JBoss Portal SVN: r12783 - in modules/authorization/trunk: common/src/main/java/org/jboss/security/authz/xacml and 3 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-02-05 20:22:36 -0500 (Thu, 05 Feb 2009)
New Revision: 12783
Added:
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/JAXBEncoder.java
Modified:
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Action.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Attribute.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Environment.java
modules/authorization/trunk/enforcement/pom.xml
modules/authorization/trunk/enforcement/src/main/java/org/jboss/security/authz/enforcement/Request.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java
Log:
JAXB Encoding of the Object Model started
Modified: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Action.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Action.java 2009-02-05 20:54:56 UTC (rev 12782)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Action.java 2009-02-06 01:22:36 UTC (rev 12783)
@@ -23,6 +23,7 @@
package org.jboss.security.authz.model;
import java.util.Set;
+import java.util.HashSet;
/**
* Represents a protected Action within a system
@@ -43,7 +44,7 @@
*/
public Action()
{
-
+ this.attributes = new HashSet<Attribute>();
}
/**
@@ -62,5 +63,10 @@
public void setAttributes(Set<Attribute> attributes)
{
this.attributes = attributes;
- }
+ }
+
+ public void addAttribute(Attribute attribute)
+ {
+ this.attributes.add(attribute);
+ }
}
Modified: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Attribute.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Attribute.java 2009-02-05 20:54:56 UTC (rev 12782)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Attribute.java 2009-02-06 01:22:36 UTC (rev 12783)
@@ -119,5 +119,5 @@
public void setValue(String value)
{
this.value = value;
- }
+ }
}
Modified: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Environment.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Environment.java 2009-02-05 20:54:56 UTC (rev 12782)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Environment.java 2009-02-06 01:22:36 UTC (rev 12783)
@@ -23,6 +23,7 @@
package org.jboss.security.authz.model;
import java.util.Set;
+import java.util.HashSet;
/**
* Represents Environment information in the context of an Authroization Request
@@ -43,7 +44,7 @@
*/
public Environment()
{
-
+ this.attributes = new HashSet<Attribute>();
}
/**
@@ -62,5 +63,10 @@
public void setAttributes(Set<Attribute> attributes)
{
this.attributes = attributes;
- }
+ }
+
+ public void addAttribute(Attribute attribute)
+ {
+ this.attributes.add(attribute);
+ }
}
Added: modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/JAXBEncoder.java
===================================================================
--- modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/JAXBEncoder.java (rev 0)
+++ modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/xacml/JAXBEncoder.java 2009-02-06 01:22:36 UTC (rev 12783)
@@ -0,0 +1,152 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.xacml;
+
+import org.jboss.security.xacml.core.model.context.AttributeType;
+import org.jboss.security.xacml.core.model.context.AttributeValueType;
+import org.jboss.security.xacml.core.model.context.SubjectType;
+import org.jboss.security.xacml.core.model.context.ResourceType;
+import org.jboss.security.xacml.core.model.context.ActionType;
+import org.jboss.security.xacml.core.model.context.EnvironmentType;
+
+import org.jboss.security.authz.model.Attribute;
+import org.jboss.security.authz.model.Subject;
+import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.model.Action;
+import org.jboss.security.authz.model.Environment;
+
+/**
+ * A Utility for encoding the developer friendly domain objects to the XACML JAXB Objects
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class JAXBEncoder
+{
+ /**
+ * Encodes an Attribute object to its correspoding JAXB object
+ *
+ * @param attribute
+ * @return
+ */
+ public static AttributeType encode(Attribute attribute)
+ {
+ AttributeType jaxbObject = new AttributeType();
+
+ jaxbObject.setAttributeId(attribute.getUri());
+ jaxbObject.setDataType(attribute.getDatatType());
+ AttributeValueType jaxbValue = new AttributeValueType();
+ jaxbValue.getContent().add(attribute.getValue());
+ jaxbObject.getAttributeValue().add(jaxbValue);
+
+ return jaxbObject;
+ }
+
+ /**
+ * Encodes a Subject object to its corresponding JAXB object
+ *
+ * @param subject
+ * @return
+ */
+ public static SubjectType encode(Subject subject)
+ {
+ SubjectType jaxbObject = new SubjectType();
+
+ jaxbObject.setSubjectCategory(subject.getCategory());
+
+ if(subject.getAttributes() != null)
+ {
+ for(Attribute attribute: subject.getAttributes())
+ {
+ AttributeType jaxbAttribute = JAXBEncoder.encode(attribute);
+ jaxbObject.getAttribute().add(jaxbAttribute);
+ }
+ }
+
+ return jaxbObject;
+ }
+
+ /**
+ * Encodes a Resource object to its corresponding JAXB object
+ *
+ * @param resource
+ * @return
+ */
+ public static ResourceType encode(Resource resource)
+ {
+ ResourceType jaxbObject = new ResourceType();
+
+ if(resource.getAttributes() != null)
+ {
+ for(Attribute attribute: resource.getAttributes())
+ {
+ AttributeType jaxbAttribute = JAXBEncoder.encode(attribute);
+ jaxbObject.getAttribute().add(jaxbAttribute);
+ }
+ }
+
+ return jaxbObject;
+ }
+
+ /**
+ * Encodes a Action object to its corresponding JAXB object
+ *
+ * @param resource
+ * @return
+ */
+ public static ActionType encode(Action action)
+ {
+ ActionType jaxbObject = new ActionType();
+
+ if(action.getAttributes() != null)
+ {
+ for(Attribute attribute: action.getAttributes())
+ {
+ AttributeType jaxbAttribute = JAXBEncoder.encode(attribute);
+ jaxbObject.getAttribute().add(jaxbAttribute);
+ }
+ }
+
+ return jaxbObject;
+ }
+
+ /**
+ * Encodes an Environment object to its corresponding JAXB object
+ *
+ * @param resource
+ * @return
+ */
+ public static EnvironmentType encode(Environment environment)
+ {
+ EnvironmentType jaxbObject = new EnvironmentType();
+
+ if(environment.getAttributes() != null)
+ {
+ for(Attribute attribute: environment.getAttributes())
+ {
+ AttributeType jaxbAttribute = JAXBEncoder.encode(attribute);
+ jaxbObject.getAttribute().add(jaxbAttribute);
+ }
+ }
+
+ return jaxbObject;
+ }
+}
Modified: modules/authorization/trunk/enforcement/pom.xml
===================================================================
--- modules/authorization/trunk/enforcement/pom.xml 2009-02-05 20:54:56 UTC (rev 12782)
+++ modules/authorization/trunk/enforcement/pom.xml 2009-02-06 01:22:36 UTC (rev 12783)
@@ -20,12 +20,10 @@
<version>${project.version}</version>
</dependency>
- <!-- test dependencies -->
<!-- jboss xacml -->
<dependency>
<groupId>org.jboss.security</groupId>
- <artifactId>jboss-xacml</artifactId>
- <scope>test</scope>
+ <artifactId>jboss-xacml</artifactId>
</dependency>
</dependencies>
Modified: modules/authorization/trunk/enforcement/src/main/java/org/jboss/security/authz/enforcement/Request.java
===================================================================
--- modules/authorization/trunk/enforcement/src/main/java/org/jboss/security/authz/enforcement/Request.java 2009-02-05 20:54:56 UTC (rev 12782)
+++ modules/authorization/trunk/enforcement/src/main/java/org/jboss/security/authz/enforcement/Request.java 2009-02-06 01:22:36 UTC (rev 12783)
@@ -29,7 +29,10 @@
import org.jboss.security.authz.model.Subject;
import org.jboss.security.authz.model.Action;
import org.jboss.security.authz.model.Environment;
+import org.jboss.security.authz.xacml.JAXBEncoder;
+import org.jboss.security.xacml.core.model.context.RequestType;
+
/**
* An Authorization Request
*
@@ -97,4 +100,41 @@
{
this.subjects.add(subject);
}
+
+ public RequestType encode()
+ {
+ RequestType jaxbObject = new RequestType();
+
+ //Encode Resources
+ if(this.resources != null)
+ {
+ for(Resource resource: this.resources)
+ {
+ jaxbObject.getResource().add(JAXBEncoder.encode(resource));
+ }
+ }
+
+ //Encode Subjects
+ if(this.subjects != null)
+ {
+ for(Subject subject: this.subjects)
+ {
+ jaxbObject.getSubject().add(JAXBEncoder.encode(subject));
+ }
+ }
+
+ //Encode Action
+ if(this.action != null)
+ {
+ jaxbObject.setAction(JAXBEncoder.encode(this.action));
+ }
+
+ //Encode Environment
+ if(this.environment != null)
+ {
+ jaxbObject.setEnvironment(JAXBEncoder.encode(this.environment));
+ }
+
+ return jaxbObject;
+ }
}
Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java 2009-02-05 20:54:56 UTC (rev 12782)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java 2009-02-06 01:22:36 UTC (rev 12783)
@@ -21,27 +21,21 @@
*/
package org.jboss.security.authz.policy.server.plugin;
-import java.util.Set;
import junit.framework.TestCase;
import org.apache.log4j.Logger;
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.model.Subject;
+import org.jboss.security.authz.model.Action;
import org.jboss.security.authz.model.Attribute;
-import org.jboss.security.authz.model.Rule;
-import org.jboss.security.authz.model.DroolsRuleExpression;
import org.jboss.security.authz.components.http.HttpResource;
+import org.jboss.security.authz.enforcement.Request;
import org.jboss.security.authz.policy.server.PolicyServer;
import org.jboss.security.authz.policy.server.Server;
-import org.jboss.security.xacml.core.model.context.ActionType;
-import org.jboss.security.xacml.core.model.context.AttributeType;
-import org.jboss.security.xacml.core.model.context.AttributeValueType;
-import org.jboss.security.xacml.core.model.context.ObjectFactory;
-import org.jboss.security.xacml.core.model.context.RequestType;
-import org.jboss.security.xacml.core.model.context.ResourceType;
-import org.jboss.security.xacml.core.model.context.SubjectType;
+
import org.jboss.security.xacml.factories.RequestResponseContextFactory;
import org.jboss.security.xacml.interfaces.RequestContext;
import org.jboss.security.xacml.interfaces.ResponseContext;
@@ -126,57 +120,32 @@
log.info("Decision="+responseContext.getDecision());
}
private RequestContext createRequestContext(HttpResource httpResource, boolean mustBePermitted) throws Exception
- {
- //Create ObjectFactory
- ObjectFactory objectFactory = new ObjectFactory();
-
- //Create RequestContext
- RequestContext requestContext = RequestResponseContextFactory.createRequestCtx();
-
+ {
//Create a RequestType
- RequestType requestType = objectFactory.createRequestType();
+ Request request = new Request();
//Create Subjects
- SubjectType subject = objectFactory.createSubjectType();
- AttributeType subjectAttribute = objectFactory.createAttributeType();
- subjectAttribute.setAttributeId(XACMLConstants.ATTRIBUTEID_ROLE);
- subjectAttribute.setDataType(XMLSchemaConstants.DATATYPE_STRING);
- AttributeValueType subjectId = objectFactory.createAttributeValueType();
- subjectId.getContent().add(mustBePermitted?"Admin":"Anonymous");
- subjectAttribute.getAttributeValue().add(subjectId);
- subject.getAttribute().add(subjectAttribute);
- requestType.getSubject().add(subject);
+ Subject subject = new Subject();
+ Attribute subjectAttr = new Attribute(XACMLConstants.ATTRIBUTEID_ROLE,
+ XMLSchemaConstants.DATATYPE_STRING, mustBePermitted?"Admin":"Anonymous");
+ subject.addAttribute(subjectAttr);
+ request.addSubject(subject);
//Create Resource
Resource urlResource = httpResource.getURLResource();
- ResourceType resource = objectFactory.createResourceType();
- Set<Attribute> attributes = urlResource.getAttributes();
- for(Attribute attribute: attributes)
- {
- AttributeType resourceAttribute = objectFactory.createAttributeType();
- resourceAttribute.setAttributeId(attribute.getUri());
- resourceAttribute.setDataType(attribute.getDatatType());
- AttributeValueType resourceId = objectFactory.createAttributeValueType();
- resourceId.getContent().add(attribute.getValue());
- resourceAttribute.getAttributeValue().add(resourceId);
- resource.getAttribute().add(resourceAttribute);
- }
- requestType.getResource().add(resource);
+ request.addResource(urlResource);
//Create Action
- ActionType action = objectFactory.createActionType();
- AttributeType actionAttribute = objectFactory.createAttributeType();
