[jboss-cvs] JBossAS SVN: r102979 - in projects/security/security-xacml-existdb/trunk: parent and 30 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Mar 25 17:10:27 EDT 2010
Author: anil.saldhana at jboss.com
Date: 2010-03-25 17:10:23 -0400 (Thu, 25 Mar 2010)
New Revision: 102979
Added:
projects/security/security-xacml-existdb/trunk/parent/
projects/security/security-xacml-existdb/trunk/parent/pom.xml
projects/security/security-xacml-existdb/trunk/pom.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/
projects/security/security-xacml-existdb/trunk/xacml-existdb/.classpath
projects/security/security-xacml-existdb/trunk/xacml-existdb/.project
projects/security/security-xacml-existdb/trunk/xacml-existdb/bin.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/pom.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/sources.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/ExistDBConstants.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/ExistSecurityCtx.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistAttributeLocatorsUtil.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseActionAttributeLocator.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseEnvAttributeLocator.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseResourceAttributeLocator.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseSubjectAttributeLocator.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/policy/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/policy/ExistPolicyLocator.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/policy/ExistPolicySetLocator.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/util/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/util/ExistDBUtil.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/util/SecurityActions.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/resources/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/AbstractExistDBTest.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/tests/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/tests/ExistAttributeUnitTestCase.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/tests/XACMLAttributeUnitTestCase.java
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocatorResourceAttribute-request.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocatorSubjectAttribute-request.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocator_policy.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_attrib_locator-config.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_resource_attrib_locator-config.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_subject_attrib_locator-config.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/resourceattribute.xql
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/subjectattribute.xql
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/web-policy.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/conf.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/resolver.jar
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/serializer.jar
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/xalan-2.7.1.jar
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/xercesImpl-2.9.1.jar
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/xml-apis.jar
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/log4j.xml
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/schema/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/schema/conf.xsd
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/webapp/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/webapp/WEB-INF/
projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/webapp/WEB-INF/data/
projects/security/security-xacml-existdb/trunk/xacml-existdb/webapp/
projects/security/security-xacml-existdb/trunk/xacml-existdb/webapp/WEB-INF/
projects/security/security-xacml-existdb/trunk/xacml-existdb/webapp/WEB-INF/data/
Log:
SECURITY-488: existdb based integration
Added: projects/security/security-xacml-existdb/trunk/parent/pom.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/parent/pom.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/parent/pom.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,58 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss</groupId>
+ <artifactId>jboss-parent</artifactId>
+ <version>4</version>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>xacml-existdb-project</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ <packaging>pom</packaging>
+ <name>JBoss XACML Build</name>
+ <url>http://www.jboss.com</url>
+ <description>
+ The JBoss XACML Project
+ </description>
+ <scm>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml-existdb/trunk</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossas/projects/security/security-xacml-existdb/trunk</developerConnection>
+ </scm>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-release-plugin</artifactId>
+ <configuration>
+ <tagBase>https://svn.jboss.org/repos/jbossas/projects/security/security-xacml-existdb/tags</tagBase>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <repositories>
+ <repository>
+ <id>repository.jboss.org</id>
+ <name>JBoss Repository</name>
+ <layout>default</layout>
+ <url>http://repository.jboss.org/maven2/</url>
+ <snapshots>
+ <enabled>false</enabled>
+ </snapshots>
+ <releases>
+ <enabled>true</enabled>
+ </releases>
+ </repository>
+
+ <repository>
+ <id>snapshots.jboss.org</id>
+ <name>JBoss Snapshots Repository</name>
+ <layout>default</layout>
+ <url>http://snapshots.jboss.org/maven2/</url>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ </repository>
+ </repositories>
+</project>
Added: projects/security/security-xacml-existdb/trunk/pom.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/pom.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/pom.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,23 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>xacml-existdb-project</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ <relativePath>parent</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>xacml-existdb-main</artifactId>
+ <packaging>pom</packaging>
+ <name>JBoss XACML ExistDB- Aggregator</name>
+ <url>http://labs.jboss.org/portal/jbosssecurity/</url>
+ <description>JBoss Security is a cross cutting project that handles security for the JEMS projects</description>
+ <modules>
+ <module>parent</module>
+ <module>xacml-existdb</module>
+ </modules>
+ <scm>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml-existdb/trunk</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossas/projects/security/security-xacml-existdb/trunk</developerConnection>
+ </scm>
+</project>
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/.classpath
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/.classpath (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/.classpath 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,27 @@
+<classpath>
+ <classpathentry kind="src" path="src/test/java" output="target/test-classes" including="**/*.java"/>
+ <classpathentry kind="src" path="src/test/resources" output="target/test-classes" excluding="**/*.java"/>
+ <classpathentry kind="src" path="src/main/java" including="**/*.java"/>
+ <classpathentry kind="src" path="src/main/resources" excluding="**/*.java"/>
+ <classpathentry kind="output" path="target/classes"/>
+ <classpathentry kind="var" path="M2_REPO/javax/transaction/jta/1.1/jta-1.1.jar" sourcepath="M2_REPO/javax/transaction/jta/1.1/jta-1.1-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/antlr/antlr/2.7.7/antlr-2.7.7.jar"/>
+ <classpathentry kind="var" path="M2_REPO/commons-collections/commons-collections/3.2/commons-collections-3.2.jar"/>
+ <classpathentry kind="var" path="M2_REPO/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/apache/commons-pool/1.0.1/commons-pool-1.0.1.jar"/>
+ <classpathentry kind="var" path="M2_REPO/net/sf/existdb/exist/1.2.6/exist-1.2.6.jar"/>
+ <classpathentry kind="var" path="M2_REPO/net/sf/existdb/existdb-start/1.2.6/existdb-start-1.2.6.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/security/jbossxacml/2.0.5.CR2/jbossxacml-2.0.5.CR2.jar" sourcepath="M2_REPO/org/jboss/security/jbossxacml/2.0.5.CR2/jbossxacml-2.0.5.CR2-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/mortbay/jetty/jetty/6.1.18/jetty-6.1.18.jar" sourcepath="M2_REPO/org/mortbay/jetty/jetty/6.1.18/jetty-6.1.18-sources.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/mortbay/jetty/jetty-util/6.1.18/jetty-util-6.1.18.jar"/>
+ <classpathentry kind="var" path="M2_REPO/junit/junit/4.8.1/junit-4.8.1.jar"/>
+ <classpathentry kind="var" path="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14.jar"/>
+ <classpathentry kind="var" path="M2_REPO/quartz/quartz/1.6.0/quartz-1.6.0.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/mortbay/jetty/servlet-api/2.5-20081211/servlet-api-2.5-20081211.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/apache/ws/commons/util/1.0.2/util-1.0.2.jar"/>
+ <classpathentry kind="var" path="M2_REPO/net/sf/existdb/xmldb/2004/xmldb-2004.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/apache/xmlrpc-client/3.1.2/xmlrpc-client-3.1.2.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/apache/xmlrpc-common/3.1.2/xmlrpc-common-3.1.2.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/apache/xmlrpc-server/3.1.2/xmlrpc-server-3.1.2.jar"/>
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5"/>
+</classpath>
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/.project
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/.project (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/.project 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,13 @@
+<projectDescription>
+ <name>xacml-existdb</name>
+ <comment>JBoss XACML ExistDB Bindings</comment>
+ <projects/>
+ <buildSpec>
+ <buildCommand>
+ <name>org.eclipse.jdt.core.javabuilder</name>
+ </buildCommand>
+ </buildSpec>
+ <natures>
+ <nature>org.eclipse.jdt.core.javanature</nature>
+ </natures>
+</projectDescription>
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/bin.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/bin.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/bin.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,15 @@
+<assembly>
+ <formats>
+ <format>zip</format>
+ </formats>
+ <includeBaseDirectory>false</includeBaseDirectory>
+ <dependencySets>
+ <dependencySet>
+ <includes>
+ <include>org.jboss.security:xacml-existdb</include>
+ <include>net.sf.existdb:exist</include>
+ <include>net.sf.existdb:xmldb</include>
+ </includes>
+ </dependencySet>
+ </dependencySets>
+</assembly>
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/pom.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/pom.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/pom.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,174 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>xacml-existdb-project</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ <relativePath>../parent/pom.xml</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>xacml-existdb</artifactId>
+ <packaging>jar</packaging>
+ <name>JBoss XACML ExistDB</name>
+ <url>http://www.jboss.org</url>
+ <description>JBoss XACML ExistDB Bindings</description>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>2.4.3</version>
+ <configuration>
+ <printSummary>true</printSummary>
+ <disableXmlReport>false</disableXmlReport>
+ <testFailureIgnore>false</testFailureIgnore>
+ <includes>
+ <include>**/**TestCase.java</include>
+ </includes>
+ <forkMode>pertest</forkMode>
+ <argLine>-Djava.endorsed.dirs=${basedir}/src/test/resources/endorsed</argLine>
+ <useFile>false</useFile>
+ <trimStackTrace>false</trimStackTrace>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <version>2.1</version>
+ <executions>
+ <execution>
+ <phase>package</phase>
+ <goals>
+ <goal>attached</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <archive>
+ <manifestEntries>
+ <Specification-Title>PicketBox</Specification-Title>
+ <Specification-Version>${project.version}</Specification-Version>
+ <Specification-Vendor>Red Hat Middleware LLC</Specification-Vendor>
+ <Implementation-Title>JBoss XACML ExistDB Integration</Implementation-Title>
+ <Implementation-Version>${project.version}</Implementation-Version>
+ <Implementation-VendorId>org.jboss.security</Implementation-VendorId>
+ <Implementation-Vendor>Red Hat Middleware LLC</Implementation-Vendor>
+ <Implementation-URL>http://picketbox.org/</Implementation-URL>
+ </manifestEntries>
+ </archive>
+ <descriptors>
+ <descriptor>bin.xml</descriptor>
+ <descriptor>sources.xml</descriptor>
+ </descriptors>
+ </configuration>
+ <inherited>false</inherited>
+ </plugin>
+ </plugins>
+ </build>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jbossxacml</artifactId>
+ <version>2.0.5.CR2</version>
+ </dependency>
+ <dependency>
+ <groupId>net.sf.existdb</groupId>
+ <artifactId>exist</artifactId>
+ <version>1.2.6</version>
+ </dependency>
+ <dependency>
+ <groupId>net.sf.existdb</groupId>
+ <artifactId>xmldb</artifactId>
+ <version>2004</version>
