0091 = Action {0} is not implemented for VMComponentDefn.
+ERR.014.002.0092 = The connector component ("{0}") already exists and may not be recreated.
+ERR.014.002.0093 = The connector component "{0}" does not exist.
+ERR.014.002.0094 = Action {0} is not supported on connector component {1}
+ERR.014.002.0095 = The PSC "{0}" is not found in configuration {1}
+ERR.014.002.0096 = Action {0} is not implemented for ConnectorBinding.
+ERR.014.002.0097 = Action {0} for designating configurations is not supported on a Configuration.
+ERR.014.002.0098 = The configuration "{0}" does not exist.
+ERR.014.002.0099 = Action "{0}" is not supported on a Configuration.
+ERR.014.002.0100 = The component type "{0}" already exists and may not be recreated.
+ERR.014.002.0101 = Action "{0}" is not implemented for ComponentType.
+ERR.014.002.0102 = The component type "{0}" does not exist in this configuration.
+ERR.014.002.0103 = Action "{0}" is not supported on a component type definition.
+ERR.014.002.0104 = The component type definition ("{0}") already exists and may not be recreated.
+ERR.014.002.0105 = The host "{0}" does not exist.
+ERR.014.002.0106 = The resource "{0}" does not exist.
+ERR.014.002.0107 = Unable to process property changes, no implementation for action class {0}
+ERR.014.002.0108 = Unable to encrypt password property value.
+ERR.014.002.0109 = Invalid component type for property {0} to process isPasswordProp.
+ERR.014.002.0110 = {0} not yet implemented.
+ERR.014.002.0111 = Error committing transaction for {0}
+ERR.014.002.0112 = ExecuteActions with doAdjust on Connector is not valid.
+ERR.014.002.0113 = Unable to initialize XMLConfigurationMgr, properties are null.
+ERR.014.002.0114 = ConfigurationMgr Error: Configuration {0} was unable to be read from the persistent connection.
+ERR.014.002.0115 = Error initializing configuration model {0}
+ERR.014.002.0116 = Error getting configuration model {0}
+ERR.014.002.0117 = Error applying transaction in ConfigurationMgr, transaction lock problem.
+ERR.014.002.0118 = Unable to set configurations on ConfigurationMgr, a transaction must be passed.
+ERR.014.002.0119 = Configuration Transaction Error: Unable to set configuration changes due to there are not changes in the Transaction object.
+ERR.014.002.0120 = Error persisting configuration {0}
+ERR.014.002.0121 = Configuration Transaction Error: Unable to set configuration changes due to the Transaction object type {0} is not supported
+ERR.014.002.0122 = <CONFIG_MGR>Error creating ConfigurationChangeEvent - msg {0}
+ERR.014.002.0123 = Unable to perform transaction on configuration, transaction is null.
+ERR.014.002.0124 = Unable to perform transaction on configuration, transaction does NOT contain a lock.
+ERR.014.002.0125 = Error initializing configuration, the host name could not be obtained.
+ERR.014.002.0126 = Error initializing configuration, the messaging for configuration change will have a problem.
+ERR.014.002.0127 = The component type id must not be null when finding component type.
+ERR.014.002.0128 = The configuration designation {0} is invalid; must be one of the well-known system configurations.
+ERR.014.002.0129 = Error processing read transaction for {0}
+ERR.014.002.0130 = Unable to update resource, the resource is null.
+ERR.014.002.0131 = Method overwriteConfiguration is no longer supported.
+ERR.014.002.0132 = Property {0} is not found.
+ERR.014.002.0133 = Failed to initialize XMLConfigurationMgr.
+ERR.014.002.0134 = CONFIGMGR Transaction Factory is Null.
+ERR.014.002.0135 = CurrentConfiguration Error: Unable to create managed connection.
+ERR.014.002.0136 = CurrentConfigurationReader failed to create the ConfigurationReader.
+ERR.014.002.0137 = CurrentConfigurationReader failed to create the ConfigurationWriter.
+ERR.014.002.0138 = Error obtaining a persistent connection for CurrentConfigurationReader.
+ERR.014.002.0139 = No current configuration properties were found.
+ERR.014.002.0140 = Method {0} is not supported, must use performSystemInitialization.
+ERR.014.002.0141 = Error performing configuration initialization, unable to release lock.
+ERR.014.002.0142 = Error performing configuration initialization, unable to obtain lock.
+ERR.014.002.0143 = Unable to perform configuration initialization.
+ERR.014.002.0144 = Error performing configuration initialization, unable to obtain a write transaction when the system indicates no lock is currently held.
+ERR.014.002.0145 = Unable to obtain a read transaction.
+ERR.014.002.0146 = Connection must be provided to the constructor of JDBCPersistentConnection.
+ERR.014.002.0147 = The ConfigurationModelAdapter must be provided to the constructor of JDBCPersistentConnection.
+ERR.014.002.0148 = Failed to execute the query "{0}".
+ERR.014.002.0149 = Failed to read startup state from configuration.
+ERR.014.002.0150 = Failed to execute the query "{0}", and/or process the results.
+ERR.014.002.0151 = Unable to close the statement for query {0}.
+ERR.014.002.0152 = Unable to read configuration, connection is null.
+ERR.014.002.0153 = Unable to delete configuration {0}
+ERR.014.002.0154 = Unable to import configuration {0} from database, it does not exist.
+ERR.014.002.0155 = Unable to import configuration {0}
+ERR.014.002.0156 = Error writing configuration model in JDBCPersistentConnection, no data in the output stream.
+ERR.014.002.0157 = Unable to export configuration {0}
+ERR.014.002.0158 = Failed to execute the query "{0}" and/or obtain the update count
+ERR.014.002.0159 = Unable to begin transaction, unable to obtain lock for {0}
+ERR.014.002.0160 = This transaction has been marked for rollback.
+ERR.014.002.0161 = This transaction may not be committed.
+ERR.014.002.0162 = Error processing write transaction for {0}
+ERR.014.002.0163 = ConfigurationLock Error: lockHolder must be specified.
+ERR.014.002.0164 = Attempt to compare null.
+ERR.014.002.0165 = The default timeout must be greater than 0 seconds.
+ERR.014.002.0166 = Only one configuration transaction per thread is supported.
+ERR.014.002.0167 = There is no transaction associated with the current thread.
+ERR.014.002.0168 = The current thread is already associated with a transaction.
+ERR.014.002.0169 = The specified Transaction object is not a ToolkitTransaction instance.
+ERR.014.002.0170 = The current thread is not associated with a transaction.
+ERR.014.002.0171 = The TransactionManager must be a ConfigTransactionManager.
+ERR.014.002.0172 = This transaction has already been started.
+ERR.014.002.0173 = This transaction may not be begun again.
+ERR.014.002.0174 = This write transaction did not obtain a lock, therefore this transaction will be aborted.
+ERR.014.002.0175 = This transaction has not been started, and therefore may not be committed.
+ERR.014.002.0176 = This transaction has already been completed.
+ERR.014.002.0177 = This transaction has already expired for {0}
+ERR.014.002.0178 = The timeout value must be greater than 0 seconds.
+ERR.014.002.0179 = Unknown host when initializing ConfigurationMgr.
+ERR.014.002.0180 = Error obtaining lock for {0}
+ERR.014.002.0181 = Unable to obtain transaction lock for {0}, the lock is currently held by {1} acquired at {2}
+ERR.014.002.0182 = Unable to release transaction lock for {0}, acquired at {1}
+ERR.014.002.0183 = Unable to close the connection when obtain lock.
+ERR.014.002.0184 = Unable to obtain transaction lock for {0}, the lock is currently held by {1}
+ERR.014.002.0185 = Unable to release lock, user {0} does not have the current lock.
+ERR.014.002.0186 = Unable to import configuration file {0}
+ERR.014.002.0187 = Unable to export configuration for {0}
+ERR.014.002.0188 = Error creating connection, pool not created. Database may be down or properties are invalid.
+ERR.014.002.0189 = The membership domain provider ("{0}") already exists and may not be recreated.
+ERR.014.002.0190 = The membership domain provider "{0}" does not exist.
+ERR.014.002.0191 = Action {0} is not supported on a Membership Domain Provider.
+
+# host (005)
+ERR.014.005.0001 = Could not get configured host information from current configuration, server setup may be needed.
+ERR.014.005.0002 = Error closing server socket.
+ERR.014.005.0003 = Could not bind to port {0}
+ERR.014.005.0004 = Error accepting new connection.
+ERR.014.005.0005 = Could not get port number from current configuration.
+ERR.014.005.0006 = Could not connect to app server: cannot start services.
+ERR.014.005.0007 = Could not start services.
+ERR.014.005.0008 = Could not read command.
+ERR.014.005.0009 = Invalid wait time.
+ERR.014.005.0010 = Invalid port number.
+ERR.014.005.0011 = Error starting HostController.
+
+# registry (006)
+ERR.014.006.0001 = VMController {0} already bound to registry.
+ERR.014.006.0002 = Internal registry state error: Local VMRegistryBinding not found.
+ERR.014.006.0003 = Error sending VMCONTROLLER_REMOVED_EVENT for {0}
+ERR.014.006.0004 = Error broadcasting state to remote registries.
+ERR.014.006.0005 = Error marking service as bad: {0}
+ERR.014.006.0006 = Error creating registry: Could not get host name.
+ERR.014.006.0007 = Error creating registry: Could not establish messaging.
+ERR.014.006.0008 = Error creating ProxyManager.
+ERR.014.006.0009 = Error removing listener from message bus while closing Registry.
+ERR.014.006.0010 = ResourcePoolMgr {0} not bound to registry.
+ERR.014.006.0011 = Service {0} not bound to registry.
+ERR.014.006.0012 = VMController {0} not registered.
+ERR.014.006.0013 = Error communicating with VMController.
+ERR.014.006.0014 = Error sending SERVICE_FAILED_EVENT for {0}
+ERR.014.006.0015 = Error broadcasting local state.
+ERR.014.006.0016 = Error removing VM from registry: {0}
+ERR.014.006.0017 = Local VMController is not bound to this registry.
+ERR.014.006.0018 = VMController {0} not bound to registry.
+ERR.014.006.0019 = Error initializing MetaMatrixVMRegistry.
+ERR.014.006.0020 = Error creating stub for ResourcePoolMgr.
+ERR.014.006.0021 = Error connecting stub to ORB.
+ERR.014.006.0022 = Error connecting service stub to ORB.
+ERR.014.006.0023 = Error creating stub for VMController.
+ERR.014.006.0024 = Service {0} is already bound in the registry.
+ERR.014.006.0025 = ResourcePoolMgr {0} is already bound in the registry.
+ERR.014.006.0026 = {0} is not bound to the registry.
+ERR.014.006.0027 = Successfully marked service as bad: {0}
+
+
+# security.audit (207)
+ERR.014.207.0001 = The specified message level name "{0}" is unknown
+ERR.014.207.0002 = The specified message display name "{0}" is unknown
+ERR.014.207.0003 = Audit Manager failed initialization getting CurrentConfiguration properties - using default values.
+ERR.014.207.0004 = Audit Manager failed initialization of audit configuration - using default values.
+ERR.014.207.0005 = The specified audit level ({0}) is invalid.
+ERR.014.207.0006 = Error initializing audit destination: {0}
+ERR.014.207.0007 = Unable to initialize the audit queue and/or thread pool.
+ERR.014.207.0008 = Auditing is unable to be stopped.
+ERR.014.207.0009 = Audit manager is already Stopped!
+ERR.014.207.0010 = Unable to enqueue audit message.
+ERR.014.207.0011 = Object is not a AuditMessage: {0}
+ERR.014.207.0012 = Attempt to compare a null to an instance of BasicAuditConfiguration.
+ERR.014.207.0013 = Expected to init Auditing to "true" or "false", but got <{0}>.
+ERR.014.207.0014 = Unable to create an UnmodifiableAuditConfiguration from a null reference.
+ERR.014.207.0015 = Unable to modify this AuditConfiguration instance.
+ERR.014.207.0016 = The specified audit message format class "{0}" could not be found.
+ERR.014.207.0017 = The specified audit message format class "{0}" does not implement "{1}".
+ERR.014.207.0018 = Could not initialize the audit message format "{0}".
+ERR.014.207.0019 = Unable to record audit message to database.
+ERR.014.207.0020 = Unable to close audit database statement.
+ERR.014.207.0021 = Unable to close audit database connection.
+ERR.014.207.0022 = Exception creating connection to audit database.
+ERR.014.207.0023 = Could not write to specified log file: {0} with append = {1}
+ERR.014.207.0024 = Exception occurred trying to write audit message: {0}
+
+# security.authorization (307)
+ERR.014.307.0001 = The retry property value ({0}) could not be parsed into an integer - using default value of ({1})
+ERR.014.307.0002 = Unable to initialize the authorization cache.
+ERR.014.307.0003 = Unable to initialize the AuthorizationResourceResolverPool.
+ERR.014.307.0004 = An error occurred while initializing the Authorization service: {0}.
+ERR.014.307.0005 = Error initializing AuthorizationResourceResolverPool: Cannot access {0}.
+ERR.014.307.0006 = Error initializing AuthorizationResourceResolverPool: Cannot instantiate {0}.
+ERR.014.307.0007 = Error initializing AuthorizationResourceResolverPool: Cannot find {0}.
+ERR.014.307.0008 = Error initializing AuthorizationResourceResolverPool: Cannot cast {0} to AuthorizationResourceResolver.
+ERR.014.307.0009 = Error initializing AuthorizationResourceResolverPool: Cannot cast {0} to AuthorizationResourceResolver.
+ERR.014.307.0010 = The principal with user name <{0}> is invalid.
+ERR.014.307.0011 = Cannot take privileged action on behave of user - no permissions added.
+ERR.014.307.0012 = Exception during domain communication with authorization source while removing entitlements for MetaBase resources.
+ERR.014.307.0013 = Failure communicating with authorization source while removing entitlements for MetaBase resources.
+ERR.014.307.0014 = Unknown exception communicating with authorization source while removing entitlements for MetaBase resources.
+ERR.014.307.0015 = Unable to close transaction.
+ERR.014.307.0016 = Exception during domain communication with authorization source while modifying entitlements for MetaBase resources.
+ERR.014.307.0017 = Failure communicating with authorization source while modifying entitlements for MetaBase resources.
+ERR.014.307.0018 = Unknown exception communicating with authorization source while modifying entitlements for MetaBase resources.
+ERR.014.307.0019 = Call to getMetaBaseNodes() returned empty Map because resolver pool did not find resolver for MetaBaseResource.
+ERR.014.307.0020 = The principal with SessionToken <{0}> is invalid.
+ERR.014.307.0021 = Resource is in an unresolved state: {0}
+ERR.014.307.0022 = Group name must be fully-qualified; no pattern matching allowed.
+ERR.014.307.0023 = Exception during domain communication with authorization source while getting entitlements for resource.
+ERR.014.307.0024 = Failure communicating with authorization source while getting entitlements for resource.
+ERR.014.307.0025 = Unknown exception communicating with authorization source while getting entitlements for resource.
+ERR.014.307.0026 = Unable to get user members of user group: {0}
+ERR.014.307.0027 = Unable to get group members of user group: {0}
+ERR.014.307.0028 = An exception occurred while getting entitlements for resource.
+ERR.014.307.0029 = Exception during service communication with authorization source while searching for policy ID ({0}).
+ERR.014.307.0030 = Failure communicating with authorization source while searching for policy ID ({0}).
+ERR.014.307.0031 = Unknown exception communicating with authorization source while searching for policy ID ({0}).
+ERR.014.307.0032 = Exception during domain communication with authorization source while searching for all policy IDs.
+ERR.014.307.0033 = Failure communicating with authorization source while searching for all policy IDs.
+ERR.014.307.0034 = Unknown exception communicating with authorization source while searching for all policy IDs.
+ERR.014.307.0035 = An exception occurred while searching for all policy IDs.
+ERR.014.307.0036 = The principal <{0}> is invalid.
+ERR.014.307.0037 = Exception during domain communication with authorization source while searching for policy with ID ({0}).
+ERR.014.307.0038 = Failure communicating with authorization source while searching for policy with ID ({0}).
+ERR.014.307.0039 = Unknown exception communicating with authorization source while searching for policy with ID ({0}).
+ERR.014.307.0040 = Exception during domain communication with authorization source while getting role descriptions.
+ERR.014.307.0041 = Failure communicating with authorization source while getting role descriptions.
+ERR.014.307.0042 = Unknown exception communicating with authorization source while getting role descriptions.
+ERR.014.307.0043 = Exception during domain communication with authorization source while getting principals for role ({0}).
+ERR.014.307.0044 = Failure communicating with authorization source while getting principals for role ({0}).
+ERR.014.307.0045 = Unknown exception communicating with authorization source while getting principals for role ({0}).
+ERR.014.307.0046 = Exception during domain communication with authorization source while getting role names belonging to ({0}).
+ERR.014.307.0047 = Failure communicating with authorization source while getting role names belonging to ({0}).
+ERR.014.307.0048 = Unknown exception communicating with authorization source while getting role names belonging to ({0}).
+ERR.014.307.0049 = Resources must be of type: {0}.
+ERR.014.307.0050 = Exception during domain communication with authorization source while removing principal "{0}" from ALL policies.
+ERR.014.307.0051 = Failure communicating with authorization source while removing principal "{0}" from ALL policies.
+ERR.014.307.0052 = Unknown exception communicating with authorization source while removing principal "{0}" from ALL policies.
+ERR.014.307.0053 = Failed to commit TXN for removing principal "{0}" from all policies.
+ERR.014.307.0054 = Failed to roll back transaction on unsuccessful attempt to remove principal "{0}" from all policies.
+ERR.014.307.0055 = Exception during domain communication with authorization source while getting Authorization PolicyIDs with permissions belonging to realm "{0}"
+ERR.014.307.0056 = Failure communicating with authorization source while getting Authorization PolicyIDs with permissions belonging to realm "{0}"
+ERR.014.307.0057 = Unknown exception communicating with authorization source while getting Authorization PolicyIDs with permissions belonging to realm "{0}"
+ERR.014.307.0058 = Exception during domain communication with authorization source while getting Authorization Policies belonging to realm "{0}"
+ERR.014.307.0059 = Failure communicating with authorization source while getting Authorization Policies belonging to realm "{0}"
+ERR.014.307.0060 = Unknown exception communicating with authorization source while getting Authorization Policies belonging to realm "{0}"
+ERR.014.307.0061 = Exception during domain communication with authorization source while getting permissions for policy "{0}"
+ERR.014.307.0062 = Failure communicating with authorization source while getting permissions for policy "{0}"
+ERR.014.307.0063 = Unknown exception communicating with authorization source while getting permissions for policy "{0}"
+ERR.014.307.0064 = The caller reference may not be null.
+ERR.014.307.0065 = The actions reference may not be null.
+ERR.014.307.0066 = Error executing transaction for actions: {0}
+ERR.014.307.0067 = Error rolling back transaction after failing to execute actions: {0}
+ERR.014.307.0068 = Exception during domain communication with authorization source while searching for all policy IDs for principles.
+ERR.014.307.0069 = Failure communicating with authorization source while searching for all policy IDs for principles.
+ERR.014.307.0070 = Unknown exception communicating with authorization source while searching for all policy IDs for principles.
+ERR.014.307.0071 = Unknown exception while searching for all policy IDs for principles.
+ERR.014.307.0072 = Exception during service communication with authorization source while searching for policies with IDs in collection.
+ERR.014.307.0073 = Failure communicating with authorization source while searching for policies with IDs in collection.
+ERR.014.307.0074 = Unknown exception communicating with authorization source while searching for policies with IDs in collection.
+ERR.014.307.0075 = Can''t get principal''s groups from Membership service.
+ERR.014.307.0076 = Exception during communication with authorization source while executing actions on target policy {0}
+ERR.014.307.0077 = Target is not an instance of AuthorizationPolicyID: {0}
+ERR.014.307.0078 = Permission collection contains requests from different realms.
+ERR.014.307.0079 = Unable to obtain the managed connection for the authorization transaction.
+ERR.014.307.0080 = SQLException: Error creating prepared statement to retrieve policy IDs Actions and Permission factory for resource: {0}.
+ERR.014.307.0081 = SQLException: Error retrieving policy IDs and Actions for resource: {0}.
+ERR.014.307.0082 = Factory class: <{0}> not found.
+ERR.014.307.0083 = Current method does not have access to the definition of the specified class.
+ERR.014.307.0084 = This class: <{0}> is not be a concrete class?
+ERR.014.307.0085 = Error closing prepared statement.
+ERR.014.307.0086 = Error adding new permission to policy ID <{0}>
+ERR.014.307.0087 = Error creating prepared statement to remove permissions with resources.
+ERR.014.307.0088 = Error removing permissions with resources.
+ERR.014.307.0089 = Error creating prepared statement to get group entitlements for resource in realm.
+ERR.014.307.0090 = Error creating prepared statement to get element entitlements for resource in realm.
+ERR.014.307.0091 = Error getting entitlements for resource in realm.
+ERR.014.307.0092 = Error getting realm names.
+ERR.014.307.0093 = Error getting role descriptions.
+ERR.014.307.0094 = Error getting principals for role.
+ERR.014.307.0095 = Error getting role names for principal.
+ERR.014.307.0096 = Authorization policy ID may not be null.
+ERR.014.307.0097 = Error searching for policyID <{0}>.
+ERR.014.307.0098 = Error retrieving all policy IDs.
+ERR.014.307.0099 = Error retrieving all policy IDs with permissions in realm <{0}>.
+ERR.014.307.0100 = Error retrieving all policy IDs in realm <{0}>.
+ERR.014.307.0101 = Error retrieving all policy IDs in partial realm <{0}>.
+ERR.014.307.0102 = Error retrieving all policy IDs belonging to principals in realm <{0}>.
+ERR.014.307.0103 = Error retrieving all policy IDs belonging to principals.
+ERR.014.307.0104 = Error retrieving all policy IDs with resources in realm <{0}>.
+ERR.014.307.0105 = Unknown policy ID <{0}>.
+ERR.014.307.0106 = Error retrieving policy for policy ID <{0}>.
+ERR.014.307.0107 = Unable to resolve resource "{0}". Can''t create permission.
+ERR.014.307.0108 = Error retrieving permissions for policy ID <{0}>.
+ERR.014.307.0109 = Failed to remove principal <{0}> from all policies.
+ERR.014.307.0110 = Unknown action: {0} on target policy ID: {1}.
+ERR.014.307.0111 = Can''t add Permission for resource: {0} in Realm: {1}
+ERR.014.307.0112 = Unable to remove permission: {0}.
+ERR.014.307.0113 = Unable to remove all permissions and principles from policy UID: {0}.
+ERR.014.307.0114 = Principal table <{0}> has no such principal <{1}>
+ERR.014.307.0115 = The authorization policy <{0}> already exists.
+ERR.014.307.0116 = Unable to add Policy: {0}
+ERR.014.307.0117 = The authorization policy with ID <{0}> does not exist.
+ERR.014.307.0118 = SQLException while getting permission type UID for permission: {0}
+ERR.014.307.0119 = Error creating/updating realm: {0}
+ERR.014.307.0120 = Cannot get realm UID from database view for realm: {0}
+ERR.014.307.0121 = Cannot create new Authorization realm: {0}
+ERR.014.307.0122 = Unable to remove policies and permissions for realm: {0}
+
+# security.membership (407)
+ERR.014.407.0001 = The user''s name may not be null.
+ERR.014.407.0002 = The group''s name may not be null.
+ERR.014.407.0003 = The target MetaMatrixPrincipal may not be null.
+ERR.014.407.0004 = The target MetaMatrixPrincipal and group names may not be null.
+ERR.014.407.0005 = The name or value may not be null when adding a property.
+ERR.014.407.0006 = Their must be at least one property value in the value collection.
+ERR.014.407.0007 = Multiple values for one property name is not supported.
+ERR.014.407.0008 = The value may not be null when setting a property.
+ERR.014.407.0009 = The name may not be null when removing a property.
+ERR.014.407.0010 = The target MetaMatrixPrincipal is not a USER or ADMIN principal and does not have credentials associated with it.
+ERR.014.407.0011 = The caller''s session identifier may not be null.
+ERR.014.407.0012 = The new credentials may not be null.
+ERR.014.407.0013 = The name of a principal may not be null or zero-length.
+ERR.014.407.0014 = The name of a principal may not be greater than {0} characters.
+ERR.014.407.0015 = The type of this principal is out of range.
+ERR.014.407.0016 = Unable to make a copy of a null principal.
+ERR.014.407.0017 = Unable to use a null principal reference for merging.
+ERR.014.407.0018 = Unable to merge a {0} principal with a {1} principal.
+ERR.014.407.0019 = The two principals ("{0}" and "{1}") cannot be merged because they are not the same principal.
+ERR.014.407.0020 = The specified code ({0}) is invalid.
+ERR.014.407.0021 = Unable to initialize membership domain <{0}>
+ERR.014.407.0022 = Unable to initialize Membership service.
+ERR.014.407.0023 = Unable to create membership domain {0}
+ERR.014.407.0024 = Unable to create membership domain "{0}". Factory class not found in environment properties.
+ERR.014.407.0025 = Unable to load membership SPI property file: {0}
+ERR.014.407.0026 = Error shutting down domain after ''killService'' method received.
+ERR.014.407.0027 = Unknown error communicating with domain during authentication of user.
+ERR.014.407.0028 = The SPI domain implementation \"{0}\" does not support this operation: \"{1}\".
+ERR.014.407.0029 = The specified token is invalid.
+ERR.014.407.0030 = Unknown error with the {0} domain during access of user principal {1}
+ERR.014.407.0031 = The principal "{0}" is invalid.
+ERR.014.407.0032 = Unknown error with domain during access of group principal.
+ERR.014.407.0034 = Unknown error communicating with domain {0} during access of editable principal names.
+ERR.014.407.0035 = Unknown error communicating with domain {0} during query of read-only principal names.
+ERR.014.407.0036 = Unknown error communicating with domain during access of group names.
+ERR.014.407.0037 = The user "{0}" is not known to any membership domain.
+ERR.014.407.0038 = Error communicating with internal domain during access of principal attributes.
+ERR.014.407.0039 = Modifying principals is not supported by any of the domains.
+ERR.014.407.0040 = Unable to execute actions submitted by {0}
+ERR.014.407.0041 = Unable to modify principal {0} with actions: {1}
+ERR.014.407.0042 = The domain "{0}" is not editable despite the setting in the properties.
+ERR.014.407.0043 = Unable to execute membership transaction because of authorization failure for caller {0}
+ERR.014.407.0044 = Unable to execute transaction with actions.
+ERR.014.407.0045 = Unknown error
+ERR.014.407.0046 = Domain: "{0}" - Unable to initialize the transaction manager.
+ERR.014.407.0047 = The retry property value could not be negative.
+ERR.014.407.0048 = Domain: "{0}" - Unable to initialize domain.
+ERR.014.407.0049 = Domain: "{0}" - The retry property value ("{1}") could not be parsed into an integer - using default value of {2}
+ERR.014.407.0050 = This membership domain instance is closed.
+ERR.014.407.0051 = Service closed.
+ERR.014.407.0052 = Domain: "{0}" - Exception during domain communication with membership source to authenticate user.
+ERR.014.407.0053 = Domain: "{0}" - Unable to authenticate user.
+ERR.014.407.0054 = Unable to close transaction for domain "{0}"
+ERR.014.407.0055 = Domain: "{0}" - Unable to verify principal for trusted token.
+ERR.014.407.0056 = Domain: "{0}" - Exception during domain communication with membership source to determine if user principal exists.
+ERR.014.407.0057 = Unable to determine if user principal exists.
+ERR.014.407.0058 = Domain: "{0}" - Exception during domain communication with membership source to determine if group principal exists.
+ERR.014.407.0059 = Unable to determine if group principal exists.
+ERR.014.407.0060 = Domain: "{0}" - Exception during domain communication with membership source to access user principal
+ERR.014.407.0061 = Unable to access user principal.
+ERR.014.407.0062 = Domain: "{0}" - Exception during domain communication with membership source to access group principal
+ERR.014.407.0063 = Unable to access group principal.
