[jboss-cvs] JBossAS SVN: r80168 - in projects/security/security-jboss-sx/trunk: jbosssx and 7 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Oct 28 19:02:59 EDT 2008
Author: sguilhen at redhat.com
Date: 2008-10-28 19:02:59 -0400 (Tue, 28 Oct 2008)
New Revision: 80168
Added:
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/acl/PolicyRegistrationStrategy.java
Modified:
projects/security/security-jboss-sx/trunk/identity/.classpath
projects/security/security-jboss-sx/trunk/jbosssx/.classpath
projects/security/security-jboss-sx/trunk/jbosssx/pom.xml
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/SecurityUtil.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfiguration.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java
projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java
projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java
projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java
projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java
projects/security/security-jboss-sx/trunk/jbosssx/src/test/resources/config/jboss-acl.xml
Log:
SECURITY-258: Changed JBossPolicyRegistration to register ACLs parsed from jboss-acl-policy.xml. Created a PolicyRegistrationStrategy to be used by ACLProviderImpl that retrieves the ACLs from PolicyRegistration. Updated JBossAuthorizationACLUnitTestCase to test the getEntitlements call using the new strategy.
Modified: projects/security/security-jboss-sx/trunk/identity/.classpath
===================================================================
--- projects/security/security-jboss-sx/trunk/identity/.classpath 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/identity/.classpath 2008-10-28 23:02:59 UTC (rev 80168)
@@ -1,26 +1,27 @@
<classpath>
<classpathentry kind="src" path="." including="JBossORG-EULA.txt" excluding="**/*.java"/>
- <classpathentry kind="src" path="src/main"/>
+ <classpathentry kind="src" path="src/main" including="**/*.xml" excluding="**/*.java"/>
+ <classpathentry kind="src" path="src/main/java"/>
<classpathentry kind="src" path="src/resources" including="**/*.dtd|**/*.xsd" excluding="**/*.java"/>
- <classpathentry kind="src" path="src/tests" output="target/test-classes"/>
+ <classpathentry kind="src" path="src/test/java" output="target/test-classes"/>
<classpathentry kind="output" path="target/classes"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
- <classpathentry kind="var" path="M2_REPO/ant/ant/1.6.5/ant-1.6.5.jar"/>
+ <classpathentry kind="var" path="M2_REPO/ant/ant/1.6.5/ant-1.6.5.jar" sourcepath="M2_REPO/ant/ant/1.6.5/ant-1.6.5-sources.jar"/>
<classpathentry kind="var" path="M2_REPO/ant/ant-junit/1.6.5/ant-junit-1.6.5.jar"/>
<classpathentry kind="var" path="M2_REPO/apache-httpclient/commons-httpclient/2.0.2/commons-httpclient-2.0.2.jar"/>
<classpathentry kind="var" path="M2_REPO/oswego-concurrent/concurrent/1.3.4/concurrent-1.3.4.jar"/>
<classpathentry kind="var" path="M2_REPO/jboss/jboss-common-core/2.0.2.GA/jboss-common-core-2.0.2.GA.jar"/>
<classpathentry kind="var" path="M2_REPO/org/jboss/jboss-common-core/2.2.1.GA/jboss-common-core-2.2.1.GA.jar"/>
<classpathentry kind="var" path="M2_REPO/jboss/jboss-common-logging-log4j/2.0.4.GA/jboss-common-logging-log4j-2.0.4.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/jboss/jboss-common-logging-spi/2.0.4.GA/jboss-common-logging-spi-2.0.4.GA.jar"/>
+ <classpathentry kind="var" path="M2_REPO/jboss/jboss-common-logging-spi/2.0.4.GA/jboss-common-logging-spi-2.0.4.GA.jar" sourcepath="M2_REPO/jboss/jboss-common-logging-spi/2.0.4.GA/jboss-common-logging-spi-2.0.4.GA-sources.jar"/>
<classpathentry kind="var" path="M2_REPO/jboss/jboss-logging-log4j/2.0.2.GA/jboss-logging-log4j-2.0.2.GA.jar"/>
<classpathentry kind="var" path="M2_REPO/jboss/jboss-logging-spi/2.0.2.GA/jboss-logging-spi-2.0.2.GA.jar"/>
<classpathentry kind="var" path="M2_REPO/jboss/profiler/jvmti/jboss-profiler-jvmti/1.0.0.CR5/jboss-profiler-jvmti-1.0.0.CR5.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-security-spi/2.0.2.CR6/jboss-security-spi-2.0.2.CR6.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-security-spi/2.0.2-SNAPSHOT/jboss-security-spi-2.0.2-SNAPSHOT.jar"/>
<classpathentry kind="var" path="M2_REPO/org/jboss/jboss-test/1.0.4.GA/jboss-test-1.0.4.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/junit/junit/3.8.1/junit-3.8.1.jar"/>
- <classpathentry kind="var" path="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14.jar"/>
- <classpathentry kind="var" path="M2_REPO/log4j/log4j/1.2.14/log4j-1.2.14.jar"/>
+ <classpathentry kind="var" path="M2_REPO/junit/junit/3.8.1/junit-3.8.1.jar" sourcepath="M2_REPO/junit/junit/3.8.1/junit-3.8.1-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14.jar" sourcepath="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/log4j/log4j/1.2.14/log4j-1.2.14.jar" sourcepath="M2_REPO/log4j/log4j/1.2.14/log4j-1.2.14-sources.jar"/>
<classpathentry kind="var" path="M2_REPO/apache-slide/webdavlib/2.0/webdavlib-2.0.jar"/>
<classpathentry kind="var" path="M2_REPO/apache-xerces/xml-apis/2.7.1/xml-apis-2.7.1.jar"/>
</classpath>
\ No newline at end of file
Modified: projects/security/security-jboss-sx/trunk/jbosssx/.classpath
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/.classpath 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/jbosssx/.classpath 2008-10-28 23:02:59 UTC (rev 80168)
@@ -1,74 +1,71 @@
-<?xml version="1.0" encoding="UTF-8"?>
<classpath>
- <classpathentry excluding="**/*.java" including="JBossORG-EULA.txt" kind="src" path=""/>
- <classpathentry kind="src" path="src/main"/>
- <classpathentry excluding="**/*.java" including="**/*.dtd|**/*.xsd" kind="src" path="src/resources"/>
- <classpathentry excluding="resources/" kind="src" output="target/test-classes" path="src/tests"/>
- <classpathentry excluding="**/*.java" kind="src" output="target/test-classes" path="src/tests/resources"/>
- <classpathentry kind="src" path="target/generated-sources/javacc"/>
- <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
- <classpathentry kind="var" path="M2_REPO/javax/activation/activation/1.1/activation-1.1.jar"/>
- <classpathentry kind="var" path="M2_REPO/sun-jaf/activation/1.1/activation-1.1.jar"/>
- <classpathentry kind="var" path="M2_REPO/ant/ant/1.6.5/ant-1.6.5.jar"/>
- <classpathentry kind="var" path="M2_REPO/ant/ant-junit/1.6.5/ant-junit-1.6.5.jar"/>
- <classpathentry kind="var" path="M2_REPO/antlr/antlr/2.7.6/antlr-2.7.6.jar"/>
- <classpathentry kind="var" path="M2_REPO/asm/asm/1.5.3/asm-1.5.3.jar"/>
