JBoss Portal SVN: r12071 - branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium.
by portal-commits@lists.jboss.org
Author: vrockai
Date: 2008-10-15 12:30:12 -0400 (Wed, 15 Oct 2008)
New Revision: 12071
Modified:
branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/IdentityAdminTestCase.java
branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/PortletUserCreationTestCase.java
branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/WSRPTestCase.java
Log:
tests fix
Modified: branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/IdentityAdminTestCase.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/IdentityAdminTestCase.java 2008-10-15 16:18:52 UTC (rev 12070)
+++ branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/IdentityAdminTestCase.java 2008-10-15 16:30:12 UTC (rev 12071)
@@ -352,7 +352,7 @@
selenium.click(MessageFormat.format(LINK_T_ROLLIST_EDIT, r -1));
selenium.waitForPageToLoad(PAGE_LOAD);
- selenium.type("edit-role-link:display-Name", "editedRoleDisplay");
+ selenium.type("edit-role-link:display-name", "editedRoleDisplay");
selenium.click("edit-role-link:cancel");
selenium.waitForPageToLoad(PAGE_LOAD);
Modified: branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/PortletUserCreationTestCase.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/PortletUserCreationTestCase.java 2008-10-15 16:18:52 UTC (rev 12070)
+++ branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/PortletUserCreationTestCase.java 2008-10-15 16:30:12 UTC (rev 12071)
@@ -9,23 +9,23 @@
@Test(groups = { "portlet_user_creation" }, enabled = true)
public class PortletUserCreationTestCase extends JBossPortalSeleniumTestCase {
- private static final String SUBMIT_CREATE_CONF = "confirm-form:user";
- public static final String SUBMIT_CREATE_CONF_EDIT = "confirm-form:revise";
+ private static final String SUBMIT_CREATE_CONF = "//input[contains(@id,'confirm-form:user')]";
+ public static final String SUBMIT_CREATE_CONF_EDIT = "//input[contains(@id,'confirm-form:revise')]";
- private static final String SUBMIT_CREATE_USER = "register-form:submit";
- private static final String SUBMIT_CREATE_USER_CANCEL = "register-form:cancel";
+ private static final String SUBMIT_CREATE_USER = "//input[contains(@id,'register-form:submit')]";
+ private static final String SUBMIT_CREATE_USER_CANCEL = "//input[contains(@id,'register-form:cancel')]";
- private static final String INPUT_USERPASSWDCONF = "register-form:passwordCheck";
+ private static final String INPUT_USERPASSWDCONF = "//input[contains(@id,'register-form:passwordCheck')]";
- private static final String INPUT_USERPASSWD = "register-form:password";
+ private static final String INPUT_USERPASSWD = "//input[contains(@id,'register-form:password')]";
- private static final String INPUT_USERMAIL = "register-form:email";
+ private static final String INPUT_USERMAIL = "//input[contains(@id,'register-form:email')]";
- private static final String INPUT_USERNAME = "register-form:username";
+ private static final String INPUT_USERNAME = "//input[contains(@id,'register-form:username')]";
- private static final String LINK_CREATE_USER = "create-account-form:register";
+ private static final String LINK_CREATE_USER = "//a[contains(@id,'create-account-form:register')]";
- private static final String TAB_WELCOME = "register-temp-form:start-link";
+ private static final String TAB_WELCOME = "//a[contains(@id,'register-temp-form:start-link')]";
@Test(enabled = true, description = "Simple user creation.")
public void userCreationTest() {
Modified: branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/WSRPTestCase.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/WSRPTestCase.java 2008-10-15 16:18:52 UTC (rev 12070)
+++ branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/WSRPTestCase.java 2008-10-15 16:30:12 UTC (rev 12071)
@@ -12,6 +12,7 @@
@Test(groups = { "cms_wsrp" }, enabled = true, description = "WSRP test case.")
public class WSRPTestCase extends JBossPortalSeleniumTestCase {
+
private static final String SUBMIT_REFRESH_CANCEL = "edit-cons-form:list-cons-link_1";
private static final String SUBMIT_PROD_SAVE = "producer-form:save-producer";
private static final String SUBMIT_CONSDEL_CONF = "confirm-delete-form:destroy-link";
@@ -41,8 +42,6 @@
private static final String LINK_T_CONS_REG="consumer-list-form:consumersList:{0}:register";
private static final String LINK_T_CONS_DER="consumer-list-form:consumersList:{0}:register";
private static final String LINK_T_CONS_DEL="consumer-list-form:consumersList:{0}:delete";
-
-
public static String WSRP_CONSUMER_TABLE = "consumer-list-form:consumersList";
@BeforeMethod(groups = { "log" })
public void loginBeforeTest() {
17 years, 6 months
- 1
- 0
JBoss Portal SVN: r12070 - branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2008-10-15 12:18:52 -0400 (Wed, 15 Oct 2008)
New Revision: 12070
Modified:
branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/WSRPPortletURL.java
Log:
- Replaced "magic" numbers for better robustness.
Modified: branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/WSRPPortletURL.java
===================================================================
--- branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/WSRPPortletURL.java 2008-10-15 16:18:33 UTC (rev 12069)
+++ branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/WSRPPortletURL.java 2008-10-15 16:18:52 UTC (rev 12070)
@@ -152,7 +152,7 @@
}
encodedURL = encodedURL.substring(0, endTokenIndex)
- + encodedURL.substring(endTokenIndex + WSRPRewritingConstants.WSRP_REWRITE_SUFFIX_LENGTH);
+ + encodedURL.substring(endTokenIndex + WSRPRewritingConstants.WSRP_REWRITE_SUFFIX_LENGTH);
// remember that we should position the extra params after the end token
extraAfterEnd = true;
@@ -162,7 +162,7 @@
{
// remove prefix and suffix
encodedURL = encodedURL.substring(WSRPRewritingConstants.WSRP_REWRITE_PREFIX_LENGTH,
- encodedURL.length() - WSRPRewritingConstants.WSRP_REWRITE_SUFFIX_LENGTH);
+ encodedURL.length() - WSRPRewritingConstants.WSRP_REWRITE_SUFFIX_LENGTH);
}
// next param should be the url type
@@ -199,7 +199,7 @@
else
{
throw new IllegalArgumentException("Unrecognized URL type: " + encodedURL.substring(0, encodedURL.indexOf(PARAM_SEPARATOR))
- + "in " + originalURL);
+ + "in " + originalURL);
}
// other parameters
@@ -208,7 +208,7 @@
if (encodedURL.length() > urlTypeLength)
{
// truncate again once the value is extracted
- encodedURL = encodedURL.substring(urlTypeLength + 1); // +1 for the param separator
+ encodedURL = encodedURL.substring(urlTypeLength + PARAM_SEPARATOR.length());
// extract the other parameters
params = extractParams(encodedURL, originalURL, customModes, customWindowStates);
@@ -216,7 +216,7 @@
else if (WSRPRewritingConstants.URL_TYPE_RESOURCE.equals(urlType))
{
throw new IllegalArgumentException("Both the 'wsrp-url' and 'wsrp-requiresRewrite' parameters MUST also be specified for resource URL '"
- + originalURL + "'");
+ + originalURL + "'");
}
url.setParams(params, originalURL);
@@ -335,7 +335,7 @@
//
sb.append(WSRPRewritingConstants.BEGIN_WSRP_REWRITE).append(WSRPRewritingConstants.URL_TYPE_NAME)
- .append(EQUALS).append(getURLType());
+ .append(EQUALS).append(getURLType());
//
if (secure)
@@ -438,7 +438,7 @@
if (strict)
{
throw new IllegalArgumentException("Invalid parameter name in strict validation mode (see documentation): '"
- + name + "' in " + originalURL);
+ + name + "' in " + originalURL);
}
else
{
@@ -447,7 +447,7 @@
}
// extract param value
- String value = param.substring(equalsIndex + 1, param.length()); // +1 to ignore "="
+ String value = param.substring(equalsIndex + EQUALS.length(), param.length());
// check that the given mode is valid if the param is supposed to be one
if (WSRPRewritingConstants.MODE.equals(name))
@@ -462,7 +462,7 @@
}
params.put(name, value);
- encodedURL = encodedURL.substring(endParamIndex + 1); // +1 for the param separator
+ encodedURL = encodedURL.substring(endParamIndex + PARAM_SEPARATOR.length());
}
return params;
}
17 years, 6 months
- 1
- 0
JBoss Portal SVN: r12069 - branches/JBoss_Portal_Branch_2_6/wsrp/src/main/org/jboss/portal/wsrp.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2008-10-15 12:18:33 -0400 (Wed, 15 Oct 2008)
New Revision: 12069
Modified:
branches/JBoss_Portal_Branch_2_6/wsrp/src/main/org/jboss/portal/wsrp/WSRPPortletURL.java
Log:
- Replaced "magic" numbers for better robustness.
