[jboss-cvs] JBossAS SVN: r70125 - in projects/security/security-spi/trunk/spi/src: tests/org/jboss/test/security and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Feb 26 14:01:25 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-02-26 14:01:25 -0500 (Tue, 26 Feb 2008)
New Revision: 70125
Added:
projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/
projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/FedIdentityObject.java
projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/SubjectInfoUnitTestCase.java
projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/TestSecurityContext.java
projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/TestSecurityContextUtil.java
Modified:
projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SecurityContextUtil.java
projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SecurityIdentity.java
projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SubjectInfo.java
Log:
SECURITY-123: Identity interface extensions
Modified: projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SecurityContextUtil.java
===================================================================
--- projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SecurityContextUtil.java 2008-02-26 19:00:55 UTC (rev 70124)
+++ projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SecurityContextUtil.java 2008-02-26 19:01:25 UTC (rev 70125)
@@ -22,12 +22,15 @@
package org.jboss.security;
import java.security.Principal;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
import javax.security.auth.Subject;
+import org.jboss.security.identity.Identity;
import org.jboss.security.identity.RoleGroup;
-//$Id$
/**
* General Utility methods for dealing with the SecurityContext
@@ -110,6 +113,57 @@
}
/**
+ * Create a SubjectInfo
+ * @param identity
+ * @param theSubject The AuthenticatedSubject(can be null)
+ */
+ public void createSubjectInfo(Identity identity, Subject theSubject)
+ {
+ this.securityContext.setSubjectInfo(new SubjectInfo(identity, theSubject));
+ }
+
+ /**
+ * Add an Identity to the Security Context
+ * @param id
+ */
+ public void addIdentity(Identity id)
+ {
+ this.securityContext.getSubjectInfo().addIdentity(id);
+ }
+
+ /**
+ * Get a set of identities of a particular type
+ * @param clazz
+ * @return
+ */
+ public Set<Identity> getIdentities(Class<?> clazz)
+ {
+ Set<Identity> resultSet = new HashSet<Identity>();
+
+ Set<Identity> ids = this.securityContext.getSubjectInfo().getIdentities();
+ if(ids != null)
+ {
+ Iterator<Identity> iter = ids.iterator();
+ while(iter.hasNext())
+ {
+ Identity id = iter.next();
+ if(clazz.isAssignableFrom(id.getClass()))
+ resultSet.add(id);
+ }
+ }
+ return resultSet;
+ }
+
+ /**
+ * Set the Identities into the Security Context
+ * @param idSet
+ */
+ public void setIdentities(Set<Identity> idSet)
+ {
+ this.securityContext.getSubjectInfo().setIdentities(idSet);
+ }
+
+ /**
* Set an object on the Security Context
* The context implementation may place the object in its internal
* data structures (like the Data Map)
@@ -127,7 +181,7 @@
* @param key key identifies the type of object we are requesting
* @return
*/
- public abstract <T> T get(String key);
+ public abstract <T> T get(String key);
/**
* Remove an object represented by the key from the security context
@@ -137,4 +191,4 @@
* @return the removed object
*/
public abstract <T> T remove(String key);
-}
+}
\ No newline at end of file
Modified: projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SecurityIdentity.java
===================================================================
--- projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SecurityIdentity.java 2008-02-26 19:00:55 UTC (rev 70124)
+++ projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SecurityIdentity.java 2008-02-26 19:01:25 UTC (rev 70125)
@@ -25,7 +25,8 @@
import javax.security.auth.Subject;
-//$Id$
+import org.jboss.security.identity.extensions.CredentialIdentity;
+
/**
* Represents an Identity of an agent interacting with the
@@ -37,7 +38,7 @@
*/
