[jboss-cvs] JBossAS SVN: r65268 - in projects/security/security-jboss-sx/trunk: src/main/org/jboss/security/identitytrust and 8 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Sun Sep 9 23:22:25 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-09-09 23:22:25 -0400 (Sun, 09 Sep 2007)
New Revision: 65268
Added:
projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securitycontext/TestSecurityContext.java
Modified:
projects/security/security-jboss-sx/trunk/pom.xml
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/identitytrust/JBossIdentityTrustContext.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContext.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/SecurityContextFactory.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/SubjectActions.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/authorization/JBossAuthorizationContext.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/identitytrust/JBossIdentityTrustManager.java
projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securitycontext/SecurityContextTestCase.java
projects/security/security-jboss-sx/trunk/src/tests/resources/opends/
projects/security/security-jboss-sx/trunk/src/tests/resources/opends/config/
projects/security/security-jboss-sx/trunk/src/tests/resources/opends/locks/
projects/security/security-jboss-sx/trunk/src/tests/resources/opends/logs/
Log:
security changes for friendly microcontainer integration
Modified: projects/security/security-jboss-sx/trunk/pom.xml
===================================================================
--- projects/security/security-jboss-sx/trunk/pom.xml 2007-09-10 02:06:24 UTC (rev 65267)
+++ projects/security/security-jboss-sx/trunk/pom.xml 2007-09-10 03:22:25 UTC (rev 65268)
@@ -141,9 +141,6 @@
<includes>
<include>**/**TestCase.java</include>
</includes>
- <excludes>
- <exclude>**/ldap/**</exclude>
- </excludes>
<forkMode>pertest</forkMode>
</configuration>
</plugin>
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/identitytrust/JBossIdentityTrustContext.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/identitytrust/JBossIdentityTrustContext.java 2007-09-10 02:06:24 UTC (rev 65267)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/identitytrust/JBossIdentityTrustContext.java 2007-09-10 03:22:25 UTC (rev 65268)
@@ -39,7 +39,7 @@
//$Id$
/**
- *
+ * Implementation of the Identity Trust Context
* @author Anil.Saldhana at redhat.com
* @since Aug 2, 2007
* @version $Revision$
@@ -47,15 +47,6 @@
public class JBossIdentityTrustContext extends IdentityTrustContext
{
protected Logger log = Logger.getLogger(JBossIdentityTrustContext.class);
-
- //Control Flag behavior
- private boolean encounteredRequiredDeny = false;
- private boolean encounteredRequiredNotApplicable = false;
- private boolean encounteredOptionalError = false;
- private IdentityTrustException moduleException = null;
- private TrustDecision overallDecision = TrustDecision.NotApplicable;
-
- private boolean encounteredRequiredPermit;
public JBossIdentityTrustContext(SecurityContext sc)
{
@@ -105,6 +96,8 @@
private void initializeModules() throws Exception
{
+ //Clear the modules
+ modules.clear();
String securityDomain = this.securityContext.getSecurityDomain();
//Get the Configuration
ApplicationPolicy aPolicy = SecurityConfiguration.getApplicationPolicy( securityDomain);
@@ -121,7 +114,7 @@
if(cf == null)
cf = ControlFlag.REQUIRED;
- this.controlFlags.add(cf);
+ this.controlFlags.add(cf);
modules.add(instantiateModule(itme.getName(), itme.getOptions()));
}
}
@@ -149,6 +142,14 @@
private TrustDecision invokeTrusted()
throws IdentityTrustException
{
+ //Control Flag behavior
+ boolean encounteredRequiredDeny = false;
+ boolean encounteredRequiredNotApplicable = false;
+ boolean encounteredOptionalError = false;
+ IdentityTrustException moduleException = null;
+ TrustDecision overallDecision = TrustDecision.NotApplicable;
+ boolean encounteredRequiredPermit = false;