+ERR.014.407.0064 = Domain: "{0}" - Exception during domain communication with membership source to access user names
+ERR.014.407.0065 = Unable to access user names.
+ERR.014.407.0066 = Domain: "{0}" - Exception during domain communication with membership source to access group names.
+ERR.014.407.0067 = Unable to access group names.
+ERR.014.407.0068 = Domain: "{0}" - Exception during domain communication with membership source to access root group names.
+ERR.014.407.0069 = Unable to access root group names.
+ERR.014.407.0070 = Domain: "{0}" - Exception during domain communication with membership source to access group members of group {1}
+ERR.014.407.0071 = Unable to access group members of group <{0}> in domain <{1}>
+ERR.014.407.0072 = Domain: "{0}" - Exception during domain communication with membership source to access user members of group {1}
+ERR.014.407.0073 = Unable to access user members of group <{0}> in domain <{1}>
+ERR.014.407.0074 = Domain: "{0}" - Exception during domain communication with membership source to get principal attributes.
+ERR.014.407.0075 = Unable to access principal attributes in domain <{0}>
+ERR.014.407.0076 = Error rolling back transaction after failing to execute actions {0}
+ERR.014.407.0077 = Target is not of appropriate type: <{0}>
+ERR.014.407.0078 = Exception during communication with membership source while executing actions on target principal ({0}).
+ERR.014.407.0079 = The connection is not the appropriate type ("{0}").
+ERR.014.407.0080 = Unknown exception when authenticating principal: {0}
+ERR.014.407.0081 = Unable to close JDBC statement.
+ERR.014.407.0082 = User name may not null or zero length.
+ERR.014.407.0083 = Error while verifying existence of principal {0}
+ERR.014.407.0084 = Unknown exception when authenticating principal {0}
+ERR.014.407.0085 = This method is not implemented in this SPI.
+ERR.014.407.0086 = Principal name may not be empty or null.
+ERR.014.407.0087 = The principal <{0}> does not exist in JDBC domain.
+ERR.014.407.0088 = Unknown exception.
+ERR.014.407.0089 = Unexpected exception.
+ERR.014.407.0090 = Group name may not be empty or null.
+ERR.014.407.0091 = Could not find group <{0}> in this domain.
+ERR.014.407.0092 = Unknown exception retrieving members of group named {0}
+ERR.014.407.0093 = The specified principal "{0}" does not exist in this domain.
+ERR.014.407.0094 = Action {0} is not supported.
+ERR.014.407.0095 = The principal: {0} does not have property: {1}
+ERR.014.407.0096 = Group: {0} does not exist.
+ERR.014.407.0097 = Unexpected exception when obtaining principal type UID.
+ERR.014.407.0098 = Failed to get PrincipalTypeUID for principal type <{0}>
+ERR.014.407.0099 = Domain: "{0}" - Unable to initialize the connection pool.
+ERR.014.407.0100 = Unable to initialize domain.
+ERR.014.407.0107 = Could not parse name in namespace for {0}
+ERR.014.407.0109 = Could not communicate with membership service provider to authenticate principal {0}
+ERR.014.407.0110 = Caught NamingException while authenticating {0}
+ERR.014.407.0113 = Could not communicate with membership service provider for name {0}
+ERR.014.407.0114 = Caught NamingException for name {0}
+ERR.014.407.0115 = Caught ClassCastException while examining name {0}
+ERR.014.407.0117 = Could not find group named {0}
+ERR.014.407.0118 = Could not communicate with membership service provider.
+ERR.014.407.0120 = Failed to get groups for principal.
+ERR.014.407.0122 = Failed to {0}.
+ERR.014.407.0123 = Caught NamingException while getting explicit members of group {0}
+ERR.014.407.0124 = Caught NamingException while getting {0} hierarchical group members of group {1}
+ERR.014.407.0126 = No security domains exist.
+
+# security.session (507)
+ERR.014.507.0001 = Unable to initialize the session cache.
+ERR.014.507.0002 = Unable to initialize the client monitor cache.
+ERR.014.507.0003 = Error creating SessionTerminationHandler: {0}
+ERR.014.507.0004 = Unable to communicate with the membership service.
+ERR.014.507.0005 = Membership service could not authenticate user "{0}".
+ERR.014.507.0006 = The username "{0}" and/or password are incorrect.
+ERR.014.507.0007 = Exception while getting session info for session ID {0}
+ERR.014.507.0008 = User "{0}" is unknown in all membership domains.
+ERR.014.507.0009 = sessionID parameter cannot be null
+ERR.014.507.0010 = Error initializing session cleanup thread.
+ERR.014.507.0011 = Error initializing client monitor thread.
+ERR.014.507.0012 = Unable to obtain the managed connection for the session transaction.
+ERR.014.507.0013 = User name may not be null to create a new session.
+ERR.014.507.0014 = Application name may not be null to create a new session"
+ERR.014.507.0015 = Product Info may not be null or of zero-length
+ERR.014.507.0016 = Retry failed parsing session creation date <{0}> while creating new session for user "{1}" from application "{2}".
+ERR.014.507.0017 = Unable to insert a new session for user "{0}" from application "{1}"
+ERR.014.507.0018 = SQLException; cannot create session for user "{0}" from application "{1}"
+ERR.014.507.0019 = Unknown exception; cannot create session for user "{0}" from application "{1}"
+ERR.014.507.0020 = The session "{0}" is invalid.
+ERR.014.507.0021 = The session "{0}" is invalid. Rows returned = {1}
+ERR.014.507.0022 = Unable to close session "{0}". Update returned {1} rows.
+ERR.014.507.0023 = SQLException when closing session "{0}"
+ERR.014.507.0024 = Unexpected exception: unknown exception when closing session "{0}"
+ERR.014.507.0025 = Unable to close JDBC statement for "closeSession"
+ERR.014.507.0026 = The session ID may not be null
+ERR.014.507.0027 = The specified session ID "{0}" is invalid. It cannot be found in the userbase.
+ERR.014.507.0028 = SQLException; cannot get session info for session "{0}"
+ERR.014.507.0029 = Invalid arguments; cannot get session info for session "{0}"
+ERR.014.507.0030 = Error parsing session time; cannot get session info for session "{0}"
+ERR.014.507.0031 = Unknown exception; cannot get session info for session "{0}"
+ERR.014.507.0032 = Unable to close JDBC statement for "getSessionInfo"
+ERR.014.507.0033 = The session state may not be {0}.
+ERR.014.507.0034 = SQLException; cannot get sessions of state "{0}"
+ERR.014.507.0035 = Error parsing session time; cannot get sessions of state "{0}"
+ERR.014.507.0036 = Unknown exception; cannot get sessions of state "{0}"
+ERR.014.507.0037 = Unable to close JDBC statement for "getSessionsOfState"
+ERR.014.507.0038 = SQLException; cannot get all sessions
+ERR.014.507.0039 = Error parsing session time; cannot get all sessions
+ERR.014.507.0040 = Unknown exception; cannot get all sessions
+ERR.014.507.0041 = Unable to close JDBC statement for "getAllSessions"
+ERR.014.507.0042 = SQLException; cannot get all sessions count
+ERR.014.507.0043 = Unknown exception; cannot get all sessions count
+ERR.014.507.0044 = Unable to close JDBC statement for "getAllSessionsCount"
+ERR.014.507.0045 = SQLException; cannot get all sessionsOfState count
+ERR.014.507.0046 = Unknown exception; cannot get all sessionsOfState count
+ERR.014.507.0047 = Unable to close JDBC statement for "getAllSessionsOfStateCount"
+ERR.014.507.0048 = SQLException; cannot get all connections count for product
+ERR.014.507.0049 = Unknown exception; cannot get all connections count for product
+ERR.014.507.0050 = Unable to close JDBC statement for "getAllConnectionsCountForProduct"
+ERR.014.507.0051 = SQLException; cannot get all connections count of state for product
+ERR.014.507.0052 = Unknown exception; cannot get all connections count of state for product
+ERR.014.507.0053 = Unable to close JDBC statement for "getAllConnectionsCountOfStateForProduct"
+ERR.014.507.0054 = SQLException; cannot get all sessions for user "{0}"
+ERR.014.507.0055 = Error parsing session time; cannot get all sessions for user "{0}"
+ERR.014.507.0056 = Unknown exception; cannot get all sessions for user "{0}"
+ERR.014.507.0057 = Unable to close JDBC statement for "getAllSessionsForUser"
+ERR.014.507.0058 = SQLException; cannot get sessions of state"[0}" for user "{1}"
+ERR.014.507.0059 = Error parsing session time; cannot get sessions of state "{0}" for user "{1}"
+ERR.014.507.0060 = Unknown exception; cannot get sessions of state "{0}" for user "{1}"
+ERR.014.507.0061 = Unable to close JDBC statement for "getSessionsOfStateForUser"
+ERR.014.507.0062 = Session ID "{0}" is invalid.
+ERR.014.507.0063 = Unable to update session "{0}" to state "{1}". Update returned {2} rows.
+ERR.014.507.0064 = SQLException when updating session "{0}" to state "{1}"
+ERR.014.507.0065 = Unknown Exception when updating session "{0}" to state "{1}"
+ERR.014.507.0067 = Unable to close JDBC statement for "updateSession"
+ERR.014.507.0068 = SQLException when getting sessions logged in to VDB "{0}" VDB version "{1}"
+ERR.014.507.0069 = Unknown Exception when getting sessions logged in to VDB "{0}" VDB version "{1}"
+ERR.014.507.0070 = Unable to close JDBC statement for "updateSessionWithProductInfo"
+ERR.014.507.0071 = productInfo cannot be null and must not contain more than {0} elements.
+ERR.014.507.0072 = Unable to update session "{0}" with productInfo "{1}". Update returned {2} rows.
+ERR.014.507.0073 = SQLException when updating session "{0}" with productInfo "{1}"
+ERR.014.507.0074 = Unknown Exception when updating session "{0}" with productInfo "{1}"
+ERR.014.507.0075 = Unable to close JDBC statement for "updateSessionWithProductInfo"
+ERR.014.507.0076 = SQLException; cannot remove old sessions
+ERR.014.507.0077 = Error parsing session time; cannot remove old sessions.
+ERR.014.507.0078 = Unknown exception; cannot remove old sessions.
+ERR.014.507.0079 = Unable to close JDBC statement for "removeSessions(Long)"
+ERR.014.507.0080 = The specified session ID is invalid: {0}
+ERR.014.507.0081 = SQL Exception; cannot determine session state for session {0}
+ERR.014.507.0082 = Unknown exception; cannot determine session state for session {0}
+ERR.014.507.0083 = Unable to close JDBC statement for "getSessionState"
+ERR.014.507.0084 = Session state could not be determined for session {0}
+ERR.014.507.0085 = SessionID may not be null in setIsSubscriber()
+ERR.014.507.0086 = Could not set isSubscriber for session ID "{)}". Update returned "{1}" rows.
+ERR.014.507.0087 = SQLException; could not set isSubscriber for session ID "{0}".
+ERR.014.507.0088 = Unknown exception; could not set isSubscriber for session ID "{0}".
+ERR.014.507.0089 = Unable to close JDBC statement for "setIsSubscriber".
+ERR.014.507.0090 = Could not increment client count for session ID "{0}". Update returned "{1}" rows.
+ERR.014.507.0091 = SQLException; could not increment client count for session ID "{0}".
+ERR.014.507.0092 = Unknown exception; could not increment client count for session ID "{0}".
+ERR.014.507.0093 = Unable to close JDBC statement for "incrementClientCount"
+ERR.014.507.0094 = SQLException; cannot get products for session: {0}
+ERR.014.507.0095 = Unknown exception; cannot get products for session: {0}
+ERR.014.507.0096 = Unable to close JDBC statement for "getProductsForSession"
+ERR.014.507.0097 = Product may not be null
+ERR.014.507.0098 = Could not bind Session {0} to product {1}
+ERR.014.507.0099 = Error binding Session {0} to product {1}
+ERR.014.507.0100 = SQLException; Error binding Session {0} to product {1}
+ERR.014.507.0101 = Unable to close JDBC statement for binding session to product in "bindSessionToProducts"
+ERR.014.507.0102 = Could not unbind Session {0} from product {1}
+ERR.014.507.0103 = Error unbinding Session {0} from product {1}
+ERR.014.507.0104 = SQLException; Error unbinding Session {0} from product {1}
+ERR.014.507.0105 = Unknown exception; Error unbinding Session {0} from product {1}
+ERR.014.507.0106 = Unable to close JDBC statement for unbinding session to product in "unbindSessionFromProducts"
+ERR.014.507.0107 = Error Generating SessionID
+ERR.014.507.0108 = Getting product ID for {0} failed.
+ERR.014.507.0109 = SQLException; getting product ID failed for {0}.
+ERR.014.507.0110 = Unknown exception; getting product ID failed for {0}.
+ERR.014.507.0111 = Unable to close JDBC statement for getting product ID in "getProductUID"
+ERR.014.507.0112 = Getting product name for {0} failed.
+ERR.014.507.0113 = SQLException; getting product name failed for {0}.
+ERR.014.507.0114 = Unknown exception; getting product name failed for {0}.
+ERR.014.507.0115 = Unable to close JDBC statement for getting product name in "getProductName"
+ERR.014.507.0116 = Cannot execute database view.
+ERR.014.507.0117 = SQLException.
+ERR.014.507.0118 = Unable to delete row from table <{0}> where sessionUID = <{1}>
+ERR.014.507.0119 = {0}: Failed to get active sessions.
+ERR.014.507.0120 = {0}: Session was invalid: <{1}>
+ERR.014.507.0121 = {0}: SessionServiceException terminating: <1>
+
+# security.util (607)
+ERR.014.607.0001 = Attempt to compare null to RolePermission
+ERR.014.607.0002 = Attempt to compare {0} to RolePermission
+ERR.014.607.0003 = There was no suitable encryption algorithm found.
+
+# service (008)
+ERR.014.008.0001 = service properties not specified
+ERR.014.008.0002 = Could not find required property {0} in service initialization properties
+ERR.014.008.0003 = The service is not recognized as a licensed service, or as belonging to a licensed product. Service: {0}
+ERR.014.008.0004 = could not init service: {0}
+ERR.014.008.0005 = service could not die: {0}
+ERR.014.008.0008 = could not get hostname for service : {0}
+ERR.014.008.0009 = Service not initialized: {0}: {1}
+ERR.014.008.0010 = Service is closed: {0}: {1}
+ERR.014.008.0012 = Service is in an error state: {0}: {1}
+ERR.014.008.0013 = Error in {0}
+ERR.014.008.0014 = Error getting local services from registry, could not stop services.
+ERR.014.008.0015 = Error stopping service(s): {0}
+ERR.014.008.0016 = {0}, {1}
+ERR.014.008.0017 = Cannot shutdown service {0}. Is last instance of an essential service.
+ERR.014.008.0018 = Could not stop service: {0}
+ERR.014.008.0019 = Error unregistering service: {0}
+ERR.014.008.0025 = Error creating serviceID, could not start service
+ERR.014.008.0026 = Error stopping service: {0} error looking up in registry.
+ERR.014.008.0027 = Error updating service state for {0} to {1}
+ERR.014.008.0028 = Error starting service {0} in ServiceController
+ERR.014.008.0029 = Error communicating with vm: {0}
+ERR.014.008.0030 = Error finding process: {0}
+ERR.014.008.0031 = Error communicating with process: {0}
+ERR.014.008.0032 = Process not found: Must be deployed to start.
+ERR.014.008.0033 = Error reading configuration.
+ERR.014.008.0034 = Error stopping Process: {0}
+ERR.014.008.0035 = \nError reading registry.
+ERR.014.008.0036 = No services are currently running, check back later.
+ERR.014.008.0037 = \nError reading deployed hosts from current configuration.
+ERR.014.008.0038 = \nError reading deployed processes from current configuration.
+ERR.014.008.0039 = ServiceID does not exist.
+ERR.014.008.0040 = \nError killing HostController on {0}
+ERR.014.008.0041 = Error shutting down processes: {0}
+ERR.014.008.0042 = Error sending kill command to hostController.
+ERR.014.008.0043 = Error getting serviceBinding from registry.
+ERR.014.008.0044 = Service contains no queues.
+ERR.014.008.0045 = {0}: queue does not exist.
+ERR.014.008.0046 = Error reading queue stats for service : {0}
+ERR.014.008.0047 = Error getting serviceBinding from registry.
+ERR.014.008.0049 = Missing required property SERVICE_PROXY_CLASS_NAME.
+ERR.014.008.0050 = Cannot create proxy of type <{0}>: {1}
+ERR.014.008.0051 = Missing required property SERVICE_SELECTION_POLICY_NAME
+ERR.014.008.0052 = ServiceSelectionPolicy: {0}: Caught InterruptedException. No services found.
+ERR.014.008.0053 = ServiceSelectionPolicy: {0}: No services found.
+ERR.014.008.0054 = Cannot find service instance of type <{0}>
+ERR.014.008.0055 = Error marking service as bad: {0}
+ERR.014.008.0056 = Proxy is closed.
+ERR.014.008.0057 = Error In {0}
+ERR.014.008.0058 = Error In {0}:
+ERR.014.008.0059 = Unknown ServiceSelectionPolicyType name: <{0}> Upper: <{1}>
+ERR.014.008.0060 = Unknown ServiceSelectionPolicyType: <{0}>
+ERR.014.008.0061 = Attempt to compare null to ServiceSelectionPolicyKey
+ERR.014.008.0062 = Attempt to compare {0} to ServiceSelectionPolicyKey
+ERR.014.008.0063 = Error killing service: {0}
+ERR.014.008.0064 = Error restarting service: {0}
+ERR.014.008.0065 = Error bouncing service: {0}
+ERR.014.008.0066 = Error clearing cache for service: {0}
+ERR.014.008.0067 = Error checking service states
+ERR.014.008.0068 = Error checking service state for service: {0}
+ERR.014.008.0069 = Service unable to communicate with underlying data source: {0}
+ERR.014.008.0070 = Error setting initialization exception for {0}
+
+
+
+# vm.controller (010)
+ERR.014.010.0001 = AppServerVM does not have BufferManager
+ERR.014.010.0003 = VMControllerID string must contain a '','': ''{0}''
+ERR.014.010.0004 = VMControllerID string must have an integral ID after the comma: ''{0}''
+
+# ==========================================
+# LOG Messages for the Platform Package (014)
+# ==========================================
+#
+# example: MSG.014.001.0001=Test Message for Platform Package
+
+# admin (001)
+MSG.014.001.0001 = Starting AdminAPIConnection for session <{0}> userName={1}
+MSG.014.001.0002 = Bounce complete
+MSG.014.001.0003 = Stopping service: {0} user = {1}
+MSG.014.001.0004 = Stopping service now: {0} user = {1}
+MSG.014.001.0005 = Stopping host: {0} user = {1}
+MSG.014.001.0006 = Stopping host now: {0} user = {1}
+MSG.014.001.0009 = Stopping process: {0} user = {1}
+MSG.014.001.0010 = Stopping process now: {0} user = {1}
+MSG.014.001.0013 = Stopping all services in process: {0} user = {1}
+MSG.014.001.0014 = Stopping all services in process now: {0} user = {1}
+MSG.014.001.0015 = Shutting down server. user = {0}
+MSG.014.001.0016 = Bouncing server. user = {0}
+MSG.014.001.0019 = Restarting service: {0}
+MSG.014.001.0020 = Starting host: {0} user = {1}
+MSG.014.001.0021 = Starting process: {0} user = {1}
+MSG.014.001.0022 = Starting PSC: {0} user = {1}
+MSG.014.001.0023 = Stopping PSC: {0} user = {1}
+MSG.014.001.0026 = Synchronizing server. user = {0}
+MSG.014.001.0027 = Setting logging configuration.
+MSG.014.001.0028 = Setting logging configuration in all processes.
+MSG.014.001.0029 = Setting logging configuration in process: {0}
+
+# config (002)
+MSG.014.002.0001 = RMI Error in ConfigurationServiceProxy.
+MSG.014.002.0002 = Initialized configuration service for {0}
+MSG.014.002.0003 = {0}: closed
+MSG.014.002.0004 = Performed undo on {0} action(s).
+MSG.014.002.0005 = STRATEGY: Already Exist ComponentType Target {1}
+MSG.014.002.0006 = Unable to execute actions; use trace logging for actions.
+MSG.014.002.0007 = Completed execution of actions.
+MSG.014.002.0008 = Completed execution of overwriting configuration.
+
+# host (005)
+MSG.014.005.0001 = Adding shutdown hook.
+MSG.014.005.0002 = Error adding shutdown hook.
+MSG.014.005.0003 = Closing server socket.
+MSG.014.005.0004 = Starting HostController on {0}
+MSG.014.005.0005 = Listening on port {0}
+MSG.014.005.0006 = Trying to connect to AppServer
+MSG.014.005.0007 = Starting MetaMatrixServer
+MSG.014.005.0008 = Starting Processes on {0}
+MSG.014.005.0009 = Killing {0}
+MSG.014.005.0010 = Must enter a VM name.
+MSG.014.005.0011 = {0} is already running: Killing now
+MSG.014.005.0012 = Attempting to bind port {0} using bindaddress {1}
+
+
+# security (007)
+# security.api (107)
+ERR.014.107.0001 = The target AuthorizationPolicyID may not be null.
+ERR.014.107.0002 = The target AuthorizationPolicy may not be null.
+ERR.014.107.0003 = The target AuthorizationPermission may not be null.
+ERR.014.107.0004 = The destination AuthorizationRealm may not be null.
+ERR.014.107.0005 = Got CloneNotSupportedException while attempting to clone permission: {0}
+ERR.014.107.0006 = The source AuthorizationPolicy may not be null.
+ERR.014.107.0007 = The resource may not be null or empty.
+ERR.014.107.0008 = The AuthorizationRealm may not be null.
+ERR.014.107.0009 = The specified attribute definition code ({0}) is invalid.
+ERR.014.107.0010 = DELETE action may not be specified on an element: {0}
+ERR.014.107.0011 = This permission''s resource is not an element in the given set of available resources: {0}
+ERR.014.107.0012 = Unable to modify permissions without a valid AuthorizationPolicy.
+ERR.014.107.0013 = Factory class name may not be null or empty.
+ERR.014.107.0014 = Resource may not be null.
+ERR.014.107.0015 = Attempt to compare null to AuthorizationPermission.
+ERR.014.107.0016 = Attempt to compare {0} to AuthorizationPermission
+ERR.014.107.0017 = Attempt to add a AuthorizationPermission to a readonly AuthorizationPermissions object
+ERR.014.107.0018 = Attempt to compare null to AuthorizationPolicy
+ERR.014.107.0019 = Attempt to compare {0} to AuthorizationPolicy
+ERR.014.107.0020 = Unable to add a null or empty permission to the policy
+ERR.014.107.0021 = Unable to add a null permission to the policy; a null was contained in the set of permissions to be added.
+ERR.014.107.0022 = Unable to add a null principal to the policy
+ERR.014.107.0023 = Unable to add a null principal to the policy; a null was contained by the set of principals to be added.
+ERR.014.107.0024 = The policy display name may not be null or empty.
+ERR.014.107.0025 = The policy display name contains an illegal character: "{0}".
+ERR.014.107.0026 = The policy''s authorization realm name may not be null.
+ERR.014.107.0027 = The policy VDB name may not be null or empty.
+ERR.014.107.0028 = The policy cannot have a description length greater than {0} characters.
+ERR.014.107.0029 = Attempt to compare null to AuthorizationPolicyID.
+ERR.014.107.0030 = Attempt to compare {0} to AuthorizationPolicyID.
+ERR.014.107.0031 = The authorization realm name may not be null or empty.
+ERR.014.107.0032 = The authorization realm name <{0}> contains too many components.
+ERR.014.107.0033 = The authorization realm name <{0}> and the sub realm <{1}> can contain only one component each.
+ERR.014.107.0034 = SubRealmName may not contain only zeros.
+ERR.014.107.0035 = Attempt to compare null to AuthorizationRealm.
+ERR.014.107.0036 = Attempt to compare {0} to AuthorizationRealm.
+ERR.014.107.0037 = Attempt to compare null to BasicAuthorizationPermission.
+ERR.014.107.0038 = Attempt to compare {0} to BasicAuthorizationPermission.
+ERR.014.107.0043 = Attempt to compare null to DataAccessResource.
+ERR.014.107.0044 = Attempt to compare {0} to DataAccessResource.
+ERR.014.107.0045 = Attempt to compare null to GranteeEntitlementEntry.
+ERR.014.107.0046 = Attempt to compare {0} to GranteeEntitlementEntry.
+ERR.014.107.0047 = The AuthorizationPolicyID may not be null.
+ERR.014.107.0048 = Unable to modify permissions without a valid AuthorizationPolicy.
+ERR.014.107.0049 = Attempt to compare null to MetaBasePermission.
+ERR.014.107.0050 = Attempt to compare {0} to MetaBasePermission
+ERR.014.107.0051 = Cannot create a MetaBaseResource with a null UUID.
+ERR.014.107.0052 = The Resource name may not be null.
+ERR.014.107.0053 = Attempt to compare null to MetaBaseResource.
+ERR.014.107.0054 = Attempt to compare {0} to MetaBaseResource
+ERR.014.107.0055 = Resource path has not been resolved for: {0}
+ERR.014.107.0056 = The name of a principal may not be null or zero-length.
+ERR.014.107.0057 = The name of a principal may not be greater than {0} characters.
+ERR.014.107.0058 = The type of this principal is out of range.
+ERR.014.107.0059 = Unable to make a copy of a null MetaMatrixPrincipalName.
+ERR.014.107.0060 = Attempt to compare null to MetaMatrixPrincipalName.
+ERR.014.107.0061 = The userName for a session token may not be null or zero-length.
+ERR.014.107.0062 = The productInfo for a session token may not be null or have more than {0} elements.
+ERR.014.107.0063 = The session ID may not be null.
+ERR.014.107.0064 = The productInfo index cannot be greater than {0} or less than 0.
+ERR.014.107.0065 = Attempt to compare null to SessionToken.
+ERR.014.107.0066 = The specified actions ({0}) are invalid.
+ERR.014.107.0067 = ERROR IN AuthorizationActions.getAuthorizationActions(): Could not retrieve the AuthorizationActions for the specified actions ({0}).
+ERR.014.107.0068 = The specified labels ({0}) are invalid.
+ERR.014.107.0069 = Attempt to compare null to AuthorizationActions.
+ERR.014.107.0070 = Attempt to compare {0} to AuthorizationActions.
+ERR.014.107.0071 = The trusted token for a session token may not be null.
+ERR.014.107.0072 = Error creating LogonAPIBean, Exception: {0}
+ERR.014.107.0073 = Unable to decrypt user password.
+ERR.014.107.0074 = Session "{0}" is not valid
+ERR.014.107.0075 = Unknown Session Service exception.
+ERR.014.107.0076 = Could not connect to a CurrentConfiguration.
+ERR.014.107.0077 = RMI Error with AuthorizationServiceProxy communication with service.
+ERR.014.107.0078 = Authorization service instance not initialized.
+ERR.014.107.0079 = Caught ServiceException. Marking Authorization service instance bad.
+ERR.014.107.0080 = Can''t find instance of Authorization service.
+ERR.014.107.0081 = RMI Error with Proxy communication with service.
+ERR.014.107.0082 = Service instance not initialized.
+ERR.014.107.0083 = Caught ServiceException. Marking service instance bad.
+ERR.014.107.0084 = Cannot find instance of Membership service.
+ERR.014.107.0085 = RMI Error with SessionServiceProxy communication with service.
+ERR.014.107.0086 = Session service instance not initialized.
+ERR.014.107.0087 = Caught ServiceException. Marking Session service instance bad.
+ERR.014.107.0088 = Cannot find instance of Session service.
+ERR.014.107.0089 = Cannot find a server instance with the necessary service "{0}".
+
+# security.audit (207)
+MSG.014.207.0001 = Audit Manager is initializing.
+MSG.014.207.0002 = Audit Destination(s): {0}
+MSG.014.207.0003 = Audit Manager started and ready.