public class SecurityIdentity
{
- SubjectInfo theSubject = null;
+ SubjectInfo theSubjectInfo= null;
RunAs runAs = null;
RunAs callerRunAs = null;
@@ -49,24 +50,36 @@
*/
public SecurityIdentity(SubjectInfo subject, RunAs outgoingRunAs, RunAs incomingRunAs)
{
- this.theSubject = subject;
+ this.theSubjectInfo = subject;
this.runAs = outgoingRunAs;
this.callerRunAs = incomingRunAs;
}
public Principal getPrincipal()
{
- return theSubject != null ? theSubject.getAuthenticationPrincipal() : null;
+ if(theSubjectInfo != null)
+ {
+ CredentialIdentity identity = theSubjectInfo.getIdentity(CredentialIdentity.class);
+ if(identity != null)
+ return identity.asPrincipal();
+ }
+ return null;
}
public Object getCredential()
{
- return theSubject != null ? theSubject.getAuthenticationCredential(): null;
+ if(theSubjectInfo != null)
+ {
+ CredentialIdentity identity = theSubjectInfo.getIdentity(CredentialIdentity.class);
+ if(identity != null)
+ return identity.getCredential();
+ }
+ return null;
}
public Subject getSubject()
{
- return theSubject != null ? theSubject.getAuthenticatedSubject() : null;
+ return theSubjectInfo != null ? theSubjectInfo.getAuthenticatedSubject() : null;
}
public RunAs getOutgoingRunAs()
@@ -78,4 +91,4 @@
{
return callerRunAs;
}
-}
+}
\ No newline at end of file
Modified: projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SubjectInfo.java
===================================================================
--- projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SubjectInfo.java 2008-02-26 19:00:55 UTC (rev 70124)
+++ projects/security/security-spi/trunk/spi/src/main/org/jboss/security/SubjectInfo.java 2008-02-26 19:01:25 UTC (rev 70125)
@@ -23,55 +23,51 @@
import java.io.Serializable;
import java.security.Principal;
+import java.util.HashSet;
+import java.util.Set;
import javax.security.auth.Subject;
+import org.jboss.security.identity.Identity;
import org.jboss.security.identity.RoleGroup;
+import org.jboss.security.identity.extensions.CredentialIdentityFactory;
//$Id$
/**
* Holds information - principal, credential and subject
+ * This class is handled by the Util class associated with the security context
+ * @see SecurityContextUtil
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
* @since Dec 26, 2006
* @version $Revision$
*/
public class SubjectInfo implements Serializable
{
- private static final long serialVersionUID = 1L;
- private Principal authenticationPrincipal;
- private Object authenticationCredential;
+ private static final long serialVersionUID = 1L;
private Subject authenticatedSubject;
private RoleGroup roles;
+ private Set<Identity> identities;
+
SubjectInfo(Principal principal, Object credential,Subject subject)
- {
- this.authenticationPrincipal = principal;
- this.authenticationCredential = credential;
+ {
+ this.addIdentity(CredentialIdentityFactory.createIdentity(principal, credential));
this.authenticatedSubject = subject;
- }
+ }
- public Principal getAuthenticationPrincipal()
+ /**
+ * Create a SubjectInfo
+ * @param identity
+ * @param theSubject
+ */
+ SubjectInfo(Identity identity, Subject theSubject)
{
- return authenticationPrincipal;
+ this.addIdentity(identity);
+ this.authenticatedSubject = theSubject;
}
- public void setAuthenticationPrincipal(Principal authenticationPrincipal)
- {
- this.authenticationPrincipal = authenticationPrincipal;
- }
-
- public Object getAuthenticationCredential()
- {
- return authenticationCredential;
- }
-
- public void setAuthenticationCredential(Object authenticationCredential)
- {
- this.authenticationCredential = authenticationCredential;
- }
-
public Subject getAuthenticatedSubject()
{
return authenticatedSubject;
@@ -91,4 +87,37 @@
{
this.roles = roles;
}
-}
+
+ public void addIdentity(Identity id)
+ {
+ if(identities == null)
+ identities = new HashSet<Identity>();
+ identities.add(id);
+ }
+
+ @SuppressWarnings("unchecked")
+ public <T> T getIdentity(Class<T> clazz)
+ {
+ if(this.identities != null)
+ {
+ for(Identity id:identities)
+ {
+ if(clazz.isAssignableFrom(id.getClass()))