+ </dependency>
+ <dependency>
+ <groupId>apache-log4j</groupId>
+ <artifactId>log4j</artifactId>
+ <version>1.2.14</version>
+ <optional>true</optional>
+ </dependency>
+ <dependency>
+ <groupId>antlr</groupId>
+ <artifactId>antlr</artifactId>
+ <version>2.7.7</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>net.sf.existdb</groupId>
+ <artifactId>existdb-start</artifactId>
+ <version>1.2.6</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.ws.commons</groupId>
+ <artifactId>util</artifactId>
+ <version>1.0.2</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache</groupId>
+ <artifactId>xmlrpc-client</artifactId>
+ <version>3.1.2</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache</groupId>
+ <artifactId>xmlrpc-server</artifactId>
+ <version>3.1.2</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache</groupId>
+ <artifactId>xmlrpc-common</artifactId>
+ <version>3.1.2</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.mortbay.jetty</groupId>
+ <artifactId>jetty</artifactId>
+ <version>6.1.18</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.mortbay.jetty</groupId>
+ <artifactId>jetty-util</artifactId>
+ <version>6.1.18</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>quartz</groupId>
+ <artifactId>quartz</artifactId>
+ <version>1.6.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache</groupId>
+ <artifactId>commons-pool</artifactId>
+ <version>1.0.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging-api</artifactId>
+ <version>1.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ <version>3.2</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.transaction</groupId>
+ <artifactId>jta</artifactId>
+ <version>1.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.8.1</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+</project>
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/sources.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/sources.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/sources.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,14 @@
+<assembly>
+ <id>sources</id>
+ <formats>
+ <format>jar</format>
+ </formats>
+ <includeBaseDirectory>false</includeBaseDirectory>
+ <fileSets>
+ <fileSet>
+ <directory>${basedir}/../xacml-existdb/src/main/java</directory>
+ <outputDirectory>/</outputDirectory>
+ </fileSet>
+ </fileSets>
+
+</assembly>
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/ExistDBConstants.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/ExistDBConstants.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/ExistDBConstants.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,51 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb;
+
+/**
+ * Some constants for ExistDB Integration
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 24, 2010
+ */
+public interface ExistDBConstants
+{
+ // Key for configuring the collection name
+ String COLLECTION_NAME_KEY = "collectionName";
+
+ //Key for configuring the document name
+ String DOCUMENT_NAME_KEY = "documentName";
+
+ //Key for configuring a comma separated document names
+ String NAMES_OF_DOCUMENTS_KEY = "namesOfDocuments";
+
+ //Key for configuring the database url
+ String DATABASE_URL = "databaseURL";
+
+ //Key for configuring the user name
+ String USERNAME_KEY = "userName";
+
+ //Key for configuring the password
+ String PASSWORD_KEY = "password";
+
+ //Key to indicate the file where the xquery is stored
+ String XQUERY_KEY = "xqueryFile";
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/ExistSecurityCtx.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/ExistSecurityCtx.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/ExistSecurityCtx.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb;
+
+/**
+ * Encapsulate username/pass
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 24, 2010
+ */
+public class ExistSecurityCtx
+{
+ private String username;
+ private String password;
+
+ public ExistSecurityCtx(String user, String pass)
+ {
+ this.username = user;
+ this.password = pass;
+ }
+
+ /**
+ * Return the user name
+ * @return
+ */
+ public String getUsername()
+ {
+ return username;
+ }
+
+ /**
+ * Return the password
+ * @return
+ */
+ public String getPassword()
+ {
+ return password;
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistAttributeLocatorsUtil.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistAttributeLocatorsUtil.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistAttributeLocatorsUtil.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,85 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb.locators.attrib;
+
+import java.io.File;
+import java.util.List;
+
+import org.jboss.security.xacml.existdb.ExistDBConstants;
+import org.jboss.security.xacml.existdb.ExistSecurityCtx;
+import org.jboss.security.xacml.existdb.util.ExistDBUtil;
+import org.jboss.security.xacml.jaxb.Option;
+import org.xmldb.api.base.Collection;
+
+/**
+ * Static class that contains the common code for all the attribute locators for Exist DB
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 25, 2010
+ */
+public class ExistAttributeLocatorsUtil
+{
+ /**
+ * Process the XQuery file and return back the attribute value
+ * @param options
+ * @param className
+ * @return
+ */
+ public static Object processXQuery(List<Option> options, String className)
+ {
+ String uri = ExistDBUtil.getOptionValue(options,ExistDBConstants.DATABASE_URL);
+ if(uri == null)
+ throw new RuntimeException("database url not configured");
+
+ String collectionName = ExistDBUtil.getOptionValue(options,ExistDBConstants.COLLECTION_NAME_KEY);
+
+ if(collectionName == null)
+ collectionName = "xacml";
+
+ String documentName = ExistDBUtil.getOptionValue(options,ExistDBConstants.DOCUMENT_NAME_KEY);
+ if(documentName == null)
+ throw new RuntimeException("documentName not configured in " + className);
+
+ String userName = ExistDBUtil.getOptionValue(options,ExistDBConstants.USERNAME_KEY);
+ String pass = ExistDBUtil.getOptionValue(options,ExistDBConstants.PASSWORD_KEY);
+
+ String xqueryFileName = ExistDBUtil.getOptionValue(options,ExistDBConstants.XQUERY_KEY);
+ if(xqueryFileName == null)
+ throw new RuntimeException("xquery file name missing");
+
+ String xquery = ExistDBUtil.readStaticFileIntoString(new File(xqueryFileName));
+ try
+ {
+ Collection collection = null;
+
+ if(userName == null || userName != "")
+ collection = ExistDBUtil.getCollection(uri, collectionName, null);
+ else
+ collection = ExistDBUtil.getCollection(uri, collectionName, new ExistSecurityCtx(userName, pass));
+
+ return ExistDBUtil.query(collection, xquery);
+ }
+ catch(Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseActionAttributeLocator.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseActionAttributeLocator.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseActionAttributeLocator.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb.locators.attrib;
+
+import java.net.URI;
+
+import org.jboss.security.xacml.locators.attrib.DatabaseActionAttributeLocator;
+import org.jboss.security.xacml.sunxacml.EvaluationCtx;
+
+/**
+ * Attribute Locator for Exist DB that is able to obtain missing action attributes
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 24, 2010
+ */
+public class ExistDatabaseActionAttributeLocator extends DatabaseActionAttributeLocator
+{
+ @Override
+ protected Object getColumnValue(URI attributeType, EvaluationCtx context)
+ {
+ return ExistAttributeLocatorsUtil.processXQuery(options, getClass().getCanonicalName());
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseEnvAttributeLocator.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseEnvAttributeLocator.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseEnvAttributeLocator.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb.locators.attrib;
+
+import java.net.URI;
+
+import org.jboss.security.xacml.locators.attrib.DatabaseEnvAttributeLocator;
+import org.jboss.security.xacml.sunxacml.EvaluationCtx;
+
+/**
+ * Attribute Locator for Exist DB that is able to obtain missing environmental attributes
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 24, 2010
+ */
+public class ExistDatabaseEnvAttributeLocator extends DatabaseEnvAttributeLocator
+{
+ @Override
+ protected Object getColumnValue(URI attributeType, EvaluationCtx context)
+ {
+ return ExistAttributeLocatorsUtil.processXQuery(options, getClass().getCanonicalName());
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseResourceAttributeLocator.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseResourceAttributeLocator.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseResourceAttributeLocator.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,42 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb.locators.attrib;
+
+import java.net.URI;
+
+import org.jboss.security.xacml.locators.attrib.DatabaseResourceAttributeLocator;
+import org.jboss.security.xacml.sunxacml.EvaluationCtx;
+
+/**
+ * Attribute Locator for Exist DB that is able to obtain missing resource attributes
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 24, 2010
+ */
+public class ExistDatabaseResourceAttributeLocator extends DatabaseResourceAttributeLocator
+{
+
+ @Override
+ protected Object getColumnValue(URI attributeType, EvaluationCtx context)
+ {
+ return ExistAttributeLocatorsUtil.processXQuery(options, getClass().getCanonicalName());
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseSubjectAttributeLocator.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseSubjectAttributeLocator.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/attrib/ExistDatabaseSubjectAttributeLocator.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb.locators.attrib;
+
+import java.net.URI;
+
+import org.jboss.security.xacml.locators.attrib.DatabaseSubjectAttributeLocator;
+import org.jboss.security.xacml.sunxacml.EvaluationCtx;
+
+/**
+ * Attribute Locator for Exist DB that is able to obtain missing subject attributes
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 24, 2010
+ */
+public class ExistDatabaseSubjectAttributeLocator extends DatabaseSubjectAttributeLocator
+{
+ @Override
+ protected Object getColumnValue(URI attributeType, EvaluationCtx context)
+ {
+ return ExistAttributeLocatorsUtil.processXQuery(options, getClass().getCanonicalName());
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/policy/ExistPolicyLocator.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/policy/ExistPolicyLocator.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/policy/ExistPolicyLocator.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,79 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb.locators.policy;
+
+import java.io.InputStream;
+import java.util.List;
+import java.util.Set;
+
+import org.jboss.security.xacml.bridge.WrapperPolicyFinderModule;
+import org.jboss.security.xacml.core.JBossXACMLPolicy;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XACMLPolicy;
+import org.jboss.security.xacml.sunxacml.Policy;
+import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule;
+
+/**
+ * A {@code AbstractLocator} that retrieves xacml policy from Exist DB
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 24, 2010
+ */
+public class ExistPolicyLocator extends ExistPolicySetLocator
+{
+ public ExistPolicyLocator()
+ {
+ super();
+ }
+
+ public ExistPolicyLocator(Set<XACMLPolicy> policies)
+ {
+ super(policies);
+ }
+
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public void setPolicies(Set<XACMLPolicy> policies)
+ {
+ super.setPolicies(policies);
+
+ this.policies = policies;
+
+ List<PolicyFinderModule> finders = (List<PolicyFinderModule>) map.get(XACMLConstants.POLICY_FINDER_MODULE);
+
+
+ for (XACMLPolicy xp : policies)
+ {
+ if (xp.getType() == XACMLPolicy.POLICY)
+ {
+ WrapperPolicyFinderModule pfm = new WrapperPolicyFinderModule((Policy) xp.get(XACMLConstants.UNDERLYING_POLICY));
+ finders.add(pfm);
+ }
+ }
+ }
+
+ @Override
+ protected XACMLPolicy createPolicy(InputStream is) throws Exception
+ {
+ return new JBossXACMLPolicy(is, XACMLPolicy.POLICY);
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/policy/ExistPolicySetLocator.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/policy/ExistPolicySetLocator.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/locators/policy/ExistPolicySetLocator.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,189 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb.locators.policy;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import java.util.StringTokenizer;
+
+import org.jboss.security.xacml.bridge.PolicySetFinderModule;
+import org.jboss.security.xacml.existdb.ExistDBConstants;
+import org.jboss.security.xacml.existdb.ExistSecurityCtx;
+import org.jboss.security.xacml.existdb.util.ExistDBUtil;
+import org.jboss.security.xacml.factories.PolicyFactory;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XACMLPolicy;
+import org.jboss.security.xacml.jaxb.Option;
+import org.jboss.security.xacml.locators.JBossPolicySetLocator;
+import org.xmldb.api.DatabaseManager;
+import org.xmldb.api.base.Collection;
