[jboss-cvs] JBossAS SVN: r75459 - in projects/security/security-jboss-sx/trunk/jbosssx/src: tests/org/jboss/test/security/config and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jul 7 20:44:36 EDT 2008
Author: sguilhen at redhat.com
Date: 2008-07-07 20:44:36 -0400 (Mon, 07 Jul 2008)
New Revision: 75459
Modified:
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/auth/login/JASPIAuthenticationInfo.java
projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java
projects/security/security-jboss-sx/trunk/jbosssx/src/tests/resources/config/securityConfig5.xml
Log:
SECURITY-262: merge has been overrided in JASPIAuthenticationInfo to also merge the stacks of login modules. A test scenario was added to check the jaspi authentication extension.
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/auth/login/JASPIAuthenticationInfo.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/auth/login/JASPIAuthenticationInfo.java 2008-07-08 00:11:05 UTC (rev 75458)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/auth/login/JASPIAuthenticationInfo.java 2008-07-08 00:44:36 UTC (rev 75459)
@@ -24,7 +24,6 @@
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
-import java.util.Iterator;
import java.util.Map;
import java.util.Map.Entry;
@@ -39,16 +38,28 @@
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
* @since Dec 21, 2005
*/
- at SuppressWarnings("unchecked")
public class JASPIAuthenticationInfo extends BaseAuthenticationInfo
{
- Map loginModuleStack = Collections.synchronizedMap(new HashMap());
+ Map<String, LoginModuleStackHolder> loginModuleStack = Collections
+ .synchronizedMap(new HashMap<String, LoginModuleStackHolder>());
+ /**
+ * <p>
+ * Creates an instance of {@code JASPIAuthenticationInfo}.
+ * </p>
+ */
public JASPIAuthenticationInfo()
{
super();
}
+ /**
+ * <p>
+ * Creates an instance of {@code JASPIAuthenticationInfo} with the specified name.
+ * </p>
+ *
+ * @param name the name of the enclosing {@code ApplicationPolicy}.
+ */
public JASPIAuthenticationInfo(String name)
{
super(name);
@@ -73,13 +84,13 @@
public LoginModuleStackHolder getLoginModuleStackHolder(String name)
{
- LoginModuleStackHolder info = (LoginModuleStackHolder) loginModuleStack.get(name);
+ LoginModuleStackHolder info = loginModuleStack.get(name);
return info;
}
public LoginModuleStackHolder[] getLoginModuleStackHolder()
{
- ArrayList alist = new ArrayList(this.loginModuleStack.values());
+ ArrayList<LoginModuleStackHolder> alist = new ArrayList<LoginModuleStackHolder>(this.loginModuleStack.values());
LoginModuleStackHolder[] lmshArr = new LoginModuleStackHolder[alist.size()];
alist.toArray(lmshArr);
return lmshArr;
@@ -87,7 +98,7 @@
public LoginModuleStackHolder removeLoginModuleStackHolder(String name)
{
- LoginModuleStackHolder info = (LoginModuleStackHolder) loginModuleStack.remove(name);
+ LoginModuleStackHolder info = loginModuleStack.remove(name);
return info;
}
@@ -97,7 +108,45 @@
moduleEntries.addAll(pc.moduleEntries);
}
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.auth.login.BaseAuthenticationInfo#create(java.lang.String)
+ */
@Override
+ protected BaseSecurityInfo<Object> create(String name)
+ {
+ return new JASPIAuthenticationInfo(name);
+ }
+
+ /**
+ * <p>
+ * Overriden to include the stacks of login modules in the merged object.