+
TrustDecision decision = NOTAPPLICABLE;
int length = modules.size();
@@ -166,24 +167,24 @@
catch(Exception ae)
{
decision = NOTAPPLICABLE;
- if(this.moduleException == null)
- this.moduleException = new IdentityTrustException(ae);
+ if(moduleException == null)
+ moduleException = new IdentityTrustException(ae);
}
if(decision == PERMIT)
{
- this.overallDecision = PERMIT;
+ overallDecision = PERMIT;
if(flag == ControlFlag.REQUIRED)
- this.encounteredRequiredPermit = true;
+ encounteredRequiredPermit = true;
//SUFFICIENT case
- if(flag == ControlFlag.SUFFICIENT && this.encounteredRequiredDeny == false)
+ if(flag == ControlFlag.SUFFICIENT && encounteredRequiredDeny == false)
return PERMIT;
continue; //Continue with the other modules
}
if(decision == NOTAPPLICABLE && flag == ControlFlag.REQUIRED)
{
- this.encounteredRequiredNotApplicable = true;
+ encounteredRequiredNotApplicable = true;
continue; //Continue with the other modules
}
//Go through the failure cases
@@ -191,30 +192,30 @@
if(flag == ControlFlag.REQUISITE)
{
log.trace("REQUISITE failed for " + module);
- if(this.moduleException == null)
- this.moduleException = new IdentityTrustException("Authorization failed");
+ if(moduleException == null)
+ moduleException = new IdentityTrustException("Authorization failed");
else
- throw this.moduleException;
+ throw moduleException;
}
//REQUIRED Case
if(flag == ControlFlag.REQUIRED)
{
log.trace("REQUIRED failed for " + module);
- this.encounteredRequiredDeny = true;
+ encounteredRequiredDeny = true;
}
if(flag == ControlFlag.OPTIONAL)
- this.encounteredOptionalError = true;
+ encounteredOptionalError = true;
}
//All the authorization modules have been visited.
- if(this.encounteredRequiredDeny)
+ if(encounteredRequiredDeny)
return DENY;
- if(this.overallDecision == DENY && this.encounteredOptionalError)
+ if(overallDecision == DENY && encounteredOptionalError)
return DENY;
- if(this.overallDecision == DENY)
+ if(overallDecision == DENY)
return DENY;
- if(this.encounteredRequiredNotApplicable && !encounteredRequiredPermit)
+ if(encounteredRequiredNotApplicable && !encounteredRequiredPermit)
return NOTAPPLICABLE;
return PERMIT;
}
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java 2007-09-10 02:06:24 UTC (rev 65267)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java 2007-09-10 03:22:25 UTC (rev 65268)
@@ -80,6 +80,8 @@
private CallbackHandler callbackHandler = null;
+ private AuthorizationContext authorizationContext = null;
+
public JBossAuthorizationManager(String securityDomainName)
{
this.securityDomain = securityDomainName;
@@ -106,9 +108,10 @@
{
log.error("Error obtaining AuthenticatedSubject:",e);
}
- AuthorizationContext ac = new JBossAuthorizationContext(this.securityDomain,subject,
- this.callbackHandler );
- return ac.authorize(resource);
+ if(this.authorizationContext == null)
+ this.authorizationContext = new JBossAuthorizationContext(this.securityDomain,subject,
+ this.callbackHandler );
+ return this.authorizationContext.authorize(resource);
}
/** Does the current Subject have a role(a Principal) that equates to one
@@ -275,6 +278,16 @@
}
//Value added methods
+ /**
+ * Set the AuthorizationContext
+ */
+ public void setAuthorizationContext(AuthorizationContext ac)
+ {
+ if(ac == null)
+ throw new IllegalArgumentException("AuthorizationContext is null");
+ this.authorizationContext = ac;
+ }
+
public String getSecurityDomain()
{
return this.securityDomain;
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContext.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContext.java 2007-09-10 02:06:24 UTC (rev 65267)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContext.java 2007-09-10 03:22:25 UTC (rev 65268)
@@ -11,6 +11,8 @@
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
+
+import javax.security.auth.callback.CallbackHandler;
import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
@@ -22,6 +24,7 @@