+import org.xmldb.api.base.Database;
+
+/**
+ * A Policy Set Locator that gets the policies from the ExistDB
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 24, 2010
+ */
+ at SuppressWarnings("unchecked")
+public class ExistPolicySetLocator extends JBossPolicySetLocator
+{
+ static
+ {
+ try
+ {
+ // initialize driver
+ String driver = "org.exist.xmldb.DatabaseImpl";
+ Class cl = Class.forName(driver);
+ Database database = (Database)cl.newInstance();
+ database.setProperty("create-database", "true");
+ DatabaseManager.registerDatabase(database);
+ }
+ catch(Exception e)
+ {
+ throw new RuntimeException("Error initializing the ExistDB Drivers:",e);
+ }
+ }
+
+ public ExistPolicySetLocator()
+ {
+ super();
+ PolicySetFinderModule finderModule = new PolicySetFinderModule();
+ List<PolicySetFinderModule> finders = new ArrayList<PolicySetFinderModule>();
+ finders.add(finderModule);
+
+ this.set(XACMLConstants.POLICY_FINDER_MODULE, finders);
+ }
+
+ public ExistPolicySetLocator(Set<XACMLPolicy> policies)
+ {
+ super(policies);
+ }
+
+
+ @Override
+ public void setOptions(List<Option> theoptions)
+ {
+ super.setOptions(theoptions);
+ Set<XACMLPolicy> policies = getPolicies();
+ this.setPolicies(policies);
+ }
+
+ @Override
+ public Set<XACMLPolicy> getPolicies()
+ {
+ Set<XACMLPolicy> policies = new HashSet<XACMLPolicy>();
+
+ String uri = ExistDBUtil.getOptionValue(options,ExistDBConstants.DATABASE_URL);
+ if(uri == null)
+ throw new RuntimeException("database url not configured");
+
+ String collectionName = ExistDBUtil.getOptionValue(options,ExistDBConstants.COLLECTION_NAME_KEY);
+
+ if(collectionName == null)
+ collectionName = "xacml";
+
+ String documentName = ExistDBUtil.getOptionValue(options,ExistDBConstants.DOCUMENT_NAME_KEY);
+ String namesOfDocuments = ExistDBUtil.getOptionValue(options,ExistDBConstants.NAMES_OF_DOCUMENTS_KEY);
+
+ if(documentName == null && namesOfDocuments == null)
+ throw new RuntimeException("documentName or namesofDocuments not configured in the ExistPolicySetLocator");
+
+ String userName = ExistDBUtil.getOptionValue(options,ExistDBConstants.USERNAME_KEY);
+ String pass = ExistDBUtil.getOptionValue(options,ExistDBConstants.PASSWORD_KEY);
+
+ try
+ {
+ Collection collection = null;
+
+ if(userName == null || userName != "")
+ collection = ExistDBUtil.getCollection(uri, collectionName, null);
+ else
+ collection = ExistDBUtil.getCollection(uri, collectionName, new ExistSecurityCtx(userName, pass));
+
+ if(namesOfDocuments != null)
+ {
+ String[] docNames = getTokens(namesOfDocuments);
+ for(String docName: docNames)
+ {
+ String policy = ExistDBUtil.retrieve(collection, docName);
+ ByteArrayInputStream bis = new ByteArrayInputStream(policy.getBytes("UTF-8"));
+
+ XACMLPolicy xacmlPolicySet = createPolicy(bis);
+ policies.add(xacmlPolicySet);
+ }
+ }
+ else
+ {
+ String policy = ExistDBUtil.retrieve(collection, documentName);
+ ByteArrayInputStream bis = new ByteArrayInputStream(policy.getBytes("UTF-8"));
+
+ XACMLPolicy xacmlPolicySet = createPolicy(bis);
+ policies.add(xacmlPolicySet);
+ }
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+
+ return policies;
+ }
+
+ /**
+ * Method that is used to create the correct xacml policy or policyset
+ * @param is
+ * @return
+ * @throws Exception
+ */
+ protected XACMLPolicy createPolicy(InputStream is) throws Exception
+ {
+ return PolicyFactory.createPolicySet(is);
+ }
+
+ /**
+ * Get the comma separated tokens
+ * @param csv
+ * @return
+ */
+ private String[] getTokens(String csv)
+ {
+ ArrayList<String> alist = new ArrayList<String>();
+ if(csv == null)
+ throw new IllegalArgumentException("csv is null");
+
+ StringTokenizer st = new StringTokenizer(csv, ",");
+ if(st != null)
+ {
+ while(st.hasMoreTokens())
+ {
+ alist.add(st.nextToken());
+ }
+ }
+ String[] strArr = new String[alist.size()];
+ alist.toArray(strArr);
+ return strArr;
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/util/ExistDBUtil.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/util/ExistDBUtil.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/util/ExistDBUtil.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,199 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb.util;
+
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.Reader;
+import java.io.UnsupportedEncodingException;
+import java.util.List;
+
+import javax.xml.transform.OutputKeys;
+
+import org.exist.storage.serializers.EXistOutputKeys;
+import org.exist.xmldb.XQueryService;
+import org.jboss.security.xacml.existdb.ExistSecurityCtx;
+import org.jboss.security.xacml.jaxb.Option;
+import org.xmldb.api.DatabaseManager;
+import org.xmldb.api.base.Collection;
+import org.xmldb.api.base.Resource;
+import org.xmldb.api.base.ResourceIterator;
+import org.xmldb.api.base.ResourceSet;
+import org.xmldb.api.base.XMLDBException;
+import org.xmldb.api.modules.XMLResource;
+
+/**
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 24, 2010
+ */
+public class ExistDBUtil
+{
+ /**
+ * Given the list of options, get the value
+ * @param options
+ * @param key the value to be returned has this key
+ * @return
+ */
+ public static String getOptionValue(List<Option> options, String key)
+ {
+ for(Option option: options)
+ {
+ if(key.equals(option.getName()) )
+ return (String) option.getContent().get(0);
+ }
+ return null;
+ }
+
+ /**
+ * Given a file instance, try to read it into a String as the XML DB api
+ * use a string for xquery
+ * <b>NOTE:</b> If the file does not exist, an attempt is made to read
+ * the file via the Thread Context Class Loader.
+ *
+ * @param file
+ * @return
+ */
+ public static String readStaticFileIntoString(File file)
+ {
+ Reader reader = null;
+ if(file.exists() == false)
+ {
+ //Use other mechanisms to get to the file
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ String path = file.getPath();
+
+ InputStream is = tcl.getResourceAsStream(file.getPath());
+ if(is == null)
+ throw new RuntimeException("file could not be located " + path);
+
+ try
+ {
+ reader = new InputStreamReader(is, "UTF-8");
+ }
+ catch (UnsupportedEncodingException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+ else
+ {
+ try
+ {
+ reader = new FileReader(file);
+ }
+ catch (FileNotFoundException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+ StringBuilder contents = new StringBuilder();
+
+ try
+ {
+ BufferedReader input = new BufferedReader(reader);
+ try
+ {
+ String line = null;
+ while (( line = input.readLine()) != null)
+ {
+ contents.append(line);
+ contents.append(SecurityActions.getSystemProperty("line.separator"));
+ }
+ }
+ finally
+ {
+ input.close();
+ }
+ }
+ catch (IOException ex)
+ {
+ throw new RuntimeException(ex);
+ }
+
+ return contents.toString();
+ }
+
+ /**
+ * Execute an XQuery against the Exist DB
+ * @param collection
+ * @param query
+ * @return
+ * @throws Exception
+ */
+ public static Object query(Collection collection, String query) throws Exception
+ {
+ XQueryService service = (XQueryService)
+ collection.getService("XQueryService", "1.0");
+ ResourceSet result = service.query(query);
+ long size = result.getSize();
+ if(size > 1)
+ throw new RuntimeException("XQuery result is greater than 1");
+
+ ResourceIterator resourceIterator = result.getIterator();
+ Resource resource = resourceIterator.nextResource();
+ return resource.getContent();
+ }
+
+ /**
+ * Retrieve the policy as a string
+ * @param collection
+ * @param documentName
+ * @return
+ * @throws Exception
+ */
+ public static String retrieve(Collection collection, String documentName) throws Exception
+ {
+ XMLResource res = (XMLResource)collection.getResource(documentName);
+ if(res == null)
+ throw new RuntimeException("Document not found in exist db:" + documentName + " in collection:" +
+ collection.getName());
+
+ Object content = res.getContent();
+ return (String) content;
+ }
+
+ /**
+ * Given the database URI and the collection name, get the Collection.
+ * @param URI
+ * @param collectionName
+ * @param sctx
+ * @return
+ * @throws XMLDBException
+ */
+ public static Collection getCollection(String URI, String collectionName, ExistSecurityCtx sctx) throws XMLDBException
+ {
+ Collection col = null;
+ if (sctx != null)
+ col = DatabaseManager.getCollection(URI + collectionName, sctx.getUsername(), sctx.getPassword());
+ else
+ col = DatabaseManager.getCollection(URI + collectionName);
+ col.setProperty(OutputKeys.INDENT, "no");
+ col.setProperty(EXistOutputKeys.EXPAND_XINCLUDES, "no");
+ col.setProperty(EXistOutputKeys.PROCESS_XSL_PI, "no");
+ return col;
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/util/SecurityActions.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/util/SecurityActions.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/main/java/org/jboss/security/xacml/existdb/util/SecurityActions.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,73 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.existdb.util;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 10, 2007
+ * @version $Revision$
+ */
+class SecurityActions
+{
+ /**
+ * Obtain the Thread Context ClassLoader
+ * @return
+ */
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ static String getSystemProperty(final String key)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty(key);
+ }
+ });
+ }
+
+ static void setSystemProperty(final String key, final String value)
+ {
+ AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ public Object run()
+ {
+ System.setProperty(key, value);
+ return null;
+ }
+ });
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/AbstractExistDBTest.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/AbstractExistDBTest.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/AbstractExistDBTest.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,207 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.xacml.existdb;
+
+import java.io.File;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Vector;
+
+import javax.servlet.Servlet;
+import javax.xml.transform.OutputKeys;
+
+import org.apache.xmlrpc.client.XmlRpcClient;
+import org.apache.xmlrpc.client.XmlRpcClientConfigImpl;
+import org.exist.storage.BrokerPool;
+import org.exist.storage.DBBroker;
+import org.exist.storage.serializers.EXistOutputKeys;
+import org.exist.util.Configuration;
+import org.exist.util.SingleInstanceConfiguration;
+import org.exist.xmldb.EXistResource;
+import org.exist.xmldb.XQueryService;
+import org.exist.xmlrpc.RpcServlet;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.mortbay.jetty.Connector;
+import org.mortbay.jetty.Server;
+import org.mortbay.jetty.bio.SocketConnector;
+import org.mortbay.jetty.servlet.Context;
+import org.mortbay.jetty.servlet.ServletHolder;
+import org.xmldb.api.DatabaseManager;
+import org.xmldb.api.base.Collection;
+import org.xmldb.api.base.Database;
+import org.xmldb.api.base.ResourceIterator;
+import org.xmldb.api.base.ResourceSet;
+import org.xmldb.api.modules.CollectionManagementService;
+import org.xmldb.api.modules.XMLResource;
+
+/**
+ * Test infrastructure to deal with existdb
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 18, 2010
+ */
+public abstract class AbstractExistDBTest
+{
+ public final static String URI = "xmldb:exist://localhost:11080/exist/xmlrpc/";
+
+ private static Server server = null;
+ @BeforeClass
+ public static void startExist() throws Exception
+ {
+ System.setProperty("exist.home", "src/test/resources");
+
+ Server server = new Server();
+
+ Connector[] connectors = getConnectors();
+ server.setConnectors(connectors);
+
+
+ Configuration config = new SingleInstanceConfiguration();
+ BrokerPool.configure(1, 1, config);
+
+ //add the user webapp
+ Context context = new Context(server,"/",Context.SESSIONS);
+ ServletHolder servletHolder = new ServletHolder((Servlet) new RpcServlet());
+ servletHolder.setInitParameter("enabledForExtensions", "true");
+
+ context.addServlet(servletHolder, "/exist/xmlrpc");
+
+
+ if(server.isRunning());
+ server.stop();
+
+ server.start();
+ }
+
+ @AfterClass
+ public static void stopExist() throws Exception
+ {
+ System.out.println("Going to stop server");
+ if(server != null && server.isRunning())
+ server.stop();
+ System.out.println("Server stopped");
+ }
+
+ @SuppressWarnings("unchecked")
+ public AbstractExistDBTest() throws Exception
+ {
+ // initialize driver
+ String driver = "org.exist.xmldb.DatabaseImpl";
+ Class cl = Class.forName(driver);
+ Database database = (Database)cl.newInstance();
+ database.setProperty("create-database", "true");
+ DatabaseManager.registerDatabase(database);
+ }
+
+ public void store(File file, String collectionName) throws Exception
+ {
+ if(file == null)
+ throw new IllegalArgumentException("file is null");
+
+ // try to get collection
+ Collection col =
+ DatabaseManager.getCollection(URI + collectionName);
+ if(col == null)
+ {
+ // collection does not exist: get root collection and create.
+ // for simplicity, we assume that the new collection is a
+ // direct child of the root collection, e.g. /db/test.
+ // the example will fail otherwise.