+ * </p>
+ */
+ @Override
+ public BaseSecurityInfo<Object> merge(BaseSecurityInfo<Object> bi)
+ {
+ if (bi instanceof JASPIAuthenticationInfo == false)
+ throw new IllegalArgumentException("Base policy does not contain a JASPI authentication configuration");
+ // merge the auth modules
+ JASPIAuthenticationInfo merged = (JASPIAuthenticationInfo) super.merge(bi);
+ // merge the stacks of login modules
+ JASPIAuthenticationInfo parent = (JASPIAuthenticationInfo) bi;
+ for (LoginModuleStackHolder holder : parent.getLoginModuleStackHolder())
+ merged.add(holder);
+ for (LoginModuleStackHolder holder : this.getLoginModuleStackHolder())
+ merged.add(holder);
+
+ return merged;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#toString()
+ */
+ @Override
public String toString()
{
StringBuffer buffer = new StringBuffer("AuthModuleEntry[]:\n");
@@ -107,27 +156,14 @@
buffer.append("[" + i + "]");
buffer.append("\nAuthModule Class: " + entry.getAuthModuleName());
buffer.append("\nOptions:");
- Map options = entry.getOptions();
- Iterator iter = options.entrySet().iterator();
- while (iter.hasNext())
+ Map<String, Object> options = entry.getOptions();
+ for (Entry<String, Object> optionsEntry : options.entrySet())
{
- Entry e = (Entry) iter.next();
- buffer.append("name=" + e.getKey());
- buffer.append(", value=" + e.getValue());
+ buffer.append("name=" + optionsEntry.getKey());
+ buffer.append(", value=" + optionsEntry.getValue());
buffer.append("\n");
}
}
return buffer.toString();
}
-
- /*
- * (non-Javadoc)
- *
- * @see org.jboss.security.auth.login.BaseAuthenticationInfo#create(java.lang.String)
- */
- @Override
- protected BaseSecurityInfo<Object> create(String name)
- {
- return new JASPIAuthenticationInfo(name);
- }
}
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java 2008-07-08 00:11:05 UTC (rev 75458)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/security/config/SecurityConfigurationUnitTestCase.java 2008-07-08 00:44:36 UTC (rev 75459)
@@ -1,24 +1,24 @@
/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
package org.jboss.test.security.config;
import java.io.IOException;
@@ -51,30 +51,33 @@
import org.jboss.test.AbstractJBossSXTest;
import org.jboss.xb.binding.Unmarshaller;
import org.jboss.xb.binding.UnmarshallerFactory;
-
+
/**
- * Security Configuration Unit Test Case
- * @author Anil.Saldhana at redhat.com
- * @since Jul 25, 2007
- * @version $Revision$
+ * Security Configuration Unit Test Case
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 25, 2007
+ * @version $Revision$
*/
public class SecurityConfigurationUnitTestCase extends AbstractJBossSXTest
-{
+{
protected String schemaFile = "schema/security-config_5_0.xsd";
+
protected String xmlFile = "config/securityConfig5.xml";
-
+
protected PolicyConfig config = null;
-
+
public SecurityConfigurationUnitTestCase(String name)
{
- super(name);
+ super(name);
}
-
+
+ @Override
protected void setUp() throws Exception
- {
+ {
super.setUp();
ClassLoader tcl = Thread.currentThread().getContextClassLoader();
-
+
LoginConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
UsersObjectModelFactory uomf = new UsersObjectModelFactory();
URL xmlFileURL = tcl.getResource(xmlFile);
@@ -89,217 +92,263 @@
config = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, root);
assertNotNull("PolicyConfig is not null", config);
}
-
-
+
public void testValidateJAASConfiguration()
{
ApplicationPolicy jaasConfig = config.get("conf-jaas");
BaseAuthenticationInfo authInfo = jaasConfig.getAuthenticationInfo();
List<?> entries = authInfo.getModuleEntries();
assertEquals("Number of entries = 2", 2, entries.size());
-
- //First Entry
+
+ // First Entry
