[jboss-cvs] JBossAS SVN: r63123 - in projects/security/security-docs/trunk/docs/guide/en: modules and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu May 17 16:22:13 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-05-17 16:22:13 -0400 (Thu, 17 May 2007)
New Revision: 63123
Added:
projects/security/security-docs/trunk/docs/guide/en/modules/examples/
projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleaudit.xml
projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleauthentication.xml
projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleauthorization.xml
Modified:
projects/security/security-docs/trunk/docs/guide/en/master.xml
Log:
SECURITY-53: integration doc
Modified: projects/security/security-docs/trunk/docs/guide/en/master.xml
===================================================================
--- projects/security/security-docs/trunk/docs/guide/en/master.xml 2007-05-17 19:59:04 UTC (rev 63122)
+++ projects/security/security-docs/trunk/docs/guide/en/master.xml 2007-05-17 20:22:13 UTC (rev 63123)
@@ -15,6 +15,10 @@
<!ENTITY seccontextassociation SYSTEM "modules/impl/seccontextassociation.xml">
<!ENTITY jbossauthenticationmgr SYSTEM "modules/impl/jbossauthenticationmgr.xml">
<!ENTITY jbossauthorizationmgr SYSTEM "modules/impl/jbossauthorizationmgr.xml">
+
+<!ENTITY exampleauthentication SYSTEM "modules/examples/exampleauthentication.xml">
+<!ENTITY exampleauthorization SYSTEM "modules/examples/exampleauthorization.xml">
+<!ENTITY exampleaudit SYSTEM "modules/examples/exampleaudit.xml">
]>
<book lang="en">
<bookinfo>
@@ -71,6 +75,14 @@
&seccontextfactory;
&seccontextassociation;
+
&jbossauthenticationmgr;
+
&jbossauthorizationmgr;
+
+ &exampleauthentication;
+
+ &exampleauthorization;
+
+ &exampleaudit;
</book>
Added: projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleaudit.xml
===================================================================
--- projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleaudit.xml (rev 0)
+++ projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleaudit.xml 2007-05-17 20:22:13 UTC (rev 63123)
@@ -0,0 +1,106 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<chapter id="exampleaudit">
+ <title>Example of Auditing</title>
+
+ <para>Here is a test case for the usage of JBossSX JBossAuditManager</para>
+
+ <programlisting> package org.jboss.test.audit;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.audit.AuditEvent;
+import org.jboss.security.audit.AuditLevel;
+import org.jboss.security.audit.AuditManager;
+import org.jboss.security.audit.config.AuditProviderEntry;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.AuditInfo;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.security.plugins.SecurityContextFactory;
+
+import junit.framework.TestCase;
+
+/**
+ * Tests for the Auditing Layer
+ */
+public class AuditUnitTestCase extends TestCase
+{
+ @Override
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ setUpSecurityConfiguration();
+ }
+
+ /**
+ * We invoke the AuditManager on the security context to audit
+ * a particular AuditEvent. The AuditManager is configured with a
+ * test logging provider that basically places the event on a
+ * thread local of a static class. The test then checks the
+ * thread local for the audit event.
+ */
+ public void testAuditConfiguration()
+ {
+ SecurityContext sc = SecurityContextFactory.createSecurityContext("test");
+ AuditManager am = sc.getAuditManager();
+ AuditEvent ae = new AuditEvent(AuditLevel.ERROR);
+ am.audit(ae);
+
+ //Now check that the Audit Event has been placed on the thread local
+ //by our TestAuditProvider
+ AuditEvent aev = (AuditEvent) AuditTestAssociation.auditEventLocal.get();
+ assertEquals("Audit events are the same", ae, aev);
+ }
+
+
+ private void setUpSecurityConfiguration()
+ {
+ String p = TestAuditProvider.class.getName();
+
+ ApplicationPolicy ap = new ApplicationPolicy("test");
+ AuditInfo auditInfo = new AuditInfo("test");
+ AuditProviderEntry ape = new AuditProviderEntry(p);
+ auditInfo.add(ape);
+ ap.setAuditInfo(auditInfo);
+ SecurityConfiguration.addApplicationPolicy(ap);
+ }
+}
+</programlisting>
+
+ <para>The TestAudi Provider class is shown below:</para>
+
+ <programlisting>package org.jboss.test.audit;
+
+import org.jboss.security.audit.AbstractAuditProvider;
+import org.jboss.security.audit.AuditEvent;
+
+//$Id$
+
+/**
+ * Test Audit Provider that places the Audit Event on the
+ * thread local of AuditTestAssociation
+ */
+public class TestAuditProvider extends AbstractAuditProvider
+{
+ public TestAuditProvider()
+ {
+ }
+
+ @Override
+ public void audit(AuditEvent ae)
+ {
+ AuditTestAssociation.auditEventLocal.set(ae);
