JBoss Identity SVN: r791 - in identity-federation/trunk: assembly and 27 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-14 18:52:59 -0400 (Mon, 14 Sep 2009)
New Revision: 791
Modified:
identity-federation/trunk/assembly/pom.xml
identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml
identity-federation/trunk/jboss-identity-bindings/pom.xml
identity-federation/trunk/jboss-identity-fed-api/pom.xml
identity-federation/trunk/jboss-identity-fed-core/pom.xml
identity-federation/trunk/jboss-identity-fed-model/pom.xml
identity-federation/trunk/jboss-identity-seam/pom.xml
identity-federation/trunk/jboss-identity-web/pom.xml
identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml
identity-federation/trunk/jboss-identity-webapps/employee/pom.xml
identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml
identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml
identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml
identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml
identity-federation/trunk/jboss-identity-webapps/idp/pom.xml
identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml
identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml
identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml
identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml
identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml
identity-federation/trunk/jboss-identity-webapps/pom.xml
identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml
identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml
identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml
identity-federation/trunk/jboss-identity-webapps/sales/pom.xml
identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml
identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml
identity-federation/trunk/parent/pom.xml
identity-federation/trunk/pom.xml
Log:
[maven-release-plugin] prepare release 1.0.0.beta2
Modified: identity-federation/trunk/assembly/pom.xml
===================================================================
--- identity-federation/trunk/assembly/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/assembly/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: identity-federation/trunk/jboss-identity-bindings/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-bindings/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-bindings-jboss/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: identity-federation/trunk/jboss-identity-fed-api/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-fed-api/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: identity-federation/trunk/jboss-identity-fed-core/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-fed-core/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: identity-federation/trunk/jboss-identity-fed-model/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-fed-model/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-fed-model/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: identity-federation/trunk/jboss-identity-seam/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-seam/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-seam/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -3,7 +3,7 @@
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent
</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: identity-federation/trunk/jboss-identity-web/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-web/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-web/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/circleoftrust/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,13 +2,13 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>circleoftrust</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<packaging>war</packaging>
<name>JBoss Identity Federation Circle Of Trust</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
Modified: identity-federation/trunk/jboss-identity-webapps/employee/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/employee/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/employee/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/fed-example/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -3,7 +3,7 @@
<parent>
<artifactId>jboss-identity-federation-webapps</artifactId>
<groupId>org.jboss.identity</groupId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
</parent>
<groupId>org.jboss.identity</groupId>
<artifactId>fed-example</artifactId>
Modified: identity-federation/trunk/jboss-identity-webapps/idp/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/idp/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/idp/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/idp-sig/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/idp-sig-no-val/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/idp-standalone/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/jboss-sts/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/metadata/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/openid-consumer/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/openid-provider/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/pdp/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: identity-federation/trunk/jboss-identity-webapps/sales/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/sales/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/sales-post-sig/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/sales-sig/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/sales-standalone/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
Modified: identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-webapps/seam-sp/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-federation-webapps</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -14,19 +14,19 @@
<dependency>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-model</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-api</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-bindings</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<scope>provided</scope>
</dependency>
</dependencies>
Modified: identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml
===================================================================
--- identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/jboss-identity-xmlsec-model/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>../parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: identity-federation/trunk/parent/pom.xml
===================================================================
--- identity-federation/trunk/parent/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/parent/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -8,7 +8,7 @@
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
<packaging>pom</packaging>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<name>JBoss Identity Federation- Parent</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
<description>JBoss Identity is a cross-cutting project that handles identity needs for the JEMS projects</description>
@@ -23,8 +23,8 @@
<url>http://www.jboss.org</url>
</organization>
<scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identity-federation/...</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/identity-federation/tag...</developerConnection>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossidentity/identity-federation/...</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossidentity/identity-federation/tag...</developerConnection>
</scm>
<build>
Modified: identity-federation/trunk/pom.xml
===================================================================
--- identity-federation/trunk/pom.xml 2009-09-14 22:48:59 UTC (rev 790)
+++ identity-federation/trunk/pom.xml 2009-09-14 22:52:59 UTC (rev 791)
@@ -2,7 +2,7 @@
<parent>
<groupId>org.jboss.identity</groupId>
<artifactId>jboss-identity-fed-parent</artifactId>
- <version>1.0.0.beta1-SNAPSHOT</version>
+ <version>1.0.0.beta2</version>
<relativePath>parent</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
14 years, 7 months
JBoss Identity SVN: r790 - in identity-federation/trunk: jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util and 2 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-14 18:48:59 -0400 (Mon, 14 Sep 2009)
New Revision: 790
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
Log:
JBID-152: x500 attrib support
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-09-14 20:32:37 UTC (rev 789)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-09-14 22:48:59 UTC (rev 790)
@@ -33,6 +33,7 @@
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.core.saml.v2.common.StatementLocal;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException;
