[jboss-cvs] Picketbox SVN: r160 - in trunk/security-jboss-sx/jbosssx/src: main/java/org/jboss/security/config and 5 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Sat Jan 29 08:46:02 EST 2011
Author: mmoyses
Date: 2011-01-29 08:46:01 -0500 (Sat, 29 Jan 2011)
New Revision: 160
Added:
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Attribute.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Element.java
trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/AuthContext2UnitTestCase.java
trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/AuthorizationContex2tUnitTestCase.java
trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/StaxConfigParser2UnitTestCase.java
trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/mapping/LdapAttributeMappingProvider2UnitTestCase.java
Modified:
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AuthenticationInfo.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/JASPIAuthenticationInfo.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ACLInfo.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicy.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/AuditInfo.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/AuthorizationInfo.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/IdentityTrustInfo.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/MappingInfo.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AclConfigParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ApplicationPolicyParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuditConfigParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthenticationConfigParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthenticationJASPIConfigParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthorizationConfigParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/IdentityTrustConfigParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/MappingConfigParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ModuleOptionParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/StaxBasedConfigParser.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/StaxParserUtil.java
Log:
Parsing with XMLStreamReader to use with AS7
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AuthenticationInfo.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AuthenticationInfo.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/AuthenticationInfo.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -25,19 +25,27 @@
import java.util.Iterator;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import java.util.Map.Entry;
import javax.naming.Context;
import javax.security.auth.AuthPermission;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+import org.jboss.security.config.Attribute;
import org.jboss.security.config.BaseSecurityInfo;
+import org.jboss.security.config.Element;
+import org.jboss.security.config.parser.AuthenticationConfigParser;
/**
* The login module configuration information.
*
* @author Scott.Stark at jboss.org
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @version $Revision$
*/
public class AuthenticationInfo extends BaseAuthenticationInfo
@@ -131,4 +139,58 @@
{
return new AuthenticationInfo(name);
}
+
+ /**
+ * Write element content. The start element is already written.
+ *
+ * @param writer
+ * @throws XMLStreamException
+ */
+ public void writeContent(XMLStreamWriter writer) throws XMLStreamException
+ {
+ for (int i = 0; i < moduleEntries.size(); i++)
+ {
+ AppConfigurationEntry entry = (AppConfigurationEntry) moduleEntries.get(i);
+ writer.writeStartElement(Element.LOGIN_MODULE.getLocalName());
+ String code = entry.getLoginModuleName();
+ if (AuthenticationConfigParser.loginModulesMap.containsValue(code)) {
+ String value = null;
+ Set<Entry<String, String>> entries = AuthenticationConfigParser.loginModulesMap.entrySet();
+ for (Entry<String, String> mapEntry : entries) {
+ if (mapEntry.getValue().equals(code)) {
+ value = mapEntry.getKey();
+ break;
+ }
+ }
+ writer.writeAttribute(Attribute.CODE.getLocalName(), value);
+ }
+ else
+ writer.writeAttribute(Attribute.CODE.getLocalName(), code);
+ writer.writeAttribute(Attribute.FLAG.getLocalName(), valueOf(entry.getControlFlag()));
+ Map<String, ?> options = entry.getOptions();
+ if (options != null && options.size() > 0)
+ {
+ for (Entry<String, ?> option : options.entrySet())
+ {
+ writer.writeStartElement(Element.MODULE_OPTION.getLocalName());
+ writer.writeAttribute(Attribute.NAME.getLocalName(), option.getKey());
+ writer.writeAttribute(Attribute.VALUE.getLocalName(), option.getValue().toString());
+ writer.writeEndElement();
+ }
+ }
+ writer.writeEndElement();
+ }
+ writer.writeEndElement();
+ }
+
+ private String valueOf(LoginModuleControlFlag controlFlag)
+ {
+ if (controlFlag.equals(LoginModuleControlFlag.OPTIONAL))
+ return "optional";
+ if (controlFlag.equals(LoginModuleControlFlag.REQUIRED))
+ return "required";
+ if (controlFlag.equals(LoginModuleControlFlag.REQUISITE))
+ return "requisite";
+ return "sufficient";
+ }
}
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/JASPIAuthenticationInfo.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/JASPIAuthenticationInfo.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/JASPIAuthenticationInfo.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -26,12 +26,19 @@
import java.util.Iterator;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import java.util.Map.Entry;
import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.security.config.Attribute;
import org.jboss.security.config.BaseSecurityInfo;
+import org.jboss.security.config.Element;
+import org.jboss.security.config.parser.AuthenticationConfigParser;
// $Id$
@@ -39,6 +46,7 @@
* AuthenticationInfo based on JSR-196
*
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Dec 21, 2005
*/
public class JASPIAuthenticationInfo extends BaseAuthenticationInfo
@@ -210,4 +218,85 @@
}
return buffer.toString();
}
+
+ /**
+ * Write element content. The start element is already written.
+ *
+ * @param writer
+ * @throws XMLStreamException
+ */
+ public void writeContent(XMLStreamWriter writer) throws XMLStreamException
+ {
+ for (int i = 0; i < moduleEntries.size(); i++)
+ {
+ AuthModuleEntry entry = (AuthModuleEntry) moduleEntries.get(i);
+ writer.writeStartElement(Element.AUTH_MODULE.getLocalName());
+ writer.writeAttribute(Attribute.CODE.getLocalName(), entry.getAuthModuleName());
+ writer.writeAttribute(Attribute.FLAG.getLocalName(), entry.getControlFlag().toString().toLowerCase());
+ writer.writeAttribute(Attribute.LOGIN_MODULE_STACK_REF.getLocalName(), entry.getLoginModuleStackHolderName());
+ Map<String, ?> options = entry.getOptions();
+ if (options != null && options.size() > 0)
+ {
+ for (Entry<String, ?> option : options.entrySet())
+ {
+ writer.writeStartElement(Element.MODULE_OPTION.getLocalName());
+ writer.writeAttribute(Attribute.NAME.getLocalName(), option.getKey());
+ writer.writeAttribute(Attribute.VALUE.getLocalName(), option.getValue().toString());
+ writer.writeEndElement();
+ }
+ }
+ writer.writeEndElement();
+ }
+ for (int i = 0; i < loginModuleStack.size(); i++)
+ {
+ LoginModuleStackHolder entry = loginModuleStack.get(i);
+ writer.writeStartElement(Element.LOGIN_MODULE_STACK.getLocalName());
+ writer.writeAttribute(Attribute.NAME.getLocalName(), entry.getName());
+ for (int j = 0; j < entry.getAppConfigurationEntry().length; j++)
+ {
+ writer.writeStartElement(Element.LOGIN_MODULE.getLocalName());
+ AppConfigurationEntry ace = entry.getAppConfigurationEntry()[j];
+ String code = ace.getLoginModuleName();
+ if (AuthenticationConfigParser.loginModulesMap.containsValue(code)) {
+ String value = null;
+ Set<Entry<String, String>> entries = AuthenticationConfigParser.loginModulesMap.entrySet();
+ for (Entry<String, String> mapEntry : entries) {
+ if (mapEntry.getValue().equals(code)) {
+ value = mapEntry.getKey();
+ break;
+ }
+ }
+ writer.writeAttribute(Attribute.CODE.getLocalName(), value);
+ }
+ else
+ writer.writeAttribute(Attribute.CODE.getLocalName(), code);
+ writer.writeAttribute(Attribute.FLAG.getLocalName(), valueOf(ace.getControlFlag()));
+ Map<String, ?> options = ace.getOptions();
+ if (options != null && options.size() > 0)
+ {
+ for (Entry<String, ?> option : options.entrySet())
+ {
+ writer.writeStartElement(Element.MODULE_OPTION.getLocalName());
+ writer.writeAttribute(Attribute.NAME.getLocalName(), option.getKey());
+ writer.writeAttribute(Attribute.VALUE.getLocalName(), option.getValue().toString());
+ writer.writeEndElement();
+ }
+ }
+ writer.writeEndElement();
+ }
+ writer.writeEndElement();
+ }
+ writer.writeEndElement();
+ }
+
+ private String valueOf(LoginModuleControlFlag controlFlag)
+ {
+ if (controlFlag.equals(LoginModuleControlFlag.OPTIONAL))
+ return "optional";
+ if (controlFlag.equals(LoginModuleControlFlag.REQUIRED))
+ return "required";
+ if (controlFlag.equals(LoginModuleControlFlag.REQUISITE))
+ return "requisite";
+ return "sufficient";
+ }
}
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ACLInfo.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ACLInfo.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ACLInfo.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -21,11 +21,19 @@
*/
package org.jboss.security.config;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
import org.jboss.security.acl.config.ACLProviderEntry;
/**
* Holder for ACL configuration
+ *
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since January 30, 2008
* @version $Revision: 65938 $
*/
@@ -50,5 +58,35 @@
protected BaseSecurityInfo<ACLProviderEntry> create(String name)
{
return new ACLInfo(name);
- }
+ }
+
+ /**
+ * Write element content. The start element is already written.