+ //Collection root = DatabaseManager.getCollection(URI + DBBroker.ROOT_COLLECTION);
+ Collection root = DatabaseManager.getCollection(URI);
+
+ CollectionManagementService mgtService =
+ (CollectionManagementService)root.getService("CollectionManagementService", "1.0");
+ col = mgtService.createCollection(collectionName.substring((DBBroker.ROOT_COLLECTION + "/").length()));
+ }
+ // create new XMLResource
+ XMLResource document = (XMLResource)col.createResource(file.getName(), "XMLResource");
+ document.setContent(file);
+ System.out.print("storing document " + document.getId() + "...");
+ col.storeResource(document);
+ System.out.println("ok.");
+ }
+
+ public void retrieve(String collectionName, String documentName) throws Exception
+ {
+ Collection col = DatabaseManager.getCollection(URI + collectionName);
+ col.setProperty(OutputKeys.INDENT, "no");
+ col.setProperty(EXistOutputKeys.EXPAND_XINCLUDES, "no");
+ //col.setProperty(EXistOutputKeys.PROCESS_XSL_PI, "yes");
+ col.setProperty(EXistOutputKeys.PROCESS_XSL_PI, "no");
+ XMLResource res = (XMLResource)col.getResource(documentName);
+ if(res == null)
+ System.out.println("document not found!");
+ else {
+ Object content = res.getContent();
+ System.out.println("Type of content=" + content.getClass());
+ System.out.println(content);
+ System.out.println("Size: " + ((EXistResource)res).getContentLength());
+ }
+ }
+
+ public void retrieve2(String collectionName, String documentName) throws Exception
+ {
+ String uri = "http://localhost:11080/exist/xmlrpc";
+ XmlRpcClient client = new XmlRpcClient();
+ XmlRpcClientConfigImpl config = new XmlRpcClientConfigImpl();
+ config.setServerURL(new URL(uri));
+ config.setBasicUserName("guest");
+ config.setBasicPassword("guest");
+ client.setConfig(config);
+
+ Map options = new HashMap();
+ options.put("indent", "yes");
+ options.put("encoding", "UTF-8");
+ options.put("expand-xincludes", "yes");
+ options.put("process-xsl-pi", "no");
+
+ Vector params = new Vector();
+ params.addElement( documentName );
+ params.addElement( options );
+ String xml = (String)
+ client.execute( "getDocumentAsString", params );
+ System.out.println( xml );
+
+ }
+
+ public void query(String collectionName, String query) throws Exception
+ {
+ Collection collection = DatabaseManager.getCollection(URI + collectionName);
+ XQueryService service = (XQueryService)
+ collection.getService("XQueryService", "1.0");
+ ResourceSet result = service.query(query);
+ System.out.println("Found " + result.getSize() + " results.");
+ for(ResourceIterator i = result.getIterator(); i.hasMoreResources(); )
+ {
+ System.out.println(i.nextResource().getContent());
+ }
+ }
+
+ private static Connector[] getConnectors()
+ {
+ Connector connector=new SocketConnector();
+ connector.setPort(11080);
+ return new Connector[]{connector};
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/tests/ExistAttributeUnitTestCase.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/tests/ExistAttributeUnitTestCase.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/tests/ExistAttributeUnitTestCase.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,110 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.xacml.existdb.tests;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.File;
+import java.io.InputStream;
+
+import org.jboss.security.xacml.core.JBossPDP;
+import org.jboss.security.xacml.factories.RequestResponseContextFactory;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.jboss.security.xacml.interfaces.RequestContext;
+import org.jboss.security.xacml.interfaces.ResponseContext;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.test.security.xacml.existdb.AbstractExistDBTest;
+import org.junit.Test;
+
+/**
+ * Unit test the {@code ExistDatabaseSubjectAttributeLocator}
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 24, 2010
+ */
+public class ExistAttributeUnitTestCase extends AbstractExistDBTest
+{
+ public ExistAttributeUnitTestCase() throws Exception
+ {
+ super();
+ String collectionName = "xacml";
+ this.store(new File("src/test/resources/attrib/attribLocator_policy.xml"), collectionName);
+
+ }
+
+ @Test
+ public void testPDPUsingExistDatabaseResourceAttributeLocator() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+
+ InputStream is = tcl.getResourceAsStream("attrib/db_resource_attrib_locator-config.xml");
+ assertNotNull("Inputstream is not null?", is);
+ PolicyDecisionPoint pdp = new JBossPDP(is);
+ ResponseContext response = getResponse(pdp,"attrib/attribLocatorResourceAttribute-request.xml");
+ int decision = response.getDecision();
+ assertEquals("PERMIT?", XACMLConstants.DECISION_PERMIT,decision);
+ }
+
+ @Test
+ public void testPDPUsingExistDatabaseSubjectAttributeLocator() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+
+ InputStream is = tcl.getResourceAsStream("attrib/db_subject_attrib_locator-config.xml");
+ assertNotNull("Inputstream is not null?", is);
+ PolicyDecisionPoint pdp = new JBossPDP(is);
+ ResponseContext response = getResponse(pdp,"attrib/attribLocatorSubjectAttribute-request.xml");
+ int decision = response.getDecision();
+ assertEquals("PERMIT?", XACMLConstants.DECISION_PERMIT,decision);
+ }
+
+ @Test
+ public void testPDPUsingExistDBLocator() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+
+ InputStream is = tcl.getResourceAsStream("attrib/db_attrib_locator-config.xml");
+ assertNotNull("Inputstream is not null?", is);
+ PolicyDecisionPoint pdp = new JBossPDP(is);
+ ResponseContext response = getResponse(pdp,"attrib/attribLocatorResourceAttribute-request.xml");
+ int decision = response.getDecision();
+ assertEquals("PERMIT?", XACMLConstants.DECISION_PERMIT,decision);
+
+
+ response = getResponse(pdp,"attrib/attribLocatorSubjectAttribute-request.xml");
+ decision = response.getDecision();
+ assertEquals("PERMIT?", XACMLConstants.DECISION_PERMIT,decision);
+ }
+
+ private ResponseContext getResponse(PolicyDecisionPoint pdp,
+ String requestFileLoc) throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream is = tcl.getResourceAsStream(requestFileLoc);
+ if(is == null)
+ throw new RuntimeException("request stream is null");
+
+ RequestContext request = RequestResponseContextFactory.createRequestCtx();
+ request.readRequest(is);
+ return pdp.evaluate(request);
+ }
+}
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/tests/XACMLAttributeUnitTestCase.java
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/tests/XACMLAttributeUnitTestCase.java (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/java/org/jboss/test/security/xacml/existdb/tests/XACMLAttributeUnitTestCase.java 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.xacml.existdb.tests;
+
+import java.io.File;
+
+import org.jboss.test.security.xacml.existdb.AbstractExistDBTest;
+import org.junit.Test;
+
+/**
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 19, 2010
+ */
+public class XACMLAttributeUnitTestCase extends AbstractExistDBTest
+{
+ public XACMLAttributeUnitTestCase() throws Exception
+ {
+ super();
+ }
+
+ @Test
+ public void testXACMLAttrib() throws Exception
+ {
+ String collectionName = "test.xacml";
+ this.store(new File("src/test/resources/conf.xml"), collectionName);
+ this.retrieve(collectionName, "conf.xml");
+
+ System.out.println("NEW TRY");
+ this.retrieve2(collectionName, "conf.xml");
+
+ //Let us try an XQUERY
+ StringBuilder xquery = new StringBuilder( "xquery version \"1.0\"; ");
+ xquery.append( " declare namespace somemath=\"java:java.lang.Math\" ;");
+ xquery.append("let $r := somemath:random() return $r");
+
+ this.query(collectionName, xquery.toString());
+ }
+}
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocatorResourceAttribute-request.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocatorResourceAttribute-request.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocatorResourceAttribute-request.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xacml-context:Request
+ xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os"
+ xmlns="urn:oasis:names:tc:xacml:2.0:context:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation=" urn:oasis:names:tc:xacml:2.0:context:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd">
+ <Subject
+ SubjectCategory="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject">
+ <Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string" Issuer="xacml20.interop.com">
+ <AttributeValue>123456</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:subject:user-name"
+ DataType="http://www.w3.org/2001/XMLSchema#string" Issuer="xacml20.interop.com">
+ <AttributeValue>John Smith</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:subject:buy-num-shares"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"
+ Issuer="xacml20.interop.com">
+ <AttributeValue>1000</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:subject:buy-offer-price"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"
+ Issuer="xacml20.interop.com">
+ <AttributeValue>1</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:subject:req-credit-ext-approval"
+ DataType="http://www.w3.org/2001/XMLSchema#string" Issuer="xacml20.interop.com">
+ <AttributeValue>false</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:subject:req-trade-approval"
+ DataType="http://www.w3.org/2001/XMLSchema#string" Issuer="xacml20.interop.com">
+ <AttributeValue>false</AttributeValue>
+ </Attribute>
+ </Subject>
+ <Resource>
+ <Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <AttributeValue>CustomerAccount</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:owner-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <AttributeValue>123456</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:owner-name"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <AttributeValue>John Smith</AttributeValue>
+ </Attribute>
+
+ <!-- WE GET THIS VIA THE ATTRIBUTE LOCATOR
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:account-status"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <AttributeValue>Active</AttributeValue>
+ </Attribute>
+ -->
+
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:credit-line"
+ DataType="http://www.w3.org/2001/XMLSchema#integer">
+ <AttributeValue>15000</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:current-credit"
+ DataType="http://www.w3.org/2001/XMLSchema#integer">
+ <AttributeValue>10000</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:trade-limit"
+ DataType="http://www.w3.org/2001/XMLSchema#integer">
+ <AttributeValue>10000</AttributeValue>
+ </Attribute>
+ </Resource>
+ <Action>
+ <Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <AttributeValue>Buy</AttributeValue>
+ </Attribute>
+ </Action>
+ <Environment/>
+</xacml-context:Request>
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocatorSubjectAttribute-request.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocatorSubjectAttribute-request.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocatorSubjectAttribute-request.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,81 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xacml-context:Request
+ xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os"
+ xmlns="urn:oasis:names:tc:xacml:2.0:context:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation=" urn:oasis:names:tc:xacml:2.0:context:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd">
+ <Subject
+ SubjectCategory="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject">
+
+ <!-- WE GET THIS VIA THE SUBJECT ATTRIBUTE LOCATOR
+ <Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string" Issuer="xacml20.interop.com">
+ <AttributeValue>123456</AttributeValue>
+ </Attribute>
+ -->
+
+
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:subject:user-name"
+ DataType="http://www.w3.org/2001/XMLSchema#string" Issuer="xacml20.interop.com">
+ <AttributeValue>John Smith</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:subject:buy-num-shares"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"
+ Issuer="xacml20.interop.com">
+ <AttributeValue>1000</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:subject:buy-offer-price"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"
+ Issuer="xacml20.interop.com">
+ <AttributeValue>1</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:subject:req-credit-ext-approval"
+ DataType="http://www.w3.org/2001/XMLSchema#string" Issuer="xacml20.interop.com">
+ <AttributeValue>false</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:subject:req-trade-approval"
+ DataType="http://www.w3.org/2001/XMLSchema#string" Issuer="xacml20.interop.com">
+ <AttributeValue>false</AttributeValue>
+ </Attribute>
+ </Subject>
+ <Resource>
+ <Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <AttributeValue>CustomerAccount</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:owner-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <AttributeValue>123456</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:owner-name"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <AttributeValue>John Smith</AttributeValue>
+ </Attribute>
+
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:account-status"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <AttributeValue>Active</AttributeValue>
+ </Attribute>
+
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:credit-line"
+ DataType="http://www.w3.org/2001/XMLSchema#integer">
+ <AttributeValue>15000</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:current-credit"
+ DataType="http://www.w3.org/2001/XMLSchema#integer">
+ <AttributeValue>10000</AttributeValue>
+ </Attribute>
+ <Attribute AttributeId="urn:xacml:2.0:interop:example:resource:trade-limit"
+ DataType="http://www.w3.org/2001/XMLSchema#integer">
+ <AttributeValue>10000</AttributeValue>
+ </Attribute>
+ </Resource>
+ <Action>
+ <Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string">
+ <AttributeValue>Buy</AttributeValue>
+ </Attribute>
+ </Action>
+ <Environment/>
+</xacml-context:Request>
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocator_policy.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocator_policy.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/attribLocator_policy.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,176 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Policy
+ xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os
+ http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-os.xsd"
+ PolicyId="urn:xacml:2.0:interop:example:policyid:02"
+ RuleCombiningAlgId=
+ "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Description>
+ XACML 2.0 Interop Example Policy 02: Only allow a customer whose id matches the
+ account owner-id to access the account and only if the account status is active.