import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil;
@@ -112,6 +113,9 @@
String userName = nameID.getValue();
List<String> roles = new ArrayList<String>();
+ //Set it on a thread local for JBID integrators
+ StatementLocal.statements.set(assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement());
+
//Let us get the roles
AttributeStatementType attributeStatement = (AttributeStatementType) assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().get(0);
List<Object> attList = attributeStatement.getAttributeOrEncryptedAttribute();
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java 2009-09-14 20:32:37 UTC (rev 789)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java 2009-09-14 22:48:59 UTC (rev 790)
@@ -21,8 +21,6 @@
*/
package org.jboss.identity.federation.core.saml.v2.util;
-import java.util.ArrayList;
-import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -35,7 +33,6 @@
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
import org.jboss.identity.federation.saml.v2.assertion.ObjectFactory;
-import org.jboss.identity.federation.saml.v2.assertion.StatementAbstractType;
/**
* Deals with SAML2 Statements
@@ -49,10 +46,14 @@
private static ObjectFactory factory = new ObjectFactory();
- public static List<StatementAbstractType> createStatements(Map<String,Object> attributes)
+ /**
+ * Create an attribute statement with all the attributes
+ * @param attributes a map with keys from {@link AttributeConstants}
+ * @return
+ */
+ public static AttributeStatementType createAttributeStatement(Map<String,Object> attributes)
{
- AttributeStatementType attrStatement = null;
- List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>();
+ AttributeStatementType attrStatement = null;
int i = 0;
@@ -92,8 +93,7 @@
att.getAttributeValue().add(value);
attrStatement.getAttributeOrEncryptedAttribute().add(att);
}
- statements.add(attrStatement);
- return statements;
+ return attrStatement;
}
private static AttributeType getX500Attribute()
Modified: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2009-09-14 20:32:37 UTC (rev 789)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2009-09-14 22:48:59 UTC (rev 790)
@@ -23,12 +23,13 @@
import java.io.ByteArrayOutputStream;
import java.util.HashMap;
-import java.util.List;
import java.util.Map;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.Marshaller;
+import junit.framework.TestCase;
+
import org.jboss.identity.federation.core.constants.AttributeConstants;
import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
@@ -40,15 +41,13 @@
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
import org.jboss.identity.federation.core.saml.v2.util.StatementUtil;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
-import org.jboss.identity.federation.saml.v2.assertion.StatementAbstractType;
+import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
-import junit.framework.TestCase;
-
/**
* Unit test the X500 Profile of SAML2
* @author Anil.Saldhana(a)redhat.com
@@ -62,8 +61,7 @@
attributes.put(AttributeConstants.EMAIL_ADDRESS, "test@a");
attributes.put(AttributeConstants.GIVEN_NAME, "anil");
- List<StatementAbstractType>
- statementList = StatementUtil.createStatements(attributes);
+ AttributeStatementType attrStat = StatementUtil.createAttributeStatement(attributes);
IssuerInfoHolder issuerHolder = new IssuerInfoHolder("http://idp");
issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());
@@ -76,7 +74,7 @@
assertNotNull(rt);
AssertionType assertion = (AssertionType) rt.getAssertionOrEncryptedAssertion().get(0);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(statementList);
+ assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attrStat);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-09-14 20:32:37 UTC (rev 789)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-09-14 22:48:59 UTC (rev 790)
@@ -46,10 +46,9 @@
import org.jboss.identity.federation.core.config.IDPType;
import org.jboss.identity.federation.core.config.TrustType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
-import org.jboss.identity.federation.core.exceptions.ParsingException;
-import org.jboss.identity.federation.core.interfaces.AttributeManager;
-import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
-import org.jboss.identity.federation.core.saml.v2.common.StatementLocal;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -57,13 +56,12 @@
import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder;
import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder;
-import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
-import org.jboss.identity.federation.core.saml.v2.util.StatementUtil;
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.saml.v2.util.StatementUtil;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
-import org.jboss.identity.federation.saml.v2.assertion.StatementAbstractType;
import org.jboss.identity.federation.saml.v2.protocol.RequestAbstractType;
-import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;
@@ -181,11 +179,8 @@
{
Map<String, Object> attribs =
attributeManager.getAttributes(userPrincipal, this.attribKeys);
- List<StatementAbstractType> stats = StatementUtil.createStatements(attribs);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(stats);
-
- //Set it on a thread local for JBID integrators
- StatementLocal.statements.set(stats);
+ AttributeStatementType attStatement = StatementUtil.createAttributeStatement(attribs);
+ assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attStatement);
}
catch(Exception e)
{
14 years, 7 months
JBoss Identity SVN: r789 - in identity-federation/trunk: jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util and 1 other directory.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-14 16:32:37 -0400 (Mon, 14 Sep 2009)
New Revision: 789
Added:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/StatementLocal.java
Modified:
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
Log:
JBID-152: threadlocal support to hold statements
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/StatementLocal.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/StatementLocal.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/common/StatementLocal.java 2009-09-14 20:32:37 UTC (rev 789)
@@ -0,0 +1,38 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.saml.v2.common;
+
+import java.util.List;
+
+import org.jboss.identity.federation.saml.v2.assertion.StatementAbstractType;
+
+/**
+ * Thread Local holding the statements
+ * returned by IDP
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Sep 14, 2009
+ */
+public class StatementLocal
+{
+ public static ThreadLocal<List<StatementAbstractType>> statements
+ = new InheritableThreadLocal<List<StatementAbstractType>>();
+}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-09-14 20:24:52 UTC (rev 788)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-09-14 20:32:37 UTC (rev 789)
@@ -49,6 +49,7 @@
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.interfaces.AttributeManager;
import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.core.saml.v2.common.StatementLocal;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -182,6 +183,9 @@
attributeManager.getAttributes(userPrincipal, this.attribKeys);
List<StatementAbstractType> stats = StatementUtil.createStatements(attribs);
assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(stats);
+
+ //Set it on a thread local for JBID integrators
+ StatementLocal.statements.set(stats);
}
catch(Exception e)
{
14 years, 7 months
JBoss Identity SVN: r788 - in identity-federation/trunk/jboss-identity-fed-core/src: main/java/org/jboss/identity/federation/core/saml/v2/util and 1 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-14 16:24:52 -0400 (Mon, 14 Sep 2009)
New Revision: 788
Added:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/X500SAMLProfileConstants.java
identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java
Log:
JBID-152: x500 attrib support
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2009-09-12 11:19:54 UTC (rev 787)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2009-09-14 20:24:52 UTC (rev 788)
@@ -98,6 +98,7 @@
TRANSFORM_C14N_EXCL_OMIT_COMMENTS("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"),
+ X500_NSURI("urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"),
XMLSCHEMA_NSURI("http://www.w3.org/2001/XMLSchema"),
XMLDSIG_NSURI("http://www.w3.org/2000/09/xmldsig#"),
XMLENC_NSURI("http://www.w3.org/2001/04/xmlenc#");
Added: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/X500SAMLProfileConstants.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/X500SAMLProfileConstants.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/X500SAMLProfileConstants.java 2009-09-14 20:24:52 UTC (rev 788)