+ *
+ * @param writer
+ * @throws XMLStreamException
+ */
+ public void writeContent(XMLStreamWriter writer) throws XMLStreamException
+ {
+ for (int i = 0; i < moduleEntries.size(); i++)
+ {
+ ACLProviderEntry entry = moduleEntries.get(i);
+ writer.writeStartElement(Element.ACL_MODULE.getLocalName());
+ writer.writeAttribute(Attribute.CODE.getLocalName(), entry.getAclProviderName());
+ writer.writeAttribute(Attribute.FLAG.getLocalName(), entry.getControlFlag().toString().toLowerCase());
+ Map<String, ?> options = entry.getOptions();
+ if (options != null && options.size() > 0)
+ {
+ for (Entry<String, ?> option : options.entrySet())
+ {
+ writer.writeStartElement(Element.MODULE_OPTION.getLocalName());
+ writer.writeAttribute(Attribute.NAME.getLocalName(), option.getKey());
+ writer.writeAttribute(Attribute.VALUE.getLocalName(), option.getValue().toString());
+ writer.writeEndElement();
+ }
+ }
+ writer.writeEndElement();
+ }
+ writer.writeEndElement();
+ }
}
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicy.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicy.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicy.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -24,8 +24,14 @@
import java.security.Principal;
import java.util.HashMap;
import java.util.Map;
+import java.util.Map.Entry;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.jboss.security.auth.login.AuthenticationInfo;
import org.jboss.security.auth.login.BaseAuthenticationInfo;
+import org.jboss.security.auth.login.JASPIAuthenticationInfo;
import org.jboss.security.identity.RoleGroup;
// $Id$
@@ -34,6 +40,7 @@
* Application Policy Information Holder - Authentication - Authorization - Audit - Mapping
*
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jun 9, 2006
* @version $Revision$
*/
@@ -360,4 +367,62 @@
}
return ap;
}
+
+ /**
+ * Write element content.
+ *
+ * @param writer
+ * @throws XMLStreamException
+ */
+ public void writeContent(XMLStreamWriter writer) throws XMLStreamException
+ {
+ writer.writeStartElement(Element.APPLICATION_POLICY.getLocalName());
+ writer.writeAttribute(Attribute.NAME.getLocalName(), name);
+ if (baseApplicationPolicyName != null)
+ {
+ writer.writeAttribute(Attribute.EXTENDS.getLocalName(), baseApplicationPolicyName);
+ }
+ if (authenticationInfo != null)
+ {
+ if (authenticationInfo instanceof AuthenticationInfo)
+ {
+ writer.writeStartElement(Element.AUTHENTICATION.getLocalName());
+ ((AuthenticationInfo) authenticationInfo).writeContent(writer);
+ }
+ else
+ {
+ writer.writeStartElement(Element.AUTHENTICATION_JASPI.getLocalName());
+ ((JASPIAuthenticationInfo) authenticationInfo).writeContent(writer);
+ }
+ }
+ if (aclInfo != null)
+ {
+ writer.writeStartElement(Element.ACL.getLocalName());
+ aclInfo.writeContent(writer);
+ }
+ if (authorizationInfo != null)
+ {
+ writer.writeStartElement(Element.AUTHORIZATION.getLocalName());
+ authorizationInfo.writeContent(writer);
+ }
+ if (auditInfo != null)
+ {
+ writer.writeStartElement(Element.AUDIT.getLocalName());
+ auditInfo.writeContent(writer);
+ }
+ if (identityTrustInfo != null)
+ {
+ writer.writeStartElement(Element.IDENTITY_TRUST.getLocalName());
+ identityTrustInfo.writeContent(writer);
+ }
+ if (mappingInfos != null && mappingInfos.size() > 0)
+ {
+ writer.writeStartElement(Element.MAPPING.getLocalName());
+ for (Entry<String, MappingInfo> entry : mappingInfos.entrySet())
+ {
+ entry.getValue().writeContent(writer);
+ }
+ }
+ writer.writeEndElement();
+ }
}
\ No newline at end of file
Added: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Attribute.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Attribute.java (rev 0)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Attribute.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -0,0 +1,87 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.security.config;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Enum for the security domain configuration attributes
+ *
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
+ */
+public enum Attribute {
+ // must be first
+ UNKNOWN(null),
+
+ NAME("name"),
+
+ EXTENDS("extends"),
+
+ CODE("code"),
+
+ FLAG("flag"),
+
+ VALUE("value"),
+
+ TYPE("type"),
+
+ LOGIN_MODULE_STACK_REF("login-module-stack-ref");
+
+ private final String name;
+
+ Attribute(final String name) {
+ this.name = name;
+ }
+
+ /**
+ * Get the local name of this element.
+ *
+ * @return the local name
+ */
+ public String getLocalName() {
+ return name;
+ }
+
+ private static final Map<String, Attribute> MAP;
+
+ static {
+ final Map<String, Attribute> map = new HashMap<String, Attribute>();
+ for (Attribute element : values()) {
+ final String name = element.getLocalName();
+ if (name != null)
+ map.put(name, element);
+ }
+ MAP = map;
+ }
+
+ public static Attribute forName(String localName) {
+ final Attribute element = MAP.get(localName);
+ return element == null ? UNKNOWN : element;
+ }
+
+ public String toString() {
+ return getLocalName();
+ }
+
+}
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/AuditInfo.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/AuditInfo.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/AuditInfo.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -21,13 +21,21 @@
*/
package org.jboss.security.config;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
import org.jboss.security.audit.config.AuditProviderEntry;
//$Id$
/**
* Information on Audit Configuration in the ApplicationPolicy
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since May 10, 2007
* @version $Revision$
*/
@@ -53,4 +61,33 @@
{
return new AuditInfo(name);
}
+
+ /**
+ * Write element content. The start element is already written.