+ Only allow trades that have value within credit-line and trade-limit restrictions.
+ </Description>
+ <Target/>
+ <VariableDefinition VariableId="urn:xacml:2.0:interop:example:variableid:01.2">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <ResourceAttributeDesignator
+ AttributeId="urn:xacml:2.0:interop:example:resource:owner-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </Apply>
+ </Apply>
+ </VariableDefinition>
+ <VariableDefinition VariableId="urn:xacml:2.0:interop:example:variableid:02">
+ <!-- Function to evaluate: -->
+ <!-- ((buy-num-shares x buy-offer-price) lt -->
+ <!-- (credit-line - current-credit) ) and -->
+ <!-- ((buy-num-shares x buy-offer-price) lt trade-limit) -->
+ <!-- If both the above expressions true, then Request within limits -->
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId=
+ "urn:oasis:names:tc:xacml:1.0:function:integer-less-than-or-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-multiply">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:xacml:2.0:interop:example:subject:buy-num-shares"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"/>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:xacml:2.0:interop:example:subject:buy-offer-price"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"/>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-subtract">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <ResourceAttributeDesignator
+ AttributeId="urn:xacml:2.0:interop:example:resource:credit-line"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"/>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <ResourceAttributeDesignator
+ AttributeId="urn:xacml:2.0:interop:example:resource:current-credit"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"/>
+ </Apply>
+ </Apply>
+ </Apply>
+ <Apply FunctionId=
+ "urn:oasis:names:tc:xacml:1.0:function:integer-less-than-or-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-multiply">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:xacml:2.0:interop:example:subject:buy-num-shares"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"/>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <SubjectAttributeDesignator
+ AttributeId="urn:xacml:2.0:interop:example:subject:buy-offer-price"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"/>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <ResourceAttributeDesignator
+ AttributeId="urn:xacml:2.0:interop:example:resource:trade-limit"
+ DataType="http://www.w3.org/2001/XMLSchema#integer"/>
+ </Apply>
+ </Apply>
+ </Apply>
+ </VariableDefinition>
+ <Rule RuleId="urn:xacml:2.0:interop:example:ruleid:02"
+ Effect="Permit">
+ <Description>
+ XACML 2.0 Interop Example Rule 02: Only allow a customer whose id matches the
+ account owner-id to access the account and only if the account status is active.
+ </Description>
+ <Target>
+ <!-- This rule permits access to CustomerAccount resources -->
+ <Resources>
+ <!-- CustomerAccount -->
+ <Resource>
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >CustomerAccount</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ <!-- Account must have Active status -->
+ <ResourceMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >Active</AttributeValue>
+ <ResourceAttributeDesignator
+ AttributeId="urn:xacml:2.0:interop:example:resource:account-status"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ <!-- This rule only applies to the ViewAccount action -->
+ <Actions>
+ <Action>
+ <ActionMatch
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ >Buy</AttributeValue>
+ <ActionAttributeDesignator
+ AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"/>
+ </ActionMatch>
+ </Action>
+ </Actions>
+ </Target>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <VariableReference VariableId="urn:xacml:2.0:interop:example:variableid:01.2"/>
+ <VariableReference VariableId="urn:xacml:2.0:interop:example:variableid:02"/>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule RuleId="urn:xacml:2.0:interop:example:ruleid:deny02" Effect="Deny">
+ <Description>
+ This Policy is permit-overrides, therefore if a rule above evaluated to
+ Permit this Rule will be skipped. However, if no Permit was obtained, this
+ Rule evaluates to true and so produces a Deny. Therefore evaluation of this
+ Policy results in either a Permit or Deny which is the intended effect.
+ </Description>
+ <Target/>
+ </Rule>
+ <Obligations>
+ <!-- These obligations tell PEP to provide specific data items to the response -->
+ <!-- This obligation says provide the xacml:Decision data to the response -->
+ <Obligation
+ ObligationId="urn:xacml:2.0:interop:example:obligation:decision"
+ FulfillOn="Permit"/>
+ <!-- This obligation says provide the xacml:StatusCode data to the response -->
+ <Obligation
+ ObligationId="urn:xacml:2.0:interop:example:obligation:status-code"
+ FulfillOn="Permit"/>
+ <!-- This obligation says provide the xacml:StatusMessage data to the response -->
+ <Obligation
+ ObligationId="urn:xacml:2.0:interop:example:obligation:status-message"
+ FulfillOn="Permit"/>
+ <!-- This obligation says provide the xacml:Decision data to the response -->
+ <Obligation
+ ObligationId="urn:xacml:2.0:interop:example:obligation:decision"
+ FulfillOn="Deny"/>
+ <!-- This obligation says provide the xacml:StatusCode data to the response -->
+ <Obligation
+ ObligationId="urn:xacml:2.0:interop:example:obligation:status-code"
+ FulfillOn="Deny"/>
+ <!-- This obligation says provide the xacml:StatusMessage data to the response -->
+ <Obligation
+ ObligationId="urn:xacml:2.0:interop:example:obligation:status-message"
+ FulfillOn="Deny"/>
+ </Obligations>
+</Policy>
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_attrib_locator-config.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_attrib_locator-config.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_attrib_locator-config.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,30 @@
+<ns:jbosspdp xmlns:ns="urn:jboss:xacml:2.0">
+
+ <ns:Locators>
+ <ns:Locator Name="org.jboss.security.xacml.existdb.locators.policy.ExistPolicyLocator">
+ <ns:Option Name="databaseURL">xmldb:exist://localhost:11080/exist/xmlrpc/</ns:Option>
+ <ns:Option Name="collectionName">xacml</ns:Option>
+ <ns:Option Name="namesOfDocuments">attribLocator_policy.xml</ns:Option>
+ </ns:Locator>
+
+ <ns:Locator Name="org.jboss.security.xacml.existdb.locators.attrib.ExistDatabaseSubjectAttributeLocator">
+ <ns:Option Name="databaseURL">xmldb:exist://localhost:11080/exist/xmlrpc/</ns:Option>
+ <ns:Option Name="collectionName">xacml</ns:Option>
+ <ns:Option Name="documentName">attribLocator_policy.xml</ns:Option>
+ <ns:Option Name="attributeSupportedId">urn:oasis:names:tc:xacml:1.0:subject:subject-id</ns:Option>
+ <ns:Option Name="xqueryFile">src/test/resources/attrib/subjectattribute.xql</ns:Option>
+ </ns:Locator>
+
+
+
+ <ns:Locator Name="org.jboss.security.xacml.existdb.locators.attrib.ExistDatabaseResourceAttributeLocator">
+ <ns:Option Name="databaseURL">xmldb:exist://localhost:11080/exist/xmlrpc/</ns:Option>
+ <ns:Option Name="collectionName">xacml</ns:Option>
+ <ns:Option Name="documentName">attribLocator_policy.xml</ns:Option>
+ <ns:Option Name="attributeSupportedId">urn:xacml:2.0:interop:example:resource:account-status</ns:Option>
+ <ns:Option Name="xqueryFile">attrib/resourceattribute.xql</ns:Option>
+ </ns:Locator>
+
+
+ </ns:Locators>
+</ns:jbosspdp>
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_resource_attrib_locator-config.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_resource_attrib_locator-config.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_resource_attrib_locator-config.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,18 @@
+<ns:jbosspdp xmlns:ns="urn:jboss:xacml:2.0">
+
+ <ns:Locators>
+ <ns:Locator Name="org.jboss.security.xacml.existdb.locators.policy.ExistPolicyLocator">
+ <ns:Option Name="databaseURL">xmldb:exist://localhost:11080/exist/xmlrpc/</ns:Option>
+ <ns:Option Name="collectionName">xacml</ns:Option>
+ <ns:Option Name="documentName">attribLocator_policy.xml</ns:Option>
+ </ns:Locator>
+
+ <ns:Locator Name="org.jboss.security.xacml.existdb.locators.attrib.ExistDatabaseResourceAttributeLocator">
+ <ns:Option Name="databaseURL">xmldb:exist://localhost:11080/exist/xmlrpc/</ns:Option>
+ <ns:Option Name="collectionName">xacml</ns:Option>
+ <ns:Option Name="documentName">attribLocator_policy.xml</ns:Option>
+ <ns:Option Name="attributeSupportedId">urn:xacml:2.0:interop:example:resource:account-status</ns:Option>
+ <ns:Option Name="xqueryFile">attrib/resourceattribute.xql</ns:Option>
+ </ns:Locator>
+ </ns:Locators>
+</ns:jbosspdp>
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_subject_attrib_locator-config.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_subject_attrib_locator-config.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/db_subject_attrib_locator-config.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,19 @@
+<ns:jbosspdp xmlns:ns="urn:jboss:xacml:2.0">
+
+ <ns:Locators>
+ <ns:Locator Name="org.jboss.security.xacml.existdb.locators.policy.ExistPolicyLocator">
+ <ns:Option Name="databaseURL">xmldb:exist://localhost:11080/exist/xmlrpc/</ns:Option>
+ <ns:Option Name="collectionName">xacml</ns:Option>
+ <ns:Option Name="documentName">attribLocator_policy.xml</ns:Option>
+ </ns:Locator>
+
+ <ns:Locator Name="org.jboss.security.xacml.existdb.locators.attrib.ExistDatabaseSubjectAttributeLocator">
+ <ns:Option Name="databaseURL">xmldb:exist://localhost:11080/exist/xmlrpc/</ns:Option>
+ <ns:Option Name="collectionName">xacml</ns:Option>
+ <ns:Option Name="documentName">attribLocator_policy.xml</ns:Option>
+ <ns:Option Name="attributeSupportedId">urn:oasis:names:tc:xacml:1.0:subject:subject-id</ns:Option>
+ <ns:Option Name="xqueryFile">src/test/resources/attrib/subjectattribute.xql</ns:Option>
+ </ns:Locator>
+
+ </ns:Locators>
+</ns:jbosspdp>
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/resourceattribute.xql
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/resourceattribute.xql (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/resourceattribute.xql 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,3 @@
+xquery version "1.0";
+let $r := "Active"
+return $r
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/subjectattribute.xql
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/subjectattribute.xql (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/subjectattribute.xql 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,3 @@
+xquery version "1.0";
+let $r := 123456
+return $r
\ No newline at end of file
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/web-policy.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/web-policy.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/attrib/web-policy.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides"
+Version="2.0" PolicyId="ExamplePolicy">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://test/developer-guide.html</AttributeValue>
+ <ResourceAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#anyURI" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"/>
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule Effect="Permit" RuleId="ReadRule">
+ <Target>
+ <Actions>
+ <Action>
+ <ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue>
+ <ActionAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#string" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"/>
+ </ActionMatch>
+ </Action>
+ </Actions>
+ </Target>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">developer</AttributeValue>
+ <SubjectAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#string"
+ AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" />
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule Effect="Deny" RuleId="DenyRule"/>
+</Policy>
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/conf.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/conf.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/conf.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,702 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ This is the central configuration file for the database. If the database
+ is running in a servlet-context, the configuration file will be read from
+ the WEB-INF directory of the web application. Otherwise, the configuration
+ is read from the directory specified by the exist.home system property.
+
+ Structure of this xml document:
+
+ exist
+ cluster
+ db-connection
+ default-permissions
+ pool
+ recovery
+ security
+ watchdog
+ indexer
+ scheduler
+ job
+ serializer
+ transformer
+ validation
+ xquery
+ builtin-modules
+ module
+ xupdate
+
+
+ For detailed and latest information please consult the eXist documentation:
+
+ - http://exist-db.org/configuration.html
+ - http://exist-db.org/cluster.html
+ - http://exist-db.org/documentation.html
+ - http://atomic.exist-db.org/
+
+ $Id: conf.xml.tmpl 9134 2009-06-13 11:35:31Z wolfgang_m $
+
+-->
+<exist xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:noNamespaceSchemaLocation="src/test/resources/schema/conf.xsd">
+
+ <!--
+ Configures the cluster configuration
+
+ - dbaUser:
+ defines the user used by the cluster for the replica.