Object entry = entries.get(0);
- assertTrue("Entry instanceof AppConfigurationEntry",
- entry instanceof AppConfigurationEntry);
- AppConfigurationEntry ace = (AppConfigurationEntry)entry;
- assertEquals("LM Name","org.jboss.test.TestLoginModule" ,ace.getLoginModuleName());
- assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
- ace.getControlFlag());
- Map<String,?> aceOptions = ace.getOptions();
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
+ AppConfigurationEntry ace = (AppConfigurationEntry) entry;
+ assertEquals("LM Name", "org.jboss.test.TestLoginModule", ace.getLoginModuleName());
+ assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
+ Map<String, ?> aceOptions = ace.getOptions();
assertEquals("Number of options = 3", 3, aceOptions.size());
assertEquals("name=1.1", "1.1", aceOptions.get("name"));
assertEquals("succeed=true", "true", aceOptions.get("succeed"));
assertEquals("throwEx=false", "false", aceOptions.get("throwEx"));
-
- //Second Entry
+
+ // Second Entry
entry = entries.get(1);
- assertTrue("Entry instanceof AppConfigurationEntry",
- entry instanceof AppConfigurationEntry);
- ace = (AppConfigurationEntry)entry;
- assertEquals("LM Name","org.jboss.test.TestLoginModule2" ,ace.getLoginModuleName());
- assertEquals("Optional expected", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL,
- ace.getControlFlag());
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
+ ace = (AppConfigurationEntry) entry;
+ assertEquals("LM Name", "org.jboss.test.TestLoginModule2", ace.getLoginModuleName());
+ assertEquals("Optional expected", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, ace.getControlFlag());
aceOptions = ace.getOptions();
assertEquals("Number of options = 4", 4, aceOptions.size());
assertEquals("name=1.2", "1.2", aceOptions.get("name"));
assertEquals("succeed=false", "false", aceOptions.get("succeed"));
assertEquals("throwEx=true", "true", aceOptions.get("throwEx"));
assertEquals("dummy=d", "d", aceOptions.get("dummy"));
-
+
}
-
+
public void testValidateJASPIConfiguration()
{
ApplicationPolicy jaspiConfig = config.get("conf-jaspi");
BaseAuthenticationInfo authInfo = jaspiConfig.getAuthenticationInfo();
List<?> entries = authInfo.getModuleEntries();
assertEquals("Number of entries = 2", 2, entries.size());
-
- //First Entry
+
+ // First Entry
Object entry = entries.get(0);
- assertTrue("Entry instanceof AppConfigurationEntry",
- entry instanceof AuthModuleEntry);
- AuthModuleEntry ace = (AuthModuleEntry)entry;
- assertEquals("LM Name","TestAuthModule" ,ace.getAuthModuleName());
- assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
- ace.getControlFlag());
- Map<String,?> aceOptions = ace.getOptions();
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
+ AuthModuleEntry ace = (AuthModuleEntry) entry;
+ assertEquals("LM Name", "TestAuthModule", ace.getAuthModuleName());
+ assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
+ Map<String, ?> aceOptions = ace.getOptions();
assertEquals("Number of options = 3", 3, aceOptions.size());
assertEquals("usersProperties=u", "u", aceOptions.get("usersProperties"));
assertEquals("rolesProperties=r", "r", aceOptions.get("rolesProperties"));
- assertEquals("unauthenticatedIdentity=anonymous",
- "anonymous", aceOptions.get("unauthenticatedIdentity"));
-
- //Second Entry
+ assertEquals("unauthenticatedIdentity=anonymous", "anonymous", aceOptions.get("unauthenticatedIdentity"));
+
+ // Second Entry
entry = entries.get(1);
- assertTrue("Entry instanceof AppConfigurationEntry",
- entry instanceof AuthModuleEntry);
- ace = (AuthModuleEntry)entry;
- assertEquals("LM Name","TestAuthModule2" ,ace.getAuthModuleName());
- assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
- ace.getControlFlag());
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
+ ace = (AuthModuleEntry) entry;
+ assertEquals("LM Name", "TestAuthModule2", ace.getAuthModuleName());
+ assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
aceOptions = ace.getOptions();
- assertEquals("Number of options = 0", 0, aceOptions.size());
+ assertEquals("Number of options = 0", 0, aceOptions.size());
LoginModuleStackHolder lmsh = ace.getLoginModuleStackHolder();
assertEquals("lm-stack", "lm-stack", lmsh.getName());
AppConfigurationEntry[] appEntries = lmsh.getAppConfigurationEntry();
- assertEquals("App Entries in LMSH=1",1,appEntries.length);
-
+ assertEquals("App Entries in LMSH=1", 1, appEntries.length);
+
Object appEntry = appEntries[0];
- assertTrue("Entry instanceof AppConfigurationEntry",
- appEntry instanceof AppConfigurationEntry);
- AppConfigurationEntry appace = (AppConfigurationEntry)appEntry;
- assertEquals("LM Name","org.jboss.security.auth.spi.UsersRolesLoginModule" ,
- appace.getLoginModuleName());
- assertEquals("Optional", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL,
- appace.getControlFlag());
- Map<String,?> appaceOptions = appace.getOptions();
+ assertTrue("Entry instanceof AppConfigurationEntry", appEntry instanceof AppConfigurationEntry);
+ AppConfigurationEntry appace = (AppConfigurationEntry) appEntry;
+ assertEquals("LM Name", "org.jboss.security.auth.spi.UsersRolesLoginModule", appace.getLoginModuleName());
+ assertEquals("Optional", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, appace.getControlFlag());
+ Map<String, ?> appaceOptions = appace.getOptions();
assertEquals("Number of options = 3", 3, appaceOptions.size());
assertEquals("usersProperties=u", "u", appaceOptions.get("usersProperties"));
assertEquals("rolesProperties=r", "r", appaceOptions.get("rolesProperties"));
- assertEquals("unauthenticatedIdentity=anonymous",
- "anonymous", appaceOptions.get("unauthenticatedIdentity"));
+ assertEquals("unauthenticatedIdentity=anonymous", "anonymous", appaceOptions.get("unauthenticatedIdentity"));
}
-
+
public void testValidateCompleteConfiguration()
{
ApplicationPolicy completeConfig = config.get("conf-complete");
BaseAuthenticationInfo authInfo = completeConfig.getAuthenticationInfo();
List<?> entries = authInfo.getModuleEntries();
assertEquals("Number of entries = 1", 1, entries.size());
-
- //First Entry
+
+ // First Entry
Object entry = entries.get(0);
- assertTrue("Entry instanceof AppConfigurationEntry",
- entry instanceof AppConfigurationEntry);
- AppConfigurationEntry ace = (AppConfigurationEntry)entry;
- assertEquals("LM Name","org.jboss.test.TestLoginModule" ,ace.getLoginModuleName());
- assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
- ace.getControlFlag());
- Map<String,?> aceOptions = ace.getOptions();
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
+ AppConfigurationEntry ace = (AppConfigurationEntry) entry;
+ assertEquals("LM Name", "org.jboss.test.TestLoginModule", ace.getLoginModuleName());
+ assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
+ Map<String, ?> aceOptions = ace.getOptions();
assertEquals("Number of options = 3", 3, aceOptions.size());
assertEquals("name=1.1", "1.1", aceOptions.get("name"));
assertEquals("succeed=true", "true", aceOptions.get("succeed"));
assertEquals("throwEx=false", "false", aceOptions.get("throwEx"));
-
- //Authorization
+
+ // Authorization
AuthorizationInfo authzInfo = completeConfig.getAuthorizationInfo();
assertNotNull("AuthorizationInfo is not null", authzInfo);
AuthorizationModuleEntry[] authzEntries = authzInfo.getAuthorizationModuleEntry();
