Author: sohil.shah(a)jboss.com Date: 2009-05-18 16:46:08 -0400 (Mon, 18 May 2009) New Revision: 13389 Modified: modules/authorization/trunk/.classpath modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java modules/authorization/trunk/http-profile/pom.xml modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/Response.java modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java Log: stabilizing the testsuite including http-profile with the new client layer Modified: modules/authorization/trunk/.classpath =================================================================== --- modules/authorization/trunk/.classpath 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/.classpath 2009-05-18 20:46:08 UTC (rev 13389) @@ -7,11 +7,7 @@ <classpathentry kind="src" path="core-components-api/src/main/java"/> <classpathentry kind="src" path="core-components-api/src/main/resources"/> <classpathentry kind="src" path="core-components-api/src/test/java"/> - <classpathentry kind="src" path="core-components-api/src/test/resources"/> - <classpathentry kind="src" path="enforcement/src/main/java"/> - <classpathentry kind="src" path="enforcement/src/main/resources"/> - <classpathentry kind="src" path="enforcement/src/test/java"/> - <classpathentry kind="src" path="enforcement/src/test/resources"/> + <classpathentry kind="src" path="core-components-api/src/test/resources"/> <classpathentry kind="src" path="policy-server/src/main/java"/> <classpathentry kind="src" path="policy-server/src/main/resources"/> <classpathentry kind="src" path="policy-server/src/test/java"/> Modified: modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java =================================================================== --- modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -72,6 +72,11 @@ "insert(Boolean.TRUE);\n"+ "end\n"; + /** + * Some useful constants + */ + public static final String ANONYMOUS = "anonymous"; + /** * Role Names */ Modified: modules/authorization/trunk/http-profile/pom.xml =================================================================== --- modules/authorization/trunk/http-profile/pom.xml 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/http-profile/pom.xml 2009-05-18 20:46:08 UTC (rev 13389) @@ -67,11 +67,9 @@ <artifactId>maven-surefire-plugin</artifactId> <version>2.3.1</version> <configuration> - <includes> - <!-- - <include>**/components/Test*.java</include> - --> - <include>**/provisioning/Test*.java</include> + <includes> + <include>**/components/Test*.java</include> + <include>**/provisioning/Test*.java</include> </includes> </configuration> </plugin> @@ -281,6 +279,13 @@ <properties> <cargo.jboss.configuration>cargo</cargo.jboss.configuration> </properties> + + <configfiles> + <configfile> + <file>${jboss.home}/server/cargo/conf/jboss-log4j.xml</file> + <tofile>conf/jboss-log4j.xml</tofile> + </configfile> + </configfiles> <deployables> <deployable> Modified: modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java =================================================================== --- modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -52,8 +52,10 @@ import org.jboss.security.authz.policy.client.enforcement.Request; import org.jboss.security.authz.policy.client.enforcement.Response; import org.jboss.security.authz.policy.server.Server; +import org.jboss.security.authz.policy.server.spi.PolicyConfig; import org.jboss.security.authz.policy.server.PolicyServer; -import org.jboss.security.authz.policy.server.spi.PolicyConfig; +import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint; +import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner; import org.jboss.security.authz.components.resource.HttpResource; import org.jboss.security.authz.components.subject.Roles; @@ -73,7 +75,8 @@ { private static Logger log = Logger.getLogger(SecurityFilter.class); - private PolicyServer policyServer; + private PolicyEnforcementPoint enforcer; + private PolicyProvisioner provisioner; private boolean isPolicyMatchMandatory = false; //set to "false" by default public SecurityFilter() @@ -88,13 +91,18 @@ { //Start the Policy Server Server.bootstrap(); - this.policyServer = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint"); + this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner"); - if(this.policyServer == null) + if(this.enforcer == null || this.provisioner == null) { throw new RuntimeException("Policy Server is unavailable..."); } + //TODO: remove this + PolicyServer ps = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + ps.getPolicyDecisionPoint().setDebug(true); + //Parse the specified Policy and update the Policy Server PolicyConfig policyConfig = new HttpPolicyConfig(); @@ -107,7 +115,7 @@ for(Policy policy: policies) { log.debug(policy.generateSystemPolicy()); - this.policyServer.newPolicy(policy.getMetaData()); + this.provisioner.newPolicy(policy.getMetaData()); } log.debug("----------------------------------------------------------"); @@ -149,12 +157,12 @@ //Perform a Security check Request authzRequest = this.createAuthorizationRequest(httpRequest); - Response authzResponse = this.policyServer.evaluate(authzRequest); + Response authzResponse = this.enforcer.checkAccess(authzRequest); //Process the authorization response and allow or deny further processing if(!authzResponse.isAccessGranted()) { - if(authzResponse.isNotApplicable() && this.isPolicyMatchMandatory) + if((authzResponse.isNotApplicable() && this.isPolicyMatchMandatory) || (authzResponse.isDenied())) { //Send back an access denied status httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN); @@ -164,7 +172,7 @@ { httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); return; - } + } } chain.doFilter(request, response); @@ -234,7 +242,7 @@ //Setup Role context //TODO: replace mock code with actual loading of Roles information of the authenticated user via the new Identity API Roles roles = new Roles(); - roles.addName("Admin"); + roles.addName(Roles.ANONYMOUS); authzRequest.addSubject(roles.getSubject()); return authzRequest; Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java =================================================================== --- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -31,7 +31,8 @@ import org.jboss.security.authz.model.Policy; import org.jboss.security.authz.policy.client.enforcement.Request; import org.jboss.security.authz.policy.client.enforcement.Response; -import org.jboss.security.authz.policy.server.PolicyServer; +import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner; +import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint; import org.jboss.security.authz.policy.server.Server; import junit.framework.TestCase; @@ -43,12 +44,15 @@ { private static Logger log = Logger.getLogger(TestParameterMatching.class); - private PolicyServer policyServer; + private PolicyEnforcementPoint enforcer; + private PolicyProvisioner provisioner; + public void setUp() throws Exception { Server.bootstrap(); - this.policyServer = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint"); + this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner"); } public void testMatchContextSuperset() throws Exception @@ -61,10 +65,10 @@ policyResource.addParameter("p2", "p2Val"); //Store the policy into the Policy Server - this.policyServer.newPolicy(policyResource.getPolicyMetaData()); + this.provisioner.newPolicy(policyResource.getPolicyMetaData()); //Assert Policy State of the Server - Policy[] policies = this.policyServer.readAllPolicies(); + Policy[] policies = this.provisioner.readAllPolicies(); assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1)); log.info("------------------------------------------------------------------------------"); @@ -113,10 +117,10 @@ } //Store the policy into the Policy Server - this.policyServer.newPolicy(policyResource.getPolicyMetaData()); + this.provisioner.newPolicy(policyResource.getPolicyMetaData()); //Assert Policy State of the Server - Policy[] policies = this.policyServer.readAllPolicies(); + Policy[] policies = this.provisioner.readAllPolicies(); assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1)); log.info("------------------------------------------------------------------------------"); @@ -141,7 +145,7 @@ private void enforce(Request request, boolean mustBePermitted) throws Exception { - Response response = this.policyServer.evaluate(request); + Response response = this.enforcer.checkAccess(request); assertNotNull(response); log.info("-----------------------------------"); Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java =================================================================== --- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -29,9 +29,10 @@ import org.jboss.security.authz.components.subject.Roles; import org.jboss.security.authz.model.Policy; +import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint; import org.jboss.security.authz.policy.client.enforcement.Request; import org.jboss.security.authz.policy.client.enforcement.Response; -import org.jboss.security.authz.policy.server.PolicyServer; +import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner; import org.jboss.security.authz.policy.server.Server; import junit.framework.TestCase; @@ -43,12 +44,14 @@ { private static Logger log = Logger.getLogger(TestRoles.class); - private PolicyServer policyServer; + private PolicyEnforcementPoint enforcer; + private PolicyProvisioner provisioner; public void setUp() throws Exception { Server.bootstrap(); - this.policyServer = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint"); + this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner"); } public void test() throws Exception @@ -59,10 +62,10 @@ policyResource.addAllowed("pm"); policyResource.addAllowed("lead"); - this.policyServer.newPolicy(policyResource.getPolicyMetaData()); + this.provisioner.newPolicy(policyResource.getPolicyMetaData()); //Assert Policy State of the Server - Policy[] policies = this.policyServer.readAllPolicies(); + Policy[] policies = this.provisioner.readAllPolicies(); assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1)); log.info("------------------------------------------------------------------------------"); @@ -87,10 +90,10 @@ policyResource.addAllowed("Pm"); policyResource.addAllowed("LeaD"); - this.policyServer.newPolicy(policyResource.getPolicyMetaData()); + this.provisioner.newPolicy(policyResource.getPolicyMetaData()); //Assert Policy State of the Server - Policy[] policies = this.policyServer.readAllPolicies(); + Policy[] policies = this.provisioner.readAllPolicies(); assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1)); log.info("------------------------------------------------------------------------------"); @@ -110,7 +113,7 @@ private void enforce(Request request, boolean mustBePermitted) throws Exception { - Response response = this.policyServer.evaluate(request); + Response response = this.enforcer.checkAccess(request); assertNotNull(response); log.info("-----------------------------------"); Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java =================================================================== --- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -32,9 +32,10 @@ import org.jboss.security.authz.model.Policy; import org.jboss.security.authz.model.PolicyMetaData; import