@@ -0,0 +1,56 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.core.saml.v2.constants;
+
+/**
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Sep 11, 2009
+ */
+public enum X500SAMLProfileConstants
+{
+
+ CN("commonName", "urn:oid:2.5.4.3"),
+ GIVENNAME("givenName","urn:oid:2.5.4.42"),
+ EMAIL_ADDRESS("mail", "urn:oid:0.9.2342.19200300.100.1.3"),
+ EMPLOYEE_NUMBER("mail", "urn:oid:2.16.840.1.113730.3.1.3"),
+ SN("surname", "urn:oid:2.5.4.4"),
+ TELEPHONE("telephoneNumber", "urn:oid:2.5.4.20");
+
+ private String friendlyName = null;
+ private String uri = null;
+
+ private X500SAMLProfileConstants(String friendlyName,
+ String uristr)
+ {
+ this.uri = uristr;
+ }
+
+ public String get()
+ {
+ return this.uri;
+ }
+
+ public String getFriendlyName()
+ {
+ return friendlyName;
+ }
+}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java 2009-09-12 11:19:54 UTC (rev 787)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/StatementUtil.java 2009-09-14 20:24:52 UTC (rev 788)
@@ -26,8 +26,11 @@
import java.util.Map;
import java.util.Set;
+import javax.xml.namespace.QName;
+
import org.jboss.identity.federation.core.constants.AttributeConstants;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.jboss.identity.federation.core.saml.v2.constants.X500SAMLProfileConstants;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLBaseFactory;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
@@ -41,29 +44,64 @@
*/
public class StatementUtil
{
+ public static final QName X500_QNAME = new QName(JBossSAMLURIConstants.X500_NSURI.get(),
+ "Encoding");
+
private static ObjectFactory factory = new ObjectFactory();
public static List<StatementAbstractType> createStatements(Map<String,Object> attributes)
{
+ AttributeStatementType attrStatement = null;
List<StatementAbstractType> statements = new ArrayList<StatementAbstractType>();
+ int i = 0;
+
Set<String> keys = attributes.keySet();
for(String key: keys)
{
+ if(i == 0)
+ {
+ //Deal with the X500 Profile of SAML2
+ attrStatement = JBossSAMLBaseFactory.createAttributeStatement();
+ i++;
+ }
+ AttributeType att = getX500Attribute();
+
Object value = attributes.get(key);
if(AttributeConstants.EMAIL_ADDRESS.equals(key))
- {
- AttributeStatementType attrStatement = JBossSAMLBaseFactory.createAttributeStatement();
- AttributeType att = factory.createAttributeType();
- att.setNameFormat(JBossSAMLURIConstants.NAMEID_FORMAT_EMAIL.get());
-
- //rolename
- att.getAttributeValue().add(value);
- attrStatement.getAttributeOrEncryptedAttribute().add(att);
- statements.add(attrStatement);
+ {
+ att.setFriendlyName(X500SAMLProfileConstants.EMAIL_ADDRESS.getFriendlyName());
+ att.setName(X500SAMLProfileConstants.EMAIL_ADDRESS.get());
}
+ else if(AttributeConstants.EMPLOYEE_NUMBER.equals(key))
+ {
+ att.setFriendlyName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.getFriendlyName());
+ att.setName(X500SAMLProfileConstants.EMPLOYEE_NUMBER.get());
+ }
+ else if(AttributeConstants.GIVEN_NAME.equals(key))
+ {
+ att.setFriendlyName(X500SAMLProfileConstants.GIVENNAME.getFriendlyName());
+ att.setName(X500SAMLProfileConstants.GIVENNAME.get());
+ }
+ else if(AttributeConstants.TELEPHONE.equals(key))
+ {
+ att.setFriendlyName(X500SAMLProfileConstants.TELEPHONE.getFriendlyName());
+ att.setName(X500SAMLProfileConstants.TELEPHONE.get());
+ }
+ att.getAttributeValue().add(value);
+ attrStatement.getAttributeOrEncryptedAttribute().add(att);
}
+ statements.add(attrStatement);
return statements;
}
+
+ private static AttributeType getX500Attribute()
+ {
+ AttributeType att = factory.createAttributeType();
+ att.getOtherAttributes().put(X500_QNAME, "LDAP");
+
+ att.setNameFormat(JBossSAMLURIConstants.ATTRIBUTE_FORMAT_URI.get());
+ return att;
+ }
}
\ No newline at end of file
Added: identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-core/src/test/java/org/jboss/test/identity/federation/core/saml/v2/X500AttributeUnitTestCase.java 2009-09-14 20:24:52 UTC (rev 788)
@@ -0,0 +1,108 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.identity.federation.core.saml.v2;
+
+import java.io.ByteArrayOutputStream;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Marshaller;
+
+import org.jboss.identity.federation.core.constants.AttributeConstants;
+import org.jboss.identity.federation.core.saml.v2.common.IDGenerator;
+import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
+import org.jboss.identity.federation.core.saml.v2.factories.SAMLProtocolFactory;
+import org.jboss.identity.federation.core.saml.v2.holders.IDPInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.holders.SPInfoHolder;
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
+import org.jboss.identity.federation.core.saml.v2.util.StatementUtil;
+import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
+import org.jboss.identity.federation.saml.v2.assertion.StatementAbstractType;
+import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import junit.framework.TestCase;
+
+/**
+ * Unit test the X500 Profile of SAML2
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Sep 14, 2009
+ */
+public class X500AttributeUnitTestCase extends TestCase
+{
+ public void testX500Marshalling() throws Exception
+ {
+ Map<String,Object> attributes = new HashMap<String, Object>();
+ attributes.put(AttributeConstants.EMAIL_ADDRESS, "test@a");
+ attributes.put(AttributeConstants.GIVEN_NAME, "anil");
+
+ List<StatementAbstractType>
+ statementList = StatementUtil.createStatements(attributes);
+
+ IssuerInfoHolder issuerHolder = new IssuerInfoHolder("http://idp");
+ issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());
+
+ IDPInfoHolder idp = new IDPInfoHolder();
+ idp.setNameIDFormatValue(IDGenerator.create());
+
+ ResponseType rt = JBossSAMLAuthnResponseFactory.createResponseType("response111",
+ new SPInfoHolder(), idp, issuerHolder);
+ assertNotNull(rt);
+
+ AssertionType assertion = (AssertionType) rt.getAssertionOrEncryptedAssertion().get(0);
+ assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(statementList);
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(false);
+ JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(rt);
+ marshaller.marshal(jaxb, baos);
+ //marshaller.marshal(jaxb, System.out);
+
+ Document samlDom = DocumentUtil.getDocument(new String(baos.toByteArray()));
+ NodeList nl = samlDom.getElementsByTagName("Attribute");
+ assertEquals("nodes = 2", 2, nl.getLength());
+
+ String x500NS = JBossSAMLURIConstants.X500_NSURI.get();
+ String encodingLocalName = "Encoding";
+
+ Element attrib = (Element) nl.item(0);
+ assertTrue("Has ldap encoding?", attrib.hasAttributeNS( x500NS, encodingLocalName));
+ assertEquals("LDAP",
+ attrib.getAttributeNodeNS(x500NS, encodingLocalName).getNodeValue());
+
+ NodeList nla =
+ attrib.getElementsByTagNameNS(JBossSAMLURIConstants.ASSERTION_NSURI.get(),
+ "AttributeValue");
+
+ Node attribNode = nla.item(0);
+ String nodeValue = attribNode.getTextContent();
+ assertTrue(nodeValue.equals("test@a") || nodeValue.equals("anil"));
+ }
+}
\ No newline at end of file
14 years, 7 months
JBoss Identity SVN: r787 - identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-12 07:19:54 -0400 (Sat, 12 Sep 2009)
New Revision: 787
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
Log:
add a constant
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2009-09-11 22:04:51 UTC (rev 786)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/constants/JBossSAMLURIConstants.java 2009-09-12 11:19:54 UTC (rev 787)
@@ -40,6 +40,7 @@
ASSERTION_NSURI("urn:oasis:names:tc:SAML:2.0:assertion"),
ATTRIBUTE_FORMAT_BASIC("urn:oasis:names:tc:SAML:2.0:attrname-format:basic"),
+ ATTRIBUTE_FORMAT_URI("urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
METADATA_HTTP_REDIRECT_BINDING("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"),
14 years, 7 months
JBoss Identity SVN: r786 - identity-federation/trunk/jboss-identity-bindings-jboss/src/main/java/org/jboss/identity/federation/bindings/jboss/attribute.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-11 18:04:51 -0400 (Fri, 11 Sep 2009)
New Revision: 786
Modified:
identity-federation/trunk/jboss-identity-bindings-jboss/src/main/java/org/jboss/identity/federation/bindings/jboss/attribute/JBossAppServerAttributeManager.java
Log:
add a trace
Modified: identity-federation/trunk/jboss-identity-bindings-jboss/src/main/java/org/jboss/identity/federation/bindings/jboss/attribute/JBossAppServerAttributeManager.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings-jboss/src/main/java/org/jboss/identity/federation/bindings/jboss/attribute/JBossAppServerAttributeManager.java 2009-09-11 18:49:41 UTC (rev 785)
