JBoss Portal SVN: r13568 - in branches/Enterprise_Portal_Platform_4_3: core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/classes and 2 other directories.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2009-07-21 17:42:00 -0400 (Tue, 21 Jul 2009)
New Revision: 13568
Modified:
branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/main/org/jboss/portal/wsrp/admin/ui/ProducerBean.java
branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/classes/Resource.properties
branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/classes/Resource_fr.properties
branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/jsf/producer/producer.xhtml
branches/Enterprise_Portal_Platform_4_3/faces/src/main/org/jboss/portal/faces/gui/ManagedBean.java
Log:
JBPORTAL-2412: Validate registration policy and registration validator class names.
Modified: branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/main/org/jboss/portal/wsrp/admin/ui/ProducerBean.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/main/org/jboss/portal/wsrp/admin/ui/ProducerBean.java 2009-07-21 21:36:58 UTC (rev 13567)
+++ branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/main/org/jboss/portal/wsrp/admin/ui/ProducerBean.java 2009-07-21 21:42:00 UTC (rev 13568)
@@ -40,6 +40,7 @@
import java.util.Comparator;
import java.util.List;
import java.util.Map;
+import java.util.regex.Pattern;
/**
* @author <a href="mailto:chris.laprun@jboss.com">Chris Laprun</a>
@@ -55,6 +56,40 @@
private static final String PRODUCER = "producer";
private String selectedProp;
+ // todo: use ParameterValidation.VALID_ASCII_CLASS_NAME when available...
+ public final static Pattern VALID_ASCII_CLASS_NAME = Pattern.compile("([a-z][a-z0-9_]*\\.)*[A-Z][A-Za-z0-9_$]*");
+
+ public ProducerBean()
+ {
+ setValidator(new DefaultPropertyValidator()
+ {
+ @Override
+ public String getObjectTypeName()
+ {
+ return "CLASS_TYPE";
+ }
+
+ @Override
+ public String doSimpleChecks(String name)
+ {
+ return name;
+ }
+
+ @Override
+ public Pattern getValidationPattern()
+ {
+ return VALID_ASCII_CLASS_NAME;
+ }
+
+ @Override
+ public String getErrorMessageKey()
+ {
+ return "INVALID_CLASS_NAME_ERROR";
+ }
+ });
+
+ }
+
public ProducerConfigurationService getConfigurationService()
{
return configurationService;
@@ -110,7 +145,11 @@
public void setRegistrationPolicyClassName(String className)
{
- policyClassName = className;
+ className = checkNameValidity(className, "producer-form:registrationPolicy");
+ if (className != null)
+ {
+ policyClassName = className;
+ }
}
public boolean isDefaultRegistrationPolicy()
@@ -129,7 +168,11 @@
public void setValidatorClassName(String className)
{
- validatorClassName = className;
+ className = checkNameValidity(className, "producer-form:validator");
+ if (className != null)
+ {
+ validatorClassName = className;
+ }
}
public boolean isStrictMode()
Modified: branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/classes/Resource.properties
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/classes/Resource.properties 2009-07-21 21:36:58 UTC (rev 13567)
+++ branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/classes/Resource.properties 2009-07-21 21:42:00 UTC (rev 13568)
@@ -179,4 +179,7 @@
org.jboss.portal.object.name.admin.WSRP=WSRP
INVALID_NAME_ERROR=''{0}'' is an invalid {1} name: Cannot be null, empty or contain '/', '.', '\\', '<', '>', '(', ')', '=' or '%5c'
-DUPLICATE_ERROR=A {1} named ''{0}'' already exists!
\ No newline at end of file
+DUPLICATE_ERROR=A {1} named ''{0}'' already exists!
+
+CLASS_TYPE = class
+INVALID_CLASS_NAME_ERROR=''{0}'' is an invalid {1} name: Must be a valid ASCII class name.
\ No newline at end of file
Modified: branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/classes/Resource_fr.properties
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/classes/Resource_fr.properties 2009-07-21 21:36:58 UTC (rev 13567)
+++ branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/WEB-INF/classes/Resource_fr.properties 2009-07-21 21:42:00 UTC (rev 13568)
@@ -20,7 +20,6 @@
# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA #
# 02110-1301 USA, or see the FSF site: http://www.fsf.org. #
################################################################################
-# JBoss Portal display information
org.jboss.portal.object.name.WSRPConfigurationPortlet = Configuration WSRP
org.jboss.portal.instance.name.WSRPConfigurationPortletInstance = Portlet de Configuration pour WSRP
@@ -147,4 +146,6 @@
consumers_table_reload=Recharger consommateurs
CONSUMER_TYPE=Consommateur
DUPLICATE_ERROR=Un {1} nomm\u00e9 ''{0}'' existe d\u00e9j\u00e0!
-INVALID_NAME_ERROR=''{0}'' est un nom invalide pour un {1} : Ne peut pas \u00eatre null, vide ou contenir '/', '.', '\\', '<', '>', '(', ')', '=' ou '%5c'
\ No newline at end of file
+INVALID_NAME_ERROR=''{0}'' est un nom invalide pour un {1} : Ne peut pas \u00eatre null, vide ou contenir '/', '.', '\\', '<', '>', '(', ')', '=' ou '%5c'
+CLASS_TYPE=classe
+INVALID_CLASS_NAME_ERROR=''{0}'' est un nom invalid pour une {1}: Doit \u00eatre un nom de classe ASCII valide!
\ No newline at end of file
Modified: branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/jsf/producer/producer.xhtml
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/jsf/producer/producer.xhtml 2009-07-21 21:36:58 UTC (rev 13567)
+++ branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/jsf/producer/producer.xhtml 2009-07-21 21:42:00 UTC (rev 13568)
@@ -33,6 +33,7 @@
<h:panelGrid columns="2" width="100%">
<h:selectBooleanCheckbox id="cons-reg-req-check" value="#{producer.registrationRequiredForFullDescription}"/>
<h:outputText value="#{i18n.producer_config_sd_requires_reg}"/>
+
<h:selectBooleanCheckbox value="#{producer.strictMode}"/>
<h:outputText value="#{i18n.producer_config_strict}"/>
@@ -43,14 +44,16 @@
<h:outputText value=" " rendered="#{producer.registrationRequired}"/>
<h:panelGroup rendered="#{producer.registrationRequired}">
- <h:panelGrid columns="2" width="100%">
+ <h:panelGrid columns="3" width="95%">
<h:outputLabel value="#{i18n.producer_config_reg_policy}" for="registrationPolicy"/>
<h:inputText id="registrationPolicy" value="#{producer.registrationPolicyClassName}" size="80"/>
+ <h:message styleClass="portlet-msg-error" for="registrationPolicy"/>
<h:outputLabel value="#{i18n.producer_config_reg_prop_validator}" for="validator"
rendered="#{producer.defaultRegistrationPolicy}"/>
<h:inputText id="validator" value="#{producer.validatorClassName}" size="80"
rendered="#{producer.defaultRegistrationPolicy}"/>
+ <h:message styleClass="portlet-msg-error" for="validator"/>
</h:panelGrid>
</h:panelGroup>
@@ -61,7 +64,7 @@
<h:panelGroup styleClass="portlet-area-body">
<c:choose>
<c:when test="#{!empty producer.registrationProperties}">
- <h:dataTable id="reg-properties" var="property" width="100%"
+ <h:dataTable id="reg-properties" var="property" width="95%"
value="#{producer.registrationProperties}"
rendered="#{producer.registrationRequired}"
headerClass="portlet-section-header">
Modified: branches/Enterprise_Portal_Platform_4_3/faces/src/main/org/jboss/portal/faces/gui/ManagedBean.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/faces/src/main/org/jboss/portal/faces/gui/ManagedBean.java 2009-07-21 21:36:58 UTC (rev 13567)
+++ branches/Enterprise_Portal_Platform_4_3/faces/src/main/org/jboss/portal/faces/gui/ManagedBean.java 2009-07-21 21:42:00 UTC (rev 13568)
@@ -91,17 +91,18 @@
else
{
String original = name;
- name = validator.doSimpleChecks(name);
+ // Trim name
+ name = name.trim();
+
// we got an invalid name after simple checks, fail!
+ name = validator.doSimpleChecks(name);
if (name == null)
{
beanContext.createTargetedErrorMessage(targetForErrorMessage, validator.getErrorMessageKey(), original, getLocalizedType(objectTypeName));
return null;
}
- // Trim name
- name = name.trim();
// "sanitize" name: if it's invalid, return null and output message
name = ParameterValidation.sanitizeFromPatternWithHandler(name, validator.getValidationPattern(),
16 years, 9 months
- 1
- 0
JBoss Portal SVN: r13567 - in branches/Enterprise_Portal_Platform_4_3/core-wsrp/src: resources/portal-wsrp-admin-war/jsf/common and 1 other directory.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2009-07-21 17:36:58 -0400 (Tue, 21 Jul 2009)
New Revision: 13567
Modified:
branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/main/org/jboss/portal/wsrp/admin/ui/ConsumerManagerBean.java
branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/jsf/common/template.xhtml
Log:
JBPORTAL-2410: Use h:message instead of h:messages for error reporting (need to test more that this doesn't have unexpected side-effects since I've seen some already)
Modified: branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/main/org/jboss/portal/wsrp/admin/ui/ConsumerManagerBean.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/main/org/jboss/portal/wsrp/admin/ui/ConsumerManagerBean.java 2009-07-21 21:34:46 UTC (rev 13566)
+++ branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/main/org/jboss/portal/wsrp/admin/ui/ConsumerManagerBean.java 2009-07-21 21:36:58 UTC (rev 13567)
@@ -229,7 +229,11 @@
{
if (refreshConsumerId() != null)
{
- internalRefresh(getSelectedConsumer());
+ RefreshResult refreshResult = internalRefresh(getSelectedConsumer());
+ if (refreshResult == null)
+ {
+ return null;
+ }
return configureConsumer();
}
Modified: branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/jsf/common/template.xhtml
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/jsf/common/template.xhtml 2009-07-21 21:34:46 UTC (rev 13566)
+++ branches/Enterprise_Portal_Platform_4_3/core-wsrp/src/resources/portal-wsrp-admin-war/jsf/common/template.xhtml 2009-07-21 21:36:58 UTC (rev 13567)
@@ -1,3 +1,26 @@
+<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2009, Red Hat Middleware, LLC, and individual
+ ~ contributors as indicated by the @authors tag. See the
+ ~ copyright.txt in the distribution for a full listing of
+ ~ individual contributors.
+ ~
+ ~ This is free software; you can redistribute it and/or modify it
+ ~ under the terms of the GNU Lesser General Public License as
+ ~ published by the Free Software Foundation; either version 2.1 of
+ ~ the License, or (at your option) any later version.
+ ~
+ ~ This software is distributed in the hope that it will be useful,
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ ~ Lesser General Public License for more details.
