Author: sohil.shah(a)jboss.com
Date: 2009-01-30 02:10:30 -0500 (Fri, 30 Jan 2009)
New Revision: 12722
Added:
modules/authorization/trunk/PEP/src/main/java/org/
modules/authorization/trunk/PEP/src/main/java/org/jboss/
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/EnforcementException.java
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/PolicyEnforcementPoint.java
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/Request.java
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/Response.java
Modified:
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Resource.java
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Subject.java
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/subject/Identity.java
modules/authorization/trunk/http-authz/pom.xml
Log:
starting Policy Enforcement Point (PEP) component
Added:
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/EnforcementException.java
===================================================================
---
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/EnforcementException.java
(rev 0)
+++
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/EnforcementException.java 2009-01-30
07:10:30 UTC (rev 12722)
@@ -0,0 +1,50 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.security.authz.enforcement;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class EnforcementException extends Exception
+{
+ public EnforcementException()
+ {
+ super();
+ }
+
+ public EnforcementException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+
+ public EnforcementException(String message)
+ {
+ super(message);
+ }
+
+ public EnforcementException(Throwable cause)
+ {
+ super(cause);
+ }
+}
Added:
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/PolicyEnforcementPoint.java
===================================================================
---
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/PolicyEnforcementPoint.java
(rev 0)
+++
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/PolicyEnforcementPoint.java 2009-01-30
07:10:30 UTC (rev 12722)
@@ -0,0 +1,48 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.security.authz.enforcement;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class PolicyEnforcementPoint
+{
+ public PolicyEnforcementPoint()
+ {
+
+ }
+
+ public void start()
+ {
+
+ }
+
+ public void stop()
+ {
+
+ }
+ //------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ public Response checkAccess(Request request) throws EnforcementException
+ {
+ return null;
+ }
+}
Added:
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/Request.java
===================================================================
---
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/Request.java
(rev 0)
+++
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/Request.java 2009-01-30
07:10:30 UTC (rev 12722)
@@ -0,0 +1,37 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.security.authz.enforcement;
+
+import java.io.Serializable;
+import java.util.Set;
+import java.util.HashSet;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class Request implements Serializable
+{
+ public Request()
+ {
+
+ }
+}
Added:
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/Response.java
===================================================================
---
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/Response.java
(rev 0)
+++
modules/authorization/trunk/PEP/src/main/java/org/jboss/security/authz/enforcement/Response.java 2009-01-30
07:10:30 UTC (rev 12722)
@@ -0,0 +1,37 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.jboss.security.authz.enforcement;
+
+import java.io.Serializable;
+import java.util.Set;
+import java.util.HashSet;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class Response implements Serializable
+{
+ public Response()
+ {
+
+ }
+}
Modified:
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Resource.java
===================================================================
---
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Resource.java 2009-01-30
02:03:58 UTC (rev 12721)
+++
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Resource.java 2009-01-30
07:10:30 UTC (rev 12722)
@@ -23,6 +23,7 @@
package org.jboss.security.authz.model;
import java.util.Set;
+import java.util.HashSet;
/**
@@ -44,7 +45,7 @@
*/
public Resource()
{
-
+ this.attributes = new HashSet<Attribute>();
}
/**
@@ -63,5 +64,11 @@
public void setAttributes(Set<Attribute> attributes)
{
this.attributes = attributes;
- }
+ }
+
+ public void addAttribute(Attribute attribute)
+ {
+ this.attributes.add(attribute);
+ }
}
+
Modified:
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Subject.java
===================================================================
---
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Subject.java 2009-01-30
02:03:58 UTC (rev 12721)
