Author: sohil.shah(a)jboss.com
Date: 2009-01-31 22:56:00 -0500 (Sat, 31 Jan 2009)
New Revision: 12761
Added:
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java
modules/authorization/trunk/policy-server/src/main/resources/META-INF/pdp-config.xml
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java
Removed:
modules/authorization/trunk/decision-point/
Modified:
modules/authorization/trunk/.classpath
modules/authorization/trunk/policy-server/pom.xml
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml
modules/authorization/trunk/pom.xml
Log:
starting Policy Server implementation
Modified: modules/authorization/trunk/.classpath
===================================================================
--- modules/authorization/trunk/.classpath 2009-01-31 23:58:05 UTC (rev 12760)
+++ modules/authorization/trunk/.classpath 2009-02-01 03:56:00 UTC (rev 12761)
@@ -7,11 +7,7 @@
<classpathentry kind="src"
path="core-components/src/main/java"/>
<classpathentry kind="src"
path="core-components/src/main/resources"/>
<classpathentry kind="src"
path="core-components/src/test/java"/>
- <classpathentry kind="src"
path="core-components/src/test/resources"/>
- <classpathentry kind="src"
path="decision-point/src/main/java"/>
- <classpathentry kind="src"
path="decision-point/src/main/resources"/>
- <classpathentry kind="src"
path="decision-point/src/test/java"/>
- <classpathentry kind="src"
path="decision-point/src/test/resources"/>
+ <classpathentry kind="src"
path="core-components/src/test/resources"/>
<classpathentry kind="src" path="enforcement/src/main/java"/>
<classpathentry kind="src"
path="enforcement/src/main/resources"/>
<classpathentry kind="src" path="enforcement/src/test/java"/>
Modified: modules/authorization/trunk/policy-server/pom.xml
===================================================================
--- modules/authorization/trunk/policy-server/pom.xml 2009-01-31 23:58:05 UTC (rev 12760)
+++ modules/authorization/trunk/policy-server/pom.xml 2009-02-01 03:56:00 UTC (rev 12761)
@@ -18,6 +18,11 @@
<groupId>org.jboss.security.authz</groupId>
<artifactId>jboss-authz-common</artifactId>
<version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>jboss-authz-enforcement</artifactId>
+ <version>${project.version}</version>
</dependency>
<!-- jboss xacml -->
@@ -50,7 +55,8 @@
<artifactId>maven-surefire-plugin</artifactId>
<version>2.3.1</version>
<configuration>
- <includes>
+ <includes>
+ <include>**/TestPolicyServer.java</include>
</includes>
</configuration>
</plugin>
Added:
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java
===================================================================
---
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java
(rev 0)
+++
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java 2009-02-01
03:56:00 UTC (rev 12761)
@@ -0,0 +1,95 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.security.authz.policy.server;
+
+import java.io.File;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.security.authz.policy.server.decision.PolicyDecisionPoint;
+
+import org.jboss.security.authz.enforcement.Request;
+import org.jboss.security.authz.enforcement.Response;
+
+/**
+ * The Central Policy Server
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class PolicyServer
+{
+ private static Logger log = Logger.getLogger(PolicyServer.class);
+
+ private PolicyDecisionPoint policyDecisionPoint;
+
+ public PolicyServer()
+ {
+
+ }
+
+ public void start()
+ {
+ }
+
+ public void stop()
+ {
+ this.policyDecisionPoint = null;
+ }
+
+ public PolicyDecisionPoint getPolicyDecisionPoint()
+ {
+ return policyDecisionPoint;
+ }
+
+ public void setPolicyDecisionPoint(PolicyDecisionPoint policyDecisionPoint)
+ {
+ this.policyDecisionPoint = policyDecisionPoint;
+ }
+ //--------Decision making
services--------------------------------------------------------------------------------------------------------------------------
+ /**
+ * Makes an Authorization Decision
+ *
+ * This method is used when the PolicyDecisionPoint runs in-memory with the Application
from which the native Enforcement components issue Authorization requests
+ *
+ * @param request Authorization Request
+ * @return response which contains the Authorization Decision
+ */
+ public Response evaluate(Request request)
+ {
+ return this.policyDecisionPoint.evaluate(request);
+ }
+
+ /**
+ * Makes an Authorization Decision
+ *
+ * This method is used when the PolicyDecisionPoint is accessed over the network by