+ *
+ * @param writer
+ * @throws XMLStreamException
+ */
+ public void writeContent(XMLStreamWriter writer) throws XMLStreamException
+ {
+ for (int i = 0; i < moduleEntries.size(); i++)
+ {
+ AuditProviderEntry entry = moduleEntries.get(i);
+ writer.writeStartElement(Element.PROVIDER_MODULE.getLocalName());
+ writer.writeAttribute(Attribute.CODE.getLocalName(), entry.getName());
+ Map<String, ?> options = entry.getOptions();
+ if (options != null && options.size() > 0)
+ {
+ for (Entry<String, ?> option : options.entrySet())
+ {
+ writer.writeStartElement(Element.MODULE_OPTION.getLocalName());
+ writer.writeAttribute(Attribute.NAME.getLocalName(), option.getKey());
+ writer.writeAttribute(Attribute.VALUE.getLocalName(), option.getValue().toString());
+ writer.writeEndElement();
+ }
+ }
+ writer.writeEndElement();
+ }
+ writer.writeEndElement();
+ }
}
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/AuthorizationInfo.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/AuthorizationInfo.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/AuthorizationInfo.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -21,13 +21,21 @@
*/
package org.jboss.security.config;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
import org.jboss.security.authorization.config.AuthorizationModuleEntry;
//$Id$
/**
* Holder for Authorization configuration
+ *
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jun 9, 2006
* @version $Revision$
*/
@@ -52,5 +60,35 @@
protected BaseSecurityInfo<AuthorizationModuleEntry> create(String name)
{
return new AuthorizationInfo(name);
- }
+ }
+
+ /**
+ * Write element content. The start element is already written.
+ *
+ * @param writer
+ * @throws XMLStreamException
+ */
+ public void writeContent(XMLStreamWriter writer) throws XMLStreamException
+ {
+ for (int i = 0; i < moduleEntries.size(); i++)
+ {
+ AuthorizationModuleEntry entry = moduleEntries.get(i);
+ writer.writeStartElement(Element.POLICY_MODULE.getLocalName());
+ writer.writeAttribute(Attribute.CODE.getLocalName(), entry.getPolicyModuleName());
+ writer.writeAttribute(Attribute.FLAG.getLocalName(), entry.getControlFlag().toString().toLowerCase());
+ Map<String, ?> options = entry.getOptions();
+ if (options != null && options.size() > 0)
+ {
+ for (Entry<String, ?> option : options.entrySet())
+ {
+ writer.writeStartElement(Element.MODULE_OPTION.getLocalName());
+ writer.writeAttribute(Attribute.NAME.getLocalName(), option.getKey());
+ writer.writeAttribute(Attribute.VALUE.getLocalName(), option.getValue().toString());
+ writer.writeEndElement();
+ }
+ }
+ writer.writeEndElement();
+ }
+ writer.writeEndElement();
+ }
}
Added: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Element.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Element.java (rev 0)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Element.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -0,0 +1,107 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.security.config;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Enum for the elements of a security domain configuration
+ *
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
+ */
+public enum Element {
+ // must be first
+ UNKNOWN(null),
+
+ POLICY("policy"),
+
+ APPLICATION_POLICY("application-policy"),
+
+ AUTHENTICATION("authentication"),
+
+ AUTHENTICATION_JASPI("authentication-jaspi"),
+
+ AUTHORIZATION("authorization"),
+
+ ACL("acl"),
+
+ ROLE_MAPPING("rolemapping"),
+
+ MAPPING("mapping"),
+
+ AUDIT("audit"),
+
+ IDENTITY_TRUST("identity-trust"),
+
+ ACL_MODULE("acl-module"),
+
+ LOGIN_MODULE("login-module"),
+
+ LOGIN_MODULE_STACK("login-module-stack"),
+
+ AUTH_MODULE("auth-module"),
+
+ PROVIDER_MODULE("provider-module"),
+
+ POLICY_MODULE("policy-module"),
+
+ TRUST_MODULE("trust-module"),
+
+ MAPPING_MODULE("mapping-module"),
+
+ MODULE_OPTION("module-option");
+
+ private final String name;
+
+ Element(final String name) {
+ this.name = name;
+ }
+
+ /**
+ * Get the local name of this element.
+ *
+ * @return the local name
+ */
+ public String getLocalName() {
+ return name;
+ }
+
+ private static final Map<String, Element> MAP;
+
+ static {
+ final Map<String, Element> map = new HashMap<String, Element>();
+ for (Element element : values()) {
+ final String name = element.getLocalName();
+ if (name != null)
+ map.put(name, element);
+ }
+ MAP = map;
+ }
+
+ public static Element forName(String localName) {
+ final Element element = MAP.get(localName);
+ return element == null ? UNKNOWN : element;
+ }
+
+}
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/IdentityTrustInfo.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/IdentityTrustInfo.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/IdentityTrustInfo.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -6,11 +6,19 @@
*/
package org.jboss.security.config;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
/**
* Identity Trust Info
+ *
* @author <a href="mailto:Anil.Saldhana at redhat.com">Anil Saldhana</a>
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @version $Revision$
* @since July 25, 2007
*/
@@ -35,5 +43,35 @@
protected BaseSecurityInfo<IdentityTrustModuleEntry> create(String name)
{
return new IdentityTrustInfo(name);
- }
+ }
+
+ /**
+ * Write element content. The start element is already written.
+ *
+ * @param writer
+ * @throws XMLStreamException
+ */
+ public void writeContent(XMLStreamWriter writer) throws XMLStreamException
+ {
+ for (int i = 0; i < moduleEntries.size(); i++)
+ {
+ IdentityTrustModuleEntry entry = moduleEntries.get(i);
+ writer.writeStartElement(Element.TRUST_MODULE.getLocalName());
+ writer.writeAttribute(Attribute.CODE.getLocalName(), entry.getName());
+ writer.writeAttribute(Attribute.FLAG.getLocalName(), entry.getControlFlag().toString().toLowerCase());
+ Map<String, ?> options = entry.getOptions();
+ if (options != null && options.size() > 0)
+ {
+ for (Entry<String, ?> option : options.entrySet())
+ {
+ writer.writeStartElement(Element.MODULE_OPTION.getLocalName());
+ writer.writeAttribute(Attribute.NAME.getLocalName(), option.getKey());
+ writer.writeAttribute(Attribute.VALUE.getLocalName(), option.getValue().toString());
+ writer.writeEndElement();
+ }
+ }
+ writer.writeEndElement();
+ }
+ writer.writeEndElement();
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/MappingInfo.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/MappingInfo.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/MappingInfo.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -6,11 +6,19 @@
*/
package org.jboss.security.config;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
import org.jboss.security.mapping.config.MappingModuleEntry;
/**
* Mapping Info
+ *
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @version $Revision$
* @since Aug 28, 2006
*/
@@ -40,5 +48,35 @@
protected BaseSecurityInfo<MappingModuleEntry> create(String name)
{
return new MappingInfo(name);
- }
+ }
+
+ /**
+ * Write element content. The start element is already written.