import org.jboss.security.SecurityUtil;
import org.jboss.security.SubjectInfo;
import org.jboss.security.audit.AuditManager;
+import org.jboss.security.auth.callback.SecurityAssociationHandler;
import org.jboss.security.identitytrust.IdentityTrustManager;
import org.jboss.security.mapping.MappingManager;
import org.jboss.security.plugins.audit.JBossAuditManager;
@@ -32,12 +35,21 @@
/**
* Implementation of the Security Context for the JBoss AS
+ *
+ * By default, the AuthenticationManager, AuthorizationManager look up is done
+ * from JNDI with ("java:/jaas/securityMgr" and "java:/jaas/authorizationMgr")
+ * respectively, for usage in the JBoss Application Server
+ *
+ * For Non-JNDI integration, set the system property
+ * "org.jboss.security.context.jndi" to "false" ("true" by default)
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
* @version $Revision$
* @since Aug 30, 2006
*/
public class JBossSecurityContext implements SecurityContext
{
+ public static final String JNDI_USAGE = "org.jboss.security.context.jndi";
+
private static final long serialVersionUID = 1L;
protected static final Logger log = Logger.getLogger(JBossSecurityContext.class);
protected boolean trace = log.isTraceEnabled();
@@ -51,6 +63,15 @@
protected RunAs incomingRunAs = null;
protected RunAs outgoingRunAs = null;
+ protected CallbackHandler callbackHandler = new SecurityAssociationHandler();
+
+ protected AuthenticationManager authenticationManager = null;
+ protected AuthorizationManager authorizationManager = null;
+ protected AuditManager auditManager = null;
+ protected MappingManager mappingManager = null;
+ protected IdentityTrustManager identityTrustManager = null;
+
+
public JBossSecurityContext(String securityDomain)
{
this.securityDomain = securityDomain;
@@ -63,15 +84,29 @@
*/
public AuthenticationManager getAuthenticationManager()
{
- return SecurityUtil.getAuthenticationManager(securityDomain);
+ if(this.authenticationManager == null)
+ {
+ if(this.isJNDIBased())
+ this.authenticationManager = SecurityUtil.getAuthenticationManager(securityDomain);
+ else
+ this.authenticationManager = new JBossAuthenticationManager(securityDomain, callbackHandler);
+ }
+ return this.authenticationManager;
}
-
+
/**
* @see SecurityContext#getAuthorizationManager()
*/
public AuthorizationManager getAuthorizationManager()
{
- return SecurityUtil.getAuthorizationManager(securityDomain);
+ if(this.authorizationManager == null)
+ {
+ if(this.isJNDIBased())
+ this.authorizationManager = SecurityUtil.getAuthorizationManager(securityDomain);
+ else
+ this.authorizationManager = new JBossAuthorizationManager(securityDomain);
+ }
+ return this.authorizationManager;
}
/**
@@ -101,7 +136,9 @@
*/
public AuditManager getAuditManager()
{
- return new JBossAuditManager(securityDomain);
+ if(this.auditManager == null)
+ this.auditManager = new JBossAuditManager(securityDomain);
+ return this.auditManager;
}
/**
@@ -109,7 +146,9 @@
*/
public MappingManager getMappingManager()
{
- return new JBossMappingManager(this.securityDomain);
+ if(this.mappingManager == null)
+ this.mappingManager = new JBossMappingManager(securityDomain);
+ return this.mappingManager;
}
/**
@@ -117,7 +156,9 @@
*/
public IdentityTrustManager getIdentityTrustManager()
{
- return new JBossIdentityTrustManager(this);
+ if(this.identityTrustManager == null)
+ this.identityTrustManager = new JBossIdentityTrustManager(this);
+ return this.identityTrustManager;
}
/**
@@ -191,7 +232,70 @@
return newGroup;
}
+ /**
+ * Set an AuthenticationManager
+ * @param am
+ */
+ public void setAuthenticationManager(AuthenticationManager am)
+ {
+ if(am == null)
+ throw new IllegalArgumentException("Null AuthenticationManager");
+ this.authenticationManager = am;
+ }
+ /**
+ * Set an AuthorizationManager
+ * @param am
+ */
+ public void setAuthorizationManager(AuthorizationManager am)
+ {
+ if(am == null)
+ throw new IllegalArgumentException("Null AuthorizationManager");