+++
modules/authorization/trunk/common/src/main/java/org/jboss/security/authz/model/Subject.java 2009-01-30
07:10:30 UTC (rev 12722)
@@ -49,7 +49,7 @@
*/
public Subject()
{
-
+ this.attributes = new HashSet<Attribute>();
}
/**
@@ -93,12 +93,7 @@
* @param attribute
*/
public void addAttribute(Attribute attribute)
- {
- if(this.attributes == null)
- {
- this.attributes = new HashSet<Attribute>();
- }
-
+ {
this.attributes.add(attribute);
}
}
Modified:
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java
===================================================================
---
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java 2009-01-30
02:03:58 UTC (rev 12721)
+++
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java 2009-01-30
07:10:30 UTC (rev 12722)
@@ -33,6 +33,7 @@
import org.jboss.security.authz.model.Rule;
import org.jboss.security.authz.model.Target;
import org.jboss.security.authz.model.Attribute;
+import org.jboss.security.authz.model.Resource;
import org.jboss.security.authz.tools.GeneralTool;
import org.jboss.security.xacml.interfaces.XACMLConstants;
@@ -165,7 +166,12 @@
}
this.allowedIps.add(allowedIp);
}
-
//----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ //-------Services for Policy
Creation---------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ /**
+ * Creates a Policy Target suggesting that the Policy should apply to this
HttpResource
+ *
+ * @param matchAllParameters 'true' = include matching of all the parameters,
'false' = only url matching, parameters are excluded
+ */
public Target getURLTarget(boolean matchAllParameters)
{
if(this.url == null || this.url.trim().length()==0)
@@ -279,4 +285,37 @@
return rule;
}
+ //---------Services for RequestContext
Generation------------------------------------------------------------------------------------------------------------------------------
+ /**
+ * Represents the Resource that is currently being accessed
+ *
+ * @return the Resource
+ */
+ public Resource getURLResource()
+ {
+ Resource urlResource = new Resource();
+
+ Attribute attribute = new Attribute();
+ attribute.setUri(XACMLConstants.ATTRIBUTEID_RESOURCE_ID);
+ attribute.setDatatType(XMLSchemaConstants.DATATYPE_STRING);
+ attribute.setValue(this.url);
+ urlResource.addAttribute(attribute);
+
+ if(this.parameters != null && !this.parameters.isEmpty())
+ {
+ Set<String> names = this.parameters.keySet();
+ for(String name: names)
+ {
+ String value = this.parameters.get(name);
+
+ Attribute customAttribute = new Attribute();
+ customAttribute.setUri(name);
+ customAttribute.setDatatType(XMLSchemaConstants.DATATYPE_STRING);
+ customAttribute.setValue(value);
+ urlResource.addAttribute(customAttribute);
+ }
+ }
+
+ return urlResource;
+ }
}
Modified:
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/subject/Identity.java
===================================================================
---
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/subject/Identity.java 2009-01-30
02:03:58 UTC (rev 12721)
+++
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/subject/Identity.java 2009-01-30
07:10:30 UTC (rev 12722)
@@ -28,6 +28,7 @@
import org.jboss.security.authz.model.ExpressionBuilder;
import org.jboss.security.authz.model.Rule;
import org.jboss.security.authz.model.Target;
+import org.jboss.security.authz.model.Subject;
import org.jboss.security.authz.tools.GeneralTool;
import org.jboss.security.xacml.interfaces.XACMLConstants;
@@ -79,7 +80,7 @@
{
this.authenticationMethod = authenticationMethod;
}
-
//------------------------------------------------------------------------------------------------------------------------------------------------------------
+ //--------Services for Policy
Generation----------------------------------------------------------------------------------------------------------------------------------------------------
/**
* Creates a Rule to Allow Access to this Identity
*
@@ -199,4 +200,11 @@
return rule;
}
+ //------------Services for RequestContext
Generation--------------------------------------------------------------------------------------------------------------------
+ public Subject getIdentitySubject()
+ {
+ Subject subject = new Subject();
+
+ return subject;
+ }
}
Modified: modules/authorization/trunk/http-authz/pom.xml
===================================================================
--- modules/authorization/trunk/http-authz/pom.xml 2009-01-30 02:03:58 UTC (rev 12721)
+++ modules/authorization/trunk/http-authz/pom.xml 2009-01-30 07:10:30 UTC (rev 12722)
@@ -56,11 +56,7 @@
<artifactId>maven-surefire-plugin</artifactId>
<version>2.3.1</version>
<configuration>
- <includes>
- <!--
- <include>**/TestHttpResource.java</include>
- -->
- <include>**/TestHttpPolicyConfig.java</include>
+ <includes>
</includes>
</configuration>
</plugin>