+
+ - dbaPassword:
+ defines the user password used by the cluster for the replica.
+
+ - exclude:
+ some collections should be signed as no-replicated collections i.e.
+ during the replica phase eXist cluster environment doesn't send
+ events based on these collections, colon is the separator char when
+ more than one collection is added.
+
+ - journalDir:
+ specifies the folder where the eXist cluster node saves its journal
+ file. Directory is automatically created if it doesn't exist. If no
+ journaldir is specified, journal is disabled.
+
+ - protocol:
+ defines a protocol stack. Refers the jgroups protocol stack.
+ -->
+ <cluster dbaPassword="" dbaUser="admin" exclude="/db/system,/db/system/config"
+ journalDir="webapp/WEB-INF/data/journal"
+ protocol="UDP(mcast_addr=228.1.2.3;mcast_port=45566;ip_ttl=8;ip_mcast=true;mcast_send_buf_size=800000;mcast_recv_buf_size=150000;ucast_send_buf_size=800000;ucast_recv_buf_size=150000;loopback=true):PING(timeout=2000;num_initial_members=3;up_thread=true;down_thread=true):MERGE2(min_interval=10000;max_interval=20000):FD(shun=true;up_thread=true;down_thread=true;timeout=2500;max_tries=5):VERIFY_SUSPECT(timeout=3000;num_msgs=3;up_thread=true;down_thread=true):pbcast.NAKACK(gc_lag=50;retransmit_timeout=300,600,1200,2400,4800;max_xmit_size=8192;up_thread=true;down_thread=true):UNICAST(timeout=300,600,1200,2400,4800;window_size=100;min_threshold=10;down_thread=true):pbcast.STABLE(desired_avg_gossip=20000;up_thread=true;down_thread=true):FRAG(frag_size=8192;down_thread=true;up_thread=true):pbcast.GMS(join_timeout=5000;join_retry_timeout=2000;shun=true;print_local_addr=true)"/>
+
+ <!--
+ Configures the database backend:
+
+ - cacheSize:
+ the maximum amount of memory to use for database page buffers.
+ Each database file has an associated page buffer for B+-tree and
+ data pages. However, the memory specified via cacheSize is shared
+ between all page buffers. It represents an absolute maximum, which
+ would be occupied if all page buffers were completely full.
+
+ The cacheSize should not be more than half of the size of the JVM
+ heap size (set by the JVM -Xmx parameter).
+
+ - collectionCache:
+ maximum amount of memory (in megabytes) to use for collection caches.
+ Memory calculation is just approximate. If your collections are very different
+ in size, it might be possible that the actual amount of memory used exceeds
+ the specified limit. You should thus be careful with this setting.
+
+ - database:
+ selects a database backend. Currently, "native" and "native_cluster"
+ are the only valid setting.
+
+ - files:
+ path to the directory where database files are stored.
+
+ - pageSize:
+ the size of one page on the disk. This is the smallest unit
+ transferred from and to the database files. Should be a multiple of
+ the operating system's file system page size (usually 4096).
+
+ =====================================================================
+
+ The settings below are very conservative to avoid out-of-memory
+ exceptions on machines with limited memory (256MB).
+
+ Increase the buffer settings for elements_buffers and words_buffers if
+ you have some more memory to waste. If you deal with lots of
+ collections, you can also increase the collectionCacheSize value
+ -->
+ <db-connection cacheSize="48M" collectionCache="24M" database="native"
+ files="webapp/WEB-INF/data" pageSize="4096">
+
+ <!--
+ Specifies the default permissions for all resources and collections
+ in eXist (see User Authentication and Access Control). When this is
+ not configured, the default "mod" (similar to the Unix "chmod"
+ command) is set to 0775 in the resources and collections attributes.
+
+ A different default value may be set for a database instance, and
+ local overrides are also possible.
+ -->
+ <!--default-permissions collection="0775" resource="0775" /-->
+
+ <!--
+ Settings for the database connection pool:
+
+ - min:
+ minimum number of connections to keep alive.
+
+ - max:
+ maximum number of connections allowed.
+
+ - sync-period:
+ defines how often the database will flush its
+ internal buffers to disk. The sync thread will interrupt
+ normal database operation after the specified number of
+ milliseconds and write all dirty pages to disk.
+
+ - wait-before-shutdown:
+ defines how long the database instance will wait for running
+ operations to complete before it forces a shutdown. Forcing
+ a shutdown may leave the db in an unclean state and may
+ trigger a recovery run on restart.
+
+ Setting wait-before-shutdown="-1" means that the server will
+ wait for all threads to return, no matter how long it takes.
+ No thread will be killed.
+ -->
+ <pool max="20" min="1" sync-period="120000" wait-before-shutdown="120000"/>
+
+ <!--
+ Configure the query pool.
+ - max-stack-size:
+ maximum number of queries in the query-pool.
+
+ - size:
+ number of copies of the same query kept in the query-pool.
+ Value "-1" effectively disables caching. Queries cannot be shared
+ by threads, each thread needs a private copy of a query.
+
+ - timeout:
+ amount of time that a query will be cached in the query-pool.
+
+ - timeout-check-interval:
+ time between checking for timed out queries. For value "-1"
+ the time out is switched off, resulting cached queries to remain
+ in the cache forever.
+ -->
+ <query-pool max-stack-size="5" size="128" timeout="120000"
+ timeout-check-interval="30000"/>
+
+ <!--
+ Settings for the journaling and recovery of the database. With
+ recovery enabled, the database is able to recover from an unclean
+ database shutdown due to, for example, power failures, OS reboots,
+ and hanging processes. For this to work correctly, all database
+ operations must be logged to a journal file.
+
+ - enabled:
+ if this attribute is set to yes, automatic recovery is enabled.
+
+ - journal-dir:
+ this attribute sets the directory where journal files are to be
+ written. If no directory is specified, the default path is to
+ the data directory.
+
+ - size:
+ this attributes sets the maximum allowed size of the journal
+ file. Once the journal reaches this limit, a checkpoint will be
+ triggered and the journal will be cleaned. However, the database
+ waits for running transactions to return before processing this
+ checkpoint. In the event one of these transactions writes a lot
+ of data to the journal file, the file will grow until the
+ transaction has completed. Hence, the size limit is not enforced
+ in all cases.
+
+ - sync-on-commit:
+ this attribute determines whether or not to protect the journal
+ during operating system failures. That is, it determines whether
+ the database forces a file-sync on the journal after every
+ commit.
+ If this attribute is set to "yes", the journal is protected
+ against operating system failures. However, this will slow
+ performance - especially on Windows systems.
+ If set to "no", eXist will rely on the operating system to flush
+ out the journal contents to disk. In the worst case scenario,
+ in which there is a complete system failure, some committed
+ transactions might not have yet been written to the journal,
+ and so will be rolled back.
+
+ - group-commit:
+ If set to "yes", eXist will not sync the journal file
+ immediately after every transaction commit. Instead,
+ it will wait until the current file buffer (32kb)
+ is really full. This can speed up eXist on some systems
+ where a file sync is an expensive operation (mainly windows
+ XP; not necessary on Linux). However, group-comit="yes"
+ will increase the risk of an already committed
+ operation being rolled back after a database crash.
+
+ - force-restart:
+ Try to restart the db even if crash recovery failed. This is
+ dangerous because there might be corruptions inside the
+ data files. The transaction log will be cleared, all locks removed
+ and the db reindexed.
+
+ Set this option to "yes" if you need to make sure that the db is
+ online, even after a fatal crash. Errors encountered during recovery
+ are written to the log files. Scan the log files to see if any problems
+ occurred.
+
+ - consistency-check:
+ If set to "yes", a consistency check will be run on the database
+ if an error was detected during crash recovery. This option requires
+ force-restart to be set to "yes", otherwise it has no effect.
+
+ The consistency check outputs a report to the directory {files}/sanity
+ and if inconsistencies are found in the db, it writes an emergency
+ backup to the same directory.
+ -->
+ <recovery enabled="yes" group-commit="no"
+ journal-dir="webapp/WEB-INF/data" size="100M"
+ sync-on-commit="no" />
+
+
+ <!--
+ The <security> element in the <db-connection> node is used to select
+ the security manager Class and control the database of users and
+ groups.
+
+ - class:
+ this attribute is required, and specifies a Java class name used
+ to implement the org.exist.security.SecurityManager interface,
+ as in the following example:
+
+ Example: <security> class Attribute (LDAP)
+ <security class="org.exist.security.LDAPSecurityManager" />
+
+ eXist is distributed with the following built-in security manager
+ implementations:
+
+ - org.exist.security.XMLSecurityManager
+
+ stores the user information in the database. This is the
+ default manager if the <security> element is not included
+ in <db-connection>.
+
+ - org.exist.security.LDAPSecurityManager
+
+ retrieves the user and groups from the LDAP database. This
+ requires addition configuration parameters which are
+ described in the LDAP Security Manager documentation.
+
+ - password-encoding:
+ password encoding can be set to one of the following types:
+
+ - plain:
+ applies plain encryption.
+
+ - md5: (default)
+ applies the MD5 algorithm to encrypt passwords.
+
+ - simple-md5:
+ applies a simplified MD5 algorithm to encrypt passwords.
+
+ - password-realm:
+ the realm to use for basic auth or http-digest password
+ challenges.
+ -->
+ <!-- security class="org.exist.security.LDAPSecurityManager" /-->
+
+ <!--
+ This is the global configuration for the query watchdog. The
+ watchdog monitors all query processes, and can terminate any
+ long-running queries if they exceed one of the predefined limits.
+ These limits are as follows:
+
+ - output-size-limit
+ this attribute limits the size of XML fragments constructed
+ using XQuery, and thus sets the maximum amount of main memory a
+ query is allowed to use. This limit is expressed as the maximum
+ number of nodes allowed for an in-memory DOM tree. The purpose
+ of this option is to avoid memory shortages on the server in
+ cases where users are allowed to run queries that produce very
+ large output fragments.
+
+ - query-timeout
+ this attribute sets the maximum amount of time (expressed in
+ milliseconds) that the query can take before it is killed..
+ -->
+ <watchdog output-size-limit="10000" query-timeout="-1"/>
+
+
+ </db-connection>
+
+ <!--
+ Settings for the indexer:
+
+ - caseSensitive:
+ should equality comparisons between strings be case-sensitive or
+ insensitive: "yes" or "no".
+
+ - index-depth:
+ defines the maximum nesting depth of nodes which will be indexed
+ in the DOM index. Nodes below the specified nesting depth will
+ not be indexed in the DOM file. This has only an effect when
+ retrieving query results or for some types of XPath subexpressions,
+ like equality comparisons.
+
+ - stemming:
+ eXist includes a very simple english language stemmer, based on
+ Porter's algorithm. Set the "stemming"-option to "true" if you
+ would like to use stemming. This does only work for english.
+
+ - suppress-whitespace:
+ should leading or trailing whitespace be removed from a text node?
+ Set to "leading", "trailing", "both" or "none".
+ Changing the parameter will only have an effect on newly loaded
+ files, not old ones.
+
+ - suppress-whitespace-mixed-content:
+ preserve the white space inside a mixed content node
+
+ - tokenizer:
+ this attribute invokes the Java class used to tokenize a string into
+ a sequence of single words or tokens, which are stored to the
+ fulltext index. Currently only the SimpleTokenizer is available.
+
+ - track-term-freq:
+ not documented.
+ -->
+ <indexer caseSensitive="yes" index-depth="5" preserve-whitespace-mixed-content="yes"
+ stemming="no" suppress-whitespace="none"
+ tokenizer="org.exist.storage.analysis.SimpleTokenizer" track-term-freq="yes">
+
+ <modules>
+ <!--
+ <module id="ngram-index" class="org.exist.indexing.ngram.NGramIndex" file="ngram.dbx"
+ n="3"/>
+
+ <module id="spatial-index" class="org.exist.indexing.spatial.GMLHSQLIndex"
+ connectionTimeout="10000" flushAfter="300" />
+ -->
+ <!-- The full text index is always required and should
+ not be disabled. We still have some dependencies on
+ this index in the database core. These will be removed
+ once the redesign has been completed. -->
+ <module id="ft-legacy-index" class="org.exist.fulltext.FTIndex"/>
+ </modules>
+
+ <!--
+ The file for this element points to a file containing a list of
+ stopwords. Note that stopwords are NOT added to the fullext index.