assertEquals("Length of authorization entries = 1", 1, authzEntries.length);
AuthorizationModuleEntry authzEntry = authzEntries[0];
- assertEquals("TestPolicyModule","org.jboss.test.TestPolicyModule",
- authzEntry.getPolicyModuleName());
- assertEquals("Required", ControlFlag.REQUIRED,
- authzEntry.getControlFlag());
- Map<String,?> authzoptions = authzEntry.getOptions();
+ assertEquals("TestPolicyModule", "org.jboss.test.TestPolicyModule", authzEntry.getPolicyModuleName());
+ assertEquals("Required", ControlFlag.REQUIRED, authzEntry.getControlFlag());
+ Map<String, ?> authzoptions = authzEntry.getOptions();
assertEquals("Number of options = 2", 2, authzoptions.size());
assertEquals("name=authz", "authz", authzoptions.get("name"));
- assertEquals("succeed=true", "true", authzoptions.get("succeed"));
-
- //Role Mapping
+ assertEquals("succeed=true", "true", authzoptions.get("succeed"));
+
+ // Role Mapping
MappingInfo mappingInfo = completeConfig.getRoleMappingInfo();
assertNotNull("MappingInfo is not null", mappingInfo);
MappingModuleEntry[] mmearr = mappingInfo.getMappingModuleEntry();
assertEquals("Mapping entry length=1", 1, mmearr.length);
MappingModuleEntry mme = mmearr[0];
- assertEquals("TestMappingModule","org.jboss.test.TestMappingModule",
- mme.getMappingModuleName());
- Map<String,?> mmOptions = mme.getOptions();
+ assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
+ Map<String, ?> mmOptions = mme.getOptions();
assertEquals("Number of options = 2", 2, mmOptions.size());
assertEquals("name=rolemap", "rolemap", mmOptions.get("name"));
- assertEquals("succeed=true", "true", mmOptions.get("succeed"));
-
- //Audit
+ assertEquals("succeed=true", "true", mmOptions.get("succeed"));
+
+ // Audit
AuditInfo ai = completeConfig.getAuditInfo();
- assertNotNull("AuditInfo", ai);
+ assertNotNull("AuditInfo", ai);
AuditProviderEntry[] apelist = ai.getAuditProviderEntry();
assertEquals("Audit entry length=1", 1, apelist.length);
AuditProviderEntry ape = apelist[0];
- assertEquals("TestMappingModule","org.jboss.test.TestMappingModule",
- mme.getMappingModuleName());
- Map<String,?> auditOptions = ape.getOptions();
+ assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
+ Map<String, ?> auditOptions = ape.getOptions();
assertEquals("Number of options = 2", 2, auditOptions.size());
assertEquals("name=auditprovider", "auditprovider", auditOptions.get("name"));
assertEquals("succeed=false", "false", auditOptions.get("succeed"));
-
- //Identity Trust
+
+ // Identity Trust
IdentityTrustInfo iti = completeConfig.getIdentityTrustInfo();
assertNotNull("IdentityTrustInfo", iti);
IdentityTrustModuleEntry[] itilist = iti.getIdentityTrustModuleEntry();
assertEquals("IdentityTrustModuleEntry length=1", 1, itilist.length);
IdentityTrustModuleEntry itie = itilist[0];
- assertEquals("TestMappingModule","org.jboss.test.TestMappingModule",
- mme.getMappingModuleName());
- Map<String,?> itieOptions = itie.getOptions();
+ assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
+ Map<String, ?> itieOptions = itie.getOptions();
assertEquals("Number of options = 3", 3, itieOptions.size());
assertEquals("name=trustprovider", "trustprovider", itieOptions.get("name"));
assertEquals("succeed=true", "true", itieOptions.get("succeed"));
assertEquals("dummy=dr", "dr", itieOptions.get("dummy"));
- }
-
+ }
+
public void testApplicationPolicyExtension()
{
ApplicationPolicy completeConfig = config.get("conf-jaas-extend");
assertNotNull("conf-jaas-extend is not null", completeConfig);
BaseAuthenticationInfo bai = completeConfig.getAuthenticationInfo();
assertNotNull("BaseAuthenticationInfo is not null", bai);
- assertEquals("3 login modules", 3,bai.getModuleEntries().size());