+ return (T) id;
+ }
+ }
+ return null;
+ }
+
+ public Set<Identity> getIdentities()
+ {
+ return this.identities;
+ }
+
+ public void setIdentities(Set<Identity> ids)
+ {
+ if(identities == null)
+ identities = new HashSet<Identity>();
+ identities.addAll(ids);
+ }
+}
\ No newline at end of file
Added: projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/FedIdentityObject.java
===================================================================
--- projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/FedIdentityObject.java (rev 0)
+++ projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/FedIdentityObject.java 2008-02-26 19:01:25 UTC (rev 70125)
@@ -0,0 +1,35 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.securitycontext;
+
+//$Id$
+
+/**
+ * Some Federated Identity Object
+ * @author Anil.Saldhana at redhat.com
+ * @since Feb 25, 2008
+ * @version $Revision$
+ */
+public class FedIdentityObject
+{
+
+}
Added: projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/SubjectInfoUnitTestCase.java
===================================================================
--- projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/SubjectInfoUnitTestCase.java (rev 0)
+++ projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/SubjectInfoUnitTestCase.java 2008-02-26 19:01:25 UTC (rev 70125)
@@ -0,0 +1,120 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.securitycontext;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextFactory;
+import org.jboss.security.identity.Identity;
+import org.jboss.security.identity.Role;
+import org.jboss.security.identity.fed.SAMLIdentity;
+
+import junit.framework.TestCase;
+
+//$Id$
+
+/**
+ * SubjectInfo interface tests
+ * @author Anil.Saldhana at redhat.com
+ * @since Feb 25, 2008
+ * @version $Revision$
+ */
+public class SubjectInfoUnitTestCase extends TestCase
+{
+ private Identity identity = null;
+
+ public void testCreateSubjectInfo() throws Exception
+ {
+ Principal thePrincipal = new Principal()
+ {
+ public String getName()
+ {
+ return "Anil";
+ }
+ };
+
+ Subject theSubject = new Subject();
+ theSubject.getPrincipals().add(thePrincipal);
+ SecurityContext sc = SecurityContextFactory.createSecurityContext("TEST",
+ TestSecurityContext.class.getCanonicalName());
+ sc.getUtil().createSubjectInfo(thePrincipal, "pass", theSubject);
+
+ assertEquals(thePrincipal, sc.getUtil().getUserPrincipal());
+ assertEquals("pass", sc.getUtil().getCredential());
+ assertEquals(theSubject, sc.getUtil().getSubject());
+ }
+
+ public void testCreateFedIdentities() throws Exception
+ {
+ SecurityContext sc = SecurityContextFactory.createSecurityContext("TEST",
+ TestSecurityContext.class.getCanonicalName());
+
+ sc.getUtil().createSubjectInfo(getIdentity(), null);
+
+ Set<Identity> iset = sc.getUtil().getIdentities(SAMLIdentity.class);
+ assertEquals(1, iset.size());
+ assertEquals(getIdentity(), iset.iterator().next());
+ }
+
+ private Identity getIdentity()
+ {
+ if(identity == null)
+ identity = new SAMLIdentity<FedIdentityObject>()
+ {
+ public FedIdentityObject getSAMLObject()
+ {
+ return null;
+ }
+
+ public void setSAMLObject(FedIdentityObject t)
+ {
+ }
+
+ public Group asGroup()
+ {
+ return null;
+ }
+
+ public Principal asPrincipal()
+ {
+ return null;
+ }
+
+ public String getName()
+ {
+ return null;
+ }
+
+ public Role getRole()
+ {
+ return null;
+ }
+ };
+
+ return identity;
+ }
+}
\ No newline at end of file
Added: projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/TestSecurityContext.java
===================================================================
--- projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/TestSecurityContext.java (rev 0)
+++ projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/TestSecurityContext.java 2008-02-26 19:01:25 UTC (rev 70125)
@@ -0,0 +1,131 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.securitycontext;
+
+import java.util.Map;
+
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.AuthorizationManager;
+import org.jboss.security.ISecurityManagement;