- actionAttribute.setAttributeId(XACMLConstants.ATTRIBUTEID_ACTION_ID);
- actionAttribute.setDataType(XMLSchemaConstants.DATATYPE_STRING);
- AttributeValueType actionId = objectFactory.createAttributeValueType();
- actionId.getContent().add("GET");
- actionAttribute.getAttributeValue().add(actionId);
- action.getAttribute().add(actionAttribute);
- requestType.setAction(action);
+ Action action = new Action();
+ Attribute actionAttr = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID,
+ XMLSchemaConstants.DATATYPE_STRING, "GET");
+ action.addAttribute(actionAttr);
+ request.setAction(action);
- //Spit out RequestContext
- requestContext.setRequest(requestType);
+ //Create RequestContext
+ RequestContext requestContext = RequestResponseContextFactory.createRequestCtx();
+ requestContext.setRequest(request.encode());
return requestContext;
}
17 years, 2 months
- 1
- 0
JBoss Portal SVN: r12782 - in modules/authorization/trunk: core-components/src/test/java/org/jboss/security/authz/components/http and 2 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-02-05 15:54:56 -0500 (Thu, 05 Feb 2009)
New Revision: 12782
Modified:
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java
modules/authorization/trunk/core-components/src/test/java/org/jboss/security/authz/components/http/TestHttpResourceRules.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java
Log:
Integrating Drools based Expressions to specify Policy Rules for the HttpResource core component
* Actual Rule specified in DRL format and works end-to-end
Modified: modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java
===================================================================
--- modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java 2009-02-05 19:40:08 UTC (rev 12781)
+++ modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java 2009-02-05 20:54:56 UTC (rev 12782)
@@ -26,6 +26,7 @@
import java.util.HashMap;
import java.util.Set;
import java.util.HashSet;
+import java.text.MessageFormat;
import org.jboss.security.authz.model.AttributeExpression;
import org.jboss.security.authz.model.Effect;
@@ -54,21 +55,27 @@
{
//make it package-level access so that unit tests can test these rules
static final String allowedRolesRule =
+ "import java.util.HashSet\n"+
"rule \"allowedRolesRule\"\n"+
"when\n"+
"$ruleName: String()\n"+
+ "$roles: HashSet()\n"+
"eval($ruleName.contains(\"httpResource://permittedRoles\"))\n"+
+ "eval({0})\n"+
"then\n"+
- "System.out.println(\"AllowedRolesRule successfully fired\");\n"+
+ "insert(Boolean.TRUE);\n"+
"end\n";
- static final String deniedRolesRule =
+ static final String deniedRolesRule =
+ "import java.util.HashSet\n"+
"rule \"deniedRolesRule\"\n"+
"when\n"+
"$ruleName: String()\n"+
+ "$roles: HashSet()\n"+
"eval($ruleName.contains(\"httpResource://deniedRoles\"))\n"+
+ "eval({0})\n"+
"then\n"+
- "System.out.println(\"DeniedRolesRule successfully fired\");\n"+
+ "insert(Boolean.TRUE);\n"+
"end\n";
static final String allowedIpsRule =
@@ -77,7 +84,7 @@
"$ruleName: String()\n"+
"eval($ruleName.contains(\"httpResource://allowedIps\"))\n"+
"then\n"+
- "System.out.println(\"AllowedIpsRule successfully fired\");\n"+
+ "insert(Boolean.TRUE);\n"+
"end\n";
/**
@@ -250,14 +257,19 @@
permitRule.setRuleId(ruleReference);
permitRule.setEffect(Effect.PERMIT);
- //Generate a Drools Rule
+ //Generate a Drools Rule Expression
+ StringBuffer buffer = new StringBuffer();
for(String role: this.allowedRoles)
{
+ buffer.append("$roles.contains(\""+role.toLowerCase()+"\") || ");
}
+ String condition = buffer.toString().trim();
+ String rule = MessageFormat.format(HttpResource.allowedRolesRule,
+ new Object[]{condition.substring(0, condition.length()-2).trim()});
DroolsRuleExpression expression = new DroolsRuleExpression();
expression.setRuleReference(ruleReference);
- expression.setRule(HttpResource.allowedRolesRule);
+ expression.setRule(rule);
permitRule.setExpression(expression);
return permitRule;
@@ -281,13 +293,19 @@
denyRule.setRuleId(ruleReference);
denyRule.setEffect(Effect.DENY);
- //Generate a Drools Rule
+ //Generate a Drools Rule Expression
+ StringBuffer buffer = new StringBuffer();
for(String role: this.deniedRoles)
- {
+ {
+ buffer.append("$roles.contains(\""+role.toLowerCase()+"\") || ");
}
+ String condition = buffer.toString().trim();
+ String rule = MessageFormat.format(HttpResource.deniedRolesRule,
+ new Object[]{condition.substring(0, condition.length()-2).trim()});
+
DroolsRuleExpression expression = new DroolsRuleExpression();
expression.setRuleReference(ruleReference);
- expression.setRule(HttpResource.deniedRolesRule);
+ expression.setRule(rule);
denyRule.setExpression(expression);
return denyRule;
@@ -306,6 +324,7 @@
rule.setRuleId(ruleReference);
rule.setEffect(Effect.PERMIT);
+ //TODO: Generate a Drools Rule Expression
for(String allowedIp: this.allowedIps)
{
/*AttributeExpression expression = new AttributeExpression();
@@ -316,6 +335,7 @@
rule.setExpression(expression);*/
}
+
DroolsRuleExpression expression = new DroolsRuleExpression();
expression.setRuleReference(ruleReference);
expression.setRule(HttpResource.allowedIpsRule);
Modified: modules/authorization/trunk/core-components/src/test/java/org/jboss/security/authz/components/http/TestHttpResourceRules.java
===================================================================
--- modules/authorization/trunk/core-components/src/test/java/org/jboss/security/authz/components/http/TestHttpResourceRules.java 2009-02-05 19:40:08 UTC (rev 12781)
+++ modules/authorization/trunk/core-components/src/test/java/org/jboss/security/authz/components/http/TestHttpResourceRules.java 2009-02-05 20:54:56 UTC (rev 12782)
@@ -24,6 +24,10 @@
import java.io.ByteArrayInputStream;
import java.io.InputStreamReader;
import java.io.Reader;
+import java.text.MessageFormat;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.Iterator;
import junit.framework.TestCase;
@@ -56,8 +60,8 @@
StringBuilder buffer = new StringBuilder();
buffer.append(rulePkg+"\n");
- buffer.append(HttpResource.allowedRolesRule+"\n");
- buffer.append(HttpResource.deniedRolesRule+"\n");
+ buffer.append(this.getAllowedRolesRule()+"\n");
+ buffer.append(this.getDeniedRolesRule()+"\n");
buffer.append(HttpResource.allowedIpsRule+"\n");
Reader source = new InputStreamReader(new ByteArrayInputStream(buffer.toString().getBytes()));
@@ -91,18 +95,61 @@
{
log.info("Executing----------testAllowedRolesRule");
WorkingMemory workingMemory = this.activeRuleBase.newStatefulSession();
+
+ //SetUp the context data
workingMemory.insert("httpResource://permittedRoles/"+GeneralTool.generateUniqueId());
+ Set roles = new HashSet();
+ roles.add("admin");
+ roles.add("superuser");
+ workingMemory.insert(roles);
+
workingMemory.fireAllRules();
+
+ //Extract result
+ boolean success = false;
+ Iterator itr = workingMemory.iterateObjects();
+ while(itr.hasNext())
+ {
+ Object curr = itr.next();
+ if(curr instanceof Boolean)
+ {
+ success = ((Boolean)curr).booleanValue();
+ }
+ }
+
((StatefulSession)workingMemory).dispose();
+
+ assertTrue("Rule did not execute!!", success);
}
public void testDeniedRolesRule() throws Exception
{
log.info("Executing----------testDeniedRolesRule");
WorkingMemory workingMemory = this.activeRuleBase.newStatefulSession();
+
+ //SetUp the context data
workingMemory.insert("httpResource://deniedRoles/"+GeneralTool.generateUniqueId());
+ Set roles = new HashSet();
+ roles.add("anonymous");
+ workingMemory.insert(roles);
+
workingMemory.fireAllRules();
+
+ //Extract result
+ boolean success = false;
+ Iterator itr = workingMemory.iterateObjects();
+ while(itr.hasNext())
+ {
+ Object curr = itr.next();
+ if(curr instanceof Boolean)
+ {
+ success = ((Boolean)curr).booleanValue();
+ }
+ }
+
((StatefulSession)workingMemory).dispose();
+
+ assertTrue("Rule did not execute!!", success);
}
public void testAllowedIpsRule() throws Exception
@@ -111,6 +158,53 @@
WorkingMemory workingMemory = this.activeRuleBase.newStatefulSession();
workingMemory.insert("httpResource://allowedIps/"+GeneralTool.generateUniqueId());
workingMemory.fireAllRules();
+
+ //Extract result
+ boolean success = false;
+ Iterator itr = workingMemory.iterateObjects();
+ while(itr.hasNext())
+ {
+ Object curr = itr.next();
+ if(curr instanceof Boolean)
+ {
+ success = ((Boolean)curr).booleanValue();
+ }
+ }
+
((StatefulSession)workingMemory).dispose();
+
+ assertTrue("Rule did not execute!!", success);
}
+ //------------------------------------------------------------------------------------------------------------------------------------------------------
+ private String getAllowedRolesRule()
+ {
+ String[] mockRoles = new String[]{"Admin", "SupErUser"};
+
+ StringBuffer buffer = new StringBuffer();
+ for(String role: mockRoles)
+ {
+ buffer.append("$roles.contains(\""+role.toLowerCase()+"\") || ");
+ }
+ String condition = buffer.toString().trim();
+ String rule = MessageFormat.format(HttpResource.allowedRolesRule,
+ new Object[]{condition.substring(0, condition.length()-2).trim()});
+
+ return rule;
+ }
+
+ private String getDeniedRolesRule()
+ {
+ String[] mockRoles = new String[]{"Anonymous", "Regular"};
+
+ StringBuffer buffer = new StringBuffer();
+ for(String role: mockRoles)
+ {
+ buffer.append("$roles.contains(\""+role.toLowerCase()+"\") || ");
+ }
+ String condition = buffer.toString().trim();
+ String rule = MessageFormat.format(HttpResource.deniedRolesRule,
+ new Object[]{condition.substring(0, condition.length()-2).trim()});
+
+ return rule;
+ }
}
Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java 2009-02-05 19:40:08 UTC (rev 12781)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java 2009-02-05 20:54:56 UTC (rev 12782)
@@ -24,19 +24,28 @@
import java.util.List;
import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.Set;
+import java.util.HashSet;
+import java.net.URI;
import org.apache.log4j.Logger;
import org.drools.RuleBase;
import org.drools.WorkingMemory;
+import org.drools.StatefulSession;
import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XMLSchemaConstants;
import org.jboss.security.xacml.sunxacml.EvaluationCtx;
import org.jboss.security.xacml.sunxacml.cond.EvaluationResult;
import org.jboss.security.xacml.sunxacml.cond.FunctionBase;
import org.jboss.security.xacml.sunxacml.ctx.Status;
import org.jboss.security.xacml.sunxacml.attr.BooleanAttribute;
+import org.jboss.security.xacml.sunxacml.attr.BagAttribute;
+import org.jboss.security.xacml.sunxacml.attr.StringAttribute;
import org.jboss.security.xacml.sunxacml.cond.VariableReference;
/**
@@ -108,18 +117,38 @@
{
VariableReference reference = (VariableReference)inputs.get(i);
- log.info("Firing Rule ="+reference.getVariableId());
+ log.debug("Firing Rule ="+reference.getVariableId());
+ //Establish a Stateful Drools Session
DroolsRuleManager ruleManager = (DroolsRuleManager)Server.lookup("/policy-server/DroolsRuleManager");
RuleBase ruleBase = ruleManager.getActiveRuleBase();
WorkingMemory workingMemory = ruleBase.newStatefulSession();
+
+ //Populate the WorkingMemory with Facts
workingMemory.insert(reference.getVariableId());
+ this.prepareWorkingMemory(workingMemory, context);
+
+
+ //Execute the Rule
workingMemory.fireAllRules();
-
- /**
- * TODO: start a Drools context and evaluate the specified Rule against the data presented in the EvaluationContext
- */
- result = EvaluationResult.getTrueInstance();
+
+ //Process the results
+ boolean success = false;
+ Iterator itr = workingMemory.iterateObjects();
+ while(itr.hasNext())
+ {
+ Object curr = itr.next();
+ if(curr instanceof Boolean)
+ {
+ success = ((Boolean)curr).booleanValue();
+ }
+ }
+
+ //Cleanup the WorkingMemory
+ ((StatefulSession)workingMemory).dispose();
+
+
+ result = EvaluationResult.getInstance(success);
}
}
}
@@ -131,5 +160,31 @@
result = new EvaluationResult(status);
}
return result;
- }
+ }
+
+ /**
+ * TODO: make this preparation more robust injecting arbitrary Facts and then let the RuleEngine do its thing
+ *
+ * @param context
+ */
+ private void prepareWorkingMemory(WorkingMemory workingMemory, EvaluationCtx context) throws Exception
+ {
+ //Inject Roles
+ Set<String> roles = new HashSet<String>();
+