- <classpathentry kind="var" path="M2_REPO/asm/asm-attrs/1.5.3/asm-attrs-1.5.3.jar"/>
- <classpathentry kind="var" path="M2_REPO/cglib/cglib/2.1_3/cglib-2.1_3.jar"/>
- <classpathentry kind="var" path="M2_REPO/commons-collections/commons-collections/2.1.1/commons-collections-2.1.1.jar"/>
- <classpathentry kind="var" path="M2_REPO/apache-httpclient/commons-httpclient/2.0.2/commons-httpclient-2.0.2.jar"/>
- <classpathentry kind="var" path="M2_REPO/commons-logging/commons-logging/1.0.4/commons-logging-1.0.4.jar"/>
- <classpathentry kind="var" path="M2_REPO/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar"/>
- <classpathentry kind="var" path="M2_REPO/wutka-dtdparser/dtdparser121/1.2.1/dtdparser121-1.2.1.jar"/>
- <classpathentry kind="var" path="M2_REPO/net/sf/ehcache/ehcache/1.2.3/ehcache-1.2.3.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate/3.2.4.sp1/hibernate-3.2.4.sp1.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate-annotations/3.3.0.ga/hibernate-annotations-3.3.0.ga.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate-commons-annotations/3.0.0.ga/hibernate-commons-annotations-3.0.0.ga.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate-entitymanager/3.3.1.ga/hibernate-entitymanager-3.3.1.ga.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate-validator/3.0.0.ga/hibernate-validator-3.0.0.ga.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/security/identity-impl/2.0.2-SNAPSHOT/identity-impl-2.0.2-SNAPSHOT.jar" sourcepath="M2_REPO/org/jboss/security/identity-impl/2.0.2-SNAPSHOT/identity-impl-2.0.2-SNAPSHOT-sources.jar"/>
- <classpathentry kind="var" path="M2_REPO/javassist/javassist/3.4.GA/javassist-3.4.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/javax/xml/bind/jaxb-api/2.1/jaxb-api-2.1.jar"/>
- <classpathentry kind="var" path="M2_REPO/sun-jaxb/jaxb-api/2.1.4/jaxb-api-2.1.4.jar"/>
- <classpathentry kind="var" path="M2_REPO/sun-jaxb/jaxb-impl/2.1.4/jaxb-impl-2.1.4.jar"/>
- <classpathentry kind="var" path="M2_REPO/sun-jaxb/jaxb-xjc/2.1.4/jaxb-xjc-2.1.4.jar"/>
- <classpathentry kind="var" path="M2_REPO/jboss/jboss-common-core/2.0.4.GA/jboss-common-core-2.0.4.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/jboss-common-core/2.2.1.GA/jboss-common-core-2.2.1.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/jboss/jboss-common-logging-log4j/2.0.4.GA/jboss-common-logging-log4j-2.0.4.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/jboss/jboss-common-logging-spi/2.0.4.GA/jboss-common-logging-spi-2.0.4.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-jacc-api/1.1.0.CR1/jboss-jacc-api-1.1.0.CR1.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-jaspi-api/1.0.0.CR1/jboss-jaspi-api-1.0.0.CR1.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-javaee/5.0.0.Beta3/jboss-javaee-5.0.0.Beta3.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-jaxs-api/1.2.0.20070913080910/jboss-jaxs-api-1.2.0.20070913080910.jar"/>
- <classpathentry kind="var" path="M2_REPO/jboss/jboss-jmx/4.2.1.GA/jboss-jmx-4.2.1.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/jboss/jboss-logging-log4j/2.0.2.GA/jboss-logging-log4j-2.0.2.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/jboss/jboss-logging-spi/2.0.2.GA/jboss-logging-spi-2.0.2.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/logging/jboss-logging-spi/2.0.5.GA/jboss-logging-spi-2.0.5.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/jboss/profiler/jvmti/jboss-profiler-jvmti/1.0.0.CR5/jboss-profiler-jvmti-1.0.0.CR5.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/jboss-reflect/2.0.0.Beta12/jboss-reflect-2.0.0.Beta12.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-security-acl-impl/2.0.2-SNAPSHOT/jboss-security-acl-impl-2.0.2-SNAPSHOT.jar" sourcepath="M2_REPO/org/jboss/security/jboss-security-acl-impl/2.0.2-SNAPSHOT/jboss-security-acl-impl-2.0.2-SNAPSHOT-sources.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-security-spi/2.0.2.CR6/jboss-security-spi-2.0.2.CR6.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-servlet-api/2.5.0.CR1/jboss-servlet-api-2.5.0.CR1.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-sunxacml/2.0.2.GA/jboss-sunxacml-2.0.2.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/jboss-test/1.0.4.GA/jboss-test-1.0.4.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-transaction-api/1.0.1.CR1/jboss-transaction-api-1.0.1.CR1.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-xacml/2.0.2.GA/jboss-xacml-2.0.2.GA.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/jbossxb/2.0.0.CR10/jbossxb-2.0.0.CR10.jar"/>
- <classpathentry kind="var" path="M2_REPO/sleepycat/je/3.2.43/je-3.2.43.jar"/>
- <classpathentry kind="var" path="M2_REPO/org/jboss/jnpserver/5.0.0.Beta3/jnpserver-5.0.0.Beta3.jar"/>
- <classpathentry kind="var" path="M2_REPO/javax/transaction/jta/1.0.1B/jta-1.0.1B.jar"/>
- <classpathentry kind="var" path="M2_REPO/junit/junit/3.8.1/junit-3.8.1.jar"/>
- <classpathentry kind="var" path="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14.jar"/>
- <classpathentry kind="var" path="M2_REPO/log4j/log4j/1.2.14/log4j-1.2.14.jar"/>
- <classpathentry kind="var" path="M2_REPO/javax/mail/mail/1.4/mail-1.4.jar"/>
- <classpathentry kind="var" path="M2_REPO/sun-opends/opends-core/1.0.0-BUILD04/opends-core-1.0.0-BUILD04.jar"/>
- <classpathentry kind="var" path="M2_REPO/javax/persistence/persistence-api/1.0/persistence-api-1.0.jar"/>
- <classpathentry kind="var" path="M2_REPO/javax/servlet/servlet-api/2.5/servlet-api-2.5.jar"/>
- <classpathentry kind="var" path="M2_REPO/codehaus-stax/stax/1.1.1/stax-1.1.1.jar"/>
- <classpathentry kind="var" path="M2_REPO/javax/xml/stream/stax-api/1.0-2/stax-api-1.0-2.jar"/>
- <classpathentry kind="var" path="M2_REPO/apache-slide/webdavlib/2.0/webdavlib-2.0.jar"/>
- <classpathentry kind="var" path="M2_REPO/apache-xalan/xalan/j_2.7.0/xalan-j_2.7.0.jar"/>
- <classpathentry kind="var" path="M2_REPO/apache-xerces/xercesImpl/2.7.1/xercesImpl-2.7.1.jar"/>
- <classpathentry kind="var" path="M2_REPO/apache-xerces/xml-apis/2.9.1/xml-apis-2.9.1.jar"/>
- <classpathentry kind="output" path="target/classes"/>
-</classpath>
+ <classpathentry kind="src" path="." including="JBossORG-EULA.txt" excluding="**/*.java"/>
+ <classpathentry kind="src" path="src/main/java"/>
+ <classpathentry kind="src" path="src/resources" including="**/*.dtd|**/*.xsd" excluding="**/*.java"/>
+ <classpathentry kind="src" path="src/test/java" output="target/test-classes"/>
+ <classpathentry kind="src" path="src/test/resources" output="target/test-classes" excluding="**/*.java"/>