+++ identity-federation/trunk/jboss-identity-bindings-jboss/src/main/java/org/jboss/identity/federation/bindings/jboss/attribute/JBossAppServerAttributeManager.java 2009-09-11 22:04:51 UTC (rev 786)
@@ -99,6 +99,9 @@
}
}
+ if(trace && attributeMap != null)
+ log.trace("Final attribute map size:" + attributeMap.size());
+
return attributeMap;
}
}
\ No newline at end of file
14 years, 7 months
JBoss Identity SVN: r785 - in identity-federation/trunk: jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp and 1 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-09-11 14:49:41 -0400 (Fri, 11 Sep 2009)
New Revision: 785
Added:
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ServerDetector.java
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
Log:
JBID-152: phase2 commits
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-09-11 18:38:51 UTC (rev 784)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-09-11 18:49:41 UTC (rev 785)
@@ -26,7 +26,10 @@
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.security.PublicKey;
+import java.util.ArrayList;
+import java.util.Arrays;
import java.util.List;
+import java.util.StringTokenizer;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
@@ -44,6 +47,8 @@
import org.jboss.identity.federation.bindings.tomcat.TomcatRoleGenerator;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.impl.DelegatedAttributeManager;
+import org.jboss.identity.federation.core.interfaces.AttributeManager;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
@@ -54,7 +59,7 @@
import org.jboss.identity.federation.web.interfaces.RoleGenerator;
import org.jboss.identity.federation.web.interfaces.TrustKeyConfigurationException;
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;
-import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
+import org.jboss.identity.federation.web.interfaces.TrustKeyProcessingException;
import org.jboss.identity.federation.web.util.ConfigurationUtil;
import org.jboss.identity.federation.web.util.IDPWebRequestUtil;
import org.jboss.identity.federation.web.util.RedirectBindingSignatureUtil;
@@ -88,6 +93,23 @@
private Boolean signOutgoingMessages = true;
+ private transient DelegatedAttributeManager attribManager = new DelegatedAttributeManager();
+ private List<String> attributeKeys = new ArrayList<String>();
+
+ //Set a list of attributes we are interested in separated by comma
+ public void setAttributeList(String attribList)
+ {
+ if(attribList != null && !"".equals(attribList))
+ {
+ this.attributeKeys.clear();
+ StringTokenizer st = new StringTokenizer(attribList,",");
+ while(st != null && st.hasMoreTokens())
+ {
+ this.attributeKeys.add(st.nextToken());
+ }
+ }
+ }
+
public Boolean getIgnoreIncomingSignatures()
{
return ignoreIncomingSignatures;
@@ -166,6 +188,8 @@
IDPWebRequestUtil webRequestUtil = new IDPWebRequestUtil(request, idpConfiguration, keyManager);
+ webRequestUtil.setAttributeManager(this.attribManager);
+ webRequestUtil.setAttributeKeys(attributeKeys);
Document samlErrorResponse = null;
//Look for unauthorized status
@@ -484,6 +508,14 @@
this.identityURL = idpConfiguration.getIdentityURL();
if(trace) log.trace("Identity Provider URL=" + this.identityURL);
this.assertionValidity = idpConfiguration.getAssertionValidity();
+ //Get the attribute manager
+ String attributeManager = idpConfiguration.getAttributeManager();
+ if(attributeManager != null && !"".equals(attributeManager))
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ AttributeManager delegate = (AttributeManager) tcl.loadClass(attributeManager).newInstance();
+ this.attribManager.setDelegate(delegate);
+ }
}
catch (Exception e)
{
@@ -515,6 +547,14 @@
}
if(trace) log.trace("Key Provider=" + keyProvider.getClassName());
}
+
+ //Add some keys to the attibutes
+ String[] ak = new String[] {"mail","cn","commonname","givenname",
+ "surname","employeeType",
+ "employeeNumber",
+ "facsimileTelephoneNumber"};
+
+ this.attributeKeys.addAll(Arrays.asList(ak));
}
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-09-11 18:38:51 UTC (rev 784)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-09-11 18:49:41 UTC (rev 785)
@@ -55,6 +55,7 @@
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.jboss.identity.federation.web.util.PostBindingUtil;
+import org.jboss.identity.federation.web.util.ServerDetector;
import org.xml.sax.SAXException;
/**
@@ -69,10 +70,13 @@
{
private static Logger log = Logger.getLogger(SPPostFormAuthenticator.class);
private boolean trace = log.isTraceEnabled();
+ private boolean jbossEnv = false;
public SPPostFormAuthenticator()
{
super();
+ ServerDetector detector = new ServerDetector();
+ jbossEnv = detector.isJboss();
}
@Override
@@ -107,7 +111,7 @@
String password = ServiceProviderSAMLContext.EMPTY_PASSWORD;
//Map to JBoss specific principal
- if(spConfiguration.getServerEnvironment().equalsIgnoreCase("JBOSS"))
+ if(spConfiguration.getServerEnvironment().equalsIgnoreCase("JBOSS") || jbossEnv)
{
GenericPrincipal gp = (GenericPrincipal) principal;
//Push a context
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-09-11 18:38:51 UTC (rev 784)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-09-11 18:49:41 UTC (rev 785)
@@ -48,6 +48,7 @@
import org.jboss.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext;
import org.jboss.identity.federation.web.util.HTTPRedirectUtil;
import org.jboss.identity.federation.web.util.RedirectBindingUtil;
+import org.jboss.identity.federation.web.util.ServerDetector;
import org.jboss.identity.federation.bindings.util.ValveUtil;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
@@ -70,10 +71,14 @@
{
private static Logger log = Logger.getLogger(SPRedirectFormAuthenticator.class);
private boolean trace = log.isTraceEnabled();
+
+ private boolean jbossEnv = false;
public SPRedirectFormAuthenticator()
{
- super();
+ super();
+ ServerDetector detector = new ServerDetector();
+ jbossEnv = detector.isJboss();
}
@Override
@@ -107,7 +112,7 @@
String password = ServiceProviderSAMLContext.EMPTY_PASSWORD;
//Map to JBoss specific principal
- if(spConfiguration.getServerEnvironment().equalsIgnoreCase("JBOSS"))
+ if(spConfiguration.getServerEnvironment().equalsIgnoreCase("JBOSS") || jbossEnv)
{
GenericPrincipal gp = (GenericPrincipal) principal;
//Push a context
Modified: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-09-11 18:38:51 UTC (rev 784)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/IDPWebRequestUtil.java 2009-09-11 18:49:41 UTC (rev 785)
@@ -176,10 +176,17 @@
//Add in the attributes information
if(this.attributeManager != null)
{
- Map<String, Object> attribs =
- attributeManager.getAttributes(userPrincipal, this.attribKeys);
- List<StatementAbstractType> stats = StatementUtil.createStatements(attribs);
- assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(stats);
+ try
+ {
+ Map<String, Object> attribs =
+ attributeManager.getAttributes(userPrincipal, this.attribKeys);
+ List<StatementAbstractType> stats = StatementUtil.createStatements(attribs);
+ assertion.getStatementOrAuthnStatementOrAuthzDecisionStatement().addAll(stats);
+ }
+ catch(Exception e)
+ {
+ log.error("Exception in generating attributes:",e);
+ }
}
//Lets see how the response looks like
Added: identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ServerDetector.java
===================================================================
--- identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ServerDetector.java (rev 0)
+++ identity-federation/trunk/jboss-identity-web/src/main/java/org/jboss/identity/federation/web/util/ServerDetector.java 2009-09-11 18:49:41 UTC (rev 785)
@@ -0,0 +1,84 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.web.util;
+
+/**
+ * Utility Class to detect which server
+ * we are currently operating in
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Sep 11, 2009
+ */
+public class ServerDetector
+{
+ private boolean jboss = false;
+ private boolean tomcat = false;
+
+ public ServerDetector()
+ {
+ this.detectServer();
+ }
+
+ public boolean isJboss()
+ {
+ return jboss;
+ }
+
+ public boolean isTomcat()
+ {
+ return tomcat;
+ }
+
+ private void detectServer()
+ {
+ //Detect JBoss
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+
+ try
+ {
+ Class<?> clazz = tcl.loadClass("org.jboss.system.Service");
+ if(clazz != null)
+ {
+ jboss = true;
+ return;
+ }
+ }
+ catch(Exception e)
+ {
+ //ignore
+ }
+
+ //Tomcat
+ try
+ {
+ Class<?> clazz = tcl.loadClass("org.apache.cataline.Server");
+ if(clazz != null)
+ {
+ tomcat = true;
+ return;
+ }
+ }
+ catch(Exception e)
+ {
+ //ignore
+ }
+ }
+}
\ No newline at end of file
14 years, 7 months
JBoss Identity SVN: r784 - in authz/trunk/samples/secure-pojo/src: main/java/org/jboss/security/authz/samples/pojo/provisioning and 1 other directories.
