JBoss Portal SVN: r13549 - in modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http: provisioning and 1 other directory.
3:31 p.m.
Author: sohil.shah(a)jboss.com
Date: 2009-07-12 16:31:28 -0400 (Sun, 12 Jul 2009)
New Revision: 13549
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
Log:
backing up some code
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java
===================================================================
---
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java 2009-07-12
17:28:57 UTC (rev 13548)
+++
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestHttpResource.java 2009-07-12
20:31:28 UTC (rev 13549)
@@ -54,7 +54,6 @@
this.policyComposer =
(PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
}
//------------------------------------------------------------------------------------------------------------------------------------------------------------------
- //TODO: migrate to the new developer framework
public void testGetURLTargetNoParameters() throws Exception
{
HttpResource httpResource = new HttpResource();
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
===================================================================
---
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-12
17:28:57 UTC (rev 13548)
+++
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-07-12
20:31:28 UTC (rev 13549)
@@ -64,7 +64,6 @@
this.provisioner =
(PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
- //TODO: migrate to the new developer framework
public void testMatchContextSuperset() throws Exception
{
//SetUp HttpResource component to generate/store a policy
@@ -121,21 +120,29 @@
this.enforce(this.createEnforcementContext(deny), false);
}
- /*public void testMatchContextSubset() throws Exception
+ public void testMatchContextSubset() throws Exception
{
//SetUp HttpResource component to generate/store a policy
HttpResource policyResource = new HttpResource();
- policyResource.setUri(new URI("/prefix/url/*"));
- policyResource.addAllowed("Admin");
+ policyResource.setUri(new URI("/prefix/url/*"));
for(int i=0; i<5; i++)
{
String name = "p"+i;
String value = name + "Val";
policyResource.addParameter(name, value);
}
+
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("Admin");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(policyResource);
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles,
"allowExpression");
//Store the policy into the Policy Server
- this.provisioner.newPolicy(policyResource.getPolicyMetaData());
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
//Assert Policy State of the Server
Policy[] policies = this.provisioner.readAllPolicies();
@@ -157,8 +164,8 @@
//Access Denied Enforcement......In fact in the case where the Context carries a Subset
of the parameters expected by the policy
//It will always result in a Deny since it will never fulfill the match expected by the
policy
- this.enforce(this.createRequest(deny), false);
- }*/
+ this.enforce(this.createEnforcementContext(deny), false);
+ }
//-----------------------------------------------------------------------------------------------------------------------------------------------------
private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted)
throws Exception
{
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java
===================================================================
---
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-07-12
17:28:57 UTC (rev 13548)
+++
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-07-12
20:31:28 UTC (rev 13549)
@@ -24,19 +24,25 @@
import java.net.URI;
import org.apache.log4j.Logger;
-import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.components.action.Read;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.authz.http.component.resource.HttpResource;
import org.jboss.security.authz.components.subject.Roles;
-import org.jboss.security.authz.http.component.resource.HttpResource;
+import org.jboss.security.authz.http.component.action.Get;
+import org.jboss.security.authz.model.Effect;
import org.jboss.security.authz.model.Policy;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
+import org.jboss.security.authz.model.PolicyMetaData;
+
import org.jboss.security.authz.bootstrap.ServiceContainer;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.services.PolicyComposer;
+import org.jboss.security.authz.agent.services.CompositionContext;
-import junit.framework.TestCase;
-
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*/