+ ~
+ ~ You should have received a copy of the GNU Lesser General Public
+ ~ License along with this software; if not, write to the Free
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
+
<ui:composition xmlns="http://www.w3.org/1999/xhtml" xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core" xmlns:c="http://java.sun.com/jstl/core"
xmlns:ui="http://java.sun.com/jsf/facelets">
@@ -2,2 +25,3 @@
<f:loadBundle basename="Resource" var="i18n"/>
+
<div class="wsrp-consumers-ui">
@@ -11,18 +35,18 @@
<ui:insert name="objectpath">Object path if needed</ui:insert>
<div class="wsrp-content-container">
- <c:if test="#{!empty title}">
- <h3 class="sectionTitle">${title}</h3>
- </c:if>
+ <c:if test="#{!empty title}">
+ <h3 class="sectionTitle">${title}</h3>
+ </c:if>
- <!-- Status message -->
- <h:messages id="status" for="status" infoClass="portlet-msg-success" errorClass="portlet-msg-error"
- fatalClass="portlet-msg-error" warnClass="portlet-msg-alert"/>
+ <!-- Status message -->
+ <h:message id="status" for="status" infoClass="portlet-msg-success" errorClass="portlet-msg-error"
+ fatalClass="portlet-msg-error" warnClass="portlet-msg-alert"/>
- <!-- Content -->
- <ui:insert name="content">Content</ui:insert>
+ <!-- Content -->
+ <ui:insert name="content">Content</ui:insert>
</div>
-
+
</div>
</div>
</ui:composition>
\ No newline at end of file
16 years, 9 months
- 1
- 0
JBoss Portal SVN: r13566 - branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2009-07-21 17:34:46 -0400 (Tue, 21 Jul 2009)
New Revision: 13566
Modified:
branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PortalObjectManagerBean.java
Log:
- JBPORTAL-2409: Properly use the correct constructors (somehow this didn't make it in the last commit)
--This line, and those below, will be 5ignored--
M core-admin/src/main/org/jboss/portal/core/admin/ui/PortalObjectManagerBean.java
Modified: branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PortalObjectManagerBean.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PortalObjectManagerBean.java 2009-07-21 21:32:15 UTC (rev 13565)
+++ branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PortalObjectManagerBean.java 2009-07-21 21:34:46 UTC (rev 13566)
@@ -674,10 +674,8 @@
}
//
- selectedProperties = new PropertiesBean(this);
- selectedProperties.setBeanContext(beanContext);
- controlProperties = new ControlPropertiesBean(this);
- controlProperties.setBeanContext(beanContext);
+ selectedProperties = new PropertiesBean(this, beanContext);
+ controlProperties = new ControlPropertiesBean(this, beanContext);
propertyAction = new PropertyAction(this);
propertyAction.setBeanContext(beanContext);
16 years, 9 months
- 1
- 0
JBoss Portal SVN: r13565 - in branches/Enterprise_Portal_Platform_4_3: core-admin/src/main/org/jboss/portal/core/admin/ui/actions and 2 other directories.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2009-07-21 17:32:15 -0400 (Tue, 21 Jul 2009)
New Revision: 13565
Modified:
branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/ControlPropertiesBean.java
branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/ControlPropertyBean.java
branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertiesBean.java
branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertyBean.java
branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertyBeanContainer.java
branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/actions/PropertyAction.java
branches/Enterprise_Portal_Platform_4_3/core-admin/src/resources/portal-admin-war/WEB-INF/classes/Resource.properties
branches/Enterprise_Portal_Platform_4_3/faces/src/main/org/jboss/portal/faces/gui/ManagedBean.java
Log:
- JBPORTAL-2409:
+ Properly inject bean context in PropertyBean and subclasses.
+ ManagedBean.PropertyValidator can now provide error message key to checkNameValidity for better error reporting.
Modified: branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/ControlPropertiesBean.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/ControlPropertiesBean.java 2009-07-21 15:30:57 UTC (rev 13564)
+++ branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/ControlPropertiesBean.java 2009-07-21 21:32:15 UTC (rev 13565)
@@ -28,6 +28,7 @@
import org.jboss.portal.common.i18n.SimpleResourceBundleFactory;
import org.jboss.portal.core.model.portal.PortalObject;
import org.jboss.portal.core.model.portal.control.ControlConstants;
+import org.jboss.portal.faces.gui.BeanContext;
import javax.faces.context.FacesContext;
import javax.faces.model.SelectItem;
@@ -62,8 +63,10 @@
private static LocalizedString REDIRECT_TO_THE_SPECIFIED_RESOURCE = null;
private static LocalizedString REMOVE_THE_RESOURCE_FROM_PAGE = null;
- public ControlPropertiesBean(PortalObjectManagerBean pomgr)
+ public ControlPropertiesBean(PortalObjectManagerBean pomgr, BeanContext beanContext)
{
+ super(beanContext);
+
this.pomgr = pomgr;
ResourceBundleManager rbm = new ResourceBundleManager(null, new SimpleResourceBundleFactory(BUNDLE_BASE_NAME, PropertiesInfoBuilder.class.getClassLoader()));
Modified: branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/ControlPropertyBean.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/ControlPropertyBean.java 2009-07-21 15:30:57 UTC (rev 13564)
+++ branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/ControlPropertyBean.java 2009-07-21 21:32:15 UTC (rev 13565)
@@ -24,7 +24,6 @@
package org.jboss.portal.core.admin.ui;
import org.jboss.portal.core.model.portal.PortalObject;
-import org.jboss.portal.common.util.ParameterValidation;
import org.jboss.portal.faces.gui.ManagedBean;
import javax.faces.event.ValueChangeEvent;
@@ -55,9 +54,9 @@
}
@Override
- public ParameterValidation.ValidationErrorHandler getValidationErrorHandler(String name, String targetForErrorMessage)
+ public String getErrorMessageKey()
{
- return new MessageValidationHandler(null, targetForErrorMessage, name, getObjectTypeName(), ManagedBean.INVALID_PATH);
+ return ManagedBean.INVALID_PATH;
}
});
}
Modified: branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertiesBean.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertiesBean.java 2009-07-21 15:30:57 UTC (rev 13564)
+++ branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertiesBean.java 2009-07-21 21:32:15 UTC (rev 13565)
@@ -1,6 +1,6 @@
/******************************************************************************
* JBoss, a division of Red Hat *
- * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * Copyright 2009, Red Hat Middleware, LLC, and individual *
* contributors as indicated by the @authors tag. See the *
* copyright.txt in the distribution for a full listing of *
* individual contributors. *
@@ -24,6 +24,7 @@
import org.jboss.portal.core.admin.ui.actions.PropertyAction;
import org.jboss.portal.core.model.portal.PortalObject;
+import org.jboss.portal.faces.gui.BeanContext;
import javax.faces.context.FacesContext;
import javax.faces.model.DataModel;
@@ -63,8 +64,10 @@
/** . */
private String propertyActionRef;
- public PropertiesBean(PortalObjectManagerBean pomgr)
+ public PropertiesBean(PortalObjectManagerBean pomgr, BeanContext beanContext)
{
+ super(beanContext);
+
// Get the selected object
PortalObject selectedObject = pomgr.getSelectedObject();
@@ -147,7 +150,7 @@
// Add only property user can change state
if (propertyInfo.getScope() == PropertyInfo.PUBLIC_SCOPE && propertyInfo.getAccessMode() == PropertyInfo.READ_WRITE_ACCESS_MODE && !PropertiesInfo.isControlProperty(propertyName))
{
- Locale locale = FacesContext.getCurrentInstance().getExternalContext(). getRequestLocale();
+ Locale locale = FacesContext.getCurrentInstance().getExternalContext().getRequestLocale();
items.add(new SelectItem(propertyInfo.getName(), propertyInfo.getDisplayName().getString(locale, true), propertyInfo.getDescription().getDefaultString()));
}
}
Modified: branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertyBean.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertyBean.java 2009-07-21 15:30:57 UTC (rev 13564)
+++ branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertyBean.java 2009-07-21 21:32:15 UTC (rev 13565)
@@ -20,8 +20,10 @@
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
* 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
******************************************************************************/
+
package org.jboss.portal.core.admin.ui;
+import org.jboss.portal.common.util.ParameterValidation;
import org.jboss.portal.core.model.portal.PortalObject;
import org.jboss.portal.faces.gui.ManagedBean;
@@ -58,6 +60,21 @@
this.inherited = inherited;
this.inheritable = inheritable;
this.value = value;
+ setBeanContext(container.getBeanContext());
+ setValidator(new DefaultPropertyValidator()
+ {
+ @Override
+ public String doSimpleChecks(String name)
+ {
+ return name; // no-op as we want to allow / and . in paths
+ }
+
+ @Override
+ public String getErrorMessageKey()
+ {
+ return ManagedBean.INVALID_VALUE;
+ }
+ });
}
public boolean isInheritable()
@@ -104,8 +121,13 @@
public void setValue(Object value)
{
- // it's currently quite difficult to retrieve the correct target for error messages, send them to "status"
- String propertyValue = checkNameValidity(value.toString(), null);
+ String propertyValue = value.toString();
+ if (!ParameterValidation.isNullOrEmpty(propertyValue))
+ {
+ // it's currently quite difficult to retrieve the correct target for error messages, send them to "status"
+ propertyValue = checkNameValidity(propertyValue, null);
+ }
+
if (propertyValue != null)
{
this.value = propertyValue;
Modified: branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertyBeanContainer.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertyBeanContainer.java 2009-07-21 15:30:57 UTC (rev 13564)
+++ branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/PropertyBeanContainer.java 2009-07-21 21:32:15 UTC (rev 13565)
@@ -20,6 +20,7 @@
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
* 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
******************************************************************************/
+
package org.jboss.portal.core.admin.ui;
import org.jboss.portal.core.model.portal.PortalObject;
@@ -33,6 +34,11 @@
{
private BeanContext beanContext;
+ protected PropertyBeanContainer(BeanContext beanContext)
+ {
+ this.beanContext = beanContext;
+ }
+
public BeanContext getBeanContext()
{
return beanContext;
Modified: branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/actions/PropertyAction.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/actions/PropertyAction.java 2009-07-21 15:30:57 UTC (rev 13564)
+++ branches/Enterprise_Portal_Platform_4_3/core-admin/src/main/org/jboss/portal/core/admin/ui/actions/PropertyAction.java 2009-07-21 21:32:15 UTC (rev 13565)
@@ -26,7 +26,6 @@
import org.jboss.portal.core.admin.ui.PortalObjectManagerBean;
import org.jboss.portal.core.impl.model.portal.PortalObjectImpl;
import org.jboss.portal.faces.gui.ManagedBean;
-import org.jboss.portal.common.util.ParameterValidation;
/**
* @author <a href="mailto:boleslaw dot dawidowicz at jboss.org">Boleslaw Dawidowicz</a>
@@ -86,13 +85,7 @@
public void updateProperty()
{
- String propertyName = "";
-
- //This particular property can be null and still be valid
- if(!ParameterValidation.isNullOrEmpty(otherPropertyName)){
- propertyName = checkNameValidity(otherPropertyName, "common-edit-prop-form:property");
- }
-
+ String propertyName = checkNameValidity(otherPropertyName, "common-edit-prop-form:property");
if (propertyName != null)
{
if (propertyName.length() == 0 && selectedProperty != null)
Modified: branches/Enterprise_Portal_Platform_4_3/core-admin/src/resources/portal-admin-war/WEB-INF/classes/Resource.properties
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/core-admin/src/resources/portal-admin-war/WEB-INF/classes/Resource.properties 2009-07-21 15:30:57 UTC (rev 13564)
+++ branches/Enterprise_Portal_Platform_4_3/core-admin/src/resources/portal-admin-war/WEB-INF/classes/Resource.properties 2009-07-21 21:32:15 UTC (rev 13565)
@@ -327,6 +327,7 @@
INVALID_NAME_ERROR=''{0}'' is an invalid {1} name: Cannot be null, empty or contain '/', '.', '\\', '<', '>', '(', ')', '=' or '%5c'
INVALID_PATH_ERROR=''{0}'' is an invalid {1} path: Cannot be null, empty or contain '\\', '<', '>', '(', ')', '=' or '%5c'
+INVALID_VALUE_ERROR=''{0}'' is an invalid {1} value: Cannot be contain '\\', '<', '>', '(', ')', '=' or '%5c'
NO_SELECTED_PORTLET_ERROR=No portlet was selected!