+ -->
+ <stopwords file="stopword"/>
+
+ <!--
+ Default index settings. Default settings apply if there's no
+ collection-specific configuration for a collection.
+ -->
+ <index>
+ <fulltext attributes="true" default="all">
+ <exclude path="/auth"/>
+ </fulltext>
+ </index>
+ </indexer>
+
+ <!--
+ Configures user jobs for the scheduler
+ -->
+ <scheduler>
+ <!--
+ Job definitions:
+
+ - type:
+ The type of the job to schedule. Must be either "startup", "system" or "user".
+
+ startup - Startup jobs are executed once during the
+ database startup but before the database becomes available,
+ these jobs are synchronous.
+
+ system - System jobs require the database to be in a consistent state.
+ All database operations will be stopped until the method returns or
+ throws an exception. Any exception will be caught and a warning written to
+ the log.
+
+ user - User jobs may be scheduled at any time and may be mutually exclusive
+ or non-exclusive
+
+ - class:
+ If the job is written in Java then this should be the name of the
+ class that extends either -
+ org.exist.scheduler.StartupJob
+ org.exist.storage.SystemTask
+ org.exist.scheduler.UserJavaJob
+
+ - xquery:
+ If the job is written in XQuery (not suitable for system jobs) then this should
+ be a path to an XQuery stored in the database. e.g. /db/myCollection/myJob.xql
+ XQuery job's will be launched under the guest account initially,
+ although the running XQuery may switch permissions through
+ calls to xmldb:login().
+
+ - cron-trigger:
+ To define a firing pattern for the Job using Cron style syntax
+ use this attribute otherwise for a periodic job use the period
+ attribute. Not applicable to startup jobs.
+
+ - period:
+ Can be used to define an explicit period for firing the job instead
+ of a Cron style syntax. The period should be in milliseconds.
+ Not applicable to startup jobs.
+
+ - delay:
+ Can be used with a period to delay the start of a job. If unspecified jobs
+ will start as soon as the database and scheduler are initialised.
+
+ - repeat:
+ Can be used with a period to define for how many periods a job should be
+ executed. If unspecified jobs will repeat for every period indefinitely.
+ -->
+ <!-- job class="bar.foo.myjob" period="600000" delay="300000" repeat="10" /-->
+ <!--
+ Run a consistency check on the database. This will detect inconsistencies
+ or corruptions in documents or the collection store. The task can also
+ be used to create automatic backups. The backup routine is faster than
+ the one in the standard backup tool and it tries to export as much data
+ as possible, even if parts of the collection tree are destroyed.
+
+ If errors are detected during the consistency check, the job will
+ automatically start creating a backup.
+
+ Errors are reported via the JMX object with the name:
+
+ org.exist.management.tasks:type=ConsistencyCheckTask
+
+ Parameters:
+ output The output directory used by the job. The path is interpreted
+ relative to the data directory (WEB-INF/data).
+
+ backup Set to "yes" to create a backup whenever the job runs, not just
+ when it detects errors.
+ -->
+ <!--
+ <job type="system" name="check1"
+ class="org.exist.storage.ConsistencyCheckTask"
+ cron-trigger="0 0 * * * ?">
+ <parameter name="output" value="sanity"/>
+ <parameter name="backup" value="no"/>
+ </job>
+ -->
+ <!-- Automatically creates a copy of the database .dbx files every 2 minutes
+ Parameters:
+ output-dir:
+ The directory into which the copy will be written
+ -->
+
+ <!--
+ <job type="system" name="databackup"
+ class="org.exist.storage.DataBackup" period="120000">
+ <parameter name="output-dir" value="backup" />
+ </job-->
+ <!-- Automatically creates a backup of the database every 6 hours.
+
+ Parameters:
+ dir:
+ The directory into which the backup will be written.
+ suffix:
+ File suffix for the generated backup file or directory. Specify
+ .zip to write the backup into a .zip. Otherwise, the backup will
+ be written to a plain directory. The name of the final backup
+ file or directory will be: prefix + current-date + suffix.
+ prefix:
+ File prefix for the generated backup file or directory.
+
+ -->
+ <!--
+ <job type="system" name="backup"
+ class="org.exist.storage.BackupSystemTask"
+ cron-trigger="0 0 */6 * * ?">
+ <parameter name="dir" value="backup"/>
+ <parameter name="suffix" value=".zip"/>
+ <parameter name="prefix" value="backup-"/>
+ <parameter name="collection" value="/db"/>
+ <parameter name="user" value="admin"/>
+ <parameter name="password" value=""/>
+ <parameter name="zip-files-max" value="28"/>
+ </job-->
+ </scheduler>
+
+ <!--
+ Default settings for the serializer. Most of these can be changed
+ by client code:
+
+ - add-exist-id:
+ for debugging: add an exist:id attribute to every element, showing
+ the internal node identifier (as a long int) assigned to this node.
+ Possible values are: "none", "element", "all". "all" displays the
+ node of every element node; "element" displays the id only for the
+ root nodes of the returned XML fragments.
+
+ - compress-output:
+ should the output be compressed when serializing documents?
+ Sometimes useful with remote clients.
+ Remember to add a statement like this to your client code:
+ service.setProperty("compress-output", "yes");
+ to uncompress the retrieved result in the client too.
+
+ - enable-xinclude:
+ should the database expand XInclude tags by default?
+
+ - enable-xsl:
+ should the database evaluate XSL processing instructions
+ when serializing documents?
+
+ - indent:
+ should the serializer pretty-print (indent) XML?
+
+ - match-tagging-attributes:
+ matches for attribute values can also be tagged using the character
+ sequence "||" to demarcate the matching text string. Since this
+ changes the content of the attribute value, the feature is disabled
+ by default.
+
+ - match-tagging-elements:
+ the database can highlight matches in the text content of a node by
+ tagging the matching text string with <exist:match>. Clearly, this
+ only works for XPath expressions using the fulltext index.
+
+ Set the parameter to "yes" to enable this feature.
+
+ -->
+ <serializer add-exist-id="none" compress-output="no" enable-xinclude="yes" enable-xsl="no"
+ indent="yes" match-tagging-attributes="no" match-tagging-elements="no"/>
+
+ <!--
+ Default settings for the XSLT Transformer. Allow's for a choice of
+ implementation:
+
+ - class:
+ the name of the class that implements javax.xml.transform.TransformerFactory
+
+ for Saxon (XSLT 2.0 support) - net.sf.saxon.TransformerFactoryImpl
+
+ You will need to copy saxon8.jar saxon8-dom.jar and saxon8-xpath.jar
+ into lib/endorsed.
+ You can get these from http://sourceforge.net/projects/saxon
+
+ for Xalan (XSLT 1.0 support) - org.apache.xalan.processor.TransformerFactoryImpl
+
+
+ For further details see - http://atomic.exist-db.org/wiki/HowTo/XSLT2/
+
+ You can also include attribute child elements, if you wish to pass in attributes
+ to your particular TransformerFactory as follows:
+
+ <transformer class="net.sf.saxon.TransformerFactoryImpl">
+ <attribute name="http://saxon.sf.net/feature/version-warning" value="false" type="boolean"/>
+ </transformer>
+
+ The example above sets Saxon to suppress warnings when executing a XSLT 1.0 stylesheet
+ with the XLST 2.0 processor. Check the documentation for your selected TransformerFactory
+ to determine which attributes can be set. Valid types include "boolean", "integer"
+ and "string". Anything else will be treated as type "string".
+
+ -->
+ <transformer class="org.apache.xalan.processor.TransformerFactoryImpl"/>
+
+ <!--
+ Settings for XML validation
+ - mode
+ should XML source files be validated against a schema or DTD before
+ storing them? The setting is passed to the XML parser. The actual
+ effects depend on the parser you use. eXist comes with Xerces which
+ can validate against both: schemas and DTDs.
+
+ Possible values: "yes", "no", "auto". "auto" will leave validation
+ to the parser.
+
+ -->
+ <validation mode="auto">
+ <!--
+ Specify the location of one or more catalog files. Catalogs are
+ used to resolve external entities in XML documents.
+
+ "${WEBAPP_HOME}" can be used as magic string.
+ -->
+ <entity-resolver>
+ <catalog uri="${WEBAPP_HOME}/WEB-INF/catalog.xml"/>
+ </entity-resolver>
+ </validation>
+
+ <!--
+ Define modules that contain xQuery functions.
+
+ - enable-java-binding:
+ eXist supports calls to arbitrary Java methods from within
+ XQuery. Setting to "yes" might introduce a security risk.
+ - enable-query-rewriting:
+ Set to "yes" to enable the new query-rewriting optimizer. This is
+ work in progress and may lead to incorrect queries. Use at your own
+ risk.
+ - backwardCompatible:
+ Set to "yes" to enable backward compatibility (untyped argument checks for instance)
+ -->
+ <xquery enable-java-binding="yes" enable-query-rewriting="yes" backwardCompatible="no">
+ <builtin-modules>
+ <!-- Default Modules -->
+ <module class="org.exist.xquery.functions.util.UtilModule"
+ uri="http://exist-db.org/xquery/util"/>
+ <module class="org.exist.xquery.functions.transform.TransformModule"
+ uri="http://exist-db.org/xquery/transform"/>
+ <module class="org.exist.xquery.functions.xmldb.XMLDBModule"
+ uri="http://exist-db.org/xquery/xmldb"/>
+ <module class="org.exist.xquery.functions.response.ResponseModule"
+ uri="http://exist-db.org/xquery/response"/>
+ <module class="org.exist.xquery.functions.session.SessionModule"
+ uri="http://exist-db.org/xquery/session"/>
+ <module class="org.exist.xquery.functions.text.TextModule"
+ uri="http://exist-db.org/xquery/text"/>
+ <module class="org.exist.xquery.functions.validation.ValidationModule"
+ uri="http://exist-db.org/xquery/validation"/>
+ <module class="org.exist.xquery.functions.system.SystemModule"
+ uri="http://exist-db.org/xquery/system"/>
+
+ <!-- New Modularized Indexes
+ <module class="org.exist.xquery.modules.ngram.NGramModule"
+ uri="http://exist-db.org/xquery/ngram"/> -->
+ <!--
+ <module class="org.exist.xquery.modules.spatial.SpatialModule"
+ uri="http://exist-db.org/xquery/spatial" />
+ -->
+
+ <!-- Optional Modules -->
+ <!--
+ <module class="org.exist.xquery.modules.compression.CompressionModule"
+ uri="http://exist-db.org/xquery/compression" />
+ <module class="org.exist.xquery.modules.datetime.DateTimeModule"
+ uri="http://exist-db.org/xquery/datetime" />
+ <module class="org.exist.xquery.modules.example.ExampleModule"
+ uri="http://exist-db.org/xquery/examples" />
+ <module class="org.exist.xquery.modules.httpclient.HTTPClientModule"
+ uri="http://exist-db.org/xquery/httpclient" />
+ <module class="org.exist.xquery.modules.image.ImageModule"
+ uri="http://exist-db.org/xquery/image" />
+ <module class="org.exist.xquery.modules.mail.MailModule"
+ uri="http://exist-db.org/xquery/mail" />
+ <module class="org.exist.xquery.modules.math.MathModule"
+ uri="http://exist-db.org/xquery/math" />
+ <module class="org.exist.xquery.modules.scheduler.SchedulerModule"
+ uri="http://exist-db.org/xquery/scheduler" />
+ <module class="org.exist.xquery.modules.simpleql.SimpleQLModule"
+ uri="http://exist-db.org/xquery/simple-ql" />
+ <module class="org.exist.xquery.modules.sql.SQLModule"
+ uri="http://exist-db.org/xquery/sql" />
+ <module class="org.exist.xquery.modules.xslfo.XSLFOModule"
+ uri="http://exist-db.org/xquery/xslfo" />
+ <module class="org.exist.xquery.modules.xmldiff.XmlDiffModule"
+ uri="http://exist-db.org/xquery/xmldiff" />
+ -->
+ </builtin-modules>
+ </xquery>
+
+ <!--
+ Inserting new nodes into a document can lead to fragmentation
+ in the DOM storage file.