by jboss-identity-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-09-11 14:38:51 -0400 (Fri, 11 Sep 2009)
New Revision: 784
Modified:
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/enforcement/SecurityInterceptor.java
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/provisioning/SecurityProvisioning.java
authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/samples/pojo/TestSecurePojo.java
Log:
bug fix
Modified: authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/enforcement/SecurityInterceptor.java
===================================================================
--- authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/enforcement/SecurityInterceptor.java 2009-09-10 20:00:09 UTC (rev 783)
+++ authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/enforcement/SecurityInterceptor.java 2009-09-11 18:38:51 UTC (rev 784)
@@ -53,21 +53,15 @@
public class SecurityInterceptor implements Interceptor
{
private static Logger log = Logger.getLogger(SecurityInterceptor.class);
-
- private PolicyEnforcementPoint enforcer;
-
+
public String getName()
{
return this.getClass().getName();
}
private PolicyEnforcementPoint getEnforcer()
- {
- if(this.enforcer == null)
- {
- this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
- }
- return this.enforcer;
+ {
+ return (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
}
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------
public Object invoke(Invocation invocation) throws Throwable
@@ -118,6 +112,7 @@
//Create an EnforcementContext and start the "Enforcement Phase" with the security framework----------------------------------------------------------------------
EnforcementContext context = new EnforcementContext();
+ context.setIgnoreCache(true);
context.setAttribute("pojo", resource);
context.setAttribute("method", action);
context.setAttribute("identity", identity);
Modified: authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/provisioning/SecurityProvisioning.java
===================================================================
--- authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/provisioning/SecurityProvisioning.java 2009-09-10 20:00:09 UTC (rev 783)
+++ authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/provisioning/SecurityProvisioning.java 2009-09-11 18:38:51 UTC (rev 784)
@@ -22,13 +22,16 @@
package org.jboss.security.authz.samples.pojo.provisioning;
import java.net.URI;
+import java.util.Set;
+import org.apache.log4j.Logger;
import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.agent.services.CompositionContext;
import org.jboss.security.authz.model.Effect;
+import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.components.action.Read;
import org.jboss.security.authz.components.action.Write;
import org.jboss.security.authz.components.resource.URIResource;
@@ -45,14 +48,21 @@
*/
public class SecurityProvisioning
{
- private PolicyProvisioner provisioner;
-
+ private static Logger log = Logger.getLogger(SecurityProvisioning.class);
+
public void bootup()
{
try
{
- // Provision Admin Policy
- this.provisionAdminPolicy();
+ // Provision POJO Policy
+ this.provisionPOJOPolicy();
+
+ Set<Policy> policies = this.getProvisioner().readAllPolicies();
+ for(Policy policy: policies)
+ {
+ log.info("------------------------------------------------------------------------------");
+ log.info(policy.generateSystemPolicy());
+ }
}
catch(Exception e)
{
@@ -60,7 +70,7 @@
}
}
// -------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- private void provisionAdminPolicy() throws Exception
+ private void provisionPOJOPolicy() throws Exception
{
// SetUp Resource
URIResource resource = new URIResource();
@@ -68,10 +78,13 @@
Read read = new Read();
Roles readRoles = new Roles();
- readRoles.addName("admin");
+ readRoles.setMustMatchAll(false);
+ readRoles.addName("regular");
+ readRoles.addName("/blah1/blah2/blah3");
Write write = new Write();
Roles writeRoles = new Roles();
+ writeRoles.setMustMatchAll(false);
writeRoles.addName("admin");
// Setup the Context for the Composition with these components
@@ -82,15 +95,10 @@
// Store the policy into the Policy Server
this.getProvisioner().deploy(context);
- }
+ }
private PolicyProvisioner getProvisioner()
- {
- if (this.provisioner == null)
- {
- this.provisioner = (PolicyProvisioner) ServiceContainer
- .lookup("/agent/LocalPolicyProvisioner");
- }
- return this.provisioner;
+ {
+ return (PolicyProvisioner) ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
}
Modified: authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/samples/pojo/TestSecurePojo.java
===================================================================
--- authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/samples/pojo/TestSecurePojo.java 2009-09-10 20:00:09 UTC (rev 783)
+++ authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/samples/pojo/TestSecurePojo.java 2009-09-11 18:38:51 UTC (rev 784)
@@ -1,24 +1,24 @@
/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
+ * JBoss, a division of Red Hat
+ * Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
package org.jboss.security.authz.samples.pojo;
import org.apache.log4j.Logger;
@@ -35,93 +35,197 @@
public class TestSecurePojo extends TestCase
{
private static Logger log = Logger.getLogger(TestSecurePojo.class);
-
+
private SecurityProvisioning provisioning;
-
+
public void setUp() throws Exception
- {
- //Bootstrap the Security Service
+ {
+ // Bootstrap the Security Service
ServiceContainer.bootstrap();
-
- //Bootup the system with the appropriate Policies
+
+ // Bootup the system with the appropriate Policies
provisioning = new SecurityProvisioning();
provisioning.bootup();
-
- //Start in Anonymous mode....each testcase will select its own authentication scenario
+
+ // Start in Anonymous mode....each testcase will select its own
+ // authentication scenario
AuthenticatedSession.activeSession.set(null);
}
-
- public void testAsAdmin() throws Exception
+
+ public void tearDown() throws Exception
{
- boolean accessGranted = true;
+ ServiceContainer.shutdown();
+ }
+
+ public void testAsAnonymous() throws Exception
+ {
+ boolean readGranted = true;
+ boolean writeGranted = true;
+
+ Pojo pojo = new Pojo();
+
try
{
- this.loginAsAdmin();
-
- Pojo pojo = new Pojo();
-
- //Write Action on the Pojo
+ // Write Action on the Pojo
pojo.setSensitiveData("This is Top Secret Data!!! Protect Me!!");
-
- //Read Action on the Pojo
- log.info(pojo.getSensitiveData());
+ writeGranted = true;
}
- catch(Exception iae)
+ catch (Exception r)
{
- if(iae instanceof IllegalAccessException)
+ if (r instanceof IllegalAccessException)
{
- accessGranted = false;
+ writeGranted = false;
}
else
{
- throw iae;
+ log.error(this, r);
+ throw r;
}
}
- finally
+
+ try
{
- assertTrue("Access Must be Granted!!", accessGranted);
+ String sensitiveData = pojo.getSensitiveData();
+ log.info(sensitiveData);
+ assertEquals("Data Must Match!!", sensitiveData,
+ "This is Top Secret Data!!! Protect Me!!");
+ readGranted = true;
}
+ catch (Exception r)
+ {
+ if (r instanceof IllegalAccessException)
+ {
+ readGranted = false;
+ }
+ else
+ {
+ throw r;
+ }
+ }
+
+ assertFalse("Read Access Must *Not* be Granted!!", readGranted);
+ assertFalse("Write Access Must *Not* be Granted!!", writeGranted);
}
-
- public void testAsAnonymous() throws Exception
+
+ public void testAsUser() throws Exception
{
- boolean accessGranted = true;
+ boolean readGranted = false;
+ boolean writeGranted = true;
+
+ this.loginAsUser();
+ Pojo pojo = new Pojo();
+
+ // Read Action on the Pojo
try
{
- //No need to login......just access straight up
- Pojo pojo = new Pojo();
-
- //Write Action on the Pojo
+ String sensitiveData = pojo.getSensitiveData();
+ log.info(sensitiveData);
+ assertNull("Data Must be Null!!", sensitiveData);
+ readGranted = true;
+ }
+ catch (Exception r)
+ {
+ if (r instanceof IllegalAccessException)
+ {
+ readGranted = false;
+ }
+ else
+ {
+ throw r;
+ }
+ }
+
+ // Write Action on the Pojo
+ try
+ {
pojo.setSensitiveData("This is Top Secret Data!!! Protect Me!!");
-
- //Read Action on the Pojo
- log.info(pojo.getSensitiveData());
}
- catch(Exception iae)
+ catch (Exception r)
{
- if(iae instanceof IllegalAccessException)
+ if (r instanceof IllegalAccessException)
{
- accessGranted = false;
+ writeGranted = false;
}
else
{
- throw iae;
+ throw r;
}
}
- finally
+
+ assertTrue("Read Access Must be Granted!!", readGranted);
+ assertFalse("Write Access Must *Not* be Granted!!", writeGranted);
+ }
+
+ public void testAsAdmin() throws Exception
+ {
+ boolean readGranted = false;
+ boolean writeGranted = false;
+
+ this.loginAsAdmin();
+ Pojo pojo = new Pojo();
+
+ try
{
- assertFalse("Access Must Not be Granted!!", accessGranted);
+ // Write Action on the Pojo
+ pojo.setSensitiveData("This is Top Secret Data!!! Protect Me!!");
+ writeGranted = true;
}
+ catch (Exception r)
+ {
+ if (r instanceof IllegalAccessException)
+ {
+ writeGranted = false;
+ }
+ else
+ {
+ log.error(this, r);
+ throw r;
+ }
+ }
+
+ try
+ {
+ String sensitiveData = pojo.getSensitiveData();
+ log.info(sensitiveData);
+ assertEquals("Data Must Match!!", sensitiveData,
+ "This is Top Secret Data!!! Protect Me!!");
+ readGranted = true;
+ }
+ catch (Exception r)
+ {
+ if (r instanceof IllegalAccessException)
+ {
+ readGranted = false;
+ }
+ else
+ {
+ throw r;
+ }
+ }
+
+ assertTrue("Read Access Must be Granted!!", readGranted);
+ assertTrue("Write Access Must be Granted!!", writeGranted);
}
- //---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+
+ // ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
private void loginAsAdmin()
{
AuthenticatedSession session = new AuthenticatedSession();
-
+
session.setUsername("admin");
- session.addRole("Admin");
- session.addRole("/system/admin/badassdude/blah/blah");
-
+ session.addRole("admin");
+ // session.addRole("/system/admin/badassdude/blah/blah");
+
AuthenticatedSession.activeSession.set(session);
}
+
+ private void loginAsUser()
+ {
+ AuthenticatedSession session = new AuthenticatedSession();
+
+ session.setUsername("user");
+ session.addRole("regular");
+
+ AuthenticatedSession.activeSession.set(session);
+ }
}
14 years, 7 months
JBoss Identity SVN: r783 - authz/trunk/samples/secure-pojo.