DUPLICATE_ERROR=A {1} named ''{0}'' already exists!
bean_support_unexpected_error=Unexpected error:
Modified: branches/Enterprise_Portal_Platform_4_3/faces/src/main/org/jboss/portal/faces/gui/ManagedBean.java
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/faces/src/main/org/jboss/portal/faces/gui/ManagedBean.java 2009-07-21 15:30:57 UTC (rev 13564)
+++ branches/Enterprise_Portal_Platform_4_3/faces/src/main/org/jboss/portal/faces/gui/ManagedBean.java 2009-07-21 21:32:15 UTC (rev 13565)
@@ -42,6 +42,7 @@
public static final String INVALID_NAME = "INVALID_NAME_ERROR";
public static final String INVALID_PATH = "INVALID_PATH_ERROR";
public static final String DUPLICATE = "DUPLICATE_ERROR";
+ public static final String INVALID_VALUE = "INVALID_VALUE_ERROR";
public static interface PropertyValidator
{
@@ -56,6 +57,8 @@
ParameterValidation.ValidationErrorHandler getValidationErrorHandler(String name, String targetForErrorMessage);
Pattern getValidationPattern();
+
+ String getErrorMessageKey();
}
private PropertyValidator validator = new DefaultPropertyValidator();
@@ -82,7 +85,7 @@
String objectTypeName = validator.getObjectTypeName();
if (ParameterValidation.isNullOrEmpty(name))
{
- beanContext.createTargetedErrorMessage(targetForErrorMessage, INVALID_NAME, name, getLocalizedType(objectTypeName));
+ beanContext.createTargetedErrorMessage(targetForErrorMessage, validator.getErrorMessageKey(), name, getLocalizedType(objectTypeName));
return null;
}
else
@@ -93,7 +96,7 @@
// we got an invalid name after simple checks, fail!
if (name == null)
{
- beanContext.createTargetedErrorMessage(targetForErrorMessage, INVALID_NAME, original, getLocalizedType(objectTypeName));
+ beanContext.createTargetedErrorMessage(targetForErrorMessage, validator.getErrorMessageKey(), original, getLocalizedType(objectTypeName));
return null;
}
@@ -229,12 +232,17 @@
public ParameterValidation.ValidationErrorHandler getValidationErrorHandler(String name, String targetForErrorMessage)
{
- return new MessageValidationHandler(null, targetForErrorMessage, name, getObjectTypeName());
+ return new MessageValidationHandler(null, targetForErrorMessage, name, getObjectTypeName(), getErrorMessageKey());
}
public Pattern getValidationPattern()
{
return ParameterValidation.XSS_CHECK;
}
+
+ public String getErrorMessageKey()
+ {
+ return INVALID_NAME;
+ }
}
}
16 years, 9 months
- 1
- 0
JBoss Portal SVN: r13554 - in modules/authorization/trunk/agent: src/main/java/org/jboss/security/authz/agent/enforcement and 2 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-14 16:33:01 -0400 (Tue, 14 Jul 2009)
New Revision: 13554
Removed:
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java
Modified:
modules/authorization/trunk/agent/pom.xml
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java
modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/MockPolicy.java
Log:
adapting the testsuite to the new framework
Modified: modules/authorization/trunk/agent/pom.xml
===================================================================
--- modules/authorization/trunk/agent/pom.xml 2009-07-14 14:00:19 UTC (rev 13553)
+++ modules/authorization/trunk/agent/pom.xml 2009-07-14 20:33:01 UTC (rev 13554)
@@ -33,6 +33,25 @@
<dependency>
<groupId>org.jboss.security</groupId>
<artifactId>jboss-xacml</artifactId>
- </dependency>
+ </dependency>
+
+ <!-- test dependencies -->
+ <!-- jboss microcontainer -->
+ <dependency>
+ <groupId>org.jboss.microcontainer</groupId>
+ <artifactId>jboss-kernel</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <!-- Drools -->
+ <dependency>
+ <groupId>org.drools</groupId>
+ <artifactId>drools-core</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.drools</groupId>
+ <artifactId>drools-compiler</artifactId>
+ <scope>test</scope>
+ </dependency>
</dependencies>
</project>
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java 2009-07-14 14:00:19 UTC (rev 13553)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/EnforcementContext.java 2009-07-14 20:33:01 UTC (rev 13554)
@@ -32,6 +32,7 @@
public class EnforcementContext implements Serializable
{
private Map<String, Object> attributes;
+ private boolean activateHierarchialEnforcement;
public EnforcementContext()
{
@@ -67,4 +68,14 @@
{
this.attributes.clear();
}
+
+ public boolean isActivateHierarchialEnforcement()
+ {
+ return activateHierarchialEnforcement;
+ }
+
+ public void activateHierarchialEnforcement()
+ {
+ this.activateHierarchialEnforcement = true;
+ }
}
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java 2009-07-14 14:00:19 UTC (rev 13553)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/enforcement/LocalEnforcementPoint.java 2009-07-14 20:33:01 UTC (rev 13554)
@@ -153,6 +153,11 @@
}
}
+ if(enforcementContext.isActivateHierarchialEnforcement())
+ {
+ request.setActivateHierarchialEnforcement(true);
+ }
+
return request;
}
}
Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java 2009-07-14 14:00:19 UTC (rev 13553)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestHierarchialPropagation.java 2009-07-14 20:33:01 UTC (rev 13554)
@@ -26,20 +26,24 @@
import junit.framework.TestCase;
import org.apache.log4j.Logger;
-import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.model.PolicyMetaData;
-import org.jboss.security.authz.model.Resource;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
import org.jboss.security.authz.bootstrap.ServiceContainer;
-import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.resource.URIResource;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.components.action.Read;
+import org.jboss.security.authz.model.Effect;
+import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.model.PolicyMetaData;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+
+import org.jboss.security.authz.agent.services.CompositionContext;
+import org.jboss.security.authz.agent.services.PolicyComposer;
+
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*/
@@ -47,104 +51,142 @@
{
private static Logger log = Logger.getLogger(TestHierarchialPropagation.class);
+ private PolicyComposer policyComposer;
private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
+ private PolicyProvisioner provisioner;
+
public void setUp() throws Exception
{
- ServiceContainer.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
public void tearDown() throws Exception
{
}
- //TODO: Rewrite these tests with the new Developer Framework
- /*public void testExplicitPermit() throws Exception
+ public void testExplicitPermit() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2/index.html"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
+ resource.setUri(new URI("/root/level1/level2/index.html"));
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Read action = new Read();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
+ this.assertServerState();
+
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
//Perform enforcement
- this.enforce(this.createRequest(contextResource), true);
+ this.enforce(this.createEnforcementContext(contextResource, action), true);
}
public void testExplicitDeny() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2/index.html"));
- resource.setOperation(new Read());
- resource.addDenied("user");
+ resource.setUri(new URI("/root/level1/level2/index.html"));
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Read action = new Read();
+
+ Roles deniedRoles = new Roles();
+ deniedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.DENY, action, deniedRoles, "denyExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
this.assertServerState();
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
//Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
+ this.enforce(this.createEnforcementContext(contextResource, action), false);
}
public void testPermitInheritance() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
+ resource.setUri(new URI("/root/level1"));
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Read action = new Read();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
+ this.assertServerState();
+
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
//Perform enforcement
- this.enforce(this.createRequest(contextResource), true);
+ this.enforce(this.createEnforcementContext(contextResource, action), true);
}
public void testDenyInheritance() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Read());
- resource.addDenied("user");
+ resource.setUri(new URI("/root/level1"));
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Read action = new Read();
+ Roles deniedRoles = new Roles();
+ deniedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.DENY, action, deniedRoles, "denyExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
+ this.assertServerState();
+
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
//Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
+ this.enforce(this.createEnforcementContext(contextResource, action), false);
}
public void testDenyOverridesPermitInheritance() throws Exception
@@ -152,81 +194,77 @@
//SetUp Permit policy
URIResource resource = new URIResource();
resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Read action = new Read();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
//Setup denied policy
resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2"));
- resource.setOperation(new Read());
- resource.addDenied("user");
+ resource.setUri(new URI("/root/level1/level2"));
- //Provision the new policy
- metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Roles deniedRoles = new Roles();
+ deniedRoles.addName("user");
+ //Setup the Context for the Composition with these components
+ context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.DENY, action, deniedRoles, "denyExpression");
+
+ //Store the policy into the Policy Server
+ policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
//Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
+ this.enforce(this.createEnforcementContext(contextResource, action), false);
}
public void testNotApplicable() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/root2"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
+ resource.setUri(new URI("/root2"));
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Read action = new Read();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
- contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
+ contextResource.setUri(new URI("/root/level1/level2/index.html"));
//Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
+ this.enforce(this.createEnforcementContext(contextResource, action), false);
}
//------------------------------------------------------------------------------------------------------------------------------------------------------
- private Request createRequest(URIResource uriResource) throws Exception
- {
- //Create a RequestType
- Request request = new Request();
-
- //Enable Hierarchial Enforcement
- request.setActivateHierarchialEnforcement(true);
-
- //Create Resource
- Resource urlResource = uriResource.getResource();
- request.addResource(urlResource);
-
- //Create Subjects
- Roles roles = new Roles();
- roles.addName("user");
- request.addSubject(roles.getSubject());
-
- //Create Action
- request.setAction(uriResource.getOperation().getAction());
-
- return request;
- }
-
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
+ private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted) throws Exception
+ {
+ EnforcementResponse response = this.enforcer.checkAccess(enforcementContext);
- Response response = this.enforcer.checkAccess(request);
-
assertNotNull(response);
log.info("-----------------------------------");
log.info("Decision="+response.getMessage());
@@ -241,6 +279,29 @@
}
}
+ private EnforcementContext createEnforcementContext(URIResource protectedResource, Read action) throws Exception
+ {
+ // Create an EnforcementContext
+ EnforcementContext context = new EnforcementContext();
+
+ // Enable Hierarchial Enforcement
+ context.activateHierarchialEnforcement();
+
+ // Create Resource
+ context.setAttribute("uri-resource", protectedResource);
+
+ // Create Subjects
+ Roles roles = new Roles();
+ roles.addName("user");
+ context.setAttribute("roles", roles);
+
+ // Create Action
+ context.setAttribute("action", action);
+
+ return context;
+ }
+
+
private void assertServerState() throws Exception
{
//Assert Policy State of the Server
@@ -249,5 +310,5 @@
assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
log.info("------------------------------------------------------------------------------");
log.info(policies[0].generateSystemPolicy());
- }*/
+ }
}
Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java 2009-07-14 14:00:19 UTC (rev 13553)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliedActions.java 2009-07-14 20:33:01 UTC (rev 13554)
@@ -26,15 +26,12 @@
import junit.framework.TestCase;
import org.apache.log4j.Logger;
+import org.jboss.security.authz.bootstrap.ServiceContainer;
+
+import org.jboss.security.authz.model.Effect;
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
-import org.jboss.security.authz.model.Resource;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.bootstrap.ServiceContainer;
-import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.resource.URIResource;
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.components.action.Operation;
@@ -42,7 +39,14 @@
import org.jboss.security.authz.components.action.Write;
import org.jboss.security.authz.components.action.Manage;
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.services.CompositionContext;
+import org.jboss.security.authz.agent.services.PolicyComposer;
+
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*/
@@ -50,100 +54,106 @@
{
private static Logger log = Logger.getLogger(TestImpliedActions.class);
+ private PolicyComposer policyComposer;
private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
+ private PolicyProvisioner provisioner;
+
public void setUp() throws Exception
{
- ServiceContainer.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
public void tearDown() throws Exception
{
}
- //TODO: Rewrite these tests with the new Developer Framework
- /*public void testReadImpliedWithWrite() throws Exception
+ public void testReadImpliedWithWrite() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/blah/index.html"));
- resource.setOperation(new Write());
- resource.addAllowed("user");
+ resource.setUri(new URI("/blah/index.html"));
-
- PolicyMetaData metadata = resource.getPolicyMetaData();
-
- this.provisioner.newPolicy(metadata);
+ Write action = new Write();
+
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
this.assertServerState();
//Go ahead and produce a RequestContext for a "Permit" Enforcement
- this.enforce(this.createRequest(resource, new Read()), true);
+ this.enforce(this.createEnforcementContext(resource, new Read()), true);
}
