Author: sohil.shah(a)jboss.com
Date: 2009-05-18 16:46:08 -0400 (Mon, 18 May 2009)
New Revision: 13389
Modified:
modules/authorization/trunk/.classpath
modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java
modules/authorization/trunk/http-profile/pom.xml
modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/Response.java
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java
Log:
stabilizing the testsuite including http-profile with the new client layer
Modified: modules/authorization/trunk/.classpath
===================================================================
--- modules/authorization/trunk/.classpath 2009-05-18 15:38:03 UTC (rev 13388)
+++ modules/authorization/trunk/.classpath 2009-05-18 20:46:08 UTC (rev 13389)
@@ -7,11 +7,7 @@
<classpathentry kind="src"
path="core-components-api/src/main/java"/>
<classpathentry kind="src"
path="core-components-api/src/main/resources"/>
<classpathentry kind="src"
path="core-components-api/src/test/java"/>
- <classpathentry kind="src"
path="core-components-api/src/test/resources"/>
- <classpathentry kind="src" path="enforcement/src/main/java"/>
- <classpathentry kind="src"
path="enforcement/src/main/resources"/>
- <classpathentry kind="src" path="enforcement/src/test/java"/>
- <classpathentry kind="src"
path="enforcement/src/test/resources"/>
+ <classpathentry kind="src"
path="core-components-api/src/test/resources"/>
<classpathentry kind="src"
path="policy-server/src/main/java"/>
<classpathentry kind="src"
path="policy-server/src/main/resources"/>
<classpathentry kind="src"
path="policy-server/src/test/java"/>
Modified:
modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java
===================================================================
---
modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/core-components-api/src/main/java/org/jboss/security/authz/components/subject/Roles.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -72,6 +72,11 @@
"insert(Boolean.TRUE);\n"+
"end\n";
+ /**
+ * Some useful constants
+ */
+ public static final String ANONYMOUS = "anonymous";
+
/**
* Role Names
*/
Modified: modules/authorization/trunk/http-profile/pom.xml
===================================================================
--- modules/authorization/trunk/http-profile/pom.xml 2009-05-18 15:38:03 UTC (rev 13388)
+++ modules/authorization/trunk/http-profile/pom.xml 2009-05-18 20:46:08 UTC (rev 13389)
@@ -67,11 +67,9 @@
<artifactId>maven-surefire-plugin</artifactId>
<version>2.3.1</version>
<configuration>
- <includes>
- <!--
- <include>**/components/Test*.java</include>
- -->
- <include>**/provisioning/Test*.java</include>
+ <includes>
+ <include>**/components/Test*.java</include>
+ <include>**/provisioning/Test*.java</include>
</includes>
</configuration>
</plugin>
@@ -281,6 +279,13 @@
<properties>
<cargo.jboss.configuration>cargo</cargo.jboss.configuration>
</properties>
+
+ <configfiles>
+ <configfile>
+ <file>${jboss.home}/server/cargo/conf/jboss-log4j.xml</file>
+ <tofile>conf/jboss-log4j.xml</tofile>
+ </configfile>
+ </configfiles>
<deployables>
<deployable>
Modified:
modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java
===================================================================
---
modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/enforcement/SecurityFilter.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -52,8 +52,10 @@
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
import org.jboss.security.authz.policy.server.Server;
+import org.jboss.security.authz.policy.server.spi.PolicyConfig;
import org.jboss.security.authz.policy.server.PolicyServer;
-import org.jboss.security.authz.policy.server.spi.PolicyConfig;
+import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.resource.HttpResource;
import org.jboss.security.authz.components.subject.Roles;
@@ -73,7 +75,8 @@
{
private static Logger log = Logger.getLogger(SecurityFilter.class);
- private PolicyServer policyServer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
private boolean isPolicyMatchMandatory = false; //set to "false" by default
public SecurityFilter()
@@ -88,13 +91,18 @@
{
//Start the Policy Server
Server.bootstrap();
- this.policyServer =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ this.enforcer =
(PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
- if(this.policyServer == null)
+ if(this.enforcer == null || this.provisioner == null)
{
throw new RuntimeException("Policy Server is unavailable...");
}
+ //TODO: remove this
+ PolicyServer ps =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ ps.getPolicyDecisionPoint().setDebug(true);
+
//Parse the specified Policy and update the Policy Server
PolicyConfig policyConfig = new HttpPolicyConfig();
@@ -107,7 +115,7 @@
for(Policy policy: policies)
{
log.debug(policy.generateSystemPolicy());
- this.policyServer.newPolicy(policy.getMetaData());
+ this.provisioner.newPolicy(policy.getMetaData());
}
log.debug("----------------------------------------------------------");
@@ -149,12 +157,12 @@
//Perform a Security check
Request authzRequest = this.createAuthorizationRequest(httpRequest);
- Response authzResponse = this.policyServer.evaluate(authzRequest);
+ Response authzResponse = this.enforcer.checkAccess(authzRequest);
//Process the authorization response and allow or deny further processing