+MSG.014.207.0004 = Initialized audit destination: {0}
+MSG.014.207.0005 = Auditing database destination is NOT initialized.
+MSG.014.207.0006 = Auditing is shutting down...
+MSG.014.207.0007 = Auditing resuming.
+MSG.014.207.0008 = New audit configuration: {0}
+
+# security.authorization (307)
+MSG.014.307.0001 = {0}: closing
+MSG.014.307.0002 = {0}: closed
+
+# security.membership (407)
+MSG.014.407.0001 = {0}: closing
+MSG.014.407.0002 = {0}: closed
+MSG.014.407.0003 = Transaction Mgr for {0} has been initialized.
+MSG.014.407.0004 = Attempting to retry executing actions on target principal ({0}).
+MSG.014.407.0005 = Loaded membership domain: "{0}".
+
+# security.session (507)
+MSG.014.507.0001 = Client monitoring is disabled.
+MSG.014.507.0002 = Failed to find session termination handler "{0}" - skipping installation.
+MSG.014.507.0003 = {0} : closed
+MSG.014.507.0004 = MetaMatrixAuthenticationException
+MSG.014.507.0005 = Session svc Exception: {0}
+MSG.014.507.0006 = Unable to close transaction
+MSG.014.507.0007 = Cannot terminate session that was marked as ACTIVE: "{0}"
+MSG.014.507.0008 = ManagedConnectionException occurred while getting existing sessions for user "{0}".
+MSG.014.507.0009 = SessionServiceImpl.terminateSessions: {0}
+MSG.014.507.0010 = Exception during session service communication with session transaction, attempting to create user session
+MSG.014.507.0011 = Membership service had error getting principal name for trusted token
+MSG.014.507.0012 = SessionServiceImpl.bindProductToSession - exception while updating session
+MSG.014.507.0013 = SessionServiceImpl.unbindProductFromSession - exception while updating session";
+MSG.014.507.0014 = SessionServiceImpl.joinSession - exception while updating session
+MSG.014.507.0015 = SessionServiceImpl.joinSession - session does not match username
+MSG.014.507.0016 = SessionServiceImpl.joinSession ManagedConnectionException occurred
+MSG.014.507.0017 = SessionServiceImpl.getSessionsLoggedInToVDB ManagedConnectionException occurred
+MSG.014.507.0018 = SessionServiceImpl.closeSession ManagedConnectionException occurred
+MSG.014.507.0019 = SessionServiceImpl.closeSession: {0}
+MSG.014.507.0020 = SessionServiceImpl.expireSession ManagedConnectionException occurred
+MSG.014.507.0021 = SessionServiceImpl.expireSession: {0}
+MSG.014.507.0022 = Unable to terminateSessionForProduct, error validating session for {0}
+MSG.014.507.0023 = Error cleaning up session for product {0}
+MSG.014.507.0024 = No SessionTerminationHandler exists for {0}
+MSG.014.507.0025 = Unable terminateSessionForProducts, error validating session for {0}
+MSG.014.507.0026 = SessionServiceImpl.terminateSessionForProducts ManagedConnectionException occurred
+MSG.014.507.0027 = SessionServiceImpl.terminateSessionForProducts SessionServiceException occurred
+MSG.014.507.0028 = Error cleaning up session for {0}
+MSG.014.507.0029 = SessionServiceImpl.removeSessions ManagedConnectionException occurred
+MSG.014.507.0030 = SessionServiceImpl.terminateSessions found invalid user session which cannot be terminated.
+MSG.014.507.0031 = SessionServiceImpl.terminateSessions ManagedConnectionException occurred
+MSG.014.507.0032 = The following user sessions were invalid, and could not be terminated:
+MSG.014.507.0033 = SessionServiceImpl.terminateSession ManagedConnectionException occurred
+MSG.014.507.0034 = SessionServiceImpl.terminateSession: {0}
+MSG.014.507.0035 = SessionServiceImpl.isSessionValid ManagedConnectionException occurred
+MSG.014.507.0036 = SessionServiceImpl.getActiveSessions ManagedConnectionException occurred
+MSG.014.507.0037 = SessionServiceImpl.getAllSessionsCount ManagedConnectionException occurred
+MSG.014.507.0038 = SessionServiceImpl.getActiveConnectionCountProduct ManagedConnectionException occurred
+MSG.014.507.0039 = SessionServiceImpl.getAllConnectionCountProduct ManagedConnectionException occurred
+MSG.014.507.0040 = Membership service could not find information for user "{0}".
+MSG.014.507.0041 = Unknown user.
+MSG.014.507.0042 = SessionServiceImpl.getActiveSessionsForUser ManagedConnectionException occurred
+MSG.014.507.0043 = Membership service encountered an error getting the principal for user "{0}".
+MSG.014.507.0044 = SessionServiceImpl.getSessionsForUser ManagedConnectionException occurred
+MSG.014.507.0045 = Membership service could find no principal info for session id {0}
+MSG.014.507.0046 = The session ID is null.
+MSG.014.507.0047 = SessionServiceImpl.validateSession ManagedConnectionException occurred
+MSG.014.507.0048 = Session for session ID "{0}" is not valid. State: <"{1}"> @ time: <"{2}">
+MSG.014.507.0049 = SessionServiceImpl.updateSession ManagedConnectionException occurred
+MSG.014.507.0050 = Session ID "{0}" is not in client monitor cache <"{1}">
+MSG.014.507.0051 = SessionServiceImpl. {0} - could not commit transaction.
+MSG.014.507.0052 = SessionServiceImpl. {0} - could not rollback transaction.
+MSG.014.507.0053 = SessionServiceImpl.removeNonActiveSessions ManagedConnectionException occurred
+MSG.014.507.0054 = SessionServiceImpl.removeNonActiveSessions SessionServiceException occurred
+MSG.014.507.0055 = SessionCleanupThread initializing. activityInterval <{0}> oldSessionTTL <{1}>
+MSG.014.507.0056 = SessionCleanupThread halting. activityInterval <{0}> oldSessionTTL <{1}>
+MSG.014.507.0057 = SessionCleanupThread halted
+SessionServicempl.SessionCleanupThread = SessionCleanupThread removing old sessions from repositry that have not been active for longer than {0} milliseconds.
+MSG.014.507.0058 = ERROR getting existing active sessions
+MSG.014.507.0059 = ClientMonitorThread initializing... activityInterval <{0}> pingInterval <{1}>
+MSG.014.507.0060 = ClientMonitorThread halting... activityInterval <{0}> > pingInterval <{1}>
+MSG.014.507.0061 = ClientMonitorThread halted
+MSG.014.507.0062 = Expiring session <{0}>. Last known ping time: <{1}>
+MSG.014.507.0063 = Received InvalidSessionException while attempting to expire session {0}
+MSG.014.507.0064 = Error parsing session creation date <{0}> while creating new session for user "{1}" from application "{2}". Attempting retry.
+MSG.014.507.0065 = Unable to close JDBC statement for processing sessions
+MSG.014.507.0066 = The session "{0}" is invalid. Rows returned = {1}
+MSG.014.507.0067 = The server has reached the maximum number of sessions of {0} as defined by the property metamatrix.session.max.connections. If more sessions are required, modify this property value in the MetaMatrix Console.
+
+# security.util (607)
+MSG.014.607.0001 =
+
+# service (008)
+MSG.014.008.0001 = MetaMatrix {0} Service
+MSG.014.008.0002 = {0} classpath : {1}
+MSG.014.008.0003 = {0}: starting...
+MSG.014.008.0004 = {0}: service specific initialization beginning...
+MSG.014.008.0005 = {0}: service specific initialization complete.
+MSG.014.008.0006 = {0}: closing service to new work
+MSG.014.008.0007 = Property: "{0}" = "{1}"
+MSG.014.008.0008 = registerServiceForEvent(service, {0})
+MSG.014.008.0009 = Started instance of service: {0} ({1})
+MSG.014.008.0010 = Executing: {0}
+MSG.014.008.0011 = \nCommand>
+MSG.014.008.0012 = Could not read command line
+MSG.014.008.0013 = Must enter a Process name.
+MSG.014.008.0014 = Must enter a host name.
+MSG.014.008.0015 = Must enter a ServiceID.
+MSG.014.008.0016 = Invalid serviceID.
+MSG.014.008.0017 = Must enter a Service Name.
+MSG.014.008.0018 = Invalid Command: {0}\nType "help" for a list of valid commands.
+MSG.014.008.0019 = Name: {0}
+MSG.014.008.0020 = totalMemory: {0}
+MSG.014.008.0021 = freeMemory: {0}
+MSG.014.008.0022 = threadCount: {0}
+MSG.014.008.0023 = Dumping thread traces to log file
+MSG.014.008.0024 = Check {0} log file for thread dump.
+MSG.014.008.0025 = Properties for {0}
+MSG.014.008.0026 = \t{0} = {1}
+MSG.014.008.0027 = \nProperties for {0}
+MSG.014.008.0028 = Sending kill command to host controller
+MSG.014.008.0029 = Process not found: cannot kill.
+MSG.014.008.0030 = Killing HostController running on {0}
+MSG.014.008.0031 = Must enter a Service Name.
+MSG.014.008.0032 = ServiceMonitorThread checking services.
+MSG.014.008.0033 = ServiceMonitorThread done checking services.
+
+# vm.controller (010)
+MSG.014.010.0001 = Binding StubHelper class to jndi
+MSG.014.010.0002 = Binding StubHelper class to jndi: Done.
+MSG.014.010.0003 = Registering AppServerVMController {0}
+MSG.014.010.0004 = Setting log config: {0}
+MSG.014.010.0005 = Running GarbageCollector
+MSG.014.010.0006 = Registering VMController
+MSG.014.010.0007 = Error adding shutdown hook.
+MSG.014.010.0008 = No VM is defined in the deployment model with name "{0}" on host "{1}"
+MSG.014.010.0009 = Error in com.metamatrix.platform.vm.VMController
+MSG.014.010.0012 = Could not redirect output to log file: {0}
+MSG.014.010.0013 = Starting all deployed services
+MSG.014.010.0014 = Num. of services to deploy: {0} in vm {1}
+MSG.014.010.0015 = No services are defined in the current configuration for VM "{0}" on host "{1}"
+MSG.014.010.0016 = {0} services starting in vm {1}
+MSG.014.010.0017 = Could not start services in VM {0} on host {1}
+MSG.014.010.0018 = Starting service: {0}
+MSG.014.010.0019 = Could not re-start service {0} : Service does not exist in registry
+MSG.014.010.0020 = Error looking up service {0} in registry.
+MSG.014.010.0021 = Could not re-start service {0} Service is already running.
+MSG.014.010.0022 = Error re-starting service {0}.
+MSG.014.010.0023 = Starting service: {0}
+MSG.014.010.0024 = Could not start deployed service {0}
+MSG.014.010.0025 = Call to start deployed service "{0}" in VM "{1}" on host "{2}".
+MSG.014.010.0026 = Property {0} not defined for service "{1}" in VM "{2}" on host "{3}"
+MSG.014.010.0027 = No properties are available for service {0} in VM {1} on host {2}
+MSG.014.010.0028 = Could not start service {0} in VM {1} on host {2}
+MSG.014.010.0029 = Stopping VM
+MSG.014.010.0030 = Error shutting down Txn Mgr
+MSG.014.010.0031 = Error closing Registry
+MSG.014.010.0032 = Error shutting down message bus
+MSG.014.010.0033 = Error shutting down resourcePoolMgr
+MSG.014.010.0034 = Stopping VM now
+MSG.014.010.0035 = Stopping service: {0}
+MSG.014.010.0036 = Stopping service now: {0}
+MSG.014.010.0037 = Stopping all services now
+MSG.014.010.0038 = Stopping all services
+MSG.014.010.0040 = Shutting down VM
+MSG.014.010.0041 = Shutting down VM now
+MSG.014.010.0042 = Shutting down service: {0}
+MSG.014.010.0043 = {0} does not exist in registry.
+MSG.014.010.0044 = Error removing {0} from registry.
+MSG.014.010.0045 = Resuming service: {0}
+MSG.014.010.0046 = Setting log config: {0}
+MSG.014.010.0047 = Service {0} does not belong to this VM: <{1}.{2}>
+MSG.014.010.0048 = Property "{0}" not defined. Using default command "{1}"
+MSG.014.010.0049 = Starting command " {0} "
+MSG.014.010.0050 = Command started.
+MSG.014.010.0051 = Could not start command " {0} "
+MSG.014.010.0052 = Database logging enabled
+MSG.014.010.0053 = Database logging disabled
+MSG.014.010.0054 = Checking service: {0}
+
+
+ProductNotRegisteredException.Not_registered=The product name {0} is not currently registered with the MetaMatrix system.
+UnknownProductOrSubsystemException.Product_unknown=The product name {0} is unknown
+UnknownProductOrSubsystemException.Subsystem_unknown=The subsystem name {0} is unknown for product {1}
+ConfigTransaction.Timeout_value_gt_0=The timeout value must be greater than 0 seconds
+ServiceRegistryBinding.Err_creating_stub=Error creating stub for Service
+PlatformProxyHelper.Err_create_session_svc=Error creating SessionServiceProxy,
+PlatformProxyHelper.Err_create_auth_svc=Error creating AuthorizationServiceProxy,
+PlatformProxyHelper.Err_create_membership_svc=Error creating MembershipServiceProxy,
+PlatformProxyHelper.Err_create_config_svc=Error creating ConfigurationServiceProxy,
+MetaMatrixAppServerProcess.Err_starting=Error starting up MetaMatrixProcess,
+
+SessionServiceImpl.Unable_to_communicate_with_the_membership_service=Unable to communicate with the membership service.
+SessionServiceImpl.Membership_service_could_not_authenticate_user=Membership service could not authenticate user "{0}"
+SessionServiceImpl.The_username_0_and/or_password_are_incorrect=The username "{0}" and/or password and/or payload token could not be authenticated by any membership domain.
+SessionServiceImpl.SessionMonitorThread_starting=SessionMonitorThread starting. activityInterval <{0}> sessionMaxTimeLimit <{1}>
+SessionServiceImpl.SessionMonitorThread_halting=SessionMonitorThread halting. activityInterval <{0}> sessionMaxTimeLimit <{1}>
+SessionServiceImpl.Monitoring_sessions_for_time_limit=Monitoring sessions for time limit of: <{0}>
+SessionServiceImpl.Membership_service_could_not_get_the_username_for_the_token=Membership service could not get the username for the token.
+SessionServiceImpl.Could_not_instantiate_the_RuntimeVDBQuery_component=Could not instantiate the RuntimeVDBQuery component.
+SessionServiceImpl.Unexpected_error_finding_latest_version_of_Virtual_Database=Unexpected error finding latest version of Virtual Database {0}
+SessionServiceImpl.InvalidSessionException_while_attempting_to_terminate_session=Received InvalidSessionException while attempting to terminate session {0}
+SessionServiceImpl.Unexpected_error_finding_latest_version_of_Virtual_Database_{0}_of_version_{1}=Unexpected error finding latest version of Virtual Database {0} of version {1}
+SessionServiceImpl.SessionServiceImpl.Could_not_instantiate_the_RuntimeVDBQuery_component=SessionServiceImpl.Could_not_instantiate_the_RuntimeVDBQuery_component
+SessionServiceImpl.Terminating_session=Terminating session <{0}>. Creation Time: <{1}>. TTL: <{2}>
+SessionServiceImpl.terminateSessions = Admin [{0}] is terminating these sessions: {1}.
+SessionServiceImpl.terminateSession = Admin [{0}] is terminating this session: {1}.
+SessionServiceImpl.expireSession = Expiring session {0}
+SessionServiceImpl.keepaliveFailed = Keepalive failed for session {0}
+
+AuthorizationServiceImpl.Unable_to_load_MetaBaseAuthorizationPlugin=Unable to load MetaBaseAuthorizationPlugin.
+AuthorizationServiceImpl.User_has_NO_policies_-_can__t_create_MetaBase_permissions.=User has NO policies - can''t create MetaBase permissions.
+AuthorizationServiceImpl.Error_committing_transaction_after_executing_actions__{0}=Error committing transaction after executing actions: {0}
+AuthorizationServiceImpl.Unknown_type_of_ActionDefinition__{0}=Unknown type of ActionDefinition: {0}
+AuthorizationServiceImpl.Error_attempting_to_update_MetaBase_Authorization_repository.=Error attempting to update MetaBase Authorization repository. {0}
+AuthorizationServiceImpl.Error_attempting_to_update_MetaBase_Authorization_repository_-_MetabasePlugin_returned_null_status=Error attempting to update MetaBase Authorization repository - MetabasePlugin returned null status.
+AuthorizationServiceImpl.Authorization_Realm_is_null=The requested Authorization Realm is null
+
+AuthorizationServiceImpl.The_resource_for_this_permission_does_not_exist_in_the_target_VDB.=The resource for this permission does not exist in the target VDB.
+AuthorizationServiceImpl.Migrated=Migrated
+AuthorizationServiceImpl.Overwritten=Overwritten
+AuthorizationServiceImpl.Ignored=Ignored
+AuthorizationServiceImpl.This_resource_exists_in_the_target_VDB_but_not_in_the_source_VDB.=This resource exists in the target VDB but not in the source VDB.
+AuthorizationServiceImpl.Failed_migration=Failed
+AuthorizationServiceImpl.Succeeded_migration=Succeeded
+AuthorizationServiceImpl.role_exists=The Role "{0}" already exists in the system.
+
+
+AuthorizationServiceProxy.No_auth_svc=Can''t find instance of Authorization service.
+
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+# Note: All new messages should have been looked up before being logged! DON'T use I18nLogManager!
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+VMController.PluginRegistry_started_1=Plugin Registry started
+VMController.Configuration_Event_Listener_started_2=Configuration Event Listener started
+VMController.Problem_calling_shutdown()_on_PluginRegistry_3=Problem calling shutdown() on PluginRegistry
+VMController.Probelm_calling_shutdown()_on_ConfigurationEventListener_4=Probelm calling shutdown() on ConfigurationEventListener
+VMController.VM_Force_Shutdown_Time=VM Stop Delay time in seconds is {0}
+VMController.Not_licensed_for_enterprise=This server installation is not licensed for {0} version {1}.
+
+AppServerVMController.PluginRegistry_started_1=Plugin Registry started
+AuthorizationServiceImpl.Exception_while_getting_dependant_permissions_for_request_{0}=Exception during service communication with authorization source while getting dependant permissions for request {0}
+AuthorizationServiceImpl.Failure_communicating_with_authorization_source_while_getting_dependant_permissions_for_request_{0}=Failure communicating with authorization source while getting dependant permissions for request {0}
+AuthorizationServiceImpl.Unknown_exception_communicating_with_authorization_source_while_getting_dependant_permissions_for_request_{0}=Unknown exception communicating with authorization source while getting dependant permissions for request {0}
+AuthorizationServiceImpl.Unable_to_close_transaction.=Unable to close transaction.
+AuthorizationServiceImpl.invalid_principal=Invalid principal ''{0}''
+JDBCAuthorizationTransaction.Error_building_perpared_statement_to_get_dependant_permissions_for_resource_{0}=Error building perpared statement to get dependant permissions for resource {0}
+JDBCAuthorizationTransaction.Error_getting_dependant_permissions_for_resource_{0}=Error getting dependant permissions for resource {0}
+JDBCAuthorizationTransaction.Error_instantiating_factory_class_for_permission__{0}=Error instantiating factory class for permission: {0}
+
+LogonHelper.0=Starting LogonHelper for session {0}
+VMController.0=Using default Server Listener
+ServiceController.0=Starting Service {0}
+ServiceController.1=Calling init() for serviceID=
+ServiceController.2=Called init() for serviceID=
+ServiceController.3=Set ServerListener Registry for serviceID=
+ServiceController.4=ServerListenerRegistrant registrant=
+
+ConfigurationServiceImpl.Error_importing_connector_type=Error importing connector type {0} reason: {1}
+ConfigurationServiceImpl.Error_importing_connector_binding=Error import connector binding {0} reason: {1}
+
+LogonHelper.0=Starting LogonHelper for session {0}
+VMController.0=Using default Server Listener
+ServiceController.0=Starting Service
+ServiceController.1=Calling init() for serviceID={0}
+ServiceController.2=Called init() for serviceID={0}
+ServiceController.3=Set ServerListener Registry for serviceID={0}
+ServiceController.4=ServerListenerRegistrant registrant={0}
+
+MetaMatrixController.Host_not_defined_in_configuration=Host {0} is not defined in the configuration
+MetaMatrixController.Host_is_not_running=HostController on {0} is not found on port {1}, verify it is running
+MetaMatrixController.No_VMS_setup_for_host=No processes have been defined for host {0}
+
+RuntimeStateAdminAPIImple.Component_not_found={0} {1} could not be found.
+HostController.VM_is_not_enabled_to_start=VM Process {0} is disabled and will not be started
+HostController.License_file_not_found=License file {0} is not found in the classpath.
+HostController.Host_is_already_running_startprocesses=Host {0} is already running, Exiting.
+ConfigurationServiceImpl.Error_creating_New_Host=Problem creating New Host {0} in Configuration
+ConfigurationServiceImpl.Error_setting_Property=Error setting Property Value for Property Name {0}, reason {1}
+ConfigurationServiceImpl.Error_updating_Properties=Error updating Properties: {0}, reason {0}
+ConfigurationServiceImpl.Connector_Type_not_found=Connector Type {0} not found in Configuration
+ConfigurationServiceImpl.Host_not_found=Host name {0} does not exist in Configuration
+ConfigurationServiceImpl.Error_creating_Connector_Binding=Error creating Connector Binding {0} in Configuration. Error Message: {1}
+ConfigurationServiceImpl.Error_creating_Process=Problem creating New Process {0} for Host {1} in Configuration
+ConfigurationServiceImpl.ConnectorType_not_found=ConnectorType not found in Configuration: {0}. Try adding if it''s a new type.
+
+ConfigurationAdminAPIImpl.Problem_getting_Product_Release_Infos=Problem getting Product Release Infos
+
+JDBCSessionTransaction.Unable_to_get_last_session=SQLException; unable to get last session.
+JDBCSessionTransaction.Unknown_exception_getting_last_session=Unknown exception; cannot get last known session
+AbstractService.Number_of_sources_exceeded=Starting this connector \"{0}\" would exceed the number of sources allowed for your license. Number attempted: {1}.
+
+Admin_Audit_request=Administrator [{0}], session [{1}] requesting access which requires role [{2}] to method [{3}].
+Admin_Audit_not_authorized=Administrator [{0}], session [{1}] does not have the required role [{2}] so is not authorized to perform the action [{3}].
+Admin_Audit_granted=Administrator [{0}], session [{1}] granted access to method [{3}].
+
+MembershipServiceImpl.Null_authentication=Domain {0} returned a null authentication result for user {1}
+MembershipServiceImpl.Invalid_user=Domain {0} indicated that user {1} was not valid
+MembershipServiceImpl.Unsupported_credentials=Domain {0} indicated that the credentials were not supported
+MembershipServiceImpl.Failed_authentication={0} could not be authenticated in any domain
+MembershipServiceImpl.Root_password_required=password is required for super user
+MembershipServiceImpl.Root_password_decryption_failed=super password could not be decrypted
+MembershipServiceImpl.principal_does_not_exist=The principal ''{0}'' does not exist in domain ''{1}''
+MembershipServiceImpl.Decrypt_failed=Could not decrypt the encrypted password for user ''{0}''
+MembershipServiceImpl.source_exception=Membership Domain ''{0}'' failed to perform the desired operation, please check the settings for this domain
+MembershipServiceImpl.load_error=Could not load file ''{0}'' from the classpath, the file system, or as a URL.
+MembershipServiceImpl.unknown_host=Did not allow root user authentication attempt, since root logons are restricted and could not determine the remote host.
+MembershipServiceImpl.invalid_host=Could not authenticate root user, since the client address {0} is not in the allowed values {1}
+
+LDAPMembershipDomain.No_annonymous=Annonymous user authentications are not allowed in domain {0}
+LDAPMembershipDomain.Required_property=Required property {0} was missing.
+LDAPMembershipDomain.Admin_credentials=Admin DN and/or password supplied for LDAP Membership Domain {0} are invalid.
+LDAPMembershipDomain.Require_memberof_property=Users in LDAP Membership Domain {0} will not appear as members of any group since user's memberOf and group's memberOf attributes are both unspecified.
+
+ServerWorkItem.Received_exception_processing_request=Unexpected exception for session {0}
+ServerWorkItem.processing_error=Processing exception ''{0}'' for session {1}. Exception type {2} throw from {3}. Enable detail logging to see the entire stacktrace.
+ServerWorkItem.Component_Not_Found=Component not found: {0}
+
+SocketVMController.0=Register Admin API
+SocketVMController.1={0} is bound to address {1} listening on port {2}
+SocketVMController.2=Problem starting server binding to address {0} and listening on port {1}
+SocketVMController.3=Setting Server Listener listenerFilter={0}
+SocketVMController.4=Getting ServerListener Registry: {0}
+SocketVMController.5=Could not find host information. Run the "setupmm" to configure the server before trying to start.
+
+RemoteProxy.localCallFailed=Remote client could not invoke local service method {0} on {1}
+JGroupsMessageBus.noResponse=No response for remote method call
+commonextensionspath_in_use=Extension modules "{0}" are in scope to create the service - {1}
+commonextensionspath_not_in_use=Failed to use extension modules "{0}" to create the service -{1}
\ No newline at end of file
Property changes on: trunk/embedded/src/main/resources/com/metamatrix/platform/i18n.properties
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Modified: trunk/embedded/src/test/java/com/metamatrix/dqp/embedded/services/TestEmbeddedVDBService.java
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/dqp/embedded/services/TestEmbeddedVDBService.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/embedded/src/test/java/com/metamatrix/dqp/embedded/services/TestEmbeddedVDBService.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -172,7 +172,7 @@
Properties p = EmbeddedTestUtil.getProperties();
configService.setUserPreferences(p);
configService.initializeService(p);
- assertNotNull(vdbService.getVDBResource("Admin", "1")); //$NON-NLS-1$ //$NON-NLS-2$
+ assertNotNull(vdbService.getVDB("Admin", "1").getInputStream()); //$NON-NLS-1$ //$NON-NLS-2$
}
public void testAvailableVDBs() throws Exception {
Copied: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationObjectEditor.java (from rev 1056, trunk/server/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationObjectEditor.java)
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationObjectEditor.java (rev 0)
+++ trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationObjectEditor.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,327 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+/*
+ * Date: Jan 22, 2004
+ * Time: 8:39:33 PM
+ */
+package com.metamatrix.platform.security.api;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import junit.framework.TestCase;
+
+import com.metamatrix.core.id.IDGenerator;
+import com.metamatrix.core.id.ObjectID;
+import com.metamatrix.core.id.UUIDFactory;
+import com.metamatrix.core.util.StringUtil;
+import com.metamatrix.platform.admin.api.PermissionDataNodeDefinition;
+import com.metamatrix.platform.admin.api.PermissionDataNodeTreeView;
+import com.metamatrix.platform.admin.apiimpl.PermissionDataNodeDefinitionImpl;
+import com.metamatrix.platform.admin.apiimpl.PermissionDataNodeImpl;
+import com.metamatrix.platform.admin.apiimpl.PermissionDataNodeTreeViewImpl;
+
+/**
+ * JUnit test for AuthorizationObjectEditor
+ */
+public final class TestAuthorizationObjectEditor extends TestCase {
+ // Permission factory
+ private static BasicAuthorizationPermissionFactory bapFactory = new BasicAuthorizationPermissionFactory();
+
+ // Realm (VDB)
+ private static AuthorizationRealm aRealm = new AuthorizationRealm("VDB1", "Vers1", "The test realm"); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+
+ // All resources in VDB
+ private static String[] resources = new String[] {
+ "Model_0.catalog_0.group_0.element_0", //$NON-NLS-1$
+ "Model_0.catalog_0.group_0.element_1", //$NON-NLS-1$
+ "Model_0.catalog_0.group_1.element_0", //$NON-NLS-1$
+ "Model_0.catalog_1.group_0.element_0", //$NON-NLS-1$
+ "Model_0.catalog_1.group_0.element_1", //$NON-NLS-1$
+ "Model_0.catalog_1.group_0.element_2", //$NON-NLS-1$
+ "Model_0.catalog_1.group_0.element_3", //$NON-NLS-1$
+ "Model_0.catalog_1.group_0.element_4", //$NON-NLS-1$
+ "Model_0.catalog_1.group_1.element_0", //$NON-NLS-1$
+ "Model_0.catalog_1.group_1.element_1", //$NON-NLS-1$
+
+ "Model_1.catalog_0.group_0.element_0", //$NON-NLS-1$
+ "Model_1.catalog_0.group_0.element_1", //$NON-NLS-1$
+ "Model_1.catalog_0.group_0.element_2", //$NON-NLS-1$
+ "Model_1.catalog_0.group_0.element_3", //$NON-NLS-1$
+ "Model_1.catalog_0.group_0.element_4", //$NON-NLS-1$
+ "Model_1.catalog_0.group_1.element_0", //$NON-NLS-1$
+ "Model_1.catalog_0.group_1.element_1", //$NON-NLS-1$
+ "Model_1.catalog_0.group_1.element_2", //$NON-NLS-1$
+ "Model_1.catalog_0.group_1.element_3", //$NON-NLS-1$
+ "Model_1.catalog_0.group_1.element_4", //$NON-NLS-1$
+
+ "Model_2.catalog_0.group_0.element_0", //$NON-NLS-1$
+ "Model_2.catalog_0.group_1.element_0", //$NON-NLS-1$
+ "Model_2.catalog_0.group_2.element_0", //$NON-NLS-1$
+ "Model_2.catalog_0.group_3.element_0", //$NON-NLS-1$
+ "Model_2.catalog_0.group_4.element_0", //$NON-NLS-1$
+ "Model_2.catalog_0.group_5.element_0", //$NON-NLS-1$
+ "Model_2.catalog_0.group_6.element_0", //$NON-NLS-1$
+ "Model_2.catalog_0.group_7.element_0", //$NON-NLS-1$
+ "Model_2.catalog_0.group_8.element_0", //$NON-NLS-1$
+ "Model_2.catalog_0.group_9.element_0" //$NON-NLS-1$
+ };
+
+ // Permissions in policy some of which will be modified
+ private Set policyPerms = new HashSet();
+ // The perms to be modified
+ private Set permsToModify = new HashSet();
+ // TreeView has all resourecs as nodes some of which we mark modified
+ private PermissionDataNodeTreeView treeView;
+ // The test policy we will modify
+ private AuthorizationPolicy policyToModify;
+
+ // A lookup so that we can tell which PermissionDataNodes
+ // to set modified when building the test PermissionDataNodeTreeView.