by jboss-identity-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-09-10 16:00:09 -0400 (Thu, 10 Sep 2009)
New Revision: 783
Modified:
authz/trunk/samples/secure-pojo/
Log:
target ignore
Property changes on: authz/trunk/samples/secure-pojo
___________________________________________________________________
Name: svn:ignore
+ target
14 years, 7 months
JBoss Identity SVN: r782 - in authz/trunk: documentation/reference-guide/en and 23 other directories.
by jboss-identity-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-09-10 15:17:22 -0400 (Thu, 10 Sep 2009)
New Revision: 782
Added:
authz/trunk/samples/
authz/trunk/samples/pom.xml
authz/trunk/samples/secure-pojo/
authz/trunk/samples/secure-pojo/pom.xml
authz/trunk/samples/secure-pojo/src/
authz/trunk/samples/secure-pojo/src/main/
authz/trunk/samples/secure-pojo/src/main/java/
authz/trunk/samples/secure-pojo/src/main/java/org/
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/AuthenticatedSession.java
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/Pojo.java
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/enforcement/
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/enforcement/SecurityInterceptor.java
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/provisioning/
authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/provisioning/SecurityProvisioning.java
authz/trunk/samples/secure-pojo/src/main/resources/
authz/trunk/samples/secure-pojo/src/main/resources/hibernate.cfg.xml
authz/trunk/samples/secure-pojo/src/main/resources/jboss-aop.xml
authz/trunk/samples/secure-pojo/src/test/
authz/trunk/samples/secure-pojo/src/test/java/
authz/trunk/samples/secure-pojo/src/test/java/org/
authz/trunk/samples/secure-pojo/src/test/java/org/jboss/
authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/
authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/
authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/samples/
authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/samples/pojo/
authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/samples/pojo/TestSecurePojo.java
authz/trunk/samples/secure-pojo/src/test/resources/
authz/trunk/samples/secure-pojo/src/test/resources/log4j.properties
Modified:
authz/trunk/.classpath
authz/trunk/documentation/reference-guide/en/master.xml
authz/trunk/pom.xml
Log:
sample used to illustrate the development process in the reference doc
Modified: authz/trunk/.classpath
===================================================================
--- authz/trunk/.classpath 2009-09-10 18:42:17 UTC (rev 781)
+++ authz/trunk/.classpath 2009-09-10 19:17:22 UTC (rev 782)
@@ -26,6 +26,8 @@
<classpathentry kind="src" path="portal-profile/src/test/java"/>
<classpathentry kind="src" path="portal-profile/src/test/resources"/>
<classpathentry kind="src" path="documentation/reference-guide/en/modules"/>
+ <classpathentry kind="src" path="samples/secure-pojo/src/main/java"/>
+ <classpathentry kind="src" path="samples/secure-pojo/src/test/java"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
<classpathentry kind="var" path="M2_REPO/asm/asm/1.5.3/asm-1.5.3.jar"/>
<classpathentry kind="var" path="M2_REPO/cglib/cglib/2.1_3/cglib-2.1_3.jar"/>
@@ -47,5 +49,6 @@
<classpathentry kind="var" path="M2_REPO/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar"/>
<classpathentry kind="var" path="M2_REPO/com/thoughtworks/xstream/xstream/1.3.1/xstream-1.3.1.jar"/>
<classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate/3.1.2/hibernate-3.1.2.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/aop/jboss-aop/2.1.3.GA/jboss-aop-2.1.3.GA.jar"/>
<classpathentry kind="output" path="bin"/>
</classpath>
Modified: authz/trunk/documentation/reference-guide/en/master.xml
===================================================================
--- authz/trunk/documentation/reference-guide/en/master.xml 2009-09-10 18:42:17 UTC (rev 781)
+++ authz/trunk/documentation/reference-guide/en/master.xml 2009-09-10 19:17:22 UTC (rev 782)
@@ -18,7 +18,7 @@
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/architecture.xml"/>
<!--
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/samples.xml"/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/sample.xml"/>
-->
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/framework.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/authz-component-spec.xml"/>
Modified: authz/trunk/pom.xml
===================================================================
--- authz/trunk/pom.xml 2009-09-10 18:42:17 UTC (rev 781)
+++ authz/trunk/pom.xml 2009-09-10 19:17:22 UTC (rev 782)
@@ -16,6 +16,7 @@
<module>agent</module>
<module>policy-server</module>
<module>http-profile</module>
+ <module>samples</module>
<!--
<module>portal-profile</module>
-->
Added: authz/trunk/samples/pom.xml
===================================================================
--- authz/trunk/samples/pom.xml (rev 0)
+++ authz/trunk/samples/pom.xml 2009-09-10 19:17:22 UTC (rev 782)
@@ -0,0 +1,36 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>jboss-authz-parent</artifactId>
+ <version>trunk-SNAPSHOT</version>
+ <relativePath>../pom.xml</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>samples</artifactId>
+ <packaging>pom</packaging>
+ <name>JBoss Authorization Sample Code</name>
+ <url>http://www.jboss.org</url>
+
+
+ <modules>
+ <module>secure-pojo</module>
+ </modules>
+
+ <properties>
+ <version.org.jboss.aop>2.1.3.GA</version.org.jboss.aop>
+ </properties>
+
+ <dependencyManagement>
+ <dependencies>
+ <!-- JBoss AOP Dependency -->
+ <dependency>
+ <groupId>org.jboss.aop</groupId>
+ <artifactId>jboss-aop</artifactId>
+ <version>${version.org.jboss.aop}</version>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+</project>
Added: authz/trunk/samples/secure-pojo/pom.xml
===================================================================
--- authz/trunk/samples/secure-pojo/pom.xml (rev 0)
+++ authz/trunk/samples/secure-pojo/pom.xml 2009-09-10 19:17:22 UTC (rev 782)
@@ -0,0 +1,106 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>samples</artifactId>
+ <version>trunk-SNAPSHOT</version>
+ <relativePath>../pom.xml</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>secure-pojo</artifactId>
+ <packaging>jar</packaging>
+ <name>Samples demonstrating POJO security</name>
+ <url>http://www.jboss.org</url>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.jboss.aop</groupId>
+ <artifactId>jboss-aop</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>common</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>core-components</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>agent</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>policy-server</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+
+ <!-- test dependencies -->
+ <!-- jboss xacml -->
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-xacml</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <!-- jboss microcontainer -->
+ <dependency>
+ <groupId>org.jboss.microcontainer</groupId>
+ <artifactId>jboss-kernel</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <!-- Drools -->
+ <dependency>
+ <groupId>org.drools</groupId>
+ <artifactId>drools-core</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.drools</groupId>
+ <artifactId>drools-compiler</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <!-- compile-time weaving of the module -->
+ <plugin>
+ <groupId>org.jboss.maven.plugins</groupId>
+ <artifactId>maven-jbossaop-plugin</artifactId>
+ <version>${version.org.jboss.aop}</version>
+ <executions>
+ <execution>
+ <id>compile</id>
+ <configuration>
+ <!-- if you want to include dependencies from the current module
+ (only needed if a class inherits a class thats not defined in this module
+ -->
+ <includeProjectDependency>false</includeProjectDependency>
+ <aoppaths>
+ <aoppath>src/main/resources/jboss-aop.xml</aoppath>
+ </aoppaths>
+ </configuration>
+ <goals>
+ <goal>compile</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+
+ <!-- running the tests in AOP environment -->
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>2.3.1</version>
+ <configuration>
+ <forkMode>always</forkMode>
+ <useSystemClassLoader>true</useSystemClassLoader>
+ <argLine>-Djboss.aop.path=src/main/resources/jboss-aop.xml</argLine>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added: authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/AuthenticatedSession.java
===================================================================
--- authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/AuthenticatedSession.java (rev 0)
+++ authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/AuthenticatedSession.java 2009-09-10 19:17:22 UTC (rev 782)
@@ -0,0 +1,79 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.samples.pojo;
+
+import java.util.List;
+import java.util.ArrayList;
+
+/**
+ * Just a mock AuthenticatedSession that carries security related information about the logged in user...