if(!authzResponse.isAccessGranted())
{
- if(authzResponse.isNotApplicable() && this.isPolicyMatchMandatory)
+ if((authzResponse.isNotApplicable() && this.isPolicyMatchMandatory) ||
(authzResponse.isDenied()))
{
//Send back an access denied status
httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
@@ -164,7 +172,7 @@
{
httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
return;
- }
+ }
}
chain.doFilter(request, response);
@@ -234,7 +242,7 @@
//Setup Role context
//TODO: replace mock code with actual loading of Roles information of the authenticated
user via the new Identity API
Roles roles = new Roles();
- roles.addName("Admin");
+ roles.addName(Roles.ANONYMOUS);
authzRequest.addSubject(roles.getSubject());
return authzRequest;
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java
===================================================================
---
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestParameterMatching.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -31,7 +31,8 @@
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.PolicyServer;
+import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.policy.server.Server;
import junit.framework.TestCase;
@@ -43,12 +44,15 @@
{
private static Logger log = Logger.getLogger(TestParameterMatching.class);
- private PolicyServer policyServer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
+
public void setUp() throws Exception
{
Server.bootstrap();
- this.policyServer =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ this.enforcer =
(PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
public void testMatchContextSuperset() throws Exception
@@ -61,10 +65,10 @@
policyResource.addParameter("p2", "p2Val");
//Store the policy into the Policy Server
- this.policyServer.newPolicy(policyResource.getPolicyMetaData());
+ this.provisioner.newPolicy(policyResource.getPolicyMetaData());
//Assert Policy State of the Server
- Policy[] policies = this.policyServer.readAllPolicies();
+ Policy[] policies = this.provisioner.readAllPolicies();
assertTrue("Policy Store must not be empty!!", (policies != null &&
policies.length == 1));
log.info("------------------------------------------------------------------------------");
@@ -113,10 +117,10 @@
}
//Store the policy into the Policy Server
- this.policyServer.newPolicy(policyResource.getPolicyMetaData());
+ this.provisioner.newPolicy(policyResource.getPolicyMetaData());
//Assert Policy State of the Server
- Policy[] policies = this.policyServer.readAllPolicies();
+ Policy[] policies = this.provisioner.readAllPolicies();
assertTrue("Policy Store must not be empty!!", (policies != null &&
policies.length == 1));
log.info("------------------------------------------------------------------------------");
@@ -141,7 +145,7 @@
private void enforce(Request request, boolean mustBePermitted) throws Exception
{
- Response response = this.policyServer.evaluate(request);
+ Response response = this.enforcer.checkAccess(request);
assertNotNull(response);
log.info("-----------------------------------");
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java
===================================================================
---
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestRoles.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -29,9 +29,10 @@
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.PolicyServer;
+import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
import org.jboss.security.authz.policy.server.Server;
import junit.framework.TestCase;
@@ -43,12 +44,14 @@
{
private static Logger log = Logger.getLogger(TestRoles.class);
- private PolicyServer policyServer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
public void setUp() throws Exception
{
Server.bootstrap();
- this.policyServer =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ this.enforcer =
(PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
public void test() throws Exception
@@ -59,10 +62,10 @@
policyResource.addAllowed("pm");
policyResource.addAllowed("lead");
- this.policyServer.newPolicy(policyResource.getPolicyMetaData());
+ this.provisioner.newPolicy(policyResource.getPolicyMetaData());
//Assert Policy State of the Server
- Policy[] policies = this.policyServer.readAllPolicies();
+ Policy[] policies = this.provisioner.readAllPolicies();
assertTrue("Policy Store must not be empty!!", (policies != null &&
policies.length == 1));
log.info("------------------------------------------------------------------------------");
@@ -87,10 +90,10 @@
policyResource.addAllowed("Pm");
policyResource.addAllowed("LeaD");
- this.policyServer.newPolicy(policyResource.getPolicyMetaData());
+ this.provisioner.newPolicy(policyResource.getPolicyMetaData());
//Assert Policy State of the Server
- Policy[] policies = this.policyServer.readAllPolicies();
+ Policy[] policies = this.provisioner.readAllPolicies();
assertTrue("Policy Store must not be empty!!", (policies != null &&
policies.length == 1));
log.info("------------------------------------------------------------------------------");
@@ -110,7 +113,7 @@
private void enforce(Request request, boolean mustBePermitted) throws Exception
{
- Response response = this.policyServer.evaluate(request);
+ Response response = this.enforcer.checkAccess(request);
assertNotNull(response);
log.info("-----------------------------------");