+ *
+ * @param writer
+ * @throws XMLStreamException
+ */
+ public void writeContent(XMLStreamWriter writer) throws XMLStreamException
+ {
+ for (int i = 0; i < moduleEntries.size(); i++)
+ {
+ MappingModuleEntry entry = moduleEntries.get(i);
+ writer.writeStartElement(Element.MAPPING_MODULE.getLocalName());
+ writer.writeAttribute(Attribute.CODE.getLocalName(), entry.getMappingModuleName());
+ writer.writeAttribute(Attribute.TYPE.getLocalName(), entry.getMappingModuleType());
+ Map<String, ?> options = entry.getOptions();
+ if (options != null && options.size() > 0)
+ {
+ for (Entry<String, ?> option : options.entrySet())
+ {
+ writer.writeStartElement(Element.MODULE_OPTION.getLocalName());
+ writer.writeAttribute(Attribute.NAME.getLocalName(), option.getKey());
+ writer.writeAttribute(Attribute.VALUE.getLocalName(), option.getValue().toString());
+ writer.writeEndElement();
+ }
+ }
+ writer.writeEndElement();
+ }
+ writer.writeEndElement();
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AclConfigParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AclConfigParser.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AclConfigParser.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -22,6 +22,7 @@
package org.jboss.security.config.parser;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Map;
@@ -29,20 +30,25 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
import org.jboss.security.acl.config.ACLProviderEntry;
import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.Element;
/**
* Stax based Parser to parse the acl configuration
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jan 22, 2010
*/
-public class AclConfigParser
+public class AclConfigParser implements XMLStreamConstants
{
/**
* Parse the <acl> element
@@ -106,5 +112,73 @@
ACLProviderEntry entry = new ACLProviderEntry(codeName, options);
entry.setControlFlag(controlFlag);
return entry;
- }
+ }
+
+ /**
+ * Parse the <acl> element
+ * @param reader
+ * @return
+ * @throws XMLStreamException
+ */
+ public Set<ACLProviderEntry> parse(XMLStreamReader reader) throws XMLStreamException
+ {
+ Set<ACLProviderEntry> entries = new LinkedHashSet<ACLProviderEntry>();
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ ACLProviderEntry entry = null;
+ if (element.equals(Element.ACL_MODULE))
+ {
+ entry = getEntry(reader);
+ entries.add(entry);
+ }
+ else
+ {
+ StaxParserUtil.unexpectedElement(reader);
+ }
+ }
+ return entries;
+ }
+
+ private ACLProviderEntry getEntry(XMLStreamReader reader) throws XMLStreamException
+ {
+ Map<String, Object> options = new HashMap<String, Object>();
+ String codeName = null;
+ ControlFlag controlFlag = ControlFlag.REQUIRED;
+
+ final int count = reader.getAttributeCount();
+ if (count < 2)
+ {
+ Set<org.jboss.security.config.Attribute> set = new HashSet<org.jboss.security.config.Attribute>();
+ set.add(org.jboss.security.config.Attribute.CODE);
+ set.add(org.jboss.security.config.Attribute.FLAG);
+ throw StaxParserUtil.missingRequired(reader, set);
+ }
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute.forName(reader
+ .getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case CODE : {
+ codeName = value;
+ break;
+ }
+ case FLAG : {
+ controlFlag = ControlFlag.valueOf(value);
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ //See if there are options
+ ModuleOptionParser moParser = new ModuleOptionParser();
+ options.putAll(moParser.parse(reader));
+
+ ACLProviderEntry entry = new ACLProviderEntry(codeName, options);
+ entry.setControlFlag(controlFlag);
+ return entry;
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ApplicationPolicyParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ApplicationPolicyParser.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ApplicationPolicyParser.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -22,6 +22,7 @@
package org.jboss.security.config.parser;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
@@ -31,6 +32,7 @@
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
@@ -44,6 +46,7 @@
import org.jboss.security.config.ApplicationPolicy;
import org.jboss.security.config.AuditInfo;
import org.jboss.security.config.AuthorizationInfo;
+import org.jboss.security.config.Element;
import org.jboss.security.config.IdentityTrustInfo;
import org.jboss.security.config.MappingInfo;
import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
@@ -52,10 +55,12 @@
/**
* Stax based Application Policy Parser
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jan 22, 2010
*/
-public class ApplicationPolicyParser
+public class ApplicationPolicyParser implements XMLStreamConstants
{
@SuppressWarnings("unchecked")
public List<ApplicationPolicy> parse(XMLEventReader xmlEventReader) throws XMLStreamException
@@ -192,4 +197,132 @@
StaxParserUtil.getLineColumnNumber(xmlEvent.getLocation()));
}
}
+
+ public List<ApplicationPolicy> parse(XMLStreamReader reader) throws XMLStreamException
+ {
+ List<ApplicationPolicy> policies = null;
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ if (element.equals(Element.APPLICATION_POLICY))
+ {
+ final int count = reader.getAttributeCount();
+ if (count == 0)
+ throw StaxParserUtil.missingRequired(reader, Collections.singleton(org.jboss.security.config.Attribute.NAME));
+ String name = null;
+ String extendsName = null;
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute.forName(reader.getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case NAME : {
+ name = value;
+ break;
+ }
+ case EXTENDS : {
+ extendsName = value;
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ if (name == null)
+ throw StaxParserUtil.missingRequired(reader, Collections.singleton(org.jboss.security.config.Attribute.NAME));
+ final ApplicationPolicy applicationPolicy = new ApplicationPolicy(name);
+ if (extendsName != null)
+ applicationPolicy.setBaseApplicationPolicyName(extendsName);
+ route(reader, applicationPolicy);
+ if (policies == null)
+ policies = new ArrayList<ApplicationPolicy>();
+ policies.add(applicationPolicy);
+
+ }
+ else
+ throw StaxParserUtil.unexpectedElement(reader);
+ }
+ return policies;
+ }
+
+ @SuppressWarnings("unchecked")
+ private void route(XMLStreamReader reader, ApplicationPolicy appPolicy) throws XMLStreamException
+ {
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ switch (element)
+ {
+ case ACL : {
+ AclConfigParser parser = new AclConfigParser();
+ Set<ACLProviderEntry> entries = parser.parse(reader);
+ ACLInfo aclInfo = new ACLInfo(appPolicy.getName());
+ aclInfo.add(new ArrayList(entries));
+ appPolicy.setAclInfo(aclInfo);
+ break;
+ }
+ case AUDIT : {
+ AuditConfigParser parser = new AuditConfigParser();
+ List<AuditProviderEntry> entries = parser.parse(reader);
+ AuditInfo authInfo = new AuditInfo(appPolicy.getName());
+ authInfo.add(entries);
+ appPolicy.setAuditInfo(authInfo);
+ break;
+ }
+ case AUTHENTICATION : {
+ AuthenticationConfigParser parser = new AuthenticationConfigParser();
+ Set<AppConfigurationEntry> entries = parser.parse(reader);
+ AuthenticationInfo authInfo = new AuthenticationInfo();
+ authInfo.setAppConfigurationEntry(new ArrayList(entries));
+ appPolicy.setAuthenticationInfo(authInfo);
+ break;
+ }
+ case AUTHENTICATION_JASPI : {
+ AuthenticationJASPIConfigParser parser = new AuthenticationJASPIConfigParser();
+ JASPIAuthenticationInfo authInfo = parser.parse(reader);
+ appPolicy.setAuthenticationInfo(authInfo);
+ break;
+ }
+ case AUTHORIZATION : {
+ AuthorizationConfigParser parser = new AuthorizationConfigParser();
+ Set<AuthorizationModuleEntry> entries = parser.parse(reader);
+ AuthorizationInfo authInfo = new AuthorizationInfo(appPolicy.getName());
+ authInfo.add(new ArrayList(entries));
+ appPolicy.setAuthorizationInfo(authInfo);
+ break;
+ }
+ case IDENTITY_TRUST : {
+ IdentityTrustConfigParser parser = new IdentityTrustConfigParser();
+ List<IdentityTrustModuleEntry> entries = parser.parse(reader);
+ IdentityTrustInfo authInfo = new IdentityTrustInfo(appPolicy.getName());