+ <classpathentry kind="src" path="target/generated-sources/javacc"/>
+ <classpathentry kind="output" path="target/classes"/>
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+ <classpathentry kind="var" path="M2_REPO/javax/activation/activation/1.1/activation-1.1.jar" sourcepath="M2_REPO/javax/activation/activation/1.1/activation-1.1-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/sun-jaf/activation/1.1/activation-1.1.jar"/>
+ <classpathentry kind="var" path="M2_REPO/ant/ant/1.6.5/ant-1.6.5.jar" sourcepath="M2_REPO/ant/ant/1.6.5/ant-1.6.5-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/ant/ant-junit/1.6.5/ant-junit-1.6.5.jar"/>
+ <classpathentry kind="var" path="M2_REPO/antlr/antlr/2.7.6/antlr-2.7.6.jar"/>
+ <classpathentry kind="var" path="M2_REPO/asm/asm/1.5.3/asm-1.5.3.jar"/>
+ <classpathentry kind="var" path="M2_REPO/asm/asm-attrs/1.5.3/asm-attrs-1.5.3.jar"/>
+ <classpathentry kind="var" path="M2_REPO/cglib/cglib/2.1_3/cglib-2.1_3.jar"/>
+ <classpathentry kind="var" path="M2_REPO/commons-collections/commons-collections/2.1.1/commons-collections-2.1.1.jar"/>
+ <classpathentry kind="var" path="M2_REPO/apache-httpclient/commons-httpclient/2.0.2/commons-httpclient-2.0.2.jar"/>
+ <classpathentry kind="var" path="M2_REPO/commons-logging/commons-logging/1.0.4/commons-logging-1.0.4.jar"/>
+ <classpathentry kind="var" path="M2_REPO/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar" sourcepath="M2_REPO/dom4j/dom4j/1.6.1/dom4j-1.6.1-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/wutka-dtdparser/dtdparser121/1.2.1/dtdparser121-1.2.1.jar"/>
+ <classpathentry kind="var" path="M2_REPO/net/sf/ehcache/ehcache/1.2.3/ehcache-1.2.3.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate/3.2.4.sp1/hibernate-3.2.4.sp1.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate-annotations/3.3.0.ga/hibernate-annotations-3.3.0.ga.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate-commons-annotations/3.0.0.ga/hibernate-commons-annotations-3.0.0.ga.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate-entitymanager/3.3.1.ga/hibernate-entitymanager-3.3.1.ga.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/hibernate/hibernate-validator/3.0.0.ga/hibernate-validator-3.0.0.ga.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/security/identity-impl/2.0.2-SNAPSHOT/identity-impl-2.0.2-SNAPSHOT.jar"/>
+ <classpathentry kind="var" path="M2_REPO/javassist/javassist/3.4.GA/javassist-3.4.GA.jar"/>
+ <classpathentry kind="var" path="M2_REPO/sun-jaxb/jaxb-api/2.1.4/jaxb-api-2.1.4.jar" sourcepath="M2_REPO/sun-jaxb/jaxb-api/2.1.4/jaxb-api-2.1.4-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/sun-jaxb/jaxb-impl/2.1.4/jaxb-impl-2.1.4.jar" sourcepath="M2_REPO/sun-jaxb/jaxb-impl/2.1.4/jaxb-impl-2.1.4-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/sun-jaxb/jaxb-xjc/2.1.4/jaxb-xjc-2.1.4.jar"/>
+ <classpathentry kind="var" path="M2_REPO/jboss/jboss-common-core/2.0.4.GA/jboss-common-core-2.0.4.GA.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/jboss-common-core/2.2.1.GA/jboss-common-core-2.2.1.GA.jar"/>
+ <classpathentry kind="var" path="M2_REPO/jboss/jboss-common-logging-log4j/2.0.4.GA/jboss-common-logging-log4j-2.0.4.GA.jar"/>
+ <classpathentry kind="var" path="M2_REPO/jboss/jboss-common-logging-spi/2.0.4.GA/jboss-common-logging-spi-2.0.4.GA.jar" sourcepath="M2_REPO/jboss/jboss-common-logging-spi/2.0.4.GA/jboss-common-logging-spi-2.0.4.GA-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-jacc-api/1.1.0.CR1/jboss-jacc-api-1.1.0.CR1.jar" sourcepath="M2_REPO/org/jboss/javaee/jboss-jacc-api/1.1.0.CR1/jboss-jacc-api-1.1.0.CR1-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-jaspi-api/1.0.0.CR1/jboss-jaspi-api-1.0.0.CR1.jar" sourcepath="M2_REPO/org/jboss/javaee/jboss-jaspi-api/1.0.0.CR1/jboss-jaspi-api-1.0.0.CR1-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-javaee/5.0.0.Beta3/jboss-javaee-5.0.0.Beta3.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-jaxs-api/1.2.0.20070913080910/jboss-jaxs-api-1.2.0.20070913080910.jar" sourcepath="M2_REPO/org/jboss/javaee/jboss-jaxs-api/1.2.0.20070913080910/jboss-jaxs-api-1.2.0.20070913080910-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/jboss/jboss-jmx/4.2.1.GA/jboss-jmx-4.2.1.GA.jar"/>
+ <classpathentry kind="var" path="M2_REPO/jboss/jboss-logging-log4j/2.0.2.GA/jboss-logging-log4j-2.0.2.GA.jar"/>
+ <classpathentry kind="var" path="M2_REPO/jboss/jboss-logging-spi/2.0.2.GA/jboss-logging-spi-2.0.2.GA.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/logging/jboss-logging-spi/2.0.5.GA/jboss-logging-spi-2.0.5.GA.jar" sourcepath="M2_REPO/org/jboss/logging/jboss-logging-spi/2.0.5.GA/jboss-logging-spi-2.0.5.GA-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/jboss/profiler/jvmti/jboss-profiler-jvmti/1.0.0.CR5/jboss-profiler-jvmti-1.0.0.CR5.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/jboss-reflect/2.0.0.CR1/jboss-reflect-2.0.0.CR1.jar" sourcepath="M2_REPO/org/jboss/jboss-reflect/2.0.0.CR1/jboss-reflect-2.0.0.CR1-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-security-acl-impl/2.0.2-SNAPSHOT/jboss-security-acl-impl-2.0.2-SNAPSHOT.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-security-spi/2.0.2-SNAPSHOT/jboss-security-spi-2.0.2-SNAPSHOT.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-servlet-api/2.5.0.CR1/jboss-servlet-api-2.5.0.CR1.jar" sourcepath="M2_REPO/org/jboss/javaee/jboss-servlet-api/2.5.0.CR1/jboss-servlet-api-2.5.0.CR1-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-sunxacml/2.0.2.GA/jboss-sunxacml-2.0.2.GA.jar" sourcepath="M2_REPO/org/jboss/security/jboss-sunxacml/2.0.2.GA/jboss-sunxacml-2.0.2.GA-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/jboss-test/1.0.4.GA/jboss-test-1.0.4.GA.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-transaction-api/1.0.1.CR1/jboss-transaction-api-1.0.1.CR1.jar" sourcepath="M2_REPO/org/jboss/javaee/jboss-transaction-api/1.0.1.CR1/jboss-transaction-api-1.0.1.CR1-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/security/jboss-xacml/2.0.2.GA/jboss-xacml-2.0.2.GA.jar" sourcepath="M2_REPO/org/jboss/security/jboss-xacml/2.0.2.GA/jboss-xacml-2.0.2.GA-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/jbossxb/2.0.0.CR15/jbossxb-2.0.0.CR15.jar" sourcepath="M2_REPO/org/jboss/jbossxb/2.0.0.CR15/jbossxb-2.0.0.CR15-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/sleepycat/je/3.2.43/je-3.2.43.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/jnpserver/5.0.0.Beta3/jnpserver-5.0.0.Beta3.jar"/>
