[jboss-cvs] JBossAS SVN: r80316 - in projects/security/security-jboss-sx/trunk/jbosssx/src: test/java/org/jboss/test/authorization/acl and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Oct 31 10:41:01 EDT 2008
Author: sguilhen at redhat.com
Date: 2008-10-31 10:41:00 -0400 (Fri, 31 Oct 2008)
New Revision: 80316
Modified:
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java
projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java
Log:
SECURITY-258: Added check for null values before removing ACLs from JBossPolicyRegistration
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java 2008-10-31 14:21:05 UTC (rev 80315)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossPolicyRegistration.java 2008-10-31 14:41:00 UTC (rev 80316)
@@ -1,24 +1,24 @@
/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
package org.jboss.security.plugins;
import java.io.InputStream;
@@ -38,82 +38,84 @@
import org.jboss.security.xacml.core.JBossPDP;
import org.jboss.security.xacml.factories.PolicyFactory;
import org.jboss.security.xacml.interfaces.XACMLPolicy;
-
+
/**
- * Default implementation of Policy Registration interface
- * @author Anil.Saldhana at redhat.com
+ * Default implementation of Policy Registration interface
+ *
+ * @author Anil.Saldhana at redhat.com
* @since Mar 31, 2008
* @version $Revision$
*/
public class JBossPolicyRegistration implements PolicyRegistration, Serializable
-{
+{
private static final long serialVersionUID = 1L;
private static Logger log = Logger.getLogger(JBossPolicyRegistration.class);
-
- protected boolean trace = log.isTraceEnabled();
-
- private final Map<String,Set<XACMLPolicy>> contextIdToXACMLPolicy =
- new HashMap<String,Set<XACMLPolicy>>();
-
+
+ protected boolean trace = log.isTraceEnabled();
+
+ private final Map<String, Set<XACMLPolicy>> contextIdToXACMLPolicy = new HashMap<String, Set<XACMLPolicy>>();
+
/**
* When the policy configuration file is registered, we directly store a copy of the JBossPDP that has read in the
* config file
*/
- private final Map<String,JBossPDP> contextIDToJBossPDP =
- new HashMap<String,JBossPDP>();
-
+ private final Map<String, JBossPDP> contextIDToJBossPDP = new HashMap<String, JBossPDP>();
+
/** Map to keep track of the ACLs that have been configured in each context. */
- private final Map<String, Set<ACL>> contextIDToACLs = new HashMap<String,Set<ACL>>();
+ private final Map<String, Set<ACL>> contextIDToACLs = new HashMap<String, Set<ACL>>();
/** Global map that keeps all the configured ACLs keyed by their resource */
private final Map<String, ACL> configuredACLs = new HashMap<String, ACL>();
-
+
public void deRegisterPolicy(String contextID, String type)
- {
- if(PolicyRegistration.XACML.equalsIgnoreCase(type))
+ {
+ if (PolicyRegistration.XACML.equalsIgnoreCase(type))
{
- this.contextIdToXACMLPolicy.remove(contextID);
- if(trace)
+ this.contextIdToXACMLPolicy.remove(contextID);
+ if (trace)
log.trace("DeRegistered policy for contextId:" + contextID + ":type=" + type);
}
- else if(PolicyRegistration.ACL.equalsIgnoreCase(type))
+ else if (PolicyRegistration.ACL.equalsIgnoreCase(type))
{
Set<ACL> acls = this.contextIDToACLs.remove(contextID);
- for(ACL acl : acls)
+ if (acls != null)
{
- ACLImpl impl = (ACLImpl) acl;
- this.configuredACLs.remove(impl.getResourceAsString());
+ for (ACL acl : acls)
+ {
+ ACLImpl impl = (ACLImpl) acl;
+ this.configuredACLs.remove(impl.getResourceAsString());
+ }
}
- if(trace)
+ if (trace)
log.trace("Deregistered ACLs for contextId:" + contextID);
}
}
@SuppressWarnings("unchecked")
public <T> T getPolicy(String contextID, String type, Map<String, Object> contextMap)
- {
- if(PolicyRegistration.XACML.equalsIgnoreCase(type))
+ {
+ if (PolicyRegistration.XACML.equalsIgnoreCase(type))
{
- if(contextMap != null)
+ if (contextMap != null)
{
String pdp = (String) contextMap.get("PDP");
- if(pdp != null)
+ if (pdp != null)
return (T) this.contextIDToJBossPDP.get(contextID);
}
- return (T) this.contextIdToXACMLPolicy.get(contextID);
+ return (T) this.contextIdToXACMLPolicy.get(contextID);
}
- else if(PolicyRegistration.ACL.equalsIgnoreCase(type))
+ else if (PolicyRegistration.ACL.equalsIgnoreCase(type))
{
- if(contextMap != null)
+ if (contextMap != null)
{
String query = (String) contextMap.get("resource");
- if("ALL".equalsIgnoreCase(query))
+ if ("ALL".equalsIgnoreCase(query))
{
- // return all the ACLs that have been registered.