+ authInfo.add(entries);
+ appPolicy.setIdentityTrustInfo(authInfo);
+ break;
+ }
+ case MAPPING : {
+ MappingConfigParser parser = new MappingConfigParser();
+ List<MappingModuleEntry> entries = parser.parse(reader);
+ for (MappingModuleEntry entry : entries)
+ {
+ MappingInfo mappingInfo = new MappingInfo(appPolicy.getName());
+ mappingInfo.add(entry);
+ String moduleType = entry.getMappingModuleType();
+ appPolicy.setMappingInfo(moduleType, mappingInfo);
+ }
+ break;
+ }
+ case ROLE_MAPPING : {
+ MappingConfigParser parser = new MappingConfigParser();
+ List<MappingModuleEntry> entries = parser.parse(reader);
+ MappingInfo mappingInfo = new MappingInfo(appPolicy.getName());
+ mappingInfo.add(entries);
+ appPolicy.setMappingInfo(MappingType.ROLE.toString(), mappingInfo);
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedElement(reader);
+ }
+ }
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuditConfigParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuditConfigParser.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuditConfigParser.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -22,6 +22,7 @@
package org.jboss.security.config.parser;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
@@ -29,19 +30,24 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
import org.jboss.security.audit.config.AuditProviderEntry;
+import org.jboss.security.config.Element;
/**
* Stax based audit configuration Parser
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jan 22, 2010
*/
-public class AuditConfigParser
+public class AuditConfigParser implements XMLStreamConstants
{
/**
* Parse the <audit> element
@@ -99,5 +105,61 @@
AuditProviderEntry entry = new AuditProviderEntry(codeName, options);
return entry;
- }
+ }
+
+ /**
+ * Parse the <audit> element
+ * @param reader
+ * @return
+ * @throws XMLStreamException
+ */
+ public List<AuditProviderEntry> parse(XMLStreamReader reader) throws XMLStreamException
+ {
+ List<AuditProviderEntry> entries = new ArrayList<AuditProviderEntry>();
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ AuditProviderEntry entry = null;
+ if (element.equals(Element.PROVIDER_MODULE))
+ {
+ entry = getEntry(reader);
+ }
+ else
+ throw StaxParserUtil.unexpectedElement(reader);
+ entries.add(entry);
+ }
+ return entries;
+ }
+
+ private AuditProviderEntry getEntry(XMLStreamReader reader) throws XMLStreamException
+ {
+ String codeName = null;
+ Map<String, Object> options = new HashMap<String, Object>();
+ final int count = reader.getAttributeCount();
+ if (count < 1)
+ {
+ throw StaxParserUtil.missingRequired(reader, Collections.singleton(org.jboss.security.config.Attribute.CODE));
+ }
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute.forName(reader
+ .getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case CODE : {
+ codeName = value;
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ //See if there are options
+ ModuleOptionParser moParser = new ModuleOptionParser();
+ options.putAll(moParser.parse(reader));
+
+ AuditProviderEntry entry = new AuditProviderEntry(codeName, options);
+ return entry;
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthenticationConfigParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthenticationConfigParser.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthenticationConfigParser.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -22,6 +22,7 @@
package org.jboss.security.config.parser;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Map;
@@ -31,18 +32,65 @@
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
+import org.jboss.resource.security.CallerIdentityLoginModule;
+import org.jboss.resource.security.ConfiguredIdentityLoginModule;
+import org.jboss.resource.security.JaasSecurityDomainIdentityLoginModule;
+import org.jboss.resource.security.PBEIdentityLoginModule;
+import org.jboss.resource.security.SecureIdentityLoginModule;
+import org.jboss.security.ClientLoginModule;
+import org.jboss.security.auth.spi.BaseCertLoginModule;
+import org.jboss.security.auth.spi.CertRolesLoginModule;
+import org.jboss.security.auth.spi.DatabaseCertLoginModule;
+import org.jboss.security.auth.spi.DatabaseServerLoginModule;
+import org.jboss.security.auth.spi.IdentityLoginModule;
+import org.jboss.security.auth.spi.LdapExtLoginModule;
+import org.jboss.security.auth.spi.LdapLoginModule;
+import org.jboss.security.auth.spi.RoleMappingLoginModule;
+import org.jboss.security.auth.spi.RunAsLoginModule;
+import org.jboss.security.auth.spi.SimpleServerLoginModule;
+import org.jboss.security.auth.spi.UsersRolesLoginModule;
+import org.jboss.security.config.Element;
+
/**
* Stax based JAAS authentication configuration Parser
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jan 22, 2010
*/
-public class AuthenticationConfigParser
+public class AuthenticationConfigParser implements XMLStreamConstants
{
+
+ public static Map<String, String> loginModulesMap = new HashMap<String, String>();
+
+ static
+ {
+ loginModulesMap.put("Client", ClientLoginModule.class.getName());
+ loginModulesMap.put("Certificate", BaseCertLoginModule.class.getName());
+ loginModulesMap.put("CertificateRoles", CertRolesLoginModule.class.getName());
+ loginModulesMap.put("DatabaseCertificate", DatabaseCertLoginModule.class.getName());
+ loginModulesMap.put("Database", DatabaseServerLoginModule.class.getName());
+ loginModulesMap.put("Identity", IdentityLoginModule.class.getName());
+ loginModulesMap.put("Ldap", LdapLoginModule.class.getName());
+ loginModulesMap.put("LdapExtended", LdapExtLoginModule.class.getName());
+ loginModulesMap.put("RoleMapping", RoleMappingLoginModule.class.getName());
+ loginModulesMap.put("RunAs", RunAsLoginModule.class.getName());
+ loginModulesMap.put("Simple", SimpleServerLoginModule.class.getName());
+ loginModulesMap.put("UsersRoles", UsersRolesLoginModule.class.getName());
+ loginModulesMap.put("CallerIdentity", CallerIdentityLoginModule.class.getName());
+ loginModulesMap.put("ConfiguredIdentity", ConfiguredIdentityLoginModule.class.getName());
+ loginModulesMap.put("JaasSecurityDomainIdentity", JaasSecurityDomainIdentityLoginModule.class.getName());
+ loginModulesMap.put("PBEIdentity", PBEIdentityLoginModule.class.getName());
+ loginModulesMap.put("SecureIdentity", SecureIdentityLoginModule.class.getName());
+ }
+
/**
* Parse the <authentication> element
* @param xmlEventReader
@@ -117,4 +165,72 @@
return LoginModuleControlFlag.REQUISITE;
throw new RuntimeException(flag + " is not recognized");
}
+
+ /**
+ * Parse the <authentication> element
+ * @param reader
+ * @return
+ * @throws XMLStreamException
+ */
+ public Set<AppConfigurationEntry> parse(XMLStreamReader reader) throws XMLStreamException
+ {
+ Set<AppConfigurationEntry> entries = new LinkedHashSet<AppConfigurationEntry>();
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ AppConfigurationEntry entry = null;
+ if (element.equals(Element.LOGIN_MODULE))
+ {
+ entry = getEntry(reader);
+ }
+ else
+ throw StaxParserUtil.unexpectedElement(reader);
+ entries.add(entry);
+ }
+ return entries;
+ }
+
+ private AppConfigurationEntry getEntry(XMLStreamReader reader) throws XMLStreamException
+ {
+ Map<String, Object> options = new HashMap<String, Object>();
+ String codeName = null;
+ LoginModuleControlFlag controlFlag = LoginModuleControlFlag.REQUIRED;
+
+ final int count = reader.getAttributeCount();
+ if (count < 2)
+ {
+ Set<org.jboss.security.config.Attribute> set = new HashSet<org.jboss.security.config.Attribute>();
+ set.add(org.jboss.security.config.Attribute.CODE);
+ set.add(org.jboss.security.config.Attribute.FLAG);
+ throw StaxParserUtil.missingRequired(reader, set);
+ }
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute.forName(reader
+ .getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case CODE : {
+ // check if it's a known login module
+ if (loginModulesMap.containsKey(value))