+ EvaluationResult roleResult = context.getSubjectAttribute(new URI(XMLSchemaConstants.DATATYPE_STRING),
+ new URI(XACMLConstants.ATTRIBUTEID_ROLE),
+ new URI(XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT));
+
+ BagAttribute roleValues = (BagAttribute)roleResult.getAttributeValue();
+ Iterator itr = roleValues.iterator();
+ while(itr.hasNext())
+ {
+ StringAttribute str = (StringAttribute)itr.next();
+ roles.add(str.getValue().toLowerCase());
+ }
+
+
+ workingMemory.insert(roles);
+ }
}
Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java 2009-02-05 19:40:08 UTC (rev 12781)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java 2009-02-05 20:54:56 UTC (rev 12782)
@@ -91,10 +91,10 @@
log.info(policies[0].generateXACMLPolicy());
//Send an Enforcement request that should be allowed
- this.enforce(this.createPermitRequestContext(httpResource), true);
+ this.enforce(this.createRequestContext(httpResource, true), true);
//Send an Enforcement request that should be denied
- this.enforce(this.createPermitRequestContext(httpResource), false);
+ this.enforce(this.createRequestContext(httpResource, false), false);
}
//----------------------------------------------------------------------------------------------------------------------------------------------------------
private void enforce(RequestContext request, boolean mustBePermitted) throws Exception
@@ -125,7 +125,7 @@
log.info("-----------------------------------");
log.info("Decision="+responseContext.getDecision());
}
- private RequestContext createPermitRequestContext(HttpResource httpResource) throws Exception
+ private RequestContext createRequestContext(HttpResource httpResource, boolean mustBePermitted) throws Exception
{
//Create ObjectFactory
ObjectFactory objectFactory = new ObjectFactory();
@@ -143,7 +143,7 @@
subjectAttribute.setAttributeId(XACMLConstants.ATTRIBUTEID_ROLE);
subjectAttribute.setDataType(XMLSchemaConstants.DATATYPE_STRING);
AttributeValueType subjectId = objectFactory.createAttributeValueType();
- subjectId.getContent().add("Admin");
+ subjectId.getContent().add(mustBePermitted?"Admin":"Anonymous");
subjectAttribute.getAttributeValue().add(subjectId);
subject.getAttribute().add(subjectAttribute);
requestType.getSubject().add(subject);
17 years, 2 months
- 1
- 0
JBoss Portal SVN: r12781 - in branches/JBoss_Portal_Branch_2_7/core-admin/src: resources/portal-admin-war/jsf/common and 1 other directory.
by portal-commits@lists.jboss.org
Author: wesleyhales
Date: 2009-02-05 14:40:08 -0500 (Thu, 05 Feb 2009)
New Revision: 12781
Modified:
branches/JBoss_Portal_Branch_2_7/core-admin/src/bin/portal-admin-war/css/style.css
branches/JBoss_Portal_Branch_2_7/core-admin/src/resources/portal-admin-war/jsf/common/showPortletDetails.xhtml
Log:
https://jira.jboss.org/jira/browse/JBPORTAL-2190
Modified: branches/JBoss_Portal_Branch_2_7/core-admin/src/bin/portal-admin-war/css/style.css
===================================================================
--- branches/JBoss_Portal_Branch_2_7/core-admin/src/bin/portal-admin-war/css/style.css 2009-02-05 16:50:47 UTC (rev 12780)
+++ branches/JBoss_Portal_Branch_2_7/core-admin/src/bin/portal-admin-war/css/style.css 2009-02-05 19:40:08 UTC (rev 12781)
@@ -623,7 +623,6 @@
.details-header ul li {
float: left;
list-style: none;
- height: 16px;
padding: 0 0 0 3px;
}
Modified: branches/JBoss_Portal_Branch_2_7/core-admin/src/resources/portal-admin-war/jsf/common/showPortletDetails.xhtml
===================================================================
--- branches/JBoss_Portal_Branch_2_7/core-admin/src/resources/portal-admin-war/jsf/common/showPortletDetails.xhtml 2009-02-05 16:50:47 UTC (rev 12780)
+++ branches/JBoss_Portal_Branch_2_7/core-admin/src/resources/portal-admin-war/jsf/common/showPortletDetails.xhtml 2009-02-05 19:40:08 UTC (rev 12781)
@@ -166,7 +166,7 @@
<h:outputText value="#{bundle.COMMON_DELETE}"/>
</f:facet>
- <div style="width:150px"><h:commandLink id="delete-link" action="#{instanceDisplayNameAction.editDisplayName}">
+ <div><h:commandLink id="delete-link" action="#{instanceDisplayNameAction.editDisplayName}">
<h:outputText styleClass="actionDelete" value="#{bundle.COMMON_DELETE}"/>
<f:param name="locale" value="#{value.locale}"/>
<f:param name="editAction" value="delete"/>
17 years, 2 months
- 1
- 0
JBoss Portal SVN: r12780 - branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/admin.
by portal-commits@lists.jboss.org
Author: prabhat.jha(a)jboss.com
Date: 2009-02-05 11:50:47 -0500 (Thu, 05 Feb 2009)
New Revision: 12780
Modified:
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/admin/UserAdministrationBean.java
Log:
JBPORTAL-2297 It works with the fix. Wont mind having 2nd pair of eyes take a look.
Modified: branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/admin/UserAdministrationBean.java
===================================================================
--- branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/admin/UserAdministrationBean.java 2009-02-05 12:41:35 UTC (rev 12779)
+++ branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/admin/UserAdministrationBean.java 2009-02-05 16:50:47 UTC (rev 12780)
@@ -108,6 +108,8 @@
/** The decoder. */
private static final FastURLDecoder decoder = FastURLDecoder.getUTF8Instance();
+
+ private boolean isNewSearch=true;
public UserAdministrationBean()
{
@@ -239,9 +241,20 @@
{
try
{
- int intLimit = Integer.valueOf(limit).intValue();
- int offset = page > 0 ? ((page - 1) * intLimit) : 0;
- int limit1 = intLimit + 1;
+
+ int initLimit = Integer.valueOf(limit).intValue();
+ int offset = 0;
+ if(!isNewSearch)
+ {
+ offset = page > 0 ? ((page - 1) * initLimit) : 0;
+ isNewSearch = true;
+ }
+
+ else
+ page = 1;
+
+
+ int limit1 = initLimit + 1;
this.userList = new ListDataModel(identityUserBean.findUsersFilteredByUserName(searchString, offset, limit1));
}
catch (Exception e)
@@ -386,6 +399,7 @@
public String nextPage()
{
+ isNewSearch = false;
this.page++;
this.searchUsers();
return "searchUsers";
@@ -393,6 +407,7 @@
public String prevPage()
{
+ isNewSearch = false;
this.page--;
this.searchUsers();
return "searchUsers";
17 years, 2 months
- 1
- 0
JBoss Portal SVN: r12779 - modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event.
by portal-commits@lists.jboss.org
Author: bdaw
Date: 2009-02-05 07:41:35 -0500 (Thu, 05 Feb 2009)
New Revision: 12779
Added:
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/MembershipChangedEvent.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleCreatedEvent.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleDestroyedEvent.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleUpdatedEvent.java
Log:
synchronizing sources from branch 1.0 to trunk
Added: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/MembershipChangedEvent.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/MembershipChangedEvent.java (rev 0)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/MembershipChangedEvent.java 2009-02-05 12:41:35 UTC (rev 12779)
@@ -0,0 +1,92 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+
+package org.jboss.portal.identity.event;
+
+import java.util.Set;
+import java.util.Iterator;
+
+/**
+ * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot com">Boleslaw Dawidowicz</a>
+ * @version : 0.1 $
+ */
+public class MembershipChangedEvent extends IdentityEvent
+{
+ private final Set userIds;
+
+ private final Set roleIds;
+
+ private final String representation;
+
+ public MembershipChangedEvent(Set userIds, Set roleIds)
+ {
+ if (userIds == null)
+ {
+ throw new IllegalArgumentException();
+ }
+
+ if (roleIds == null)
+ {
+ throw new IllegalArgumentException();
+ }
+
+ if (roleIds.size() > 1 && userIds.size() > 1)
+ {
+ throw new IllegalStateException("Either roleIds or userIds must contain only one element");
+ }
+
+ this.userIds = userIds;
+ this.roleIds = roleIds;
+
+ StringBuilder sb = new StringBuilder();
+
+ sb.append("MembershipChangedEvent[userIds=");
+ for (Iterator iterator = userIds.iterator(); iterator.hasNext();)
+ {
+ Object o = iterator.next();
+ if (iterator.hasNext())
+ {
+ sb.append(o.toString() + ", ");
+ }
+ else
+ {
+ sb.append(o.toString());
+ }
+ }
+ representation = sb.toString();
+ }
+
+ public Set getUserIds()
+ {
+ return userIds;
+ }
+
+ public Set getRoleIds()
+ {
+ return roleIds;
+ }
+
+ public String toString()
+ {
+ return representation;
+ }
+}
Added: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleCreatedEvent.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleCreatedEvent.java (rev 0)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleCreatedEvent.java 2009-02-05 12:41:35 UTC (rev 12779)
@@ -0,0 +1,66 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.identity.event;
+
+/**
+ * @author <a href="mailto:julien@jboss.org">Julien Viet</a>
+ * @version $Revision: 1.1 $
+ */
+public class RoleCreatedEvent extends IdentityEvent
+{
+
+ /** . */
+ private final Object roleId;
+
+ /** . */
+ private final String roleName;
+
+ public RoleCreatedEvent(Object roleId, String roleName)
+ {
+ if (roleId == null)
+ {
+ throw new IllegalArgumentException();
+ }
+ if (roleName == null)
+ {
+ throw new IllegalArgumentException();
+ }
+ this.roleId = roleId;
+ this.roleName = roleName;
+ }
+
+ public Object getRoleId()
+ {
+ return roleId;
+ }
+
+ public String getRoleName()
+ {
+ return roleName;
+ }
+
+ public String toString()
+ {
+ return "RoleCreatedEvent[roleId=" + roleId + ",roleName=" + roleName + "]";
+ }
+}
\ No newline at end of file
Added: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleDestroyedEvent.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleDestroyedEvent.java (rev 0)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleDestroyedEvent.java 2009-02-05 12:41:35 UTC (rev 12779)
@@ -0,0 +1,66 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.identity.event;
+
+/**
+ * @author <a href="mailto:julien@jboss.org">Julien Viet</a>
+ * @version $Revision: 1.1 $
+ */
+public class RoleDestroyedEvent extends IdentityEvent
+{
+
+ /** . */
+ private final Object roleId;
+
+ /** . */
+ private final String roleName;
+
+ public RoleDestroyedEvent(Object roleId, String roleName)
+ {
+ if (roleId == null)
+ {
+ throw new IllegalArgumentException();
+ }
+ if (roleName == null)
+ {
+ throw new IllegalArgumentException();
+ }
+ this.roleId = roleId;
+ this.roleName = roleName;
+ }
+
+ public Object getRoleId()
+ {
+ return roleId;
+ }
+
+ public String getRoleName()
+ {
+ return roleName;
+ }
+
+ public String toString()
+ {
+ return "RoleDestroyedEvent[roleId=" + roleId + ",roleName=" + roleName + "]";
+ }
+}
\ No newline at end of file
Added: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleUpdatedEvent.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleUpdatedEvent.java (rev 0)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/RoleUpdatedEvent.java 2009-02-05 12:41:35 UTC (rev 12779)
@@ -0,0 +1,85 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+
+package org.jboss.portal.identity.event;
+
+/**
+ * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot com">Boleslaw Dawidowicz</a>
+ * @version : 0.1 $
+ */
+public class RoleUpdatedEvent extends IdentityEvent
+{
+ /** . */
+ private final Object roleId;
+
+ /** . */
+ private final String roleName;
+
+ /** . */
+ private String displayName;
+
+
+ public RoleUpdatedEvent(Object roleId, String roleName, String displayName)
+ {
+
+ this.displayName = displayName;
+ if (roleId == null)
+ {
+ throw new IllegalArgumentException();
+ }
+ if (roleName == null)
+ {
+ throw new IllegalArgumentException();
+ }
+ if (displayName == null)
+ {
+ throw new IllegalArgumentException();
+ }
+
+
+ this.roleId = roleId;
+ this.roleName = roleName;
+ this.displayName = displayName;
+
+ }
+
+ public Object getRoleId()
+ {
+ return roleId;
+ }
+
+ public String getRoleName()
+ {
+ return roleName;
+ }
+
+ public String getDisplayName()
+ {
+ return displayName;
+ }
+
+ public String toString()
+ {
+ return "RoleUpdatedEvent[roleId=" + roleId + ",roleName=" + roleName + ",displayName" + displayName + "]";
+ }
+
+}
17 years, 2 months
- 1
- 0
JBoss Portal SVN: r12778 - in modules/identity/trunk: identity/src/main/java/org/jboss/portal/identity/auth and 8 other directories.