+ }
+} </programlisting>
+
+ <para>The AuditTestAssociation is a class with a threadlocal.</para>
+
+ <programlisting>package org.jboss.test.audit;
+
+/**
+ * A test class that stores a static thread local
+ */
+public class AuditTestAssociation
+{
+ public static ThreadLocal auditEventLocal = new ThreadLocal();
+}
+</programlisting>
+</chapter>
\ No newline at end of file
Added: projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleauthentication.xml
===================================================================
--- projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleauthentication.xml (rev 0)
+++ projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleauthentication.xml 2007-05-17 20:22:13 UTC (rev 63123)
@@ -0,0 +1,138 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<chapter id="exampleauthentication">
+ <title>Example of Authentication</title>
+
+ <para>Here is a test case for the usage of JBossSX
+ JBossAuthenticationManager.</para>
+
+ <programlisting>package org.jboss.test.authentication;
+
+import java.security.Principal;
+import java.util.HashMap;
+
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.auth.callback.AppCallbackHandler;
+import org.jboss.security.plugins.JBossAuthenticationManager;
+
+import junit.framework.TestCase;
+
+//$Id$
+
+/**
+ * Unit tests for the JBossAuthenticationManager
+ */
+public class JBossAuthenticationManagerUnitTestCase extends TestCase
+{
+ @Override
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ establishSecurityConfiguration();
+ }
+
+ public void testSecurityDomain() throws Exception
+ {
+ AuthenticationManager am = new JBossAuthenticationManager("test1",
+ new AppCallbackHandler("a","b".toCharArray()));
+ assertEquals("test1", am.getSecurityDomain());
+ }
+
+ public void testLogin() throws Exception
+ {
+ Principal p = new SimplePrincipal("jduke");
+ AppCallbackHandler acbh = new AppCallbackHandler("jduke","theduke".toCharArray());
+ AuthenticationManager am = new JBossAuthenticationManager("test",acbh);
+ assertTrue(am.isValid(p, "theduke"));
+ assertNotNull("Subject is valid",am.getActiveSubject());
+ assertTrue("Principal is present",
+ am.getActiveSubject().getPrincipals().contains(p));
+ }
+
+ public void testUnsuccessfulLogin() throws Exception
+ {
+ Principal p = new SimplePrincipal("jduke");
+ AppCallbackHandler acbh = new AppCallbackHandler("jduke","bad".toCharArray());
+ AuthenticationManager am = new JBossAuthenticationManager("test",acbh);
+ assertFalse(am.isValid(p, "bad"));
+ }
+
+ public void testSecurityCache() throws Exception
+ {
+ Principal p = new SimplePrincipal("jduke");
+ AppCallbackHandler acbh = new AppCallbackHandler("jduke","theduke".toCharArray());
+ JBossAuthenticationManager am = new JBossAuthenticationManager("test",acbh);
+ assertFalse("Cache Validation is false", am.fromCache());
+ assertTrue(am.isValid(p, "theduke"));
+ assertNotNull("Subject is valid",am.getActiveSubject());
+ assertTrue("Principal is present",
+ am.getActiveSubject().getPrincipals().contains(p));
+ assertFalse("Cache Validation is false", am.fromCache());
+ assertTrue(am.isValid(p, "theduke"));
+ assertTrue("Cache Validation", am.fromCache());
+ assertTrue(am.isValid(p, "theduke"));
+ assertTrue("Cache Validation", am.fromCache());
+
+ acbh = new AppCallbackHandler("jduke","dummy".toCharArray());
+ am = new JBossAuthenticationManager("test",acbh);
+ assertFalse(am.isValid(p, "dummy"));
+ assertFalse("Cache Validation is false", am.fromCache());
+ }
+
+ public void testSecurityCacheInjection() throws Exception
+ {
+ Principal p = new SimplePrincipal("jduke");
+ AppCallbackHandler acbh = new AppCallbackHandler("jduke","theduke".toCharArray());
+ JBossAuthenticationManager am = new JBossAuthenticationManager("test",acbh);
+ am.setSecurityCache(TestSecurityCache.class.getName());
+ assertFalse("Cache Validation is false", am.fromCache());
+ assertTrue(am.isValid(p, "theduke"));
+ assertNotNull("Subject is valid",am.getActiveSubject());
+ assertTrue("Principal is present",
+ am.getActiveSubject().getPrincipals().contains(p));
+ assertFalse("Cache Validation is false", am.fromCache());
+ assertTrue(am.isValid(p, "theduke"));
+ assertTrue("Cache Validation", am.fromCache());
+ assertTrue(am.isValid(p, "theduke"));
+ assertTrue("Cache Validation", am.fromCache());
+
+ acbh = new AppCallbackHandler("jduke","dummy".toCharArray());
+ am = new JBossAuthenticationManager("test",acbh);
+ assertFalse(am.isValid(p, "dummy"));
+ assertFalse("Cache Validation is false", am.fromCache());
+ }
+
+ private void establishSecurityConfiguration()
+ {
+ Configuration.setConfiguration(new TestConfig());
+ }
+
