[jboss-cvs] JBossAS SVN: r107924 - in projects/security/security-xacml/trunk/jboss-xacml/src: test/java/org/jboss/test/security/test/xacml/attriblocators and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Aug 31 14:00:10 EDT 2010
Author: anil.saldhana at jboss.com
Date: 2010-08-31 14:00:09 -0400 (Tue, 31 Aug 2010)
New Revision: 107924
Added:
projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/attrib/FileSystemAttributeLocator.java
projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/attriblocators/FileSystemAttributeLocatorUnitTestCase.java
projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/locators/attrib/filesystemAttrib.properties
projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/locators/attrib/filesystem_attrib_locator-config.xml
Log:
SECURITY-456: file system based attribute locator
Added: projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/attrib/FileSystemAttributeLocator.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/attrib/FileSystemAttributeLocator.java (rev 0)
+++ projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/attrib/FileSystemAttributeLocator.java 2010-08-31 18:00:09 UTC (rev 107924)
@@ -0,0 +1,134 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.locators.attrib;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.HashSet;
+import java.util.Properties;
+import java.util.Set;
+
+import org.jboss.security.xacml.sunxacml.EvaluationCtx;
+import org.jboss.security.xacml.sunxacml.attr.AttributeValue;
+import org.jboss.security.xacml.sunxacml.attr.BagAttribute;
+import org.jboss.security.xacml.sunxacml.cond.EvaluationResult;
+import org.jboss.security.xacml.util.JBossXACMLUtil;
+
+/**
+ * File System based attribute locator.
+ * <br/>
+ * <br/>
+ * This attribute locator should be used for those rare cases where in you have
+ * one or two attributes that your pdp needs and you do not have other ways of providing
+ * it to the PDP such as in request, ldap or db.
+ * <br/>
+ * <br/>
+ * This Locator requires an XML conforming to the Java Properties DTD. An example is shown below:<br/>
+ *
+ *
+ * <?xml version="1.0" encoding="UTF-8"?> <br/>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"><br/>
+<properties><br/>
+<entry key="urn:xacml:2.0:interop:example:resource:account-status">Active</entry><br/>
+<entry key="urn:oasis:names:tc:xacml:1.0:subject:subject-id">123456</entry><br/>
+</properties><br/>
+
+ * <br/>
+ * <br/>
+ * The Module Options are shown as below:
+ * <br/>
+ * <br/>
+ * <ns:Locator Name="org.jboss.security.xacml.locators.attrib.FileSystemAttributeLocator"> <br/>
+ <ns:Option Name="fileName">locators/attrib/filesystemAttrib.properties</ns:Option> <br/>
+ <ns:Option Name="attributeSupportedId">urn:xacml:2.0:interop:example:resource:account-status,urn:oasis:names:tc:xacml:1.0:subject:subject-id</ns:Option><br/>
+ </ns:Locator><br/>
+ * <br/>
+ * <br/>
+ * <br/>
+ *
+ * fileName: Name of XML file that conforms to Java Properties XML DTD format on the class path. <br/>
+ * attributeSupportedID: the URI namespaces of attributes that this locator supports.<br/>
+ * <br/>
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 31, 2010
+ */
+public class FileSystemAttributeLocator extends StorageAttributeLocator
+{
+ private Properties properties = new Properties();
+
+ public static final String FILE_NAME = "fileName";
+
+ @Override
+ protected void usePassedOption(String optionTag, String optionValue)
+ {
+ super.usePassedOption(optionTag, optionValue);
+
+ if( optionTag.equalsIgnoreCase( FILE_NAME ) )
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ InputStream is = tcl.getResourceAsStream( optionValue );
+ if( is == null )
+ {
+ throw new RuntimeException( "Unable to load " + FILE_NAME + " using the context classloader. Does the file exist?" );
+ }
+
+ try
+ {
+ properties.loadFromXML( is );
+ }
+ catch (IOException e)
+ {
+ throw new RuntimeException( "Unable to load " + FILE_NAME , e );
+ }
+ }
+ }
+
+
+ @Override
+ public EvaluationResult findAttribute(URI attributeType, URI attributeId, URI issuer, URI subjectCategory,
+ EvaluationCtx context, int designatorType)
+ {
+ Set<AttributeValue> bagSet = new HashSet<AttributeValue>();
+
+ if( properties.size() > 0 )
+ {
+ attributeValue = properties.getProperty( attributeId.toASCIIString() );