+ codeName = loginModulesMap.get(value);
+ else
+ codeName = value;
+ break;
+ }
+ case FLAG : {
+ controlFlag = getControlFlag(value);
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ //See if there are options
+ ModuleOptionParser moParser = new ModuleOptionParser();
+ options.putAll(moParser.parse(reader));
+
+ return new AppConfigurationEntry(codeName, controlFlag, options);
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthenticationJASPIConfigParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthenticationJASPIConfigParser.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthenticationJASPIConfigParser.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -21,15 +21,20 @@
*/
package org.jboss.security.config.parser;
+import java.util.Collections;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
+import java.util.Set;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
@@ -38,13 +43,16 @@
import org.jboss.security.auth.login.JASPIAuthenticationInfo;
import org.jboss.security.auth.login.LoginModuleStackHolder;
import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.Element;
/**
* Stax based JASPI configuration Parser
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jan 22, 2010
*/
-public class AuthenticationJASPIConfigParser
+public class AuthenticationJASPIConfigParser implements XMLStreamConstants
{
/**
* Parse the <authentication-jaspi> element
@@ -196,4 +204,163 @@
return LoginModuleControlFlag.REQUISITE;
throw new RuntimeException(flag + " is not recognized");
}
+
+ /**
+ * Parse the <authentication-jaspi> element
+ * @param reader
+ * @return
+ * @throws XMLStreamException
+ */
+ public JASPIAuthenticationInfo parse(XMLStreamReader reader) throws XMLStreamException
+ {
+ JASPIAuthenticationInfo authInfo = new JASPIAuthenticationInfo();
+ Map<String, LoginModuleStackHolder> holders = new HashMap<String, LoginModuleStackHolder>();
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ switch (element)
+ {
+ case LOGIN_MODULE_STACK : {
+ final int count = reader.getAttributeCount();
+ if (count < 1)
+ {
+ throw StaxParserUtil.missingRequired(reader, Collections
+ .singleton(org.jboss.security.config.Attribute.NAME));
+ }
+ LoginModuleStackHolder holder = null;
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute
+ .forName(reader.getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case NAME : {
+ String name = value;
+ holder = new LoginModuleStackHolder(name, null);
+ holders.put(name, holder);
+ authInfo.add(holder);
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element2 = Element.forName(reader.getLocalName());
+ if (element2.equals(Element.LOGIN_MODULE))
+ {
+ holder.addAppConfigurationEntry(getJAASEntry(reader));
+ }
+ }
+ break;
+ }
+ case AUTH_MODULE : {
+ AuthModuleEntry entry = getJaspiEntry(reader);
+ String stackHolderRefName = entry.getLoginModuleStackHolderName();
+ if (stackHolderRefName != null)
+ {
+ if (!holders.containsKey(stackHolderRefName))
+ throw new RuntimeException("auth-module references a login module stack that doesn't exist: "
+ + stackHolderRefName);
+ entry.setLoginModuleStackHolder(holders.get(stackHolderRefName));
+ }
+ authInfo.add(entry);
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedElement(reader);
+ }
+ }
+ return authInfo;
+ }
+
+ private AppConfigurationEntry getJAASEntry(XMLStreamReader reader) throws XMLStreamException
+ {
+ Map<String, Object> options = new HashMap<String, Object>();
+ String codeName = null;
+ LoginModuleControlFlag controlFlag = LoginModuleControlFlag.REQUIRED;
+
+ final int count = reader.getAttributeCount();
+ if (count < 2)
+ {
+ Set<org.jboss.security.config.Attribute> set = new HashSet<org.jboss.security.config.Attribute>();
+ set.add(org.jboss.security.config.Attribute.CODE);
+ set.add(org.jboss.security.config.Attribute.FLAG);
+ throw StaxParserUtil.missingRequired(reader, set);
+ }
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute.forName(reader
+ .getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case CODE : {
+ codeName = value;
+ break;
+ }
+ case FLAG : {
+ controlFlag = getControlFlag(value);
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ //See if there are options
+ ModuleOptionParser moParser = new ModuleOptionParser();
+ options.putAll(moParser.parse(reader));
+
+ return new AppConfigurationEntry(codeName, controlFlag, options);
+ }
+
+ private AuthModuleEntry getJaspiEntry(XMLStreamReader reader) throws XMLStreamException
+ {
+ Map<String, Object> options = new HashMap<String, Object>();
+ String codeName = null;
+ String loginModuleStackRef = null;
+ ControlFlag flag = ControlFlag.REQUIRED;
+
+ final int count = reader.getAttributeCount();
+ if (count == 0)
+ {
+ throw StaxParserUtil.missingRequired(reader, Collections.singleton(org.jboss.security.config.Attribute.CODE));
+ }
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute.forName(reader
+ .getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case CODE : {
+ codeName = value;
+ break;
+ }
+ case FLAG : {
+ flag = ControlFlag.valueOf(value);
+ break;
+ }
+ case LOGIN_MODULE_STACK_REF : {
+ loginModuleStackRef = value;
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ if (codeName == null)
+ {
+ throw StaxParserUtil.missingRequired(reader, Collections.singleton(org.jboss.security.config.Attribute.CODE));
+ }
+ //See if there are options
+ ModuleOptionParser moParser = new ModuleOptionParser();
+ options.putAll(moParser.parse(reader));
+
+ AuthModuleEntry entry = new AuthModuleEntry(codeName, options, loginModuleStackRef);
+ entry.setControlFlag(flag);
+ return entry;
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthorizationConfigParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthorizationConfigParser.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/AuthorizationConfigParser.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -22,6 +22,7 @@
package org.jboss.security.config.parser;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Map;
@@ -29,20 +30,25 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
import org.jboss.security.authorization.config.AuthorizationModuleEntry;
import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.Element;
/**
* Stax based authorization configuration Parser
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jan 22, 2010
*/
-public class AuthorizationConfigParser
+public class AuthorizationConfigParser implements XMLStreamConstants
{
/**
* Parse the <authorization> element
@@ -107,5 +113,71 @@
AuthorizationModuleEntry entry = new AuthorizationModuleEntry(codeName, options);
entry.setControlFlag(controlFlag);
return entry;
- }
+ }
+
+ /**
+ * Parse the <authorization> element
+ * @param reader
+ * @return
+ * @throws XMLStreamException
+ */
+ public Set<AuthorizationModuleEntry> parse(XMLStreamReader reader) throws XMLStreamException
+ {
+ Set<AuthorizationModuleEntry> entries = new LinkedHashSet<AuthorizationModuleEntry>();
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ AuthorizationModuleEntry entry = null;
+ if (element.equals(Element.POLICY_MODULE))
+ {
+ entry = getEntry(reader);
+ }
+ else
+ throw StaxParserUtil.unexpectedElement(reader);
+ entries.add(entry);
+ }
+ return entries;
+ }
+
+ private AuthorizationModuleEntry getEntry(XMLStreamReader reader) throws XMLStreamException
+ {
+ Map<String, Object> options = new HashMap<String, Object>();
+ String codeName = null;
+ ControlFlag controlFlag = ControlFlag.REQUIRED;
+
+ final int count = reader.getAttributeCount();
+ if (count < 2)
+ {
+ Set<org.jboss.security.config.Attribute> set = new HashSet<org.jboss.security.config.Attribute>();
+ set.add(org.jboss.security.config.Attribute.CODE);
+ set.add(org.jboss.security.config.Attribute.FLAG);
+ throw StaxParserUtil.missingRequired(reader, set);
+ }
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute.forName(reader
+ .getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case CODE : {
+ codeName = value;