+ <classpathentry kind="var" path="M2_REPO/javax/transaction/jta/1.0.1B/jta-1.0.1B.jar"/>
+ <classpathentry kind="var" path="M2_REPO/junit/junit/3.8.1/junit-3.8.1.jar" sourcepath="M2_REPO/junit/junit/3.8.1/junit-3.8.1-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14.jar" sourcepath="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/log4j/log4j/1.2.14/log4j-1.2.14.jar" sourcepath="M2_REPO/log4j/log4j/1.2.14/log4j-1.2.14-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/javax/mail/mail/1.4/mail-1.4.jar" sourcepath="M2_REPO/javax/mail/mail/1.4/mail-1.4-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/sun-opends/opends-core/1.0.0-BUILD04/opends-core-1.0.0-BUILD04.jar"/>
+ <classpathentry kind="var" path="M2_REPO/javax/persistence/persistence-api/1.0/persistence-api-1.0.jar"/>
+ <classpathentry kind="var" path="M2_REPO/javax/servlet/servlet-api/2.5/servlet-api-2.5.jar" sourcepath="M2_REPO/javax/servlet/servlet-api/2.5/servlet-api-2.5-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/codehaus-stax/stax/1.1.1/stax-1.1.1.jar"/>
+ <classpathentry kind="var" path="M2_REPO/apache-slide/webdavlib/2.0/webdavlib-2.0.jar"/>
+ <classpathentry kind="var" path="M2_REPO/apache-xalan/xalan/j_2.7.0/xalan-j_2.7.0.jar"/>
+ <classpathentry kind="var" path="M2_REPO/apache-xerces/xercesImpl/2.7.1/xercesImpl-2.7.1.jar"/>
+ <classpathentry kind="var" path="M2_REPO/apache-xerces/xml-apis/2.9.1/xml-apis-2.9.1.jar"/>
+</classpath>
\ No newline at end of file
Modified: projects/security/security-jboss-sx/trunk/jbosssx/pom.xml
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/pom.xml 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/jbosssx/pom.xml 2008-10-28 23:02:59 UTC (rev 80168)
@@ -184,7 +184,7 @@
<groupId>apache-xerces</groupId>
<artifactId>xercesImpl</artifactId>
<version>2.7.1</version>
- <scope>test</scope>
+ <scope>compile</scope>
</dependency>
<dependency>
<groupId>org.jboss</groupId>
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/SecurityUtil.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/SecurityUtil.java 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/SecurityUtil.java 2008-10-28 23:02:59 UTC (rev 80168)
@@ -30,137 +30,140 @@
import org.jboss.logging.Logger;
import org.jboss.security.audit.AuditManager;
+import org.jboss.security.authorization.PolicyRegistration;
import org.jboss.security.config.ApplicationPolicy;
import org.jboss.security.config.SecurityConfiguration;
import org.jboss.security.identitytrust.IdentityTrustManager;
import org.jboss.security.mapping.MappingManager;
-
/**
- * Security Utility Class
- * @author Anil.Saldhana at redhat.com
- * @since May 9, 2007
- * @version $Revision$
+ * Security Utility Class
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since May 9, 2007
+ * @version $Revision$
*/
public class SecurityUtil
{
private static Logger log = Logger.getLogger(SecurityUtil.class);
-
+
/**
* Strip the security domain of prefix (java:jaas or java:jbsx)
+ *
* @param securityDomain
* @return
*/
public static String unprefixSecurityDomain(String securityDomain)
{
String result = null;
- if(securityDomain != null)
+ if (securityDomain != null)
{
- if(securityDomain.startsWith(SecurityConstants.JAAS_CONTEXT_ROOT))
+ if (securityDomain.startsWith(SecurityConstants.JAAS_CONTEXT_ROOT))
result = securityDomain.substring(SecurityConstants.JAAS_CONTEXT_ROOT.length() + 1);
+ else if (securityDomain.startsWith(SecurityConstants.JASPI_CONTEXT_ROOT))
+ result = securityDomain.substring(SecurityConstants.JASPI_CONTEXT_ROOT.length() + 1);
else
- if(securityDomain.startsWith(SecurityConstants.JASPI_CONTEXT_ROOT))
- result = securityDomain.substring(SecurityConstants.JASPI_CONTEXT_ROOT.length() + 1);
- else
- result = securityDomain;
- }
+ result = securityDomain;
+ }
return result;
}
/**
* Get the Subject roles by looking for a Group called 'Roles'
+ *
* @param theSubject - the Subject to search for roles
* @return the Group contain the subject roles if found, null otherwise
- */
+ */
public static Group getSubjectRoles(Subject theSubject)
{
- if(theSubject == null)
+ if (theSubject == null)
throw new IllegalArgumentException("Subject is null");
Set<Group> subjectGroups = theSubject.getPrincipals(Group.class);
Iterator<Group> iter = subjectGroups.iterator();
Group roles = null;
- while( iter.hasNext() )
+ while (iter.hasNext())
{
Group grp = iter.next();
String name = grp.getName();
- if( name.equals("Roles") )
+ if (name.equals("Roles"))
roles = grp;
}
return roles;
- }
+ }
/**
* Obtain the Application Policy
*
- * @param domainName Security Domain
+ * @param domainName Security Domain
* @return
- */
+ */
public static ApplicationPolicy getApplicationPolicy(String domainName)
{
- return SecurityConfiguration.getApplicationPolicy(domainName);
+ return SecurityConfiguration.getApplicationPolicy(domainName);
}
/**
* Do a JNDI lookup to obtain the authentication manager
+ *
* @param securityDomain
* @param baseContext the BaseContext for JNDI(Eg: "java:/jaas")
* @return
*/
- public static AuthenticationManager getAuthenticationManager(String securityDomain,
- String baseContext)
+ public static AuthenticationManager getAuthenticationManager(String securityDomain, String baseContext)
{
String securityMgrURL = "/securityMgr";
String lookupURL = null;
- if(securityDomain.startsWith(baseContext))
+ if (securityDomain.startsWith(baseContext))
lookupURL = securityDomain + securityMgrURL;
else
- lookupURL = baseContext + "/" + securityDomain + securityMgrURL;
+ lookupURL = baseContext + "/" + securityDomain + securityMgrURL;
AuthenticationManager am = null;
try
{
InitialContext ic = new InitialContext();
- am = (AuthenticationManager)ic.lookup(lookupURL);
+ am = (AuthenticationManager) ic.lookup(lookupURL);
}
- catch(Exception e)
+ catch (Exception e)
{
- if(log.isTraceEnabled())
- log.trace("Error in obtaining AuthenticationManager",e);
+ if (log.isTraceEnabled())
+ log.trace("Error in obtaining AuthenticationManager", e);
}
return am;
}
/**
* Do a JNDI lookup to obtain the authorization manager
+ *
* @param securityDomain
* @param baseContext the BaseContext for JNDI(Eg: "java:/jaas")
* @return
*/
- public static AuthorizationManager getAuthorizationManager(String securityDomain,
- String baseContext)
+ public static AuthorizationManager getAuthorizationManager(String securityDomain, String baseContext)
{
String authorizationMgrURL = "/authorizationMgr";
String lookupURL = null;
- if(securityDomain.startsWith(baseContext))
+ if (securityDomain.startsWith(baseContext))