+ bagSet.add( JBossXACMLUtil.getAttributeValue( attributeValue ) );
+ }
+ else
+ {
+ if(attributeType != null)
+ return new EvaluationResult(BagAttribute.createEmptyBag(attributeType));
+ else
+ return new EvaluationResult(BagAttribute.createEmptyBag(attributeId));
+ }
+ return new EvaluationResult( new BagAttribute( attributeType, bagSet ));
+ }
+
+ @Override
+ protected Object getSubstituteValue(URI attributeType, EvaluationCtx context) throws URISyntaxException
+ {
+ throw new RuntimeException( "Not Applicable for this locator" );
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/attriblocators/FileSystemAttributeLocatorUnitTestCase.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/attriblocators/FileSystemAttributeLocatorUnitTestCase.java (rev 0)
+++ projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/attriblocators/FileSystemAttributeLocatorUnitTestCase.java 2010-08-31 18:00:09 UTC (rev 107924)
@@ -0,0 +1,69 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.test.xacml.attriblocators;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+
+import org.jboss.security.xacml.core.JBossPDP;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.jboss.security.xacml.interfaces.ResponseContext;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.test.security.xacml.factories.util.XACMLTestUtil;
+import org.junit.Test;
+
+
+/**
+ * Unit test the {@code FileSystemAttributeLocator}
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 31, 2010
+ */
+public class FileSystemAttributeLocatorUnitTestCase
+{
+ @Test
+ public void testPDPUsingDatabaseResourceAttributeLocator() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+
+ InputStream is = tcl.getResourceAsStream("locators/attrib/filesystem_attrib_locator-config.xml");
+ assertNotNull("Inputstream is not null?", is);
+ PolicyDecisionPoint pdp = new JBossPDP(is);
+ ResponseContext response = XACMLTestUtil.getResponse(pdp,"locators/attrib/attribLocatorResourceAttribute-request.xml");
+ int decision = response.getDecision();
+ assertEquals("PERMIT?", XACMLConstants.DECISION_PERMIT,decision);
+ }
+
+ @Test
+ public void testPDPUsingDatabaseSubjectAttributeLocator() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+
+ InputStream is = tcl.getResourceAsStream("locators/attrib/filesystem_attrib_locator-config.xml");
+ assertNotNull("Inputstream is not null?", is);
+ PolicyDecisionPoint pdp = new JBossPDP(is);
+ ResponseContext response = XACMLTestUtil.getResponse(pdp,"locators/attrib/attribLocatorSubjectAttribute-request.xml");
+ int decision = response.getDecision();
+ assertEquals("PERMIT?", XACMLConstants.DECISION_PERMIT,decision);
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/locators/attrib/filesystemAttrib.properties
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/locators/attrib/filesystemAttrib.properties (rev 0)
+++ projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/locators/attrib/filesystemAttrib.properties 2010-08-31 18:00:09 UTC (rev 107924)
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+<properties>
+<entry key="urn:xacml:2.0:interop:example:resource:account-status">Active</entry>
+<entry key="urn:oasis:names:tc:xacml:1.0:subject:subject-id">123456</entry>
+</properties>
Added: projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/locators/attrib/filesystem_attrib_locator-config.xml
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/locators/attrib/filesystem_attrib_locator-config.xml (rev 0)
+++ projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/locators/attrib/filesystem_attrib_locator-config.xml 2010-08-31 18:00:09 UTC (rev 107924)
@@ -0,0 +1,14 @@
+<ns:jbosspdp xmlns:ns="urn:jboss:xacml:2.0">
+ <ns:Policies>
+ <ns:Policy>
+ <ns:Location>locators/attrib/attribLocator_policy.xml</ns:Location>
+ </ns:Policy>
+ </ns:Policies>
+ <ns:Locators>
+ <ns:Locator Name="org.jboss.security.xacml.locators.JBossPolicyLocator"/>
+ <ns:Locator Name="org.jboss.security.xacml.locators.attrib.FileSystemAttributeLocator">
+ <ns:Option Name="fileName">locators/attrib/filesystemAttrib.properties</ns:Option>
+ <ns:Option Name="attributeSupportedId">urn:xacml:2.0:interop:example:resource:account-status,urn:oasis:names:tc:xacml:1.0:subject:subject-id</ns:Option>
+ </ns:Locator>
+ </ns:Locators>
+</ns:jbosspdp>
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list