by portal-commits@lists.jboss.org
Author: bdaw
Date: 2009-02-05 07:40:41 -0500 (Thu, 05 Feb 2009)
New Revision: 12778
Modified:
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/DelegatingUserProfileModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/IdentityLoginModule.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLDAPExtLoginModule.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLDAPLoginModule.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLoginModule.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/boot/IdentityServiceLoader.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateMembershipModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateRoleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateRoleModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateUserImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateUserProfileModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/UserProfileChangedEvent.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPConnectionContext.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtRoleModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtUserModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModule.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModule.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserProfileModuleImpl.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/MembershipModuleService.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/RoleModuleService.java
modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/UserProfileModuleService.java
modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/cas/CASAuthenticationHandler.java
modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/cas/CASAuthenticationValve.java
modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java
modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/opensso/OpenSSOAuthenticationValve.java
Log:
synchronizing sources from branch 1.0 to trunk
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/DelegatingUserProfileModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/DelegatingUserProfileModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/DelegatingUserProfileModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -134,7 +134,7 @@
log.debug("Delegating to DB module");
getDBModule().setProperty(user, name, propertyValue);
- fireUserProfileChangedEvent(user.getId(), user.getUserName(), name);
+ fireUserProfileChangedEvent(user.getId(), user.getUserName(), name, propertyValue);
return;
}
throw new IdentityException("Cannot process property - incorrect profile or module configuration");
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/IdentityLoginModule.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/IdentityLoginModule.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/IdentityLoginModule.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -50,7 +50,7 @@
/**
* A login module that uses the user module.
- *
+ *
* @author <a href="mailto:julien@jboss.org">Julien Viet</a>
* @author <a href="mailto:theute@jboss.org">Thomas Heute</a>
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -186,16 +186,31 @@
// Set the user Status in the request so that the login page can show an error message accordingly
request.setAttribute("org.jboss.portal.userStatus", userStatus);
-
- if (userStatus == UserStatus.OK)
+
+ if (userStatus == UserStatus.DISABLE)
{
+ request.setAttribute("org.jboss.portal.loginError", "Your account is disabled");
+ return false;
+ }
+ else if (userStatus == UserStatus.NOTASSIGNEDTOROLE)
+ {
+ request.setAttribute("org.jboss.portal.loginError", "The user doesn't have the correct role");
+ return false;
+ }
+ else if ((userStatus == UserStatus.UNEXISTING) || userStatus == UserStatus.WRONGPASSWORD)
+ {
+ request.setAttribute("org.jboss.portal.loginError", "The user doesn't exist or the password is incorrect");
+ return false;
+ }
+ else if (userStatus == UserStatus.OK)
+ {
return true;
}
else
{
+ log.error("Unexpected error while logging in");
return false;
- }
- }
+ } }
catch (Exception e)
{
log.error("Error when validating password", e);
@@ -226,7 +241,7 @@
// exception...
if (user == null)
{
- throw new NoSuchUserException("UserModule returned null user object");
+ throw new NoSuchUserException("UserModule returned null user object");
}
//This is because LDAP binds can be non case sensitive
@@ -352,7 +367,7 @@
{
if (userNameToLowerCase != null && userNameToLowerCase.equalsIgnoreCase("true"))
{
- return super.getUsername().toLowerCase();
+ return super.getUsername().toLowerCase();
}
return super.getUsername();
}
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLDAPExtLoginModule.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLDAPExtLoginModule.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLDAPExtLoginModule.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -96,7 +96,7 @@
log.trace("synchronizeRoles = " + synchronizeRoles);
log.trace("defaultAssignedRole = " + defaultAssignedRole);
log.trace("preserveRoles = " + preserveRoles);
-
+
}
protected UserModule getUserModule() throws Exception
@@ -178,25 +178,37 @@
protected Group[] getRoleSets() throws LoginException
{
Group[] rolesGroup = super.getRoleSets();
- if (additionalRole != null)
+ try
{
- try
+ for (int i = 0; i < rolesGroup.length; i++)
{
- for (int i = 0; i < rolesGroup.length; i++)
+ Group group = rolesGroup[i];
+ if (group.getName().equals("Roles"))
{
- Group group = rolesGroup[i];
- if (group.getName().equals("Roles"))
+ if (additionalRole != null)
{
- group.addMember(createIdentity(additionalRole));
+ Principal role = createIdentity(additionalRole);
+ if (!group.isMember(role))
+ {
+ group.addMember(role);
+ }
}
+ if (defaultAssignedRole != null)
+ {
+ Principal role = createIdentity(defaultAssignedRole);
+ if (!group.isMember(role))
+ {
+ group.addMember(role);
+ }
+ }
}
}
- catch (Exception e)
- {
- //just a try
- log.error("Error when adding additional role: ", e);
- }
}
+ catch (Exception e)
+ {
+ //just a try
+ log.error("Error when adding additional role: ", e);
+ }
return rolesGroup;
}
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLDAPLoginModule.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLDAPLoginModule.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLDAPLoginModule.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -94,7 +94,7 @@
log.trace("synchronizeRoles = " + synchronizeRoles);
log.trace("defaultAssignedRole = " + defaultAssignedRole);
log.trace("preserveRoles = " + preserveRoles);
-
+
}
protected UserModule getUserModule() throws Exception
@@ -176,25 +176,40 @@
protected Group[] getRoleSets() throws LoginException
{
Group[] rolesGroup = super.getRoleSets();
- if (additionalRole != null)
+
+ try
{
- try
+ for (int i = 0; i < rolesGroup.length; i++)
{
- for (int i = 0; i < rolesGroup.length; i++)
+ Group group = rolesGroup[i];
+ if (group.getName().equals("Roles"))
{
- Group group = rolesGroup[i];
- if (group.getName().equals("Roles"))
+ if (additionalRole != null)
{
- group.addMember(createIdentity(additionalRole));
+ Principal role = createIdentity(additionalRole);
+ if (!group.isMember(role))
+ {
+ group.addMember(role);
+ }
}
+ if (defaultAssignedRole != null)
+ {
+ Principal role = createIdentity(defaultAssignedRole);
+ if (!group.isMember(role))
+ {
+ group.addMember(role);
+ }
+ }
}
}
- catch (Exception e)
- {
- //just a try
- log.error("Error when adding additional role: ", e);
- }
}
+ catch (Exception e)
+ {
+ //just a try
+ log.error("Error when adding additional role: ", e);
+ }
+
+
return rolesGroup;
}
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLoginModule.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLoginModule.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/auth/SynchronizingLoginModule.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -207,6 +207,18 @@
log.error("Error when adding additional role: ", e);
}
}
+ if (defaultAssignedRole != null)
+ {
+ try
+ {
+ userRoles.addMember(createIdentity(defaultAssignedRole));
+ }
+ catch (Exception e)
+ {
+ //just a try
+ log.error("Error when adding additional role: ", e);
+ }
+ }
Group[] roleSets = {userRoles};
return roleSets;
@@ -353,7 +365,6 @@
try
{
rolesToAssign.add(getRoleModule().findRoleByName(defaultAssignedRole));
- userRoles.addMember(createIdentity(defaultAssignedRole));
}
catch(Exception e)
{
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/boot/IdentityServiceLoader.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/boot/IdentityServiceLoader.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/boot/IdentityServiceLoader.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -113,7 +113,7 @@
ModuleServiceMetaData moduleService = (ModuleServiceMetaData)iterator.next();
ModuleMetaData module = moduleService.getModuleData();
-
+
String entryName = "portal:identity=Module,type=" + module.getType();
AbstractBeanMetaData moduleBMD = new AbstractBeanMetaData(entryName,
module.getClassName());
@@ -155,7 +155,7 @@
}
}
-
+
/**
* Should be extended to provide mbean registration
* @param serviceName
@@ -182,7 +182,7 @@
*/
protected ServiceJNDIBinder getServiceJNDIBinder() throws Exception
{
- return null;
+ return null;
}
public IdentityContext getIdentityContext()
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateMembershipModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateMembershipModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateMembershipModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -179,6 +179,8 @@
}
}
+ fireMembershipChangedEvent(role, users);
+
}
public void assignRoles(User user, Set roles) throws IdentityException
@@ -224,6 +226,8 @@
// Assign new roles
HibernateUserImpl ui = (HibernateUserImpl)user;
ui.setRoles(copy);
+
+ fireMembershipChangedEvent(user, roles);
}
//TODO:
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateRoleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateRoleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateRoleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -22,7 +22,17 @@
package org.jboss.portal.identity.db;
import org.jboss.portal.identity.Role;
+import org.jboss.portal.identity.IdentityServiceController;
+import org.jboss.portal.identity.IdentityContext;
+import org.jboss.portal.identity.event.IdentityEventBroadcaster;
+import org.jboss.portal.identity.event.RoleUpdatedEvent;
+import org.jboss.mx.util.MBeanServerLocator;
+import org.jboss.mx.util.MBeanProxy;
+import org.jboss.mx.util.MBeanProxyCreationException;
+import javax.management.MBeanServer;
+import javax.management.ObjectName;
+import javax.management.MalformedObjectNameException;
import java.util.Set;
import java.util.HashSet;
@@ -37,10 +47,14 @@
implements Role
{
+ /** . */
+ private static final org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(HibernateRoleImpl.class);
+
private Long key;
private String name;
private Set users;
private String displayName;
+ private IdentityEventBroadcaster eventBroadcaster;
/**
*
@@ -132,6 +146,19 @@
public void setDisplayName(String displayName)
{
this.displayName = displayName;
+
+ IdentityEventBroadcaster broadcaster = getEventBroadcaster();
+
+ if (broadcaster != null)
+ {
+ // This can be called on object creation by hibernate so make sure that all fields are populated first
+ if (getId() != null && getName() != null && getDisplayName() != null)
+ {
+ RoleUpdatedEvent event = new RoleUpdatedEvent(getId(), getName(), displayName);
+ broadcaster.fireEvent(event);
+ }
+
+ }
}
/**
@@ -146,4 +173,26 @@