org.jboss.security.authz.model.Resource; +import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint; import org.jboss.security.authz.policy.client.enforcement.Request; import org.jboss.security.authz.policy.client.enforcement.Response; -import org.jboss.security.authz.policy.server.PolicyServer; +import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner; import org.jboss.security.authz.policy.server.Server; import junit.framework.TestCase; @@ -46,12 +47,14 @@ { private static Logger log = Logger.getLogger(TestURLPattern.class); - private PolicyServer policyServer; + private PolicyEnforcementPoint enforcer; + private PolicyProvisioner provisioner; public void setUp() throws Exception { Server.bootstrap(); - this.policyServer = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint"); + this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner"); } public void testRegex() throws Exception @@ -82,10 +85,10 @@ httpResource.addAllowed("Admin"); PolicyMetaData policyMetaData = httpResource.getPolicyMetaData(); - this.policyServer.newPolicy(policyMetaData); + this.provisioner.newPolicy(policyMetaData); //Assert Policy State of the Server - Policy[] policies = this.policyServer.readAllPolicies(); + Policy[] policies = this.provisioner.readAllPolicies(); assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1)); log.info("------------------------------------------------------------------------------"); @@ -111,7 +114,7 @@ private void enforce(Request request, boolean mustBePermitted) throws Exception { - Response response = this.policyServer.evaluate(request); + Response response = this.enforcer.checkAccess(request); assertNotNull(response); log.info("-----------------------------------"); Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java =================================================================== --- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -38,7 +38,8 @@ import org.jboss.security.authz.tools.GeneralTool; import org.jboss.security.authz.policy.client.enforcement.Request; import org.jboss.security.authz.policy.client.enforcement.Response; -import org.jboss.security.authz.policy.server.PolicyServer; +import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint; +import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner; import org.jboss.security.authz.policy.server.Server; import org.jboss.security.authz.policy.server.spi.PolicyConfig; @@ -53,7 +54,8 @@ */ private static Logger log = Logger.getLogger(TestHttpPolicyConfig.class); - private PolicyServer policyServer; + private PolicyEnforcementPoint enforcer; + private PolicyProvisioner provisioner; /** * @@ -61,7 +63,8 @@ protected void setUp() throws Exception { Server.bootstrap(); - this.policyServer = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint"); + this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner"); } //------------------------------------------------------------------------------------------------------------------------------------------------------ public void testExecutiveFiles() throws Exception @@ -76,7 +79,7 @@ for(int i=0; i<policies.length; i++) { String xacmlPolicy = policies[i].generateSystemPolicy(); - this.policyServer.newPolicy(policies[i].getMetaData()); + this.provisioner.newPolicy(policies[i].getMetaData()); log.info("------------------------------------------------------"); log.info(xacmlPolicy); @@ -188,7 +191,7 @@ private void enforce(Request request, boolean mustBePermitted) throws Exception { - Response response = this.policyServer.evaluate(request); + Response response = this.enforcer.checkAccess(request); assertNotNull(response); log.info("-----------------------------------"); Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/Response.java =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/Response.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/Response.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -81,4 +81,16 @@ return isNotApplicable; } + + public boolean isDenied() + { + boolean isDenied = false; + + if(this.message.toLowerCase().contains("deny")) + { + isDenied = true; + } + + return isDenied; + } } Modified: modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml =================================================================== --- modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-05-18 20:46:08 UTC (rev 13389) @@ -28,7 +28,7 @@ </bean> <!-- Local Policy Enforcement client --> - <bean name="/enforcement/localEnforcementPoint" class="org.jboss.security.authz.policy.client.LocalEnforcementPoint"> + <bean name="/enforcement/localEnforcementPoint" class="org.jboss.security.authz.policy.client.enforcement.LocalEnforcementPoint"> <property name="policyServer"> <inject bean="/policy-server/PolicyServer"/> </property> Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java =================================================================== --- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -32,14 +32,12 @@ import org.jboss.security.authz.components.resource.URIResource; import org.jboss.security.authz.components.subject.Roles; -import org.jboss.security.authz.components.action.Operation; import org.jboss.security.authz.components.action.Read; -import org.jboss.security.authz.components.action.Write; -import org.jboss.security.authz.components.action.Manage; import org.jboss.security.authz.policy.client.enforcement.Request; import org.jboss.security.authz.policy.client.enforcement.Response; -import org.jboss.security.authz.policy.server.PolicyServer; +import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint; +import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner; /** * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> @@ -48,12 +46,14 @@ { private static Logger log = Logger.getLogger(TestHierarchialPropagation.class); - private PolicyServer policyServer; + private PolicyEnforcementPoint enforcer; + private PolicyProvisioner provisioner; public void setUp() throws Exception { Server.bootstrap(); - this.policyServer = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint"); + this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner"); } public void tearDown() throws Exception @@ -70,7 +70,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Go ahead and produce a RequestContext for a "Permit" Enforcement URIResource contextResource = new URIResource(); @@ -91,7 +91,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); this.assertServerState(); //Go ahead and produce a RequestContext for a "Permit" Enforcement @@ -113,7 +113,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Go ahead and produce a RequestContext for a "Permit" Enforcement URIResource contextResource = new URIResource(); @@ -134,7 +134,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Go ahead and produce a RequestContext for a "Permit" Enforcement URIResource contextResource = new URIResource(); @@ -155,7 +155,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Setup denied policy resource = new URIResource(); @@ -165,7 +165,7 @@ //Provision the new policy metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Go ahead and produce a RequestContext for a "Permit" Enforcement URIResource contextResource = new URIResource(); @@ -186,7 +186,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Go ahead and produce a RequestContext for a "Permit" Enforcement URIResource contextResource = new URIResource(); @@ -223,7 +223,7 @@ private void enforce(Request request, boolean mustBePermitted) throws Exception { - Response response = this.policyServer.evaluate(request); + Response response = this.enforcer.checkAccess(request); assertNotNull(response); log.info("-----------------------------------"); @@ -242,7 +242,7 @@ private void assertServerState() throws Exception { //Assert Policy State of the Server - Policy[] policies = policyServer.readAllPolicies(); + Policy[] policies = this.provisioner.readAllPolicies(); assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1)); log.info("------------------------------------------------------------------------------"); Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java =================================================================== --- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -37,9 +37,10 @@ import org.jboss.security.authz.components.action.Write; import org.jboss.security.authz.components.action.Manage; +import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint; import org.jboss.security.authz.policy.client.enforcement.Request; import org.jboss.security.authz.policy.client.enforcement.Response; -import org.jboss.security.authz.policy.server.PolicyServer; +import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner; /** * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> @@ -48,12 +49,14 @@ { private static Logger log = Logger.getLogger(TestImpliedActions.class); - private PolicyServer policyServer; + private PolicyEnforcementPoint enforcer; + private PolicyProvisioner provisioner; public void setUp() throws Exception { Server.bootstrap(); - this.policyServer = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint"); + this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner"); } public void tearDown() throws Exception @@ -71,7 +74,7 @@ PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); this.assertServerState(); //Go ahead and produce a RequestContext for a "Permit" Enforcement @@ -89,7 +92,7 @@ PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); this.assertServerState(); //Go ahead and produce a RequestContext for a "Permit" Enforcement @@ -107,7 +110,7 @@ PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); this.assertServerState(); //Go ahead and produce a RequestContext for a "Deny" Enforcement @@ -137,7 +140,7 @@ private void enforce(Request request, boolean mustBePermitted) throws Exception { - Response response = this.policyServer.evaluate(request); + Response response = this.enforcer.checkAccess(request); assertNotNull(response); log.info("-----------------------------------"); @@ -156,7 +159,7 @@ private void assertServerState() throws Exception { //Assert Policy State of the Server - Policy[] policies = policyServer.readAllPolicies(); + Policy[] policies = this.provisioner.readAllPolicies(); assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1)); log.info("------------------------------------------------------------------------------"); Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java =================================================================== --- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -36,9 +36,10 @@ import org.jboss.security.authz.components.action.Write; import org.jboss.security.authz.components.action.Manage; +import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint; import org.jboss.security.authz.policy.client.enforcement.Request; import org.jboss.security.authz.policy.client.enforcement.Response; -import org.jboss.security.authz.policy.server.PolicyServer; +import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner; /** * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> @@ -47,12 +48,14 @@ { private static Logger log = Logger.getLogger(TestImpliesHierarchialPropagation.class); - private PolicyServer policyServer; + private PolicyEnforcementPoint enforcer; + private PolicyProvisioner provisioner; public void setUp() throws Exception { Server.bootstrap(); - this.policyServer = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint"); + this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner"); } public void tearDown() throws Exception @@ -69,7 +72,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Go ahead and produce a RequestContext for a "Permit" Enforcement URIResource contextResource = new URIResource(); @@ -90,7 +93,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Go ahead and produce a RequestContext for a "Permit" Enforcement URIResource contextResource = new URIResource(); @@ -111,7 +114,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Go ahead and produce a RequestContext for a "Permit" Enforcement URIResource contextResource = new URIResource(); @@ -132,7 +135,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Go ahead and produce a RequestContext for a "Permit" Enforcement URIResource contextResource = new URIResource(); @@ -153,7 +156,7 @@ //Provision the new policy PolicyMetaData metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Setup denied policy....User can only read level2 resource = new URIResource(); @@ -163,7 +166,7 @@ //Provision the new policy metadata = resource.getPolicyMetaData(); - policyServer.newPolicy(metadata); + this.provisioner.newPolicy(metadata); //Go ahead and produce a RequestContext for a "Permit" Enforcement //Trying to "Write" to level2 should be Denied @@ -201,7 +204,7 @@ private void enforce(Request request, boolean mustBePermitted) throws Exception { - Response response = this.policyServer.evaluate(request); + Response response = this.enforcer.checkAccess(request); assertNotNull(response); log.info("-----------------------------------"); @@ -220,7 +223,7 @@ private void assertServerState() throws Exception { //Assert Policy State of the Server - Policy[] policies = policyServer.readAllPolicies(); + Policy[] policies = this.provisioner.readAllPolicies(); assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1)); log.info("------------------------------------------------------------------------------"); Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java =================================================================== --- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -26,8 +26,8 @@ import org.apache.log4j.Logger; import org.jboss.security.authz.model.Policy; +import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner; import org.jboss.security.authz.components.resource.HttpResource; -import org.jboss.security.authz.policy.server.PolicyServer; /** * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> @@ -36,12 +36,13 @@ { private static Logger log = Logger.getLogger(TestPolicyServer.class); - private PolicyServer policyServer; + private PolicyProvisioner provisioner; + public void setUp() throws Exception { Server.bootstrap(); - this.policyServer = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner"); } public void tearDown() throws Exception @@ -54,10 +55,10 @@ httpResource.setUri(new URI("/blah/index.html")); httpResource.addParameter("param1", "param1Value"); - policyServer.newPolicy(httpResource.getPolicyMetaData()); + this.provisioner.newPolicy(httpResource.getPolicyMetaData()); //Assert Policy State of the Server - Policy[] policies = policyServer.readAllPolicies(); + Policy[] policies = this.provisioner.readAllPolicies(); assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1)); log.info("------------------------------------------------------------------------------"); Modified: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java =================================================================== --- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java 2009-05-18 15:38:03 UTC (rev 13388) +++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java 2009-05-18 20:46:08 UTC (rev 13389) @@ -34,9 +34,10 @@ import org.jboss.security.authz.components.subject.Roles; import org.jboss.security.authz.components.action.Read; +import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint; import org.jboss.security.authz.policy.client.enforcement.Request; import org.jboss.security.authz.policy.client.enforcement.Response; -import org.jboss.security.authz.policy.server.PolicyServer; +import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner; import org.jboss.security.authz.policy.server.Server; @@ -47,12 +48,14 @@ { private static Logger log = Logger.getLogger(TestEnterprisePolicyFinderModule.class); - private PolicyServer policyServer; + private PolicyEnforcementPoint enforcer; + private PolicyProvisioner provisioner; public void setUp() throws Exception { Server.bootstrap(); - this.policyServer = (PolicyServer)Server.lookup("/policy-server/PolicyServer"); + this.enforcer = (PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint"); + this.provisioner = (PolicyProvisioner)Server.lookup("/provisioning/localProvisioner"); } public void tearDown() throws Exception @@ -69,11 +72,11 @@ httpResource.setOperation(new Read()); PolicyMetaData policyMetaData = httpResource.getPolicyMetaData(); - policyServer.newPolicy(policyMetaData); + this.provisioner.newPolicy(policyMetaData); //Assert Policy State of the Server - Policy[] policies = policyServer.readAllPolicies(); + Policy[] policies = this.provisioner.readAllPolicies(); assertTrue("Policy Store must not be empty!!", (policies != null && policies.length == 1)); log.info("------------------------------------------------------------------------------"); @@ -89,7 +92,7 @@ private void enforce(Request request, boolean mustBePermitted) throws Exception { - Response response = this.policyServer.evaluate(request); + Response response = this.enforcer.checkAccess(request); assertNotNull(response); if(mustBePermitted)