+ private Set modifiedResources = new HashSet();
+
+ // =========================================================================
+ // F R A M E W O R K
+ // =========================================================================
+
+ /**
+ * Constructor for TestAuthorizationObjectEditor.
+ *
+ * @param name
+ */
+ public TestAuthorizationObjectEditor(final String name) {
+ super(name);
+ oneTimeSetUp();
+ }
+
+ public void oneTimeSetUp() {
+ setupPolicyAndPermsToModify();
+ // must be set up after setupPolicyAndPermsToModify()
+ setupTreeView();
+ }
+
+ public static void oneTimeTearDown() {
+ }
+
+ // =========================================================================
+ // H E L P E R S
+ // =========================================================================
+
+ /**
+ * All created perms go into policy.
+ * <br>Save every other created perm in <i>permsToModify</i>.</br>
+ */
+ private void setupPolicyAndPermsToModify() {
+ for ( int i = 0; i < resources.length; i++ ) {
+ AuthorizationPermission aPerm = bapFactory.create(new DataAccessResource(resources[i]), aRealm,
+ StandardAuthorizationActions.ALL, null);
+ policyPerms.add(aPerm);
+ if ( i % 2 == 0 ) {
+ permsToModify.add(aPerm);
+ // modifiedResources is a lookup so that we can tell which PermissionDataNodes
+ // to set modified when building the test PermissionDataNodeTreeView.
+ modifiedResources.add(resources[i]);
+ }
+ }
+ // Ceate test policy and add all created perms
+ policyToModify = new AuthorizationPolicy(new AuthorizationPolicyID("Test policy", "A test policy", aRealm), //$NON-NLS-1$ //$NON-NLS-2$
+ null,
+ policyPerms);
+ }
+
+ private void setupTreeView() {
+ List dataNodes = getResourcesAsList();
+
+ // Get ID factory
+ IDGenerator idGenerator = IDGenerator.getInstance();
+ idGenerator.setDefaultFactory(new UUIDFactory());
+
+ // The root resource has no ID. Create a fake ID for it.
+ ObjectID fakeRootID = idGenerator.create();
+ PermissionDataNodeImpl root = new PermissionDataNodeImpl(null,
+ StandardAuthorizationActions.NONE,
+ new PermissionDataNodeDefinitionImpl("root", //$NON-NLS-1$
+ "root", //$NON-NLS-1$
+ PermissionDataNodeDefinition.TYPE.UNKOWN),
+ false,
+ fakeRootID);
+ // Build the tree
+ buildPermissionTree(root, dataNodes, policyToModify, idGenerator);
+ treeView = new PermissionDataNodeTreeViewImpl(root);
+ }
+
+ private List getResourcesAsList() {
+ List resourceList = new ArrayList(resources.length);
+ for ( int i = 0; i < resources.length; i++ ) {
+ String resource = resources[i];
+ resourceList.add(resource);
+ }
+ return resourceList;
+ }
+
+ /**
+ * Build depth-first tree of all nodes.
+ *
+ * @param root The root of the node tree
+ * @param nodes The list of all resources (path).
+ * @param policy The policy from which to get permissions for nodes in this tree.
+ * @param idGenerator The ID factory from which to convert the uuid String of each node
+ * to an ObjectID that the tree requires.
+ */
+ private Map buildPermissionTree(PermissionDataNodeImpl root,
+ List nodes,
+ AuthorizationPolicy policy,
+ IDGenerator idGenerator) {
+ Map parentChildMap = new HashMap();
+ String sepStr = "."; //$NON-NLS-1$
+
+ PermissionDataNodeImpl parent = root;
+ parentChildMap.put(parent, new ArrayList());
+
+ // Keep track of built PermissionNodes
+ Map resourceToChild = new HashMap();
+ Iterator pathItr = nodes.iterator();
+// System.out.println("\nBuilding Data entitlement tree..."); //$NON-NLS-1$
+// System.out.println("Policy: " + policy);
+ while ( pathItr.hasNext() ) {
+ String branch = (String) pathItr.next();
+// System.out.println("\n Resource branch: " + branch); //$NON-NLS-1$
+ List nodeList = StringUtil.split(branch, sepStr);
+
+ Iterator nodeItr = nodeList.iterator();
+ // Iterating over nodes in path
+ while ( nodeItr.hasNext() ) {
+ String nodeName = (String) nodeItr.next();
+// String pathName = (parent.equals(root) ? sepStr + nodeName : parent.getResourceName() + sepStr + nodeName);
+ String pathName = (parent.equals(root) ? nodeName : parent.getResourceName() + sepStr + nodeName);
+// System.out.println("\n Node: " + pathName); //$NON-NLS-1$
+// System.out.println(" Parent: " + parent.getResourceName()); //$NON-NLS-1$
+ PermissionDataNodeImpl child = null;
+ // If we've built this node before, use the same node.
+ if ( resourceToChild.containsKey(pathName) ) {
+ child = (PermissionDataNodeImpl) resourceToChild.get(pathName);
+// System.out.println(" Found node in cache: " + child.getResourceName()); //$NON-NLS-1$
+ } else {
+ // Create the Resource for this node.
+ DataAccessResource theResource = new DataAccessResource(pathName);
+// System.out.println(" Resource: " + theResource); //$NON-NLS-1$
+
+ // Find permission, if any
+ AuthorizationPermission aPermission = policy.findPermissionWithResource(theResource);
+ // Get the Actions for this resource - Default to NONE
+ AuthorizationActions actions = StandardAuthorizationActions.NONE;
+ if ( aPermission != null ) {
+ // If a permission found, us its Actions
+ actions = aPermission.getActions();
+// System.out.println(" Policy had perm: ACTIONS - " + actions); //$NON-NLS-1$
+ }
+// else {
+// System.out.println(" Resource: " + theResource + " NOT FOUND IN POLICY!"); //$NON-NLS-1$ //$NON-NLS-2$
+// }
+ // Create node definition
+ PermissionDataNodeDefinition nodeDef = new PermissionDataNodeDefinitionImpl(pathName,
+ nodeName,
+ PermissionDataNodeDefinition.TYPE.ELEMENT);
+ // Create PermissionNode
+ child = new PermissionDataNodeImpl(parent, actions, nodeDef, true, idGenerator.create());
+ if ( inModifiedRecources(child) ) {
+// System.out.println(" Setting Resource: " + theResource + " MODIFIED"); //$NON-NLS-1$ //$NON-NLS-2$
+ child.setModified(true);
+ }
+ resourceToChild.put(pathName, child);
+// System.out.println(" Created new node: " + child.getDisplayName() + " (" + child.getResourceName() + ")"); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ }
+ List children = (List) parentChildMap.get(parent);
+ // Add this child to parent's child list if not already there
+ if ( children != null && !children.contains(child) ) {
+ children.add(child);
+ }
+ // Make this child the parent of the next iteration (next node in current branch)
+ if ( !parentChildMap.containsKey(child) ) {
+ parentChildMap.put(child, new ArrayList());
+ }
+ parent = child;
+ }
+ // Finished with branch. Start back at root
+ parent = root;
+ }
+
+ return parentChildMap;
+ }
+
+ private boolean inModifiedRecources(PermissionDataNodeImpl aNode) {
+ if ( modifiedResources.contains(aNode.getResourceName()) ) {
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * Validates that two collections contain <i>exactly</i> the same members.
+ * @param collection_1
+ * @param collection_2
+ * @return <code>true</code> iff both collections contain the same and <i>only</i>
+ * the same members.
+ */
+ private boolean helpTestPermissionCollectionsEqual(Collection collection_1, Collection collection_2) {
+ boolean succeded = true;
+ // IF - Both collections should contain the same number of elements...
+ if ( collection_1.size() != collection_2.size() ) {
+ return false;
+ }
+ // AND - collection_2 contain all members of collection_1...
+ for ( Iterator permsToModifyItr = collection_1.iterator(); permsToModifyItr.hasNext(); ) {
+ AuthorizationPermission aPermToModify = (AuthorizationPermission) permsToModifyItr.next();
+ if ( !collection_2.contains(aPermToModify) ) {
+ return false;
+ }
+ }
+ // AND - collection_1 contain all members of collection_2
+ for ( Iterator modifiedPermItr = collection_2.iterator(); modifiedPermItr.hasNext(); ) {
+ AuthorizationPermission aModifiedPerm = (AuthorizationPermission) modifiedPermItr.next();
+ if ( !collection_1.contains(aModifiedPerm) ) {
+ return false;
+ }
+ }
+ // THEN - both collections are equivelent
+ return succeded;
+ }
+
+ // =========================================================================
+ // T E S T C A S E S
+ // =========================================================================
+
+
+ public void testModifyPermissions() {
+ AuthorizationObjectEditor aoe = new AuthorizationObjectEditor();
+ Collection modifiedPerms = aoe.modifyPermissions(treeView, policyToModify);
+ assertTrue("Expected: " + permsToModify + " got: " + modifiedPerms, //$NON-NLS-1$ //$NON-NLS-2$
+ helpTestPermissionCollectionsEqual(permsToModify, modifiedPerms));
+ }
+}
\ No newline at end of file
Property changes on: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationObjectEditor.java
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyFactory.java (from rev 1056, trunk/server/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyFactory.java)
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyFactory.java (rev 0)
+++ trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyFactory.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,138 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+/*
+ * Date: Jan 22, 2004
+ * Time: 8:39:33 PM
+ */
+package com.metamatrix.platform.security.api;
+
+import java.io.File;
+import java.io.FileReader;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+
+import junit.framework.TestCase;
+
+import org.xml.sax.SAXException;
+
+import com.metamatrix.core.util.FileUtil;
+import com.metamatrix.core.util.UnitTestUtil;
+
+public final class TestAuthorizationPolicyFactory extends TestCase {
+
+ static String[] roleNames = new String[] {"admin", "user", "other"}; //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+
+ static String[] descriptions = new String[] {"This is a description", null, "I have no permissions"}; //$NON-NLS-1$ //$NON-NLS-2$
+
+ static String[][] resourceNames = new String[][] {{"x", "y"}, {"a"}, {}}; //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+
+ static String[][] groupNames = new String[][] {{"group1", "group2"}, {}, {"group3"}}; //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+
+ static int[][] actionValues = new int[][] {{StandardAuthorizationActions.ALL_VALUE, StandardAuthorizationActions.DATA_CREATE_VALUE}, {13}, {}};
+
+
+ public TestAuthorizationPolicyFactory(String name) {
+ super(name);
+ }
+
+ public void testExport() throws Exception {
+
+ String vdbName = "vdbName"; //$NON-NLS-1$
+ String vdbVersion = "1"; //$NON-NLS-1$
+
+ AuthorizationRealm realm = new AuthorizationRealm(vdbName, vdbVersion);
+
+ BasicAuthorizationPermissionFactory bapf = new BasicAuthorizationPermissionFactory();
+
+ List policies = new ArrayList();
+
+ for (int i = 0; i < roleNames.length; i++) {
+ AuthorizationPolicyID policyID = new AuthorizationPolicyID(roleNames[i], vdbName, vdbVersion);
+
+ AuthorizationPolicy policy = new AuthorizationPolicy(policyID);
+
+ policy.setDescription(descriptions[i]);
+
+ policies.add(policy);
+ for (int j = 0; j < resourceNames[i].length; j++) {
+ policy.addPermission(bapf.create(resourceNames[i][j], realm, StandardAuthorizationActions.getAuthorizationActions(actionValues[i][j])));
+ }
+
+ for (int j = 0; j < groupNames[i].length; j++) {
+ policy.addPrincipal(new MetaMatrixPrincipalName(groupNames[i][j], MetaMatrixPrincipal.TYPE_GROUP));
+ }
+
+ }
+
+ //add doc to test against
+ char[] result = AuthorizationPolicyFactory.exportPolicies(policies);
+ String expected = FileUtil.read(new FileReader(UnitTestUtil.getTestDataPath()+File.separator+"permissions.xml"));
+ String actual = new String(result).replaceAll("\r\n", "\n");
+
+ assertEquals(expected, actual); //$NON-NLS-1$
+ }
+
+ public void testImport() throws Exception {
+ String vdbName = "vdbNamexx"; //$NON-NLS-1$
+ String vdbVersion = "11"; //$NON-NLS-1$
+
+ Collection roles = AuthorizationPolicyFactory.buildPolicies(vdbName,vdbVersion,FileUtil.read(new FileReader(UnitTestUtil.getTestDataPath()+File.separator+ "permissions.xml")).toCharArray()); //$NON-NLS-1$
+
+ assertEquals(3, roles.size());
+
+ for (final Iterator i = roles.iterator(); i.hasNext();) {
+ final AuthorizationPolicy policy = (AuthorizationPolicy)i.next();
+ AuthorizationPolicyID policyID = policy.getAuthorizationPolicyID();
+
+ assertTrue(Arrays.asList(roleNames).indexOf(policyID.getDisplayName()) != -1);
+ int index = Arrays.asList(roleNames).indexOf(policyID.getDisplayName());
+ if (index == 2) {
+ i.remove();
+ }
+
+ if (index == 1) {
+ policy.removePermissions();
+ }
+ }
+
+ char[] result = AuthorizationPolicyFactory.exportPolicies(roles);
+ String expected = FileUtil.read(new FileReader(UnitTestUtil.getTestDataPath() + "/permissions2.xml"));
+ String actual = new String(result).replaceAll("\r\n", "\n");
+ assertEquals(expected, actual); //$NON-NLS-1$
+ }
+
+ public void testParsingFails() throws Exception {
+
+ try {
+ AuthorizationPolicyFactory.buildPolicies("foo", "bar", "<notvalid/>".toCharArray()); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (SAXException e) {
+ assertEquals("Error during parsing authorizations: cvc-elt.1: Cannot find the declaration of element 'notvalid'.", e.getMessage()); //$NON-NLS-1$
+ }
+
+ }
+
+}
\ No newline at end of file
Property changes on: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyFactory.java
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyID.java (from rev 1056, trunk/server/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyID.java)
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyID.java (rev 0)
+++ trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyID.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.api;
+
+import junit.framework.TestCase;
+
+/**
+ * @author jcunningham
+ *
+ * To change the template for this generated type comment go to
+ * Window>Preferences>Java>Code Generation>Code and Comments
+ */
+public class TestAuthorizationPolicyID extends TestCase {
+
+ /**
+ * Constructor for TestAuthorizationPolicyID.
+ * @param name
+ */
+ public TestAuthorizationPolicyID(String name) {
+ super(name);
+ }
+
+ final public void testGetRealm() {
+ AuthorizationRealm aRealm = new AuthorizationRealm("A VDB", "1", "A bogus realm."); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ AuthorizationPolicyID aPolicyID = new AuthorizationPolicyID("A new policy", "For a bogus realm", aRealm); //$NON-NLS-1$ //$NON-NLS-2$
+
+ if ( !aPolicyID.getRealm().equals(aRealm) ) {
+ fail(aPolicyID.getRealm() + " != " + aRealm + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ }
+
+ /*
+ * Test for boolean equals(Object)
+ */
+ final public void testEqualsObject() {
+ AuthorizationPolicyID policyID_1 = new AuthorizationPolicyID("A Query Test", "A query test entitlement", new AuthorizationRealm("QueryTest", "1")); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$
+ AuthorizationPolicyID policyID_2 = new AuthorizationPolicyID("A Query Test", "A query test entitlement", new AuthorizationRealm("QueryTest", "001")); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$
+ AuthorizationPolicyID policyID_3 = new AuthorizationPolicyID("A Query Test", "A query test entitlement", new AuthorizationRealm("QueryTest", "000003")); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$
+ AuthorizationPolicyID policyID_4 = new AuthorizationPolicyID("A Query Test", "A query test entitlement", new AuthorizationRealm("QueryTest4", "1")); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$
+ AuthorizationPolicyID policyID_5 = new AuthorizationPolicyID("A Query Test", "A query test entitlement", new AuthorizationRealm("QueryTest", "001")); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$
+
+ // Self equality
+ if ( !policyID_1.equals(policyID_1) ) {
+ fail(policyID_1 + " != " + policyID_1 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( !policyID_2.equals(policyID_2) ) {
+ fail(policyID_2 + " != " + policyID_2 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( !policyID_3.equals(policyID_3) ) {
+ fail(policyID_3 + " != " + policyID_3 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( !policyID_4.equals(policyID_4) ) {
+ fail(policyID_4 + " != " + policyID_4 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( !policyID_5.equals(policyID_5) ) {
+ fail(policyID_5 + " != " + policyID_5 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ // policyID_1 and policyID_2 should be equal
+ if ( !policyID_1.equals(policyID_2) ) {
+ fail(policyID_1 + " != " + policyID_2 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( !policyID_2.equals(policyID_1) ) {
+ fail(policyID_2 + " != " + policyID_1 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ // policyID_3 & policyID_4 not equal to anything
+ if ( policyID_1.equals(policyID_3) ) {
+ fail(policyID_1 + " == " + policyID_3 + " but should not be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( policyID_2.equals(policyID_3) ) {
+ fail(policyID_2 + " == " + policyID_3 + " but should not be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( policyID_1.equals(policyID_4) ) {
+ fail(policyID_1 + " == " + policyID_4 + " but should not be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ // policyID_2 is equal to policyID_5
+ if ( !policyID_2.equals(policyID_5) ) {
+ fail(policyID_2 + " != " + policyID_5 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ }
+
+}
Property changes on: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyID.java
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationRealm.java (from rev 1056, trunk/server/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationRealm.java)
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationRealm.java (rev 0)
+++ trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationRealm.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,89 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.api;
+
+import junit.framework.TestCase;
+
+public class TestAuthorizationRealm extends TestCase {
+
+ /**
+ * Constructor for TestAuthorizationRealm.
+ * @param name
+ */
+ public TestAuthorizationRealm(String name) {
+ super(name);
+ }
+
+ final public void testEquals() {
+ AuthorizationRealm realm_1 = new AuthorizationRealm("QueryTest", "1"); //$NON-NLS-1$ //$NON-NLS-2$
+ AuthorizationRealm realm_2 = new AuthorizationRealm("QueryTest", "001"); //$NON-NLS-1$ //$NON-NLS-2$
+ AuthorizationRealm realm_3 = new AuthorizationRealm("QueryTest", "000003"); //$NON-NLS-1$ //$NON-NLS-2$
+ AuthorizationRealm realm_4 = new AuthorizationRealm("QueryTest4", "1"); //$NON-NLS-1$ //$NON-NLS-2$
+ AuthorizationRealm realm_5 = new AuthorizationRealm("QueryTest", "001"); //$NON-NLS-1$ //$NON-NLS-2$
+ AuthorizationRealm realm_6 = new AuthorizationRealm("Querytest", "001"); //$NON-NLS-1$ //$NON-NLS-2$
+
+ // Self equality
+ if ( ! realm_1.equals(realm_1) ) {
+ fail(realm_1 + " != " + realm_1 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( ! realm_2.equals(realm_2) ) {
+ fail(realm_2 + " != " + realm_2 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( ! realm_3.equals(realm_3) ) {
+ fail(realm_3 + " != " + realm_3 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( ! realm_4.equals(realm_4) ) {
+ fail(realm_4 + " != " + realm_4 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( ! realm_5.equals(realm_5) ) {
+ fail(realm_5 + " != " + realm_5 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ // realm_1 and realm_2 should be equal
+ if ( ! realm_1.equals(realm_2) ) {
+ fail(realm_1 + " != " + realm_2 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( ! realm_2.equals(realm_1) ) {
+ fail(realm_2 + " != " + realm_1 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ // realm_3 & realm_4 not equal to anything
+ if ( realm_1.equals(realm_3) ) {
+ fail(realm_1 + " == " + realm_3 + " but should not be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( realm_2.equals(realm_3) ) {
+ fail(realm_2 + " == " + realm_3 + " but should not be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ if ( realm_1.equals(realm_4) ) {
+ fail(realm_1 + " == " + realm_4 + " but should not be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ // realm_2 is equal to realm_5
+ if ( ! realm_2.equals(realm_5) ) {
+ fail(realm_2 + " != " + realm_5 + " but should be."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ assertFalse(realm_5.equals(realm_6));
+ }
+
+}
Property changes on: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationRealm.java
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestBasicAuthorizationPermission.java (from rev 1056, trunk/server/src/test/java/com/metamatrix/platform/security/api/TestBasicAuthorizationPermission.java)
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestBasicAuthorizationPermission.java (rev 0)
+++ trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestBasicAuthorizationPermission.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,527 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.api;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
+import com.metamatrix.platform.security.util.RolePermissionFactory;
+
+/**
+ * <p>Test cases for {@link BasicAuthorizationPermission} class. </p>
+ */
+public class TestBasicAuthorizationPermission extends TestCase {
+
+ // Factories
+ private static BasicAuthorizationPermissionFactory bapFactory;
+ private static RolePermissionFactory rpFactory;
+
+ // Realms
+ private static AuthorizationRealm realm_00;
+ private static AuthorizationRealm realm_01;
+ private static AuthorizationRealm realm_10;
+// private static AuthorizationRealm realm_11;
+
+ // Resources
+ private static String invariantResource = "Model.catalog.group.element_0"; //$NON-NLS-1$
+ private static String longResource = invariantResource + ".fred"; //$NON-NLS-1$
+ private static String groupResource = "Model.catalog.group"; //$NON-NLS-1$
+ private static String groupRecursiveResource = "Model.catalog.group.*"; //$NON-NLS-1$
+ private static String catalogResource = "Model.catalog"; //$NON-NLS-1$
+
+ // Permissions
+ // The permission to use as invariant
+ private static AuthorizationPermission source;
+
+ // Variant permissions
+ private static AuthorizationPermission wrongInstancePerm;
+ private static AuthorizationPermission wrongSuperRealmPerm;
+ private static AuthorizationPermission wrongSubRealmPerm;
+ private static AuthorizationPermission longResourcePerm;
+ private static AuthorizationPermission catalogResourcePerm;
+ private static AuthorizationPermission groupReadPerm;
+ private static AuthorizationPermission groupRecursiveReadPerm;
+ private static AuthorizationPermission memberOfGroupPerm;
+
+ // Permission tests dealing with Actions
+ private static AuthorizationPermission allActionPerm;
+ private static AuthorizationPermission noneActionPerm;
+ private static AuthorizationPermission createActionPerm;
+ private static AuthorizationPermission readActionPerm;
+ private static AuthorizationPermission updateActionPerm;
+ private static AuthorizationPermission deleteActionPerm;
+
+ // Test case should succeed
+ private static final boolean SUCCEED = true;
+
+ // Test case should not succeed
+ private static final boolean FAIL = false;
+
+ // =========================================================================
+ // W O R K M E T H O D S
+ // =========================================================================
+
+ /**
+ * Setup data for tests
+ */
+ private static void initTestObjects() {
+ // Create Realms
+ realm_00 = new AuthorizationRealm("superRealm_0", "subRealm_0"); //$NON-NLS-1$ //$NON-NLS-2$
+ realm_01 = new AuthorizationRealm("superRealm_0", "subRealm_1"); //$NON-NLS-1$ //$NON-NLS-2$
+ realm_10 = new AuthorizationRealm("superRealm_1", "subRealm_0"); //$NON-NLS-1$ //$NON-NLS-2$
+// realm_11 =
+ new AuthorizationRealm("superRealm_1", "subRealm_1"); //$NON-NLS-1$ //$NON-NLS-2$
+
+ // Create Factories
+ bapFactory = new BasicAuthorizationPermissionFactory();
+ rpFactory = new RolePermissionFactory();
+
+ // Create Permissions
+ source = bapFactory.create(invariantResource, realm_00, StandardAuthorizationActions.ALL);
+
+ allActionPerm = bapFactory.create(invariantResource, realm_00, StandardAuthorizationActions.ALL);
+ noneActionPerm = bapFactory.create(invariantResource, realm_00, StandardAuthorizationActions.NONE);
+ createActionPerm = bapFactory.create(invariantResource, realm_00, StandardAuthorizationActions.DATA_CREATE);
+ readActionPerm = bapFactory.create(invariantResource, realm_00, StandardAuthorizationActions.DATA_READ);
+ updateActionPerm = bapFactory.create(invariantResource, realm_00, StandardAuthorizationActions.DATA_UPDATE);
+ deleteActionPerm = bapFactory.create(invariantResource, realm_00, StandardAuthorizationActions.DATA_DELETE);
+
+ wrongInstancePerm = rpFactory.create(invariantResource, realm_00, StandardAuthorizationActions.ALL);
+ wrongSuperRealmPerm = bapFactory.create(invariantResource, realm_10, StandardAuthorizationActions.ALL);
+ wrongSubRealmPerm = bapFactory.create(invariantResource, realm_01, StandardAuthorizationActions.ALL);
+ longResourcePerm = bapFactory.create(longResource, realm_00, StandardAuthorizationActions.ALL);
+ catalogResourcePerm = bapFactory.create(catalogResource, realm_00, StandardAuthorizationActions.ALL);
+
+ groupRecursiveReadPerm = bapFactory.create(groupRecursiveResource, realm_00, StandardAuthorizationActions.DATA_READ);
+ groupReadPerm = bapFactory.create(groupResource, realm_00, StandardAuthorizationActions.DATA_READ);
+ memberOfGroupPerm = bapFactory.create(invariantResource, realm_00, StandardAuthorizationActions.DATA_READ);
+ }
+
+ // =========================================================================
+ // T E S T C O N T R O L
+ // =========================================================================
+
+ /** Construct test case. */
+ public TestBasicAuthorizationPermission( String name ) {
+ super( name );
+ }
+
+ /**
+ * Test suite, with one-time setup.