+ this.authorizationManager = am;
+ }
+
+ /**
+ * Set an AuditManager
+ * @param am
+ */
+ public void setAuditManager(AuditManager am)
+ {
+ if(am == null)
+ throw new IllegalArgumentException("Null AuditManager");
+ this.auditManager = am;
+ }
+
+ /**
+ * Set a Mapping Manager
+ * @param mm
+ */
+ public void setMappingManager(MappingManager mm)
+ {
+ if(mm == null)
+ throw new IllegalArgumentException("Null MappingManager");
+ this.mappingManager = mm;
+ }
+
+ /**
+ * Set an IdentityTrustManager
+ * @param itm
+ */
+ public void setIdentityTrustManager(IdentityTrustManager itm)
+ {
+ if(itm == null)
+ throw new IllegalArgumentException("Null IdentityTrustManager");
+ this.identityTrustManager = itm;
+ }
+
+ /**
+ * Set the CallbackHandler for the Managers in the SecurityContext
+ * @param callbackHandler
+ */
+ public void setCallbackHandler(CallbackHandler callbackHandler)
+ {
+ this.callbackHandler = callbackHandler;
+ }
+
@Override
public Object clone() throws CloneNotSupportedException
{
@@ -199,6 +303,12 @@
if(jsc != null)
jsc.contextData = (Map<String, Object>) ((HashMap)contextData).clone();
return super.clone();
+ }
+
+ private boolean isJNDIBased()
+ {
+ //JNDI usage
+ String val = SubjectActions.getSystemProperty(JNDI_USAGE, "false");
+ return val == null || "true".equalsIgnoreCase(val);
}
-
}
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/SecurityContextFactory.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/SecurityContextFactory.java 2007-09-10 02:06:24 UTC (rev 65267)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/SecurityContextFactory.java 2007-09-10 03:22:25 UTC (rev 65268)
@@ -21,6 +21,7 @@
*/
package org.jboss.security.plugins;
+import java.lang.reflect.Constructor;
import java.security.Principal;
import javax.security.auth.Subject;
@@ -37,7 +38,7 @@
* @version $Revision$
*/
public class SecurityContextFactory
-{
+{
/**
* Create a security context
* @param securityDomain Security Domain driving the context
@@ -50,6 +51,22 @@
}
/**
+ * Construct a SecurityContext
+ * @param securityDomain The Security Domain
+ * @param fqnClass Fully Qualified Name of the SecurityContext Class
+ * @return an instance of SecurityContext
+ * @throws Exception
+ */
+ public static SecurityContext createSecurityContext(String securityDomain,
+ String fqnClass) throws Exception
+ {
+ Class clazz = getContextClass(fqnClass);
+ //Get the CTR
+ Constructor ctr = clazz.getConstructor(new Class[]{String.class});
+ return (SecurityContext) ctr.newInstance(new Object[]{securityDomain});
+ }
+
+ /**
* Create a security context
* @param p Principal
* @param cred Credential
@@ -66,6 +83,25 @@
return jsc;
}
+ /**
+ * Create a security context
+ * @param p Principal
+ * @param cred Credential
+ * @param s Subject
+ * @param securityDomain SecurityDomain
+ * @param fqnClass FQN of the SecurityContext class to be instantiated
+ * @return
+ * @see #createSecurityContext(String)
+ * @throws Exception
+ */
+ public static SecurityContext createSecurityContext(Principal p,
+ Object cred,Subject s, String securityDomain, String fqnClass)
+ throws Exception
+ {
+ SecurityContext sc = createSecurityContext(securityDomain, fqnClass);
+ sc.getUtil().createSubjectInfo(p,cred,s);
+ return sc;
+ }
/**
* Return an instance of the SecurityContextUtil
@@ -75,4 +111,10 @@
{
return new JBossSecurityContextUtil(sc);
}
+
+ private static Class getContextClass(String className) throws Exception
+ {
+ ClassLoader tcl = SubjectActions.getContextClassLoader();
+ return tcl.loadClass(className);
+ }
}
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/SubjectActions.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/SubjectActions.java 2007-09-10 02:06:24 UTC (rev 65267)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/SubjectActions.java 2007-09-10 03:22:25 UTC (rev 65268)
@@ -43,6 +43,7 @@
/** Common PrivilegedAction used by classes in this package.