@@ -44,27 +50,39 @@
{
private static Logger log = Logger.getLogger(TestRoles.class);
+ private PolicyComposer policyComposer;
private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
+ private PolicyProvisioner provisioner;
+
public void setUp() throws Exception
{
- ServiceContainer.bootstrap();
- this.enforcer =
(PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
- this.provisioner =
(PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+
+ this.policyComposer =
(PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
+ this.enforcer =
(PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
- //TODO: migrate to the new developer framework
- /*public void test() throws Exception
+ public void test() throws Exception
{
HttpResource policyResource = new HttpResource();
- policyResource.setUri(new URI("/private/devspace/*"));
- policyResource.addAllowed("admin");
- policyResource.addAllowed("pm");
- policyResource.addAllowed("lead");
+ policyResource.setUri(new URI("/private/devspace/*"));
+
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("admin");
+ allowedRoles.addName("pm");
+ allowedRoles.addName("lead");
- this.provisioner.newPolicy(policyResource.getPolicyMetaData());
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(policyResource);
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles,
"allowExpression");
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
//Assert Policy State of the Server
Policy[] policies = this.provisioner.readAllPolicies();
@@ -76,23 +94,32 @@
incoming.setUri(new URI("/private/devspace/wiki.html"));
//Access Grant
- this.enforce(this.createRequest(incoming, new String[]{"hacker",
"coder", "bigshot", "lead"}), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"hacker",
"coder", "bigshot", "lead"}), true);
//Access Deny
- this.enforce(this.createRequest(incoming, new String[]{"hacker",
"coder", "bigshot"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"hacker",
"coder", "bigshot"}), false);
}
public void testCaseAgnosticity() throws Exception
{
HttpResource policyResource = new HttpResource();
policyResource.setUri(new URI("/private/devspace/*"));
- policyResource.addAllowed("AdMin");
- policyResource.addAllowed("Pm");
- policyResource.addAllowed("LeaD");
- this.provisioner.newPolicy(policyResource.getPolicyMetaData());
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("AdMin");
+ allowedRoles.addName("Pm");
+ allowedRoles.addName("LeaD");
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(policyResource);
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles,
"allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
+ this.provisioner.newPolicy(policyMetaData);
+
//Assert Policy State of the Server
Policy[] policies = this.provisioner.readAllPolicies();
@@ -104,18 +131,17 @@
incoming.setUri(new URI("/private/devspace/wiki.html"));
//Access Grant
- this.enforce(this.createRequest(incoming, new String[]{"hAcKer",
"cOder", "BiGSHot", "lEAd"}), true);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"hAcKer",
"cOder", "BiGSHot", "lEAd"}), true);
//Access Deny
- this.enforce(this.createRequest(incoming, new String[]{"hAcKer",
"cOder", "BiGSHot"}), false);
+ this.enforce(this.createEnforcementContext(incoming, new String[]{"hAcKer",
"cOder", "BiGSHot"}), false);
}
//-----------------------------------------------------------------------------------------------------------------------------------------------------
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
+ private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted)
throws Exception
+ {
+ EnforcementResponse response = this.enforcer.checkAccess(enforcementContext);
- Response response = this.enforcer.checkAccess(request);
-
assertNotNull(response);
log.info("-----------------------------------");
log.info("Decision="+response.getMessage());
@@ -130,25 +156,25 @@
}
}
- private Request createRequest(HttpResource contextResource, String[] userRoles) throws
Exception
+ private EnforcementContext createEnforcementContext(HttpResource protectedResource,
String[] userRoles) throws Exception
{
- //Create a RequestType
- Request request = new Request();
-
- //Create Subjects
- Roles roles = new Roles();
- for(int i=0; i<userRoles.length; i++)
- {
- roles.addName(userRoles[i]);
- }
- request.addSubject(roles.getSubject());
-
- //Create Resource
- request.addResource(contextResource.getResource());
-
- //Create Action
- request.setAction(new Read().getAction());
-
- return request;
- }*/
+ // Create an EnforcementContext