+import org.jboss.security.RunAs;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextUtil;
+import org.jboss.security.SubjectInfo;
+import org.jboss.security.audit.AuditManager;
+import org.jboss.security.identitytrust.IdentityTrustManager;
+import org.jboss.security.mapping.MappingManager;
+
+/**
+ * Test SecurityContext
+ * @author Anil.Saldhana at redhat.com
+ * @since Feb 25, 2008
+ * @version $Revision$
+ */
+public class TestSecurityContext implements SecurityContext
+{
+ private static final long serialVersionUID = 1L;
+ private String name;
+ private TestSecurityContextUtil util = new TestSecurityContextUtil(this);
+ private SubjectInfo subjectInfo;
+
+ public TestSecurityContext(String name)
+ {
+ this.name = name;
+ }
+
+ public Map<String, Object> getData()
+ {
+ return null;
+ }
+
+ public RunAs getIncomingRunAs()
+ {
+ return null;
+ }
+
+ public RunAs getOutgoingRunAs()
+ {
+ return null;
+ }
+
+ public String getSecurityDomain()
+ {
+ return name;
+ }
+
+ public ISecurityManagement getSecurityManagement()
+ {
+ return null;
+ }
+
+ public SubjectInfo getSubjectInfo()
+ {
+ return this.subjectInfo;
+ }
+
+ public SecurityContextUtil getUtil()
+ {
+ return util;
+ }
+
+ public void setIncomingRunAs(RunAs runAs)
+ {
+ }
+
+ public void setOutgoingRunAs(RunAs runAs)
+ {
+ }
+
+ public void setSecurityManagement(ISecurityManagement ism)
+ {
+ }
+
+ public void setSubjectInfo(SubjectInfo si)
+ {
+ this.subjectInfo = si;
+ }
+
+ public AuditManager getAuditManager()
+ {
+ return null;
+ }
+
+ public AuthenticationManager getAuthenticationManager()
+ {
+ return null;
+ }
+
+ public AuthorizationManager getAuthorizationManager()
+ {
+ return null;
+ }
+
+ public IdentityTrustManager getIdentityTrustManager()
+ {
+ return null;
+ }
+
+ public MappingManager getMappingManager()
+ {
+ return null;
+ }
+}
\ No newline at end of file
Added: projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/TestSecurityContextUtil.java
===================================================================
--- projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/TestSecurityContextUtil.java (rev 0)
+++ projects/security/security-spi/trunk/spi/src/tests/org/jboss/test/security/securitycontext/TestSecurityContextUtil.java 2008-02-26 19:01:25 UTC (rev 70125)
@@ -0,0 +1,111 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.securitycontext;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextUtil;
+import org.jboss.security.SecurityIdentity;
+import org.jboss.security.identity.RoleGroup;
+import org.jboss.security.identity.extensions.CredentialIdentity;
+
+/**
+ * Test Security Context Util
+ * @author Anil.Saldhana at redhat.com
+ * @since Feb 25, 2008
+ * @version $Revision$
+ */
+public class TestSecurityContextUtil extends SecurityContextUtil
+{
+ public TestSecurityContextUtil(SecurityContext sc)
+ {
+ this.securityContext = sc;
+ }
+
+ @Override
+ public <T> T get(String key)
+ {
+ return null;
+ }
+
+ @Override
+ public Object getCredential()
+ {
+ CredentialIdentity ci = this.securityContext.getSubjectInfo().getIdentity(CredentialIdentity.class);
+ return ci != null ? ci.getCredential() : null;
+ }
+
+ @Override
+ public RoleGroup getRoles()
+ {
+ return null;
+ }
+
+ @Override
+ public SecurityIdentity getSecurityIdentity()
+ {
+ return null;
+ }
+
+ @Override
+ public Subject getSubject()
+ {
+ return this.securityContext.getSubjectInfo().getAuthenticatedSubject();
+ }
+
+ @Override
+ public String getUserName()
+ {
+ return getUserPrincipal().getName();
+ }
+
+ @Override
+ public Principal getUserPrincipal()
+ {
+ CredentialIdentity ci = this.securityContext.getSubjectInfo().getIdentity(CredentialIdentity.class);
+ return ci != null ? ci.asPrincipal() : null;
+ }
+
+ @Override
+ public <T> T remove(String key)
+ {
+ return null;
+ }
+
+ @Override
+ public <T> void set(String key, T obj)
+ {
+ }
+
+ @Override
+ public void setRoles(RoleGroup roles)
+ {
+ }
+
+ @Override
+ public void setSecurityIdentity(SecurityIdentity si)
+ {
+ }
+}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list