+ // return all the ACLs that have been registered.
return (T) this.configuredACLs.values();
}
- else if(query != null)
+ else if (query != null)
{
// we are looking for an ACL for an specific resource.
return (T) this.configuredACLs.get(query);
@@ -121,7 +123,7 @@
}
return (T) this.contextIDToACLs.get(contextID);
}
- throw new RuntimeException("Unsupported type:" + type);
+ throw new RuntimeException("Unsupported type:" + type);
}
/**
@@ -130,17 +132,16 @@
public void registerPolicy(String contextID, String type, URL location)
{
try
- {
- if(trace)
- log.trace("Registering policy for contextId:" +
- contextID + " type: " + type +
- "and location:" + location.getPath());
- registerPolicy( contextID, type, location.openStream());
+ {
+ if (trace)
+ log.trace("Registering policy for contextId:" + contextID + " type: " + type + "and location:"
+ + location.getPath());
+ registerPolicy(contextID, type, location.openStream());
}
- catch(Exception e)
+ catch (Exception e)
{
- log.debug("Error in registering policy:",e);
- }
+ log.debug("Error in registering policy:", e);
+ }
}
/**
@@ -148,26 +149,26 @@
*/
public void registerPolicy(String contextID, String type, InputStream stream)
{
- if(PolicyRegistration.XACML.equalsIgnoreCase(type))
+ if (PolicyRegistration.XACML.equalsIgnoreCase(type))
{
try
{
XACMLPolicy policy = PolicyFactory.createPolicy(stream);
-
+
Set<XACMLPolicy> policySet = this.contextIdToXACMLPolicy.get(contextID);
- if(policySet == null)
+ if (policySet == null)
{
- policySet = new HashSet<XACMLPolicy>();
+ policySet = new HashSet<XACMLPolicy>();
}
policySet.add(policy);
this.contextIdToXACMLPolicy.put(contextID, policySet);
}
- catch(Exception e)
+ catch (Exception e)
{
- log.debug("Error in registering xacml policy:",e);
- }
- }
- else if(PolicyRegistration.ACL.equalsIgnoreCase(type))
+ log.debug("Error in registering xacml policy:", e);
+ }
+ }
+ else if (PolicyRegistration.ACL.equalsIgnoreCase(type))
{
ACLConfiguration configuration = ACLConfigurationFactory.getConfiguration(stream);
Set<ACL> configuredACLs = configuration.getConfiguredACLs();
@@ -176,7 +177,7 @@
for (ACL acl : configuredACLs)
{
ACLImpl impl = (ACLImpl) acl;
- if(trace)
+ if (trace)
log.trace("Registering ACL for resource " + impl.getResourceAsString());
this.configuredACLs.put(impl.getResourceAsString(), acl);
}
@@ -187,18 +188,18 @@
* @see PolicyRegistration#registerPolicyConfigFile(String, String, InputStream)
*/
public void registerPolicyConfigFile(String contextId, String type, InputStream stream)
- {
- if(PolicyRegistration.XACML.equalsIgnoreCase(type))
+ {
+ if (PolicyRegistration.XACML.equalsIgnoreCase(type))
{
try
{
JBossPDP pdp = new JBossPDP(stream);
this.contextIDToJBossPDP.put(contextId, pdp);
}
- catch(Exception e)
+ catch (Exception e)
{
throw new RuntimeException(e);
- }
+ }
}
- }
+ }
}
\ No newline at end of file
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java 2008-10-31 14:21:05 UTC (rev 80315)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authorization/acl/JBossAuthorizationManagerACLUnitTestCase.java 2008-10-31 14:41:00 UTC (rev 80316)
@@ -95,7 +95,7 @@
Resource resource2 = new ACLTestResource(20);
// for testing purposes, lets say resource2 is a child of resource1.
Collection<Resource> childResources = new ArrayList<Resource>();
- // resource 0 has resource 1 as child.
+ // resource 1 has resource 2 as child.
childResources.add(resource2);
resource1.getMap().put(ResourceKeys.CHILD_RESOURCES, childResources);
resource2.getMap().put(ResourceKeys.PARENT_RESOURCE, resource1);
More information about the jboss-cvs-commits
mailing list