Modified: branches/JBoss_Portal_Branch_2_6/wsrp/src/main/org/jboss/portal/wsrp/WSRPPortletURL.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/wsrp/src/main/org/jboss/portal/wsrp/WSRPPortletURL.java 2008-10-15 15:29:28 UTC (rev 12068)
+++ branches/JBoss_Portal_Branch_2_6/wsrp/src/main/org/jboss/portal/wsrp/WSRPPortletURL.java 2008-10-15 16:18:33 UTC (rev 12069)
@@ -200,7 +200,7 @@
if (encodedURL.length() > urlTypeLength)
{
// truncate again once the value is extracted
- encodedURL = encodedURL.substring(urlTypeLength + 1); // +1 for the param separator
+ encodedURL = encodedURL.substring(urlTypeLength + PARAM_SEPARATOR.length());
// extract the other parameters
params = extractParams(encodedURL, originalURL, customModes, customWindowStates);
@@ -439,7 +439,7 @@
}
// extract param value
- String value = param.substring(equalsIndex + 1, param.length()); // +1 to ignore "="
+ String value = param.substring(equalsIndex + EQUALS.length(), param.length());
// check that the given mode is valid if the param is supposed to be one
if (WSRPRewritingConstants.MODE.equals(name))
@@ -454,7 +454,7 @@
}
params.put(name, value);
- encodedURL = encodedURL.substring(endParamIndex + 1); // +1 for the param separator
+ encodedURL = encodedURL.substring(endParamIndex + PARAM_SEPARATOR.length());
}
return params;
}
17 years, 6 months
- 1
- 0
JBoss Portal SVN: r12068 - in modules/authorization/trunk: common and 1 other directory.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2008-10-15 11:29:28 -0400 (Wed, 15 Oct 2008)
New Revision: 12068
Modified:
modules/authorization/trunk/PAP/
modules/authorization/trunk/common/
Log:
ignoring 'target'
Property changes on: modules/authorization/trunk/PAP
___________________________________________________________________
Name: svn:ignore
+ target
Property changes on: modules/authorization/trunk/common
___________________________________________________________________
Name: svn:ignore
+ target
17 years, 6 months
- 1
- 0
JBoss Portal SVN: r12067 - in modules/authorization/trunk: PAP and 33 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2008-10-15 11:27:46 -0400 (Wed, 15 Oct 2008)
New Revision: 12067
Added:
modules/authorization/trunk/PAP/
modules/authorization/trunk/PAP/pom.xml
modules/authorization/trunk/PAP/src/
modules/authorization/trunk/PAP/src/main/
modules/authorization/trunk/PAP/src/main/java/
modules/authorization/trunk/PAP/src/main/java/org/
modules/authorization/trunk/PAP/src/main/java/org/jboss/
modules/authorization/trunk/PAP/src/main/java/org/jboss/security/
modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/
modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/
modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/hierarchial/
modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/hierarchial/HierarchialPolicy.java
modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/
modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/FileSystemPolicyManager.java
modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/FileSystemWebTierPolicyManager.java
modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/PolicyManager.java
modules/authorization/trunk/PAP/src/main/resources/
modules/authorization/trunk/PAP/src/test/
modules/authorization/trunk/PAP/src/test/java/
modules/authorization/trunk/PAP/src/test/java/org/
modules/authorization/trunk/PAP/src/test/java/org/jboss/
modules/authorization/trunk/PAP/src/test/java/org/jboss/security/
modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/
modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/
modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/hierarchial/
modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/hierarchial/TestHierarchialPolicy.java
modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/service/
modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/service/TestWebTierPolicyManager.java
modules/authorization/trunk/PAP/src/test/resources/
modules/authorization/trunk/PAP/src/test/resources/log4j.properties
modules/authorization/trunk/PEP/multitier-policy.xml
modules/authorization/trunk/PEP/simple-policy.xml
modules/authorization/trunk/common/
modules/authorization/trunk/common/pom.xml
modules/authorization/trunk/common/src/
modules/authorization/trunk/common/src/main/
modules/authorization/trunk/common/src/main/java/
modules/authorization/trunk/common/src/main/java/org/
modules/authorization/trunk/common/src/main/java/org/jboss/
modules/authorization/trunk/common/src/main/java/org/jboss/security/
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Action.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Attribute.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/AttributeExpression.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/BaseObject.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/BusinessLogicExpression.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Effect.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Environment.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Expression.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Policy.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/PolicyException.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Resource.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Rule.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Subject.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Target.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/AttributeDesignatorUtil.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/NoPermitMeansDeniedAlg.java
modules/authorization/trunk/common/src/main/resources/
modules/authorization/trunk/common/src/test/
modules/authorization/trunk/common/src/test/java/
modules/authorization/trunk/common/src/test/resources/
Modified:
modules/authorization/trunk/.classpath
modules/authorization/trunk/PEP/src/test/java/org/jboss/security/authz/test/pep/TestPDP.java
modules/authorization/trunk/pom.xml
Log:
code backup
Modified: modules/authorization/trunk/.classpath
===================================================================
--- modules/authorization/trunk/.classpath 2008-10-15 12:33:26 UTC (rev 12066)
+++ modules/authorization/trunk/.classpath 2008-10-15 15:27:46 UTC (rev 12067)
@@ -1,10 +1,18 @@
<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
- <classpathentry kind="src" path="security-console/ejb/src/main/java"/>
+<classpath>
+ <classpathentry kind="src" path="common/src/main/java"/>
+ <classpathentry kind="src" path="common/src/main/resources"/>
+ <classpathentry kind="src" path="common/src/test/java"/>
+ <classpathentry kind="src" path="common/src/test/resources"/>
<classpathentry kind="src" path="PEP/src/main/java"/>
<classpathentry kind="src" path="PEP/src/main/resources"/>
<classpathentry kind="src" path="PEP/src/test/java"/>
<classpathentry kind="src" path="PEP/src/test/resources"/>
+ <classpathentry kind="src" path="PAP/src/main/java"/>
+ <classpathentry kind="src" path="PAP/src/main/resources"/>
+ <classpathentry kind="src" path="PAP/src/test/java"/>
+ <classpathentry kind="src" path="PAP/src/test/resources"/>
+ <classpathentry kind="src" path="security-console/ejb/src/main/java"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
<classpathentry kind="output" path="classes"/>
<classpathentry kind="var" path="M2_REPO/antlr/antlr/2.7.6/antlr-2.7.6.jar"/>
Added: modules/authorization/trunk/PAP/pom.xml
===================================================================
--- modules/authorization/trunk/PAP/pom.xml (rev 0)
+++ modules/authorization/trunk/PAP/pom.xml 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,67 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>jboss-authz-parent</artifactId>
+ <version>trunk-SNAPSHOT</version>
+ <relativePath>../pom.xml</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>jboss-authz-pap</artifactId>
+ <packaging>jar</packaging>
+ <name>JBoss Authorization PAP</name>
+ <url>http://www.jboss.org</url>
+ <description>A Generic PAP (Policy Administration Point) component</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>jboss-authz-common</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+
+ <!-- jboss xacml -->
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-xacml</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-sunxacml</artifactId>
+ </dependency>
+
+ <!-- sun jaxb -->
+ <dependency>
+ <groupId>sun-jaxb</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>sun-jaxb</groupId>
+ <artifactId>jaxb-impl</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>sun-jaxb</groupId>
+ <artifactId>jaxb-xjc</artifactId>
+ </dependency>
+
+ <!-- junit -->
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>2.3.1</version>
+ <configuration>
+ <includes>
+ </includes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added: modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/hierarchial/HierarchialPolicy.java
===================================================================
--- modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/hierarchial/HierarchialPolicy.java (rev 0)
+++ modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/hierarchial/HierarchialPolicy.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,216 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.pap.hierarchial;
+
+import java.util.List;
+import java.util.Set;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+import javax.xml.bind.JAXBElement;
+
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.Rule;
+import org.jboss.security.authz.model.Target;
+import org.jboss.security.authz.model.Effect;
+import org.jboss.security.authz.model.PolicyException;
+import org.jboss.security.authz.model.AttributeExpression;
+import org.jboss.security.authz.model.Expression;
+import org.jboss.security.authz.xacml.NoPermitMeansDeniedAlg;
+import org.jboss.security.authz.xacml.AttributeDesignatorUtil;
+
+import org.jboss.security.xacml.core.model.policy.ActionMatchType;
+import org.jboss.security.xacml.core.model.policy.ApplyType;
+import org.jboss.security.xacml.core.model.policy.EffectType;
+import org.jboss.security.xacml.core.model.policy.PolicyType;
+import org.jboss.security.xacml.core.model.policy.ResourceMatchType;
+import org.jboss.security.xacml.core.model.policy.ResourcesType;
+import org.jboss.security.xacml.core.model.policy.ResourceType;
+import org.jboss.security.xacml.core.model.policy.ActionsType;
+import org.jboss.security.xacml.core.model.policy.ActionType;
+import org.jboss.security.xacml.core.model.policy.RuleType;
+import org.jboss.security.xacml.core.model.policy.TargetType;
+import org.jboss.security.xacml.core.model.policy.ConditionType;
+import org.jboss.security.xacml.core.model.policy.ObjectFactory;
+import org.jboss.security.xacml.core.model.policy.AttributeValueType;
+import org.jboss.security.xacml.factories.PolicyAttributeFactory;
+
+/**
+ * Used for specifying policies for Resources represented by unique URIs, sometimes forming a tree like relationship with other Resources in the system
+ *
+ * An example of such resources would be tree of resources/nodes in a Content Management System
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class HierarchialPolicy extends Policy
+{
+ public HierarchialPolicy(String policyUri, Target target, Set<Rule> rules)
+ {
+ super(policyUri, target, rules);
+ }
+
+ @Override
+ public String generateXACMLPolicy() throws PolicyException
+ {
+ ByteArrayOutputStream bos = null;
+ try
+ {
+ String xacmlXml = null;
+
+ //SetUp the Policy Header
+ ObjectFactory objectFactory = new ObjectFactory();
+ PolicyType policyType = new PolicyType();
+ policyType.setPolicyId(this.policyUri);
+ policyType.setVersion("2.0");
+ policyType.setRuleCombiningAlgId(new NoPermitMeansDeniedAlg().getIdentifier().toString());
+
+ TargetType targetType = new TargetType();
+ policyType.setTarget(targetType);
+
+ //Process Resource Matches as Targets for the Policy
+ List<AttributeExpression> resourceMatches = this.target.getResourceMatches();
+ if(resourceMatches != null && !resourceMatches.isEmpty())
+ {
+ ResourcesType resourcesType = new ResourcesType();
+ targetType.setResources(resourcesType);
+ for(AttributeExpression resourceMatch: resourceMatches)
+ {
+ ResourceType resourceType = new ResourceType();
+ ResourceMatchType rmt = new ResourceMatchType();
+
+ rmt.setMatchId(resourceMatch.getFunctionId());
+
+ rmt.setResourceAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(resourceMatch.getAttribute()));
+
+ rmt.setAttributeValue(PolicyAttributeFactory
+ .createStringAttributeType(resourceMatch.getAttribute().getValue()));
+
+ resourceType.getResourceMatch().add(rmt);
+ resourcesType.getResource().add(resourceType);
+ }
+ }
+
+ //Process the Policy Rules
+ if(this.rules != null && !this.rules.isEmpty())
+ {
+ for(Rule rule: this.rules)
+ {
+ RuleType ruleType = new RuleType();
+ ruleType.setRuleId(rule.getRuleId());
+ if(rule.getEffect() == Effect.PERMIT)
+ {
+ ruleType.setEffect(EffectType.PERMIT);
+ }
+ else
+ {
+ ruleType.setEffect(EffectType.DENY);
+ }
+
+ //Process the Rule Target
+ List<AttributeExpression> actionMatches = rule.getTarget().getActionMatches();
+ if(actionMatches != null && !actionMatches.isEmpty())
+ {
+ TargetType ruleTarget = this.generateRuleActions(actionMatches);
+ ruleType.setTarget(ruleTarget);
+ }
+
+ //Process the Rule Expression/Condition
+ ConditionType condition = this.generateCondition(objectFactory, rule.getExpression());
+ ruleType.setCondition(condition);
+
+ policyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(ruleType);
+ }
+ }
+
+ bos = new ByteArrayOutputStream();
+ policyType.marshall(bos);
+ xacmlXml = new String(bos.toByteArray());
+
+ return xacmlXml;
+ }
+ catch(Exception e)
+ {
+ throw new PolicyException(e);
+ }
+ finally
+ {
+ if(bos != null)
+ {
+ try{bos.close();}catch(IOException ioe){}
+ }
+ }
+ }
+
+ private TargetType generateRuleActions(List<AttributeExpression> actionMatches)
+ {
+ TargetType target = new TargetType();
+
+ ActionsType actions = new ActionsType();
+ for(AttributeExpression action: actionMatches)
+ {
+ ActionType actionType = new ActionType();
+ ActionMatchType amct = new ActionMatchType();
+ amct.setMatchId(action.getFunctionId());
+ amct.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(action.getAttribute().getValue()));
+ amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute()));
+ actionType.getActionMatch().add(amct);
+ actions.getAction().add(actionType);
+ }
+
+ target.setActions(actions);
+ return target;
+ }
+
+ /**
+ *
+ * @param expression
+ * @return
+ */
+ private ConditionType generateCondition(ObjectFactory objectFactory, Expression expression)
+ {
+ ConditionType condition = new ConditionType();
+
+ if(expression instanceof AttributeExpression)
+ {
+ AttributeExpression attributeExpression = (AttributeExpression)expression;
+
+ //Function to be applied
+ ApplyType apply = new ApplyType();
+ apply.setFunctionId(attributeExpression.getFunctionId());
+
+ //Value to check against
+ AttributeValueType attrValue = PolicyAttributeFactory.createStringAttributeType(attributeExpression.getAttribute().getValue());
+ JAXBElement<AttributeValueType> jaxbAttrValue = objectFactory.createAttributeValue(attrValue);
+ apply.getExpression().add(jaxbAttrValue);
+
+ //Place within the Context where this Value should exist during an Authorization Request
+ apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute()));
+
+
+ condition.setExpression(objectFactory.createApply(apply));
+ }
+
+ return condition;
+ }
+}
Added: modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/FileSystemPolicyManager.java
===================================================================
--- modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/FileSystemPolicyManager.java (rev 0)
+++ modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/FileSystemPolicyManager.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,70 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.pap.service;
+
+import java.util.List;
+
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.pap.service.PolicyManager;
+
+/**
+ * An abstract class that provides a generic (Policy type agnostic) implementation of Storage services to be provided by a PolicyManager. This particular implementation
+ * stores Policies on the local FileSystem. This is mostly a demo implementation. Practially the Policies will be stored in Security repositories like
+ * LDAP, relational databases etc
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+abstract class FileSystemPolicyManager implements PolicyManager
+{
+ //------Storage Services of the PolicyManager implementation-----------------------------------------------------------------------------------------------
+ /**
+ *
+ */
+ public List<Policy> readAllPolicies()
+ {
+ return null;
+ }
+
+ /**
+ *
+ */
+ public Policy readPolicy(String policyUri)
+ {
+ return null;
+ }
+
+ /**
+ *
+ */
+ public void savePolicy(Policy policy)
+ {
+ }
+
+ /**
+ *
+ */
+ public void deletePolicy(String policyUri)
+ {
+ }
+}
Added: modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/FileSystemWebTierPolicyManager.java
===================================================================
--- modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/FileSystemWebTierPolicyManager.java (rev 0)
+++ modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/FileSystemWebTierPolicyManager.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,57 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.pap.service;
+
+import org.jboss.security.authz.model.Policy;
+
+/**
+ * The PolicyManager provides implementation for the Configuration related services of the PolicyManager. It extends the FileSystemPolicyManager in order to store the managed Policies
+ * on the local file system. This PolicyManager process configuration provided for securing Resources within the Web Tier of an application.