lookupURL = securityDomain + authorizationMgrURL;
else
- lookupURL = baseContext + "/" + securityDomain + authorizationMgrURL;
+ lookupURL = baseContext + "/" + securityDomain + authorizationMgrURL;
AuthorizationManager am = null;
try
{
InitialContext ic = new InitialContext();
- am = (AuthorizationManager)ic.lookup(lookupURL);
+ am = (AuthorizationManager) ic.lookup(lookupURL);
}
- catch(Exception e)
+ catch (Exception e)
{
- if(log.isTraceEnabled())
- log.trace("Error in obtaining AuthorizationMgr",e);
+ if (log.isTraceEnabled())
+ log.trace("Error in obtaining AuthorizationMgr", e);
}
return am;
}
-
+
/**
* Do a JNDI lookup to obtain the Audit Manager
+ *
* @param securityDomain
* @param baseContext the BaseContext for JNDI(Eg: "java:/jaas")
* @return
@@ -169,79 +172,104 @@
{
String auditMgrURL = "/auditMgr";
String lookupURL = null;
- if(securityDomain.startsWith(baseContext))
+ if (securityDomain.startsWith(baseContext))
lookupURL = securityDomain + auditMgrURL;
else
- lookupURL = baseContext + "/" + securityDomain + auditMgrURL;
+ lookupURL = baseContext + "/" + securityDomain + auditMgrURL;
AuditManager am = null;
try
{
InitialContext ic = new InitialContext();
- am = (AuditManager)ic.lookup(lookupURL);
+ am = (AuditManager) ic.lookup(lookupURL);
}
- catch(Exception e)
+ catch (Exception e)
{
- if(log.isTraceEnabled())
- log.trace("Error in obtaining AuditMgr",e);
+ if (log.isTraceEnabled())
+ log.trace("Error in obtaining AuditMgr", e);
}
return am;
}
-
+
/**
* Do a JNDI lookup to obtain the IdentityTrust Manager
+ *
* @param securityDomain
* @param baseContext the BaseContext for JNDI(Eg: "java:/jaas")
* @return
*/
- public static IdentityTrustManager getIdentityTrustManager(String securityDomain,
- String baseContext)
+ public static IdentityTrustManager getIdentityTrustManager(String securityDomain, String baseContext)
{
String identityTrustMgrURL = "/identityTrustMgr";
String lookupURL = null;
- if(securityDomain.startsWith(baseContext))
+ if (securityDomain.startsWith(baseContext))
lookupURL = securityDomain + identityTrustMgrURL;
else
- lookupURL = baseContext + "/" + securityDomain + identityTrustMgrURL;
+ lookupURL = baseContext + "/" + securityDomain + identityTrustMgrURL;
IdentityTrustManager am = null;
try
{
InitialContext ic = new InitialContext();
- am = (IdentityTrustManager)ic.lookup(lookupURL);
+ am = (IdentityTrustManager) ic.lookup(lookupURL);
}
- catch(Exception e)
+ catch (Exception e)
{
- if(log.isTraceEnabled())
- log.trace("Error in obtaining IdentityTrustMgr",e);
+ if (log.isTraceEnabled())
+ log.trace("Error in obtaining IdentityTrustMgr", e);
}
return am;
- }
-
+ }
+
/**
* Do a JNDI lookup to obtain the MappingManager
+ *
* @param securityDomain
* @param baseContext the BaseContext for JNDI(Eg: "java:/jaas")
* @return
*/
- public static MappingManager getMappingManager(String securityDomain,
- String baseContext)
+ public static MappingManager getMappingManager(String securityDomain, String baseContext)
{
String mappingManagerURL = "/mappingMgr";
String lookupURL = null;
- if(securityDomain.startsWith(baseContext))
+ if (securityDomain.startsWith(baseContext))
lookupURL = securityDomain + mappingManagerURL;
else
- lookupURL = baseContext + "/" + securityDomain + mappingManagerURL;
+ lookupURL = baseContext + "/" + securityDomain + mappingManagerURL;
MappingManager am = null;
try
{
InitialContext ic = new InitialContext();
- am = (MappingManager)ic.lookup(lookupURL);
+ am = (MappingManager) ic.lookup(lookupURL);
}
- catch(Exception e)
+ catch (Exception e)
{
- if(log.isTraceEnabled())
- log.trace("Error in obtaining IdentityTrustMgr",e);
+ if (log.isTraceEnabled())
+ log.trace("Error in obtaining IdentityTrustMgr", e);
}
return am;
- }
+ }
+
+ /**
+ * <p>
+ * Performs a JNDI lookup to retrieve the configured {@code PolicyRegistration}.
+ * </p>
+ *
+ * @return a reference to the configured {@code PolicyRegistration} implementation, or {@code null} if the look up
+ * fails.
+ */
+ public static PolicyRegistration getPolicyRegistration()
+ {
+ String lookupURL = "java:/policyRegistration";
+ PolicyRegistration registration = null;
+ try
+ {
+ InitialContext ic = new InitialContext();
+ registration = (PolicyRegistration) ic.lookup(lookupURL);
+ }
+ catch (Exception e)
+ {
+ if (log.isTraceEnabled())
+ log.trace("Error in obtaining IdentityTrustMgr", e);
+ }
+ return registration;
+ }
}
\ No newline at end of file
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfiguration.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfiguration.java 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfiguration.java 2008-10-28 23:02:59 UTC (rev 80168)
@@ -22,7 +22,6 @@
package org.jboss.security.acl.config;
import java.util.ArrayList;
-import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
@@ -70,11 +69,11 @@
* configuration file.
* </p>
*
- * @return a {@code Collection<ACL>} containing the generated {@code ACL}s.
+ * @return a {@code Set<ACL>} containing the generated {@code ACL}s.
*/
- public Collection<ACL> getConfiguredACLs()
+ public Set<ACL> getConfiguredACLs()
{
- Collection<ACL> configuredACLs = new HashSet<ACL>();
+ Set<ACL> configuredACLs = new HashSet<ACL>();
for (ACLDefinition definition : this.definitions.values())
{
Set<ACLEntry> entries = this.getEntries(definition, new ArrayList<String>());
Added: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/acl/config/ACLConfigurationFactory.java 2008-10-28 23:02:59 UTC (rev 80168)
@@ -0,0 +1,72 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.acl.config;
+
+import java.io.InputStream;
+
+import org.jboss.logging.Logger;
+import org.jboss.xb.binding.JBossXBException;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+import org.jboss.xb.binding.sunday.unmarshalling.SchemaBinding;
+import org.jboss.xb.binding.sunday.unmarshalling.XsdBinder;
+
+/**
+ * <p>
+ * Factory for {@code ACLConfiguration} objects.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class ACLConfigurationFactory
+{
+
+ private static final String schemaName = "schema/jboss-acl-config_1_0.xsd";
+
+ private static Logger log = Logger.getLogger(ACLConfigurationFactory.class);
+
+ /**
+ * <p>
+ * Creates and return an {@code ACLConfiguration} object using the specified input stream to read the ACL
+ * configuration file.
+ * </p>
+ *
+ * @param aclConfigFileStream an {@code InputStream} that reads the contents of the ACL configuration file.
+ * @return the constructed {@code ACLConfiguration} object that contains the configured ACLs.