public void testWriteImpliedWithManage() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/blah/index.html"));
- resource.setOperation(new Manage());
- resource.addAllowed("user");
+ resource.setUri(new URI("/blah/index.html"));
-
- PolicyMetaData metadata = resource.getPolicyMetaData();
-
- this.provisioner.newPolicy(metadata);
+ Manage action = new Manage();
+
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
this.assertServerState();
//Go ahead and produce a RequestContext for a "Permit" Enforcement
- this.enforce(this.createRequest(resource, new Write()), true);
+ this.enforce(this.createEnforcementContext(resource, new Write()), true);
}
public void testWriteNotImpliedWithRead() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/blah/index.html"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
+ resource.setUri(new URI("/blah/index.html"));
-
- PolicyMetaData metadata = resource.getPolicyMetaData();
-
- this.provisioner.newPolicy(metadata);
+ Read action = new Read();
+
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
this.assertServerState();
//Go ahead and produce a RequestContext for a "Deny" Enforcement
- this.enforce(this.createRequest(resource, new Write()), false);
+ this.enforce(this.createEnforcementContext(resource, new Write()), false);
}
//------------------------------------------------------------------------------------------------------------------------------------------------------
- private Request createRequest(URIResource uriResource, Operation operation) throws Exception
- {
- //Create a RequestType
- Request request = new Request();
-
- //Create Resource
- Resource urlResource = uriResource.getResource();
- request.addResource(urlResource);
-
- //Create Subjects
- Roles roles = new Roles();
- roles.addName("user");
- request.addSubject(roles.getSubject());
-
- //Create Action
- request.setAction(operation.getAction());
-
- return request;
- }
-
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
+ private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted) throws Exception
+ {
+ EnforcementResponse response = this.enforcer.checkAccess(enforcementContext);
- Response response = this.enforcer.checkAccess(request);
-
assertNotNull(response);
log.info("-----------------------------------");
log.info("Decision="+response.getMessage());
@@ -158,6 +168,25 @@
}
}
+ private EnforcementContext createEnforcementContext(URIResource uriResource, Operation operation) throws Exception
+ {
+ //Create an EnforcementContext
+ EnforcementContext context = new EnforcementContext();
+
+ //Create Resource
+ context.setAttribute("uri-resource", uriResource);
+
+ //Create Subjects
+ Roles roles = new Roles();
+ roles.addName("user");
+ context.setAttribute("roles", roles);
+
+ //Create Action
+ context.setAttribute("action", operation);
+
+ return context;
+ }
+
private void assertServerState() throws Exception
{
//Assert Policy State of the Server
@@ -166,5 +195,5 @@
assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
log.info("------------------------------------------------------------------------------");
log.info(policies[0].generateSystemPolicy());
- }*/
+ }
}
Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java 2009-07-14 14:00:19 UTC (rev 13553)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestImpliesHierarchialPropagation.java 2009-07-14 20:33:01 UTC (rev 13554)
@@ -26,17 +26,20 @@
import junit.framework.TestCase;
import org.apache.log4j.Logger;
+import org.jboss.security.authz.model.Effect;
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
-import org.jboss.security.authz.model.Resource;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.services.CompositionContext;
+import org.jboss.security.authz.agent.services.PolicyComposer;
import org.jboss.security.authz.components.resource.URIResource;
import org.jboss.security.authz.components.subject.Roles;
+import org.jboss.security.authz.components.action.Operation;
import org.jboss.security.authz.components.action.Read;
import org.jboss.security.authz.components.action.Write;
import org.jboss.security.authz.components.action.Manage;
@@ -49,61 +52,82 @@
{
private static Logger log = Logger.getLogger(TestImpliesHierarchialPropagation.class);
+ private PolicyComposer policyComposer;
private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
+ private PolicyProvisioner provisioner;
+
public void setUp() throws Exception
{
- ServiceContainer.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
public void tearDown() throws Exception
{
}
- //TODO: Rewrite these tests with the new Developer Framework
- /*public void testExplicitPermitReadImpliedWithWrite() throws Exception
+ public void testExplicitPermitReadImpliedWithWrite() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2/index.html"));
- resource.setOperation(new Write());
- resource.addAllowed("user");
+ resource.setUri(new URI("/root/level1/level2/index.html"));
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Write action = new Write();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
+ this.assertServerState();
+
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Read());
//Perform enforcement
- this.enforce(this.createRequest(contextResource), true);
+ this.enforce(this.createEnforcementContext(contextResource, new Read()), true);
}
public void testExplicitDenyWriteNotImpliedWithRead() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2/index.html"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
+ resource.setUri(new URI("/root/level1/level2/index.html"));
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Read action = new Read();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
+ this.assertServerState();
+
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Write());
//Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
+ this.enforce(this.createEnforcementContext(contextResource, new Write()), false);
}
public void testPermitInheritanceWriteImpliedWithManage() throws Exception
@@ -111,41 +135,59 @@
//SetUp Resource
URIResource resource = new URIResource();
resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Manage());
- resource.addAllowed("user");
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Manage action = new Manage();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
+ this.assertServerState();
+
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Write());
//Perform enforcement
- this.enforce(this.createRequest(contextResource), true);
+ this.enforce(this.createEnforcementContext(contextResource, new Write()), true);
}
public void testDenyInheritanceManageNotImpliedWithWrite() throws Exception
{
//SetUp Resource
URIResource resource = new URIResource();
- resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Write());
- resource.addAllowed("user");
+ resource.setUri(new URI("/root/level1"));
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Write action = new Write();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
+ this.assertServerState();
+
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Manage());
//Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
+ this.enforce(this.createEnforcementContext(contextResource, new Manage()), false);
}
public void testDenyOverridesPermitInheritance() throws Exception
@@ -153,61 +195,50 @@
//SetUp Permit policy...User can write to level1
URIResource resource = new URIResource();
resource.setUri(new URI("/root/level1"));
- resource.setOperation(new Write());
- resource.addAllowed("user");
- //Provision the new policy
- PolicyMetaData metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Write action = new Write();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("user");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, action, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
//Setup denied policy....User can only read level2
resource = new URIResource();
- resource.setUri(new URI("/root/level1/level2"));
- resource.setOperation(new Read());
- resource.addAllowed("user");
+ resource.setUri(new URI("/root/level1/level2"));
- //Provision the new policy
- metadata = resource.getPolicyMetaData();
- this.provisioner.newPolicy(metadata);
+ Read read = new Read();
+
+ //Setup the Context for the Composition with these components
+ context = new CompositionContext();
+ context.setPolicyTarget(resource);
+ context.addPolicyRule(Effect.PERMIT, read, allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
//Go ahead and produce a RequestContext for a "Permit" Enforcement
//Trying to "Write" to level2 should be Denied
URIResource contextResource = new URIResource();
contextResource.setUri(new URI("/root/level1/level2/index.html"));
- contextResource.setOperation(new Write());
//Perform enforcement
- this.enforce(this.createRequest(contextResource), false);
- }
+ this.enforce(this.createEnforcementContext(contextResource, new Write()), false);
+ }
//------------------------------------------------------------------------------------------------------------------------------------------------------
- private Request createRequest(URIResource uriResource) throws Exception
- {
- //Create a RequestType
- Request request = new Request();
-
- //Enable Hierarchial Enforcement
- request.setActivateHierarchialEnforcement(true);
-
- //Create Resource
- Resource urlResource = uriResource.getResource();
- request.addResource(urlResource);
-
- //Create Subjects
- Roles roles = new Roles();
- roles.addName("user");
- request.addSubject(roles.getSubject());
-
- //Create Action
- request.setAction(uriResource.getOperation().getAction());
-
- return request;
- }
-
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
+ private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted) throws Exception
+ {
+ EnforcementResponse response = this.enforcer.checkAccess(enforcementContext);
- Response response = this.enforcer.checkAccess(request);
-
assertNotNull(response);
log.info("-----------------------------------");
log.info("Decision="+response.getMessage());
@@ -222,6 +253,28 @@
}
}
+ private EnforcementContext createEnforcementContext(URIResource uriResource, Operation action) throws Exception
+ {
+ //Create a EnforcementContext
+ EnforcementContext context = new EnforcementContext();
+
+ //Enable Hierarchial Enforcement
+ context.activateHierarchialEnforcement();
+
+ //Create Resource
+ context.setAttribute("uri-resource", uriResource);
+
+ //Create Subjects
+ Roles roles = new Roles();
+ roles.addName("user");
+ context.setAttribute("roles", roles);
+
+ //Create Action
+ context.setAttribute("action", action);
+
+ return context;
+ }
+
private void assertServerState() throws Exception
{
//Assert Policy State of the Server
@@ -230,5 +283,5 @@
assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
log.info("------------------------------------------------------------------------------");
log.info(policies[0].generateSystemPolicy());
- }*/
+ }
}
Deleted: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java 2009-07-14 14:00:19 UTC (rev 13553)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyServer.java 2009-07-14 20:33:01 UTC (rev 13554)
@@ -1,68 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
-package org.jboss.security.authz.agent.features;
-
-import java.net.URI;
-import junit.framework.TestCase;
-import org.apache.log4j.Logger;
-
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.bootstrap.ServiceContainer;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-public class TestPolicyServer extends TestCase
-{
- private static Logger log = Logger.getLogger(TestPolicyServer.class);
-
- private PolicyProvisioner provisioner;
-
-
- public void setUp() throws Exception
- {
- ServiceContainer.bootstrap();
- this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
- }
-
- public void tearDown() throws Exception
- {
- }
-
- //TODO: Rewrite these tests with the new Developer Framework
- /*public void testNewPolicy() throws Exception
- {
- HttpResource httpResource = new HttpResource();
- httpResource.setUri(new URI("/blah/index.html"));
- httpResource.addParameter("param1", "param1Value");
-
- this.provisioner.newPolicy(httpResource.getPolicyMetaData());
-
- //Assert Policy State of the Server
- Policy[] policies = this.provisioner.readAllPolicies();
-
- assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1));
- log.info("------------------------------------------------------------------------------");
- log.info(policies[0].generateSystemPolicy());
- }*/
-}
Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/MockPolicy.java
===================================================================
--- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/MockPolicy.java 2009-07-14 14:00:19 UTC (rev 13553)
+++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/MockPolicy.java 2009-07-14 20:33:01 UTC (rev 13554)
@@ -110,7 +110,7 @@
ResourceMatchType rmt = new ResourceMatchType();
rmt.setMatchId(resourceMatch.getFunctionId());
- rmt.setResourceAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(resourceMatch.getAttribute(), true));
+ rmt.setResourceAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(resourceMatch.getAttribute(), resourceMatch.designatorMustBePresent()));
rmt.setAttributeValue(PolicyAttributeFactory
.createStringAttributeType(resourceMatch.getAttribute().getValue()));
@@ -194,7 +194,7 @@
ActionMatchType amct = new ActionMatchType();
amct.setMatchId(action.getFunctionId());
amct.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(action.getAttribute().getValue()));
- amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute(), true));
+ amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute(), action.designatorMustBePresent()));
actionType.getActionMatch().add(amct);
actions.getAction().add(actionType);
}
@@ -212,7 +212,7 @@
SubjectMatchType match = new SubjectMatchType();
match.setMatchId(subject.getFunctionId());
match.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(subject.getAttribute().getValue()));
- match.setSubjectAttributeDesignator((SubjectAttributeDesignatorType)AttributeDesignatorUtil.getAttributeDesignator(subject.getAttribute(), true));
+ match.setSubjectAttributeDesignator((SubjectAttributeDesignatorType)AttributeDesignatorUtil.getAttributeDesignator(subject.getAttribute(), subject.designatorMustBePresent()));
subjectType.getSubjectMatch().add(match);
subjects.getSubject().add(subjectType);
}
@@ -243,7 +243,8 @@
apply.getExpression().add(jaxbAttrValue);
//Place within the Context where this Value should exist during an Authorization Request
- apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute(), true));
+ apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute(),
+ attributeExpression.designatorMustBePresent()));
condition.setExpression(objectFactory.createApply(apply));
16 years, 9 months
- 1
- 0
JBoss Portal SVN: r13553 - in branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests: src/org/jboss/portal/test/selenium and 1 other directory.