sending it the appropriate request in XML format
+ * The XML format used is compliant with the XACML spec
+ *
+ * @param xml
+ * @return response in xml format confirming to the XACML spec
+ */
+ public String evaluate(String xml)
+ {
+ return this.policyDecisionPoint.evaluate(xml);
+ }
+ //------- Provisioning
services-----------------------------------------------------------------------------------------------------------------------------
+}
Copied:
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java
(from rev 12759,
modules/authorization/trunk/decision-point/src/main/java/org/jboss/security/authz/decision/PolicyDecisionPoint.java)
===================================================================
---
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java
(rev 0)
+++
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java 2009-02-01
03:56:00 UTC (rev 12761)
@@ -0,0 +1,108 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.security.authz.policy.server.decision;
+
+import java.io.File;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.security.authz.enforcement.Request;
+import org.jboss.security.authz.enforcement.Response;
+
+import org.jboss.security.xacml.sunxacml.ConfigurationStore;
+import org.jboss.security.xacml.sunxacml.PDP;
+
+/**
+ * This component processes all incoming Authorization requests and responds with a
response
+ *
+ * This component receives requests from native application layer Policy Enforcement
Points.
+ *
+ * This typically runs inside the Policy Server and is reachable over a network
connection
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class PolicyDecisionPoint
+{
+ private static Logger log = Logger.getLogger(PolicyDecisionPoint.class);
+
+ private PDP policyDecisionPoint;
+
+ public PolicyDecisionPoint()
+ {
+
+ }
+
+ public void start()
+ {
+ try
+ {
+ ConfigurationStore store = new ConfigurationStore(new
File(Thread.currentThread().getContextClassLoader().
+ getResource("META-INF/pdp-config.xml").getFile()));
+ store.useDefaultFactories();
+
+ this.policyDecisionPoint = new PDP(store.getDefaultPDPConfig());
+
+ log.info("-------------------------------------------------------");
+ log.info("Policy Decision Point successfully
started.....................");
+ log.info("-------------------------------------------------------");
+ }
+ catch(Exception e)
+ {
+ log.error(this, e);
+ throw new RuntimeException(e);
+ }
+ }
+
+ public void stop()
+ {
+ this.policyDecisionPoint = null;
+ }
+ //-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ /**
+ * Makes an Authorization Decision
+ *
+ * This method is used when the PolicyDecisionPoint runs in-memory with the Application
from which the native Enforcement components issue Authorization requests
+ *
+ * @param request Authorization Request
+ * @return response which contains the Authorization Decision
+ */
+ public Response evaluate(Request request)
+ {
+ Response response = new Response();
+ return response;
+ }
+
+ /**
+ * Makes an Authorization Decision
+ *
+ * This method is used when the PolicyDecisionPoint is accessed over the network by
sending it the appropriate request in XML format
+ * The XML format used is compliant with the XACML spec
+ *
+ * @param xml
+ * @return response in xml format confirming to the XACML spec
+ */
+ public String evaluate(String xml)
+ {
+ String responseXml = null;
+ return responseXml;
+ }
+}
Property changes on:
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java
___________________________________________________________________
Name: svn:mergeinfo
+
Modified:
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java
===================================================================
---
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java 2009-01-31
23:58:05 UTC (rev 12760)
+++
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java 2009-02-01
03:56:00 UTC (rev 12761)
@@ -22,6 +22,7 @@
******************************************************************************/
package org.jboss.security.authz.policy.server.plugin;
+import org.jboss.security.xacml.sunxacml.finder.PolicyFinder;
import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule;
/**
@@ -37,7 +38,15 @@
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*
*/
-public abstract class EnterprisePolicyFinder extends PolicyFinderModule
+public class EnterprisePolicyFinder extends PolicyFinderModule
{
+ public EnterprisePolicyFinder()
+ {
+
+ }
+ @Override
+ public void init(PolicyFinder finder)
+ {
+ }
}