*
* @author Scott.Stark at jboss.org
+ * @author Anil.Saldhana at redhat.com
* @version $Revision$
*/
class SubjectActions
@@ -402,4 +403,15 @@
}}
);
}
+
+ static String getSystemProperty(final String key, final String defaultValue)
+ {
+ return (String)AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ return System.getProperty(key,defaultValue);
+ }}
+ );
+ }
}
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/authorization/JBossAuthorizationContext.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/authorization/JBossAuthorizationContext.java 2007-09-10 02:06:24 UTC (rev 65267)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/authorization/JBossAuthorizationContext.java 2007-09-10 03:22:25 UTC (rev 65268)
@@ -68,12 +68,6 @@
//Application Policy can be injected
private ApplicationPolicy applicationPolicy = null;
- //Control Flag behavior
- private boolean encounteredRequiredError = false;
- private boolean encounteredOptionalError = false;
- private AuthorizationException moduleException = null;
- private int overallDecision = DENY;
-
public JBossAuthorizationContext(String name, Subject subject,
CallbackHandler handler)
{
@@ -179,6 +173,12 @@
private int invokeAuthorize(Resource resource)
throws AuthorizationException
{
+ //Control Flag behavior
+ boolean encounteredRequiredError = false;
+ boolean encounteredOptionalError = false;
+ AuthorizationException moduleException = null;
+ int overallDecision = DENY;
+
int length = modules.size();
for(int i = 0; i < length; i++)
{
@@ -192,15 +192,15 @@
catch(Exception ae)
{
decision = DENY;
- if(this.moduleException == null)
- this.moduleException = new AuthorizationException(ae.getMessage());
+ if(moduleException == null)
+ moduleException = new AuthorizationException(ae.getMessage());
}
if(decision == PERMIT)
{
- this.overallDecision = PERMIT;
+ overallDecision = PERMIT;
//SUFFICIENT case
- if(flag == ControlFlag.SUFFICIENT && this.encounteredRequiredError == false)
+ if(flag == ControlFlag.SUFFICIENT && encounteredRequiredError == false)
return PERMIT;
continue; //Continue with the other modules
}
@@ -210,29 +210,29 @@
{
if(trace)
log.trace("REQUISITE failed for " + module);
- if(this.moduleException == null)
- this.moduleException = new AuthorizationException("Authorization failed");
+ if(moduleException == null)
+ moduleException = new AuthorizationException("Authorization failed");
else
- throw this.moduleException;
+ throw moduleException;
}
//REQUIRED Case
if(flag == ControlFlag.REQUIRED)
{
if(trace)
log.trace("REQUIRED failed for " + module);
- if(this.encounteredRequiredError == false)
- this.encounteredRequiredError = true;
+ if(encounteredRequiredError == false)
+ encounteredRequiredError = true;
}
if(flag == ControlFlag.OPTIONAL)
- this.encounteredOptionalError = true;
+ encounteredOptionalError = true;
}
//All the authorization modules have been visited.
- if(this.encounteredRequiredError)
+ if(encounteredRequiredError)
throw new AuthorizationException("Authorization Failed");
- if(this.overallDecision == DENY && this.encounteredOptionalError)
+ if(overallDecision == DENY && encounteredOptionalError)
throw new AuthorizationException("Authorization Failed");
- if(this.overallDecision == DENY)
+ if(overallDecision == DENY)
throw new AuthorizationException("Authorization Failed:No modules active.");
return PERMIT;
}
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/identitytrust/JBossIdentityTrustManager.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/identitytrust/JBossIdentityTrustManager.java 2007-09-10 02:06:24 UTC (rev 65267)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/identitytrust/JBossIdentityTrustManager.java 2007-09-10 03:22:25 UTC (rev 65268)
@@ -40,21 +40,34 @@
{
protected static Logger log = Logger.getLogger(JBossIdentityTrustManager.class);
private SecurityContext securityContext;
+ private IdentityTrustContext identityTrustContext = null;
public JBossIdentityTrustManager(SecurityContext sc)
{
this.securityContext = sc;
}
+
+ public void setIdentityTrustContext(IdentityTrustContext itc)
+ {
+ if(itc == null)
+ throw new IllegalArgumentException("null Identity Trust Context");