+ * It uses the HierarchialPolicy implementation to represent the Web Tier Policies
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class FileSystemWebTierPolicyManager extends FileSystemPolicyManager
+{
+ /**
+ *
+ *
+ */
+ public FileSystemWebTierPolicyManager()
+ {
+ }
+ //------Configuration service of the PolicyManager implementation----------------------------------------------------------------------------------------------------------------
+ /**
+ * Generates a Policy that can be represented in system level XACML format. The xmlConfiguration is a user friendly XML configuration that is within the context
+ * of the Web Tier of an Application. For instance, to apply Access Control at the Web Tier, the XML configuration consists of Resources and
+ * Actions in the context of the Web Tier such as HTTP Uris, HttpServletRequest parameters, HTTP actions like GET, POST, PUT, etc
+ *
+ * @param xmlConfiguration User Friendly XML configuration within the context of the Web Tier of an Application
+ * @return a Policy that can be represented in system level XACML format
+ */
+ public Policy generatePolicy(String xmlConfiguration)
+ {
+ return null;
+ }
+}
Added: modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/PolicyManager.java
===================================================================
--- modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/PolicyManager.java (rev 0)
+++ modules/authorization/trunk/PAP/src/main/java/org/jboss/security/authz/pap/service/PolicyManager.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,75 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.pap.service;
+
+import java.util.List;
+
+
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.PolicyException;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public interface PolicyManager
+{
+ /**
+ * Generates a Policy that can be represented in system level XACML format. The xmlConfiguration is a user friendly XML configuration that is within the context
+ * of the application tier being protected. For instance, to apply Access Control at the web tier, the XML configuration would consist of Resources and
+ * Actions in the context of the Web Tier such as HTTP Uris, HttpServletRequest parameters, HTTP actions like GET, POST, PUT, etc
+ *
+ * @param xmlConfiguration User Friendly XML configuration within the context of the Application being protected
+ * @return a Policy that can be represented in system level XACML format
+ */
+ public Policy generatePolicy(String xmlConfiguration) throws PolicyException;
+
+ /**
+ * Read a stored Policy identified by the unique policyUri
+ *
+ * @param policyUri
+ * @return a stored Policy
+ */
+ public Policy readPolicy(String policyUri) throws PolicyException;
+
+ /**
+ * Returns all the stored Policies for the system
+ *
+ * @return all the stored Policies
+ */
+ public List<Policy> readAllPolicies() throws PolicyException;
+
+ /**
+ * Saves a Policy into storage. If this policy already exists in storage, then it updates it
+ *
+ * @param policy Policy to be saved into storage
+ */
+ public void savePolicy(Policy policy) throws PolicyException;
+
+ /**
+ * Deletes the specified Policy from storage
+ *
+ * @param policyUri unique identifier for the Policy
+ */
+ public void deletePolicy(String policyUri) throws PolicyException;
+}
Added: modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/hierarchial/TestHierarchialPolicy.java
===================================================================
--- modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/hierarchial/TestHierarchialPolicy.java (rev 0)
+++ modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/hierarchial/TestHierarchialPolicy.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,110 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.pap.hierarchial;
+
+import java.util.Set;
+import java.util.HashSet;
+
+import junit.framework.TestCase;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XMLSchemaConstants;
+
+import org.jboss.security.authz.model.*;
+
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class TestHierarchialPolicy extends TestCase
+{
+ private static Logger log = Logger.getLogger(TestHierarchialPolicy.class);
+
+ protected void setUp() throws Exception
+ {
+ }
+
+ protected void tearDown() throws Exception
+ {
+ }
+
+ /**
+ *
+ */
+ public void testSimplePolicy() throws Exception
+ {
+ //SetUp the Policy Target
+ Target target = new Target();
+ for(int i=0; i<5; i++)
+ {
+ AttributeExpression resourceMatch = new AttributeExpression();
+ resourceMatch.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL);
+ Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_RESOURCE_ID,
+ XMLSchemaConstants.DATATYPE_STRING, "http://www.redhat.com/protected/index.html?tier="+i);
+ resourceMatch.setAttribute(attribute);
+ target.addResourceMatch(resourceMatch);
+ }
+
+ //SetUp the Policy Rules
+ Set<Rule> rules = new HashSet<Rule>();
+ Rule writeRule = new Rule();
+
+ writeRule.setRuleId("write");
+ writeRule.setEffect(Effect.PERMIT);
+
+ Target ruleTarget = new Target();
+
+ for(int i=0; i<5; i++)
+ {
+ AttributeExpression actionMatch = new AttributeExpression();
+ actionMatch.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL);
+ Attribute actionAttribute = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID,
+ XMLSchemaConstants.DATATYPE_STRING, "WRITE:/"+i);
+ actionMatch.setAttribute(actionAttribute);
+ ruleTarget.addActionMatch(actionMatch);
+ }
+
+ writeRule.setTarget(ruleTarget);
+
+ AttributeExpression roleExpression = new AttributeExpression();
+ roleExpression.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL);
+ Attribute roleAttribute = new Attribute(XACMLConstants.ATTRIBUTEID_ROLE,
+ XMLSchemaConstants.DATATYPE_STRING, "developer");
+ roleExpression.setAttribute(roleAttribute);
+ writeRule.setExpression(roleExpression);
+
+ rules.add(writeRule);
+
+ //Populate the HierarchialPolicy
+ HierarchialPolicy policy = new HierarchialPolicy("simpleHierarchialPolicy", target, rules);
+
+ String xacmlPolicy = policy.generateXACMLPolicy();
+
+ log.info("--------------------------------------------------------------------");
+ log.info(xacmlPolicy);
+ log.info("--------------------------------------------------------------------");
+ }
+}
Added: modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/service/TestWebTierPolicyManager.java
===================================================================
--- modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/service/TestWebTierPolicyManager.java (rev 0)
+++ modules/authorization/trunk/PAP/src/test/java/org/jboss/security/authz/pap/service/TestWebTierPolicyManager.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,98 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.pap.service;
+
+import junit.framework.TestCase;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.security.authz.model.Policy;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class TestWebTierPolicyManager extends TestCase
+{
+ /**
+ *
+ */
+ private static Logger log = Logger.getLogger(TestWebTierPolicyManager.class);
+
+ /**
+ * A simple developer-friendly web tier policy that specifies:
+ *
+ * "Only Root Portal User and Users in the Marketing Department of the organization must be allowed to Modify the Layout of the "Main Marketing Portal Page"
+ *
+ * Notice: This configuration is not muddled by the vast low-level details of XACML Policy representation. That part is automated by the
+ * PAP (Policy Administration Point) Component of the Authorization System
+ */
+ private static String simpleWebTierPolicy = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"+
+ "<web-acl>"+
+ "<acl-rule>"+
+ "<resource>"+
+ "<request-uri>/portal/admin-tool/modifyLayout</request-uri>"+
+ "<params>"+
+ "<param>"+
+ "<name>page</name>"+
+ "<value>marketing_index.html</value>"+
+ "</param>"+
+ "</params>"+
+ "</resource>"+
+ "<conditions>"+
+ "<condition>"+
+ "<roles>"+
+ "<role-name>Root-Admin</role-name>"+
+ "<role-name>Marketing Team</role-name>"+
+ "</roles>"+
+ "</condition>"+
+ "</conditions>"+
+ "</acl-rule>"+
+ "</web-acl>";
+
+ /**
+ *
+ */
+ protected void setUp() throws Exception
+ {
+ }
+
+
+ protected void tearDown() throws Exception
+ {
+ }
+
+ /**
+ *
+ * @throws Exception
+ */
+ public void testSimpleWebTierPolicy() throws Exception
+ {
+ PolicyManager policyManager = new FileSystemWebTierPolicyManager();
+ Policy policy = policyManager.generatePolicy(simpleWebTierPolicy);
+
+ log.info("------------------------------------------------------");
+ log.info(policy.generateXACMLPolicy());
+ log.info("------------------------------------------------------");
+ }
+}
Added: modules/authorization/trunk/PAP/src/test/resources/log4j.properties
===================================================================
--- modules/authorization/trunk/PAP/src/test/resources/log4j.properties (rev 0)
+++ modules/authorization/trunk/PAP/src/test/resources/log4j.properties 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,8 @@
+# Set root category priority to INFO and its only appender to CONSOLE.
+log4j.rootCategory=INFO, CONSOLE
+
+# CONSOLE is set to be a ConsoleAppender using a PatternLayout.