+ assertEquals("3 login modules", 3, bai.getModuleEntries().size());
AuthorizationInfo azi = completeConfig.getAuthorizationInfo();
assertNotNull("AuthorizationInfo is not null", azi);
assertEquals("3 authz modules", 3, azi.getModuleEntries().size());
- //Role Mapping
+ // Role Mapping
MappingInfo mappingInfo = completeConfig.getRoleMappingInfo();
assertNotNull("MappingInfo is not null", mappingInfo);
assertEquals("1 map modules", 1, mappingInfo.getModuleEntries().size());
- //Audit
+ // Audit
AuditInfo ai = completeConfig.getAuditInfo();
- assertNotNull("AuditInfo", ai);
+ assertNotNull("AuditInfo", ai);
AuditProviderEntry[] apelist = ai.getAuditProviderEntry();
assertEquals("Audit entry length=1", 1, apelist.length);
- //Identity Trust
+ // Identity Trust
IdentityTrustInfo iti = completeConfig.getIdentityTrustInfo();
assertNotNull("IdentityTrustInfo", iti);
IdentityTrustModuleEntry[] itilist = iti.getIdentityTrustModuleEntry();
assertEquals("IdentityTrustModuleEntry length=1", 1, itilist.length);
+
+ // test the jaspi policy extension
+ ApplicationPolicy jaspiPolicy = config.get("conf-jaspi-extend");
+ assertNotNull("Unexpected null conf-jaspi-extend application policy", jaspiPolicy);
+ BaseAuthenticationInfo authInfo = jaspiPolicy.getAuthenticationInfo();
+ assertNotNull("Unexpected null jaspi configuration", authInfo);
+ List<?> entries = authInfo.getModuleEntries();
+ assertEquals("Invalid number of auth modules", 3, entries.size());
+
+ // First Entry - from parent application policy.
+ Object entry = entries.get(0);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
+ AuthModuleEntry ace = (AuthModuleEntry) entry;
+ assertEquals("LM Name", "TestAuthModule", ace.getAuthModuleName());
+ assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
+ Map<String, ?> aceOptions = ace.getOptions();
+ assertEquals("Number of options = 3", 3, aceOptions.size());
+ assertEquals("usersProperties=u", "u", aceOptions.get("usersProperties"));
+ assertEquals("rolesProperties=r", "r", aceOptions.get("rolesProperties"));
+ assertEquals("unauthenticatedIdentity=anonymous", "anonymous", aceOptions.get("unauthenticatedIdentity"));
+
+ // Second Entry - from parent application policy.
+ entry = entries.get(1);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
+ ace = (AuthModuleEntry) entry;
+ assertEquals("LM Name", "TestAuthModule2", ace.getAuthModuleName());
+ assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
+ aceOptions = ace.getOptions();
+ assertEquals("Number of options = 0", 0, aceOptions.size());
+ LoginModuleStackHolder lmsh = ace.getLoginModuleStackHolder();
+ assertEquals("lm-stack", "lm-stack", lmsh.getName());
+ AppConfigurationEntry[] appEntries = lmsh.getAppConfigurationEntry();
+ assertEquals("App Entries in LMSH=1", 1, appEntries.length);
+
+ Object appEntry = appEntries[0];
+ assertTrue("Entry instanceof AppConfigurationEntry", appEntry instanceof AppConfigurationEntry);
+ AppConfigurationEntry appace = (AppConfigurationEntry) appEntry;
+ assertEquals("LM Name", "org.jboss.security.auth.spi.UsersRolesLoginModule", appace.getLoginModuleName());
+ assertEquals("Optional", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, appace.getControlFlag());
+ Map<String, ?> appaceOptions = appace.getOptions();
+ assertEquals("Number of options = 3", 3, appaceOptions.size());
+ assertEquals("usersProperties=u", "u", appaceOptions.get("usersProperties"));
+ assertEquals("rolesProperties=r", "r", appaceOptions.get("rolesProperties"));
+ assertEquals("unauthenticatedIdentity=anonymous", "anonymous", appaceOptions.get("unauthenticatedIdentity"));
+
+ // Third Entry - defined by the conf-jaspi-extend policy.