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java
===================================================================
---
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -32,9 +32,10 @@
import org.jboss.security.authz.model.Policy;
import org.jboss.security.authz.model.PolicyMetaData;
import org.jboss.security.authz.model.Resource;
+import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.PolicyServer;
+import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
import org.jboss.security.authz.policy.server.Server;
import junit.framework.TestCase;
@@ -46,12 +47,14 @@
{
private static Logger log = Logger.getLogger(TestURLPattern.class);
- private PolicyServer policyServer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
public void setUp() throws Exception
{
Server.bootstrap();
- this.policyServer =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ this.enforcer =
(PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
public void testRegex() throws Exception
@@ -82,10 +85,10 @@
httpResource.addAllowed("Admin");
PolicyMetaData policyMetaData = httpResource.getPolicyMetaData();
- this.policyServer.newPolicy(policyMetaData);
+ this.provisioner.newPolicy(policyMetaData);
//Assert Policy State of the Server
- Policy[] policies = this.policyServer.readAllPolicies();
+ Policy[] policies = this.provisioner.readAllPolicies();
assertTrue("Policy Store must not be empty!!", (policies != null &&
policies.length == 1));
log.info("------------------------------------------------------------------------------");
@@ -111,7 +114,7 @@
private void enforce(Request request, boolean mustBePermitted) throws Exception
{
- Response response = this.policyServer.evaluate(request);
+ Response response = this.enforcer.checkAccess(request);
assertNotNull(response);
log.info("-----------------------------------");
Modified:
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java
===================================================================
---
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyConfig.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -38,7 +38,8 @@
import org.jboss.security.authz.tools.GeneralTool;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.PolicyServer;
+import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
import org.jboss.security.authz.policy.server.Server;
import org.jboss.security.authz.policy.server.spi.PolicyConfig;
@@ -53,7 +54,8 @@
*/
private static Logger log = Logger.getLogger(TestHttpPolicyConfig.class);
- private PolicyServer policyServer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
/**
*
@@ -61,7 +63,8 @@
protected void setUp() throws Exception
{
Server.bootstrap();
- this.policyServer =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ this.enforcer =
(PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
//------------------------------------------------------------------------------------------------------------------------------------------------------
public void testExecutiveFiles() throws Exception
@@ -76,7 +79,7 @@
for(int i=0; i<policies.length; i++)
{
String xacmlPolicy = policies[i].generateSystemPolicy();
- this.policyServer.newPolicy(policies[i].getMetaData());
+ this.provisioner.newPolicy(policies[i].getMetaData());
log.info("------------------------------------------------------");
log.info(xacmlPolicy);
@@ -188,7 +191,7 @@
private void enforce(Request request, boolean mustBePermitted) throws Exception
{
- Response response = this.policyServer.evaluate(request);
+ Response response = this.enforcer.checkAccess(request);
assertNotNull(response);
log.info("-----------------------------------");
Modified:
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/Response.java
===================================================================
---
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/Response.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/client/enforcement/Response.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -81,4 +81,16 @@
return isNotApplicable;
}
+
+ public boolean isDenied()
+ {
+ boolean isDenied = false;
+
+ if(this.message.toLowerCase().contains("deny"))
+ {
+ isDenied = true;
+ }
+
+ return isDenied;
+ }
}
Modified:
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml
===================================================================
---
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-05-18
20:46:08 UTC (rev 13389)
@@ -28,7 +28,7 @@
</bean>
<!-- Local Policy Enforcement client -->
- <bean name="/enforcement/localEnforcementPoint"
class="org.jboss.security.authz.policy.client.LocalEnforcementPoint">
+ <bean name="/enforcement/localEnforcementPoint"
class="org.jboss.security.authz.policy.client.enforcement.LocalEnforcementPoint">
<property name="policyServer">
<inject bean="/policy-server/PolicyServer"/>
</property>
Modified:
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java
===================================================================
---
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestHierarchialPropagation.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -32,14 +32,12 @@
import org.jboss.security.authz.components.resource.URIResource;
import org.jboss.security.authz.components.subject.Roles;
-import org.jboss.security.authz.components.action.Operation;