+ *
+ * Just using simple information to illustrate the usage of the framework
+ *
+ * This can carry other arbitrary information as well upon which security decisions can be based.
+ *
+ * But for now, just using username and roles
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class AuthenticatedSession
+{
+ public static ThreadLocal activeSession;
+
+ static
+ {
+ activeSession = new ThreadLocal();
+ }
+
+ private String username;
+ private List<String> roles;
+
+ public AuthenticatedSession()
+ {
+ this.roles = new ArrayList<String>();
+ }
+
+ public String getUsername()
+ {
+ return username;
+ }
+
+ public void setUsername(String username)
+ {
+ this.username = username;
+ }
+
+ public List<String> getRoles()
+ {
+ return roles;
+ }
+
+ public void setRoles(List<String> roles)
+ {
+ this.roles = roles;
+ }
+
+ public void addRole(String role)
+ {
+ this.roles.add(role);
+ }
+}
Added: authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/Pojo.java
===================================================================
--- authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/Pojo.java (rev 0)
+++ authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/Pojo.java 2009-09-10 19:17:22 UTC (rev 782)
@@ -0,0 +1,49 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.samples.pojo;
+
+/**
+ * This is the core application level component.
+ *
+ * Notice there is absolutely no security code here....It does not even know the security service exists
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class Pojo
+{
+ private String sensitiveData;
+
+ public Pojo()
+ {
+
+ }
+
+ public String getSensitiveData()
+ {
+ return this.sensitiveData;
+ }
+
+ public void setSensitiveData(String sensitiveData)
+ {
+ this.sensitiveData = sensitiveData;
+ }
+}
Added: authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/enforcement/SecurityInterceptor.java
===================================================================
--- authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/enforcement/SecurityInterceptor.java (rev 0)
+++ authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/enforcement/SecurityInterceptor.java 2009-09-10 19:17:22 UTC (rev 782)
@@ -0,0 +1,144 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.samples.pojo.enforcement;
+
+import java.lang.reflect.Method;
+import java.net.URI;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.aop.advice.Interceptor;
+import org.jboss.aop.joinpoint.Invocation;
+import org.jboss.aop.joinpoint.MethodInvocation;
+
+import org.jboss.security.authz.bootstrap.ServiceContainer;
+import org.jboss.security.authz.components.subject.Identity;
+import org.jboss.security.authz.components.subject.Roles;
+import org.jboss.security.authz.components.resource.URIResource;
+import org.jboss.security.authz.components.action.Read;
+import org.jboss.security.authz.components.action.Write;
+
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
+
+import org.jboss.security.authz.samples.pojo.AuthenticatedSession;
+
+/**
+ * A sample Enforcement Interceptor used to inject the security service into the application
+ *
+ * The scope of interception can be increased/decreased depending upon the application's security requirements
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class SecurityInterceptor implements Interceptor
+{
+ private static Logger log = Logger.getLogger(SecurityInterceptor.class);
+
+ private PolicyEnforcementPoint enforcer;
+
+ public String getName()
+ {
+ return this.getClass().getName();
+ }
+
+ private PolicyEnforcementPoint getEnforcer()
+ {
+ if(this.enforcer == null)
+ {
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ }
+ return this.enforcer;
+ }
+ //------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ public Object invoke(Invocation invocation) throws Throwable
+ {
+ try
+ {
+ MethodInvocation methodInvocation = (MethodInvocation)invocation;
+
+ Object pojoBeingAccessed = methodInvocation.getTargetObject();
+ Method methodBeingCalled = methodInvocation.getMethod();
+
+ //Get the runtime application state (AuthenticatedSession) from ThreadLocal
+ AuthenticatedSession session = (AuthenticatedSession)AuthenticatedSession.activeSession.get();
+ if(session == null)
+ {
+ //Anonymous access
+ session = new AuthenticatedSession();
+ session.setUsername("anonymous");
+ session.addRole("anonymous");
+ }
+
+ //Properly propagate runtime application state to the state of appropriate "Authz Components"--------------------------------------------------------------------
+ //Subject Components
+ Identity identity = new Identity();
+ identity.setName(session.getUsername());
+
+ Roles roles = new Roles();
+ if(session.getRoles() != null)
+ {
+ for(String roleName: session.getRoles())
+ roles.addName(roleName);
+ }
+
+ //Resource Component
+ URIResource resource = new URIResource();
+ resource.setUri(new URI(pojoBeingAccessed.getClass().getName()));
+
+ //Action Component
+ Object action = null;
+ if(methodBeingCalled.getName().startsWith("get"))
+ {
+ action = new Read();
+ }
+ else if(methodBeingCalled.getName().startsWith("set"))
+ {
+ action = new Write();
+ }
+
+ //Create an EnforcementContext and start the "Enforcement Phase" with the security framework----------------------------------------------------------------------
+ EnforcementContext context = new EnforcementContext();
+ context.setAttribute("pojo", resource);
+ context.setAttribute("method", action);
+ context.setAttribute("identity", identity);
+ context.setAttribute("roles", roles);
+
+ //Process the result from Enforcement Phase execution-------------------------------------------------------------------------------------------------------------
+ EnforcementResponse response = this.getEnforcer().checkAccess(context);
+
+ if(response.isAccessGranted())
+ {
+ //Access to the Pojo is granted.....Proceed..
+ return invocation.invokeNext();
+ }
+ else
+ {
+ //Throw appropriate exception or handle it according to what the requirements are.........