+ EnforcementContext context = new EnforcementContext();
+
+ //Resource being accessed
+ context.setAttribute("http-resource", protectedResource);
+
+ // Create Subjects
+ Roles roles = new Roles();
+ for (int i = 0; i < userRoles.length; i++)
+ {
+ roles.addName(userRoles[i]);
+ }
+ context.setAttribute("roles", roles);
+
+ //Action being performed
+ context.setAttribute("http-get", new Get());
+
+ return context;
+ }
}
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java
===================================================================
---
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-07-12
17:28:57 UTC (rev 13548)
+++
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-07-12
20:31:28 UTC (rev 13549)
@@ -25,20 +25,25 @@
import java.util.regex.Pattern;
import org.apache.log4j.Logger;
-import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
-import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
-import org.jboss.security.authz.components.action.Read;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.authz.http.component.resource.HttpResource;
import org.jboss.security.authz.components.subject.Roles;
-import org.jboss.security.authz.http.component.resource.HttpResource;
+import org.jboss.security.authz.http.component.action.Get;
+import org.jboss.security.authz.model.Effect;
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
-import org.jboss.security.authz.model.Resource;
-import org.jboss.security.authz.policy.client.enforcement.Request;
-import org.jboss.security.authz.policy.client.enforcement.Response;
+
import org.jboss.security.authz.bootstrap.ServiceContainer;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.services.PolicyComposer;
+import org.jboss.security.authz.agent.services.CompositionContext;
-import junit.framework.TestCase;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -47,18 +52,21 @@
{
private static Logger log = Logger.getLogger(TestURLPattern.class);
+ private PolicyComposer policyComposer;
private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
+ private PolicyProvisioner provisioner;
+
public void setUp() throws Exception
{
- ServiceContainer.bootstrap();
- this.enforcer =
(PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
- this.provisioner =
(PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
+ ServiceContainer.bootstrap();
+
+ this.policyComposer =
(PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
+ this.enforcer =
(PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
}
-
- //TODO: migrate to the new developer framework
- /*public void testRegex() throws Exception
+
+ public void testRegex() throws Exception
{
//
// Rule = "/prefix/url/*" matches any URL starting with /prefix/url,
@@ -83,9 +91,17 @@
HttpResource httpResource = new HttpResource();
httpResource.setUri(new URI("/prefix/url/*"));
- httpResource.addAllowed("Admin");
- PolicyMetaData policyMetaData = httpResource.getPolicyMetaData();
+ Roles allowedRoles = new Roles();
+ allowedRoles.addName("Admin");
+
+ //Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+ context.setPolicyTarget(httpResource);
+ context.addPolicyRule(Effect.PERMIT, new Get(), allowedRoles,
"allowExpression");
+
+ //Store the policy into the Policy Server
+ PolicyMetaData policyMetaData = this.policyComposer.compose(context);
this.provisioner.newPolicy(policyMetaData);
//Assert Policy State of the Server
@@ -96,27 +112,26 @@
log.info(policies[0].generateSystemPolicy());
//Access Granted
- this.enforce(this.createRequest("/prefix/url"), true);
- this.enforce(this.createRequest("/prefix/url/"), true);
- this.enforce(this.createRequest("prefix/url"), true);
- this.enforce(this.createRequest("prefix/url/"), true);
- this.enforce(this.createRequest("/prefix/url/index.html"), true);
- this.enforce(this.createRequest("prefix/url/index.html"), true);
+ this.enforce(this.createEnforcementContext("/prefix/url"), true);
+ this.enforce(this.createEnforcementContext("/prefix/url/"), true);
+ this.enforce(this.createEnforcementContext("prefix/url"), true);
+ this.enforce(this.createEnforcementContext("prefix/url/"), true);
+ this.enforce(this.createEnforcementContext("/prefix/url/index.html"), true);
+ this.enforce(this.createEnforcementContext("prefix/url/index.html"), true);
//Access Denied
- this.enforce(this.createRequest("/prefix/urlfoo"), false);
- this.enforce(this.createRequest("/prefix/urlfoo/"), false);
- this.enforce(this.createRequest("prefix/urlfoo"), false);
- this.enforce(this.createRequest("prefix/urlfoo/"), false);