{
return "Role[" + key + "," + name + "]";
}
+
+ private IdentityEventBroadcaster getEventBroadcaster()
+ {
+ if (eventBroadcaster == null)
+ {
+
+ try
+ {
+ MBeanServer mbeanServer = MBeanServerLocator.locateJBoss();
+ IdentityServiceController identityService = (IdentityServiceController)MBeanProxy.get(
+ IdentityServiceController.class, new ObjectName("portal:service=Module,type=IdentityServiceController"), mbeanServer);
+
+ eventBroadcaster = (IdentityEventBroadcaster)identityService.getIdentityContext().getObject(IdentityContext.TYPE_IDENTITY_EVENT_BROADCASTER);
+ }
+ catch (Exception e)
+ {
+ log.error("Failed to obtain IdentityEventBroadcaster. RoleUpdatedEvent won't be broadcasted");
+ }
+ }
+
+ return eventBroadcaster;
+ }
}
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateRoleModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateRoleModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateRoleModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -207,6 +207,9 @@
HibernateRoleImpl role = new HibernateRoleImpl(name, displayName);
Session session = getCurrentSession();
session.save(role);
+
+ fireRoleCreatedEvent(role.getId(), role.getName());
+
return role;
}
catch (HibernateException e)
@@ -236,8 +239,13 @@
HibernateUserImpl user = (HibernateUserImpl)users.next();
user.getRoles().remove(role);
}
+
+ String name = role.getName();
+
session.delete(role);
session.flush();
+
+ fireRoleDestroyedEvent(id, name);
}
catch (HibernateException e)
{
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateUserImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateUserImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateUserImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -401,7 +401,7 @@
Object object = toObject((String)value);
field.set(instance, object);
-
+
}
else
{
@@ -551,7 +551,7 @@
catch (ParseException e)
{
throw new IllegalArgumentException("Can't convert the date in the user profile. value=[" + value + "].", e);
- }
+ }
}
protected String toString(Object value)
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateUserProfileModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateUserProfileModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/db/HibernateUserProfileModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -162,7 +162,7 @@
{
dbUser.getProfileMap().remove(propertyName);
}
- fireUserProfileChangedEvent(user.getId(), user.getUserName(), propertyName);
+ fireUserProfileChangedEvent(user.getId(), user.getUserName(), propertyName, propertyValue);
}
public Map getProperties(User user) throws IdentityException
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/UserProfileChangedEvent.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/UserProfileChangedEvent.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/event/UserProfileChangedEvent.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -38,8 +38,12 @@
/** . */
private final String propertyName;
- public UserProfileChangedEvent(Object userId, String userName, String propertyName)
+ /** .*/
+ private Object newValue;
+
+ public UserProfileChangedEvent(Object userId, String userName, String propertyName, Object newValue)
{
+ this.newValue = newValue;
if (userId == null)
{
throw new IllegalArgumentException();
@@ -52,9 +56,16 @@
{
throw new IllegalArgumentException();
}
+
+ if (propertyName == null)
+ {
+ throw new IllegalArgumentException();
+ }
+
this.userId = userId;
this.userName = userName;
this.propertyName = propertyName;
+ this.newValue = newValue;
}
public Object getUserId()
@@ -72,8 +83,13 @@
return propertyName;
}
+ public Object getNewValue()
+ {
+ return newValue;
+ }
+
public String toString()
{
- return "UserProfileChangedEvent[userId=" + userId + ",userName=" + userName + ",propertyName=" + propertyName + "]";
+ return "UserProfileChangedEvent[userId=" + userId + ",userName=" + userName + ",propertyName=" + propertyName + ",propertyValue" + newValue + "]";
}
}
\ No newline at end of file
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPConnectionContext.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPConnectionContext.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPConnectionContext.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -101,7 +101,7 @@
env.put(Context.SECURITY_PRINCIPAL, this.getAdminDN());
if (this.getAdminPassword() != null)
env.put(Context.SECURITY_CREDENTIALS, this.getAdminPassword());
-
+
if (this.getProtocol() != null)
{
env.put(Context.SECURITY_PROTOCOL, this.getProtocol());
@@ -183,7 +183,7 @@
if (identityContext != null)
{
- identityContext.register(this, IdentityContext.TYPE_CONNECTION_CONTEXT);
+ identityContext.register(this, IdentityContext.TYPE_CONNECTION_CONTEXT);
}
}
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtRoleModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtRoleModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtRoleModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -66,7 +66,7 @@
Object[] filterArgs = {name};
-
+
List sr = searchRoles(filter, filterArgs);
if (sr.size() > 1)
{
@@ -115,7 +115,7 @@
filter.append(")");
List sr = searchRoles(filter.toString(), null);
-
+
log.debug("Roles found: " + sr.size());
for (Iterator iterator = sr.iterator(); iterator.hasNext();)
{
@@ -174,7 +174,7 @@
Set rf = new HashSet();
try
{
- //search all entries
+ //search all entries
String filter = getRoleSearchFilter();
//* chars are escaped in filterArgs so we must replace it manually
filter = filter.replaceAll("\\{0\\}", "*");
@@ -212,7 +212,7 @@
LdapContext ldapContext = getConnectionContext().createInitialContext();
NamingEnumeration results = null;
-
+
try
{
SearchControls controls = new SearchControls();
@@ -220,6 +220,9 @@
controls.setReturningObjFlag(true);
controls.setTimeLimit(getSearchTimeLimit());
+ String[] retAttr = {getRidAttributeID(), getDisplayNameAttributeID()};
+ controls.setReturningAttributes(retAttr);
+
//
filter = filter.replaceAll("\\\\", "\\\\\\\\");
@@ -258,7 +261,7 @@
for (Iterator iterator = roleCtxs.iterator(); iterator.hasNext();)
{
String roleCtx = (String)iterator.next();
-
+
if (filterArgs == null)
{
results = ldapContext.search(roleCtx, filter, controls);
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtUserModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtUserModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtUserModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -111,7 +111,7 @@
//findUserById(Object id) from super
- //findUserById(String id) from super
+ //findUserById(String id) from super
public User createUser(String userName, String password) throws IdentityException, IllegalArgumentException
{
@@ -181,7 +181,7 @@
return new HashSet();
}
- return Tools.toSet(uf.subList(offset, size).iterator());
+ return processUsers(uf.subList(offset, size));
}
catch (NoSuchElementException e)
{
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModule.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModule.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModule.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -48,7 +48,7 @@
private LDAPConnectionContext connectionContext;
-
+
public void start() throws Exception
{
if (getConnectionJNDIName() == null)
@@ -83,6 +83,8 @@
attrs.put(attr);
ldapContext.modifyAttributes(ldapr.getDn(), DirContext.REPLACE_ATTRIBUTE,attrs);
+
+ fireRoleUpdatedEvent(ldapr.getId(), ldapr.getName(), name);
}
catch (NamingException e)
{
@@ -286,7 +288,7 @@
String roleCtx = getIdentityConfiguration().getValue(IdentityConfiguration.ROLE_CONTEXT_DN);
if (roleCtx == null)
{
- throw new IdentityException("Configuration option missing: " + IdentityConfiguration.ROLE_CONTEXT_DN);
+ throw new IdentityException("Configuration option missing: " + IdentityConfiguration.ROLE_CONTEXT_DN);
}
return roleCtx;
}
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -114,7 +114,7 @@
.append("=")
.append(name)
.append(") ");
- }
+ }
filter.append(")");
List sr = searchRoles(filter.toString(), null);
@@ -222,7 +222,11 @@
}
}
- return findRoleByName(name);
+ Role resultRole = findRoleByName(name);
+
+ fireRoleCreatedEvent(resultRole.getId(), resultRole.getName());
+
+ return resultRole;
}
//TODO: remove role assignments before?
@@ -246,6 +250,8 @@
{
log.debug("removing entry: " + ldapr.getDn());
ldapContext.unbind(ldapr.getDn());
+
+ fireRoleDestroyedEvent(ldapr.getId(), ldapr.getName());
}
catch (Exception e)
{
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -53,8 +53,8 @@
public class LDAPStaticGroupMembershipModuleImpl extends LDAPMembershipModule
{
private static final org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(LDAPStaticGroupMembershipModuleImpl.class);
+
-
public Set getRoles(User user) throws IdentityException
{
if (user == null)
@@ -102,7 +102,7 @@
memberName = ldapUser.getUserName();
}
-
+
String filter = getMemberAttributeID().concat("=").concat(memberName);
log.debug("Search filter: " + filter);
@@ -113,7 +113,7 @@
{
SearchResult res = (SearchResult)iterator.next();
DirContext ctx = (DirContext)res.getObject();
- roles.add(getRoleModule().createRoleInstance(res.getAttributes(),ctx.getNameInNamespace()));
+ roles.add(getRoleModule().createRoleInstance(res.getAttributes(),ctx.getNameInNamespace()));
}
@@ -167,7 +167,7 @@
}
//obtain Role entry attributes from directory
- Attributes attrs = ldapContext.getAttributes(ldapRole.getDn());
+ Attributes attrs = ldapContext.getAttributes(ldapRole.getDn(), new String[] {getMemberAttributeID()});
//log.debug("Role attributes: " + attrs);
if (attrs == null)
@@ -182,7 +182,7 @@
{
NamingEnumeration values = memberAttr.getAll();
-
+
while (values.hasMoreElements())
{
String value = values.nextElement().toString();
@@ -292,7 +292,7 @@
throw new IdentityException("Illegal state - cached user doesn't exist in identity store: ", e);
}
}
-
+
LDAPUserImpl ldapUser = (LDAPUserImpl)user;
if (isUidAttributeIsDN())
@@ -320,6 +320,7 @@
{
ldapContext.modifyAttributes(ldapRole.getDn(), DirContext.REMOVE_ATTRIBUTE, attrs);
}
+ fireMembershipChangedEvent(role, users);
}
catch (NamingException e)
{
@@ -427,7 +428,7 @@
//can't remove the last member (if the attribute is required by schema)
//TODO: workaround this somehow.... (adding goofy user or admin instead?)
- if (attr.size() != 1)
+ if (!(attr.size() == 1 && isMembershipAttributeRequired()))
{
//remove user name from the member list
attr.remove(memberName);
@@ -461,6 +462,8 @@
ldapContext.modifyAttributes(roleDN, mods);
}
+ fireMembershipChangedEvent(user, roles);
+
//and that should be all...
}
catch (NamingException e)
@@ -523,5 +526,5 @@
}
-
+
}
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -49,7 +49,7 @@
* @author <a href="mailto:boleslaw.dawidowicz@jboss.org">Boleslaw Dawidowicz</a>
* @version $Revision: 1.1 $
*/
-public class LDAPStaticRoleMembershipModuleImpl extends LDAPMembershipModule//extends AbstractJBossService implements MembershipModule
+public class LDAPStaticRoleMembershipModuleImpl extends LDAPMembershipModule
{
private static final org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(LDAPStaticRoleMembershipModuleImpl.class);
@@ -98,7 +98,7 @@
}
//obtain Role entry attributes from directory
- Attributes attrs = ldapContext.getAttributes(ldapUser.getDn());
+ Attributes attrs = ldapContext.getAttributes(ldapUser.getDn(), new String[] {getMemberAttributeID()});
//log.debug("User attributes: " + attrs);
if (attrs == null )
@@ -351,6 +351,8 @@
ldapContext.modifyAttributes(userDN, mods);
}
+ fireMembershipChangedEvent(role, users);
+
//and that should be all...