\ No newline at end of file
Modified:
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
===================================================================
---
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-01-31
23:58:05 UTC (rev 12760)
+++
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-02-01
03:56:00 UTC (rev 12761)
@@ -2,5 +2,13 @@
<deployment
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:jboss:bean-deployer:2.0
bean-deployer_2_0.xsd"
- xmlns="urn:jboss:bean-deployer:2.0">
+ xmlns="urn:jboss:bean-deployer:2.0">
+ <bean name="/policy-server/PolicyServer"
class="org.jboss.security.authz.policy.server.PolicyServer">
+ <property name="policyDecisionPoint">
+ <inject bean="/policy-server/PolicyDecisionPoint"/>
+ </property>
+ </bean>
+
+ <bean name="/policy-server/PolicyDecisionPoint"
class="org.jboss.security.authz.policy.server.decision.PolicyDecisionPoint">
+ </bean>
</deployment>
\ No newline at end of file
Added:
modules/authorization/trunk/policy-server/src/main/resources/META-INF/pdp-config.xml
===================================================================
--- modules/authorization/trunk/policy-server/src/main/resources/META-INF/pdp-config.xml
(rev 0)
+++
modules/authorization/trunk/policy-server/src/main/resources/META-INF/pdp-config.xml 2009-02-01
03:56:00 UTC (rev 12761)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<config
xmlns="http://sunxacml.sourceforge.net/schema/config-0.3"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ defaultPDP="pdp" defaultAttributeFactory="attr"
+ defaultCombiningAlgFactory="comb"
defaultFunctionFactory="func">
+ <pdp name="pdp">
+ <attributeFinderModule
class="org.jboss.security.xacml.sunxacml.finder.impl.CurrentEnvModule"/>
+ <attributeFinderModule
class="org.jboss.security.xacml.sunxacml.finder.impl.SelectorModule"/>
+ <policyFinderModule
class="org.jboss.security.authz.policy.server.plugin.EnterprisePolicyFinder">
+ </policyFinderModule>
+ </pdp>
+
+ <attributeFactory name="attr" useStandardDatatypes="true"/>
+
+ <combiningAlgFactory name="comb"
useStandardAlgorithms="true">
+ <algorithm
class="org.jboss.security.authz.policy.server.plugin.NoPermitMeansDeniedAlg"/>
+ </combiningAlgFactory>
+
+ <functionFactory name="func" useStandardFunctions="true">
+ <condition>
+ <function
class="org.jboss.security.authz.policy.server.plugin.DroolsFunction"/>
+ </condition>
+ </functionFactory>
+</config>
Added:
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java
===================================================================
---
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java
(rev 0)
+++
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java 2009-02-01
03:56:00 UTC (rev 12761)
@@ -0,0 +1,45 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.security.authz.policy.server;
+
+import junit.framework.TestCase;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class TestPolicyServer extends TestCase
+{
+ public void setUp() throws Exception
+ {
+ Server.bootstrap();
+ }
+
+ public void tearDown() throws Exception
+ {
+
+ }
+
+ public void test() throws Exception
+ {
+
+ }
+}
Modified: modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml
===================================================================
--- modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml 2009-01-31
23:58:05 UTC (rev 12760)
+++ modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml 2009-02-01
03:56:00 UTC (rev 12761)
@@ -2,8 +2,7 @@
<config
xmlns="http://sunxacml.sourceforge.net/schema/config-0.3"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
defaultPDP="pdp" defaultAttributeFactory="attr"
- defaultCombiningAlgFactory="comb"
defaultFunctionFactory="func">
-
+ defaultCombiningAlgFactory="comb"
defaultFunctionFactory="func">
<pdp name="pdp">
<attributeFinderModule
class="org.jboss.security.xacml.sunxacml.finder.impl.CurrentEnvModule"/>
<attributeFinderModule
class="org.jboss.security.xacml.sunxacml.finder.impl.SelectorModule"/>
Modified: modules/authorization/trunk/pom.xml
===================================================================
--- modules/authorization/trunk/pom.xml 2009-01-31 23:58:05 UTC (rev 12760)
+++ modules/authorization/trunk/pom.xml 2009-02-01 03:56:00 UTC (rev 12761)
@@ -11,8 +11,7 @@
<modules>
<module>common</module>
- <module>core-components</module>
- <module>decision-point</module>
+ <module>core-components</module>
<module>enforcement</module>
<module>provisioning</module>
<module>policy-server</module>