+ */
+ public static Test suite() {
+ TestSuite suite = new TestSuite();
+ suite.addTestSuite( TestBasicAuthorizationPermission.class );
+
+ // One-time setup and teardown
+ return new TestSetup(suite) {
+ public void setUp() {
+ initTestObjects();
+ }
+ public void tearDown() {
+ }
+ };
+ }
+
+ // =========================================================================
+ // H E L P E R M E T H O D S
+ // =========================================================================
+
+ /**
+ * Test the expiration/effectivity info for licenses.
+ */
+ private static void helpTestImplies( AuthorizationPermission p1,
+ AuthorizationPermission p2,
+ boolean shouldImply ) {
+
+ boolean implied = p1.implies(p2);
+
+ if ( implied && shouldImply ) {
+ assertTrue( "AuthorizationPermission.implies() check succeeded, should have succeeded: " //$NON-NLS-1$
+ + p1 + " => " + p2 + " <> p1 => p2 ? " + implied + ": shouldBeValid? " + shouldImply, //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ ( implied && shouldImply ) );
+ } else if ( ! implied && ! shouldImply ) {
+ assertTrue( "AuthorizationPermission.implies() check failed, should have failed: " //$NON-NLS-1$
+ + p1 + " ! => " + p2 + " <> p1 => p2 ? " + implied + ": shouldBeValid? " + shouldImply, //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ ( ! implied && ! shouldImply ) );
+ } else if ( ! implied && shouldImply ) {
+ assertTrue( "AuthorizationPermission.implies() check failed, should have succeeded: " //$NON-NLS-1$
+ + p1 + " => " + p2 + " <> p1 => p2 ? " + implied + ": shouldBeValid? " + shouldImply, //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ ( ! implied && ! shouldImply ) );
+ } else if ( implied && ! shouldImply ) {
+ assertTrue( "AuthorizationPermission.implies() check succeded, should have failed: " //$NON-NLS-1$
+ + p1 + " ! => " + p2 + " <> p1 => p2 ? " + implied + ": shouldImply? " + shouldImply, //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ ( implied && shouldImply ) );
+ }
+
+ }
+
+ // =========================================================================
+ // T E S T C A S E S
+ // =========================================================================
+
+ // -----------------------------
+ // POSITIVE EQUALITY TESTS
+ // -----------------------------
+
+ /**
+ * Positive test.
+ */
+ public void testPos_RecursiveGroupAllowsElementRead() {
+ helpTestImplies( groupRecursiveReadPerm, memberOfGroupPerm, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_ElementAllowsGroupRead() {
+ helpTestImplies( memberOfGroupPerm, groupReadPerm, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_allImpliesAll() {
+ helpTestImplies( allActionPerm, allActionPerm, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_allImpliesCreate() {
+ helpTestImplies( allActionPerm, createActionPerm, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_allImpliesRead() {
+ helpTestImplies( allActionPerm, readActionPerm, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_allImpliesUpdate() {
+ helpTestImplies( allActionPerm, updateActionPerm, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_allImpliesDelete() {
+ helpTestImplies( allActionPerm, deleteActionPerm, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_createImpliesCreate() {
+ helpTestImplies( createActionPerm, createActionPerm, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_readImpliesRead() {
+ helpTestImplies( readActionPerm, readActionPerm, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_updateImpliesUpdate() {
+ helpTestImplies( updateActionPerm, updateActionPerm, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_deleteImpliesDelete() {
+ helpTestImplies( deleteActionPerm, deleteActionPerm, SUCCEED );
+ }
+
+ // -----------------------------
+ // NEGATIVE MISMATCHED SET TESTS
+ // -----------------------------
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_WrongInstance() {
+ helpTestImplies( source, wrongInstancePerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_WrongSuperRealm() {
+ helpTestImplies( source, wrongSuperRealmPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_WrongSubRealm() {
+ helpTestImplies( source, wrongSubRealmPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_LongResource() {
+ helpTestImplies( source, longResourcePerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_ElementImpliesCatalog() {
+ helpTestImplies( source, catalogResourcePerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_ElementImpliesRecursiveGroupRead() {
+ helpTestImplies( memberOfGroupPerm, groupRecursiveReadPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Create !=> Delete.
+ */
+ public void testNeg_createImpliesDelete() {
+ helpTestImplies( createActionPerm, deleteActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Create ! => Read
+ */
+ public void testNeg_createImpliesRead() {
+ helpTestImplies( createActionPerm, readActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Create ! => Update
+ */
+ public void testNeg_createImpliesUpdate() {
+ helpTestImplies( createActionPerm, updateActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Create !=> All.
+ */
+ public void testNeg_createImpliesAll() {
+ helpTestImplies( createActionPerm, allActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Create !=> None.
+ */
+ public void testNeg_createImpliesNone() {
+ helpTestImplies( createActionPerm, noneActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Update ! => Create
+ */
+ public void testNeg_updateImpliesCreate() {
+ helpTestImplies( updateActionPerm, createActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Update ! => Read
+ */
+ public void testNeg_updateImpliesRead() {
+ helpTestImplies( updateActionPerm, readActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Update ! => Delete
+ */
+ public void testNeg_updateImpliesDelete() {
+ helpTestImplies( updateActionPerm, deleteActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Update !=> All.
+ */
+ public void testNeg_updateImpliesAll() {
+ helpTestImplies( updateActionPerm, allActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Update !=> None.
+ */
+ public void testNeg_updateImpliesNone() {
+ helpTestImplies( updateActionPerm, noneActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Read ! => Create
+ */
+ public void testNeg_readImpliesCreate() {
+ helpTestImplies( readActionPerm, createActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Read ! => Update
+ */
+ public void testNeg_readImpliesUpdate() {
+ helpTestImplies( readActionPerm, updateActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Read ! => Delete
+ */
+ public void testNeg_readImpliesDelete() {
+ helpTestImplies( readActionPerm, deleteActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Read !=> All.
+ */
+ public void testNeg_readImpliesAll() {
+ helpTestImplies( readActionPerm, allActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Read !=> None.
+ */
+ public void testNeg_readImpliesNone() {
+ helpTestImplies( readActionPerm, noneActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Delete !=> Create.
+ */
+ public void testNeg_deleteImpliesCreate() {
+ helpTestImplies( deleteActionPerm, createActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Delete !=> Read.
+ */
+ public void testNeg_deleteImpliesRead() {
+ helpTestImplies( deleteActionPerm, readActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Delete !=> Update.
+ */
+ public void testNeg_deleteImpliesUpdate() {
+ helpTestImplies( deleteActionPerm, updateActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Delete !=> All.
+ */
+ public void testNeg_deleteImpliesAll() {
+ helpTestImplies( deleteActionPerm, allActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * Detete !=> None.
+ */
+ public void testNeg_deleteImpliesNone() {
+ helpTestImplies( deleteActionPerm, noneActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * None !=> Create.
+ */
+ public void testNeg_noneImpliesCreate() {
+ helpTestImplies( noneActionPerm, createActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * None !=> Read.
+ */
+ public void testNeg_noneImpliesRead() {
+ helpTestImplies( noneActionPerm, readActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * None !=> Update.
+ */
+ public void testNeg_noneImpliesUpdate() {
+ helpTestImplies( noneActionPerm, updateActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * None !=> Delete.
+ */
+ public void testNeg_noneImpliesDelete() {
+ helpTestImplies( noneActionPerm, deleteActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * None !=> All.
+ */
+ public void testNeg_noneImpliesAll() {
+ helpTestImplies( noneActionPerm, allActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * All !=> None
+ */
+ public void testNeg_allImpliesNone() {
+ helpTestImplies( allActionPerm, noneActionPerm, FAIL );
+ }
+
+ /**
+ * Negative test.
+ * None !=> None.
+ */
+ public void testNeg_noneImpliesNone() {
+ helpTestImplies( noneActionPerm, noneActionPerm, FAIL );
+ }
+}
Property changes on: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestBasicAuthorizationPermission.java
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestStandardAuthorizationActions.java (from rev 1056, trunk/server/src/test/java/com/metamatrix/platform/security/api/TestStandardAuthorizationActions.java)
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestStandardAuthorizationActions.java (rev 0)
+++ trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestStandardAuthorizationActions.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,444 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.api;
+
+import junit.framework.TestCase;
+
+/**
+ * <p>Test cases for {@link StandardAuthorizationActions} class. </p>
+ */
+public class TestStandardAuthorizationActions extends TestCase {
+
+ // Test case should succeed
+ private static final boolean SUCCEED = true;
+
+ // Test case should not succeed
+ private static final boolean FAIL = false;
+
+ // =========================================================================
+ // T E S T C O N T R O L
+ // =========================================================================
+
+ /** Construct test case. */
+ public TestStandardAuthorizationActions( String name ) {
+ super( name );
+ }
+
+ // =========================================================================
+ // H E L P E R M E T H O D S
+ // =========================================================================
+
+ /**
+ * Test the expiration/effectivity info for licenses.
+ */
+ private static void helpTestImplies( int checkActions, int actionsInPlace,
+ boolean shouldBeValid ) {
+
+ AuthorizationActions authToCheck
+ = StandardAuthorizationActions.getAuthorizationActions(checkActions);
+
+ AuthorizationActions authInPlace
+ = StandardAuthorizationActions.getAuthorizationActions(actionsInPlace);
+
+ if ( shouldBeValid ) {
+ assertTrue( "Authorization check failed, should have succeeded: " //$NON-NLS-1$
+ + checkActions + " checked against " + actionsInPlace + ".", //$NON-NLS-1$ //$NON-NLS-2$
+ authInPlace.implies(authToCheck) );
+ } else {
+ assertTrue( "Authorization check succeeded, should have failed: " //$NON-NLS-1$
+ + checkActions + " checked against " + actionsInPlace + ".", //$NON-NLS-1$ //$NON-NLS-2$
+ !authInPlace.implies(authToCheck) );
+ }
+ }
+
+ // =========================================================================
+ // T E S T C A S E S
+ // =========================================================================
+
+ // POSITIVE EQUALITY TESTS
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_0_0() {
+ helpTestImplies( 0, 0, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_1_1() {
+ helpTestImplies( 1, 1, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_2_2() {
+ helpTestImplies( 2, 2, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_4_4() {
+ helpTestImplies( 4, 4, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_8_8() {
+ helpTestImplies( 8, 8, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_12_12() {
+ helpTestImplies( 1|2, 1|2, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_124_124() {
+ helpTestImplies( 1|2|4, 1|2|4, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_1248_1248() {
+ helpTestImplies( 1|2|4|8, 1|2|4|8, SUCCEED );
+ }
+
+ // POSITIVE SUBSET TESTS
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_0_1() {
+ helpTestImplies( 0, 1, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_0_12() {
+ helpTestImplies( 0, 1|2, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_0_124() {
+ helpTestImplies( 0, 1|2|4, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_0_1248() {
+ helpTestImplies( 0, 1|2|4|8, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_1_12() {
+ helpTestImplies( 1, 1|2, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_1_14() {
+ helpTestImplies( 1, 1|4, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_1_18() {
+ helpTestImplies( 1, 1|8, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_1_124() {
+ helpTestImplies( 1, 1|2|4, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_1_128() {
+ helpTestImplies( 1, 1|2|8, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_1_148() {
+ helpTestImplies( 1, 1|4|8, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_1_1248() {
+ helpTestImplies( 1, 1|2|4|8, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_2_1248() {
+ helpTestImplies( 2, 1|2|4|8, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_4_1248() {
+ helpTestImplies( 4, 1|2|4|8, SUCCEED );
+ }
+
+ /**
+ * Positive test.
+ */
+ public void testPos_Implies_8_1248() {
+ helpTestImplies( 8, 1|2|4|8, SUCCEED );
+ }
+
+ // NEGATIVE MISMATCHED SET TESTS
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_1_2() {
+ helpTestImplies( 1, 2, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_1_4() {
+ helpTestImplies( 1, 4, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_1_8() {
+ helpTestImplies( 1, 8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_1_24() {
+ helpTestImplies( 1, 2|4, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_1_28() {
+ helpTestImplies( 1, 2|8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_1_48() {
+ helpTestImplies( 1, 4|8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_2_14() {
+ helpTestImplies( 2, 1|4, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_2_18() {
+ helpTestImplies( 2, 1|8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_2_48() {
+ helpTestImplies( 2, 4|8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_2_1() {
+ helpTestImplies( 2, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_4_1() {
+ helpTestImplies( 4, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_8_1() {
+ helpTestImplies( 8, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_24_1() {
+ helpTestImplies( 2|4, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_28_1() {
+ helpTestImplies( 2|8, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_48_1() {
+ helpTestImplies( 4|8, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_14_8() {
+ helpTestImplies( 1|4, 8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_124_8() {
+ helpTestImplies( 1|2|4, 8, FAIL );
+ }
+
+ // NEGATIVE SUPERSET TESTS
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_12_1() {
+ helpTestImplies( 1|2, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_14_1() {
+ helpTestImplies( 1|4, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_18_1() {
+ helpTestImplies( 1|8, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_128_1() {
+ helpTestImplies( 1|2|8, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_148_1() {
+ helpTestImplies( 1|4|8, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_1248_1() {
+ helpTestImplies( 1|2|4|8, 1, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_18_8() {
+ helpTestImplies( 1|8, 8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_28_8() {
+ helpTestImplies( 2|8, 8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_48_8() {
+ helpTestImplies( 4|8, 8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_128_8() {
+ helpTestImplies( 1|2|8, 8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_148_8() {
+ helpTestImplies( 1|4|8, 8, FAIL );
+ }
+
+ /**
+ * Negative test.
+ */
+ public void testNeg_Implies_1248_8() {
+ helpTestImplies( 1|2|4|8, 8, FAIL );
+ }
+
+} // END CLASS
+
Property changes on: trunk/embedded/src/test/java/com/metamatrix/platform/security/api/TestStandardAuthorizationActions.java
___________________________________________________________________
Name: svn:mergeinfo
+
Added: trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/service/TestMembershipServiceImpl.java
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/service/TestMembershipServiceImpl.java (rev 0)
+++ trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/service/TestMembershipServiceImpl.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,147 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.membership.service;
+
+import java.util.Properties;
+import java.util.regex.Pattern;
+
+import junit.framework.TestCase;
+
+import org.teiid.dqp.internal.process.DQPWorkContext;
+
+import com.metamatrix.api.exception.security.InvalidPrincipalException;
+import com.metamatrix.common.util.crypto.CryptoUtil;
+import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipal;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
+import com.metamatrix.platform.security.api.service.AuthenticationToken;
+import com.metamatrix.platform.security.api.service.MembershipServiceInterface;
+import com.metamatrix.platform.security.api.service.SuccessfulAuthenticationToken;
+import com.metamatrix.platform.security.membership.spi.MembershipSourceException;
+import com.metamatrix.platform.security.membership.spi.file.TestFileMembershipDomain;
+
+public class TestMembershipServiceImpl extends TestCase {
+
+ public void testInitialization() throws Exception {
+ Properties p = new Properties();
+ p.setProperty(MembershipServiceInterface.ADMIN_USERNAME, "metamatrixadmin"); //$NON-NLS-1$
+ p.setProperty(MembershipServiceInterface.ADMIN_PASSWORD, CryptoUtil.getCryptor().encrypt("mm")); //$NON-NLS-1$
+ p.setProperty(MembershipServiceInterface.SECURITY_ENABLED, Boolean.TRUE.toString());
+ MembershipServiceImpl membershipServiceImpl = new MembershipServiceImpl();
+
+ membershipServiceImpl.initialize(p);
+
+ assertEquals(0, membershipServiceImpl.getDomains().size());
+ assertTrue(membershipServiceImpl.isSecurityEnabled());
+ }
+
+ public void testInitialization1() throws Exception {
+ Properties p = new Properties();
+ p.setProperty(MembershipServiceInterface.ADMIN_USERNAME, "metamatrixadmin"); //$NON-NLS-1$
+ p.setProperty(MembershipServiceInterface.ADMIN_PASSWORD, CryptoUtil.getCryptor().encrypt("mm")); //$NON-NLS-1$
+ p.setProperty(MembershipServiceInterface.SECURITY_ENABLED, Boolean.FALSE.toString());
+ MembershipServiceImpl membershipServiceImpl = new MembershipServiceImpl();
+
+ membershipServiceImpl.initialize(p);
+
+ assertEquals(0, membershipServiceImpl.getDomains().size());
+ assertFalse(membershipServiceImpl.isSecurityEnabled());
+
+ assertTrue(membershipServiceImpl.authenticateUser("foo", new Credentials("bar".toCharArray()), null, null) instanceof SuccessfulAuthenticationToken); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ public void testBaseUsername() throws Exception {
+
+ assertEquals("foo at bar.com", MembershipServiceImpl.getBaseUsername("foo\\@bar.com at foo")); //$NON-NLS-1$ //$NON-NLS-2$
+
+ assertEquals("foo", MembershipServiceImpl.getDomainName("me\\@bar.com at foo")); //$NON-NLS-1$ //$NON-NLS-2$
+
+ assertEquals(null, MembershipServiceImpl.getDomainName("@")); //$NON-NLS-1$
+
+ assertEquals("@", MembershipServiceImpl.getBaseUsername("@")); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ private MembershipServiceImpl createMembershipService() throws MembershipSourceException {
+ MembershipServiceImpl membershipService = new MembershipServiceImpl();
+ MembershipServiceImpl.MembershipDomainHolder membershipDomainHolder = new MembershipServiceImpl.MembershipDomainHolder(
+ TestFileMembershipDomain
+ .createFileMembershipDomain(),
+ TestFileMembershipDomain.TEST_DOMAIN_NAME);
+ membershipService.getDomains().add(membershipDomainHolder);
+ return membershipService;
+ }
+
+ public void testSuperAuthenticate() throws Exception {
+ MembershipServiceImpl membershipService = createMembershipService();
+ membershipService.setAllowedAddresses(Pattern.compile("192[.]168[.]0[.]2")); //$NON-NLS-1$
+ membershipService.setAdminCredentials("pass1"); //$NON-NLS-1$
+
+ AuthenticationToken at = membershipService.authenticateUser(MembershipServiceImpl.DEFAULT_ADMIN_USERNAME, new Credentials("pass1".toCharArray()), null, null); //$NON-NLS-1$
+
+ assertFalse(at.isAuthenticated());
+ DQPWorkContext.getWorkContext().setClientAddress("192.168.0.1"); //$NON-NLS-1$
+ at = membershipService.authenticateUser(MembershipServiceImpl.DEFAULT_ADMIN_USERNAME, new Credentials("pass1".toCharArray()), null, null); //$NON-NLS-1$
+
+ assertFalse(at.isAuthenticated());
+ DQPWorkContext.getWorkContext().setClientAddress("192.168.0.2"); //$NON-NLS-1$
+ at = membershipService.authenticateUser(MembershipServiceImpl.DEFAULT_ADMIN_USERNAME, new Credentials("pass1".toCharArray()), null, null); //$NON-NLS-1$
+
+ assertTrue(at.isAuthenticated());
+ }
+
+ public void testGetPrincipal() throws Exception {
+ MembershipServiceImpl membershipService = createMembershipService();
+
+ MetaMatrixPrincipal principal = membershipService.getPrincipal(new MetaMatrixPrincipalName("user1 at testFile", MetaMatrixPrincipal.TYPE_USER)); //$NON-NLS-1$
+
+ assertEquals("user1 at testFile", principal.getName()); //$NON-NLS-1$
+ }
+
+ public void testAuthenticate() throws Exception {
+ MembershipServiceImpl membershipService = createMembershipService();
+
+ AuthenticationToken at = membershipService.authenticateUser("user1", new Credentials("pass1".toCharArray()), null, null); //$NON-NLS-1$ //$NON-NLS-2$
+
+ assertEquals("user1 at testFile", at.getUserName()); //$NON-NLS-1$
+ }
+
+ public void testGetPrincipalForGroup() throws Exception {
+ MembershipServiceImpl membershipService = createMembershipService();
+
+ MetaMatrixPrincipal principal = membershipService.getPrincipal(new MetaMatrixPrincipalName("group1 at testFile", MetaMatrixPrincipal.TYPE_GROUP)); //$NON-NLS-1$
+
+ assertEquals("group1 at testFile", principal.getName()); //$NON-NLS-1$
+ assertEquals(MetaMatrixPrincipal.TYPE_GROUP, principal.getType());
+ }
+
+ public void testGetPrincipalForInvalidGroup() throws Exception {
+ MembershipServiceImpl membershipService = createMembershipService();
+
+ try {
+ membershipService.getPrincipal(new MetaMatrixPrincipalName("groupX at testFile", MetaMatrixPrincipal.TYPE_GROUP)); //$NON-NLS-1$
+ } catch (InvalidPrincipalException e) {
+ assertEquals("The principal 'groupX at testFile' does not exist in domain 'testFile'", e.getMessage()); //$NON-NLS-1$
+ }
+ }
+
+}
Property changes on: trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/service/TestMembershipServiceImpl.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/file/TestFileMembershipDomain.java
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/file/TestFileMembershipDomain.java (rev 0)
+++ trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/file/TestFileMembershipDomain.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,328 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.membership.spi.file;
+
+import java.io.File;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Properties;
+import java.util.Set;
+
+import junit.framework.TestCase;
+
+import com.metamatrix.api.exception.security.InvalidUserException;
+import com.metamatrix.api.exception.security.LogonException;
+import com.metamatrix.api.exception.security.UnsupportedCredentialException;
+import com.metamatrix.core.util.UnitTestUtil;
+import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.platform.security.api.service.MembershipServiceInterface;
+import com.metamatrix.platform.security.api.service.SuccessfulAuthenticationToken;
+import com.metamatrix.platform.security.membership.spi.MembershipSourceException;
+
+public class TestFileMembershipDomain extends TestCase {
+
+ public static final String TEST_DOMAIN_NAME = "testFile"; //$NON-NLS-1$
+
+ /**
+ * testInvalidInit1 - tests invalid init - no properties supplied.
+ */
+ public void testInvalidInit1() throws Exception {
+ FileMembershipDomain domain = new FileMembershipDomain();
+
+ // Empty properties
+ Properties p = new Properties();
+
+ // Initialize the domain with empty properties
+ try {
+ domain.initialize(p);
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (MembershipSourceException e) {
+ assertEquals("Required property usersFile was missing.", e.getMessage()); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testInvalidInit2 - tests invalid init - only users file supplied
+ */
+ public void testInvalidInit2() throws Exception {
+ FileMembershipDomain domain = new FileMembershipDomain();
+
+ // Empty properties
+ Properties p = new Properties();
+ File usersFile = UnitTestUtil.getTestDataFile("users.properties"); //$NON-NLS-1$
+
+ p.setProperty(FileMembershipDomain.USERS_FILE, usersFile.getAbsolutePath());
+
+ // Initialize the domain with empty properties
+ try {
+ domain.initialize(p);
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (MembershipSourceException e) {
+ assertEquals("Required property groupsFile was missing.", e.getMessage()); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testInvalidInit3 - tests invalid init - only groups file supplied
+ */
+ public void testInvalidInit3() throws Exception {
+ FileMembershipDomain domain = new FileMembershipDomain();
+
+ // Empty properties
+ Properties p = new Properties();
+ File groupsFile = UnitTestUtil.getTestDataFile("groups.properties"); //$NON-NLS-1$
+
+ p.setProperty(FileMembershipDomain.GROUPS_FILE, groupsFile.getAbsolutePath());
+
+ // Initialize the domain with empty properties
+ try {
+ domain.initialize(p);
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (MembershipSourceException e) {
+ assertEquals("Required property usersFile was missing.", e.getMessage()); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testBadUsersFile - tests invalid init - bad usersfile supplied
+ */
+ public void testBadUsersFile() throws Exception {
+ FileMembershipDomain domain = new FileMembershipDomain();
+
+ // Empty properties
+ Properties p = new Properties();
+ File usersFile = UnitTestUtil.getTestDataFile("ohCrap"); //$NON-NLS-1$
+ File groupsFile = UnitTestUtil.getTestDataFile("groups.properties"); //$NON-NLS-1$
+
+ p.setProperty(FileMembershipDomain.USERS_FILE, usersFile.getAbsolutePath());
+ p.setProperty(FileMembershipDomain.GROUPS_FILE, groupsFile.getAbsolutePath());
+
+ // Initialize the domain with empty properties
+ try {
+ domain.initialize(p);
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (MembershipSourceException e) {
+ assertTrue(e.getMessage().startsWith("Could not load file")); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testBadGroupsFile - tests invalid init - bad groupsfile supplied
+ */
+ public void testBadGroupsFile() throws Exception {
+ FileMembershipDomain domain = new FileMembershipDomain();
+
+ // Empty properties
+ Properties p = new Properties();
+ File usersFile = UnitTestUtil.getTestDataFile("users.properties"); //$NON-NLS-1$
+ File groupsFile = UnitTestUtil.getTestDataFile("bad"); //$NON-NLS-1$
+
+ p.setProperty(FileMembershipDomain.USERS_FILE, usersFile.getAbsolutePath());
+ p.setProperty(FileMembershipDomain.GROUPS_FILE, groupsFile.getAbsolutePath());
+
+ // Initialize the domain with empty properties
+ try {
+ domain.initialize(p);
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (MembershipSourceException e) {
+ assertTrue(e.getMessage().startsWith("Could not load file")); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testValidInit - tests valid init - good files
+ */
+ public void testValidInit() throws Exception {
+ FileMembershipDomain domain = new FileMembershipDomain();
+
+ // Empty properties
+ Properties p = new Properties();
+ File usersFile = UnitTestUtil.getTestDataFile("users.properties"); //$NON-NLS-1$
+ File groupsFile = UnitTestUtil.getTestDataFile("groups.properties"); //$NON-NLS-1$
+
+ p.setProperty(FileMembershipDomain.USERS_FILE, usersFile.getAbsolutePath());
+ p.setProperty(FileMembershipDomain.GROUPS_FILE, groupsFile.getAbsolutePath());
+
+ // Initialize the domain with empty properties
+ try {
+ domain.initialize(p);
+ } catch (MembershipSourceException e) {
+ fail("unexpected exception"); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testValidUserAuthentication - tests valid user
+ */
+ public void testValidUserAuthentication() throws Exception {
+ FileMembershipDomain domain = createFileMembershipDomain();
+
+ SuccessfulAuthenticationToken sat = domain.authenticateUser("user1", new Credentials("pass1".toCharArray()), null, null); //$NON-NLS-1$ //$NON-NLS-2$
+
+ assertNull(sat.getPayload());
+ }
+
+ public void testInValidUserAuthentication() throws Exception {
+ FileMembershipDomain domain = createFileMembershipDomain();
+
+ try {
+ domain.authenticateUser("user1", null, null, null); //$NON-NLS-1$
+ fail("Expected exception"); //$NON-NLS-1$
+ } catch (UnsupportedCredentialException uce) {
+ //expected
+ }
+ }
+
+
+ public static FileMembershipDomain createFileMembershipDomain() throws MembershipSourceException {
+ return createFileMembershipDomain(true);
+ }
+
+ public static FileMembershipDomain createFileMembershipDomain(boolean checkPassword) throws MembershipSourceException {
+ FileMembershipDomain domain = new FileMembershipDomain();
+
+ // Empty properties
+ Properties p = new Properties();
+ File usersFile = UnitTestUtil.getTestDataFile("users.properties"); //$NON-NLS-1$
+ File groupsFile = UnitTestUtil.getTestDataFile("groups.properties"); //$NON-NLS-1$
+
+ p.setProperty(FileMembershipDomain.USERS_FILE, usersFile.getAbsolutePath());
+ p.setProperty(FileMembershipDomain.GROUPS_FILE, groupsFile.getAbsolutePath());
+ p.setProperty(FileMembershipDomain.CHECK_PASSWORD, Boolean.toString(checkPassword));
+ p.setProperty(MembershipServiceInterface.DOMAIN_NAME, TEST_DOMAIN_NAME);
+
+ domain.initialize(p);
+ return domain;
+ }
+
+ /**
+ * testInvalidUserAuthentication - tests invalid user
+ */
+ public void testInvalidUserAuthentication() throws Exception {
+ FileMembershipDomain domain = createFileMembershipDomain();
+
+ try {
+ domain.authenticateUser("joe", new Credentials("pass1".toCharArray()), null, null); //$NON-NLS-1$ //$NON-NLS-2$
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (InvalidUserException e) {
+ assertEquals(e.getMessage(),"user joe is invalid"); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testInvalidPasswordAuthentication - tests invalid password
+ */
+ public void testInvalidPasswordAuthentication() throws Exception {
+ FileMembershipDomain domain = createFileMembershipDomain();
+
+ try {
+ domain.authenticateUser("user1", new Credentials("pass2".toCharArray()), null, null); //$NON-NLS-1$ //$NON-NLS-2$
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (LogonException e) {
+ assertEquals(e.getMessage(),"user user1 could not be authenticated"); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testInvalidUserWithCheckingFalse - tests invalid user with checking turned off
+ */
+ public void testInvalidUserWithCheckingFalse() throws Exception {
+ FileMembershipDomain domain = createFileMembershipDomain();
+
+ try {
+ domain.authenticateUser("joe", new Credentials("pass1".toCharArray()), null, null); //$NON-NLS-1$ //$NON-NLS-2$
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (InvalidUserException e) {
+ assertEquals(e.getMessage(),"user joe is invalid"); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testInvalidPasswordWithCheckingFalse - tests valid user but invalid password with checking turned off
+ */
+ public void testInvalidPasswordWithCheckingFalse() throws Exception {
+ FileMembershipDomain domain = createFileMembershipDomain(false);
+
+ SuccessfulAuthenticationToken sat = domain.authenticateUser("user1", new Credentials("pass2".toCharArray()), null, null); //$NON-NLS-1$ //$NON-NLS-2$
+
+ assertNull(sat.getPayload());
+ }
+
+
+ /**
+ * testGetGroupNames - tests get groupNames.