+ public class TestConfig extends Configuration
+ {
+ @Override
+ public AppConfigurationEntry[] getAppConfigurationEntry(String name)
+ {
+ HashMap map = new HashMap();
+ map.put("usersProperties", "users.properties");
+ map.put("rolesProperties", "roles.properties");
+ String moduleName = "org.jboss.security.auth.spi.UsersRolesLoginModule";
+ AppConfigurationEntry ace = new AppConfigurationEntry(moduleName,
+ LoginModuleControlFlag.REQUIRED, map);
+
+ return new AppConfigurationEntry[]{ace};
+ }
+
+ @Override
+ public void refresh()
+ {
+ }
+ }
+}</programlisting>
+
+ <para>The test case requires the establishment of the JAAS
+ configuration.</para>
+</chapter>
\ No newline at end of file
Added: projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleauthorization.xml
===================================================================
--- projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleauthorization.xml (rev 0)
+++ projects/security/security-docs/trunk/docs/guide/en/modules/examples/exampleauthorization.xml 2007-05-17 20:22:13 UTC (rev 63123)
@@ -0,0 +1,102 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<chapter id="exampleauthorization">
+ <title>Example of Authorization</title>
+
+ <para>Here is a test case for the usage of JBossSX
+ JBossAuthorizationManager. This test case tests the use of authorization
+ module for the web layer. The default authorization module for the web layer
+ permits all, because the decision is made by Tomcat RealmBase. Noite the
+ introduction of the AuthorizationModule entry into the AuthorizationInfo in
+ the ApplicationPolicy object that gets set on the
+ SecurityConfiguration.</para>
+
+ <programlisting>package org.jboss.test.authorization;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.HashMap;
+
+import javax.security.auth.Subject;
+import javax.security.jacc.PolicyContext;
+
+import org.jboss.security.AuthorizationManager;
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SimpleGroup;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.authorization.ResourceKeys;
+import org.jboss.security.authorization.config.AuthorizationModuleEntry;
+import org.jboss.security.authorization.resources.WebResource;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.AuthorizationInfo;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.security.jacc.SubjectPolicyContextHandler;
+import org.jboss.security.plugins.JBossAuthorizationManager;
+import org.jboss.security.plugins.SecurityContextAssociation;
+import org.jboss.security.plugins.SecurityContextFactory;
+import org.jboss.test.authorization.xacml.TestHttpServletRequest;
+
+import junit.framework.TestCase;
+
+/**
+ * Unit test the JBossAuthorizationManager
+ */
+public class JBossAuthorizationManagerUnitTestCase extends TestCase
+{
+ private Principal p = new SimplePrincipal("jduke");
+ private String contextID = "web.jar";
+ private String uri = "/xacml-subjectrole/test";
+
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ setSecurityContext();
+ setUpPolicyContext();
+ setSecurityConfiguration();
+ }
+
+ public void testAuthorization() throws Exception
+ {
+ HashMap cmap = new HashMap();
+ cmap.put(ResourceKeys.WEB_REQUEST, new TestHttpServletRequest(p,"test", "get"));
+ WebResource wr = new WebResource(cmap);
+ AuthorizationManager am = new JBossAuthorizationManager("other");
+ am.authorize(wr);//This should just pass as the default module PERMITS all
+ }
+
+ private Group getRoleGroup()
+ {
+ Group gp = new SimpleGroup(SecurityConstants.ROLES_IDENTIFIER);
+ gp.addMember(new SimplePrincipal("ServletUserRole"));
+ return gp;
+ }
+
+ private void setSecurityContext()
+ {
+ Subject subj = new Subject();
+ subj.getPrincipals().add(p);
+ SecurityContext sc = SecurityContextFactory.createSecurityContext("other");
+ sc.getUtil().createSubjectInfo(p, "cred", subj);
+ sc.getUtil().setRoles(getRoleGroup());
+ SecurityContextAssociation.setSecurityContext(sc);
+ }
+
+ private void setUpPolicyContext() throws Exception
+ {
+ PolicyContext.setContextID(contextID);
+ PolicyContext.registerHandler(SecurityConstants.SUBJECT_CONTEXT_KEY,
+ new SubjectPolicyContextHandler(), true);
+ }
+
+ private void setSecurityConfiguration() throws Exception
+ {
+ String name = "org.jboss.security.authorization.modules.web.WebAuthorizationModule";
+ ApplicationPolicy ap = new ApplicationPolicy("other");
+ AuthorizationInfo ai = new AuthorizationInfo("other");
+ AuthorizationModuleEntry ame = new AuthorizationModuleEntry(name);
+ ai.add(ame);
+ ap.setAuthorizationInfo(ai);
+ SecurityConfiguration.addApplicationPolicy(ap);
+ }
+}</programlisting>
+</chapter>
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list