+ */
+ public static ACLConfiguration getConfiguration(InputStream aclConfigFileStream)
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ SchemaBinding schema = XsdBinder.bind(tcl.getResourceAsStream(schemaName), null);
+ Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
+ try
+ {
+ ACLConfiguration configuration = (ACLConfiguration) unmarshaller.unmarshal(aclConfigFileStream, schema);
+ return configuration;
+ }
+ catch (JBossXBException e)
+ {
+ log.debug("Error parsing ACL configuration file", e);
+ throw new RuntimeException(e);
+ }
+ }
+}
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java 2008-10-28 23:02:59 UTC (rev 80168)
@@ -30,6 +30,10 @@
import java.util.Set;
import org.jboss.logging.Logger;
+import org.jboss.security.acl.ACL;
+import org.jboss.security.acl.ACLImpl;
+import org.jboss.security.acl.config.ACLConfiguration;
+import org.jboss.security.acl.config.ACLConfigurationFactory;
import org.jboss.security.authorization.PolicyRegistration;
import org.jboss.security.xacml.core.JBossPDP;
import org.jboss.security.xacml.factories.PolicyFactory;
@@ -38,8 +42,8 @@
/**
* Default implementation of Policy Registration interface
* @author Anil.Saldhana at redhat.com
- * @since Mar 31, 2008
- * @version $Revision$
+ * @since Mar 31, 2008
+ * @version $Revision$
*/
public class JBossPolicyRegistration implements PolicyRegistration, Serializable
{
@@ -49,16 +53,22 @@
protected boolean trace = log.isTraceEnabled();
- private Map<String,Set<XACMLPolicy>> contextIdToXACMLPolicy =
+ private final Map<String,Set<XACMLPolicy>> contextIdToXACMLPolicy =
new HashMap<String,Set<XACMLPolicy>>();
- /** When the policy configuration file is registered, we directly
- * store a copy of the JBossPDP that has read in the config file
+ /**
+ * When the policy configuration file is registered, we directly store a copy of the JBossPDP that has read in the
+ * config file
*/
- private Map<String,JBossPDP> contextIDToJBossPDP =
+ private final Map<String,JBossPDP> contextIDToJBossPDP =
new HashMap<String,JBossPDP>();
+ /** Map to keep track of the ACLs that have been configured in each context. */
+ private final Map<String, Set<ACL>> contextIDToACLs = new HashMap<String,Set<ACL>>();
+ /** Global map that keeps all the configured ACLs keyed by their resource */
+ private final Map<String, ACL> configuredACLs = new HashMap<String, ACL>();
+
public void deRegisterPolicy(String contextID, String type)
{
if(PolicyRegistration.XACML.equalsIgnoreCase(type))
@@ -67,6 +77,17 @@
if(trace)
log.trace("DeRegistered policy for contextId:" + contextID + ":type=" + type);
}
+ else if(PolicyRegistration.ACL.equalsIgnoreCase(type))
+ {
+ Set<ACL> acls = this.contextIDToACLs.remove(contextID);
+ for(ACL acl : acls)
+ {
+ ACLImpl impl = (ACLImpl) acl;
+ this.configuredACLs.remove(impl.getResourceAsString());
+ }
+ if(trace)
+ log.trace("Deregistered ACLs for contextId:" + contextID);
+ }
}
@SuppressWarnings("unchecked")
@@ -82,6 +103,24 @@
}
return (T) this.contextIdToXACMLPolicy.get(contextID);
}
+ else if(PolicyRegistration.ACL.equalsIgnoreCase(type))
+ {
+ if(contextMap != null)
+ {
+ String query = (String) contextMap.get("resource");
+ if("ALL".equalsIgnoreCase(query))
+ {
+ // return all the ACLs that have been registered.
+ return (T) this.configuredACLs.values();
+ }
+ else if(query != null)
+ {
+ // we are looking for an ACL for an specific resource.
+ return (T) this.configuredACLs.get(query);
+ }
+ }
+ return (T) this.contextIDToACLs.get(contextID);
+ }
throw new RuntimeException("Unsupported type:" + type);
}
@@ -100,7 +139,7 @@
}
catch(Exception e)
{
- log.debug("Error in registering xacml policy:",e);
+ log.debug("Error in registering policy:",e);
}
}
@@ -128,6 +167,20 @@
log.debug("Error in registering xacml policy:",e);
}
}
+ else if(PolicyRegistration.ACL.equalsIgnoreCase(type))
+ {
+ ACLConfiguration configuration = ACLConfigurationFactory.getConfiguration(stream);
+ Set<ACL> configuredACLs = configuration.getConfiguredACLs();
+ // register the configured ACLs
+ this.contextIDToACLs.put(contextID, configuredACLs);
+ for (ACL acl : configuredACLs)
+ {
+ ACLImpl impl = (ACLImpl) acl;
+ if(trace)
+ log.trace("Registering ACL for resource " + impl.getResourceAsString());
+ this.configuredACLs.put(impl.getResourceAsString(), acl);
+ }
+ }
}
/**
Added: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/acl/PolicyRegistrationStrategy.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/acl/PolicyRegistrationStrategy.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/acl/PolicyRegistrationStrategy.java 2008-10-28 23:02:59 UTC (rev 80168)
@@ -0,0 +1,156 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.plugins.acl;
+
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.jboss.security.SecurityUtil;
+import org.jboss.security.acl.ACL;
+import org.jboss.security.acl.ACLEntry;
+import org.jboss.security.acl.ACLPersistenceStrategy;
+import org.jboss.security.acl.Util;
+import org.jboss.security.authorization.PolicyRegistration;
+import org.jboss.security.authorization.Resource;
+import org.jboss.util.NotImplementedException;
+
+/**
+ * <p>
+ * This is a special implementation of {@code ACLPersistenceStrategy} that looks up the ACLs in the
+ * {@code PolicyRegistration}. This is used to get hold of the ACLs that have been specified in the
+ * {@code jboss-acl-policy.xml} configuration file and registered with the {@code PolicyRegistration} implementation.
+ * </p>
+ *
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class PolicyRegistrationStrategy implements ACLPersistenceStrategy
+{
+
+ private final PolicyRegistration registration;
+
+ /**
+ * <p>
+ * Creates an instance of {@code PolicyRegistrationStrategy}.
+ * </p>
+ */
+ public PolicyRegistrationStrategy()
+ {
+ // set the policy registration delegate using the JNDI.
+ this(SecurityUtil.getPolicyRegistration());
+ }
+
+ /**
+ * <p>
+ * Creates an instance of {@code PolicyRegistrationStrategy} with the specified {@code PolicyRegistration} as a
+ * delegate.
+ * </p>
+ *
+ * @param registration the {@code PolicyRegistration} instance to be used as this strategy's delegate.
+ */
+ public PolicyRegistrationStrategy(PolicyRegistration registration)
+ {
+ this.registration = registration;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.acl.ACLPersistenceStrategy#createACL(org.jboss.security.authorization.Resource)
+ */
+ public ACL createACL(Resource resource)
+ {
+ // we don't create anything: ACLs are created by parsing an ACL configuration file.
+ throw new NotImplementedException("Read-only strategy: ACLs are created through jboss-acl-policy.xml");
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.acl.ACLPersistenceStrategy#createACL(org.jboss.security.authorization.Resource,
+ * java.util.Collection)
+ */
+ public ACL createACL(Resource resource, Collection<ACLEntry> entries)
+ {
+ // we don't create anything: ACLs are created by parsing an ACL configuration file.
+ throw new NotImplementedException("Read-only strategy: ACLs are created through jboss-acl-policy.xml");
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.acl.ACLPersistenceStrategy#getACL(org.jboss.security.authorization.Resource)
+ */
+ public ACL getACL(Resource resource)
+ {
+ String resourceString = Util.getResourceAsString(resource);
+ Map<String, Object> context = new HashMap<String, Object>();
+ context.put("resource", resourceString);
+ return (ACL) this.registration.getPolicy(null, PolicyRegistration.ACL, context);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.acl.ACLPersistenceStrategy#getACLs()
+ */
+ @SuppressWarnings("unchecked")
+ public Collection<ACL> getACLs()
+ {
+ Map<String, Object> context = new HashMap<String, Object>();
+ context.put("resource", "ALL");
+ return (Collection<ACL>) this.registration.getPolicy(null, PolicyRegistration.ACL, context);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.acl.ACLPersistenceStrategy#removeACL(org.jboss.security.acl.ACL)
+ */
+ public boolean removeACL(ACL acl)
+ {
+ // we don't remove anything: ACLs are removed by undeploying the app that has the configuration file.
+ throw new NotImplementedException("Read-only strategy: ACLs are removed upon application undeployment");
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.acl.ACLPersistenceStrategy#removeACL(org.jboss.security.authorization.Resource)
+ */
+ public boolean removeACL(Resource resource)
+ {
+ // we don't remove anything: ACLs are removed by undeploying the app that has the configuration file.