- this.enforce(this.createRequest("/blah"), false);
- this.enforce(this.createRequest("/blah/prefix/url/index.html"), false);
- }
+ this.enforce(this.createEnforcementContext("/prefix/urlfoo"), false);
+ this.enforce(this.createEnforcementContext("/prefix/urlfoo/"), false);
+ this.enforce(this.createEnforcementContext("prefix/urlfoo"), false);
+ this.enforce(this.createEnforcementContext("prefix/urlfoo/"), false);
+ this.enforce(this.createEnforcementContext("/blah"), false);
+ this.enforce(this.createEnforcementContext("/blah/prefix/url/index.html"),
false);
+ }
//-----------------------------------------------------------------------------------------------------------------------------------------------------
- private void enforce(Request request, boolean mustBePermitted) throws Exception
- {
+ private void enforce(EnforcementContext enforcementContext, boolean mustBePermitted)
throws Exception
+ {
+ EnforcementResponse response = this.enforcer.checkAccess(enforcementContext);
- Response response = this.enforcer.checkAccess(request);
-
assertNotNull(response);
log.info("-----------------------------------");
log.info("Decision="+response.getMessage());
@@ -131,25 +146,24 @@
}
}
- private Request createRequest(String uri) throws Exception
+ private EnforcementContext createEnforcementContext(String uri) throws Exception
{
- //Create a RequestType
- Request request = new Request();
-
- //Create Subjects
- Roles roles = new Roles();
- roles.addName("Admin");
- request.addSubject(roles.getSubject());
-
- //Create Resource
- HttpResource httpResource = new HttpResource();
- httpResource.setUri(new URI(uri));
- Resource urlResource = httpResource.getResource();
- request.addResource(urlResource);
-
- //Create Action
- request.setAction(new Read().getAction());
-
- return request;
- }*/
+ // Create a RequestType
+ EnforcementContext context = new EnforcementContext();
+
+ // Create Subjects
+ Roles roles = new Roles();
+ roles.addName("Admin");
+ context.setAttribute("roles", roles);
+
+ // Create Resource
+ HttpResource protectedResource = new HttpResource();
+ protectedResource.setUri(new URI(uri));
+ context.setAttribute("http-resource", protectedResource);
+
+ // Create Action
+ context.setAttribute("http-get", new Get());
+
+ return context;
+ }
}
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
===================================================================
---
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-07-12
17:28:57 UTC (rev 13548)
+++
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-07-12
20:31:28 UTC (rev 13549)
@@ -49,27 +49,22 @@
*
*/
public class TestHttpPolicyConfig extends TestCase
-{
- /**
- *
- */
- private static Logger log = Logger.getLogger(TestHttpPolicyConfig.class);
-
- private PolicyEnforcementPoint enforcer;
- private PolicyProvisioner provisioner;
- private PolicyComposer policyComposer;
-
- /**
- *
- */
- protected void setUp() throws Exception
- {
- ServiceContainer.bootstrap();
-
- this.enforcer =
(PolicyEnforcementPoint)ServiceContainer.lookup("/enforcement/localEnforcementPoint");
- this.provisioner =
(PolicyProvisioner)ServiceContainer.lookup("/provisioning/localProvisioner");
- this.policyComposer =
(PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
- }
+{
+ private static Logger log = Logger.getLogger(TestHttpPolicyConfig.class);
+
+ private PolicyComposer policyComposer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
+
+
+ public void setUp() throws Exception
+ {
+ ServiceContainer.bootstrap();
+
+ this.policyComposer =
(PolicyComposer)ServiceContainer.lookup("/agent/PolicyComposer");
+ this.enforcer =
(PolicyEnforcementPoint)ServiceContainer.lookup("/agent/LocalEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)ServiceContainer.lookup("/agent/LocalPolicyProvisioner");
+ }
//------------------------------------------------------------------------------------------------------------------------------------------------------
//TODO: migrate to the new developer framework
public void testExecutiveFiles() throws Exception
@@ -86,7 +81,7 @@
for(int i=0; i<policies.length; i++)
{
String xacmlPolicy = policies[i].generateSystemPolicy();
- //this.provisioner.newPolicy(policies[i].getMetaData());
+ this.provisioner.newPolicy(policies[i].getMetaData());
log.info("------------------------------------------------------");
log.info(xacmlPolicy);
6158
days inactive
6158
days old
portal-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
portal-commits@lists.jboss.org