}
catch (NamingException e)
@@ -438,6 +440,8 @@
attrs.put(member);
ldapContext.modifyAttributes(ldapUser.getDn(), DirContext.REPLACE_ATTRIBUTE, attrs);
+
+ fireMembershipChangedEvent(user, roles);
}
catch (NamingException e)
{
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -100,7 +100,7 @@
this.identityContext = context;
//this.realEmail = email;
this.id = id;
-
+
}
public boolean equals(Object obj)
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModule.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModule.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModule.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -154,7 +154,7 @@
env.put(Context.SECURITY_CREDENTIALS, password);
InitialContext ctx = new InitialLdapContext(env, null);
-
+
if (ctx != null)
{
ctx.close();
@@ -197,7 +197,7 @@
//ldapu = new LDAPUserImpl(dn,getIdentityContext(), uida.get().toString());
- //make DN as user ID
+ //make DN as user ID
ldapu = new LDAPUserImpl(dn,getIdentityContext(), dn);
if (isUserNameToLowerCase())
@@ -281,8 +281,8 @@
* @return
*/
public abstract List searchUsers(String filter, Object[] filterArgs) throws NamingException, IdentityException;
+
-
//**************************
//*** Getter and Setters
//**************************
@@ -462,5 +462,5 @@
{
this.connectionContext = connectionContext;
}
-
+
}
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -60,7 +60,7 @@
* @author <a href="mailto:boleslaw.dawidowicz@jboss.org">Boleslaw Dawidowicz</a>
* @version $Revision: 1.1 $
*/
-public class LDAPUserModuleImpl extends LDAPUserModule
+public class LDAPUserModuleImpl extends LDAPUserModule
{
private static final org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(LDAPUserModuleImpl.class);
@@ -140,9 +140,9 @@
return findUserByDN(id);
}
+
-
-
+
public User createUser(String userName, String password) throws IdentityException, IllegalArgumentException
{
@@ -336,7 +336,7 @@
return new HashSet();
}
- return Tools.toSet(uf.subList(offset, size).iterator());
+ return processUsers(uf.subList(offset, size));
}
catch (NoSuchElementException e)
{
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserProfileModuleImpl.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserProfileModuleImpl.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserProfileModuleImpl.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -214,7 +214,7 @@
attrs.put(attr);
ldapContext.modifyAttributes(ldapUser.getDn(), DirContext.REPLACE_ATTRIBUTE,attrs);
- fireUserProfileChangedEvent(user.getId(), user.getUserName(), propertyName);
+ fireUserProfileChangedEvent(user.getId(), user.getUserName(), propertyName, property);
}
catch (NamingException e)
{
@@ -337,7 +337,7 @@
}
/**
- * Returns a map of mappings - property name/attribute name.
+ * Returns a map of mappings - property name/attribute name.
* @return
* @throws IdentityException
*/
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/MembershipModuleService.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/MembershipModuleService.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/MembershipModuleService.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -23,8 +23,16 @@
import org.jboss.portal.identity.MembershipModule;
import org.jboss.portal.identity.IdentityContext;
+import org.jboss.portal.identity.IdentityException;
+import org.jboss.portal.identity.User;
+import org.jboss.portal.identity.Role;
+import org.jboss.portal.identity.event.MembershipChangedEvent;
import org.jboss.portal.identity.info.ProfileInfo;
+import java.util.Set;
+import java.util.Iterator;
+import java.util.HashSet;
+
/**
* @author <a href="mailto:boleslaw dot dawidowicz at jboss.org">Boleslaw Dawidowicz</a>
* @version $Revision: 1.1 $
@@ -48,4 +56,46 @@
{
this.profileInfo = profileInfo;
}
+
+ protected void fireMembershipChangedEvent(Set userIds, Set roleIds) throws IdentityException
+ {
+ MembershipChangedEvent event = new MembershipChangedEvent(userIds, roleIds);
+ getIdentityEventBroadcaster().fireEvent(event);
+ }
+
+ protected void fireMembershipChangedEvent(User user, Set roles) throws IdentityException
+ {
+
+ Set roleIds = new HashSet();
+ Set userIds = new HashSet();
+
+ userIds.add(user.getId());
+
+ for (Iterator iterator = roles.iterator(); iterator.hasNext();)
+ {
+ Role role = (Role)iterator.next();
+ roleIds.add(role.getId());
+ }
+
+ fireMembershipChangedEvent(userIds, roleIds);
+ }
+
+ protected void fireMembershipChangedEvent(Role role, Set users) throws IdentityException
+ {
+
+ Set roleIds = new HashSet();
+ Set userIds = new HashSet();
+
+ roleIds.add(role.getId());
+
+ for (Iterator iterator = users.iterator(); iterator.hasNext();)
+ {
+ User user = (User)iterator.next();
+ userIds.add(user.getId());
+ }
+
+ fireMembershipChangedEvent(userIds, roleIds);
+ }
+
+
}
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/RoleModuleService.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/RoleModuleService.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/RoleModuleService.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -23,6 +23,10 @@
import org.jboss.portal.identity.RoleModule;
import org.jboss.portal.identity.IdentityContext;
+import org.jboss.portal.identity.IdentityException;
+import org.jboss.portal.identity.event.RoleCreatedEvent;
+import org.jboss.portal.identity.event.RoleDestroyedEvent;
+import org.jboss.portal.identity.event.RoleUpdatedEvent;
/**
* @author <a href="mailto:boleslaw dot dawidowicz at jboss.org">Boleslaw Dawidowicz</a>
@@ -36,4 +40,25 @@
{
super(IdentityContext.TYPE_ROLE_MODULE);
}
+
+ protected void fireRoleCreatedEvent(Object roleId, String roleName) throws IdentityException
+ {
+ RoleCreatedEvent event = new RoleCreatedEvent(roleId, roleName);
+ getIdentityEventBroadcaster().fireEvent(event);
+
+ }
+
+ protected void fireRoleDestroyedEvent(Object roleId, String roleName) throws IdentityException
+ {
+ RoleDestroyedEvent event = new RoleDestroyedEvent(roleId, roleName);
+ getIdentityEventBroadcaster().fireEvent(event);
+
+ }
+
+ protected void fireRoleUpdatedEvent(Object roleId, String roleName, String displayName) throws IdentityException
+ {
+ RoleUpdatedEvent event = new RoleUpdatedEvent(roleId, roleName, displayName);
+ getIdentityEventBroadcaster().fireEvent(event);
+ }
+
}
Modified: modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/UserProfileModuleService.java
===================================================================
--- modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/UserProfileModuleService.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/identity/src/main/java/org/jboss/portal/identity/service/UserProfileModuleService.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -54,13 +54,13 @@
{
if (log.isDebugEnabled())
{
- log.debug("Processing profile configuration for the module....");
+ log.debug("Processing profile configuration for the module....");
}
profileInfo = new ProfileInfoSupport(ConfigurationParser.parseProfileConfiguration(getProfileConfigFile()));
}
super.start();
-
+
}
// public ProfileInfo getProfileInfo() throws IdentityException
@@ -83,9 +83,9 @@
this.profileConfigFile = profileConfigFile;
}
- protected void fireUserProfileChangedEvent(Object userId, String userName, String propertyName) throws IdentityException
+ protected void fireUserProfileChangedEvent(Object userId, String userName, String propertyName, Object newValue) throws IdentityException
{
- IdentityEvent event = new UserProfileChangedEvent(userId, userName, propertyName);
+ IdentityEvent event = new UserProfileChangedEvent(userId, userName, propertyName, newValue);
getIdentityEventBroadcaster().fireEvent(event);
}
Modified: modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/cas/CASAuthenticationHandler.java
===================================================================
--- modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/cas/CASAuthenticationHandler.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/cas/CASAuthenticationHandler.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -62,7 +62,7 @@
//Perform this operation in the context of a UserTransaction
status = authService.authenticate(username, password);
-
+
return status;
}
catch(Exception e)
Modified: modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/cas/CASAuthenticationValve.java
===================================================================
--- modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/cas/CASAuthenticationValve.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/cas/CASAuthenticationValve.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -362,7 +362,7 @@
if(request.getAttribute("org.jboss.portal.logout") != null)
{
response.sendRedirect(this.casLogout);
- }
+ }
}
/**
Modified: modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java
===================================================================
--- modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -45,7 +45,7 @@
public void invoke(Request request, Response response) throws IOException,
ServletException
{
- HttpServletRequest httpRequest = (HttpServletRequest) request;
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
request.setAttribute("ssoEnabled", "true");
Cookie jossoPortalCookie = this.findJOSSOPortalLogoutCookie(httpRequest);
Modified: modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/opensso/OpenSSOAuthenticationValve.java
===================================================================
--- modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/opensso/OpenSSOAuthenticationValve.java 2009-02-05 09:40:15 UTC (rev 12777)
+++ modules/identity/trunk/sso/src/main/java/org/jboss/portal/identity/sso/opensso/OpenSSOAuthenticationValve.java 2009-02-05 12:40:41 UTC (rev 12778)
@@ -33,6 +33,7 @@
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import javax.security.jacc.PolicyContext;
import java.io.IOException;
import java.security.Principal;
@@ -73,6 +74,10 @@
public void invoke(Request request, Response response) throws IOException, ServletException
{
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
+ HttpSession session = httpRequest.getSession();
+ request.setAttribute("ssoEnabled", "true");
+
SSOToken token = getToken();
String requestURI = request.getRequestURI();
17 years, 2 months
- 1
- 0
JBoss Portal SVN: r12777 - in modules/portlet/trunk: build/distrib and 11 other directories.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2009-02-05 04:40:15 -0500 (Thu, 05 Feb 2009)
New Revision: 12777
Modified:
modules/portlet/trunk/bridge/pom.xml
modules/portlet/trunk/build/distrib/distrib.xml
modules/portlet/trunk/controller/pom.xml
modules/portlet/trunk/docs/pom.xml
modules/portlet/trunk/docs/user-guide/pom.xml
modules/portlet/trunk/federation/pom.xml
modules/portlet/trunk/jsr168api/pom.xml
modules/portlet/trunk/management/pom.xml
modules/portlet/trunk/mc/pom.xml
modules/portlet/trunk/portal/pom.xml
modules/portlet/trunk/portlet/pom.xml
modules/portlet/trunk/samples/pom.xml
modules/portlet/trunk/test/pom.xml
Log:
- Should fix building issue.
Modified: modules/portlet/trunk/bridge/pom.xml
===================================================================
--- modules/portlet/trunk/bridge/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/bridge/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: modules/portlet/trunk/build/distrib/distrib.xml
===================================================================
--- modules/portlet/trunk/build/distrib/distrib.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/build/distrib/distrib.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -2,9 +2,9 @@
<property name="source.dir" value="../.."/>
<property name="src.docs.dir" value="${source.dir}/docs"/>
- <property name="pc.release.version" value="2.1.0-SNAPSHOT"/>
- <property name="demo.release.version" value="2.1.0-SNAPSHOT"/>
- <property name="maven.version" value="2.1.0-SNAPSHOT"/>
+ <property name="pc.release.version" value="trunk-SNAPSHOT"/>
+ <property name="demo.release.version" value="trunk-SNAPSHOT"/>
+ <property name="maven.version" value="trunk-SNAPSHOT"/>
<!-- -->
<property name="pc.release.name" value="jboss-portletcontainer-${pc.release.version}"/>
Modified: modules/portlet/trunk/controller/pom.xml
===================================================================
--- modules/portlet/trunk/controller/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/controller/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: modules/portlet/trunk/docs/pom.xml
===================================================================
--- modules/portlet/trunk/docs/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/docs/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -4,7 +4,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<artifactId>docs-aggregator</artifactId>
Modified: modules/portlet/trunk/docs/user-guide/pom.xml
===================================================================
--- modules/portlet/trunk/docs/user-guide/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/docs/user-guide/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -11,7 +11,7 @@
</parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>user-guide-${translation}</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<packaging>jdocbook</packaging>
<name>User_Guide_(${translation})</name>
Modified: modules/portlet/trunk/federation/pom.xml
===================================================================
--- modules/portlet/trunk/federation/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/federation/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: modules/portlet/trunk/jsr168api/pom.xml
===================================================================
--- modules/portlet/trunk/jsr168api/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/jsr168api/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: modules/portlet/trunk/management/pom.xml
===================================================================
--- modules/portlet/trunk/management/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/management/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: modules/portlet/trunk/mc/pom.xml
===================================================================
--- modules/portlet/trunk/mc/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/mc/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: modules/portlet/trunk/portal/pom.xml
===================================================================
--- modules/portlet/trunk/portal/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/portal/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: modules/portlet/trunk/portlet/pom.xml
===================================================================
--- modules/portlet/trunk/portlet/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/portlet/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: modules/portlet/trunk/samples/pom.xml
===================================================================
--- modules/portlet/trunk/samples/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/samples/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
Modified: modules/portlet/trunk/test/pom.xml
===================================================================
--- modules/portlet/trunk/test/pom.xml 2009-02-05 00:46:09 UTC (rev 12776)
+++ modules/portlet/trunk/test/pom.xml 2009-02-05 09:40:15 UTC (rev 12777)
@@ -3,7 +3,7 @@
<parent>
<groupId>org.jboss.portal.portlet</groupId>
<artifactId>module-parent</artifactId>
- <version>2.1.0-SNAPSHOT</version>
+ <version>trunk-SNAPSHOT</version>
<relativePath>../build/pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
17 years, 2 months
- 1
- 0
JBoss Portal SVN: r12776 - examples/trunk/JSPHelloUser/src/main/webapp/jsp.