+ throw new NotImplementedException("Read-only strategy: ACLs are removed upon application undeployment");
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.acl.ACLPersistenceStrategy#updateACL(org.jboss.security.acl.ACL)
+ */
+ public boolean updateACL(ACL acl)
+ {
+ throw new NotImplementedException("Unable to update ACL: this is a read-only strategy");
+ }
+
+}
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/acl/config/JBossACLSchemaBindingUnitTestCase.java 2008-10-28 23:02:59 UTC (rev 80168)
@@ -112,7 +112,7 @@
for (ACL acl : configuredACLs)
{
ACLImpl aclImpl = (ACLImpl) acl;
- if (aclImpl.getResourceAsString().equals("org.jboss.jnp.NamingService:java/comp"))
+ if (aclImpl.getResourceAsString().equals("org.jboss.test.authorization.acl.ACLTestResource:10"))
{
assertEquals("Invalid number of entries", 2, aclImpl.getEntries().size());
// one entry should assign the CREATE,READ,UPDATE,DELETE permissions to Administrator.
@@ -127,7 +127,7 @@
assertEquals("Unexpected permissions assigned for Guest", expectedPermission, entry.getPermission());
validatedJavaCompACL = true;
}
- else if (aclImpl.getResourceAsString().equals("org.jboss.jnp.NamingService:java/comp/env"))
+ else if (aclImpl.getResourceAsString().equals("org.jboss.test.authorization.acl.ACLTestResource:20"))
{
assertEquals("Invalid number of entries", 3, aclImpl.getEntries().size());
// one entry should assign the CREATE,READ,UPDATE,DELETE permissions to Administrator.
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/ACLTestResource.java 2008-10-28 23:02:59 UTC (rev 80168)
@@ -21,9 +21,8 @@
*/
package org.jboss.test.authorization.acl;
-import java.util.HashSet;
+import java.util.HashMap;
import java.util.Map;
-import java.util.Set;
import org.jboss.security.authorization.Resource;
import org.jboss.security.authorization.ResourceType;
@@ -38,29 +37,50 @@
*/
public class ACLTestResource implements Resource
{
- private Map<String, Object> cmap;
- public ACLTestResource(final Map<String,Object> cmap)
+ private final int id;
+
+ private final Map<String, Object> context = new HashMap<String, Object>();
+
+ /**
+ * <p>
+ * Creates an instance of {@code ACLTestResource} with the specified id.
+ * </p>
+ *
+ * @param id an {@code int} representing the resource's id.
+ */
+ public ACLTestResource(int id)
{
- this.cmap = cmap;
+ this.id = id;
}
+ /*
+ * (non-Javadoc)
+ * @see org.jboss.security.authorization.Resource#getLayer()
+ */
public ResourceType getLayer()
{
return ResourceType.ACL;
}
+ /*
+ * (non-Javadoc)
+ * @see org.jboss.security.authorization.Resource#getMap()
+ */
public Map<String, Object> getMap()
{
- return cmap;
+ return this.context;
}
- public Set<String> getEntitlements()
+ /**
+ * <p>
+ * Obtains the id of this test resource.
+ * </p>
+ *
+ * @return an {@code int} representing this resource's id.
+ */
+ public int getId()
{
- //TODO: call the acl framework
- Set<String> er = new HashSet<String>();
- er.add("resource1");
- er.add("resource2");
- return er;
+ return this.id;
}
}
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java 2008-10-28 23:02:59 UTC (rev 80168)
@@ -1,111 +1,159 @@
/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
package org.jboss.test.authorization.acl;
-import java.security.Principal;
-import java.security.acl.Group;
+import java.util.ArrayList;
+import java.util.Collection;
import java.util.HashMap;
+import java.util.Map;
import java.util.Set;
import junit.framework.TestCase;
+import org.jboss.security.acl.BasicACLPermission;
+import org.jboss.security.acl.CompositeACLPermission;
+import org.jboss.security.acl.EntitlementEntry;
import org.jboss.security.acl.config.ACLProviderEntry;
import org.jboss.security.authorization.EntitlementHolder;
+import org.jboss.security.authorization.PolicyRegistration;
import org.jboss.security.authorization.Resource;
+import org.jboss.security.authorization.ResourceKeys;
import org.jboss.security.config.ACLInfo;
import org.jboss.security.config.ApplicationPolicy;
import org.jboss.security.config.SecurityConfiguration;
-import org.jboss.security.identity.Identity;
-import org.jboss.security.identity.Role;
+import org.jboss.security.identity.plugins.IdentityFactory;
import org.jboss.security.plugins.JBossAuthorizationManager;
+import org.jboss.security.plugins.JBossPolicyRegistration;
-
/**
- * ACL Unit Tests using JBossAuthorizationManager
- * @author Anil.Saldhana at redhat.com
- * @since Jan 30, 2008
- * @version $Revision$
+ * ACL Unit Tests using JBossAuthorizationManager
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ * @since Jan 30, 2008
+ * @version $Revision$
*/
public class JBossAuthorizationManagerACLUnitTestCase extends TestCase
-{
+{
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see junit.framework.TestCase#setUp()
+ */
+ @Override
protected void setUp()
{
+ // register an ACL policy containing ACL definitions with the PolicyRegistration.
+ PolicyRegistration registration = new JBossPolicyRegistration();
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ registration.registerPolicy("ID", PolicyRegistration.ACL, tcl.getResourceAsStream("config/jboss-acl.xml"));
+
+ // create an application policy that contains an ACL configuration.
ApplicationPolicy ap = new ApplicationPolicy("test-acl");
ACLInfo aclInfo = new ACLInfo("test-acl");
- ACLProviderEntry ame = new ACLProviderEntry(TestACLProvider.class.getName());
+ // set the TestACLProvider with the PolicyRegistration created above.
+ Map<String, Object> options = new HashMap<String, Object>();
+ options.put("policyRegistration", registration);
+ ACLProviderEntry ame = new ACLProviderEntry(TestACLProvider.class.getName(), options);
aclInfo.add(ame);
ap.setAclInfo(aclInfo);
- SecurityConfiguration.addApplicationPolicy(ap);
+ // register the application policy.
+ SecurityConfiguration.addApplicationPolicy(ap);
}
-
- public void testACL() throws Exception
+
+ /**
+ * <p>
+ * Tests the results of the {@code AuthorizationManager#getEntitlements} method when the ACLs have been specified in
+ * an ACL configuration file and registered with the {@code PolicyRegistration}.
+ * </p>
+ *
+ * @throws Exception if an error occurs while running the test.
+ */
+ public void testGetEntitlements() throws Exception
{
- Resource resource = getResource();
- Identity identity = getIdentity();
-
+ Resource resource1 = new ACLTestResource(10);
+ Resource resource2 = new ACLTestResource(20);
+ // for testing purposes, lets say resource2 is a child of resource1.
+ Collection<Resource> childResources = new ArrayList<Resource>();
+ // resource 0 has resource 1 as child.
+ childResources.add(resource2);
+ resource1.getMap().put(ResourceKeys.CHILD_RESOURCES, childResources);
+ resource2.getMap().put(ResourceKeys.PARENT_RESOURCE, resource1);
+
+ // using the authorization manager, check the entitlements assigned to some of the identities.
JBossAuthorizationManager jam = new JBossAuthorizationManager("test-acl");
- EntitlementHolder<?> eh = jam.getEntitlements(ACLResourceType.class,
- resource, identity);
- assertNotNull(eh);
- Set<?> entitled = eh.getEntitled();
- assertNotNull(entitled);
- assertTrue(entitled.size() > 0);
+
+ // start with the Administrator identity.
+ EntitlementHolder<EntitlementEntry> holder = jam.getEntitlements(EntitlementEntry.class, resource1,
+ IdentityFactory.createIdentity("Administrator"));
+ assertNotNull("Unexpected null EntitlementHolder", holder);
+ Set<EntitlementEntry> entitled = holder.getEntitled();
+ assertNotNull("Unexpected null set of entitlement entries", entitled);
+ assertEquals("Unexpected number of entitlement entries", 2, entitled.size());
+ // Administrator should have all permissions on both resources.