by portal-commits@lists.jboss.org
Author: vrockai
Date: 2009-07-14 10:00:19 -0400 (Tue, 14 Jul 2009)
New Revision: 13553
Modified:
branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/src/org/jboss/portal/test/selenium/assert.properties
branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/testng.xml
Log:
[selenium] - new asserts, suite fix
Modified: branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/src/org/jboss/portal/test/selenium/assert.properties
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/src/org/jboss/portal/test/selenium/assert.properties 2009-07-14 03:58:21 UTC (rev 13552)
+++ branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/src/org/jboss/portal/test/selenium/assert.properties 2009-07-14 14:00:19 UTC (rev 13553)
@@ -8,7 +8,7 @@
iden.man.chk.role=Create new role
-cms.sec.denied=Access to this resource is denied
+cms.sec.denied=Access Denied
cms.dir.msg.inv.desc=A value below was invalid
cms.file.msg.val.invalid.filename=A value below was invalid
cms.file.msg.val.invalid.title=A value below was invalid
Modified: branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/testng.xml
===================================================================
--- branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/testng.xml 2009-07-14 03:58:21 UTC (rev 13552)
+++ branches/Enterprise_Portal_Platform_4_3/testsuite/ui-tests/testng.xml 2009-07-14 14:00:19 UTC (rev 13553)
@@ -2,11 +2,12 @@
<suite name="SeleniumTest">
<test verbose="2" name="org.jboss.portal.test.selenium.UserLoginTestCase" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.UserLoginTestCase"/>
</classes>
</test>
-
+<!--
<test name="org.jboss.portal.test.selenium.IdentityAdminTestCase - MultipleLogins" verbose="2"
annotations="JDK">
<groups>
@@ -15,117 +16,149 @@
<classes>
<class name="org.jboss.portal.test.selenium.IdentityAdminTestCase"></class></classes>
</test>
+-->
+ <test name="org.jboss.portal.test.selenium.WSRPTestCase" verbose="2" annotations="JDK">
- <test name="org.jboss.portal.test.selenium.WSRPTestCase"
- verbose="2" annotations="JDK">
<classes>
<class name="org.jboss.portal.test.selenium.WSRPTestCase"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.UserInterceptorPortletTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.UserInterceptorPortletTestCase"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.DashboardTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.DashboardTestCase"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.portal.AdminPortalTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.portal.AdminPortalTestCase"></class></classes>
</test>
+ <test name="org.jboss.portal.test.selenium.portal.AdminPortalWizardTestCase"
+ verbose="2" annotations="JDK">
+
+ <classes>
+ <class name="org.jboss.portal.test.selenium.portal.AdminPortalWizardTestCase"></class></classes>
+ </test>
+
<test name="org.jboss.portal.test.selenium.portal.PortletDefinitionsTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.portal.PortletDefinitionsTestCase"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.portal.PortletInstancesTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.portal.PortletInstancesTestCase"></class></classes>
</test>
-<!--
+
<test name="org.jboss.portal.test.selenium.portal.PageCoordinationTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.portal.PageCoordinationTestCase"></class></classes>
</test>
--->
+
<test name="org.jboss.portal.test.selenium.cms.CMSFileTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.cms.CMSFileTestCase"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.cms.CMSSecureTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.cms.CMSSecureTestCase"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.cms.CMSDirectoryTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.cms.CMSDirectoryTestCase"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.cms.CMSFileUploadTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.cms.CMSFileUploadTestCase"></class></classes>
</test>
-<!--
+
<test name="org.jboss.portal.test.selenium.CoordinationSamplesTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.CoordinationSamplesTestCase"></class></classes>
</test>
--->
+
<test name="org.jboss.portal.test.selenium.PortalSamplesTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.PortalSamplesTestCase"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.PortalAjaxSamplesTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.PortalAjaxSamplesTestCase"></class></classes>
</test>
+ <test name="org.jboss.portal.test.selenium.PortalBookstoreSampleTestCase"
+ verbose="2" annotations="JDK">
+
+ <classes>
+ <class name="org.jboss.portal.test.selenium.PortalBookstoreSampleTestCase"></class></classes>
+ </test>
+
<test name="org.jboss.portal.test.selenium.EndToEndBeaPortlet"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.EndToEndBeaPortlet"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.portal.EndtoEndPortalAdminTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.portal.EndtoEndPortalAdminTestCase"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.cms.CMSArchiveUploadTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.cms.CMSArchiveUploadTestCase"></class></classes>
</test>
<test name="org.jboss.portal.test.selenium.core.HttpHeaderTestCase"
verbose="2" annotations="JDK">
+
<classes>
<class name="org.jboss.portal.test.selenium.core.HttpHeaderTestCase"></class></classes>
</test>
<listeners>
-<!-- <listener class-name="org.testng.reporters.JUnitXMLReporter"></listener> -->
+<!-- <listener class-name="org.testng.reporters.JUnitXMLReporter"></listener>
+-->
<listener class-name="org.jboss.portal.test.selenium.JBossSeleniumTestListener"/>
</listeners>
</suite>
16 years, 9 months
- 1
- 0
JBoss Portal SVN: r13552 - modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-13 23:58:21 -0400 (Mon, 13 Jul 2009)
New Revision: 13552
Modified:
modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java
Log:
adapting the http-profile tests with the new framework
Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java
===================================================================
--- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java 2009-07-14 03:47:51 UTC (rev 13551)
+++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java 2009-07-14 03:58:21 UTC (rev 13552)
@@ -253,6 +253,14 @@
XMLSchemaConstants.DATATYPE_STRING, uriStr);
}
+ if(attributeCategory.endsWith("resource-id") ||
+ attributeCategory.endsWith("subject-id") ||
+ attributeCategory.endsWith("action-id")
+ )
+ {
+ urlExpression.setDesignatorMustBePresent(true);
+ }
+
urlExpression.setAttribute(attribute);
}
}
16 years, 9 months
- 1
- 0
JBoss Portal SVN: r13551 - in modules/authorization/trunk: common-api/src/main/java/org/jboss/security/authz/bootstrap and 9 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-13 23:47:51 -0400 (Mon, 13 Jul 2009)
New Revision: 13551
Added:
modules/authorization/trunk/agent/src/main/resources/META-INF/authz-config.xml
modules/authorization/trunk/policy-server/src/main/resources/META-INF/authz-config.xml
Removed:
modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/integration/
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
Modified:
modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/ServiceContainer.java
modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/model/AttributeExpression.java
modules/authorization/trunk/http-profile/pom.xml
modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/configuration/HttpPolicyConfig.java
modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/MockPolicy.java
modules/authorization/trunk/http-profile/src/test/resources/httpprofile-testsuite.war/WEB-INF/http-policy.xml
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/XACMLPolicy.java
Log:
adapting the http-profile tests with the new framework
Copied: modules/authorization/trunk/agent/src/main/resources/META-INF/authz-config.xml (from rev 13550, modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml)
===================================================================
--- modules/authorization/trunk/agent/src/main/resources/META-INF/authz-config.xml (rev 0)
+++ modules/authorization/trunk/agent/src/main/resources/META-INF/authz-config.xml 2009-07-14 03:47:51 UTC (rev 13551)
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<deployment xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:bean-deployer:2.0 bean-deployer_2_0.xsd"
+ xmlns="urn:jboss:bean-deployer:2.0">
+ <bean name="/agent/PolicyComposer" class="org.jboss.security.authz.agent.services.PolicyComposer">
+ </bean>
+
+ <bean name="/agent/EnforcementStateGenerator" class="org.jboss.security.authz.agent.services.EnforcementStateGenerator">
+ </bean>
+
+ <bean name="/agent/LocalEnforcementPoint" class="org.jboss.security.authz.agent.enforcement.LocalEnforcementPoint">
+ <property name="policyServer">
+ <inject bean="/policy-server/PolicyServer"/>
+ </property>
+
+ <property name="stateGenerator">
+ <inject bean="/agent/EnforcementStateGenerator"/>
+ </property>
+ </bean>
+
+ <bean name="/agent/LocalPolicyProvisioner" class="org.jboss.security.authz.agent.provisioning.LocalPolicyProvisioner">
+ <property name="policyServer">
+ <inject bean="/policy-server/PolicyServer"/>
+ </property>
+ </bean>
+</deployment>
\ No newline at end of file
Property changes on: modules/authorization/trunk/agent/src/main/resources/META-INF/authz-config.xml
___________________________________________________________________
Name: svn:mergeinfo
+
Deleted: modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml
===================================================================
--- modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/agent/src/main/resources/META-INF/jboss-beans.xml 2009-07-14 03:47:51 UTC (rev 13551)
@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<deployment xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="urn:jboss:bean-deployer:2.0 bean-deployer_2_0.xsd"
- xmlns="urn:jboss:bean-deployer:2.0">
- <bean name="/agent/PolicyComposer" class="org.jboss.security.authz.agent.services.PolicyComposer">
- </bean>
-
- <bean name="/agent/EnforcementStateGenerator" class="org.jboss.security.authz.agent.services.EnforcementStateGenerator">
- </bean>
-
- <bean name="/agent/LocalEnforcementPoint" class="org.jboss.security.authz.agent.enforcement.LocalEnforcementPoint">
- <property name="policyServer">
- <inject bean="/policy-server/PolicyServer"/>
- </property>
-
- <property name="stateGenerator">
- <inject bean="/agent/EnforcementStateGenerator"/>
- </property>
- </bean>
-
- <bean name="/agent/LocalPolicyProvisioner" class="org.jboss.security.authz.agent.provisioning.LocalPolicyProvisioner">
- <property name="policyServer">
- <inject bean="/policy-server/PolicyServer"/>
- </property>
- </bean>
-</deployment>
\ No newline at end of file
Modified: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/ServiceContainer.java
===================================================================
--- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/ServiceContainer.java 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/bootstrap/ServiceContainer.java 2009-07-14 03:47:51 UTC (rev 13551)
@@ -54,7 +54,7 @@
bootstrap.run();
ClassLoader cl = Thread.currentThread().getContextClassLoader();
- Enumeration e = cl.getResources("META-INF/jboss-beans.xml");
+ Enumeration e = cl.getResources("META-INF/authz-config.xml");
while(e.hasMoreElements())
{
URL url = (URL)e.nextElement();
Modified: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/model/AttributeExpression.java
===================================================================
--- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/model/AttributeExpression.java 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/model/AttributeExpression.java 2009-07-14 03:47:51 UTC (rev 13551)
@@ -32,7 +32,7 @@
{
private String functionId = null;
private Attribute attribute = null;
- private boolean designatorMustBePresent = true; //mustbepresent by default
+ private boolean designatorMustBePresent = false; //mustbepresent by default
public AttributeExpression()
{
Modified: modules/authorization/trunk/http-profile/pom.xml
===================================================================
--- modules/authorization/trunk/http-profile/pom.xml 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/http-profile/pom.xml 2009-07-14 03:47:51 UTC (rev 13551)
@@ -149,6 +149,15 @@
<overWrite>true</overWrite>
<outputDirectory>target/test-classes/httpprofile-testsuite.war/WEB-INF/lib</outputDirectory>
<destFileName>policy-server.jar</destFileName>
+ </artifactItem>
+ <artifactItem>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>agent</artifactId>
+ <version>${project.version}</version>
+ <type>jar</type>
+ <overWrite>true</overWrite>
+ <outputDirectory>target/test-classes/httpprofile-testsuite.war/WEB-INF/lib</outputDirectory>
+ <destFileName>agent.jar</destFileName>
</artifactItem>
<artifactItem>
<groupId>org.jboss.security</groupId>
Modified: modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/configuration/HttpPolicyConfig.java
===================================================================
--- modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/configuration/HttpPolicyConfig.java 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/configuration/HttpPolicyConfig.java 2009-07-14 03:47:51 UTC (rev 13551)
@@ -272,6 +272,11 @@
}
}
+ if(secureWebActions.isEmpty())
+ {
+ secureWebActions.add(new Get());
+ }
+
return secureWebActions;
}
}
Modified: modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java
===================================================================
--- modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java 2009-07-14 03:47:51 UTC (rev 13551)
@@ -59,12 +59,12 @@
import org.jboss.security.authz.bootstrap.ServiceContainer;
import org.jboss.security.authz.policy.server.spi.PolicyConfig;
-import org.jboss.security.authz.policy.server.PolicyServer;
import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.agent.enforcement.EnforcementContext;
import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.services.PolicyComposer;
/**
@@ -76,6 +76,7 @@
private PolicyEnforcementPoint enforcer;
private PolicyProvisioner provisioner;
+ private PolicyComposer policyComposer;
private boolean isPolicyMatchMandatory = false; //set to "false" by default
public SecurityFilter()
@@ -90,20 +91,18 @@
{
//Start the Policy Server
ServiceContainer.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
- if(this.enforcer == null || this.provisioner == null)
+ if(this.enforcer == null || this.provisioner == null || this.policyComposer == null)
{
- throw new RuntimeException("Policy Server is unavailable...");
+ throw new RuntimeException("Policy System is not configured properly...");
}
- //TODO: remove this
- PolicyServer ps = (PolicyServer)ServiceContainer.lookup("/policy-server/PolicyServer");
- ps.getPolicyDecisionPoint().setDebug(true);
-
//Parse the specified Policy and update the Policy Server
PolicyConfig policyConfig = new HttpPolicyConfig();
+ ((HttpPolicyConfig)policyConfig).setPolicyComposer(this.policyComposer);
is = config.getServletContext().getResourceAsStream("/WEB-INF/http-policy.xml");
String httpPolicy = GeneralTool.readStream(is);
@@ -204,47 +203,43 @@
String value = httpRequest.getParameter(name);
contextResource.addParameter(name, value);
}
-
- //TODO: migrate to the new developer framework
- /*
- //Setup Resource context
- authzRequest.addResource(contextResource.getResource());
-
+ context.setAttribute("http-resource", contextResource);
+
//Setup Action context
if(httpRequest.getMethod().equalsIgnoreCase("get"))
- {
- authzRequest.setAction(new Get().getAction());
+ {
+ context.setAttribute("http-action", new Get());
}
else if(httpRequest.getMethod().equalsIgnoreCase("post"))
{
- authzRequest.setAction(new Post().getAction());
+ context.setAttribute("http-action", new Post());
}
else if(httpRequest.getMethod().equalsIgnoreCase("put"))
{
- authzRequest.setAction(new Put().getAction());
+ context.setAttribute("http-action", new Put());
}
else if(httpRequest.getMethod().equalsIgnoreCase("delete"))
{
- authzRequest.setAction(new Delete().getAction());
+ context.setAttribute("http-action", new Delete());
}
else if(httpRequest.getMethod().equalsIgnoreCase("head"))
{
- authzRequest.setAction(new Head().getAction());
+ context.setAttribute("http-action", new Head());
}
else if(httpRequest.getMethod().equalsIgnoreCase("options"))
{
- authzRequest.setAction(new Options().getAction());
+ context.setAttribute("http-action", new Options());
}
else if(httpRequest.getMethod().equalsIgnoreCase("trace"))
{
- authzRequest.setAction(new Trace().getAction());
+ context.setAttribute("http-action", new Trace());
}
//Setup Role context
//TODO: replace mock code with actual loading of Roles information of the authenticated user via the new Identity API
Roles roles = new Roles();
roles.addName(Roles.ANONYMOUS);
- authzRequest.addSubject(roles.getSubject());*/
+ context.setAttribute("roles", roles);
return context;
}
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/MockPolicy.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/MockPolicy.java 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/MockPolicy.java 2009-07-14 03:47:51 UTC (rev 13551)
@@ -110,7 +110,8 @@
ResourceMatchType rmt = new ResourceMatchType();
rmt.setMatchId(resourceMatch.getFunctionId());
- rmt.setResourceAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(resourceMatch.getAttribute(), true));
+ rmt.setResourceAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(resourceMatch.getAttribute(), resourceMatch.