+ break;
+ }
+ case FLAG : {
+ controlFlag = ControlFlag.valueOf(value);
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ //See if there are options
+ ModuleOptionParser moParser = new ModuleOptionParser();
+ options.putAll(moParser.parse(reader));
+
+ AuthorizationModuleEntry entry = new AuthorizationModuleEntry(codeName, options);
+ entry.setControlFlag(controlFlag);
+ return entry;
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/IdentityTrustConfigParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/IdentityTrustConfigParser.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/IdentityTrustConfigParser.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -22,6 +22,7 @@
package org.jboss.security.config.parser;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
@@ -29,20 +30,25 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.Element;
import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
/**
* Stax based identity trust configuration Parser
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jan 22, 2010
*/
-public class IdentityTrustConfigParser
+public class IdentityTrustConfigParser implements XMLStreamConstants
{
/**
* Parse the <identity-trust> element
@@ -106,5 +112,70 @@
IdentityTrustModuleEntry entry = new IdentityTrustModuleEntry(codeName, options);
entry.setControlFlag(flag);
return entry;
- }
+ }
+
+ /**
+ * Parse the <identity-trust> element
+ * @param reader
+ * @return
+ * @throws XMLStreamException
+ */
+ public List<IdentityTrustModuleEntry> parse(XMLStreamReader reader) throws XMLStreamException
+ {
+ List<IdentityTrustModuleEntry> entries = new ArrayList<IdentityTrustModuleEntry>();
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ IdentityTrustModuleEntry entry = null;
+ if (element.equals(Element.TRUST_MODULE))
+ {
+ entry = getEntry(reader);
+ }
+ else
+ throw StaxParserUtil.unexpectedElement(reader);
+ entries.add(entry);
+ }
+ return entries;
+ }
+
+ private IdentityTrustModuleEntry getEntry(XMLStreamReader reader) throws XMLStreamException
+ {
+ Map<String, Object> options = new HashMap<String, Object>();
+ String codeName = null;
+ ControlFlag flag = ControlFlag.REQUIRED;
+
+ final int count = reader.getAttributeCount();
+ if (count == 0)
+ {
+ throw StaxParserUtil.missingRequired(reader, Collections.singleton(org.jboss.security.config.Attribute.CODE));
+ }
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute.forName(reader
+ .getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case CODE : {
+ codeName = value;
+ break;
+ }
+ case FLAG : {
+ flag = ControlFlag.valueOf(value);
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ if (codeName == null)
+ throw StaxParserUtil.missingRequired(reader, Collections.singleton(org.jboss.security.config.Attribute.CODE));
+ //See if there are options
+ ModuleOptionParser moParser = new ModuleOptionParser();
+ options.putAll(moParser.parse(reader));
+
+ IdentityTrustModuleEntry entry = new IdentityTrustModuleEntry(codeName, options);
+ entry.setControlFlag(flag);
+ return entry;
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/MappingConfigParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/MappingConfigParser.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/MappingConfigParser.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -22,6 +22,7 @@
package org.jboss.security.config.parser;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
@@ -29,20 +30,25 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
+import org.jboss.security.config.Element;
import org.jboss.security.mapping.MappingType;
import org.jboss.security.mapping.config.MappingModuleEntry;
/**
* Stax based mapping configuration Parser
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jan 22, 2010
*/
-public class MappingConfigParser
+public class MappingConfigParser implements XMLStreamConstants
{
/**
* The mapping module by default can be ROLE type
@@ -110,5 +116,67 @@
options.putAll(moParser.parse(xmlEventReader));
return new MappingModuleEntry(codeName, options,typeName);
- }
+ }
+
+ /**
+ * Parse the <mapping> element
+ * @param reader
+ * @return
+ * @throws XMLStreamException
+ */
+ public List<MappingModuleEntry> parse(XMLStreamReader reader) throws XMLStreamException
+ {
+ List<MappingModuleEntry> entries = new ArrayList<MappingModuleEntry>();
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ MappingModuleEntry entry = null;
+ if (element.equals(Element.MAPPING_MODULE))
+ {
+ entry = getEntry(reader);
+ }
+ else
+ throw StaxParserUtil.unexpectedElement(reader);
+ entries.add(entry);
+ }
+ return entries;
+ }
+
+ private MappingModuleEntry getEntry(XMLStreamReader reader) throws XMLStreamException
+ {
+ Map<String, Object> options = new HashMap<String, Object>();
+ String codeName = null;
+
+ final int count = reader.getAttributeCount();
+ if (count < 1)
+ {
+ throw StaxParserUtil.missingRequired(reader, Collections.singleton(org.jboss.security.config.Attribute.CODE));
+ }
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute.forName(reader
+ .getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case CODE : {
+ codeName = value;
+ break;
+ }
+ case TYPE : {
+ typeName = value;
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ if (codeName == null)
+ throw StaxParserUtil.missingRequired(reader, Collections.singleton(org.jboss.security.config.Attribute.CODE));
+ //See if there are options
+ ModuleOptionParser moParser = new ModuleOptionParser();
+ options.putAll(moParser.parse(reader));
+
+ return new MappingModuleEntry(codeName, options, typeName);
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ModuleOptionParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ModuleOptionParser.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ModuleOptionParser.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -21,6 +21,7 @@
*/
package org.jboss.security.config.parser;
+import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
@@ -29,17 +30,22 @@
import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
+import org.jboss.security.config.Element;
+
/**
* Parses the Module Option
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jan 22, 2010
*/
-public class ModuleOptionParser
+public class ModuleOptionParser implements XMLStreamConstants
{
private static transient Map<String, ParserNamespaceSupport> parsers = new HashMap<String,ParserNamespaceSupport>();
@@ -145,4 +151,59 @@
{
return parsers.get(nsURI);
}
+
+ /**
+ * Parse the module-option element
+ * @param reader
+ * @return
+ * @throws XMLStreamException
+ */
+ public Map<String, Object> parse(XMLStreamReader reader) throws XMLStreamException
+ {
+ Map<String, Object> options = new HashMap<String, Object>();
+
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ if (element.equals(Element.MODULE_OPTION))
+ {
+ final int count = reader.getAttributeCount();
+ if (count == 0)
+ {
+ throw StaxParserUtil.missingRequired(reader, Collections.singleton(org.jboss.security.config.Attribute.NAME));
+ }
+ String name = null;
+ Object optionValue = null;
+ for (int i = 0; i < count; i++)
+ {
+ final String value = reader.getAttributeValue(i);
+ final org.jboss.security.config.Attribute attribute = org.jboss.security.config.Attribute.forName(reader
+ .getAttributeLocalName(i));
+ switch (attribute)
+ {
+ case NAME : {
+ name = value;
+ break;
+ }
+ case VALUE : {
+ optionValue = value;
+ break;
+ }
+ default :
+ throw StaxParserUtil.unexpectedAttribute(reader, i);
+ }
+ }
+ if (optionValue == null)
+ {
+ optionValue = reader.getElementText();
+ }
+ else
+ StaxParserUtil.requireNoContent(reader);
+ options.put(name, optionValue);
+ }
+ else
+ throw StaxParserUtil.unexpectedElement(reader);
+ }
+ return options;
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/StaxBasedConfigParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/StaxBasedConfigParser.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/StaxBasedConfigParser.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -32,6 +32,7 @@