+ */
+ public void testGetGroupNames() throws Exception {
+ FileMembershipDomain domain = createFileMembershipDomain();
+
+ Set groupNames = domain.getGroupNames();
+
+ assertEquals(new HashSet(Arrays.asList(new Object[] {"group1", "group2", "group3"})), groupNames); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+
+ }
+
+ /**
+ * testGetGroupNamesForUser - tests get groupNames for a user.
+ */
+ public void testGetGroupNamesForUser() throws Exception {
+ FileMembershipDomain domain = createFileMembershipDomain();
+
+ Set groupNames = domain.getGroupNamesForUser("user2"); //$NON-NLS-1$
+
+ assertEquals(new HashSet(Arrays.asList(new Object[] {"group1", "group2"})), groupNames); //$NON-NLS-1$ //$NON-NLS-2$
+
+ }
+
+ /**
+ * testGetGroupNamesForUser - tests get groupNames for an invalid user.
+ */
+ public void testGetGroupNamesForInvalidUser() throws Exception {
+ FileMembershipDomain domain = createFileMembershipDomain();
+
+ try {
+ domain.getGroupNamesForUser("markyMark"); //$NON-NLS-1$
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (Exception e) {
+ assertTrue(e instanceof InvalidUserException);
+ }
+
+ }
+
+ public void testInitializeWithClasspathFiles() throws Exception {
+ FileMembershipDomain domain = new FileMembershipDomain();
+
+ // Empty properties
+ Properties p = new Properties();
+ String usersFile = "classpath:users.properties"; //$NON-NLS-1$
+ String groupsFile = "classpath:groups.properties"; //$NON-NLS-1$
+
+ p.setProperty(FileMembershipDomain.USERS_FILE, usersFile);
+ p.setProperty(FileMembershipDomain.GROUPS_FILE, groupsFile);
+ p.setProperty(MembershipServiceInterface.DOMAIN_NAME, TEST_DOMAIN_NAME);
+
+ domain.initialize(p);
+
+ assertEquals(3, domain.getUsers().size());
+ }
+
+}
Property changes on: trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/file/TestFileMembershipDomain.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/ldap/TestLDAPMembershipDomainConfiguration.java
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/ldap/TestLDAPMembershipDomainConfiguration.java (rev 0)
+++ trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/ldap/TestLDAPMembershipDomainConfiguration.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,157 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.membership.spi.ldap;
+
+import java.util.Properties;
+
+import junit.framework.TestCase;
+
+import com.metamatrix.common.application.exception.ApplicationInitializationException;
+import com.metamatrix.platform.security.membership.service.MembershipServiceImpl;
+import com.metamatrix.platform.security.membership.spi.MembershipSourceException;
+import com.metamatrix.platform.security.membership.spi.ldap.LDAPMembershipDomain.LdapContext;
+
+public class TestLDAPMembershipDomainConfiguration extends TestCase {
+
+ private LDAPMembershipDomain getLdapMembershipDomainWithMultipleContexts() throws MembershipSourceException {
+ LDAPMembershipDomain domain = new LDAPMembershipDomain();
+
+ Properties p = new Properties();
+ //ldap url, usersRootContext, groupsRootContext
+ p.setProperty(LDAPMembershipDomain.LDAP_URL, "ldap://sluxtech09:389"); //$NON-NLS-1$
+ p.setProperty(LDAPMembershipDomain.USERS_ROOT_CONTEXT, "ou=people,dc=metamatrix,dc=com?ou=people,dc=quadrian,dc=com"); //$NON-NLS-1$
+ p.setProperty(LDAPMembershipDomain.GROUPS_ROOT_CONTEXT, "ou=groups,dc=metamatrix,dc=com?ou=groups,dc=quadrian,dc=com"); //$NON-NLS-1$
+
+ //properties for Apache DS
+ p.setProperty(LDAPMembershipDomain.GROUPS_GROUP_MEMBER_ATTRIBUTE, "uniquemember"); //$NON-NLS-1$
+
+ //credentials
+ p.setProperty(LDAPMembershipDomain.LDAP_ADMIN_DN, "cn=Directory Manager"); //$NON-NLS-1$
+ p.setProperty(LDAPMembershipDomain.LDAP_ADMIN_PASSWORD, "stladmin"); //$NON-NLS-1$
+ p.setProperty(MembershipServiceImpl.DOMAIN_NAME, "testDomain"); //$NON-NLS-1$
+
+
+ domain.initialize(p);
+ return domain;
+ }
+
+ /**
+ * testInvalidInit1 - tests invalid init - no properties supplied.
+ */
+ public void testInvalidInit1() throws Exception {
+ LDAPMembershipDomain domain = new LDAPMembershipDomain();
+
+ // Empty properties
+ Properties p = new Properties();
+
+ // Initialize the domain with empty properties
+ try {
+ domain.initialize(p);
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (MembershipSourceException e) {
+ assertEquals("Required property ldapURL was missing.", e.getMessage()); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testInvalidInit2 - tests invalid init - only the ldap URL is supplied.
+ */
+ public void testInvalidInit2() throws Exception {
+ LDAPMembershipDomain domain = new LDAPMembershipDomain();
+
+ // Properties containing ldap URL only
+ Properties p = new Properties();
+ p.setProperty(LDAPMembershipDomain.LDAP_URL, "ldap://sluxtech09:389"); //$NON-NLS-1$
+
+ try {
+ domain.initialize(p);
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (MembershipSourceException e) {
+ assertEquals("Required property users.rootContext was missing.", e.getMessage()); //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * testInvalidInit3 - tests invalid init - ldap URL and users rootContext are supplied.
+ */
+ public void testInvalidInit3() throws Exception {
+ LDAPMembershipDomain domain = new LDAPMembershipDomain();
+
+ Properties p = new Properties();
+ p.setProperty(LDAPMembershipDomain.LDAP_URL, "ldap://sluxtech09:389"); //$NON-NLS-1$
+ p.setProperty(LDAPMembershipDomain.USERS_ROOT_CONTEXT, "ou=people,dc=metamatrix,dc=com"); //$NON-NLS-1$
+
+ try {
+ domain.initialize(p);
+ fail("expected exception"); //$NON-NLS-1$
+ } catch (MembershipSourceException e) {
+ assertEquals("Required property groups.rootContext was missing.", e.getMessage()); //$NON-NLS-1$
+ }
+ }
+
+// public void testInvalidInit4() throws Exception {
+// LDAPMembershipDomain domain = new LDAPMembershipDomain();
+//
+// Properties p = new Properties();
+// p.setProperty(LDAPMembershipDomain.LDAP_URL, "ldap://sluxtech09:389"); //$NON-NLS-1$
+// p.setProperty(LDAPMembershipDomain.USERS_ROOT_CONTEXT, "ou=people,dc=metamatrix,dc=com"); //$NON-NLS-1$
+// p.setProperty(LDAPMembershipDomain.GROUPS_ROOT_CONTEXT, "ou=groups,dc=metamatrix,dc=com"); //$NON-NLS-1$
+//
+// try {
+// domain.initialize(p);
+// fail("expected exception"); //$NON-NLS-1$
+// } catch (ServiceStateException e) {
+// assertEquals("No users will appear as members of any group since user's memberOf and group's group memberOf attributes are both unspecified.", e.getMessage()); //$NON-NLS-1$
+// }
+// }
+
+ /**
+ * testValidInit - tests valid init - all required properties supplied.
+ */
+ public void testValidInit() throws Exception {
+ LDAPMembershipDomain domain = new LDAPMembershipDomain();
+
+ Properties p = new Properties();
+ p.setProperty(LDAPMembershipDomain.LDAP_URL, "ldap://sluxtech09:389"); //$NON-NLS-1$
+ p.setProperty(LDAPMembershipDomain.USERS_ROOT_CONTEXT, "ou=people,dc=metamatrix,dc=com"); //$NON-NLS-1$
+ p.setProperty(LDAPMembershipDomain.GROUPS_ROOT_CONTEXT, "ou=groups,dc=metamatrix,dc=com"); //$NON-NLS-1$
+ p.setProperty(LDAPMembershipDomain.USERS_MEMBER_OF_ATTRIBUTE, "memberOf"); //$NON-NLS-1$
+ try {
+ domain.initialize(p);
+ } catch (MembershipSourceException e) {
+ fail("Encountered initialization exception"); //$NON-NLS-1$
+ }
+ }
+
+ public void testUsernameEscaping() {
+ assertEquals("\\2a", LDAPMembershipDomain.escapeLDAPSearchFilter("*")); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ public void testMultipleContexts() throws Exception {
+ LDAPMembershipDomain domain = getLdapMembershipDomainWithMultipleContexts();
+ assertEquals(2, domain.getUsersRootContexts().size());
+ LdapContext context = (LdapContext)domain.getUsersRootContexts().get(1);
+ assertEquals("ou=people,dc=quadrian,dc=com", context.context); //$NON-NLS-1$
+ }
+
+}
Property changes on: trunk/embedded/src/test/java/com/metamatrix/platform/security/membership/spi/ldap/TestLDAPMembershipDomainConfiguration.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/embedded/src/test/java/com/metamatrix/platform/security/session/service/TestSessionServiceImpl.java
===================================================================
--- trunk/embedded/src/test/java/com/metamatrix/platform/security/session/service/TestSessionServiceImpl.java (rev 0)
+++ trunk/embedded/src/test/java/com/metamatrix/platform/security/session/service/TestSessionServiceImpl.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,55 @@
+package com.metamatrix.platform.security.session.service;
+
+import java.util.Properties;
+
+import junit.framework.TestCase;
+
+import org.mockito.Mockito;
+
+import com.metamatrix.admin.api.exception.security.InvalidSessionException;
+import com.metamatrix.platform.security.api.MetaMatrixSessionID;
+import com.metamatrix.platform.security.api.MetaMatrixSessionInfo;
+import com.metamatrix.platform.security.api.service.MembershipServiceInterface;
+import com.metamatrix.platform.security.api.service.SuccessfulAuthenticationToken;
+
+public class TestSessionServiceImpl extends TestCase {
+
+ public void testValidateSession() throws Exception {
+ SessionServiceImpl ssi = new SessionServiceImpl();
+ MembershipServiceInterface msi = Mockito.mock(MembershipServiceInterface.class);
+ Mockito.stub(msi.authenticateUser("steve", null, null, "foo")).toReturn(new SuccessfulAuthenticationToken(null, "steve at somedomain")); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ ssi.setMembershipService(msi);
+
+ MetaMatrixSessionID id1 = new MetaMatrixSessionID(1);
+ try {
+ ssi.validateSession(id1);
+ fail("exception expected"); //$NON-NLS-1$
+ } catch (InvalidSessionException e) {
+
+ }
+
+ MetaMatrixSessionInfo info = ssi.createSession("steve", null, null, "foo", new Properties()); //$NON-NLS-1$ //$NON-NLS-2$
+ id1 = info.getSessionID();
+ ssi.validateSession(id1);
+
+ assertEquals(1, ssi.getActiveSessionsCount());
+ assertEquals(0, ssi.getSessionsLoggedInToVDB("a", "1").size()); //$NON-NLS-1$ //$NON-NLS-2$
+
+ ssi.closeSession(id1);
+
+ try {
+ ssi.validateSession(id1);
+ fail("exception expected"); //$NON-NLS-1$
+ } catch (InvalidSessionException e) {
+
+ }
+
+ try {
+ ssi.closeSession(id1);
+ fail("exception expected"); //$NON-NLS-1$
+ } catch (InvalidSessionException e) {
+
+ }
+ }
+
+}
Property changes on: trunk/embedded/src/test/java/com/metamatrix/platform/security/session/service/TestSessionServiceImpl.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Copied: trunk/embedded/src/test/resources/groups.properties (from rev 1046, trunk/server/src/test/resources/groups.properties)
===================================================================
--- trunk/embedded/src/test/resources/groups.properties (rev 0)
+++ trunk/embedded/src/test/resources/groups.properties 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,25 @@
+#
+# JBoss, Home of Professional Open Source.
+# See the COPYRIGHT.txt file distributed with this work for information
+# regarding copyright ownership. Some portions may be licensed
+# to Red Hat, Inc. under one or more contributor license agreements.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 USA.
+#
+
+group1=user1, user2
+group2=user2, user3
+group3=
\ No newline at end of file
Property changes on: trunk/embedded/src/test/resources/groups.properties
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: trunk/embedded/src/test/resources/permissions.xml (from rev 1046, trunk/server/src/test/resources/permissions.xml)
===================================================================
--- trunk/embedded/src/test/resources/permissions.xml (rev 0)
+++ trunk/embedded/src/test/resources/permissions.xml 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<realm>
+ <roles>
+ <data-role>
+ <name>admin</name>
+ <vdb-name>vdbName</vdb-name>
+ <vdb-version>1</vdb-version>
+ <description>This is a description</description>
+ <permissions>
+ <permission>
+ <resource-name>x</resource-name>
+ <allow-create />
+ <allow-read />
+ <allow-update />
+ <allow-delete />
+ </permission>
+ <permission>
+ <resource-name>y</resource-name>
+ <allow-create />
+ </permission>
+ </permissions>
+ <principals>
+ <group>group1</group>
+ <group>group2</group>
+ </principals>
+ </data-role>
+ <data-role>
+ <name>user</name>
+ <vdb-name>vdbName</vdb-name>
+ <vdb-version>1</vdb-version>
+ <description />
+ <permissions>
+ <permission>
+ <resource-name>a</resource-name>
+ <allow-create />
+ <allow-update />
+ <allow-delete />
+ </permission>
+ </permissions>
+ </data-role>
+ <data-role>
+ <name>other</name>
+ <vdb-name>vdbName</vdb-name>
+ <vdb-version>1</vdb-version>
+ <description>I have no permissions</description>
+ <principals>
+ <group>group3</group>
+ </principals>
+ </data-role>
+ </roles>
+</realm>
+
Property changes on: trunk/embedded/src/test/resources/permissions.xml
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: trunk/embedded/src/test/resources/permissions2.xml (from rev 1046, trunk/server/src/test/resources/permissions2.xml)
===================================================================
--- trunk/embedded/src/test/resources/permissions2.xml (rev 0)
+++ trunk/embedded/src/test/resources/permissions2.xml 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<realm>
+ <roles>
+ <data-role>
+ <name>admin</name>
+ <vdb-name>vdbNamexx</vdb-name>
+ <vdb-version>11</vdb-version>
+ <description>This is a description</description>
+ <permissions>
+ <permission>
+ <resource-name>x</resource-name>
+ <allow-create />
+ <allow-read />
+ <allow-update />
+ <allow-delete />
+ </permission>
+ <permission>
+ <resource-name>y</resource-name>
+ <allow-create />
+ </permission>
+ </permissions>
+ <principals>
+ <group>group1</group>
+ <group>group2</group>
+ </principals>
+ </data-role>
+ <data-role>
+ <name>user</name>
+ <vdb-name>vdbNamexx</vdb-name>
+ <vdb-version>11</vdb-version>
+ <description />
+ </data-role>
+ </roles>
+</realm>
+
Property changes on: trunk/embedded/src/test/resources/permissions2.xml
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: trunk/embedded/src/test/resources/users.properties (from rev 1046, trunk/server/src/test/resources/users.properties)
===================================================================
--- trunk/embedded/src/test/resources/users.properties (rev 0)
+++ trunk/embedded/src/test/resources/users.properties 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,25 @@
+#
+# JBoss, Home of Professional Open Source.
+# See the COPYRIGHT.txt file distributed with this work for information
+# regarding copyright ownership. Some portions may be licensed
+# to Red Hat, Inc. under one or more contributor license agreements.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 USA.
+#
+
+user1=pass1
+user2=pass2
+user3=pass3
\ No newline at end of file
Property changes on: trunk/embedded/src/test/resources/users.properties
___________________________________________________________________
Name: svn:mergeinfo
+
Modified: trunk/engine/src/main/java/com/metamatrix/common/application/exception/ApplicationInitializationException.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/common/application/exception/ApplicationInitializationException.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/engine/src/main/java/com/metamatrix/common/application/exception/ApplicationInitializationException.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -64,5 +64,13 @@
super(e, message);
}
+ public ApplicationInitializationException(Throwable e, String errorCode, String msg) {
+ super(e, errorCode, msg);
+ }
+
+ public ApplicationInitializationException(String errorCode, String msg) {
+ super(errorCode, msg);
+ }
+
} // END CLASS
Modified: trunk/engine/src/main/java/com/metamatrix/dqp/service/VDBService.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/dqp/service/VDBService.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/engine/src/main/java/com/metamatrix/dqp/service/VDBService.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -22,13 +22,14 @@
package com.metamatrix.dqp.service;
-import java.io.InputStream;
import java.util.List;
import com.metamatrix.api.exception.MetaMatrixComponentException;
+import com.metamatrix.api.exception.MetaMatrixProcessingException;
import com.metamatrix.common.application.ApplicationService;
import com.metamatrix.common.application.exception.ApplicationLifecycleException;
import com.metamatrix.common.vdb.api.VDBArchive;
+import com.metamatrix.metadata.runtime.exception.VirtualDatabaseException;
/**
* This interface defines methods which are specific to dealing with VDBs
@@ -70,15 +71,6 @@
throws MetaMatrixComponentException;
/**
- * Get VDB resource contents
- * @param vdbName VDB name
- * @param vdbVersion VDB version
- * @return VDB resource file name
- */
- public InputStream getVDBResource(String vdbName, String vdbVersion)
- throws MetaMatrixComponentException;
-
- /**
* Get all multi-source model names (models that can be bound to multiple connector bindings) for this VDB
* name and version.
* @param vdbName VDB name
@@ -98,16 +90,6 @@
throws MetaMatrixComponentException;
/**
- * Get the Status of VDB
- * @param vdbName - Name of the VDB
- * @param vdbVersion - Version of the VDB
- * @return int Current status of VDB
- * @since 4.3
- */
- public int getVDBStatus(String vdbName, String vdbVersion)
- throws MetaMatrixComponentException;
-
- /**
* Change the status of the VDB
* @param vdbName - Name of the VDB
* @param vdbVersion - Version of the VDB
@@ -119,4 +101,8 @@
// to be removed later..
public String getConnectorName(String connectorBindingID) throws MetaMatrixComponentException;
+
+ public String getActiveVDBVersion(String vdbName, String vdbVersion) throws MetaMatrixComponentException, VirtualDatabaseException;
+
+ public VDBArchive getVDB(String vdbName, String vdbVersion) throws MetaMatrixComponentException;
}
Added: trunk/engine/src/main/java/com/metamatrix/platform/security/api/MetaMatrixSessionInfo.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/platform/security/api/MetaMatrixSessionInfo.java (rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/platform/security/api/MetaMatrixSessionInfo.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,156 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.api;
+
+import java.io.Serializable;
+import java.util.Properties;
+
+/**
+ * This class represents an immutable informational object describing
+ * the attributes of a unique MetaMatrix session within a given MetaMatrix System.
+ */
+public class MetaMatrixSessionInfo implements Serializable, Cloneable {
+
+ public final static long serialVersionUID = -9120197553960136239L;
+
+ private SessionToken sessionToken; // immutable
+ private long lastPingTime;
+ private long timeCreated;
+ private String applicationName;
+ private Properties productInfo;
+ private String clientIp;
+ private String clientHostname;
+ private Serializable trustedToken;
+
+ /**
+ * Master constructor, allows a MetaMatrixSessionInfo to be created with
+ * any state and any timestamps.
+ */
+ public MetaMatrixSessionInfo(MetaMatrixSessionID sessionID, String userName, long timeCreated, String applicationName, Properties productInfo, String clientIp, String clientHostname){
+ this.timeCreated = timeCreated;
+ this.lastPingTime = timeCreated;
+ this.applicationName = applicationName;
+ this.sessionToken = new SessionToken(sessionID, userName);
+ this.productInfo = productInfo;
+ this.clientIp = clientIp;
+ this.clientHostname = clientHostname;
+ }
+
+ public MetaMatrixSessionID getSessionID() {
+ return this.sessionToken.getSessionID();
+ }
+
+ public String getUserName() {
+ return this.sessionToken.getUsername();
+ }
+
+ public String getApplicationName() {
+ return this.applicationName;
+ }
+
+ public long getTimeCreated() {
+ return this.timeCreated;
+ }
+
+ /**
+ * Get the time the server was last pinged by this session.
+ * Note that the session's "last ping time" will only be acurate
+ * if the session is in the ACTIVE state.
+ * @return The time the server was last pinged by this session.
+ */
+ public long getLastPingTime() {
+ return lastPingTime;
+ }
+
+ /**
+ * Used <i><b>ONLY</b></i> by the session service to set the
+ * time this session last initiated a server ping.
+ * @param lastPingTime The last time this session pinged the server.
+ */
+ public void setLastPingTime(long lastPingTime) {
+ this.lastPingTime = lastPingTime;
+ }
+
+ public SessionToken getSessionToken(){
+ return this.sessionToken;
+ }
+
+ /**
+ * Return a cloned instance of this object.
+ * @return the object that is the clone of this instance.
+ */
+ public Object clone() {
+ try {
+ // Everything is immutable, so bit-wise copy (of references) is okay!
+ return super.clone();
+ } catch ( CloneNotSupportedException e ) {
+ }
+ return null;
+ }
+
+ /**
+ * Returns a string representing the current state of the object.
+ */
+ public String toString() {
+ StringBuffer s = new StringBuffer();
+ s.append("MetaMatrixSessionInfo[ "); //$NON-NLS-1$
+ s.append(this.sessionToken.toString());
+ s.append(", "); //$NON-NLS-1$
+ s.append("application:"); //$NON-NLS-1$
+ s.append(this.applicationName);
+ s.append(", created:"); //$NON-NLS-1$
+ s.append(this.timeCreated);
+ s.append(", last pinged server:"); //$NON-NLS-1$
+ s.append(this.lastPingTime);
+ s.append("]"); //$NON-NLS-1$
+ return s.toString();
+ }
+
+ /**
+ * @return Returns the productInfo.
+ * @since 4.3
+ */
+ public String getProductInfo(String key) {
+ return this.productInfo.getProperty(key);
+ }
+
+ public Properties getProductInfo() {
+ return this.productInfo;
+ }
+
+ public String getClientIp() {
+ return clientIp;
+ }
+
+ public String getClientHostname() {
+ return clientHostname;
+ }
+
+ public void setTrustedToken(Serializable trustedToken) {
+ this.trustedToken = trustedToken;
+ }
+
+ public Serializable getTrustedToken() {
+ return trustedToken;
+ }
+}
Property changes on: trunk/engine/src/main/java/com/metamatrix/platform/security/api/MetaMatrixSessionInfo.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/engine/src/main/java/com/metamatrix/platform/security/api/UserEntitlementInfo.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/platform/security/api/UserEntitlementInfo.java (rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/platform/security/api/UserEntitlementInfo.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,248 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.api;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * Information about a particular entitled <i>Resource</i> (Group or table, Element or column),
+ * this class specifies a collection of <i>Principals</i> (users or user groups) - <i>Grantee</i>s
+ * that have been granted certain <i>Allowed Actions</i> (one or more of {CREATE, READ, UPDATE, DELETE})
+ * on the given <i>Resource</i> by one or more <i>Grantor</i>s (granting authority).
+ *
+ * <p>There may be multiple <i>Grantee</i>s that have multiple <i>Allowed Actions</i> they are entitled
+ * to perform on this Group or Element by multiple <i>Grantor</i>s. This means we have an independantly
+ * varying triplet. We take a user-centered approach so this object contains a <code>Set</code> of
+ * {@link GranteeEntitlementEntry}s</p>
+ */
+public class UserEntitlementInfo implements Serializable {
+
+ // Invariants
+ private String VDBName;
+ private String VDBVersion;
+ private String groupName;
+ private String eleName;
+
+ // There may be multiple Grantees that have multiple Allowed Actions
+ // entitled to this Group or Element by multiple Grantors.
+ // We have an independantly varying triplet.
+ // Map this triplet by uppercase name of grantee
+ private Map granteeMap;
+
+ /**
+ * ctor
+ */
+ public UserEntitlementInfo(AuthorizationRealm realm, String groupName, String eleName) {
+ this.VDBName = realm.getSuperRealmName();
+ this.VDBVersion = realm.getSubRealmName();
+ this.groupName = groupName;
+ this.eleName = eleName;
+ }
+
+ /**
+ * Does this represent a group or an element entitlement?
+ * @return <code>true</code> if this object pertains to a group entitlement,
+ * <code>false</code> if it's an element entitlement.
+ */
+ public boolean isGroupEntitlement() {
+ return eleName == null;
+ }
+
+ /**
+ * Get the name of the VDB this entitlement falls under.
+ * @return The VDB name.
+ */
+ public String getVDBName() {
+ return this.VDBName;
+ }
+
+ /**
+ * Get the version of the VDB this entitlement falls under.
+ * @return The VDB version.
+ */
+ public String getVDBVersion() {
+ return this.VDBVersion;
+ }
+
+ /**
+ * Get the group (table) of this entitlement.
+ * @return The group name this entitlement pertains to.
+ */
+ public String getGroupName() {
+ return this.groupName;
+ }
+
+ /**
+ * Get the element (column) of this entitlement.
+ * <p><i><b>Note</b></i>: Will be <code>null</code> if this is a group entitlement.
+ * @return The element name this entitlement pertains to.
+ */
+ public String getElementName() {
+ return this.eleName;
+ }
+
+ /**
+ * Get the number of <i>Grantee</i>s in this entitlement.
+ * @return The number of <i>Grantee</i>s this entitlement pertains to.
+ */
+ public int size() {
+ return this.granteeMap.size();
+ }
+
+ /**
+ * Is the given <i>grantee</i> entitled to perform <i><b>any</b></i>
+ * action on the <i>Resource</i> represented by this object?
+ * @param grantee The user (or user group) name of inquery.
+ * @return <code>true</code> if the <i>grantee</i> can perform one or
+ * more actions on this <i>Resource</i>, <code>false</code> if he can
+ * perform none.
+ */
+ public boolean contains(String grantee) {
+ if ( this.granteeMap != null && this.granteeMap.containsKey( grantee.toUpperCase()) ) {
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * Get the collection of <i>Grantee</i> names possessing this entitlement.
+ *
+ * <p>Elements of the collection are of type {@link GranteeEntitlementEntry}
+ * and are sorted.</p>
+ * @return The collection of <i>Grantee</i> names.