by portal-commits@lists.jboss.org
Author: prabhat.jha(a)jboss.com
Date: 2009-02-04 19:46:09 -0500 (Wed, 04 Feb 2009)
New Revision: 12776
Modified:
examples/trunk/JSPHelloUser/src/main/webapp/jsp/hello.jsp
examples/trunk/JSPHelloUser/src/main/webapp/jsp/welcome.jsp
Log:
update taglib uri
Modified: examples/trunk/JSPHelloUser/src/main/webapp/jsp/hello.jsp
===================================================================
--- examples/trunk/JSPHelloUser/src/main/webapp/jsp/hello.jsp 2009-02-04 23:33:04 UTC (rev 12775)
+++ examples/trunk/JSPHelloUser/src/main/webapp/jsp/hello.jsp 2009-02-05 00:46:09 UTC (rev 12776)
@@ -1,4 +1,5 @@
-<%@ taglib uri="http://java.sun.com/portlet" prefix="portlet" %>
+<%@ taglib uri="http://java.sun.com/portlet_2_0" prefix="portlet" %>
+
<portlet:defineObjects/>
<div class="portlet-section-header">Remember we love you: <%= renderRequest.getParameter("yourname") %></div>
Modified: examples/trunk/JSPHelloUser/src/main/webapp/jsp/welcome.jsp
===================================================================
--- examples/trunk/JSPHelloUser/src/main/webapp/jsp/welcome.jsp 2009-02-04 23:33:04 UTC (rev 12775)
+++ examples/trunk/JSPHelloUser/src/main/webapp/jsp/welcome.jsp 2009-02-05 00:46:09 UTC (rev 12776)
@@ -1,4 +1,4 @@
-<%@ taglib uri="http://java.sun.com/portlet" prefix="portlet" %>
+<%@ taglib uri="http://java.sun.com/portlet_2_0" prefix="portlet" %>
<div class="portlet-section-header">Welcome !</div>
@@ -32,4 +32,4 @@
<input class="portlet-form-input-field" type="text" name="yourname"/>
<input class="portlet-form-button" type="Submit"/>
</form>
-</div>
\ No newline at end of file
+</div>
17 years, 2 months
- 1
- 0
JBoss Portal SVN: r12775 - modules/portlet/trunk/portlet/src/main/java/org/jboss/portal/portlet/impl/jsr168.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2009-02-04 18:33:04 -0500 (Wed, 04 Feb 2009)
New Revision: 12775
Modified:
modules/portlet/trunk/portlet/src/main/java/org/jboss/portal/portlet/impl/jsr168/PortletUtils.java
Log:
- JBPORTAL-2304: Shortened namespace. It should be enough to only use the last part of the path (as the window name should be unique within the page context). Depending on window name format, it could be possible to optimize the code further (in terms of speed).
- Needs to be properly tested!
Modified: modules/portlet/trunk/portlet/src/main/java/org/jboss/portal/portlet/impl/jsr168/PortletUtils.java
===================================================================
--- modules/portlet/trunk/portlet/src/main/java/org/jboss/portal/portlet/impl/jsr168/PortletUtils.java 2009-02-04 23:12:55 UTC (rev 12774)
+++ modules/portlet/trunk/portlet/src/main/java/org/jboss/portal/portlet/impl/jsr168/PortletUtils.java 2009-02-04 23:33:04 UTC (rev 12775)
@@ -37,6 +37,7 @@
{
public static final String PREFIX = "jbpns";
public static final String SUFFIX = "snpbj";
+ private static final String SLASH = "/";
/**
* Creates a <code>WindowState</code> object based on the specified name.
@@ -108,9 +109,10 @@
}
else
{
- StringBuffer tmp = new StringBuffer(PREFIX.length() + windowId.length() * 2);
+ int length = windowId.length();
+ StringBuffer tmp = new StringBuffer(PREFIX.length() + SUFFIX.length() + length + 5);
tmp.append(PREFIX);
- for (int i = 0; i < windowId.length(); i++)
+ for (int i = windowId.lastIndexOf(SLASH) + 1; i < length; i++)
{
char c = windowId.charAt(i);
if (((int)c >= 65 && (int)c <= 90) || ((int)c >= 97 && (int)c <= 122) || ((int)c >= 48 && (int)c <= 57) || ((int)c == 95) || (int)c == 36)
17 years, 2 months
- 1
- 0
JBoss Portal SVN: r12774 - in modules/authorization/trunk: policy-server/src/main/java/org/jboss/security/authz/policy/server and 3 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-02-04 18:12:55 -0500 (Wed, 04 Feb 2009)
New Revision: 12774
Removed:
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsFunction.java
Modified:
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java
Log:
Integrating Drools based Expressions to specify Policy Rules for the HttpResource core component
Modified: modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java
===================================================================
--- modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java 2009-02-04 18:24:18 UTC (rev 12773)
+++ modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java 2009-02-04 23:12:55 UTC (rev 12774)
@@ -246,7 +246,8 @@
Rule permitRule = new Rule();
- permitRule.setRuleId("httpResource://permittedRoles/"+GeneralTool.generateUniqueId());
+ String ruleReference = "httpResource://permittedRoles/"+GeneralTool.generateUniqueId();
+ permitRule.setRuleId(ruleReference);
permitRule.setEffect(Effect.PERMIT);
//Generate a Drools Rule
@@ -255,7 +256,8 @@
}
DroolsRuleExpression expression = new DroolsRuleExpression();
- expression.setRuleReference(GeneralTool.generateUniqueId());
+ expression.setRuleReference(ruleReference);
+ expression.setRule(HttpResource.allowedRolesRule);
permitRule.setExpression(expression);
return permitRule;
@@ -274,8 +276,9 @@
}
Rule denyRule = new Rule();
-
- denyRule.setRuleId("httpResource://deniedRoles/"+GeneralTool.generateUniqueId());
+
+ String ruleReference = "httpResource://deniedRoles/"+GeneralTool.generateUniqueId();
+ denyRule.setRuleId(ruleReference);
denyRule.setEffect(Effect.DENY);
//Generate a Drools Rule
@@ -283,7 +286,8 @@
{
}
DroolsRuleExpression expression = new DroolsRuleExpression();
- expression.setRuleReference(GeneralTool.generateUniqueId());
+ expression.setRuleReference(ruleReference);
+ expression.setRule(HttpResource.deniedRolesRule);
denyRule.setExpression(expression);
return denyRule;
@@ -298,7 +302,8 @@
Rule rule = new Rule();
- rule.setRuleId("httpResource://allowedIps/"+GeneralTool.generateUniqueId());
+ String ruleReference = "httpResource://allowedIps/"+GeneralTool.generateUniqueId();
+ rule.setRuleId(ruleReference);
rule.setEffect(Effect.PERMIT);
for(String allowedIp: this.allowedIps)
@@ -312,7 +317,8 @@
rule.setExpression(expression);*/
}
DroolsRuleExpression expression = new DroolsRuleExpression();
- expression.setRuleReference(GeneralTool.generateUniqueId());
+ expression.setRuleReference(ruleReference);
+ expression.setRule(HttpResource.allowedIpsRule);
rule.setExpression(expression);
return rule;
Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java 2009-02-04 18:24:18 UTC (rev 12773)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java 2009-02-04 23:12:55 UTC (rev 12774)
@@ -25,14 +25,17 @@
import org.apache.log4j.Logger;
+import org.jboss.security.authz.model.DroolsRuleExpression;
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
import org.jboss.security.authz.model.PolicyException;
+import org.jboss.security.authz.model.Rule;
import org.jboss.security.authz.tools.GeneralTool;
import org.jboss.security.authz.policy.server.decision.PolicyDecisionPoint;
import org.jboss.security.authz.policy.server.spi.PolicyStore;
import org.jboss.security.authz.policy.server.plugin.HierarchialPolicy;
import org.jboss.security.authz.policy.server.plugin.EnterprisePolicyFinderModule;
+import org.jboss.security.authz.policy.server.plugin.DroolsRuleManager;
import org.jboss.security.authz.enforcement.Request;
import org.jboss.security.authz.enforcement.Response;
@@ -51,6 +54,7 @@
private PolicyDecisionPoint policyDecisionPoint;
private PolicyStore policyStore;
private EnterprisePolicyFinderModule policyFinderModule;
+ private DroolsRuleManager ruleManager;
public PolicyServer()
{
@@ -100,6 +104,16 @@
{
this.policyStore = policyStore;
}
+
+ public DroolsRuleManager getRuleManager()
+ {
+ return this.ruleManager;
+ }
+
+ public void setRuleManager(DroolsRuleManager ruleManager)
+ {
+ this.ruleManager = ruleManager;
+ }
//--------Decision making services--------------------------------------------------------------------------------------------------------------------------
/**
* Makes an Authorization Decision
@@ -138,8 +152,23 @@
try
{
Policy policy = new HierarchialPolicy(GeneralTool.generateUniqueId(), policyMetaData);
+
+ //Save the policy in the Policy Store
this.policyStore.savePolicy(policy);
+
+ //Update the PolicyFinder's runtime state with this new policy
this.policyFinderModule.addPolicy(policy);
+
+ //Update the DroolsRuleManager's runtime state with any Drools based expressions if they are part of this new policy
+ Set<Rule> rules = policyMetaData.getRules();
+ for(Rule rule: rules)
+ {
+ Object expression = rule.getExpression();
+ if(expression instanceof DroolsRuleExpression)
+ {
+ this.ruleManager.addRule((DroolsRuleExpression)expression);
+ }
+ }
}
catch(PolicyException pe)
{
Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java 2009-02-04 18:24:18 UTC (rev 12773)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java 2009-02-04 23:12:55 UTC (rev 12774)
@@ -25,14 +25,19 @@
import java.util.List;
import java.util.ArrayList;
+import org.apache.log4j.Logger;
+
import org.drools.RuleBase;
import org.drools.WorkingMemory;
+import org.jboss.security.authz.policy.server.Server;
+
import org.jboss.security.xacml.sunxacml.EvaluationCtx;
import org.jboss.security.xacml.sunxacml.cond.EvaluationResult;
import org.jboss.security.xacml.sunxacml.cond.FunctionBase;
import org.jboss.security.xacml.sunxacml.ctx.Status;
import org.jboss.security.xacml.sunxacml.attr.BooleanAttribute;
+import org.jboss.security.xacml.sunxacml.cond.VariableReference;
/**
* A custom XACML Function which is used to evaluate an XACML Condition based on the Evaluation Results of a specified Business Rule based on the
@@ -43,6 +48,8 @@
*/
public class DroolsFunction extends FunctionBase
{
+ private static Logger log = Logger.getLogger(DroolsFunction.class);
+
public static final String NAME = "urn:oasis:names:tc:xacml:2.0:function:jboss-drools:rule";
/**
@@ -62,7 +69,7 @@
0, //FunctionId
BooleanAttribute.identifier, //returnType
false //returns a Bag of values
- );
+ );
}
@@ -94,12 +101,27 @@
{
EvaluationResult result = null;
try
- {
-
- /**
- * TODO: start a Drools context and evaluate the specified Rule against the data presented in the EvaluationContext
- */
- result = EvaluationResult.getTrueInstance();
+ {
+ if(inputs != null)
+ {
+ for(int i=0,size=inputs.size(); i<size; i++)
+ {
+ VariableReference reference = (VariableReference)inputs.get(i);
+
+ log.info("Firing Rule ="+reference.getVariableId());
+
+ DroolsRuleManager ruleManager = (DroolsRuleManager)Server.lookup("/policy-server/DroolsRuleManager");
+ RuleBase ruleBase = ruleManager.getActiveRuleBase();
+ WorkingMemory workingMemory = ruleBase.newStatefulSession();
+ workingMemory.insert(reference.getVariableId());
+ workingMemory.fireAllRules();
+
+ /**
+ * TODO: start a Drools context and evaluate the specified Rule against the data presented in the EvaluationContext
+ */
+ result = EvaluationResult.getTrueInstance();
+ }
+ }
}
catch(Exception e)
{
Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java 2009-02-04 18:24:18 UTC (rev 12773)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java 2009-02-04 23:12:55 UTC (rev 12774)
@@ -80,7 +80,7 @@
return this.activeRuleBase;
}
- void addRule(DroolsRuleExpression rule)
+ public void addRule(DroolsRuleExpression rule)
{
try
{
@@ -103,7 +103,7 @@
}
}
- DroolsRuleExpression readRule(String ruleReference)
+ public DroolsRuleExpression readRule(String ruleReference)
{
try
{
@@ -128,7 +128,7 @@