+ designatorMustBePresent()));
rmt.setAttributeValue(PolicyAttributeFactory
.createStringAttributeType(resourceMatch.getAttribute().getValue()));
@@ -194,7 +195,8 @@
ActionMatchType amct = new ActionMatchType();
amct.setMatchId(action.getFunctionId());
amct.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(action.getAttribute().getValue()));
- amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute(), true));
+ amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute(),
+ action.designatorMustBePresent()));
actionType.getActionMatch().add(amct);
actions.getAction().add(actionType);
}
@@ -212,7 +214,8 @@
SubjectMatchType match = new SubjectMatchType();
match.setMatchId(subject.getFunctionId());
match.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(subject.getAttribute().getValue()));
- match.setSubjectAttributeDesignator((SubjectAttributeDesignatorType)AttributeDesignatorUtil.getAttributeDesignator(subject.getAttribute(), true));
+ match.setSubjectAttributeDesignator((SubjectAttributeDesignatorType)AttributeDesignatorUtil.getAttributeDesignator(subject.getAttribute(),
+ subject.designatorMustBePresent()));
subjectType.getSubjectMatch().add(match);
subjects.getSubject().add(subjectType);
}
@@ -243,7 +246,7 @@
apply.getExpression().add(jaxbAttrValue);
//Place within the Context where this Value should exist during an Authorization Request
- apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute(), true));
+ apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute(), attributeExpression.designatorMustBePresent()));
condition.setExpression(objectFactory.createApply(apply));
Modified: modules/authorization/trunk/http-profile/src/test/resources/httpprofile-testsuite.war/WEB-INF/http-policy.xml
===================================================================
--- modules/authorization/trunk/http-profile/src/test/resources/httpprofile-testsuite.war/WEB-INF/http-policy.xml 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/http-profile/src/test/resources/httpprofile-testsuite.war/WEB-INF/http-policy.xml 2009-07-14 03:47:51 UTC (rev 13551)
@@ -37,7 +37,7 @@
</web-resource>
</web-resource-collection>
<auth-constraint>
- <!-- constaints based on user roles -->
+ <!-- constraints based on user roles -->
<roles allow="true">
<role-name>Admin</role-name>
<role-name>Executive</role-name>
Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java 2009-07-14 03:47:51 UTC (rev 13551)
@@ -22,8 +22,6 @@
******************************************************************************/
package org.jboss.security.authz.policy.server.plugin;
-import java.util.List;
-import java.util.ArrayList;
import java.io.IOException;
import java.io.ByteArrayInputStream;
@@ -59,11 +57,11 @@
private static Logger log = Logger.getLogger(EnterprisePolicyFinderModule.class);
private PolicyReader reader;
- private List<PolicyCollection> policies;
+ private PolicyCollection policies;
public EnterprisePolicyFinderModule()
{
- this.policies = new ArrayList<PolicyCollection>();
+ this.policies = new PolicyCollection();
}
public void addPolicy(Policy policy) throws PolicyServerException
@@ -76,9 +74,7 @@
AbstractPolicy xacmlPolicy = this.reader.readPolicy(bos);
- PolicyCollection newPolicyCollection = new PolicyCollection();
- newPolicyCollection.addPolicy(xacmlPolicy);
- this.policies.add(newPolicyCollection);
+ this.policies.addPolicy(xacmlPolicy);
}
catch(Exception e)
{
@@ -139,35 +135,21 @@
*/
public PolicyFinderResult findPolicy(EvaluationCtx context)
{
- TopLevelPolicyException exception = null;
- PolicyFinderResult result = null;
- for (PolicyCollection policyCollection : this.policies)
- {
- try
- {
- AbstractPolicy policy = policyCollection.getPolicy(context);
- if (policy != null)
- {
- return new PolicyFinderResult(policy);
- }
- }
- catch (TopLevelPolicyException e)
- {
- exception = e;
- }
- }
-
- //If I am here......No Policy Found for the incoming request!!
- if(exception != null)
- {
- result = new PolicyFinderResult(exception.getStatus());
- }
- else
- {
- result = new PolicyFinderResult();
- }
-
-
- return result;
+ try
+ {
+ AbstractPolicy policy = this.policies.getPolicy(context);
+ if (policy == null)
+ {
+ return new PolicyFinderResult();
+ }
+ else
+ {
+ return new PolicyFinderResult(policy);
+ }
+ }
+ catch (TopLevelPolicyException e)
+ {
+ return new PolicyFinderResult(e.getStatus());
+ }
}
}
\ No newline at end of file
Property changes on: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java
___________________________________________________________________
Name: svn:mergeinfo
-
Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/XACMLPolicy.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/XACMLPolicy.java 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/XACMLPolicy.java 2009-07-14 03:47:51 UTC (rev 13551)
@@ -208,7 +208,7 @@
ActionMatchType amct = new ActionMatchType();
amct.setMatchId(action.getFunctionId());
amct.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(action.getAttribute().getValue()));
- amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute(), true));
+ amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute(), action.designatorMustBePresent()));
actionType.getActionMatch().add(amct);
actions.getAction().add(actionType);
}
@@ -226,7 +226,8 @@
SubjectMatchType match = new SubjectMatchType();
match.setMatchId(subject.getFunctionId());
match.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(subject.getAttribute().getValue()));
- match.setSubjectAttributeDesignator((SubjectAttributeDesignatorType)AttributeDesignatorUtil.getAttributeDesignator(subject.getAttribute(), true));
+ match.setSubjectAttributeDesignator((SubjectAttributeDesignatorType)AttributeDesignatorUtil.getAttributeDesignator(subject.getAttribute(),
+ subject.designatorMustBePresent()));
subjectType.getSubjectMatch().add(match);
subjects.getSubject().add(subjectType);
}
@@ -257,7 +258,8 @@
apply.getExpression().add(jaxbAttrValue);
//Place within the Context where this Value should exist during an Authorization Request
- apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute(), true));
+ apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute(),
+ attributeExpression.designatorMustBePresent()));
condition.setExpression(objectFactory.createApply(apply));
Copied: modules/authorization/trunk/policy-server/src/main/resources/META-INF/authz-config.xml (from rev 13550, modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml)
===================================================================
--- modules/authorization/trunk/policy-server/src/main/resources/META-INF/authz-config.xml (rev 0)
+++ modules/authorization/trunk/policy-server/src/main/resources/META-INF/authz-config.xml 2009-07-14 03:47:51 UTC (rev 13551)
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<deployment xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:bean-deployer:2.0 bean-deployer_2_0.xsd"
+ xmlns="urn:jboss:bean-deployer:2.0">
+ <bean name="/policy-server/PolicyServer" class="org.jboss.security.authz.policy.server.PolicyServer">
+ <property name="policyDecisionPoint">
+ <inject bean="/policy-server/PolicyDecisionPoint"/>
+ </property>
+ <property name="policyStore">
+ <inject bean="/policy-server/PolicyStore"/>
+ </property>
+ <property name="ruleManager">
+ <inject bean="/policy-server/DroolsRuleManager"/>
+ </property>
+ </bean>
+
+ <bean name="/policy-server/PolicyDecisionPoint" class="org.jboss.security.authz.policy.server.decision.PolicyDecisionPoint">
+ <property name="debug">true</property>
+ </bean>
+
+ <bean name="/policy-server/PolicyDeployer" class="org.jboss.security.authz.policy.server.provisioning.PolicyDeployer">
+ </bean>
+
+ <bean name="/policy-server/PolicyStore" class="org.jboss.security.authz.policy.server.provisioning.MemoryPolicyStore">
+ </bean>
+
+ <bean name="/policy-server/DroolsRuleManager" class="org.jboss.security.authz.policy.server.plugin.DroolsRuleManager">
+ </bean>
+</deployment>
\ No newline at end of file
Property changes on: modules/authorization/trunk/policy-server/src/main/resources/META-INF/authz-config.xml
___________________________________________________________________
Name: svn:mergeinfo
+
Deleted: modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
===================================================================
--- modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-07-13 16:45:05 UTC (rev 13550)
+++ modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-07-14 03:47:51 UTC (rev 13551)
@@ -1,30 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<deployment xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="urn:jboss:bean-deployer:2.0 bean-deployer_2_0.xsd"
- xmlns="urn:jboss:bean-deployer:2.0">
- <bean name="/policy-server/PolicyServer" class="org.jboss.security.authz.policy.server.PolicyServer">
- <property name="policyDecisionPoint">
- <inject bean="/policy-server/PolicyDecisionPoint"/>
- </property>
- <property name="policyStore">
- <inject bean="/policy-server/PolicyStore"/>
- </property>
- <property name="ruleManager">
- <inject bean="/policy-server/DroolsRuleManager"/>
- </property>
- </bean>
-
- <bean name="/policy-server/PolicyDecisionPoint" class="org.jboss.security.authz.policy.server.decision.PolicyDecisionPoint">
- <property name="debug">true</property>
- </bean>
-
- <bean name="/policy-server/PolicyDeployer" class="org.jboss.security.authz.policy.server.provisioning.PolicyDeployer">
- </bean>
-
- <bean name="/policy-server/PolicyStore" class="org.jboss.security.authz.policy.server.provisioning.MemoryPolicyStore">
- </bean>
-
- <bean name="/policy-server/DroolsRuleManager" class="org.jboss.security.authz.policy.server.plugin.DroolsRuleManager">
- </bean>
-</deployment>
\ No newline at end of file
16 years, 9 months
- 1
- 0
JBoss Portal SVN: r13550 - in modules/authorization/trunk: http-profile/src/test/resources and 1 other directories.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-13 12:45:05 -0400 (Mon, 13 Jul 2009)
New Revision: 13550
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
modules/authorization/trunk/http-profile/src/test/resources/http-policy.xml
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java
Log:
adapting the http-profile tests with the new framework
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-07-12 20:31:28 UTC (rev 13549)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-07-13 16:45:05 UTC (rev 13550)
@@ -30,18 +30,20 @@
import org.apache.log4j.Logger;
import org.jboss.security.authz.bootstrap.ServiceContainer;
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
import org.jboss.security.authz.agent.services.PolicyComposer;
+
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.http.component.action.Get;
import org.jboss.security.authz.http.component.action.Post;
import org.jboss.security.authz.http.component.resource.HttpResource;
-import org.jboss.security.authz.http.configuration.HttpPolicyConfig;
import org.jboss.security.authz.model.Policy;
+
+import org.jboss.security.authz.http.configuration.HttpPolicyConfig;
import org.jboss.security.authz.tools.GeneralTool;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
import org.jboss.security.authz.policy.server.spi.PolicyConfig;
/**
@@ -63,13 +65,9 @@
this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
- this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
- }
- //------------------------------------------------------------------------------------------------------------------------------------------------------
- //TODO: migrate to the new developer framework
- public void testExecutiveFiles() throws Exception
- {
- PolicyConfig config = new HttpPolicyConfig();
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
+
+ PolicyConfig config = new HttpPolicyConfig();
((HttpPolicyConfig)config).setPolicyComposer(this.policyComposer);
InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream("http-policy.xml");
@@ -78,178 +76,128 @@
assertNotNull(policies);
- for(int i=0; i<policies.length; i++)
- {
- String xacmlPolicy = policies[i].generateSystemPolicy();
- this.provisioner.newPolicy(policies[i].getMetaData());
-
- log.info("------------------------------------------------------");
- log.info(xacmlPolicy);
- log.info("------------------------------------------------------");
