From jboss-identity-commits at lists.jboss.org Sun Jun 13 15:46:30 2010 Content-Type: multipart/mixed; boundary="===============3184837833094519522==" MIME-Version: 1.0 From: jboss-identity-commits at lists.jboss.org To: jboss-identity-commits at lists.jboss.org Subject: [jboss-identity-commits] JBoss Identity SVN: r1135 - in authz/gatein/authz-plugin/trunk: service/src/test/java/org/jboss/gatein/authz/service and 1 other directories. Date: Sun, 13 Jun 2010 15:46:30 -0400 Message-ID: <201006131946.o5DJkUEj003136@svn01.web.mwc.hst.phx2.redhat.com> --===============3184837833094519522== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Author: sohil.shah(a)jboss.com Date: 2010-06-13 15:46:30 -0400 (Sun, 13 Jun 2010) New Revision: 1135 Modified: authz/gatein/authz-plugin/trunk/service/src/main/java/org/jboss/gatein/a= uthz/service/SecurityService.java authz/gatein/authz-plugin/trunk/service/src/test/java/org/jboss/gatein/a= uthz/service/TestKernelStartup.java authz/gatein/authz-plugin/trunk/testwebapp/src/main/java/org/jboss/gatei= n/authz/test/web/TestKernel.java Log: testing SecurityService integration inside a Gatein instance on Tomcat Modified: authz/gatein/authz-plugin/trunk/service/src/main/java/org/jboss/g= atein/authz/service/SecurityService.java =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- authz/gatein/authz-plugin/trunk/service/src/main/java/org/jboss/gatein/= authz/service/SecurityService.java 2010-06-13 17:48:50 UTC (rev 1134) +++ authz/gatein/authz-plugin/trunk/service/src/main/java/org/jboss/gatein/= authz/service/SecurityService.java 2010-06-13 19:46:30 UTC (rev 1135) @@ -24,12 +24,21 @@ = import org.exoplatform.container.PortalContainer; = +import org.jboss.gatein.authz.service.agent.enforcement.LocalEnforcementPo= intComponent; +import org.jboss.gatein.authz.service.agent.provisioning.LocalPolicyProvis= ionerComponent; + +import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint; +import org.jboss.security.authz.agent.provisioning.PolicyProvisioner; + /** * @author Sohil Shah * */ public final class SecurityService { + private PolicyProvisioner provisioner; + private PolicyEnforcementPoint enforcer; + = public SecurityService() { = @@ -37,15 +46,31 @@ = public void start() { + PortalContainer portal =3D PortalContainer.getInstance(); + = + LocalPolicyProvisionerComponent provisionerComponent =3D (LocalPolicyPro= visionerComponent)portal. + getComponentInstanceOfType(LocalPolicyProvisionerComponent.class); + this.provisioner =3D provisionerComponent.getPolicyProvisioner(); + = + //Enforcement service + LocalEnforcementPointComponent enforcementComponent =3D (LocalEnforcemen= tPointComponent)portal. + getComponentInstanceOfType(LocalEnforcementPointComponent.class); + this.enforcer =3D enforcementComponent.getEnforcementPoint(); } = public void stop() { - = + this.provisioner =3D null; + this.enforcer =3D null; } = - public PortalContainer getContainer() + public PolicyEnforcementPoint getEnforcer() { - return PortalContainer.getInstance(); + return this.enforcer; } + = + public PolicyProvisioner getProvisioner() + { + return this.provisioner; + } } Modified: authz/gatein/authz-plugin/trunk/service/src/test/java/org/jboss/g= atein/authz/service/TestKernelStartup.java =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- authz/gatein/authz-plugin/trunk/service/src/test/java/org/jboss/gatein/= authz/service/TestKernelStartup.java 2010-06-13 17:48:50 UTC (rev 1134) +++ authz/gatein/authz-plugin/trunk/service/src/test/java/org/jboss/gatein/= authz/service/TestKernelStartup.java 2010-06-13 19:46:30 UTC (rev 1135) @@ -73,7 +73,7 @@ = public void testPolicyServiceBootstrap() throws Exception { = - PortalContainer portal =3D this.securityService.getContainer(); + PortalContainer portal =3D PortalContainer.getInstance(); = //Integrating the EventBus service LocalEventBusComponent eventBusComponent =3D (LocalEventBusComponent)por= tal.getComponentInstanceOfType(LocalEventBusComponent.class); Modified: authz/gatein/authz-plugin/trunk/testwebapp/src/main/java/org/jbos= s/gatein/authz/test/web/TestKernel.java =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- authz/gatein/authz-plugin/trunk/testwebapp/src/main/java/org/jboss/gate= in/authz/test/web/TestKernel.java 2010-06-13 17:48:50 UTC (rev 1134) +++ authz/gatein/authz-plugin/trunk/testwebapp/src/main/java/org/jboss/gate= in/authz/test/web/TestKernel.java 2010-06-13 19:46:30 UTC (rev 1135) @@ -30,14 +30,14 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; = -import org.exoplatform.container.PortalContainer; import org.jboss.gatein.authz.service.SecurityService; -import org.jboss.gatein.authz.service.agent.provisioning.LocalPolicyProvis= ionerComponent; = -import org.jboss.security.authz.agent.provisioning.PolicyProvisioner; +import org.jboss.security.authz.agent.enforcement.EnforcementContext; +import org.jboss.security.authz.agent.enforcement.EnforcementResponse; import org.jboss.security.authz.agent.services.CompositionContext; import org.jboss.security.authz.components.action.Read; import org.jboss.security.authz.components.resource.URIResource; +import org.jboss.security.authz.components.subject.Identity; import org.jboss.security.authz.components.subject.Roles; import org.jboss.security.authz.model.Effect; = @@ -48,7 +48,6 @@ public final class TestKernel extends HttpServlet { private SecurityService securityService; - private PolicyProvisioner provisioner; = @Override public void init() throws ServletException @@ -60,14 +59,6 @@ System.out.println("Initializing the GateIn Security Kernel...."); this.securityService =3D new SecurityService(); this.securityService.start(); - = - PortalContainer portal =3D this.securityService.getContainer(); - = - //Provisioner service - System.out.println("Loading up Security Components............"); - LocalPolicyProvisionerComponent provisionerComponent =3D (LocalPolicyPr= ovisionerComponent)portal. - getComponentInstanceOfType(LocalPolicyProvisionerComponent.class); - this.provisioner =3D provisionerComponent.getPolicyProvisioner(); } catch(Exception e) { @@ -94,6 +85,7 @@ try { this.executeProvisioningRequests(); + this.executeEnforcementRequests(); = this.getServletContext().getRequestDispatcher("/WEB-INF/jsp/kernel.jsp"= ).forward(request, response); } @@ -120,15 +112,58 @@ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression"); = - this.provisioner.deploy(context); + this.securityService.getProvisioner().deploy(context); = System.out.println("---------------------------------------------"); System.out.println("Mock Policy successfully provisioned........."); System.out.println("---------------------------------------------"); } = - private void executeEnforcementRequests() + private void executeEnforcementRequests() throws Exception { + Read action =3D new Read(); = + // Go ahead and produce a RequestContext for a "Permit" Enforcement + URIResource contextResource =3D new URIResource(); + contextResource.setUri(new URI("/root/level1/level2/index.html")); + + // Perform enforcement + this.enforce(this.createEnforcementContext(contextResource, action)); } + = + private EnforcementContext createEnforcementContext( + URIResource protectedResource, Read action) throws Exception + { + // Create an EnforcementContext + EnforcementContext context =3D new EnforcementContext(); + + // Enable Hierarchial Enforcement + context.activateHierarchialEnforcement(); + + // Create Resource + context.setAttribute("uri-resource", protectedResource); + + // Create Subjects + Roles roles =3D new Roles(); + roles.addName("user"); + context.setAttribute("roles", roles); + Identity identity =3D new Identity(); + identity.setName("blah(a)blah.com"); + context.setAttribute("identity", identity); + + // Create Action + context.setAttribute("action", action); + + return context; + } + = + protected void enforce(EnforcementContext enforcementContext) throws Exce= ption + { + EnforcementResponse response =3D this.securityService.getEnforcer() + .checkAccess(enforcementContext); + + System.out.println("-----------------------------------"); + System.out.println("Decision=3D" + response.getMessage()); + System.out.println("Access Granted=3D" + response.isAccessGranted()); + } } --===============3184837833094519522==--