+ throw new IllegalAccessException("Pojo Access Denied!!!");
+ }
+ }
+ finally
+ {
+ }
+ }
+}
\ No newline at end of file
Added: authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/provisioning/SecurityProvisioning.java
===================================================================
--- authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/provisioning/SecurityProvisioning.java (rev 0)
+++ authz/trunk/samples/secure-pojo/src/main/java/org/jboss/security/authz/samples/pojo/provisioning/SecurityProvisioning.java 2009-09-10 19:17:22 UTC (rev 782)
@@ -0,0 +1,96 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.authz.samples.pojo.provisioning;
+
+import java.net.URI;
+
+import org.jboss.security.authz.bootstrap.ServiceContainer;
+
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.services.CompositionContext;
+
+import org.jboss.security.authz.model.Effect;
+import org.jboss.security.authz.components.action.Read;
+import org.jboss.security.authz.components.action.Write;
+import org.jboss.security.authz.components.resource.URIResource;
+import org.jboss.security.authz.components.subject.Roles;
+
+import org.jboss.security.authz.samples.pojo.Pojo;
+
+/**
+ * The Provisioning component that is in charge of managing the security policies of the application
+ *
+ * This is usually accessed via a GUI tool or the application's security dashboard etc
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class SecurityProvisioning
+{
+ private PolicyProvisioner provisioner;
+
+ public void bootup()
+ {
+ try
+ {
+ // Provision Admin Policy
+ this.provisionAdminPolicy();
+ }
+ catch(Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+ // -------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ private void provisionAdminPolicy() throws Exception
+ {
+ // SetUp Resource
+ URIResource resource = new URIResource();
+ resource.setUri(new URI(Pojo.class.getName()));
+
+ Read read = new Read();
+ Roles readRoles = new Roles();
+ readRoles.addName("admin");
+
+ Write write = new Write();
+ Roles writeRoles = new Roles();
+ writeRoles.addName("admin");
+
+ // Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, read, readRoles,"allowExpression");
+ context.addPolicyRule(Effect.PERMIT, write, writeRoles,"allowExpression");
+
+ // Store the policy into the Policy Server
+ this.getProvisioner().deploy(context);
+ }
+
+ private PolicyProvisioner getProvisioner()
+ {
+ if (this.provisioner == null)
+ {
+ this.provisioner = (PolicyProvisioner) ServiceContainer
+ .lookup("/agent/LocalPolicyProvisioner");
+ }
+ return this.provisioner;
+ }
+}
Added: authz/trunk/samples/secure-pojo/src/main/resources/hibernate.cfg.xml
===================================================================
--- authz/trunk/samples/secure-pojo/src/main/resources/hibernate.cfg.xml (rev 0)
+++ authz/trunk/samples/secure-pojo/src/main/resources/hibernate.cfg.xml 2009-09-10 19:17:22 UTC (rev 782)
@@ -0,0 +1,59 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
+ ~ contributors as indicated by the @authors tag. See the ~
+ ~ copyright.txt in the distribution for a full listing of ~
+ ~ individual contributors. ~
+ ~ ~
+ ~ This is free software; you can redistribute it and/or modify it ~
+ ~ under the terms of the GNU Lesser General Public License as ~
+ ~ published by the Free Software Foundation; either version 2.1 of ~
+ ~ the License, or (at your option) any later version. ~
+ ~ ~
+ ~ This software is distributed in the hope that it will be useful, ~
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
+ ~ Lesser General Public License for more details. ~
+ ~ ~
+ ~ You should have received a copy of the GNU Lesser General Public ~
+ ~ License along with this software; if not, write to the Free ~
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
+ ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
+
+<!DOCTYPE hibernate-configuration PUBLIC
+ "-//Hibernate/Hibernate Configuration DTD//EN"
+ "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd">
+
+<hibernate-configuration>
+ <session-factory>
+ <!-- Database connection settings -->
+ <property name="connection.driver_class">org.hsqldb.jdbcDriver</property>
+ <property name="connection.url">jdbc:hsqldb:file:target/testdb</property>
+ <property name="connection.username">sa</property>
+ <property name="connection.password"></property>
+
+ <!-- JDBC connection pool (use the built-in) -->
+ <property name="connection.pool_size">1</property>
+
+ <!-- SQL dialect -->
+ <property name="dialect">org.hibernate.dialect.HSQLDialect</property>
+
+ <!-- Enable Hibernate's automatic session context management -->
+ <property name="current_session_context_class">thread</property>
+
+ <!-- Disable the second-level cache -->
+ <property name="cache.provider_class">org.hibernate.cache.NoCacheProvider</property>
+
+ <!-- Echo all executed SQL to stdout -->
+ <property name="show_sql">true</property>
+
+ <!--
+ Drop and re-create the database schema on startup
+ -->
+ <property name="hbm2ddl.auto">create</property>
+
+ <mapping resource="policy.hbm.xml"/>
+ </session-factory>
+</hibernate-configuration>
\ No newline at end of file
Added: authz/trunk/samples/secure-pojo/src/main/resources/jboss-aop.xml
===================================================================
--- authz/trunk/samples/secure-pojo/src/main/resources/jboss-aop.xml (rev 0)
+++ authz/trunk/samples/secure-pojo/src/main/resources/jboss-aop.xml 2009-09-10 19:17:22 UTC (rev 782)
@@ -0,0 +1,5 @@
+<aop>
+ <bind pointcut="execution(* org.jboss.security.authz.samples.pojo.Pojo->*(..))">
+ <interceptor class="org.jboss.security.authz.samples.pojo.enforcement.SecurityInterceptor"/>
+ </bind>
+</aop>
Added: authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/samples/pojo/TestSecurePojo.java
===================================================================
--- authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/samples/pojo/TestSecurePojo.java (rev 0)
+++ authz/trunk/samples/secure-pojo/src/test/java/org/jboss/security/authz/samples/pojo/TestSecurePojo.java 2009-09-10 19:17:22 UTC (rev 782)
@@ -0,0 +1,127 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.samples.pojo;
+
+import org.apache.log4j.Logger;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.authz.bootstrap.ServiceContainer;
+
+import org.jboss.security.authz.samples.pojo.provisioning.SecurityProvisioning;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class TestSecurePojo extends TestCase
+{
+ private static Logger log = Logger.getLogger(TestSecurePojo.class);
+
+ private SecurityProvisioning provisioning;
+
+ public void setUp() throws Exception
+ {
+ //Bootstrap the Security Service
+ ServiceContainer.bootstrap();
+
+ //Bootup the system with the appropriate Policies
+ provisioning = new SecurityProvisioning();
+ provisioning.bootup();
+
+ //Start in Anonymous mode....each testcase will select its own authentication scenario
+ AuthenticatedSession.activeSession.set(null);
+ }
+
+ public void testAsAdmin() throws Exception
+ {
+ boolean accessGranted = true;
+ try
+ {
+ this.loginAsAdmin();
+
+ Pojo pojo = new Pojo();
+
+ //Write Action on the Pojo
+ pojo.setSensitiveData("This is Top Secret Data!!! Protect Me!!");
+
+ //Read Action on the Pojo
+ log.info(pojo.getSensitiveData());
+ }
+ catch(Exception iae)
+ {
+ if(iae instanceof IllegalAccessException)
+ {
+ accessGranted = false;
+ }
+ else
+ {
+ throw iae;
+ }
+ }
+ finally
+ {
+ assertTrue("Access Must be Granted!!", accessGranted);
+ }
+ }
+
+ public void testAsAnonymous() throws Exception
+ {
+ boolean accessGranted = true;
+ try
+ {
+ //No need to login......just access straight up
+ Pojo pojo = new Pojo();
+
+ //Write Action on the Pojo
+ pojo.setSensitiveData("This is Top Secret Data!!! Protect Me!!");
+
+ //Read Action on the Pojo
+ log.info(pojo.getSensitiveData());
+ }
+ catch(Exception iae)
+ {
+ if(iae instanceof IllegalAccessException)
+ {
+ accessGranted = false;
+ }
+ else
+ {
+ throw iae;
+ }
+ }
+ finally
+ {
+ assertFalse("Access Must Not be Granted!!", accessGranted);
+ }
+ }
+ //---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ private void loginAsAdmin()
+ {
+ AuthenticatedSession session = new AuthenticatedSession();
+
+ session.setUsername("admin");
+ session.addRole("Admin");
+ session.addRole("/system/admin/badassdude/blah/blah");
+
+ AuthenticatedSession.activeSession.set(session);
+ }
+}
Added: authz/trunk/samples/secure-pojo/src/test/resources/log4j.properties
===================================================================
--- authz/trunk/samples/secure-pojo/src/test/resources/log4j.properties (rev 0)
+++ authz/trunk/samples/secure-pojo/src/test/resources/log4j.properties 2009-09-10 19:17:22 UTC (rev 782)
@@ -0,0 +1,8 @@
+# Set root category priority to INFO and its only appender to CONSOLE.
+log4j.rootCategory=INFO, CONSOLE
+
+# CONSOLE is set to be a ConsoleAppender using a PatternLayout.
+log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
+log4j.appender.CONSOLE.Threshold=INFO
+log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
+log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n
14 years, 7 months