+ for(Policy policy: policies)
+ {
+ this.provisioner.newPolicy(policy.getMetaData());
}
is.close();
+ //Assert Policy State of the Server
+ policies = this.provisioner.readAllPolicies();
+
+ assertTrue("Policy Store must not be empty!!", policies != null && policies.length > 0);
+ for(Policy policy: policies)
+ {
+ log.info("------------------------------------------------------------------------------");
+ log.info(policy.generateSystemPolicy());
+ }
+ }
+ //-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ public void testExecutiveFiles() throws Exception
+ {
//Perform an Enforcement
- /*HttpResource incoming = new HttpResource();
+ HttpResource incoming = new HttpResource();
incoming.setUri(new URI("/private/executives/index.html"));
- incoming.addParameter("id", "1234");
+ incoming.addParameter("id", "1234");
//Executive is allowed
- this.enforce(this.createGetRequest(incoming, new String[]{"executive"}), true);
- this.enforce(this.createPostRequest(incoming, new String[]{"executive"}), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive"}, new Get()), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive"}, new Post()), true);
//Executive is allowed but Manager is not.....Permit overrides Deny according to the Rule Combining Algorithm used for this Policy
- this.enforce(this.createGetRequest(incoming, new String[]{"executive", "manager"}), true);
- this.enforce(this.createPostRequest(incoming, new String[]{"executive", "manager"}), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive", "manager"}, new Get()), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive", "manager"}, new Post()), true);
//Manager is Not Allowed
- this.enforce(this.createGetRequest(incoming, new String[]{"manager"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"manager"}, new Get()), false);
//Anonymous is Not Allowed
- this.enforce(this.createGetRequest(incoming, new String[]{"anonymous"}), false);*/
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"anonymous"}, new Get()), false);
}
- /*public void testBoardFiles() throws Exception
- {
- PolicyConfig config = new HttpPolicyConfig();
- InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream("http-policy.xml");
-
- Policy[] policies = config.configure(GeneralTool.readStream(is));
-
- assertNotNull(policies);
-
- for(int i=0; i<policies.length; i++)
- {
- String xacmlPolicy = policies[i].generateXACMLPolicy();
- this.policyServer.newPolicy(policies[i].getMetaData());
- log.info("------------------------------------------------------");
- log.info(xacmlPolicy);
- log.info("------------------------------------------------------");
- }
-
- is.close();
-
+ public void testBoardFiles() throws Exception
+ {
//Perform an Enforcement
HttpResource incoming = new HttpResource();
incoming.setUri(new URI("/private/board/index.html"));
incoming.addParameter("id", "5678");
//Executive is allowed
- this.enforce(this.createGetRequest(incoming, new String[]{"executive"}), true);
- this.enforce(this.createPostRequest(incoming, new String[]{"executive"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive"}, new Get()), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive"}, new Post()), false);
//Executive is allowed but Manager is not.....Permit overrides Deny according to the Rule Combining Algorithm used for this Policy
- this.enforce(this.createGetRequest(incoming, new String[]{"executive", "manager"}), true);
- this.enforce(this.createPostRequest(incoming, new String[]{"executive", "manager"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive", "manager"}, new Get()), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive", "manager"}, new Post()), false);
//Manager is Not Allowed
- this.enforce(this.createGetRequest(incoming, new String[]{"manager"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"manager"}, new Get()), false);
//Anonymous is Not Allowed
- this.enforce(this.createGetRequest(incoming, new String[]{"anonymous"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"anonymous"}, new Get()), false);
}
public void testEditUser() throws Exception
- {
- PolicyConfig config = new HttpPolicyConfig();
- InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream("http-policy.xml");
-
- Policy[] policies = config.configure(GeneralTool.readStream(is));
-
- assertNotNull(policies);
-
- for(int i=0; i<policies.length; i++)
- {
- String xacmlPolicy = policies[i].generateXACMLPolicy();
- this.policyServer.newPolicy(policies[i].getMetaData());
- log.info("------------------------------------------------------");
- log.info(xacmlPolicy);
- log.info("------------------------------------------------------");
- }
-
- is.close();
-
+ {
//Perform an Enforcement
HttpResource incoming = new HttpResource();
incoming.setUri(new URI("/editUser"));
incoming.addParameter("userId", "9101112");
//Executive is allowed
- this.enforce(this.createGetRequest(incoming, new String[]{"executive"}), true);
- this.enforce(this.createPostRequest(incoming, new String[]{"executive"}), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive"}, new Get()), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive"}, new Post()), true);
//Executive is allowed but Manager is not.....Permit overrides Deny according to the Rule Combining Algorithm used for this Policy
- this.enforce(this.createGetRequest(incoming, new String[]{"executive", "manager"}), true);
- this.enforce(this.createPostRequest(incoming, new String[]{"executive", "manager"}), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive", "manager"}, new Get()), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"executive", "manager"}, new Post()), true);
//Manager is Not Allowed
- this.enforce(this.createGetRequest(incoming, new String[]{"manager"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"manager"}, new Get()), false);
//Anonymous is Not Allowed
- this.enforce(this.createGetRequest(incoming, new String[]{"anonymous"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"anonymous"}, new Get()), false);
}
//-------------------------------------------------------------------------------------------------------------------------------------------------
- private void enforce(Request request, boolean mustBePermitted) throws Exception
+ private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted) throws Exception
{
-
- Response response = this.enforcer.checkAccess(request);
-
- assertNotNull(response);
- log.info("-----------------------------------");
- log.info("Decision="+response.getMessage());
-
- if(mustBePermitted)
- {
- assertTrue("Access must be granted!!!", response.isAccessGranted());
- }
- else
- {
- assertFalse("Access must be denied!!!", response.isAccessGranted());
- }
+ EnforcementResponse response = this.enforcer
+ .checkAccess(enforcementContext);
+
+ assertNotNull(response);
+ log.info("-----------------------------------");
+ log.info("Decision=" + response.getMessage());
+
+ if (mustBePermitted)
+ {
+ assertTrue("Access must be granted!!!", response.isAccessGranted());
+ }
+ else
+ {
+ assertFalse("Access must be denied!!!", response.isAccessGranted());
+ }
}
- private Request createGetRequest(HttpResource contextResource, String[] userRoles) throws Exception
+ private EnforcementContext createEnforcementContext(HttpResource protectedResource, String[] userRoles, Object actionComponent) throws Exception
{
- //Create a RequestType
- Request request = new Request();
-
- //Create Subjects
- Roles roles = new Roles();
- for(int i=0; i<userRoles.length; i++)
- {
- roles.addName(userRoles[i]);
- }
- request.addSubject(roles.getSubject());
-
- //Create Resource
- request.addResource(contextResource.getResource());
-
- //Create Action
- request.setAction(new Get().getAction());
-
- return request;
- }
-
- private Request createPostRequest(HttpResource contextResource, String[] userRoles) throws Exception
- {
- //Create a RequestType
- Request request = new Request();
-
- //Create Subjects
- Roles roles = new Roles();
- for(int i=0; i<userRoles.length; i++)
- {
- roles.addName(userRoles[i]);
- }
- request.addSubject(roles.getSubject());
-
- //Create Resource
- request.addResource(contextResource.getResource());
-
- //Create Action
- request.setAction(new Post().getAction());
-
- return request;
- }*/
+ // Create an EnforcementContext
+ EnforcementContext context = new EnforcementContext();
+
+ //Resource being accessed
+ context.setAttribute("http-resource", protectedResource);
+
+ // Create Subjects
+ Roles roles = new Roles();
+ for (int i = 0; i < userRoles.length; i++)
+ {
+ roles.addName(userRoles[i]);
+ }
+ context.setAttribute("roles", roles);
+
+ //Action being performed
+ context.setAttribute("http-action", actionComponent);
+
+ return context;
+ }
}
Modified: modules/authorization/trunk/http-profile/src/test/resources/http-policy.xml
===================================================================
--- modules/authorization/trunk/http-profile/src/test/resources/http-policy.xml 2009-07-12 20:31:28 UTC (rev 13549)
+++ modules/authorization/trunk/http-profile/src/test/resources/http-policy.xml 2009-07-13 16:45:05 UTC (rev 13550)
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
-<web-security>
+<web-security>
<security-constraint>
<web-resource-collection>
<web-resource>
@@ -10,7 +10,7 @@
</parameters>
<http-method>GET</http-method>
<http-method>POST</http-method>
- </web-resource>
+ </web-resource>
<web-resource>
<web-resource-name>Board/Investor Files</web-resource-name>
<url-pattern>/private/board/*</url-pattern>
@@ -18,7 +18,7 @@
<parameter name="id">5678</parameter>
</parameters>
<http-method>GET</http-method>
- </web-resource>
+ </web-resource>
</web-resource-collection>
<auth-constraint>
<!-- constaints based on user roles -->
@@ -68,8 +68,7 @@
<http-method>POST</http-method>
</web-resource>
</web-resource-collection>
- <auth-constraint>
- <!-- constaints based on user roles -->
+ <auth-constraint>
<roles allow="true">
<role-name>Admin</role-name>
<role-name>Executive</role-name>
@@ -79,5 +78,5 @@
<role-name>Developer</role-name>
</roles>
</auth-constraint>
- </security-constraint>
+ </security-constraint>
</web-security>
\ No newline at end of file
Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java
===================================================================
--- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java 2009-07-12 20:31:28 UTC (rev 13549)
+++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java 2009-07-13 16:45:05 UTC (rev 13550)
@@ -22,6 +22,8 @@
******************************************************************************/
package org.jboss.security.authz.policy.server.plugin;
+import java.util.List;
+import java.util.ArrayList;
import java.io.IOException;
import java.io.ByteArrayInputStream;
@@ -57,11 +59,11 @@
private static Logger log = Logger.getLogger(EnterprisePolicyFinderModule.class);
private PolicyReader reader;
- private PolicyCollection policies;
+ private List<PolicyCollection> policies;
public EnterprisePolicyFinderModule()
{
- this.policies = new PolicyCollection();
+ this.policies = new ArrayList<PolicyCollection>();
}
public void addPolicy(Policy policy) throws PolicyServerException
@@ -74,7 +76,9 @@
AbstractPolicy xacmlPolicy = this.reader.readPolicy(bos);
- this.policies.addPolicy(xacmlPolicy);
+ PolicyCollection newPolicyCollection = new PolicyCollection();
+ newPolicyCollection.addPolicy(xacmlPolicy);
+ this.policies.add(newPolicyCollection);
}
catch(Exception e)
{
@@ -135,21 +139,35 @@
*/
public PolicyFinderResult findPolicy(EvaluationCtx context)
{
- try
- {
- AbstractPolicy policy = this.policies.getPolicy(context);
- if (policy == null)
- {
- return new PolicyFinderResult();
- }
- else
- {
- return new PolicyFinderResult(policy);
- }
- }
- catch (TopLevelPolicyException e)
- {
- return new PolicyFinderResult(e.getStatus());
- }
+ TopLevelPolicyException exception = null;
+ PolicyFinderResult result = null;
+ for (PolicyCollection policyCollection : this.policies)
+ {
+ try
+ {
+ AbstractPolicy policy = policyCollection.getPolicy(context);
+ if (policy != null)
+ {
+ return new PolicyFinderResult(policy);
+ }
+ }
+ catch (TopLevelPolicyException e)
+ {
+ exception = e;
+ }
+ }
+
+ //If I am here......No Policy Found for the incoming request!!