+ */
+ public Collection getGrantees() {
+ List granteeList = new ArrayList();
+ if ( this.granteeMap != null && this.granteeMap.size() > 0 ) {
+ Iterator granteeItr = this.granteeMap.keySet().iterator();
+ while ( granteeItr.hasNext() ) {
+ Set granteeEntries = (Set) granteeMap.get(granteeItr.next());
+ granteeList.addAll(granteeEntries);
+ }
+ Collections.sort(granteeList);
+ }
+ return granteeList;
+ }
+
+ /**
+ * Get an iterator over the <i>Grantee</i>s possessing this entitlement.
+ * <br>Note that when iterating over elements, sort order is not guaranteed.</br>
+ *
+ * <p>Elements of the iterator are of type {@link GranteeEntitlementEntry}.</p>
+ * @return The Iterator of <i>Grantee</i>s.
+ */
+ public Iterator iterator() {
+ if ( this.granteeMap == null || this.granteeMap.size() == 0 ) {
+ return Collections.EMPTY_SET.iterator();
+ }
+ return this.getGrantees().iterator();
+ }
+
+ /**
+ * Add a <i>Grantee</i> -> <i>Grantor</i> -> <i>Allowed Actions</i> triplet.
+ * @param grantee A <i>Grantee</i>.
+ * @param grantor A <i>Grantor</i>.
+ * @param allowedActions The <i>Allowed Actions</i> on the resource granted
+ * by the <i>Grantor</i> to the <i>Grantee</i>.
+ */
+ public void addTriplet(MetaMatrixPrincipalName grantee, String grantor, int allowedActions) {
+ GranteeEntitlementEntry anEntry = new GranteeEntitlementEntry(grantee, grantor, allowedActions);
+ this.addTriplet(anEntry);
+ }
+
+ /**
+ * Add a {@link GranteeEntitlementEntry} object.
+ * @param newEntry A new entry.
+ */
+ public void addTriplet(GranteeEntitlementEntry newEntry) {
+ if ( this.granteeMap == null ) {
+ this.granteeMap = new HashMap();
+ }
+
+ String granteeName = newEntry.getGrantee().toUpperCase();
+
+ Set granteeEntries = (Set) this.granteeMap.get(granteeName);
+ if ( granteeEntries == null ) {
+ // This grantee (principal) has not had a an entry
+ // (grantor, actions) added for this resource yet
+ granteeEntries = new HashSet();
+ } else {
+ // This grantee (principal) has at least one entry
+ // (grantor, actions) added for this resource already
+ Iterator granteeEntryItr = granteeEntries.iterator();
+ while ( granteeEntryItr.hasNext() ) {
+ GranteeEntitlementEntry aCurrentEntry = (GranteeEntitlementEntry) granteeEntryItr.next();
+ // Resource and grantee must be the same (or we wouldn't be here) so
+ // only need to check that grantor is the same before adding (unioning)
+ // the actions
+ if ( newEntry.getGrantor().equalsIgnoreCase(aCurrentEntry.getGrantor()) ) {
+ // We need to ultimately return the union of all
+ // allowed actions (CRUD) granted to this grantee,
+ // by this grantor, on this resource
+ granteeEntries.remove(aCurrentEntry);
+ newEntry.addActions(aCurrentEntry.getActions());
+ break;
+ }
+ }
+ }
+ granteeEntries.add(newEntry);
+ this.granteeMap.put(granteeName, granteeEntries);
+ }
+
+ /**
+ * Pretty print this Object to a String.
+ * <ol>
+ * <li value=1>VDB Name, VDB Version</li>
+ * <li>Group Name (fully qualified)</li>
+ * <li>Element Name (fully qualified)</li>
+ * <ul>
+ * <li>Grantee Name; Grantor Name; Allowed Actions (A <code>String[]</code> of one or more of {CREATE, READ, UPDATE, DELETE})</li>
+ * <li> ... </li>
+ * </ul>
+ * </ol>
+ */
+ public String toString() {
+ StringBuffer buf = new StringBuffer();
+ buf.append(this.VDBName + ", "); //$NON-NLS-1$
+ buf.append(this.VDBVersion + "\n"); //$NON-NLS-1$
+ buf.append(this.groupName + "\n"); //$NON-NLS-1$
+ if ( this.eleName != null ) {
+ buf.append(" " + this.eleName + "\n"); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ Iterator granteeItr = this.getGrantees().iterator();
+ while ( granteeItr.hasNext() ) {
+ GranteeEntitlementEntry entry = (GranteeEntitlementEntry) granteeItr.next();
+ buf.append(" " + entry.toString() + "\n"); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+ return buf.toString();
+ }
+}
Property changes on: trunk/engine/src/main/java/com/metamatrix/platform/security/api/UserEntitlementInfo.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthenticationToken.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthenticationToken.java (rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthenticationToken.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,63 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+/*
+ * Date: Feb 11, 2004
+ * Time: 9:33:14 AM
+ */
+package com.metamatrix.platform.security.api.service;
+
+import java.io.Serializable;
+
+/**
+ * Interface AuthenticationToken.
+ *
+ * <p></p>
+ */
+public interface AuthenticationToken extends Serializable {
+
+ /**
+ * Get the payload token that has been successfully authentcated by a
+ * membership domain.
+ * @return The successfully authenticated token unmodified.
+ */
+ Serializable getPayload();
+
+ /**
+ * Get the <b>exact</b> username of the authenticated user as it
+ * is known to the authenticating membership domain.
+ * <br>Will be <code>null</code> if the user was <b>not</b>
+ * authenticated.
+ * @return The username (including case) of this authenticated
+ * user exactly as it is known by the authenticating memebership domain.
+ * @since 5.0
+ */
+ String getUserName();
+
+ /**
+ * Find out whether or not the user was authenticated.
+ * @return <code>true</code> iff the membership domain was able
+ * to authenticate this user.
+ * @since 5.0
+ */
+ boolean isAuthenticated();
+}
Property changes on: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthenticationToken.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthorizationServiceInterface.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthorizationServiceInterface.java (rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthorizationServiceInterface.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,504 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.api.service;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import com.metamatrix.admin.api.exception.security.InvalidSessionException;
+import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException;
+import com.metamatrix.admin.api.objects.AdminOptions;
+import com.metamatrix.api.exception.ComponentNotFoundException;
+import com.metamatrix.api.exception.MetaMatrixComponentException;
+import com.metamatrix.api.exception.security.AuthorizationException;
+import com.metamatrix.api.exception.security.AuthorizationMgmtException;
+import com.metamatrix.api.exception.security.InvalidUserException;
+import com.metamatrix.api.exception.security.MembershipServiceException;
+import com.metamatrix.platform.admin.api.EntitlementMigrationReport;
+import com.metamatrix.platform.admin.api.PermissionDataNode;
+import com.metamatrix.platform.security.api.AuthorizationModel;
+import com.metamatrix.platform.security.api.AuthorizationPermission;
+import com.metamatrix.platform.security.api.AuthorizationPolicy;
+import com.metamatrix.platform.security.api.AuthorizationPolicyID;
+import com.metamatrix.platform.security.api.AuthorizationRealm;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
+import com.metamatrix.platform.security.api.SessionToken;
+
+/**
+ * This interface represents the API to the Authorization Service
+ * and it defines the functionality that is accessible to clients.
+ */
+public interface AuthorizationServiceInterface {
+ public static String NAME = "AuthorizationService";
+
+
+ /**
+ * Return whether the specified account has authorization to access the specified resource.
+ * This method returns false immediately upon encountering the first resource to which
+ * the account does not have access.
+ * @param sessionToken the session token of the principal whose access is being checked
+ * @param contextName the name of the context for the caller (@see AuditContext)
+ * @param request the permission that details the resource and the desired form of access
+ * @return true if the specified principal is granted access to the requested resource,
+ * or false otherwise
+ * @throws InvalidSessionException if the session token for this cache is not valid
+ * @throws AuthorizationMgmtException if this service is unable to locate resources required
+ * for this operation
+ */
+ boolean checkAccess( SessionToken sessionToken, String contextName, AuthorizationPermission request )
+ throws InvalidSessionException, AuthorizationMgmtException;
+
+ /**
+ * Return whether the specified account has authorization to access the specified resource
+ * and all its dependent resources.
+ * This method returns false immediately upon encountering the first resource to which
+ * the account does not have access.
+ * @param sessionToken the session token of the principal whose access is being checked
+ * @param contextName the name of the context for the caller (@see AuditContext)
+ * @param request the permission that details the resource and the desired form of access
+ * @param fetchDependants If <code>true</code>, search authorization store for all dependent
+ * Permissions of the given request. Access is checked for <i>all</i> resources - the given
+ * request and all dependents.
+ * @return true if the specified principal is granted access to the requested resources,
+ * or false otherwise
+ * @throws InvalidSessionException if the session token for this cache is not valid
+ * @throws AuthorizationMgmtException if this service is unable to locate resources required
+ * for this operation
+ */
+ boolean checkAccess( SessionToken sessionToken, String contextName, AuthorizationPermission request, boolean fetchDependants )
+ throws InvalidSessionException, AuthorizationMgmtException;
+
+ /**
+ * Of those resources specified, return the subset for which the specified account does <i>not</i> have authorization
+ * to access.
+ * @param sessionToken the session token of the principal that is calling this method
+ * @param contextName the name of the context for the caller (@see AuditContext)
+ * @param requests the permissions that detail the resources and the desired form of access
+ * @return the subset of <code>requests</code> that the account does <i>not</i> have access to
+ * @throws InvalidSessionException if the session token for this cache is not valid
+ * @throws AuthorizationMgmtException if this service is unable to locate resources required
+ * for this operation
+ */
+ Collection getInaccessibleResources( SessionToken sessionToken, String contextName, Collection requests )
+ throws InvalidSessionException, AuthorizationMgmtException;
+
+ /**
+ * Returns a <code>List</code> of entitlements to the given element pattern in the given realm.
+ * <p>The list contains objects of type {@link com.metamatrix.platform.security.api.UserEntitlementInfo UserEntitlementInfo}
+ * which will contain all user entitlement information for each element found. Each of these objects
+ * will contain 1 or more objects of type {@link com.metamatrix.platform.security.api.GranteeEntitlementEntry GranteeEntitlementEntry}
+ * which contain the <i>Grantee</i>'s name the entitlement <i>Grantor</i> or entity specifying the <i>Grantee</i>
+ * is entitled and the <i>Allowed Actions</i> the <i>Grantee</i> is entitled to perform on the element.</p>
+ * The attributes availible are:
+ * <ol>
+ * <li value=1>VDB Name</li>
+ * <li>VDB Version</li>
+ * <li>Group Name (fully qualified)</li>
+ * <li>Element Name (fully qualified)</li>
+ * <ul>
+ * <li>Grantee Name; Grantor Name; Allowed Actions (A <code>String[]</code> of one or more of {CREATE, READ, UPDATE, DELETE})</li>
+ * <li> ... </li>
+ * </ul>
+ * </ol>
+ * @param realm The realm in which the element must live.
+ * @param groupNames the fully qualified group names - the resources - for which to look up permissions.
+ * Collection of <code>String</code>.
+ * @return The <code>List</code> of entitlements to the given element in the
+ * given realm - May be empty but never null.
+ * @throws AuthorizationMgmtException if this service is unable to locate resources required
+ * for this operation.
+ * @throws ServiceStateException if the Authorization service is not taking requests.
+ */
+ List getGroupEntitlements(AuthorizationRealm realm, Collection groupNames)
+ throws AuthorizationMgmtException;
+
+ /**
+ * Returns a <code>List</code> of entitlements to the given element pattern in the given realm.
+ * <p>The list contains objects of type {@link com.metamatrix.platform.security.api.UserEntitlementInfo UserEntitlementInfo}
+ * which will contain all user entitlement information for each element found. Each of these objects
+ * will contain 1 or more objects of type {@link com.metamatrix.platform.security.api.GranteeEntitlementEntry GranteeEntitlementEntry}
+ * which contain the <i>Grantee</i>'s name the entitlement <i>Grantor</i> or entity specifying the <i>Grantee</i>
+ * is entitled and the <i>Allowed Actions</i> the <i>Grantee</i> is entitled to perform on the element.</p>
+ * The attributes availible are:
+ * <ol>
+ * <li value=1>VDB Name</li>
+ * <li>VDB Version</li>
+ * <li>Group Name (fully qualified)</li>
+ * <li>Element Name (fully qualified)</li>
+ * <ul>
+ * <li>Grantee Name; Grantor Name; Allowed Actions (A <code>String[]</code> of one or more of {CREATE, READ, UPDATE, DELETE})</li>
+ * <li> ... </li>
+ * </ul>
+ * </ol>
+ * @param realm The realm in which the element must live.
+ * @param fullyQualifiedGroupName The resource for which to look up permissions.
+ * @return The <code>List</code> of entitlements to the given element in the
+ * given realm - May be empty but never null.
+ * @throws AuthorizationMgmtException if this service is unable to locate resources required
+ * for this operation.
+ */
+ List getGroupEntitlements(AuthorizationRealm realm, String fullyQualifiedGroupName)
+ throws AuthorizationMgmtException;
+
+ /**
+ * Returns a <code>List</code> of entitlements to the given element pattern in the given realm.
+ * <p>The list contains objects of type {@link com.metamatrix.platform.security.api.UserEntitlementInfo UserEntitlementInfo}
+ * which will contain all user entitlement information for each element found. Each of these objects
+ * will contain 1 or more objects of type {@link com.metamatrix.platform.security.api.GranteeEntitlementEntry GranteeEntitlementEntry}
+ * which contain the <i>Grantee</i>'s name the entitlement <i>Grantor</i> or entity specifying the <i>Grantee</i>
+ * is entitled and the <i>Allowed Actions</i> the <i>Grantee</i> is entitled to perform on the element.</p>
+ * The attributes availible are:
+ * <ol>
+ * <li value=1>VDB Name</li>
+ * <li>VDB Version</li>
+ * <li>Group Name (fully qualified)</li>
+ * <li>Element Name (fully qualified)</li>
+ * <ul>
+ * <li>Grantee Name; Grantor Name; Allowed Actions (A <code>String[]</code> of one or more of {CREATE, READ, UPDATE, DELETE})</li>
+ * <li> ... </li>
+ * </ul>
+ * </ol>
+ * @param realm The realm in which the element must live.
+ * @param elementNames The fully qualified element resource for which to look up permissions. Collection of <code>String</code>.
+ * @return The <code>List</code> of entitlements to the given element in the
+ * given realm - May be empty but never null.
+ * @throws AuthorizationMgmtException if this service is unable to locate resources required
+ * for this operation.
+ */
+ List getElementEntitlements(AuthorizationRealm realm, Collection elementNames)
+ throws AuthorizationMgmtException;
+
+ /**
+ * Returns a <code>List</code> of entitlements to the given element pattern in the given realm.
+ * <p>The list contains objects of type {@link com.metamatrix.platform.security.api.UserEntitlementInfo UserEntitlementInfo}
+ * which will contain all user entitlement information for each element found. Each of these objects
+ * will contain 1 or more objects of type {@link com.metamatrix.platform.security.api.GranteeEntitlementEntry GranteeEntitlementEntry}
+ * which contain the <i>Grantee</i>'s name the entitlement <i>Grantor</i> or entity specifying the <i>Grantee</i>
+ * is entitled and the <i>Allowed Actions</i> the <i>Grantee</i> is entitled to perform on the element.</p>
+ * The attributes availible are:
+ * <ol>
+ * <li value=1>VDB Name</li>
+ * <li>VDB Version</li>
+ * <li>Group Name (fully qualified)</li>
+ * <li>Element Name (fully qualified)</li>
+ * <ul>
+ * <li>Grantee Name; Grantor Name; Allowed Actions (A <code>String[]</code> of one or more of {CREATE, READ, UPDATE, DELETE})</li>
+ * <li> ... </li>
+ * </ul>
+ * </ol>
+ * @param realm The realm in which the element must live.
+ * @param elementName The fully qualified element resource for which to look up permissions.
+ * @return The <code>List</code> of entitlements to the given element in the
+ * given realm - May be empty but never null.
+ * @throws AuthorizationMgmtException if this service is unable to locate resources required
+ * for this operation.
+ */
+ List getElementEntitlements(AuthorizationRealm realm, String elementName)
+ throws AuthorizationMgmtException;
+
+////////////////////////////////////////////////////////////////////////////////
+// Admin methods
+////////////////////////////////////////////////////////////////////////////////
+ /**
+ * Obtain the names of all of the realms known to the system.
+ * @param caller the session token of the principal that is attempting to access the realms.
+ * @return the set of realm names
+ * @throws InvalidSessionException if the <code>SessionToken</code> is not valid or is expired
+ * @throws AuthorizationException if the caller is unable to perform this operation
+ * @throws AuthorizationMgmtException if this service has trouble connecting to services it uses.
+ */
+ Collection getRealmNames(SessionToken caller)
+ throws InvalidSessionException, AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Return whether there is an existing policy with the specified ID.
+ * @param caller the session token of the principal that is attempting to access the policies.
+ * @param id the ID that is to be checked
+ * @return true if a policy with the specified ID exists
+ * @throws InvalidSessionException if the <code>SessionToken</code> is not valid or is expired
+ * @throws AuthorizationException if the caller is unable to perform this operation
+ * @throws AuthorizationMgmtException if this service has trouble connecting to services it uses.
+ * @see AuthorizationDomain.containsPolicy
+ */
+ boolean containsPolicy(SessionToken caller, AuthorizationPolicyID id )
+ throws InvalidSessionException, AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Locate the IDs of all of the policies that are accessible by the caller.
+ * @param caller the session token of the principal that is attempting to access the policies.
+ * @return the set of all policy IDs
+ * @throws InvalidSessionException if the <code>SessionToken</code> is not valid or is expired
+ * @throws AuthorizationException if the caller is unable to perform this operation
+ * @throws AuthorizationMgmtException if this service has trouble connecting to services it uses.
+ * @see AuthorizationDomain.findAllPolicyIDs
+ */
+ Collection findAllPolicyIDs(SessionToken caller)
+ throws InvalidSessionException, AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Locate the IDs of all of the policies that apply to the specified principal and that are accessible by the caller.
+ * @param caller the session token of the principal that is attempting to access the policies.
+ * @param principals the Set of UserGroupIDs and/or UserAccountIDs to whom the returned policies should apply to
+ * (may not null, empty or invalid, all of which would result in an empty result)
+ * @return the set of all policy IDs; never null but possibly empty
+ * @throws InvalidSessionException if the <code>SessionToken</code> is not valid or is expired
+ * @throws AuthorizationException if the caller is unable to perform this operation
+ * @throws AuthorizationMgmtException if this service has trouble connecting to services it uses.
+ * @see AuthorizationModel.findAllPolicyIDs
+ */
+ Collection findPolicyIDs(SessionToken caller, Collection principals )
+ throws InvalidSessionException, AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Locate the policies that have the specified IDs. Any ID that is invalid is simply
+ * ignored.
+ * @param caller the session token of the principal that is attempting to access the
+ * specified policies
+ * @param policyIDs the policy IDs for which the policies are to be obtained
+ * @return the set of entitlements that correspond to those specified IDs that are valid
+ * @throws InvalidSessionException if the <code>SessionToken</code> is not valid or is expired
+ * @throws AuthorizationException if the caller is unable to perform this operation
+ * @throws AuthorizationMgmtException if this service has trouble connecting to services it uses.
+ * @see AuthorizationDomain.getPolicies
+ */
+ Collection getPolicies(SessionToken caller, Collection policyIDs)
+ throws InvalidSessionException, AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Locate the policy that has the specified ID. Any ID that is invalid is simply
+ * ignored.
+ * @param caller the session token of the principal that is attempting to access the
+ * specified policies
+ * @param policyID the ID of the policy to be obtained
+ * @return the policy that correspond to the specified ID
+ * @throws InvalidSessionException if the <code>SessionToken</code> is not valid or is expired
+ * @throws AuthorizationException if the caller is unable to perform this operation
+ * @throws AuthorizationMgmtException if this service has trouble connecting to services it uses.
+ * @see AuthorizationDomain.getPolicy
+ */
+ AuthorizationPolicy getPolicy(SessionToken caller, AuthorizationPolicyID policyID)
+ throws InvalidSessionException, AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Execute as a single transaction with the specified actions, and return
+ * the set of IDs for the objects that were affected/modified by the action.
+ * @param caller the session token of the principal that is attempting to access the policies.
+ * @param actions the ordered list of actions that are to be performed
+ * on metamodel within the repository.
+ * @return The set of objects that were affected by this transaction.
+ * @throws InvalidSessionException if the <code>SessionToken</code> is not valid or has expired.
+ * @throws AuthorizationException if the caller is unable to perform this operation.
+ * @throws AuthorizationMgmtException if there were errors with the SPI. Causes rollback.
+ * @throws IllegalArgumentException if the action is null.
+ */
+ Set executeTransaction(SessionToken caller, List actions)
+ throws InvalidSessionException, AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Verify that caller is in the specified logical role.
+ * @param caller The session token of the MetaMatrix principle involking an administrative method.
+ * @return true if caller's session token is valid and he is a MetaMatrix administrator.
+ * @throws AuthorizationMgmtException if this service has trouble connecting to services it uses.
+ */
+ boolean isCallerInRole( SessionToken caller, String roleName )
+ throws AuthorizationMgmtException;
+
+ /**
+ * Obtain the names of all of the roles and their descriptions known to the system.
+ * @param caller the session token of the principal that is attempting to access the roles.
+ * @return a Map of role descriptions key by the role's name.
+ * @throws InvalidSessionException if the <code>SessionToken</code> is not valid or is expired
+ * @throws AuthorizationException if the caller is unable to perform this operation
+ * @throws AuthorizationMgmtException if this service has trouble connecting to services it uses.
+ */
+ Map getRoleDescriptions(SessionToken caller)
+ throws InvalidSessionException, AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Returns a collection <code>MetaMatrixPrincipalName</code> objects containing the name
+ * of the principal along with its type which belong to the given role.
+ * {@link com.metamatrix.security.api.MetaMatrixPrincipalName}
+ * @param caller the session token of the principal that is attempting to access the roles.
+ * @param roleName String name of MetaMatrix role for which principals
+ * are sought
+ * @throws InvalidSessionException if the administrative session is invalid
+ * @throws MetaMatrixSecurityException if there is a problem internally with the MembershipService
+ * @throws AuthorizationException if administrator does not have the authority to see the requested information
+ * @throws ComponentNotFoundException if a component required by this method could not be found within the server
+ */
+ Collection getPrincipalsForRole(SessionToken caller, String roleName)
+ throws InvalidSessionException, AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Returns a Collection of String names of MetaMatrix roles to which the
+ * given principal is assigned.
+ * @param caller the session token of the principal that is attempting to access the roles.
+ * @param principal <code>MetaMatrixPrincipalName</code> for which roles are sought
+ * @return The <code>Collection</code> of role names the principal is assigned.
+ * @throws InvalidSessionException if the administrative session is invalid
+ * @throws MetaMatrixSecurityException if there is a problem internally with the MembershipService
+ * @throws AuthorizationException if administrator does not have the authority to see the requested information
+ * @throws ComponentNotFoundException if a component required by this method could not be found within the server
+ */
+ Collection getRoleNamesForPrincipal(SessionToken caller, MetaMatrixPrincipalName principal)
+ throws InvalidSessionException, AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Remove given Principal from <emph>ALL</emph> <code>AuthorizationPolicies</code> to
+ * which he belongs.
+ * @param caller the session token of the principal that is attempting to remove the Principal.
+ * @param principal <code>MetaMatrixPrincipalName</code> which should be deleted.
+ * @return true if at least one policy in which the principal had authorization
+ * was found and deleted, false otherwise.
+ * @throws AuthorizationException if administrator does not have the authority to perform the action.
+ * @throws AuthorizationMgmtException if an error occurs in the Authorization store.
+ */
+ boolean removePrincipalFromAllPolicies(SessionToken caller, MetaMatrixPrincipalName principal)
+ throws AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Returns a <code>Collection</code> of <code>AuthorizationPolicyID</code>s
+ * that have <code>AuthorizationPermission</code>s in the given <code>AuthorizationRealm</code>.<br>
+ * <strong>NOTE:</strong> It is the responsibility of the caller to determine
+ * which of the <code>AuthorizationPolicy</code>'s <code>AuthorizationPermission</code>s
+ * are actually in the given <code>AuthorizationRealm</code>. The <code>AuthorizationPolicy</code>
+ * may span <code>AuthorizationRealm</code>s.
+ * @param caller The session token of the principal that is attempting to retrieve the policies.
+ * @param realm The realm in which to search for <code>AuthorizationPermission</code>s.
+ * @return The collection of <code>AuthorizationPolicyID</code>s that have permissions
+ * in the given realm - possibly empty but never null.
+ * @throws AuthorizationException if administrator does not have the authority to perform the action.
+ * @throws AuthorizationMgmtException if an error occurs in the Authorization store.
+ */
+ Collection getPolicyIDsWithPermissionsInRealm(SessionToken caller, AuthorizationRealm realm)
+ throws AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Returns a <code>Collection</code> of <code>AuthorizationPolicyID</code>s
+ * in the given <code>AuthorizationRealm</code>.
+ * <br>This method will only work for Data Access Authorizations because the realm
+ * is encoded in a Data Access policy name.
+ * <strong>NOTE:</strong> It is the responsibility of the caller to determine
+ * which of the <code>AuthorizationPolicy</code>'s <code>AuthorizationPermission</code>s
+ * are actually in the given <code>AuthorizationRealm</code>. The <code>AuthorizationPolicy</code>
+ * may span <code>AuthorizationRealm</code>s.
+ * @param caller The session token of the principal that is attempting to retrieve the policies.
+ * @param realm The realm in which to search for <code>AuthorizationPermission</code>s.
+ * @return The collection of <code>AuthorizationPolicyID</code>s that have permissions
+ * in the given realm - possibly empty but never null.
+ * @throws AuthorizationException if administrator does not have the authority to perform the action.
+ * @throws AuthorizationMgmtException if an error occurs in the Authorization store.
+ */
+ Collection getPolicyIDsInRealm(SessionToken caller, AuthorizationRealm realm)
+ throws AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Returns a <code>Collection</code> of <code>AuthorizationPolicy</code>s
+ * that have <code>AuthorizationPermission</code>s in the given <code>AuthorizationRealm</code>.<br>
+ * <strong>NOTE:</strong> It is the responsibility of the caller to determine
+ * which of the <code>AuthorizationPolicy</code>'s <code>AuthorizationPermission</code>s
+ * are actually in the given <code>AuthorizationRealm</code>. The <code>AuthorizationPolicy</code>
+ * may span <code>AuthorizationRealm</code>s.
+ * @param caller The session token of the principal that is attempting to retrieve the policies.
+ * @param realm The realm in which to search for <code>AuthorizationPermission</code>s.
+ * @return The collection of <code>AuthorizationPolicy</code>s that have permissions
+ * in the given realm - possibly empty but never null.
+ * @throws AuthorizationException if administrator does not have the authority to perform the action.
+ * @throws AuthorizationMgmtException if an error occurs in the Authorization store.
+ */
+ Collection getPoliciesInRealm(SessionToken caller, AuthorizationRealm realm)
+ throws AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Returns a <code>Collection</code> of <code>AuthorizationPolicyID</code>s
+ * that have <code>AuthorizationPermissions</code> that exist in the given
+ * <emph>partial</emph> <code>AuthorizationRealm</code>.<br>
+ * The implementation is such that all <code>AuthorizationPolicyID</code>s
+ * whose <code>AuthorizationRealm</code> <emph>starts with</emph> the given
+ * <code>AuthorizationRealm</code> are returned.
+ * @param caller The session token of the principal that is attempting to retrieve the policies.
+ * @param realm The <emph>partial</emph> realm in which to search for
+ * <code>AuthorizationPermission</code>s whose realm name <emph>starts with</emph>
+ * the given realm.
+ * @return The collection of <code>AuthorizationPolicyID</code>s that have permissions
+ * in the given partial realm - possibly empty but never null.
+ * @throws AuthorizationException if administrator does not have the authority to perform the action.