+
+ - allowed-fragmentation:
+ defines the maximum number of page splits allowed within a document
+ before a defragmentation run will be triggered.
+
+ - enable-consistency-checks:
+ for debugging only. If the parameter is set to "yes", a consistency
+ check will be run on every modified document after every XUpdate
+ request. It checks if the persistent DOM is complete and all
+ pointers in the structural index point to valid storage addresses
+ containing valid nodes.
+
+ -->
+ <xupdate allowed-fragmentation="100" enable-consistency-checks="no"/>
+
+</exist>
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/resolver.jar
===================================================================
(Binary files differ)
Property changes on: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/resolver.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/serializer.jar
===================================================================
(Binary files differ)
Property changes on: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/serializer.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/xalan-2.7.1.jar
===================================================================
(Binary files differ)
Property changes on: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/xalan-2.7.1.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/xercesImpl-2.9.1.jar
===================================================================
(Binary files differ)
Property changes on: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/xercesImpl-2.9.1.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/xml-apis.jar
===================================================================
(Binary files differ)
Property changes on: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/endorsed/xml-apis.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/log4j.xml
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/log4j.xml (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/log4j.xml 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
+
+<!-- ===================================================================== -->
+<!-- -->
+<!-- Log4j Configuration -->
+<!-- -->
+<!-- ===================================================================== -->
+
+<!-- $Id: log4j.xml 34717 2005-08-08 18:15:31Z adrian $ -->
+
+<!--
+ | For more configuration infromation and examples see the Jakarta Log4j
+ | owebsite: http://jakarta.apache.org/log4j
+ -->
+
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
+
+
+ <!-- ============================== -->
+ <!-- Append messages to the console -->
+ <!-- ============================== -->
+
+ <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
+ <param name="Threshold" value="TRACE"/>
+ <param name="Target" value="System.out"/>
+
+ <layout class="org.apache.log4j.PatternLayout">
+ <!-- The default pattern: Date Priority [Category] Message\n -->
+ <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%c{1}] %m%n"/>
+ </layout>
+ </appender>
+
+
+ <category name="org.exist">
+ <priority value="TRACE"/>
+ </category>
+ <category name="org.apache.xmlrpc">
+ <priority value="TRACE"/>
+ </category>
+
+ <!-- ======================= -->
+ <!-- Setup the Root category -->
+ <!-- ======================= -->
+
+ <root>
+ <appender-ref ref="CONSOLE"/>
+ </root>
+
+</log4j:configuration>
Added: projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/schema/conf.xsd
===================================================================
--- projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/schema/conf.xsd (rev 0)
+++ projects/security/security-xacml-existdb/trunk/xacml-existdb/src/test/resources/schema/conf.xsd 2010-03-25 21:10:23 UTC (rev 102979)
@@ -0,0 +1,290 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ Schema for eXist Configuration file conf.xml
+
+ TODO: Remove optional attributes in favour of well defined/named parent elements
+-->
+
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" version="1.0">
+ <xs:simpleType name="yes_no">
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="yes"/>
+ <xs:enumeration value="no"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:element name="exist">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="cluster">
+ <xs:complexType>
+ <xs:attribute name="dbaUser" type="xs:string" default="admin"/>
+ <xs:attribute name="dbaPassword" type="xs:string"/>
+ <xs:attribute name="exclude" type="xs:string" default="/db/system,/db/system/config"/>
+ <xs:attribute name="journalDir" type="xs:string" default="webapp/WEB-INF/data/journal"/>
+ <xs:attribute name="protocol" type="xs:string" default="UDP(mcast_addr=228.1.2.3;mcast_port=45566;ip_ttl=8;ip_mcast=true;mcast_send_buf_size=800000;mcast_recv_buf_size=150000;ucast_send_buf_size=800000;ucast_recv_buf_size=150000;loopback=true):PING(timeout=2000;num_initial_members=3;up_thread=true;down_thread=true):MERGE2(min_interval=10000;max_interval=20000):FD(shun=true;up_thread=true;down_thread=true;timeout=2500;max_tries=5):VERIFY_SUSPECT(timeout=3000;num_msgs=3;up_thread=true;down_thread=true):pbcast.NAKACK(gc_lag=50;retransmit_timeout=300,600,1200,2400,4800;max_xmit_size=8192;up_thread=true;down_thread=true):UNICAST(timeout=300,600,1200,2400,4800;window_size=100;min_threshold=10;down_thread=true):pbcast.STABLE(desired_avg_gossip=20000;up_thread=true;down_thread=true):FRAG(frag_size=8192;down_thread=true;up_thread=true):pbcast.GMS(join_timeout=5000;join_retry_timeout=2000;shun=true;print_local_addr=true)"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="db-connection">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="default-permissions" minOccurs="0">
+ <xs:complexType>
+ <xs:attribute name="collection" type="xs:string" default="0775"/>
+ <xs:attribute name="resource" type="xs:string" default="0775"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="pool">
+ <xs:complexType>
+ <xs:attribute name="max" type="xs:integer" default="20"/>
+ <xs:attribute name="min" type="xs:integer" default="1"/>
+ <xs:attribute name="sync-period" type="xs:integer" default="120000"/>
+ <xs:attribute name="wait-before-shutdown" type="xs:integer" default="120000"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="query-pool" minOccurs="0" maxOccurs="1">
+ <xs:complexType>
+ <xs:attribute name="max-stack-size" type="xs:integer" default="5"/>
+ <xs:attribute name="size" type="xs:integer" default="128"/>
+ <xs:attribute name="timeout" type="xs:integer" default="120000"/>
+ <xs:attribute name="timeout-check-interval" type="xs:integer" default="30000"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="recovery">
+ <xs:complexType>
+ <xs:attribute name="enabled" type="yes_no" default="yes"/>
+ <xs:attribute name="group-commit" type="yes_no" default="no"/>
+ <xs:attribute name="journal-dir" type="xs:string" default="webapp/WEB-INF/data"/>
+ <xs:attribute name="size" type="xs:string" default="100M"/>
+ <xs:attribute name="sync-on-commit" type="yes_no" default="no"/>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="security" minOccurs="0">
+ <xs:complexType>
+ <xs:attribute name="class" type="xs:string" default="org.exist.security.XMLSecurityManager"/>
+ <xs:attribute name="password-encoding" use="optional" default="md5">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="plain"/>
+ <xs:enumeration value="md5"/>
+ <xs:enumeration value="simple-md5"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="password-realm" type="xs:string" use="optional"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="watchdog">
+ <xs:complexType>
+ <xs:attribute name="output-size-limit" type="xs:integer"/>
+ <xs:attribute name="query-timeout" type="xs:integer"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="cacheSize" type="xs:string" default="48M"/>
+ <xs:attribute name="collectionCache" type="xs:string" default="24M"/>
+ <xs:attribute name="database" type="xs:string" default="@database@"/>
+ <xs:attribute name="files" type="xs:string" default="webapp/WEB-INF/data"/>
+ <xs:attribute name="free_mem_min" type="xs:integer" default="5"/>
+ <xs:attribute name="pageSize" type="xs:integer" default="4096"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="indexer">
+ <xs:complexType>
+ <xs:sequence>
+
+ <xs:element name="modules">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="module" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:attribute name="id" type="xs:string" default="ngram-index"/>
+ <xs:attribute name="class" type="xs:string" default="org.exist.indexing.impl.NGramIndex"/>
+ <xs:attribute name="file" type="xs:string" default="ngram.dbx"/>
+ <xs:attribute name="n" type="xs:integer" default="3"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="stopwords">
+ <xs:complexType>
+ <xs:attribute name="file" type="xs:string" default="stopword"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="index">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="fulltext">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="include" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:attribute name="path" type="xs:string"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="exclude" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:attribute name="path" type="xs:string"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="default" default="all">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="all"/>
+ <xs:enumeration value="none"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="attributes" type="xs:boolean" default="true"/>
+ <xs:attribute name="alphanum" type="xs:boolean" default="true"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="create" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:attribute name="path" type="xs:string" use="optional"/>
+ <xs:attribute name="qname" type="xs:string" use="optional"/>
+ <xs:attribute name="type" type="xs:anySimpleType"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="caseSensitive" type="yes_no" default="yes"/>
+ <xs:attribute name="index-depth" type="xs:integer" default="5"/>
+ <xs:attribute name="preserve-whitespace-mixed-content" type="yes_no" default="no"/>
+ <xs:attribute name="stemming" type="yes_no" default="no"/>
+ <xs:attribute name="suppress-whitespace" default="both">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="leading"/>
+ <xs:enumeration value="trailing"/>
+ <xs:enumeration value="both"/>
+ <xs:enumeration value="none"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="tokenizer" type="xs:string" default="org.exist.storage.analysis.SimpleTokenizer"/>
+ <xs:attribute name="track-term-freq" type="yes_no" default="yes"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="scheduler">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="job" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="parameter" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:attribute name="name" type="xs:string"/>
+ <xs:attribute name="value" type="xs:string"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="type" use="optional" default="user">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="startup"/>
+ <xs:enumeration value="system"/>
+ <xs:enumeration value="user"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="class" type="xs:string" use="optional"/>
+ <xs:attribute name="xquery" type="xs:string" use="optional"/>
+ <xs:attribute name="cron-trigger" type="xs:string" use="optional"/>
+ <xs:attribute name="period" type="xs:string" use="optional"/>
+ <xs:attribute name="delay" type="xs:long" use="optional"/>
+ <xs:attribute name="repeat" type="xs:integer" use="optional"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="serializer">
+ <xs:complexType>
+ <xs:attribute name="add-exist-id" default="none">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="all"/>
+ <xs:enumeration value="element"/>
+ <xs:enumeration value="none"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="compress-output" type="yes_no" default="no"/>
+ <xs:attribute name="enable-xinclude" type="yes_no" default="yes"/>
+ <xs:attribute name="enable-xsl" type="yes_no" default="no"/>
+ <xs:attribute name="indent" type="yes_no" default="yes"/>
+ <xs:attribute name="match-tagging-attributes" type="yes_no" default="no"/>
+ <xs:attribute name="match-tagging-elements" type="yes_no" default="yes"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="transformer">
+ <xs:complexType>
+ <xs:attribute name="class" type="xs:string" default="org.apache.xalan.processor.TransformerFactoryImpl"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="validation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="entity-resolver">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="catalog" minOccurs="1" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:attribute name="uri" type="xs:string" default="webapp/WEB-INF/catalog.xml"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="mode" default="auto">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="auto"/>
+ <xs:enumeration value="no"/>
+ <xs:enumeration value="yes"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="xquery">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="builtin-modules">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="module" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:attribute name="class" type="xs:string"/>
+ <xs:attribute name="uri" type="xs:anyURI"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="enable-java-binding" type="yes_no" default="no"/>
+ <xs:attribute name="disable-deprecated-functions" type="yes_no" default="no"/>
+ <xs:attribute name="enable-query-rewriting" type="yes_no" default="yes"/>
+ <xs:attribute name="backwardCompatible" type="yes_no" default="no"/>
+ <xs:attribute name="raise-error-on-failed-retrieval" type="yes_no" default="no"/>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="xupdate">
+ <xs:complexType>
+ <xs:attribute name="allowed-fragmentation" type="xs:integer" default="5"/>
+ <xs:attribute name="enable-consistency-checks" type="yes_no" default="no"/>
+ <xs:attribute name="growth-factor" type="xs:integer" default="20"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+</xs:schema>
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list