+ if(exception != null)
+ {
+ result = new PolicyFinderResult(exception.getStatus());
+ }
+ else
+ {
+ result = new PolicyFinderResult();
+ }
+
+
+ return result;
}
}
\ No newline at end of file
16 years, 9 months
- 1
- 0
JBoss Portal SVN: r13549 - in modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http: provisioning and 1 other directory.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2009-07-12 16:31:28 -0400 (Sun, 12 Jul 2009)
New Revision: 13549
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
Log:
backing up some code
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java 2009-07-12 17:28:57 UTC (rev 13548)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java 2009-07-12 20:31:28 UTC (rev 13549)
@@ -54,7 +54,6 @@
this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
}
//------------------------------------------------------------------------------------------------------------------------------------------------------------------
- //TODO: migrate to the new developer framework
public void testGetURLTargetNoParameters() throws Exception
{
HttpResource httpResource = new HttpResource();
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-12 17:28:57 UTC (rev 13548)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-12 20:31:28 UTC (rev 13549)
@@ -64,7 +64,6 @@
this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
- //TODO: migrate to the new developer framework
public void testMatchContextSuperset() throws Exception
{
//SetUp HttpResource component to generate/store a policy
@@ -121,21 +120,29 @@
this.enforce(this.createEnforcementContext(deny), false);
}
- /*public void testMatchContextSubset() throws Exception
+ public void testMatchContextSubset() throws Exception
{
//SetUp HttpResource component to generate/store a policy
HttpResource policyResource = new HttpResource();
- policyResource.setUri(new URI("/prefix/url/*"));
- policyResource.addAllowed("Admin");
+ policyResource.setUri(new URI("/prefix/url/*"));
for(int i=0; i<5; i++)
{
String name = "p"+i;
String value = name + "Val";
policyResource.addParameter(name, value);
}
+
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("Admin");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(policyResource);
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
//Store the policy into the Policy Server
- this.provisioner.newPolicy(policyResource.getPolicyMetaData());
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
//Assert Policy State of the Server
Policy[] policies = this.provisioner.readAllPolicies();
@@ -157,8 +164,8 @@
//Access Denied Enforcement......In fact in the case where the Context carries a Subset of the parameters expected by the policy
//It will always result in a Deny since it will never fulfill the match expected by the policy
- this.enforce(this.createRequest(deny), false);
- }*/
+ this.enforce(this.createEnforcementContext(deny), false);
+ }
//-----------------------------------------------------------------------------------------------------------------------------------------------------
private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted) throws Exception
{
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-07-12 17:28:57 UTC (rev 13548)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-07-12 20:31:28 UTC (rev 13549)
@@ -24,19 +24,25 @@
import java.net.URI;
import org.apache.log4j.Logger;
-import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.components.action.Read;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.authz.http.component.resource.HttpResource;
import org.jboss.security.authz.components.subject.Roles;
-import org.jboss.security.authz.http.component.resource.HttpResource;
+import org.jboss.security.authz.http.component.action.Get;
+import org.jboss.security.authz.model.Effect;
import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
+import org.jboss.security.authz.model.PolicyMetaData;
+
import org.jboss.security.authz.bootstrap.ServiceContainer;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.services.PolicyComposer;
+import org.jboss.security.authz.agent.services.CompositionContext;
-import junit.framework.TestCase;
-
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*/
@@ -44,27 +50,39 @@
{
private static Logger log = Logger.getLogger(TestRoles.class);
+ private PolicyComposer policyComposer;
private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
+ private PolicyProvisioner provisioner;
+
public void setUp() throws Exception
{
- ServiceContainer.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
- //TODO: migrate to the new developer framework
- /*public void test() throws Exception
+ public void test() throws Exception
{
HttpResource policyResource = new HttpResource();
- policyResource.setUri(new URI("/private/devspace/*"));
- policyResource.addAllowed("admin");
- policyResource.addAllowed("pm");
- policyResource.addAllowed("lead");
+ policyResource.setUri(new URI("/private/devspace/*"));
+
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("admin");
+ allowedRoles.addName("pm");
+ allowedRoles.addName("lead");
- this.provisioner.newPolicy(policyResource.getPolicyMetaData());
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(policyResource);
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
//Assert Policy State of the Server
Policy[] policies = this.provisioner.readAllPolicies();
@@ -76,23 +94,32 @@
incoming.setUri(new URI("/private/devspace/wiki.html"));
//Access Grant
- this.enforce(this.createRequest(incoming, new String[]{"hacker", "coder", "bigshot", "lead"}), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"hacker", "coder", "bigshot", "lead"}), true);
//Access Deny
- this.enforce(this.createRequest(incoming, new String[]{"hacker", "coder", "bigshot"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"hacker", "coder", "bigshot"}), false);
}
public void testCaseAgnosticity() throws Exception
{
HttpResource policyResource = new HttpResource();
policyResource.setUri(new URI("/private/devspace/*"));
- policyResource.addAllowed("AdMin");
- policyResource.addAllowed("Pm");
- policyResource.addAllowed("LeaD");
- this.provisioner.newPolicy(policyResource.getPolicyMetaData());
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("AdMin");
+ allowedRoles.addName("Pm");
+ allowedRoles.addName("LeaD");
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(policyResource);
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
//Assert Policy State of the Server
Policy[] policies = this.provisioner.readAllPolicies();
@@ -104,18 +131,17 @@
incoming.setUri(new URI("/private/devspace/wiki.html"));
//Access Grant
- this.enforce(this.createRequest(incoming, new String[]{"hAcKer", "cOder", "BiGSHot", "lEAd"}), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"hAcKer", "cOder", "BiGSHot", "lEAd"}), true);
//Access Deny
- this.enforce(this.createRequest(incoming, new String[]{"hAcKer", "cOder", "BiGSHot"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"hAcKer", "cOder", "BiGSHot"}), false);
}
//-----------------------------------------------------------------------------------------------------------------------------------------------------
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
+ private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted) throws Exception
+ {
+ EnforcementResponse response = this.enforcer.checkAccess(enforcementContext);
- Response response = this.enforcer.checkAccess(request);
-
assertNotNull(response);
log.info("-----------------------------------");
log.info("Decision="+response.getMessage());
@@ -130,25 +156,25 @@
}
}
- private Request createRequest(HttpResource contextResource, String[] userRoles) throws Exception
+ private EnforcementContext createEnforcementContext(HttpResource protectedResource, String[] userRoles) throws Exception
{
- //Create a RequestType
- Request request = new Request();
-
- //Create Subjects
- Roles roles = new Roles();
- for(int i=0; i<userRoles.length; i++)
- {
- roles.addName(userRoles[i]);
- }
- request.addSubject(roles.getSubject());
-
- //Create Resource
- request.addResource(contextResource.getResource());
-
- //Create Action
- request.setAction(new Read().getAction());
-
- return request;
- }*/
+ // Create an EnforcementContext
+ EnforcementContext context = new EnforcementContext();
+
+ //Resource being accessed
+ context.setAttribute("http-resource", protectedResource);
+
+ // Create Subjects
+ Roles roles = new Roles();
+ for (int i = 0; i < userRoles.length; i++)
+ {
+ roles.addName(userRoles[i]);
+ }
+ context.setAttribute("roles", roles);
+
+ //Action being performed
+ context.setAttribute("http-get", new Get());
+
+ return context;
+ }
}
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-07-12 17:28:57 UTC (rev 13548)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-07-12 20:31:28 UTC (rev 13549)
@@ -25,20 +25,25 @@
import java.util.regex.Pattern;
import org.apache.log4j.Logger;
-import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.components.action.Read;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.authz.http.component.resource.HttpResource;
import org.jboss.security.authz.components.subject.Roles;
-import org.jboss.security.authz.http.component.resource.HttpResource;
+import org.jboss.security.authz.http.component.action.Get;
+import org.jboss.security.authz.model.Effect;
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
-import org.jboss.security.authz.model.Resource;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
+
import org.jboss.security.authz.bootstrap.ServiceContainer;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.services.PolicyComposer;
+import org.jboss.security.authz.agent.services.CompositionContext;
-import junit.framework.TestCase;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -47,18 +52,21 @@
{
private static Logger log = Logger.getLogger(TestURLPattern.class);
+ private PolicyComposer policyComposer;
private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
+ private PolicyProvisioner provisioner;
+
public void setUp() throws Exception
{
- ServiceContainer.bootstrap();
- this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
-
- //TODO: migrate to the new developer framework
- /*public void testRegex() throws Exception
+
+ public void testRegex() throws Exception
{
//
// Rule = "/prefix/url/*" matches any URL starting with /prefix/url,
@@ -83,9 +91,17 @@
HttpResource httpResource = new HttpResource();
httpResource.setUri(new URI("/prefix/url/*"));
- httpResource.addAllowed("Admin");
- PolicyMetaData policyMetaData = httpResource.getPolicyMetaData();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("Admin");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(httpResource);
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles, "allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
this.provisioner.newPolicy(policyMetaData);
//Assert Policy State of the Server
@@ -96,27 +112,26 @@
log.info(policies[0].generateSystemPolicy());
//Access Granted
- this.enforce(this.createRequest("/prefix/url"), true);
- this.enforce(this.createRequest("/prefix/url/"), true);
- this.enforce(this.createRequest("prefix/url"), true);
- this.enforce(this.createRequest("prefix/url/"), true);
- this.enforce(this.createRequest("/prefix/url/index.html"), true);
- this.enforce(this.createRequest("prefix/url/index.html"), true);
+ this.enforce(this.createEnforcementContext("/prefix/url"), true);
+ this.enforce(this.createEnforcementContext("/prefix/url/"), true);
+ this.enforce(this.createEnforcementContext("prefix/url"), true);
+ this.enforce(this.createEnforcementContext("prefix/url/"), true);
+ this.enforce(this.createEnforcementContext("/prefix/url/index.html"), true);
+ this.enforce(this.createEnforcementContext("prefix/url/index.html"), true);
//Access Denied
- this.enforce(this.createRequest("/prefix/urlfoo"), false);
- this.enforce(this.createRequest("/prefix/urlfoo/"), false);
- this.enforce(this.createRequest("prefix/urlfoo"), false);
- this.enforce(this.createRequest("prefix/urlfoo/"), false);
- this.enforce(this.createRequest("/blah"), false);
- this.enforce(this.createRequest("/blah/prefix/url/index.html"), false);
- }
+ this.enforce(this.createEnforcementContext("/prefix/urlfoo"), false);
+ this.enforce(this.createEnforcementContext("/prefix/urlfoo/"), false);
+ this.enforce(this.createEnforcementContext("prefix/urlfoo"), false);
+ this.enforce(this.createEnforcementContext("prefix/urlfoo/"), false);
+ this.enforce(this.createEnforcementContext("/blah"), false);
+ this.enforce(this.createEnforcementContext("/blah/prefix/url/index.html"), false);
+ }
//-----------------------------------------------------------------------------------------------------------------------------------------------------
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
+ private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted) throws Exception
+ {
+ EnforcementResponse response = this.enforcer.checkAccess(enforcementContext);
- Response response = this.enforcer.checkAccess(request);
-
assertNotNull(response);
log.info("-----------------------------------");
log.info("Decision="+response.getMessage());
@@ -131,25 +146,24 @@
}
}
- private Request createRequest(String uri) throws Exception
+ private EnforcementContext createEnforcementContext(String uri) throws Exception
{
- //Create a RequestType
- Request request = new Request();
-
- //Create Subjects
- Roles roles = new Roles();
- roles.addName("Admin");
- request.addSubject(roles.getSubject());
-
- //Create Resource
- HttpResource httpResource = new HttpResource();
- httpResource.setUri(new URI(uri));
- Resource urlResource = httpResource.getResource();
- request.addResource(urlResource);
-
- //Create Action
- request.setAction(new Read().getAction());
-
- return request;
- }*/
+ // Create a RequestType
+ EnforcementContext context = new EnforcementContext();
+
+ // Create Subjects
+ Roles roles = new Roles();
+ roles.addName("Admin");
+ context.setAttribute("roles", roles);
+
+ // Create Resource
+ HttpResource protectedResource = new HttpResource();
+ protectedResource.setUri(new URI(uri));
+ context.setAttribute("http-resource", protectedResource);
+
+ // Create Action
+ context.setAttribute("http-get", new Get());
+
+ return context;
+ }
}
Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
===================================================================
--- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-07-12 17:28:57 UTC (rev 13548)
+++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-07-12 20:31:28 UTC (rev 13549)
@@ -49,27 +49,22 @@
*
*/
public class TestHttpPolicyConfig extends TestCase
-{
- /**
- *
- */
- private static Logger log = Logger.getLogger(TestHttpPolicyConfig.class);
-
- private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
- private PolicyComposer policyComposer;
-
- /**
- *
- */
- protected void setUp() throws Exception
- {
- ServiceContainer.bootstrap();
-
- this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
- this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
- this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
- }
+{
+ private static Logger log = Logger.getLogger(TestHttpPolicyConfig.class);
+
+ private PolicyComposer policyComposer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
+
+
+ public void setUp() throws Exception
+ {
+ ServiceContainer.bootstrap();
+
+ this.policyComposer = (PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
+ this.enforcer = (PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner = (PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
+ }
//------------------------------------------------------------------------------------------------------------------------------------------------------
//TODO: migrate to the new developer framework
public void testExecutiveFiles() throws Exception
@@ -86,7 +81,7 @@
for(int i=0; i<policies.length; i++)
{
String xacmlPolicy = policies[i].generateSystemPolicy();
- //this.provisioner.newPolicy(policies[i].getMetaData());
+ this.provisioner.newPolicy(policies[i].getMetaData());
log.info("------------------------------------------------------");
log.info(xacmlPolicy);
16 years, 9 months
- 1
- 0