+ * @throws AuthorizationMgmtException if an error occurs in the Authorization store.
+ */
+ public Collection getPolicyIDsInPartialRealm(SessionToken caller, AuthorizationRealm realm)
+ throws AuthorizationException, AuthorizationMgmtException;
+
+ /**
+ * Returns a <code>Collection</code> of <code>AuthorizationPolicyID</code>s
+ * that have <code>AuthorizationPermissions</code> on the given resource that
+ * exists in the given <code>AuthorizationRealm</code>.<br>
+ * @param caller The session token of the principal that is attempting to retrieve the policies.
+ * @param realm The realm in which to search for <code>AuthorizationPermission</code>s.
+ * @param resourceName The resource for which to search for <code>AuthorizationPermission</code>s.
+ * @return The collection of <code>AuthorizationPolicyID</code>s that have permissions
+ * on the given resource - possibly empty but never null.
+ * @throws AuthorizationException if administrator does not have the authority to perform the action.
+ * @throws AuthorizationMgmtException if an error occurs in the Authorization store.
+ */
+ Collection getPolicIDsForResourceInRealm(SessionToken caller, AuthorizationRealm realm, String resourceName)
+ throws AuthorizationException, AuthorizationMgmtException;
+
+ public boolean hasPolicy(SessionToken caller, AuthorizationRealm realm, String policyName)
+ throws AuthorizationMgmtException, InvalidUserException, MembershipServiceException;
+
+
+ public void migratePolicies(SessionToken token,
+ EntitlementMigrationReport rpt,
+ String targetVDBName, String targetVDBVersion, Set targetNodes,
+ Collection sourcePolicies, AdminOptions options) throws MetaMatrixComponentException,
+ InvalidSessionException,
+ AuthorizationException,
+ AuthorizationMgmtException;
+
+ /**
+ * Takes a tree of <code>PermissionDataNodeImpl</code>s that have their <code>Resource</code>s
+ * filled in and fills in all permissions on resources that are found in the given
+ * <code>AuthorizationPolicyID</code>.<br></br>
+ * If any permissions are found that have no corresponding data node, a <code>AuthorizationMgmtException</code>
+ * is thrown noting the missing resource name(s).
+ * @param root The node containing the resource (group or element full name)
+ * for which to search for permission(s).
+ * @param realm The realm in which to search.
+ * @param tree The tree of PermissionDataNodes to fill in permissions for.
+ * @return The root of the filled in tree.
+ * If no permissions exist, the original is returned as the sole element in the list.
+ * @throws AuthorizationMgmtException if there is a connection or communication error with the data source,
+ * signifying that the method should be retried with a different connection; if there is an
+ * unspecified or unknown error with the data source; or one or more permissions were found but
+ * a corresponding <code>PermissionDataNodeImpl</code> could not be found.
+ */
+ PermissionDataNode fillPermissionNodeTree(PermissionDataNode root, AuthorizationPolicyID policyID)
+ throws AuthorizationMgmtException;
+}
+
+
+
+
+
Property changes on: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthorizationServiceInterface.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthorizationServicePropertyNames.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthorizationServicePropertyNames.java (rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthorizationServicePropertyNames.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,103 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.api.service;
+
+public class AuthorizationServicePropertyNames {
+
+ /**
+ * The environment property the determines whether data access authorization will
+ * be performed.
+ * <br> This property defaults to "false" - no entitlement checking.</br>
+ */
+ public static final String DATA_ACCESS_AUTHORIZATION_ENABLED = "metamatrix.authorization.dataaccess.CheckingEnabled"; //$NON-NLS-1$
+
+ /**
+ * The environment property the determines whether MetaBase authorization will
+ * be performed.
+ * <br> This property defaults to "false" - no entitlement checking.</br>
+ */
+ public static final String METABASE_AUTHORIZATION_ENABLED = "metamatrix.authorization.metabase.CheckingEnabled"; //$NON-NLS-1$
+
+ /**
+ * The environment property name for the class that is to be used for the ManagedConnectionFactory implementation.
+ * This property is required (there is no default).
+ */
+ public static final String CONNECTION_FACTORY = "security.authorization.connection.Factory"; //$NON-NLS-1$
+
+ /**
+ * The environment property name for the number of times a method should be retried
+ * with a new connection should a connection exception occur.
+ * This property is optional.
+ */
+ public static final String CONNECTION_RETRIES = "security.authorization.connection.Retries"; //$NON-NLS-1$
+
+ /**
+ * The environment property name for the class of the driver.
+ * This property is optional.
+ */
+ public static final String CONNECTION_DRIVER = "security.authorization.connection.Driver"; //$NON-NLS-1$
+
+ /**
+ * The environment property name for the protocol for connecting to the authorization store.
+ * This property is optional.
+ */
+ public static final String CONNECTION_PROTOCOL = "security.authorization.connection.Protocol"; //$NON-NLS-1$
+
+ /**
+ * The environment property name for the name of the authorization store database.
+ * This property is optional.
+ */
+ public static final String CONNECTION_DATABASE = "security.authorization.connection.Database"; //$NON-NLS-1$
+
+ /**
+ * The environment property name for the username that is to be used for connecting to the authorization store.
+ * This property is optional.
+ */
+ public static final String CONNECTION_PRINCIPAL = "security.authorization.connection.Principal"; //$NON-NLS-1$
+
+ /**
+ * The environment property name for the password that is to be used for connecting to the authorization store.
+ * This property is optional.
+ */
+ public static final String CONNECTION_PASSWORD = "security.authorization.connection.Password"; //$NON-NLS-1$
+
+ /**
+ * The environment property name for the maximum number of milliseconds that a authorization connection
+ * may remain unused before it becomes a candidate for garbage collection.
+ * This property is optional.
+ */
+ public static final String CONNECTION_POOL_MAXIMUM_AGE = "security.authorization.connection.MaximumAge"; //$NON-NLS-1$
+
+ /**
+ * The environment property name for the maximum number of concurrent users of a single authorization connection.
+ * This property is optional.
+ */
+ public static final String CONNECTION_POOL_MAXIMUM_CONCURRENT_USERS = "security.authorization.connection.MaximumConcurrentReaders"; //$NON-NLS-1$
+
+ /**
+ * The default authorization factory class when no class is specified.
+ */
+ public static final String DEFAULT_FACTORY_CLASS="com.metamatrix.platform.security.authorization.spi.jdbc.JDBCAuthorizationTransactionFactory";
+
+}
+
Property changes on: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/AuthorizationServicePropertyNames.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/FailedAuthenticationToken.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/FailedAuthenticationToken.java (rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/FailedAuthenticationToken.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,81 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+/*
+ * Date: Dec 1, 2003
+ * Time: 1:26:57 PM
+ */
+package com.metamatrix.platform.security.api.service;
+
+import java.io.Serializable;
+
+/**
+ * FailedAuthenticationToken
+ *
+ * <p>Marker indicating failed authentication attempt. Membership SPI
+ * domain implementations should wrap the <code>Serializable</code> payload
+ * in an instance of this class to signify to the Membgership service that
+ * the domian failed to authenticate the given payload token.</p>
+ *
+ * <p>This wrapper class will not be exposed outside of the Mebership framework.</p>
+ */
+public final class FailedAuthenticationToken implements AuthenticationToken {
+
+ /**
+ * FailedAuthenticationToken
+ *
+ * @param payload The failed authentication token - may be null.
+ */
+ public FailedAuthenticationToken() {
+ }
+
+ /**
+ * Get the payload token that failed to authentcation by a
+ * membership domain.
+ *
+ * @return The failed authentication token unmodified - may be null.
+ */
+ public Serializable getPayload() {
+ return null;
+ }
+
+ /**
+ * Get the <b>exact</b> username of the authenticated user as it
+ * is known to the authenticating membership domain.
+ * <p><b>Will be <code>null</code> if the user was <b>not</b>
+ * authenticated. </b></p>
+ * @return The username (including case) of this authenticated
+ * user exactly as it is known by the authenticating memebership domain.
+ * @since 5.0
+ */
+ public String getUserName() {
+ return null;
+ }
+
+ /**
+ * The attempt to authenticate the given payload failed.
+ * @return <code>false</code> - always.
+ */
+ public boolean isAuthenticated() {
+ return false;
+ }
+}
Property changes on: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/FailedAuthenticationToken.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/MembershipServiceInterface.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/MembershipServiceInterface.java (rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/MembershipServiceInterface.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,120 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.api.service;
+
+import java.io.Serializable;
+import java.util.List;
+import java.util.Set;
+
+import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException;
+import com.metamatrix.api.exception.security.InvalidPrincipalException;
+import com.metamatrix.api.exception.security.MembershipServiceException;
+import com.metamatrix.common.application.ApplicationService;
+import com.metamatrix.common.config.ResourceNames;
+import com.metamatrix.common.config.util.ConfigurationPropertyNames;
+import com.metamatrix.core.CoreConstants;
+import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipal;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
+
+/**
+ * This interface represents the API to the MemberShip Service,
+ * and it defines the functionality that is accessible to clients.
+ */
+public interface MembershipServiceInterface extends ApplicationService {
+ public static String NAME = ResourceNames.MEMBERSHIP_SERVICE;
+
+ /**
+ * The environment property describing both the domain names and their required
+ * order of search. Domain names are assumed to be in preferred search order
+ * and in the form "A,X,...,D" where A, X and D are domain names.
+ * This property is required (there is no default).
+ */
+ public static final String DOMAIN_ORDER = ConfigurationPropertyNames.MEMBERSHIP_DOMAIN_ORDER;
+ /**
+ * The environment property name for the class that is to be used for the names of the domains.
+ * This property is required (there is no default).
+ */
+ public static final String DOMAIN_NAME = "domainName"; //$NON-NLS-1$
+
+ public static final String DEFAULT_ADMIN_USERNAME = "metamatrixadmin"; //$NON-NLS-1$
+ public static final String DEFAULT_WSDL_USERNAME = CoreConstants.DEFAULT_ANON_USERNAME;
+
+ public static final String ADMIN_PASSWORD = ConfigurationPropertyNames.MEMBERSHIP_ADMIN_PASSWORD;
+ public static final String ADMIN_USERNAME = ConfigurationPropertyNames.MEMBERSHIP_ADMIN_USERNAME;
+ public static final String DOMAIN_ACTIVE = "activate"; //$NON-NLS-1$
+ public static final String ADMIN_HOSTS = "metamatrix.security.admin.allowedHosts"; //$NON-NLS-1$
+ public static final String SECURITY_ENABLED = ConfigurationPropertyNames.MEMBERSHIP_SECURITY_ENABLED;
+
+ public static final String DOMAIN_PROPERTIES = "propertiesFile"; //$NON-NLS-1$
+
+ public static final String AT = "@"; //$NON-NLS-1$
+
+ /**
+ * Authenticate a user with the specified username and credential
+ * for use with the specified application. The application name may also
+ * be used by the Membership Service to determine the appropriate authentication
+ * mechanism.
+ * @param username the username that is to be authenticated
+ * @param credential the credential provided by the user that is to be used
+ * to authenticate the user for the principal name
+ * @param trustePayload
+ * @param applicationName the name of the application for which the user
+ * is authenticating
+ * @return true if the specified credentials properly authenticates for
+ * the application the user with the specified username and application
+ * @throws MetaMatrixSecurityException if there is an error within this
+ * service or during communicating with the underlying service provider
+ */
+ AuthenticationToken authenticateUser(String username, Credentials credential, Serializable trustePayload, String applicationName)
+ throws MembershipServiceException;
+
+ /**
+ * Obtain the principal object that is representative of the user with the specified username.
+ *
+ * all names should be domain qualified.
+ */
+ MetaMatrixPrincipal getPrincipal(MetaMatrixPrincipalName principal)
+ throws MembershipServiceException, InvalidPrincipalException;
+
+ /**
+ * Obtain the collection of groups to which this user belongs
+ *
+ * The username should be fully qualified
+ */
+ Set<String> getGroupsForUser(String username)
+ throws MembershipServiceException, InvalidPrincipalException;
+
+ /**
+ * Obtain the collection of group names.
+ */
+ Set<String> getGroupNames() throws MembershipServiceException;
+
+ List<String> getDomainNames() throws MembershipServiceException;
+
+ Set<String> getGroupsForDomain(String domainName) throws MembershipServiceException;
+
+ boolean isSuperUser(String username) throws MembershipServiceException;
+
+ boolean isSecurityEnabled() throws MembershipServiceException;
+}
Property changes on: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/MembershipServiceInterface.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SessionServiceInterface.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SessionServiceInterface.java (rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SessionServiceInterface.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,149 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.platform.security.api.service;
+
+import java.io.Serializable;
+import java.util.Collection;
+import java.util.Properties;
+
+import com.metamatrix.admin.api.exception.security.InvalidSessionException;
+import com.metamatrix.api.exception.security.AuthorizationException;
+import com.metamatrix.api.exception.security.MetaMatrixAuthenticationException;
+import com.metamatrix.api.exception.security.SessionServiceException;
+import com.metamatrix.common.application.ApplicationService;
+import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipal;
+import com.metamatrix.platform.security.api.MetaMatrixSessionID;
+import com.metamatrix.platform.security.api.MetaMatrixSessionInfo;
+
+/**
+ * <p>
+ * The session service deals with managing sessions; this involves creating
+ * sessions, closing sessions, terminating sessions, and updating session
+ * state.
+ * </p>
+ * <p>
+ * A session has a timestamp, information about the principal owning the
+ * session, and a "state" indicating whether it is actively in use, in use
+ * but passivated, or has been rendered invalid by being closed or terminated,
+ * or by expiring.
+ * </p>
+ * <p>
+ * Note that this service does <i>not</i> deal with authentication explicitly,
+ * but may use a membership service provider to authenticate some
+ * requests.
+ * </p>
+ */
+public interface SessionServiceInterface extends ApplicationService {
+ public static String NAME = "SessionService"; //$NON-NLS-1$
+
+ /**
+ * Create a session for the given user authenticating against the given <code>Credentials</code>.
+ */
+ public MetaMatrixSessionInfo createSession(String userName,
+ Credentials credentials,
+ Serializable trustedToken,
+ String applicationName,
+ Properties properties)
+ throws MetaMatrixAuthenticationException, SessionServiceException;
+
+ /**
+ * Closes the specified session.
+ *
+ * @param sessionID The MetaMatrixSessionID identifying user's session
+ * to be closed
+ * @throws InvalidSessionException If sessionID identifies an invalid
+ * session
+ * @throws SessionServiceException
+ */
+ void closeSession(MetaMatrixSessionID sessionID)
+ throws InvalidSessionException, SessionServiceException;
+
+ /**
+ * Terminates the specified session. This is an administrative action.
+ *
+ * @param terminatedSessionID The MetaMatrixSessionID identifying user's session
+ * to be terminated
+ * @param adminSessionID The session id identifying session of administrator
+ * @throws InvalidSessionException If terminatedSessionID identifies an invalid
+ * session
+ * @throws AuthorizationException if the caller denoted by <code>adminSessionID</code>
+ * does not have authority to terminate the <code>terminatedSessionID</code> session
+ * @throws SessionServiceException
+ */
+ boolean terminateSession(MetaMatrixSessionID terminatedSessionID, MetaMatrixSessionID adminSessionID)
+ throws InvalidSessionException, AuthorizationException, SessionServiceException;
+
+ /**
+ * Get the collection of active user sessions on the system.
+ * @return The collection of MetaMatrixSessionInfo objects of active users on
+ * the system - possibly empty, never null.
+ */
+ Collection getActiveSessions() throws SessionServiceException;
+
+ /**
+ * Get the number of active user sessions on the system.
+ * @return int
+ */
+ int getActiveSessionsCount() throws SessionServiceException;
+
+ /**
+ * Returns a MetaMatrixPrincipal object describing the owner (user) of the
+ * indicated session.
+ * @param sessionID MetaMatrixSessionID representing the session
+ * @return MetaMatrixPrincipal object describing the owner of the
+ * indicated session.
+ */
+ MetaMatrixPrincipal getPrincipal(MetaMatrixSessionID sessionID)
+ throws InvalidSessionException, SessionServiceException;
+
+ /**
+ * This method is intended to verify that the session is valid, and, if
+ * need be, set the session in an active state, ready to be used.
+ * @param sessionID MetaMatrixSessionID representing the session
+ * @return SessionToken object identifying the session
+ * @throws InvalidSessionException If sessionID identifies an invalid
+ * session
+ * @throws SessionServiceException
+ */
+ MetaMatrixSessionInfo validateSession(MetaMatrixSessionID sessionID)
+ throws InvalidSessionException, SessionServiceException;
+
+ /**
+ * Get all <code>MetaMatrixSessionID</code>s that are in the ACTIVE state
+ * and currently logged in to a VDB.
+ * @param VDBName The name of the VDB.
+ * @param VDBVersion The version of the VDB.
+ * @throws SessionServiceException when transaction with database fails or unexpected exception happens
+ */
+ Collection getSessionsLoggedInToVDB(String VDBName, String VDBVersion)
+ throws SessionServiceException;
+
+ /**
+ * Periodically called by the client to indicate the client is still alive.
+ *
+ * @param sessionID - identifies the client
+ */
+ public void pingServer(MetaMatrixSessionID sessionID) throws InvalidSessionException;
+
+}
Property changes on: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SessionServiceInterface.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SuccessfulAuthenticationToken.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SuccessfulAuthenticationToken.java (rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SuccessfulAuthenticationToken.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,116 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+/*
+ * Date: Dec 1, 2003
+ * Time: 1:26:57 PM
+ */
+package com.metamatrix.platform.security.api.service;
+
+import java.io.Serializable;
+
+import com.metamatrix.platform.security.api.SecurityMessagesKeys;
+import com.metamatrix.platform.security.api.SecurityPlugin;
+
+/**
+ * SuccessfulAuthenticationToken.
+ *
+ * <p>Marker indicating successful authentication attempt. Membership SPI
+ * domain implementations should wrap the <code>Serializable</code> payload
+ * in an instance of this class to signify to the Membgership service that
+ * the domian successfully authenticated the given payload token.</p>
+ *
+ * <p>As well as providing a holder for the <code>Serializable</code> payload,
+ * which may have been augmented or replaced by the authenticating membership
+ * domain, this class provides a holder for the user name of the authenticated
+ * user that may be used in the MetaMatrix system for such things as session
+ * tracking and authorization policies.</p>
+ *
+ * <p>This wrapper class will not be exposed outside of the Membership framework.</p>
+ */
+public final class SuccessfulAuthenticationToken implements AuthenticationToken {
+ private Serializable payload;
+ private String username;
+ private String domainName;
+
+ /**
+ * SuccessfulAuthenticationToken
+ *
+ * <p>Indicate that successful user authentication has occurred.</p>
+ *
+ * <p>MetaMatrix must know the user name of every user connected to the system.
+ * In particular, when MetaMatrix authorization policies (entitlements) are
+ * created, the users and groups that are assigned to these policies come from
+ * the membership domain.</p>
+ *
+ * @param payload The successfully authenticated token. May be <code>null</code>.
+ * @param username The username of the <i>authenticated</i> user
+ * exactly as it is known by the authenticating membership domain. May <b>not</b>
+ * be <code>null</code>.
+ */
+ public SuccessfulAuthenticationToken(final Serializable payload, final String username) {
+ if (username == null || username.trim().length() == 0) {
+ throw new IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0061));
+ }
+ this.payload = payload;
+ this.username = username;
+ }
+
+ /**
+ * Get the payload token that has been successfully authenticated by a
+ * membership domain.
+ * @return The successfully authenticated token unmodified.
+ */
+ public Serializable getPayload() {
+ return payload;
+ }
+
+ /**
+ * Get the <b>exact</b> username of the authenticated user as it
+ * is known to the authenticating membership domain.
+ * <p><b>Will be <code>null</code> if the user was <b>not</b>
+ * authenticated. </b></p>
+ * @return The username (including case) of this authenticated
+ * user exactly as it is known by the authenticating membership domain.
+ * @since 5.0
+ */
+ public String getUserName() {
+ return username;
+ }
+
+ /**
+ * The attempt to authenticate the given payload was successful.
+ *
+ * @return <code>true</code> - always.
+ */
+ public boolean isAuthenticated() {
+ return true;
+ }
+
+ public String getDomainName() {
+ return domainName;
+ }
+
+ public void setDomainName(String domainName) {
+ this.domainName = domainName;
+ }
+}
Property changes on: trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SuccessfulAuthenticationToken.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/engine/src/main/java/com/metamatrix/server/util/ServerAuditContexts.java
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/server/util/ServerAuditContexts.java (rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/server/util/ServerAuditContexts.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -0,0 +1,32 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.server.util;
+
+public interface ServerAuditContexts {
+ // Contexts
+ public static final String CTX_QUERY = "QUERY"; //$NON-NLS-1$
+ public static final String CTX_INSERT = "INSERT"; //$NON-NLS-1$
+ public static final String CTX_UPDATE = "UPDATE"; //$NON-NLS-1$
+ public static final String CTX_DELETE = "DELETE"; //$NON-NLS-1$
+ public static final String CTX_PROCEDURE = "STORED_PROCEDURE"; //$NON-NLS-1$
+}
Property changes on: trunk/engine/src/main/java/com/metamatrix/server/util/ServerAuditContexts.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/validator/AuthorizationValidationVisitor.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/validator/AuthorizationValidationVisitor.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/validator/AuthorizationValidationVisitor.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -42,7 +42,6 @@
import com.metamatrix.query.function.FunctionLibrary;
import com.metamatrix.query.metadata.TempMetadataID;
import com.metamatrix.query.resolver.util.ResolverUtil;
-import com.metamatrix.query.resolver.util.ResolverUtil.ResolvedLookup;
import com.metamatrix.query.sql.lang.Delete;
import com.metamatrix.query.sql.lang.Insert;
import com.metamatrix.query.sql.lang.Into;
Modified: trunk/engine/src/test/java/com/metamatrix/dqp/service/FakeVDBService.java
===================================================================
--- trunk/engine/src/test/java/com/metamatrix/dqp/service/FakeVDBService.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/engine/src/test/java/com/metamatrix/dqp/service/FakeVDBService.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -36,6 +36,7 @@
import com.metamatrix.common.application.exception.ApplicationInitializationException;
import com.metamatrix.common.application.exception.ApplicationLifecycleException;
import com.metamatrix.common.vdb.api.ModelInfo;
+import com.metamatrix.common.vdb.api.VDBArchive;
/**
*/
@@ -290,5 +291,16 @@
public List getAvailableVDBs() throws MetaMatrixComponentException {
return null;
}
+
+ @Override
+ public String getActiveVDBVersion(String vdbName, String vdbVersion) {
+ throw new UnsupportedOperationException();
+ }
+
+ @Override
+ public VDBArchive getVDB(String vdbName, String vdbVersion)
+ throws MetaMatrixComponentException {
+ throw new UnsupportedOperationException();
+ }
}
Modified: trunk/metadata/src/main/java/com/metamatrix/dqp/service/metadata/IndexMetadataService.java
===================================================================
--- trunk/metadata/src/main/java/com/metamatrix/dqp/service/metadata/IndexMetadataService.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/metadata/src/main/java/com/metamatrix/dqp/service/metadata/IndexMetadataService.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -22,6 +22,7 @@
package com.metamatrix.dqp.service.metadata;
+import java.io.IOException;
import java.util.Properties;
import com.google.inject.Inject;
@@ -118,7 +119,11 @@
QueryMetadataInterface qmi = this.metadataCache.lookupMetadata(vdbName, vdbVersion);
if(qmi == null) {
LogManager.logTrace(LogConstants.CTX_DQP, new Object[] {"IndexMetadataService cache miss for VDB", vdbName, vdbVersion}); //$NON-NLS-1$
- return this.metadataCache.lookupMetadata(vdbName, vdbVersion, this.vdbService.getVDBResource(vdbName, vdbVersion));
+ try {
+ return this.metadataCache.lookupMetadata(vdbName, vdbVersion, this.vdbService.getVDB(vdbName, vdbVersion).getInputStream());
+ } catch (IOException e) {
+ throw new MetaMatrixComponentException(e);
+ }
}
return qmi;
}
Modified: trunk/metadata/src/test/java/com/metamatrix/connector/metadata/index/FakeVDBService.java
===================================================================
--- trunk/metadata/src/test/java/com/metamatrix/connector/metadata/index/FakeVDBService.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/metadata/src/test/java/com/metamatrix/connector/metadata/index/FakeVDBService.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -33,6 +33,7 @@
import com.metamatrix.common.application.exception.ApplicationInitializationException;
import com.metamatrix.common.application.exception.ApplicationLifecycleException;
import com.metamatrix.common.vdb.api.ModelInfo;
+import com.metamatrix.common.vdb.api.VDBArchive;
import com.metamatrix.dqp.service.VDBService;
@@ -155,5 +156,16 @@
*/
public void stop() throws ApplicationLifecycleException {
}
+
+ @Override
+ public String getActiveVDBVersion(String vdbName, String vdbVersion) {
+ throw new UnsupportedOperationException();
+ }
+
+ @Override
+ public VDBArchive getVDB(String vdbName, String vdbVersion)
+ throws MetaMatrixComponentException {
+ throw new UnsupportedOperationException();
+ }
}
Modified: trunk/metadata/src/test/java/com/metamatrix/dqp/service/metadata/TestIndexMetadataService.java
===================================================================
--- trunk/metadata/src/test/java/com/metamatrix/dqp/service/metadata/TestIndexMetadataService.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/metadata/src/test/java/com/metamatrix/dqp/service/metadata/TestIndexMetadataService.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -33,6 +33,7 @@
import org.mockito.Mockito;
import com.metamatrix.common.application.ApplicationEnvironment;
+import com.metamatrix.common.vdb.api.VDBArchive;
import com.metamatrix.core.util.UnitTestUtil;
import com.metamatrix.dqp.service.DQPServiceNames;
import com.metamatrix.dqp.service.VDBService;
@@ -55,7 +56,7 @@
IndexMetadataService metadataService = new IndexMetadataService(sharedCache);
ApplicationEnvironment env = new ApplicationEnvironment();
VDBService vdbService = Mockito.mock(VDBService.class);
- Mockito.stub(vdbService.getVDBResource("PartsSupplier", "1")).toReturn(new FileInputStream(filePath)); //$NON-NLS-1$ //$NON-NLS-2$
+ Mockito.stub(vdbService.getVDB("PartsSupplier", "1")).toReturn(new VDBArchive(new FileInputStream(filePath))); //$NON-NLS-1$ //$NON-NLS-2$
env.bindService(DQPServiceNames.VDB_SERVICE, vdbService);
metadataService.start(env);
metadata = metadataService.lookupMetadata("PartsSupplier", "1"); //$NON-NLS-1$ //$NON-NLS-2$
Modified: trunk/server/src/main/java/com/metamatrix/server/dqp/service/PlatformVDBService.java
===================================================================
--- trunk/server/src/main/java/com/metamatrix/server/dqp/service/PlatformVDBService.java 2009-06-18 15:00:43 UTC (rev 1066)
+++ trunk/server/src/main/java/com/metamatrix/server/dqp/service/PlatformVDBService.java 2009-06-18 16:08:34 UTC (rev 1067)
@@ -46,6 +46,7 @@
import com.metamatrix.common.util.LogCommonConstants;
import com.metamatrix.common.vdb.api.ModelInfo;
import com.metamatrix.common.vdb.api.SystemVdbUtility;
+import com.metamatrix.common.vdb.api.VDBArchive;
import com.metamatrix.core.event.EventObjectListener;
import com.metamatrix.core.util.StringUtil;
import com.metamatrix.dqp.service.VDBService;
@@ -338,4 +339,16 @@
throw new UnsupportedOperationException();
}
+ @Override
+ public String getActiveVDBVersion(String vdbName, String vdbVersion)
+ throws MetaMatrixComponentException, VirtualDatabaseException {
+ throw new UnsupportedOperationException();
+ }
+
+ @Override
+ public VDBArchive getVDB(String vdbName, String vdbVersion)
+ throws MetaMatrixComponentException {
+ throw new UnsupportedOperationException();
+ }
+
}
More information about the teiid-commits
mailing list