+log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
+log4j.appender.CONSOLE.Threshold=INFO
+log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
+log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n
Added: modules/authorization/trunk/PEP/multitier-policy.xml
===================================================================
--- modules/authorization/trunk/PEP/multitier-policy.xml (rev 0)
+++ modules/authorization/trunk/PEP/multitier-policy.xml 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" RuleCombiningAlgId="rule-combining-alg:nopermit-means-denied" Version="2.0" PolicyId="MultiTierPolicy">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://www.redhat.com/protected/index.html</AttributeValue>
+ <ResourceAttributeDesignator MustBePresent="false" DataType="http://www.w3.org/2001/XMLSchema#anyURI" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"/>
+ </ResourceMatch>
+ </Resource>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">org.jboss.cms.CMSService</AttributeValue>
+ <ResourceAttributeDesignator MustBePresent="false" DataType="http://www.w3.org/2001/XMLSchema#anyURI" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"/>
+ </ResourceMatch>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://www.redhat.com/protected/index.html</AttributeValue>
+ <ResourceAttributeDesignator MustBePresent="false" DataType="http://www.w3.org/2001/XMLSchema#anyURI" AttributeId="urn:oasis:names:tc:xacml:2.0:custom:attribute:param0"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule Effect="Permit" RuleId="WriteRule">
+ <Target>
+ <Actions>
+ <Action>
+ <ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue>
+ <ActionAttributeDesignator MustBePresent="false" DataType="http://www.w3.org/2001/XMLSchema#string" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"/>
+ </ActionMatch>
+ </Action>
+ </Actions>
+ </Target>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">developer</AttributeValue>
+ <SubjectAttributeDesignator MustBePresent="false" DataType="http://www.w3.org/2001/XMLSchema#string" AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"/>
+ </Apply>
+ </Condition>
+ </Rule>
+</Policy>
Added: modules/authorization/trunk/PEP/simple-policy.xml
===================================================================
--- modules/authorization/trunk/PEP/simple-policy.xml (rev 0)
+++ modules/authorization/trunk/PEP/simple-policy.xml 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" RuleCombiningAlgId="rule-combining-alg:nopermit-means-denied" Version="2.0" PolicyId="SimplePolicy">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://www.redhat.com/protected/index.html</AttributeValue>
+ <ResourceAttributeDesignator MustBePresent="false" DataType="http://www.w3.org/2001/XMLSchema#anyURI" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule Effect="Permit" RuleId="WriteRule">
+ <Target>
+ <Actions>
+ <Action>
+ <ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue>
+ <ActionAttributeDesignator MustBePresent="false" DataType="http://www.w3.org/2001/XMLSchema#string" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"/>
+ </ActionMatch>
+ </Action>
+ </Actions>
+ </Target>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">developer</AttributeValue>
+ <SubjectAttributeDesignator MustBePresent="false" DataType="http://www.w3.org/2001/XMLSchema#string" AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role"/>
+ </Apply>
+ </Condition>
+ </Rule>
+</Policy>
Modified: modules/authorization/trunk/PEP/src/test/java/org/jboss/security/authz/test/pep/TestPDP.java
===================================================================
--- modules/authorization/trunk/PEP/src/test/java/org/jboss/security/authz/test/pep/TestPDP.java 2008-10-15 12:33:26 UTC (rev 12066)
+++ modules/authorization/trunk/PEP/src/test/java/org/jboss/security/authz/test/pep/TestPDP.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -26,7 +26,6 @@
import java.util.List;
import java.util.HashSet;
import java.util.Set;
-import java.util.StringTokenizer;
import java.net.URI;
import java.io.File;
import java.io.FileOutputStream;
@@ -110,7 +109,7 @@
}
this.generateSimplePolicy();
- this.generateMultiTierPolicy();
+ //this.generateMultiTierPolicy();
}
/**
@@ -118,8 +117,8 @@
*/
public void tearDown() throws Exception
{
- this.deleteSimplePolicy();
- this.deleteMultiTierPolicy();
+ //this.deleteSimplePolicy();
+ //this.deleteMultiTierPolicy();
}
@@ -185,7 +184,7 @@
}
- public void testMultiTierPermit() throws Exception
+ /*public void testMultiTierPermit() throws Exception
{
//PDP Setup
String[] policyFiles = new String[]{"multitier-policy.xml"};
@@ -214,7 +213,7 @@
log.info("-----------------------------------");
log.info("Decision="+responseContext.getDecision());
- }
+ }*/
/*public void testRecursivePermit() throws Exception
{
@@ -413,7 +412,7 @@
return requestContext;
}
- private RequestContext createPermitMultiTierRequestContext() throws Exception
+ /*private RequestContext createPermitMultiTierRequestContext() throws Exception
{
//Create ObjectFactory
ObjectFactory objectFactory = new ObjectFactory();
@@ -470,9 +469,9 @@
requestContext.setRequest(requestType);
return requestContext;
- }
+ }*/
- private RequestContext createPermitRecursiveRequestContext(String path) throws Exception
+ /*private RequestContext createPermitRecursiveRequestContext(String path) throws Exception
{
//Create ObjectFactory
ObjectFactory objectFactory = new ObjectFactory();
@@ -540,9 +539,9 @@
requestContext.setRequest(requestType);
return requestContext;
- }
+ }*/
- private RequestContext createImpliesRequestContext() throws Exception
+ /*private RequestContext createImpliesRequestContext() throws Exception
{
//Create ObjectFactory
ObjectFactory objectFactory = new ObjectFactory();
@@ -599,7 +598,7 @@
requestContext.setRequest(requestType);
return requestContext;
- }
+ }*/
//--------------------------------------------------------------------------------------------------------------------------------------------------------
private void generateSimplePolicy() throws Exception
{
@@ -695,7 +694,7 @@
file.delete();
}
- private void generateMultiTierPolicy() throws Exception
+ /*private void generateMultiTierPolicy() throws Exception
{
org.jboss.security.xacml.core.model.policy.ObjectFactory objectFactory = new org.jboss.security.xacml.core.model.policy.ObjectFactory();
@@ -803,7 +802,7 @@
fos.close();
}
}
- }
+ }*/
private void deleteMultiTierPolicy() throws Exception
{
Added: modules/authorization/trunk/common/pom.xml
===================================================================
--- modules/authorization/trunk/common/pom.xml (rev 0)
+++ modules/authorization/trunk/common/pom.xml 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,47 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>jboss-authz-parent</artifactId>
+ <version>trunk-SNAPSHOT</version>
+ <relativePath>../pom.xml</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>jboss-authz-common</artifactId>
+ <packaging>jar</packaging>
+ <name>JBoss Authorization Common</name>
+ <url>http://www.jboss.org</url>
+ <description>Contains components that are used by all the other modules</description>
+
+ <dependencies>
+ <!-- jboss xacml -->
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-xacml</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-sunxacml</artifactId>
+ </dependency>
+
+ <!-- junit -->
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>2.3.1</version>
+ <configuration>
+ <includes>
+ </includes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Action.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Action.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Action.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,66 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+import java.util.Set;
+
+/**
+ * Represents a protected Action within a system
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class Action extends BaseObject
+{
+ /**
+ * Attributes associated with the Action
+ */
+ private Set<Attribute> attributes = null;
+
+ /**
+ *
+ *
+ */
+ public Action()
+ {
+
+ }
+
+ /**
+ *
+ * @return
+ */
+ public Set<Attribute> getAttributes()
+ {
+ return attributes;
+ }
+
+ /**
+ *
+ * @param attributes
+ */
+ public void setAttributes(Set<Attribute> attributes)
+ {
+ this.attributes = attributes;
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Attribute.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Attribute.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Attribute.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,123 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+/**
+ * Represents arbitrary data used within the system in various Contexts
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class Attribute extends BaseObject
+{
+ /**
+ * unique uri to identify the type of Attribute
+ */
+ private String uri = null;
+
+ /**
+ * dataType of the value of this Attribute
+ */
+ private String datatType = null;
+
+ /**
+ * Value of this Attribute
+ */
+ private String value = null;
+
+ /**
+ *
+ *
+ */
+ public Attribute()
+ {
+
+ }
+
+ /**
+ *
+ * @param uri
+ * @param dataType
+ * @param value
+ */
+ public Attribute(String uri, String dataType, String value)
+ {
+ this.uri = uri;
+ this.datatType = dataType;
+ this.value = value;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getDatatType()
+ {
+ return datatType;
+ }
+
+ /**
+ *
+ * @param datatType
+ */
+ public void setDatatType(String datatType)
+ {
+ this.datatType = datatType;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getUri()
+ {
+ return uri;
+ }
+
+ /**
+ *
+ * @param uri
+ */
+ public void setUri(String uri)
+ {
+ this.uri = uri;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getValue()
+ {
+ return value;
+ }
+
+ /**
+ *
+ * @param value