import org.jboss.security.authz.components.action.Read;
-import org.jboss.security.authz.components.action.Write;
-import org.jboss.security.authz.components.action.Manage;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.PolicyServer;
+import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -48,12 +46,14 @@
{
private static Logger log = Logger.getLogger(TestHierarchialPropagation.class);
- private PolicyServer policyServer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
public void setUp() throws Exception
{
Server.bootstrap();
- this.policyServer =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ this.enforcer =
(PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
public void tearDown() throws Exception
@@ -70,7 +70,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
@@ -91,7 +91,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
this.assertServerState();
//Go ahead and produce a RequestContext for a "Permit" Enforcement
@@ -113,7 +113,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
@@ -134,7 +134,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
@@ -155,7 +155,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Setup denied policy
resource = new URIResource();
@@ -165,7 +165,7 @@
//Provision the new policy
metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
@@ -186,7 +186,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
@@ -223,7 +223,7 @@
private void enforce(Request request, boolean mustBePermitted) throws Exception
{
- Response response = this.policyServer.evaluate(request);
+ Response response = this.enforcer.checkAccess(request);
assertNotNull(response);
log.info("-----------------------------------");
@@ -242,7 +242,7 @@
private void assertServerState() throws Exception
{
//Assert Policy State of the Server
- Policy[] policies = policyServer.readAllPolicies();
+ Policy[] policies = this.provisioner.readAllPolicies();
assertTrue("Policy Store must not be empty!!", (policies != null &&
policies.length == 1));
log.info("------------------------------------------------------------------------------");
Modified:
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java
===================================================================
---
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliedActions.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -37,9 +37,10 @@
import org.jboss.security.authz.components.action.Write;
import org.jboss.security.authz.components.action.Manage;
+import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.PolicyServer;
+import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -48,12 +49,14 @@
{
private static Logger log = Logger.getLogger(TestImpliedActions.class);
- private PolicyServer policyServer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
public void setUp() throws Exception
{
Server.bootstrap();
- this.policyServer =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ this.enforcer =
(PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
public void tearDown() throws Exception
@@ -71,7 +74,7 @@
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
this.assertServerState();
//Go ahead and produce a RequestContext for a "Permit" Enforcement
@@ -89,7 +92,7 @@
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
this.assertServerState();
//Go ahead and produce a RequestContext for a "Permit" Enforcement
@@ -107,7 +110,7 @@
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
this.assertServerState();
//Go ahead and produce a RequestContext for a "Deny" Enforcement
@@ -137,7 +140,7 @@
private void enforce(Request request, boolean mustBePermitted) throws Exception
{
- Response response = this.policyServer.evaluate(request);
+ Response response = this.enforcer.checkAccess(request);
assertNotNull(response);
log.info("-----------------------------------");
@@ -156,7 +159,7 @@
private void assertServerState() throws Exception
{
//Assert Policy State of the Server
- Policy[] policies = policyServer.readAllPolicies();
+ Policy[] policies = this.provisioner.readAllPolicies();
assertTrue("Policy Store must not be empty!!", (policies != null &&
policies.length == 1));
log.info("------------------------------------------------------------------------------");
Modified:
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java
===================================================================
---
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestImpliesHierarchialPropagation.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -36,9 +36,10 @@
import org.jboss.security.authz.components.action.Write;
import org.jboss.security.authz.components.action.Manage;
+import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.PolicyServer;
+import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -47,12 +48,14 @@
{
private static Logger log = Logger.getLogger(TestImpliesHierarchialPropagation.class);
- private PolicyServer policyServer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
public void setUp() throws Exception
{
Server.bootstrap();
- this.policyServer =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ this.enforcer =
(PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
public void tearDown() throws Exception
@@ -69,7 +72,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
@@ -90,7 +93,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