}
}
- void updateRule(DroolsRuleExpression rule)
+ public void updateRule(DroolsRuleExpression rule)
{
try
{
@@ -150,7 +150,7 @@
}
}
- void removeRule(String ruleReference)
+ public void removeRule(String ruleReference)
{
try
{
Modified: modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
===================================================================
--- modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-02-04 18:24:18 UTC (rev 12773)
+++ modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-02-04 23:12:55 UTC (rev 12774)
@@ -10,14 +10,20 @@
<property name="policyStore">
<inject bean="/policy-server/PolicyStore"/>
</property>
+ <property name="ruleManager">
+ <inject bean="/policy-server/DroolsRuleManager"/>
+ </property>
</bean>
<bean name="/policy-server/PolicyDecisionPoint" class="org.jboss.security.authz.policy.server.decision.PolicyDecisionPoint">
</bean>
+
+ <bean name="/policy-server/PolicyDeployer" class="org.jboss.security.authz.policy.server.provisioning.PolicyDeployer">
+ </bean>
<bean name="/policy-server/PolicyStore" class="org.jboss.security.authz.policy.server.provisioning.MemoryPolicyStore">
</bean>
- <bean name="/policy-server/PolicyDeployer" class="org.jboss.security.authz.policy.server.provisioning.PolicyDeployer">
+ <bean name="/policy-server/DroolsRuleManager" class="org.jboss.security.authz.policy.server.plugin.DroolsRuleManager">
</bean>
</deployment>
\ No newline at end of file
Deleted: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsFunction.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsFunction.java 2009-02-04 18:24:18 UTC (rev 12773)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsFunction.java 2009-02-04 23:12:55 UTC (rev 12774)
@@ -1,221 +0,0 @@
-/******************************************************************************
- * JBoss, a division of Red Hat *
- * Copyright 2006, Red Hat Middleware, LLC, and individual *
- * contributors as indicated by the @authors tag. See the *
- * copyright.txt in the distribution for a full listing of *
- * individual contributors. *
- * *
- * This is free software; you can redistribute it and/or modify it *
- * under the terms of the GNU Lesser General Public License as *
- * published by the Free Software Foundation; either version 2.1 of *
- * the License, or (at your option) any later version. *
- * *
- * This software is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
- * Lesser General Public License for more details. *
- * *
- * You should have received a copy of the GNU Lesser General Public *
- * License along with this software; if not, write to the Free *
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
- ******************************************************************************/
-package org.jboss.security.authz.policy.server.plugin;
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.util.Set;
-import java.util.HashSet;
-
-import junit.framework.TestCase;
-
-import org.apache.log4j.Logger;
-
-import org.jboss.security.xacml.core.model.context.ActionType;
-import org.jboss.security.xacml.core.model.context.AttributeType;
-import org.jboss.security.xacml.core.model.context.AttributeValueType;
-import org.jboss.security.xacml.core.model.context.ObjectFactory;
-import org.jboss.security.xacml.core.model.context.RequestType;
-import org.jboss.security.xacml.core.model.context.ResourceType;
-import org.jboss.security.xacml.core.model.context.SubjectType;
-import org.jboss.security.xacml.factories.RequestResponseContextFactory;
-import org.jboss.security.xacml.interfaces.RequestContext;
-import org.jboss.security.xacml.interfaces.ResponseContext;
-import org.jboss.security.xacml.interfaces.XACMLConstants;
-import org.jboss.security.xacml.interfaces.XMLSchemaConstants;
-import org.jboss.security.xacml.sunxacml.PDP;
-import org.jboss.security.xacml.sunxacml.ConfigurationStore;
-import org.jboss.security.xacml.sunxacml.ctx.RequestCtx;
-import org.jboss.security.xacml.sunxacml.ctx.ResponseCtx;
-
-import org.jboss.security.authz.model.*;
-import org.jboss.security.authz.policy.server.plugin.DroolsFunction;
-
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- *
- */
-public class TestDroolsFunction extends TestCase
-{
- private static Logger log = Logger.getLogger(TestDroolsFunction.class);
-
- private ConfigurationStore store = null;
-
- protected void setUp() throws Exception
- {
- this.store = new ConfigurationStore(new File("target/test-classes/pdp-config.xml"));
- this.store.useDefaultFactories();
-
- //Populate the HierarchialPolicy
- Policy policy = this.getSimplePolicy();
-
- String xacmlPolicy = policy.generateXACMLPolicy();
-
- log.info("--------------------------------------------------------------------");
- log.info(xacmlPolicy);
- log.info("--------------------------------------------------------------------");
-
- //Store this policy on the File System to use the File based Policy Module of the PDP
- FileOutputStream fos = null;
- try
- {
- fos = new FileOutputStream(new File("simple-policy.xml"));
- fos.write(xacmlPolicy.getBytes());
- fos.flush();
- }
- finally
- {
- if(fos != null)
- {
- fos.close();
- }
- }
- }
-
- protected void tearDown() throws Exception
- {
- File file = new File("simple-policy.xml");
- file.delete();
- }
-
-
- public void testSimplePolicy() throws Exception
- {
- //SetUp the PDP
- PDP pdp = new PDP(this.store.getDefaultPDPConfig());
-
- //SetUp the Authorization Request
- RequestContext requestContext = this.createPermitRequestContext();
- log.info("-----------------------------------");
- requestContext.marshall(System.out);
-
- //Process the Authorization Request
- ResponseCtx response = pdp.evaluate((RequestCtx)requestContext.get(XACMLConstants.REQUEST_CTX));
- assertNotNull(response);
- log.info("-----------------------------------");
- response.encode(System.out);
-
- //Process the Authorization Response
- ResponseContext responseContext = RequestResponseContextFactory.createResponseContext();
- responseContext.set(XACMLConstants.RESPONSE_CTX, response);
- assertNotNull(responseContext);
- assertEquals(responseContext.getDecision(), XACMLConstants.DECISION_PERMIT);
- log.info("-----------------------------------");
- log.info("Decision="+responseContext.getDecision());
- }
- //-------------------------------------------------------------------------------------------------------------------------------------------------------------
- private RequestContext createPermitRequestContext() throws Exception
- {
- //Create ObjectFactory
- ObjectFactory objectFactory = new ObjectFactory();
-
- //Create Subjects
- SubjectType subject = objectFactory.createSubjectType();
- AttributeType subjectAttribute = objectFactory.createAttributeType();
- subjectAttribute.setAttributeId(XACMLConstants.ATTRIBUTEID_ROLE);
- subjectAttribute.setDataType(XMLSchemaConstants.DATATYPE_STRING);
- AttributeValueType subjectId = objectFactory.createAttributeValueType();
- subjectId.getContent().add("developer");
- subjectAttribute.getAttributeValue().add(subjectId);
- subject.getAttribute().add(subjectAttribute);
-
- //Create Resource
- ResourceType resource = objectFactory.createResourceType();
- AttributeType resourceAttribute = objectFactory.createAttributeType();
- resourceAttribute.setAttributeId(XACMLConstants.ATTRIBUTEID_RESOURCE_ID);
- resourceAttribute.setDataType(XMLSchemaConstants.DATATYPE_STRING);
- AttributeValueType resourceId = objectFactory.createAttributeValueType();
- resourceId.getContent().add("http://www.redhat.com/protected/index.html");
- resourceAttribute.getAttributeValue().add(resourceId);
- resource.getAttribute().add(resourceAttribute);
-
- //Create Action
- ActionType action = objectFactory.createActionType();
- AttributeType actionAttribute = objectFactory.createAttributeType();
- actionAttribute.setAttributeId(XACMLConstants.ATTRIBUTEID_ACTION_ID);
- actionAttribute.setDataType(XMLSchemaConstants.DATATYPE_STRING);
- AttributeValueType actionId = objectFactory.createAttributeValueType();
- actionId.getContent().add("WRITE");
- actionAttribute.getAttributeValue().add(actionId);
- action.getAttribute().add(actionAttribute);
-
- //Create RequestContext
- RequestContext requestContext = RequestResponseContextFactory.createRequestCtx();
-
- //Create a RequestType
- RequestType requestType = objectFactory.createRequestType();
- requestType.getSubject().add(subject);
- requestType.setAction(action);
- requestType.getResource().add(resource);
-
- //Spit out RequestContext
- requestContext.setRequest(requestType);
-
- return requestContext;
- }
-
- private Policy getSimplePolicy() throws Exception
- {
- //SetUp the Policy Target
- Target target = new Target();
- AttributeExpression resourceMatch = new AttributeExpression();
- resourceMatch.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL);
- Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_RESOURCE_ID,
- XMLSchemaConstants.DATATYPE_STRING, "http://www.redhat.com/protected/index.html");
- resourceMatch.setAttribute(attribute);
- target.addResourceMatch(resourceMatch);
-
- //SetUp the Policy Rules
- Set<Rule> rules = new HashSet<Rule>();
- Rule writeRule = new Rule();
-
- writeRule.setRuleId("write");
- writeRule.setEffect(Effect.PERMIT);
-
- Target ruleTarget = new Target();
-
- AttributeExpression actionMatch = new AttributeExpression();
- actionMatch.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL);
- Attribute actionAttribute = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID,
- XMLSchemaConstants.DATATYPE_STRING, "WRITE");
- actionMatch.setAttribute(actionAttribute);
- ruleTarget.addActionMatch(actionMatch);
-
- writeRule.setTarget(ruleTarget);
-
- DroolsRuleExpression ruleExpression = new DroolsRuleExpression();
- ruleExpression.setRuleReference("WriteRuleReference");
- writeRule.setExpression(ruleExpression);
-
- rules.add(writeRule);
-
- //Populate the HierarchialPolicy
- PolicyMetaData metadata = new PolicyMetaData();
- metadata.setTarget(target);
- metadata.setRules(rules);
- HierarchialPolicy policy = new HierarchialPolicy("simpleHierarchialPolicy", metadata);
-
- return policy;
- }
-}
Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java
===================================================================
--- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java 2009-02-04 18:24:18 UTC (rev 12773)
+++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java 2009-02-04 23:12:55 UTC (rev 12774)
@@ -26,8 +26,11 @@
import org.apache.log4j.Logger;
import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.PolicyMetaData;
import org.jboss.security.authz.model.Resource;
import org.jboss.security.authz.model.Attribute;
+import org.jboss.security.authz.model.Rule;
+import org.jboss.security.authz.model.DroolsRuleExpression;
import org.jboss.security.authz.components.http.HttpResource;
import org.jboss.security.authz.policy.server.PolicyServer;
import org.jboss.security.authz.policy.server.Server;
@@ -76,8 +79,10 @@
httpResource.addParameter("param2", "param2Value");
httpResource.addAllowedRole("Admin");
- policyServer.newPolicy(httpResource.getPolicyMetaData(true));
+ PolicyMetaData policyMetaData = httpResource.getPolicyMetaData(true);
+ policyServer.newPolicy(policyMetaData);
+
//Assert Policy State of the Server
Policy[] policies = policyServer.readAllPolicies();
17 years, 2 months
- 1
- 0