+ Map<Integer, EntitlementEntry> entriesMap = this.getEntriesByResourceID(entitled);
+ CompositeACLPermission expectedPermission = new CompositeACLPermission(BasicACLPermission.values());
+ assertTrue("Entry for ACLTestResource with id 10 missing", entriesMap.containsKey(10));
+ assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(10).getPermission());
+ assertTrue("Entry for ACLTestResource with id 20 missing", entriesMap.containsKey(20));
+ assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(20).getPermission());
+
+ // now check the permissions entitled to Regular_User.
+ holder = jam.getEntitlements(EntitlementEntry.class, resource1, IdentityFactory.createIdentity("Regular_User"));
+ assertNotNull("Unexpected null EntitlementHolder", holder);
+ entitled = holder.getEntitled();
+ assertNotNull("Unexpected null set of entitlement entries", entitled);
+ // Regular_User should get an empty set when calling getEntitlements with resource1.
+ assertEquals("Unexpected number of entitlement entries", 0, entitled.size());
+ holder = jam.getEntitlements(EntitlementEntry.class, resource2, IdentityFactory.createIdentity("Regular_User"));
+ assertNotNull("Unexpected null EntitlementHolder", holder);
+ entitled = holder.getEntitled();
+ assertNotNull("Unexpected null set of entitlement entries", entitled);
+ assertEquals("Unexpected number of entitlement entries", 1, entitled.size());
+ // Regular_User should have READ and UPDATE permissions on resource 2.
+ entriesMap = this.getEntriesByResourceID(entitled);
+ expectedPermission = new CompositeACLPermission(BasicACLPermission.READ, BasicACLPermission.UPDATE);
+ assertTrue("Entry for ACLTestResource with id 20 missing", entriesMap.containsKey(20));
+ assertEquals("Found unexpected permissions", expectedPermission, entriesMap.get(20).getPermission());
}
-
-
- public class ACLResourceType
- {
- }
-
- public Resource getResource()
+
+ /**
+ * <p>
+ * Creates and returns a map that contains the specified set of {@code EntitlementEntry} objects keyed by their
+ * resources ids.
+ * </p>
+ *
+ * @param entries the set of {@code EntitlementEntry} objects to be keyed.
+ * @return the constructed {@code Map} instance.
+ */
+ private Map<Integer, EntitlementEntry> getEntriesByResourceID(Set<EntitlementEntry> entries)
{
- return new ACLTestResource(new HashMap<String,Object>());
- }
-
- public Identity getIdentity()
- {
- return new Identity()
+ Map<Integer, EntitlementEntry> entriesMap = new HashMap<Integer, EntitlementEntry>();
+ for (EntitlementEntry entry : entries)
{
- private static final long serialVersionUID = 1L;
-
- public Group asGroup()
- {
- return null;
- }
-
- public Principal asPrincipal()
- {
- return null;
- }
-
- public String getName()
- {
- return null;
- }
-
- public Role getRole()
- {
- return null;
- }
- };
+ ACLTestResource testResource = (ACLTestResource) entry.getResource();
+ entriesMap.put(testResource.getId(), entry);
+ }
+ return entriesMap;
}
}
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/TestACLProvider.java 2008-10-28 23:02:59 UTC (rev 80168)
@@ -1,109 +1,58 @@
/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
package org.jboss.test.authorization.acl;
-import java.util.Collection;
import java.util.Map;
-import java.util.Set;
-import org.jboss.security.acl.ACL;
-import org.jboss.security.acl.ACLEntry;
-import org.jboss.security.acl.ACLPermission;
-import org.jboss.security.acl.ACLPersistenceStrategy;
-import org.jboss.security.acl.ACLProvider;
-import org.jboss.security.authorization.AuthorizationException;
-import org.jboss.security.authorization.Resource;
-import org.jboss.security.identity.Identity;
+import org.jboss.security.acl.ACLProviderImpl;
+import org.jboss.security.authorization.PolicyRegistration;
+import org.jboss.security.plugins.acl.PolicyRegistrationStrategy;
-//$Id$
+// $Id$
/**
- * Test ACL Provider
- * @author Anil.Saldhana at redhat.com
- * @since Jan 30, 2008
- * @version $Revision$
+ * <p>
+ * This is an {@code ACLProvider} implementation used in tests that uses an instance of
+ * {@code PolicyRegistrationStrategy} to look up the ACLs.
+ * </p>
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ * @since Jan 30, 2008
+ * @version $Revision$
*/
-public class TestACLProvider implements ACLProvider
-{
- public ACL createACL(Resource resource)
- {
- return null;
- }
+public class TestACLProvider extends ACLProviderImpl
+{
- public ACL createACL(Resource resource, Collection<ACLEntry> entries)
- {
- return null;
- }
-
- public ACL getACL(Resource resource)
- {
- return null;
- }
-
- @SuppressWarnings("unchecked")
- public <T> Set<T> getEntitlements(Class<T> clazz, Resource resource, Identity identity)
- throws AuthorizationException
- {
- if(resource instanceof ACLTestResource == false)
- throw new IllegalArgumentException("Not a ACL Test Resource");
- ACLTestResource atr = (ACLTestResource) resource;
- return (Set<T>) atr.getEntitlements();
- }
-
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.acl.ACLProviderImpl#initialize(java.util.Map, java.util.Map)
+ */
+ @Override
public void initialize(Map<String, Object> sharedState, Map<String, Object> options)
{
+ // test implementation: create an instance of PolicyRegistrationStrategy and sets the PolicyRegistration.
+ PolicyRegistration registration = (PolicyRegistration) options.get("policyRegistration");
+ this.setPersistenceStrategy(new PolicyRegistrationStrategy(registration));
}
-
- public boolean removeACL(ACL acl)
- {
- return false;
- }
-
- public boolean removeACL(Resource resource)
- {
- return false;
- }
-
- public boolean tearDown()
- {
- return true;
- }
-
- public boolean updateACL(ACL acl)
- {
- return false;
- }
-
- public ACLPersistenceStrategy getPersistenceStrategy()
- {
- return null;
- }
-
- public boolean isAccessGranted(Resource arg0, Identity arg1, ACLPermission arg2) throws AuthorizationException
- {
- return false;
- }
-
- public void setPersistenceStrategy(ACLPersistenceStrategy arg0)
- {
- }
}
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/test/resources/config/jboss-acl.xml
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/test/resources/config/jboss-acl.xml 2008-10-28 21:50:24 UTC (rev 80167)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/test/resources/config/jboss-acl.xml 2008-10-28 23:02:59 UTC (rev 80168)
@@ -3,7 +3,7 @@
xmlns="urn:jboss:jboss-acl-config:1.0"
xmlns:jbxb="urn:jboss:jboss-acl-config:1.0">
- <acl-definition resource="org.jboss.jnp.NamingService:java/comp">
+ <acl-definition resource="org.jboss.test.authorization.acl.ACLTestResource:10">
<entry>
<identity-name>Administrator</identity-name>
<permissions>CREATE,READ,UPDATE,DELETE</permissions>
@@ -15,7 +15,7 @@
</acl-definition>
<!-- An extends attribute allows an ACL to inherit all the entries from its parent ACL -->
- <acl-definition resource="org.jboss.jnp.NamingService:java/comp/env" extends="org.jboss.jnp.NamingService:java/comp">
+ <acl-definition resource="org.jboss.test.authorization.acl.ACLTestResource:20" extends="org.jboss.test.authorization.acl.ACLTestResource:10">
<entry>
<identity-name>Regular_User</identity-name>
<permissions>READ,UPDATE</permissions>
More information about the jboss-cvs-commits
mailing list