+ */
+ public void setValue(String value)
+ {
+ this.value = value;
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/AttributeExpression.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/AttributeExpression.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/AttributeExpression.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,76 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+/**
+ * Represents an logic expression applied such that the specified Function is applied with Value of the specified Attribute as the Predicate
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class AttributeExpression extends Expression
+{
+ private String functionId = null;
+ private Attribute attribute = null;
+
+ public AttributeExpression()
+ {
+
+ }
+
+ /**
+ *
+ * @return
+ */
+ public Attribute getAttribute()
+ {
+ return attribute;
+ }
+
+ /**
+ *
+ * @param attribute
+ */
+ public void setAttribute(Attribute attribute)
+ {
+ this.attribute = attribute;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getFunctionId()
+ {
+ return functionId;
+ }
+
+ /**
+ *
+ * @param functionId
+ */
+ public void setFunctionId(String functionId)
+ {
+ this.functionId = functionId;
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/BaseObject.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/BaseObject.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/BaseObject.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,64 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+import java.io.Serializable;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class BaseObject implements Serializable
+{
+ /**
+ * unique storage/database identifier
+ */
+ private Long id = null;
+
+ /**
+ *
+ *
+ */
+ public BaseObject()
+ {
+
+ }
+
+ /**
+ *
+ * @return
+ */
+ public Long getId()
+ {
+ return id;
+ }
+
+ /**
+ *
+ * @param id
+ */
+ public void setId(Long id)
+ {
+ this.id = id;
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/BusinessLogicExpression.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/BusinessLogicExpression.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/BusinessLogicExpression.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,50 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+/**
+ * Represents the Logic applied to data within the Authorization Context. The Expression can contain Drools rules, Bean Shell script etc
+ * that could be applied to data
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class BusinessLogicExpression extends Expression
+{
+ private String logic = null;
+
+ public BusinessLogicExpression()
+ {
+
+ }
+
+ public String getLogic()
+ {
+ return logic;
+ }
+
+ public void setLogic(String logic)
+ {
+ this.logic = logic;
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Effect.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Effect.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Effect.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,32 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public enum Effect
+{
+ PERMIT, DENY;
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Environment.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Environment.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Environment.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,66 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+import java.util.Set;
+
+/**
+ * Represents Environment information in the context of an Authroization Request
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class Environment extends BaseObject
+{
+ /**
+ * Attributes associated with the Environment
+ */
+ private Set<Attribute> attributes = null;
+
+ /**
+ *
+ *
+ */
+ public Environment()
+ {
+
+ }
+
+ /**
+ *
+ * @return
+ */
+ public Set<Attribute> getAttributes()
+ {
+ return attributes;
+ }
+
+ /**
+ *
+ * @param attributes
+ */
+ public void setAttributes(Set<Attribute> attributes)
+ {
+ this.attributes = attributes;
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Expression.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Expression.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Expression.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,37 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+/**
+ * Represents the Logic applied to data within the Authorization Context
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public abstract class Expression extends BaseObject
+{
+ public Expression()
+ {
+
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Policy.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Policy.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Policy.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,112 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+import java.util.Set;
+
+
+/**
+ * Represents an Authorization Policy
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public abstract class Policy extends BaseObject
+{
+ protected String policyUri = null;
+ protected Target target = null;
+ protected Set<Rule> rules = null;
+
+
+ /**
+ *
+ *
+ */
+ public Policy(String policyUri, Target target, Set<Rule> rules)
+ {
+ if(policyUri == null)
+ {
+ throw new IllegalArgumentException("PolicyUri cannot be Null");
+ }
+
+ if(target == null)
+ {
+ throw new IllegalArgumentException("Target cannot be Null");
+ }
+
+ if(rules == null)
+ {
+ throw new IllegalArgumentException("Rules cannot be Null");
+ }
+
+ this.policyUri = policyUri;
+ this.target = target;
+ this.rules = rules;
+ }
+
+ /**
+ * A unique identifier for the Policy
+ *
+ * @return unique identifier for the Policy
+ */
+ public String getPolicyUri()
+ {
+ return this.policyUri;
+ }
+
+ /**
+ *
+ * @param policyUri
+ */
+ public void setPolicyUri(String policyUri)
+ {
+ this.policyUri = policyUri;
+ }
+
+ public Set<Rule> getRules()
+ {
+ return rules;
+ }
+
+ public void setRules(Set<Rule> rules)
+ {
+ this.rules = rules;
+ }
+
+ public Target getTarget()
+ {
+ return target;
+ }
+
+ public void setTarget(Target target)
+ {
+ this.target = target;
+ }
+ //------------------------------------------------------------------------------------------------------------------------------------------------
+ /**
+ * Generates the standard XACML markup that represents the Policy instance in question
+ *
+ * @return XACML markup to represent this Policy
+ */
+ public abstract String generateXACMLPolicy() throws PolicyException;
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/PolicyException.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/PolicyException.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/PolicyException.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,51 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class PolicyException extends Exception
+{
+
+ public PolicyException()
+ {
+ super();
+ }
+
+ public PolicyException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+
+ public PolicyException(String message)
+ {
+ super(message);
+ }
+
+ public PolicyException(Throwable cause)
+ {
+ super(cause);
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Resource.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Resource.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Resource.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,66 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+import java.util.Set;
+
+/**
+ * Represents the protected Resource of the system upon which various Actions can be performed
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class Resource extends BaseObject
+{
+ /**
+ * Attributes associated with the Resource
+ */
+ private Set<Attribute> attributes = null;
+
+ /**
+ *
+ *
+ */
+ public Resource()
+ {
+
+ }
+
+ /**
+ *
+ * @return
+ */
+ public Set<Attribute> getAttributes()
+ {
+ return attributes;
+ }
+
+ /**
+ *
+ * @param attributes
+ */
+ public void setAttributes(Set<Attribute> attributes)
+ {
+ this.attributes = attributes;
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Rule.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Rule.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Rule.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,114 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+/**
+ * Represents the Policy Rule that must be met to achieve the correspoding Permit or Deny effect
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class Rule extends BaseObject
+{
+ private String ruleId = null;
+ private Effect effect = null;
+ private Target target = null;
+ private Expression expression = null;
+
+ public Rule()
+ {
+
+ }
+
+ /**
+ *
+ * @return
+ */
+ public Effect getEffect()
+ {
+ return effect;
+ }
+
+ /**
+ *
+ * @param effect
+ */
+ public void setEffect(Effect effect)
+ {
+ this.effect = effect;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public Expression getExpression()
+ {
+ return expression;
+ }
+
+ /**
+ *
+ * @param expression
+ */
+ public void setExpression(Expression expression)
+ {
+ this.expression = expression;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getRuleId()
+ {
+ return ruleId;
+ }
+
+ /**
+ *
+ * @param ruleId
+ */
+ public void setRuleId(String ruleId)
+ {
+ this.ruleId = ruleId;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public Target getTarget()
+ {
+ return target;
+ }
+
+ /**
+ *
+ * @param target
+ */
+ public void setTarget(Target target)
+ {
+ this.target = target;
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Subject.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Subject.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Subject.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,66 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+import java.util.Set;
+
+/**
+ * Represents the Identity of the user, machine, etc trying to execute a protected Action on a protected Resource