+ entry = entries.get(2);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
+ ace = (AuthModuleEntry) entry;
+ assertEquals("Invalid module name", "org.jboss.security.JASPITestModule", ace.getAuthModuleName());
+ aceOptions = ace.getOptions();
+ assertEquals("Invalid number of module options", 1, aceOptions.size());
+ assertEquals("Invalid value for auth.option property", "auth.value", aceOptions.get("auth.option"));
+ lmsh = ace.getLoginModuleStackHolder();
+ assertEquals("Invalid login module stack ref", "lm-stack2", lmsh.getName());
+ appEntries = lmsh.getAppConfigurationEntry();
+ assertEquals(1, appEntries.length);
+
+ appEntry = appEntries[0];
+ assertTrue("Entry instanceof AppConfigurationEntry", appEntry instanceof AppConfigurationEntry);
+ appace = (AppConfigurationEntry) appEntry;
+ assertEquals("Invalid module name", "org.jboss.security.TestModule2", appace.getLoginModuleName());
+ assertEquals("Invalid module flag", AppConfigurationEntry.LoginModuleControlFlag.REQUISITE, appace
+ .getControlFlag());
+ appaceOptions = appace.getOptions();
+ assertEquals("Invalid number of module options", 2, appaceOptions.size());
+ assertEquals("Invalid value for prop1 property", "value1", appaceOptions.get("prop1"));
+ assertEquals("Invalid value for prop2 property", "value2", appaceOptions.get("prop2"));
+
}
-
+
public void testAddDeletionOfApplicationPolicies()
{
ApplicationPolicy aPolicy = new ApplicationPolicy("test");
SecurityConfiguration.addApplicationPolicy(aPolicy);
ApplicationPolicy ap = SecurityConfiguration.getApplicationPolicy("test");
assertNotNull("Application Policy for test != null", ap);
- assertEquals("Application Policy Name = test", "test", ap.getName() );
-
+ assertEquals("Application Policy Name = test", "test", ap.getName());
+
SecurityConfiguration.removeApplicationPolicy("test");
- assertNull("Application Policy for test is null",
- SecurityConfiguration.getApplicationPolicy("test"));
+ assertNull("Application Policy for test is null", SecurityConfiguration.getApplicationPolicy("test"));
}
-
- private InputStreamReader loadURL(URL configURL)
- throws IOException
+
+ private InputStreamReader loadURL(URL configURL) throws IOException
{
InputStream is = configURL.openStream();
if (is == null)
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/tests/resources/config/securityConfig5.xml
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/tests/resources/config/securityConfig5.xml 2008-07-08 00:11:05 UTC (rev 75458)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/tests/resources/config/securityConfig5.xml 2008-07-08 00:44:36 UTC (rev 75459)
@@ -108,5 +108,19 @@
<module-option name = "succeed">true</module-option>
</policy-module>
</authorization>
+ </application-policy>
+
+ <application-policy name="conf-jaspi-extend" extends="conf-jaspi">
+ <authentication-jaspi>
+ <login-module-stack name="lm-stack2">
+ <login-module code="org.jboss.security.TestModule2" flag="requisite">
+ <module-option name="prop1">value1</module-option>
+ <module-option name="prop2">value2</module-option>
+ </login-module>
+ </login-module-stack>
+ <auth-module code="org.jboss.security.JASPITestModule" login-module-stack-ref="lm-stack2">
+ <module-option name="auth.option">auth.value</module-option>
+ </auth-module>
+ </authentication-jaspi>
</application-policy>
</policy>
More information about the jboss-cvs-commits
mailing list