+ this.identityTrustContext = itc;
+ }
+
/**
* @see IdentityTrustManager#isTrusted()
*/
public TrustDecision isTrusted()
- {
+ {
+ if(this.identityTrustContext == null)
+ this.identityTrustContext = new JBossIdentityTrustContext(securityContext);
TrustDecision td = TrustDecision.NotApplicable;
- IdentityTrustContext itc = new JBossIdentityTrustContext(securityContext);
+ if(this.identityTrustContext == null)
+ throw new IllegalStateException("IdentityTrustContext is null");
+
try
{
- td = itc.isTrusted();
+ td = this.identityTrustContext.isTrusted();
}
catch (IdentityTrustException e)
{
Modified: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securitycontext/SecurityContextTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securitycontext/SecurityContextTestCase.java 2007-09-10 02:06:24 UTC (rev 65267)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securitycontext/SecurityContextTestCase.java 2007-09-10 03:22:25 UTC (rev 65268)
@@ -25,11 +25,17 @@
import java.util.List;
import javax.security.auth.Subject;
-
+
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.AuthorizationManager;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.audit.AuditManager;
import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.security.identitytrust.IdentityTrustManager;
import org.jboss.security.mapping.MappingContext;
import org.jboss.security.mapping.providers.DeploymentRolesMappingProvider;
import org.jboss.security.plugins.JBossSecurityContext;
+import org.jboss.security.plugins.SecurityContextFactory;
//$Id$
@@ -77,4 +83,28 @@
modules.get(0) instanceof DeploymentRolesMappingProvider);
}
+ public void testSecurityContextFactory() throws Exception
+ {
+ SecurityContext sc = SecurityContextFactory.createSecurityContext(securityDomain);
+ assertTrue("Instance of JBossSecurityContext", sc instanceof JBossSecurityContext);
+ //Create an instance of TestSecurityContext
+ sc = SecurityContextFactory.createSecurityContext(securityDomain,
+ TestSecurityContext.class.getName());
+ assertTrue("Instance of TestSecurityContext", sc instanceof TestSecurityContext);
+ }
+
+ public void testManagersFromJBossSecurityContext() throws Exception
+ {
+ //Establish the non-JNDI usage
+ System.setProperty(JBossSecurityContext.JNDI_USAGE, "false");
+ JBossSecurityContext sc = this.getSC("other");
+ AuthenticationManager authManager = sc.getAuthenticationManager();
+ assertNotNull("AuthenticationManager is not null", authManager);
+ AuthorizationManager authorizationMgr = sc.getAuthorizationManager();
+ assertNotNull("AuthorizationManager is not null", authorizationMgr);
+ AuditManager auditManager = sc.getAuditManager();
+ assertNotNull("AuditManager is not null", auditManager);
+ IdentityTrustManager itm = sc.getIdentityTrustManager();
+ assertNotNull("IdentityTrustManager is not null", auditManager);
+ }
}
Added: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securitycontext/TestSecurityContext.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securitycontext/TestSecurityContext.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securitycontext/TestSecurityContext.java 2007-09-10 03:22:25 UTC (rev 65268)
@@ -0,0 +1,117 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.securitycontext;
+
+import java.util.Map;
+
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.AuthorizationManager;
+import org.jboss.security.RunAs;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextUtil;
+import org.jboss.security.SubjectInfo;
+import org.jboss.security.audit.AuditManager;
+import org.jboss.security.identitytrust.IdentityTrustManager;
+import org.jboss.security.mapping.MappingManager;
+
+//$Id$
+
+/**
+ * Test Security Context
+ * @author Anil.Saldhana at redhat.com
+ * @since Sep 8, 2007
+ * @version $Revision$
+ */
+public class TestSecurityContext implements SecurityContext
+{
+ private static final long serialVersionUID = 1L;
+
+ public TestSecurityContext(String secDomain)
+ {
+ }
+
+ public AuditManager getAuditManager()
+ {
+ return null;
+ }
+
+ public AuthenticationManager getAuthenticationManager()
+ {
+ return null;
+ }
+
+ public AuthorizationManager getAuthorizationManager()
+ {
+ return null;