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class Subject extends BaseObject
+{
+ /**
+ * Attributes associated with the Subject
+ */
+ private Set<Attribute> attributes = null;
+
+ /**
+ *
+ *
+ */
+ public Subject()
+ {
+
+ }
+
+ /**
+ *
+ * @return
+ */
+ public Set<Attribute> getAttributes()
+ {
+ return attributes;
+ }
+
+ /**
+ *
+ * @param attributes
+ */
+ public void setAttributes(Set<Attribute> attributes)
+ {
+ this.attributes = attributes;
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Target.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Target.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Target.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,145 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.model;
+
+import java.util.List;
+import java.util.ArrayList;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class Target extends BaseObject
+{
+ private List<Resource> resources = null;
+ private List<Action> actions = null;
+ private List<Subject> subjects = null;
+ private List<Environment> environments = null;
+
+ private List<AttributeExpression> resourceMatches = null;
+ private List<AttributeExpression> actionMatches = null;
+ private List<AttributeExpression> subjectMatches = null;
+ private List<AttributeExpression> environmentMatches = null;
+
+ public Target()
+ {
+
+ }
+
+ public List<Action> getActions()
+ {
+ return actions;
+ }
+
+ public void setActions(List<Action> actions)
+ {
+ this.actions = actions;
+ }
+
+ public List<Environment> getEnvironments()
+ {
+ return environments;
+ }
+
+ public void setEnvironments(List<Environment> environments)
+ {
+ this.environments = environments;
+ }
+
+ public List<Resource> getResources()
+ {
+ return resources;
+ }
+
+ public void setResources(List<Resource> resources)
+ {
+ this.resources = resources;
+ }
+
+ public List<Subject> getSubjects()
+ {
+ return subjects;
+ }
+
+ public void setSubjects(List<Subject> subjects)
+ {
+ this.subjects = subjects;
+ }
+
+ public List<AttributeExpression> getActionMatches()
+ {
+ return actionMatches;
+ }
+
+ public void setActionMatches(List<AttributeExpression> actionMatches)
+ {
+ this.actionMatches = actionMatches;
+ }
+
+ public List<AttributeExpression> getEnvironmentMatches()
+ {
+ return environmentMatches;
+ }
+
+ public void setEnvironmentMatches(List<AttributeExpression> environmentMatches)
+ {
+ this.environmentMatches = environmentMatches;
+ }
+
+ public List<AttributeExpression> getResourceMatches()
+ {
+ return resourceMatches;
+ }
+
+ public void setResourceMatches(List<AttributeExpression> resourceMatches)
+ {
+ this.resourceMatches = resourceMatches;
+ }
+
+ public List<AttributeExpression> getSubjectMatches()
+ {
+ return subjectMatches;
+ }
+
+ public void setSubjectMatches(List<AttributeExpression> subjectMatches)
+ {
+ this.subjectMatches = subjectMatches;
+ }
+ //--------------------------------------------------------------------------------------------------------------------------------------------------------
+ public void addResourceMatch(AttributeExpression resourceMatch)
+ {
+ if(this.resourceMatches == null)
+ {
+ this.resourceMatches = new ArrayList<AttributeExpression>();
+ }
+ this.resourceMatches.add(resourceMatch);
+ }
+
+ public void addActionMatch(AttributeExpression actionMatch)
+ {
+ if(this.actionMatches == null)
+ {
+ this.actionMatches = new ArrayList<AttributeExpression>();
+ }
+ this.actionMatches.add(actionMatch);
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/AttributeDesignatorUtil.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/AttributeDesignatorUtil.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/AttributeDesignatorUtil.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,97 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.xacml;
+
+import javax.xml.bind.JAXBElement;
+
+import org.jboss.security.xacml.core.model.policy.AttributeDesignatorType;
+import org.jboss.security.xacml.core.model.policy.ObjectFactory;
+import org.jboss.security.xacml.factories.PolicyAttributeFactory;
+import org.jboss.security.xacml.core.model.policy.SubjectAttributeDesignatorType;
+
+import org.jboss.security.authz.model.Attribute;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class AttributeDesignatorUtil
+{
+ /**
+ *
+ * @param attribute
+ * @return
+ */
+ public static AttributeDesignatorType getAttributeDesignator(Attribute attribute)
+ {
+ AttributeDesignatorType attributeDesignator = null;
+
+ String uri = attribute.getUri();
+
+ //TODO: add all the conditions to detect a Subject Attribute
+ if(uri.equals(XACMLConstants.ATTRIBUTEID_ROLE)
+ )
+ {
+ attributeDesignator = PolicyAttributeFactory.createSubjectAttributeDesignatorType(attribute.getUri(),
+ attribute.getDatatType(), null, true, null);
+ }
+ else
+ {
+ attributeDesignator = PolicyAttributeFactory.createAttributeDesignatorType(attribute.getUri(), attribute.getDatatType(), null, true);
+ }
+
+ return attributeDesignator;
+ }
+
+ /**
+ *
+ * @param attribute
+ * @return
+ */
+ public static JAXBElement<? extends AttributeDesignatorType> getAttributeDesignatorXml(Attribute attribute)
+ {
+ JAXBElement<? extends AttributeDesignatorType> xmlRep = null;
+
+ ObjectFactory objectFactory = new ObjectFactory();
+ AttributeDesignatorType attributeDesignator = AttributeDesignatorUtil.getAttributeDesignator(attribute);
+
+ if(attributeDesignator instanceof SubjectAttributeDesignatorType)
+ {
+ xmlRep = objectFactory.createSubjectAttributeDesignator((SubjectAttributeDesignatorType)attributeDesignator);
+ }
+ else
+ {
+ String uri = attributeDesignator.getAttributeId();
+
+ //TODO: finish this implementation to include all Attribute Types like Resource, Action, and Environment
+ if(uri.equals(XACMLConstants.ATTRIBUTEID_ACTION_ID))
+ {
+ xmlRep = objectFactory.createActionAttributeDesignator(attributeDesignator);
+ }
+ }
+
+
+ return xmlRep;
+ }
+}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/NoPermitMeansDeniedAlg.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/NoPermitMeansDeniedAlg.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/NoPermitMeansDeniedAlg.java 2008-10-15 15:27:46 UTC (rev 12067)
@@ -0,0 +1,83 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.xacml;
+
+import java.util.List;
+import java.util.Iterator;
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import org.jboss.security.xacml.sunxacml.combine.RuleCombiningAlgorithm;
+import org.jboss.security.xacml.sunxacml.EvaluationCtx;
+import org.jboss.security.xacml.sunxacml.ctx.Result;
+import org.jboss.security.xacml.sunxacml.Rule;
+import org.jboss.security.xacml.sunxacml.combine.RuleCombinerElement;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class NoPermitMeansDeniedAlg extends RuleCombiningAlgorithm
+{
+ /**
+ *
+ * @throws URISyntaxException
+ */
+ public NoPermitMeansDeniedAlg() throws URISyntaxException
+ {
+ super(new URI("rule-combining-alg:nopermit-means-denied"));
+ }
+
+ /**
+ *
+ * @param context
+ * @param rules
+ * @return
+ */
+ public Result combine(EvaluationCtx context, List parameters, List ruleElements)
+ {
+ Result result = new Result(Result.DECISION_PERMIT);
+
+ Iterator rules = ruleElements.iterator();
+ boolean permitFound = false;
+ while(rules.hasNext())
+ {
+ RuleCombinerElement ruleCombinerElement = (RuleCombinerElement)rules.next();
+ Rule rule = ruleCombinerElement.getRule();
+ Result currentResult = rule.evaluate(context);
+
+ if(currentResult.getDecision() == Result.DECISION_PERMIT)
+ {
+ permitFound = true;
+ break;
+ }
+ }
+
+ if(!permitFound)
+ {
+ result = new Result(Result.DECISION_DENY);
+ }
+
+ return result;
+ }
+}
Modified: modules/authorization/trunk/pom.xml
===================================================================
--- modules/authorization/trunk/pom.xml 2008-10-15 12:33:26 UTC (rev 12066)
+++ modules/authorization/trunk/pom.xml 2008-10-15 15:27:46 UTC (rev 12067)
@@ -10,8 +10,10 @@
<description>JBoss Authorization</description>
<modules>
+ <module>common</module>
<module>security-console</module>
<module>PEP</module>
+ <module>PAP</module>
</modules>
<properties>
17 years, 6 months
- 1
- 0
JBoss Portal SVN: r12066 - branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal.
by portal-commits@lists.jboss.org
Author: vrockai
Date: 2008-10-15 08:33:26 -0400 (Wed, 15 Oct 2008)
New Revision: 12066
Modified:
branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/PortletInstancesTestCase.java
Log:
screenshot out
Modified: branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/PortletInstancesTestCase.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/PortletInstancesTestCase.java 2008-10-15 11:39:37 UTC (rev 12065)
+++ branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/PortletInstancesTestCase.java 2008-10-15 12:33:26 UTC (rev 12066)
@@ -55,17 +55,17 @@
public void testAddName() {
selenium.click(LINK_COUNTPORT);
selenium.waitForPageToLoad(PAGE_LOAD);
- selenium.captureScreenshot("m1.jpg");
+ //selenium.captureScreenshot("m1.jpg");
selenium.select(SELECT_LANGUAGE, "label=Czech");
- selenium.captureScreenshot("m2.jpg");
+ //selenium.captureScreenshot("m2.jpg");
final String name = "Administracny";
selenium.type(INPUT_NAME, name);
- selenium.captureScreenshot("m3.jpg");
+ //selenium.captureScreenshot("m3.jpg");
selenium.click(SUBMIT_MODIFY_NAME);
selenium.waitForPageToLoad(PAGE_LOAD);
- selenium.captureScreenshot("m4.jpg");
+ //selenium.captureScreenshot("m4.jpg");
Assert.assertTrue(findTableRow(TABLE_DISPNAMES, name, 1) >= 0);
- selenium.captureScreenshot("m5.jpg");
+ //selenium.captureScreenshot("m5.jpg");
}
@Test(enabled = true)
17 years, 6 months
- 1
- 0
JBoss Portal SVN: r12065 - in branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests: selenium-rc-server and 1 other directories.
