Author: sohil.shah(a)jboss.com Date: 2009-01-31 22:56:00 -0500 (Sat, 31 Jan 2009) New Revision: 12761 Added: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java modules/authorization/trunk/policy-server/src/main/resources/META-INF/pdp-config.xml modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java Removed: modules/authorization/trunk/decision-point/ Modified: modules/authorization/trunk/.classpath modules/authorization/trunk/policy-server/pom.xml modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml modules/authorization/trunk/pom.xml Log: starting Policy Server implementation Modified: modules/authorization/trunk/.classpath =================================================================== --- modules/authorization/trunk/.classpath 2009-01-31 23:58:05 UTC (rev 12760) +++ modules/authorization/trunk/.classpath 2009-02-01 03:56:00 UTC (rev 12761) @@ -7,11 +7,7 @@ <classpathentry kind="src" path="core-components/src/main/java"/> <classpathentry kind="src" path="core-components/src/main/resources"/> <classpathentry kind="src" path="core-components/src/test/java"/> - <classpathentry kind="src" path="core-components/src/test/resources"/> - <classpathentry kind="src" path="decision-point/src/main/java"/> - <classpathentry kind="src" path="decision-point/src/main/resources"/> - <classpathentry kind="src" path="decision-point/src/test/java"/> - <classpathentry kind="src" path="decision-point/src/test/resources"/> + <classpathentry kind="src" path="core-components/src/test/resources"/> <classpathentry kind="src" path="enforcement/src/main/java"/> <classpathentry kind="src" path="enforcement/src/main/resources"/> <classpathentry kind="src" path="enforcement/src/test/java"/> Modified: modules/authorization/trunk/policy-server/pom.xml =================================================================== --- modules/authorization/trunk/policy-server/pom.xml 2009-01-31 23:58:05 UTC (rev 12760) +++ modules/authorization/trunk/policy-server/pom.xml 2009-02-01 03:56:00 UTC (rev 12761) @@ -18,6 +18,11 @@ <groupId>org.jboss.security.authz</groupId> <artifactId>jboss-authz-common</artifactId> <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.security.authz</groupId> + <artifactId>jboss-authz-enforcement</artifactId> + <version>${project.version}</version> </dependency> <!-- jboss xacml --> @@ -50,7 +55,8 @@ <artifactId>maven-surefire-plugin</artifactId> <version>2.3.1</version> <configuration> - <includes> + <includes> + <include>**/TestPolicyServer.java</include> </includes> </configuration> </plugin> Added: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java (rev 0) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java 2009-02-01 03:56:00 UTC (rev 12761) @@ -0,0 +1,95 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.security.authz.policy.server; + +import java.io.File; + +import org.apache.log4j.Logger; + +import org.jboss.security.authz.policy.server.decision.PolicyDecisionPoint; + +import org.jboss.security.authz.enforcement.Request; +import org.jboss.security.authz.enforcement.Response; + +/** + * The Central Policy Server + * + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + */ +public class PolicyServer +{ + private static Logger log = Logger.getLogger(PolicyServer.class); + + private PolicyDecisionPoint policyDecisionPoint; + + public PolicyServer() + { + + } + + public void start() + { + } + + public void stop() + { + this.policyDecisionPoint = null; + } + + public PolicyDecisionPoint getPolicyDecisionPoint() + { + return policyDecisionPoint; + } + + public void setPolicyDecisionPoint(PolicyDecisionPoint policyDecisionPoint) + { + this.policyDecisionPoint = policyDecisionPoint; + } + //--------Decision making services-------------------------------------------------------------------------------------------------------------------------- + /** + * Makes an Authorization Decision + * + * This method is used when the PolicyDecisionPoint runs in-memory with the Application from which the native Enforcement components issue Authorization requests + * + * @param request Authorization Request + * @return response which contains the Authorization Decision + */ + public Response evaluate(Request request) + { + return this.policyDecisionPoint.evaluate(request); + } + + /** + * Makes an Authorization Decision + * + * This method is used when the PolicyDecisionPoint is accessed over the network by sending it the appropriate request in XML format + * The XML format used is compliant with the XACML spec + * + * @param xml + * @return response in xml format confirming to the XACML spec + */ + public String evaluate(String xml) + { + return this.policyDecisionPoint.evaluate(xml); + } + //------- Provisioning services----------------------------------------------------------------------------------------------------------------------------- +} Copied: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java (from rev 12759, modules/authorization/trunk/decision-point/src/main/java/org/jboss/security/authz/decision/PolicyDecisionPoint.java) =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java (rev 0) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java 2009-02-01 03:56:00 UTC (rev 12761) @@ -0,0 +1,108 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.security.authz.policy.server.decision; + +import java.io.File; + +import org.apache.log4j.Logger; + +import org.jboss.security.authz.enforcement.Request; +import org.jboss.security.authz.enforcement.Response; + +import org.jboss.security.xacml.sunxacml.ConfigurationStore; +import org.jboss.security.xacml.sunxacml.PDP; + +/** + * This component processes all incoming Authorization requests and responds with a response + * + * This component receives requests from native application layer Policy Enforcement Points. + * + * This typically runs inside the Policy Server and is reachable over a network connection + * + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + */ +public class PolicyDecisionPoint +{ + private static Logger log = Logger.getLogger(PolicyDecisionPoint.class); + + private PDP policyDecisionPoint; + + public PolicyDecisionPoint() + { + + } + + public void start() + { + try + { + ConfigurationStore store = new ConfigurationStore(new File(Thread.currentThread().getContextClassLoader(). + getResource("META-INF/pdp-config.xml").getFile())); + store.useDefaultFactories(); + + this.policyDecisionPoint = new PDP(store.getDefaultPDPConfig()); + + log.info("-------------------------------------------------------"); + log.info("Policy Decision Point successfully started....................."); + log.info("-------------------------------------------------------"); + } + catch(Exception e) + { + log.error(this, e); + throw new RuntimeException(e); + } + } + + public void stop() + { + this.policyDecisionPoint = null; + } + //------------------------------------------------------------------------------------------------------------------------------------------------------------------------- + /** + * Makes an Authorization Decision + * + * This method is used when the PolicyDecisionPoint runs in-memory with the Application from which the native Enforcement components issue Authorization requests + * + * @param request Authorization Request + * @return response which contains the Authorization Decision + */ + public Response evaluate(Request request) + { + Response response = new Response(); + return response; + } + + /** + * Makes an Authorization Decision + * + * This method is used when the PolicyDecisionPoint is accessed over the network by sending it the appropriate request in XML format + * The XML format used is compliant with the XACML spec + * + * @param xml + * @return response in xml format confirming to the XACML spec + */ + public String evaluate(String xml) + { + String responseXml = null; + return responseXml; + } +} Property changes on: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java ___________________________________________________________________ Name: svn:mergeinfo + Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java 2009-01-31 23:58:05 UTC (rev 12760) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java 2009-02-01 03:56:00 UTC (rev 12761) @@ -22,6 +22,7 @@ ******************************************************************************/ package org.jboss.security.authz.policy.server.plugin; +import org.jboss.security.xacml.sunxacml.finder.PolicyFinder; import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule; /** @@ -37,7 +38,15 @@ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> * */ -public abstract class EnterprisePolicyFinder extends PolicyFinderModule +public class EnterprisePolicyFinder extends PolicyFinderModule { + public EnterprisePolicyFinder() + { + + } + @Override + public void init(PolicyFinder finder) + { + } } \ No newline at end of file Modified: modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml =================================================================== --- modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-01-31 23:58:05 UTC (rev 12760) +++ modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-02-01 03:56:00 UTC (rev 12761) @@ -2,5 +2,13 @@ <deployment xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:jboss:bean-deployer:2.0 bean-deployer_2_0.xsd" - xmlns="urn:jboss:bean-deployer:2.0"> + xmlns="urn:jboss:bean-deployer:2.0"> + <bean name="/policy-server/PolicyServer" class="org.jboss.security.authz.policy.server.PolicyServer"> + <property name="policyDecisionPoint"> + <inject bean="/policy-server/PolicyDecisionPoint"/> + </property> + </bean> + + <bean name="/policy-server/PolicyDecisionPoint" class="org.jboss.security.authz.policy.server.decision.PolicyDecisionPoint"> + </bean> </deployment> \ No newline at end of file Added: modules/authorization/trunk/policy-server/src/main/resources/META-INF/pdp-config.xml =================================================================== --- modules/authorization/trunk/policy-server/src/main/resources/META-INF/pdp-config.xml (rev 0) +++ modules/authorization/trunk/policy-server/src/main/resources/META-INF/pdp-config.xml 2009-02-01 03:56:00 UTC (rev 12761) @@ -0,0 +1,24 @@ +<?xml version="1.0" encoding="UTF-8"?> +<config xmlns="http://sunxacml.sourceforge.net/schema/config-0.3" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + defaultPDP="pdp" defaultAttributeFactory="attr" + defaultCombiningAlgFactory="comb" defaultFunctionFactory="func"> + <pdp name="pdp"> + <attributeFinderModule class="org.jboss.security.xacml.sunxacml.finder.impl.CurrentEnvModule"/> + <attributeFinderModule class="org.jboss.security.xacml.sunxacml.finder.impl.SelectorModule"/> + <policyFinderModule class="org.jboss.security.authz.policy.server.plugin.EnterprisePolicyFinder"> + </policyFinderModule> + </pdp> + + <attributeFactory name="attr" useStandardDatatypes="true"/> + + <combiningAlgFactory name="comb" useStandardAlgorithms="true"> + <algorithm class="org.jboss.security.authz.policy.server.plugin.NoPermitMeansDeniedAlg"/> + </combiningAlgFactory> + + <functionFactory name="func" useStandardFunctions="true"> + <condition> + <function class="org.jboss.security.authz.policy.server.plugin.DroolsFunction"/> + </condition> + </functionFactory> +</config> Added: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java =================================================================== --- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java (rev 0) +++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java 2009-02-01 03:56:00 UTC (rev 12761) @@ -0,0 +1,45 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.security.authz.policy.server; + +import junit.framework.TestCase; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + */ +public class TestPolicyServer extends TestCase +{ + public void setUp() throws Exception + { + Server.bootstrap(); + } + + public void tearDown() throws Exception + { + + } + + public void test() throws Exception + { + + } +} Modified: modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml =================================================================== --- modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml 2009-01-31 23:58:05 UTC (rev 12760) +++ modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml 2009-02-01 03:56:00 UTC (rev 12761) @@ -2,8 +2,7 @@ <config xmlns="http://sunxacml.sourceforge.net/schema/config-0.3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" defaultPDP="pdp" defaultAttributeFactory="attr" - defaultCombiningAlgFactory="comb" defaultFunctionFactory="func"> - + defaultCombiningAlgFactory="comb" defaultFunctionFactory="func"> <pdp name="pdp"> <attributeFinderModule class="org.jboss.security.xacml.sunxacml.finder.impl.CurrentEnvModule"/> <attributeFinderModule class="org.jboss.security.xacml.sunxacml.finder.impl.SelectorModule"/> Modified: modules/authorization/trunk/pom.xml =================================================================== --- modules/authorization/trunk/pom.xml 2009-01-31 23:58:05 UTC (rev 12760) +++ modules/authorization/trunk/pom.xml 2009-02-01 03:56:00 UTC (rev 12761) @@ -11,8 +11,7 @@ <modules> <module>common</module> - <module>core-components</module> - <module>decision-point</module> + <module>core-components</module> <module>enforcement</module> <module>provisioning</module> <module>policy-server</module>