+ }
+
+ public Map<String, Object> getData()
+ {
+ return null;
+ }
+
+ public IdentityTrustManager getIdentityTrustManager()
+ {
+ return null;
+ }
+
+ public RunAs getIncomingRunAs()
+ {
+ return null;
+ }
+
+ public MappingManager getMappingManager()
+ {
+ return null;
+ }
+
+ public RunAs getOutgoingRunAs()
+ {
+ return null;
+ }
+
+ public String getSecurityDomain()
+ {
+ return null;
+ }
+
+ public SubjectInfo getSubjectInfo()
+ {
+ return null;
+ }
+
+ public SecurityContextUtil getUtil()
+ {
+ return null;
+ }
+
+ public void setIncomingRunAs(RunAs arg0)
+ {
+ }
+ public void setOutgoingRunAs(RunAs arg0)
+ {
+ }
+
+ public void setSubjectInfo(SubjectInfo arg0)
+ {
+ }
+}
Property changes on: projects/security/security-jboss-sx/trunk/src/tests/resources/opends
___________________________________________________________________
Name: svn:ignore
+ db
Property changes on: projects/security/security-jboss-sx/trunk/src/tests/resources/opends/config
___________________________________________________________________
Name: svn:ignore
+ archived-configs
Property changes on: projects/security/security-jboss-sx/trunk/src/tests/resources/opends/locks
___________________________________________________________________
Name: svn:ignore
+
Property changes on: projects/security/security-jboss-sx/trunk/src/tests/resources/opends/logs
___________________________________________________________________
Name: svn:ignore
+ [09/Sep/2007:20:37:30 -0500] category=CONFIG severity=NOTICE msgID=3605006 msg=Access control has been enabled and will use the org.opends.server.authorization.dseecompat.AciHandler implementation
[09/Sep/2007:20:37:31 -0500] category=JEB severity=NOTICE msgID=8847402 msg=The database backend userRoot containing 0 entries has started
[09/Sep/2007:20:37:31 -0500] category=CORE severity=NOTICE msgID=458887 msg=The Directory Server has started successfully
[09/Sep/2007:20:37:31 -0500] category=CORE severity=NOTICE msgID=458891 msg=The Directory Server has sent an alert notification generated by class org.opends.server.core.DirectoryServer (alert type org.opends.server.DirectoryServerStarted, alert ID 458887): The Directory Server has started successfully
[09/Sep/2007:20:37:32 -0500] category=CORE severity=NOTICE msgID=458891 msg=The Directory Server has sent an alert notification generated by class org.opends.server.core.DirectoryServer (alert type org.opends.server.DirectoryServerShutdown, alert ID 458893): The Directory Server has started the shutdown process. The shutdown was initiated by an instance of class org.jboss.test.security.ldap.OpenDSUnitTestCase and the reason provided for the shutdown was
[09/Sep/2007:20:37:32 -0500] category=CORE severity=NOTICE msgID=458955 msg=The Directory Server is now stopped
[09/Sep/2007:20:38:36 -0500] category=CONFIG severity=NOTICE msgID=3605006 msg=Access control has been enabled and will use the org.opends.server.authorization.dseecompat.AciHandler implementation
[09/Sep/2007:20:38:37 -0500] category=JEB severity=NOTICE msgID=8847402 msg=The database backend userRoot containing 0 entries has started
[09/Sep/2007:20:38:38 -0500] category=CORE severity=NOTICE msgID=458887 msg=The Directory Server has started successfully
[09/Sep/2007:20:38:38 -0500] category=CORE severity=NOTICE msgID=458891 msg=The Directory Server has sent an alert notification generated by class org.opends.server.core.DirectoryServer (alert type org.opends.server.DirectoryServerStarted, alert ID 458887): The Directory Server has started successfully
[09/Sep/2007:20:38:38 -0500] category=CORE severity=NOTICE msgID=458891 msg=The Directory Server has sent an alert notification generated by class org.opends.server.core.DirectoryServer (alert type org.opends.server.DirectoryServerShutdown, alert ID 458893): The Directory Server has started the shutdown process. The shutdown was initiated by an instance of class org.jboss.test.security.ldap.OpenDSUnitTestCase and the reason provided for the shutdown was
[09/Sep/2007:20:38:38 -0500] category=CORE severity=NOTICE msgID=458955 msg=The Directory Server is now stopped
More information about the jboss-cvs-commits
mailing list