by portal-commits@lists.jboss.org
Author: vrockai
Date: 2008-10-15 07:39:37 -0400 (Wed, 15 Oct 2008)
New Revision: 12065
Modified:
branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/selenium-rc-server/user-extensions.js
branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/AdminPortalTestCase.java
branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/PortletInstancesTestCase.java
branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/testng.xml
Log:
testcases 2.6 fixes
Modified: branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/selenium-rc-server/user-extensions.js
===================================================================
--- branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/selenium-rc-server/user-extensions.js 2008-10-14 21:07:55 UTC (rev 12064)
+++ branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/selenium-rc-server/user-extensions.js 2008-10-15 11:39:37 UTC (rev 12065)
@@ -50,14 +50,18 @@
var index = allText.indexOf(expectedTextValues[i]);
var nextIndex = allText.indexOf(expectedTextValues[i+1]);
if (index == -1) {
- assert.fail("'" + expectedTextValues[i] + "' not found.");
+ return false;
+ //assert.fail("'" + expectedTextValues[i] + "' not found.");
}
if (nextIndex == -1) {
- assert.fail("'" + expectedTextValues[i+1] + "' not found.");
+ return false;
+ //assert.fail("'" + expectedTextValues[i+1] + "' not found.");
}
if (index > nextIndex) {
- assert.fail("'" + expectedTextValues[i+1] + "' found before '" + expectedTextValues[i] + "'");
+ return false;
+ //assert.fail("'" + expectedTextValues[i+1] + "' found before '" + expectedTextValues[i] + "'");
}
}
+ return true;
}
Modified: branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/AdminPortalTestCase.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/AdminPortalTestCase.java 2008-10-14 21:07:55 UTC (rev 12064)
+++ branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/AdminPortalTestCase.java 2008-10-15 11:39:37 UTC (rev 12065)
@@ -104,6 +104,21 @@
openAndWait("/portal/");
Assert.assertFalse(selenium.isTextPresent("Greetings !"));
+
+ selenium.click("link=Admin");
+ selenium.waitForPageToLoad(PAGE_LOAD);
+
+ clickIfVisible(TAB_PORTALOBJ_ID);
+
+ final String portalDef = "default";
+ r = findTableRow(TABLE_PORTAL_ADMIN, portalDef, 0) - 1;
+
+ clickAndWait(MessageFormat.format(POR_TL_MAKEDEF, r));
+
+ openAndWait("/portal/");
+ Assert.assertTrue(selenium.isTextPresent("Greetings !"));
+
+
}
@Test(enabled = true)
Modified: branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/PortletInstancesTestCase.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/PortletInstancesTestCase.java 2008-10-14 21:07:55 UTC (rev 12064)
+++ branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/src/org/jboss/portal/test/selenium/portal/PortletInstancesTestCase.java 2008-10-15 11:39:37 UTC (rev 12065)
@@ -55,12 +55,17 @@
public void testAddName() {
selenium.click(LINK_COUNTPORT);
selenium.waitForPageToLoad(PAGE_LOAD);
+ selenium.captureScreenshot("m1.jpg");
selenium.select(SELECT_LANGUAGE, "label=Czech");
+ selenium.captureScreenshot("m2.jpg");
final String name = "Administracny";
selenium.type(INPUT_NAME, name);
+ selenium.captureScreenshot("m3.jpg");
selenium.click(SUBMIT_MODIFY_NAME);
selenium.waitForPageToLoad(PAGE_LOAD);
+ selenium.captureScreenshot("m4.jpg");
Assert.assertTrue(findTableRow(TABLE_DISPNAMES, name, 1) >= 0);
+ selenium.captureScreenshot("m5.jpg");
}
@Test(enabled = true)
Modified: branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/testng.xml
===================================================================
--- branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/testng.xml 2008-10-14 21:07:55 UTC (rev 12064)
+++ branches/JBoss_Portal_Branch_2_6/testsuite/ui-tests/testng.xml 2008-10-15 11:39:37 UTC (rev 12065)
@@ -1,6 +1,6 @@
<!DOCTYPE suite SYSTEM "http://testng.org/testng-1.0.dtd">
<suite name="SeleniumTest">
-
+<!-- -->
<test verbose="2" name="org.jboss.portal.test.selenium.UserLoginTestCase" annotations="JDK">
<classes>
<class name="org.jboss.portal.test.selenium.UserLoginTestCase"/>
@@ -15,16 +15,9 @@
<classes>
<class name="org.jboss.portal.test.selenium.IdentityAdminTestCase"></class></classes>
</test>
-<!--
- <test name="org.jboss.portal.test.selenium.IdentityAdminTestCase - SingleLogin"
- verbose="2" annotations="JDK">
- <groups>
- <run>
- <exclude name="log"></exclude></run></groups>
- <classes>
- <class name="org.jboss.portal.test.selenium.IdentityAdminTestCase"></class></classes>
- </test>
--->
+
+
+
<test name="org.jboss.portal.test.selenium.PortletUserCreationTestCase"
verbose="2" annotations="JDK">
<classes>
17 years, 6 months
- 1
- 0
JBoss Portal SVN: r12064 - branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/producer.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2008-10-14 17:07:55 -0400 (Tue, 14 Oct 2008)
New Revision: 12064
Modified:
branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/producer/WSRPPortletInvocationContext.java
Log:
- request context is not used anymore.
Modified: branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/producer/WSRPPortletInvocationContext.java
===================================================================
--- branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/producer/WSRPPortletInvocationContext.java 2008-10-14 21:07:24 UTC (rev 12063)
+++ branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/producer/WSRPPortletInvocationContext.java 2008-10-14 21:07:55 UTC (rev 12064)
@@ -36,7 +36,6 @@
import org.jboss.portal.portlet.spi.InstanceContext;
import org.jboss.portal.portlet.spi.PortalContext;
import org.jboss.portal.portlet.spi.PortletInvocationContext;
-import org.jboss.portal.portlet.spi.RequestContext;
import org.jboss.portal.portlet.spi.SecurityContext;
import org.jboss.portal.portlet.spi.UserContext;
import org.jboss.portal.portlet.spi.WindowContext;
@@ -54,8 +53,6 @@
*/
class WSRPPortletInvocationContext extends AbstractPortletInvocationContext implements PortletInvocationContext
{
-
- protected RequestContext requestContext;
private SecurityContext securityContext;
private PortalContext portalContext;
private UserContext userContext;
@@ -107,10 +104,10 @@
// build the WSRP resource URL with rewrite tokens
StringBuffer sb = new StringBuffer(url.length() * 2);
sb.append(WSRPRewritingConstants.BEGIN_WSRP_REWRITE).append(WSRPRewritingConstants.URL_TYPE_NAME)
- .append(EQ).append(WSRPRewritingConstants.URL_TYPE_RESOURCE).append(AMP)
- .append(WSRPRewritingConstants.RESOURCE_URL).append(EQ).append(url)
- .append(AMP).append(WSRPRewritingConstants.RESOURCE_REQUIRES_REWRITE)
- .append(EQ_TRUE).append(WSRPRewritingConstants.END_WSRP_REWRITE);
+ .append(EQ).append(WSRPRewritingConstants.URL_TYPE_RESOURCE).append(AMP)
+ .append(WSRPRewritingConstants.RESOURCE_URL).append(EQ).append(url)
+ .append(AMP).append(WSRPRewritingConstants.RESOURCE_REQUIRES_REWRITE)
+ .append(EQ_TRUE).append(WSRPRewritingConstants.END_WSRP_REWRITE);
return sb.toString();
}
17 years, 6 months
- 1
- 0
JBoss Portal SVN: r12063 - branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/producer.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2008-10-14 17:07:24 -0400 (Tue, 14 Oct 2008)
New Revision: 12063
Modified:
branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/producer/ActionRequestProcessor.java
Log:
- Also set the navigational state if it exists.
Modified: branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/producer/ActionRequestProcessor.java
===================================================================
--- branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/producer/ActionRequestProcessor.java 2008-10-14 19:45:06 UTC (rev 12062)
+++ branches/JBoss_Portal_Branch_2_7/wsrp/src/main/org/jboss/portal/wsrp/producer/ActionRequestProcessor.java 2008-10-14 21:07:24 UTC (rev 12063)
@@ -119,6 +119,10 @@
StateString interactionState = createNavigationalState(interactionParams.getInteractionState());
invocation.setInteractionState(interactionState);
+ // Navigational state
+ StateString navigationalState = createNavigationalState(getMarkupParams().getNavigationalState());
+ invocation.setNavigationalState(navigationalState);
+
// Form parameters
invocation.setForm(requestContext.getForm());
17 years, 6 months
- 1
- 0
JBoss Portal SVN: r12062 - branches/JBoss_Portal_Branch_2_6/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/jsf/consumers.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2008-10-14 15:45:06 -0400 (Tue, 14 Oct 2008)
New Revision: 12062
Modified:
branches/JBoss_Portal_Branch_2_6/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/jsf/consumers/editConsumer.xhtml
Log:
- JBPORTAL-2103: Fixed issue with extra converter that got introduced when merging from 2.7
Modified: branches/JBoss_Portal_Branch_2_6/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/jsf/consumers/editConsumer.xhtml
===================================================================
--- branches/JBoss_Portal_Branch_2_6/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/jsf/consumers/editConsumer.xhtml 2008-10-14 15:18:59 UTC (rev 12061)
+++ branches/JBoss_Portal_Branch_2_6/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/jsf/consumers/editConsumer.xhtml 2008-10-14 19:45:06 UTC (rev 12062)
@@ -105,8 +105,7 @@
valueChangeListener="#{consumer.regPropListener}"
disabled="#{consumer.registrationModified}"/>
<h:outputText styleClass="portlet-msg-error" value="#{prop.status}"
- rendered="#{prop.determinedInvalid}"
- converter="faces.convert.RegistrationProperty.Status"/>
+ rendered="#{prop.determinedInvalid}"/>
</h:column>
</h:dataTable>
<h:commandLink id="cons-update-link" action="#{consumer.update}"
@@ -152,8 +151,7 @@
<f:facet name="header">#{i18n.edit_consumer_prop_value}</f:facet>
<h:inputText id="prop-value-input" value="#{prop.value}" size="50"/>
<h:outputText styleClass="portlet-msg-error" value="#{prop.status}"
- rendered="#{prop.determinedInvalid}"
- converter="faces.convert.RegistrationProperty.Status"/>
+ rendered="#{prop.determinedInvalid}"/>
</h:column>
</h:dataTable>
</c:when>
17 years, 6 months
- 1
- 0