@@ -111,7 +114,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
@@ -132,7 +135,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Go ahead and produce a RequestContext for a "Permit" Enforcement
URIResource contextResource = new URIResource();
@@ -153,7 +156,7 @@
//Provision the new policy
PolicyMetaData metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Setup denied policy....User can only read level2
resource = new URIResource();
@@ -163,7 +166,7 @@
//Provision the new policy
metadata = resource.getPolicyMetaData();
- policyServer.newPolicy(metadata);
+ this.provisioner.newPolicy(metadata);
//Go ahead and produce a RequestContext for a "Permit" Enforcement
//Trying to "Write" to level2 should be Denied
@@ -201,7 +204,7 @@
private void enforce(Request request, boolean mustBePermitted) throws Exception
{
- Response response = this.policyServer.evaluate(request);
+ Response response = this.enforcer.checkAccess(request);
assertNotNull(response);
log.info("-----------------------------------");
@@ -220,7 +223,7 @@
private void assertServerState() throws Exception
{
//Assert Policy State of the Server
- Policy[] policies = policyServer.readAllPolicies();
+ Policy[] policies = this.provisioner.readAllPolicies();
assertTrue("Policy Store must not be empty!!", (policies != null &&
policies.length == 1));
log.info("------------------------------------------------------------------------------");
Modified:
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java
===================================================================
---
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/TestPolicyServer.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -26,8 +26,8 @@
import org.apache.log4j.Logger;
import org.jboss.security.authz.model.Policy;
+import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
import org.jboss.security.authz.components.resource.HttpResource;
-import org.jboss.security.authz.policy.server.PolicyServer;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
@@ -36,12 +36,13 @@
{
private static Logger log = Logger.getLogger(TestPolicyServer.class);
- private PolicyServer policyServer;
+ private PolicyProvisioner provisioner;
+
public void setUp() throws Exception
{
Server.bootstrap();
- this.policyServer =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ this.provisioner =
(PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
public void tearDown() throws Exception
@@ -54,10 +55,10 @@
httpResource.setUri(new URI("/blah/index.html"));
httpResource.addParameter("param1", "param1Value");
- policyServer.newPolicy(httpResource.getPolicyMetaData());
+ this.provisioner.newPolicy(httpResource.getPolicyMetaData());
//Assert Policy State of the Server
- Policy[] policies = policyServer.readAllPolicies();
+ Policy[] policies = this.provisioner.readAllPolicies();
assertTrue("Policy Store must not be empty!!", (policies != null &&
policies.length == 1));
log.info("------------------------------------------------------------------------------");
Modified:
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java
===================================================================
---
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java 2009-05-18
15:38:03 UTC (rev 13388)
+++
modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestEnterprisePolicyFinderModule.java 2009-05-18
20:46:08 UTC (rev 13389)
@@ -34,9 +34,10 @@
import org.jboss.security.authz.components.subject.Roles;
import org.jboss.security.authz.components.action.Read;
+import org.jboss.security.authz.policy.client.enforcement.PolicyEnforcementPoint;
import org.jboss.security.authz.policy.client.enforcement.Request;
import org.jboss.security.authz.policy.client.enforcement.Response;
-import org.jboss.security.authz.policy.server.PolicyServer;
+import org.jboss.security.authz.policy.client.provisioning.PolicyProvisioner;
import org.jboss.security.authz.policy.server.Server;
@@ -47,12 +48,14 @@
{
private static Logger log = Logger.getLogger(TestEnterprisePolicyFinderModule.class);
- private PolicyServer policyServer;
+ private PolicyEnforcementPoint enforcer;
+ private PolicyProvisioner provisioner;
public void setUp() throws Exception
{
Server.bootstrap();
- this.policyServer =
(PolicyServer)Server.lookup("/policy-server/PolicyServer");
+ this.enforcer =
(PolicyEnforcementPoint)Server.lookup("/enforcement/localEnforcementPoint");
+ this.provisioner =
(PolicyProvisioner)Server.lookup("/provisioning/localProvisioner");
}
public void tearDown() throws Exception
@@ -69,11 +72,11 @@
httpResource.setOperation(new Read());
PolicyMetaData policyMetaData = httpResource.getPolicyMetaData();
- policyServer.newPolicy(policyMetaData);
+ this.provisioner.newPolicy(policyMetaData);
//Assert Policy State of the Server
- Policy[] policies = policyServer.readAllPolicies();
+ Policy[] policies = this.provisioner.readAllPolicies();
assertTrue("Policy Store must not be empty!!", (policies != null &&
policies.length == 1));
log.info("------------------------------------------------------------------------------");
@@ -89,7 +92,7 @@
private void enforce(Request request, boolean mustBePermitted) throws Exception
{
- Response response = this.policyServer.evaluate(request);
+ Response response = this.enforcer.checkAccess(request);
assertNotNull(response);
if(mustBePermitted)