import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
import javax.xml.transform.Source;
@@ -43,16 +44,19 @@
import org.jboss.logging.Logger;
import org.jboss.security.config.ApplicationPolicy;
import org.jboss.security.config.ApplicationPolicyRegistration;
+import org.jboss.security.config.Element;
import org.xml.sax.ErrorHandler;
import org.xml.sax.SAXException;
import org.xml.sax.SAXParseException;
/**
* Configuration Parser based on Stax
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Jan 22, 2010
*/
-public class StaxBasedConfigParser
+public class StaxBasedConfigParser implements XMLStreamConstants
{
private static Logger log = Logger.getLogger(StaxBasedConfigParser.class);
private boolean trace = log.isTraceEnabled();
@@ -123,6 +127,35 @@
}
}
+ public void parse2(InputStream configStream) throws XMLStreamException
+ {
+ Configuration config = Configuration.getConfiguration();
+ if (!(config instanceof ApplicationPolicyRegistration))
+ {
+ throw new IllegalStateException("JAAS Configuration does not support application policy registration");
+ }
+
+ ApplicationPolicyRegistration appPolicyRegistration = (ApplicationPolicyRegistration) config;
+ XMLStreamReader reader = getXMLStreamReader(configStream);
+ while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ final Element element = Element.forName(reader.getLocalName());
+ if (element.equals(Element.POLICY))
+ {
+ ApplicationPolicyParser appPolicyParser = new ApplicationPolicyParser();
+ List<ApplicationPolicy> appPolicies = appPolicyParser.parse(reader);
+ for(ApplicationPolicy appPolicy: appPolicies)
+ {
+ appPolicyRegistration.addApplicationPolicy(appPolicy.getName(), appPolicy);
+ }
+ }
+ else
+ throw StaxParserUtil.unexpectedElement(reader);
+ if (reader.isEndElement())
+ break;
+ }
+ }
+
private Validator schemaValidator()
{
try
@@ -192,5 +225,26 @@
throw new RuntimeException(ex);
}
return xmlEventReader;
- }
+ }
+
+ private XMLStreamReader getXMLStreamReader(InputStream is)
+ {
+ XMLInputFactory xmlInputFactory = null;
+ XMLStreamReader xmlStreamReader = null;
+ try
+ {
+ xmlInputFactory = XMLInputFactory.newInstance();
+ xmlInputFactory.setProperty(XMLInputFactory.IS_REPLACING_ENTITY_REFERENCES, Boolean.TRUE);
+ xmlInputFactory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, Boolean.FALSE);
+ xmlInputFactory.setProperty(XMLInputFactory.IS_NAMESPACE_AWARE, Boolean.TRUE);
+ xmlInputFactory.setProperty(XMLInputFactory.IS_COALESCING, Boolean.TRUE);
+
+ xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
+ }
+ catch (Exception ex)
+ {
+ throw new RuntimeException(ex);
+ }
+ return xmlStreamReader;
+ }
}
\ No newline at end of file
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/StaxParserUtil.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/StaxParserUtil.java 2011-01-27 11:53:12 UTC (rev 159)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/StaxParserUtil.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -21,17 +21,25 @@
*/
package org.jboss.security.config.parser;
+import java.util.Iterator;
+import java.util.Set;
+
import javax.xml.stream.Location;
+import javax.xml.stream.XMLStreamConstants;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.events.Attribute;
import javax.xml.stream.events.StartElement;
/**
* Utility for the stax based parser
+ *
* @author Anil.Saldhana at redhat.com
+ * @author <a href="mailto:mmoyses at redhat.com">Marcus Moyses</a>
* @since Feb 8, 2010
*/
-public class StaxParserUtil
+public class StaxParserUtil implements XMLStreamConstants
{
/**
* Given an {@code Attribute}, get its trimmed value
@@ -78,4 +86,67 @@
throw new IllegalArgumentException("Input str is null");
return str.trim();
}
+
+ /**
+ * Get an exception reporting a missing, required XML attribute.
+ *
+ * @param reader the stream reader
+ * @param required a set of enums whose toString method returns the attribute name
+ * @return the exception
+ */
+ public static XMLStreamException missingRequired(final XMLStreamReader reader, final Set<?> required)
+ {
+ final StringBuilder b = new StringBuilder();
+ Iterator<?> iterator = required.iterator();
+ while (iterator.hasNext())
+ {
+ final Object o = iterator.next();
+ b.append(o.toString());
+ if (iterator.hasNext())
+ {
+ b.append(", ");
+ }
+ }
+ return new XMLStreamException("Missing required attribute(s): " + b, reader.getLocation());
+ }
+
+ /**
+ * Get an exception reporting an unexpected XML element.
+ *
+ * @param reader the stream reader
+ * @return the exception
+ */
+ public static XMLStreamException unexpectedElement(final XMLStreamReader reader)
+ {
+ return new XMLStreamException("Unexpected element '" + reader.getName() + "' encountered", reader.getLocation());
+ }
+
+ /**
+ * Get an exception reporting an unexpected XML attribute.
+ *
+ * @param reader the stream reader
+ * @param index the attribute index
+ * @return the exception
+ */
+ public static XMLStreamException unexpectedAttribute(final XMLStreamReader reader, final int index)
+ {
+ return new XMLStreamException("Unexpected attribute '" + reader.getAttributeName(index) + "' encountered", reader
+ .getLocation());
+ }
+
+ /**
+ * Consumes the remainder of the current element, throwing an {@link XMLStreamException}
+ * if it contains any child elements.
+ *
+ * @param reader the reader
+ * @throws XMLStreamException if an error occurs
+ */
+ public static void requireNoContent(final XMLStreamReader reader) throws XMLStreamException
+ {
+ if (reader.hasNext() && reader.nextTag() != END_ELEMENT)
+ {
+ throw unexpectedElement(reader);
+ }
+ }
+
}
\ No newline at end of file
Added: trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/AuthContext2UnitTestCase.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/AuthContext2UnitTestCase.java (rev 0)
+++ trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authentication/jaspi/AuthContext2UnitTestCase.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -0,0 +1,211 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+
+import java.io.IOException;
+import java.net.URL;
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.Configuration;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.auth.message.GenericMessageInfo;
+import org.jboss.security.config.parser.StaxBasedConfigParser;
+import org.jboss.security.plugins.JBossSecurityContext;
+import org.jboss.security.plugins.auth.JASPIServerAuthenticationManager;
+import org.jboss.test.JBossTestCase;
+import org.jboss.test.JBossTestSetup;
+
+
+/**
+ * Test the JASPI options (required, requisite, sufficient, optional) behavior
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 16, 2007
+ * @version $Revision$
+ */
+public class AuthContext2UnitTestCase extends JBossTestCase
+{
+ public AuthContext2UnitTestCase(String name)
+ {
+ super(name);
+ }
+
+ public static Test suite() throws Exception
+ {
+ TestSuite suite = new TestSuite();
+ suite.addTest(new TestSuite(AuthContext2UnitTestCase.class));
+ // Create an initializer for the test suite
+ TestSetup wrapper = new JBossTestSetup(suite)
+ {
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL url = tcl.getResource("config/jaspi-config-options.xml");
+ if(url == null)
+ throw new IllegalStateException("config url is null");
+ Configuration.setConfiguration(XMLLoginConfigImpl.getInstance());
+ loadXMLConfig(url);
+ }
+ protected void tearDown() throws Exception
+ {
+ super.tearDown();
+ }
+ };
+ return wrapper;
+ }
+
+
+ /**
+ * Test the AuthorizationModule required behavior
+ */
+ public void testRequiredOptionBehavior() throws Exception
+ {
+ boolean result = getResult("required-permit-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-deny-policy");
+ assertTrue("DENY?", false == result);
+ }
+
+ /**
+ * Test the AuthorizationModule requisite behavior
+ */
+ public void testRequisiteOptionBehavior() throws Exception
+ {
+ boolean result = getResult("requisite-permit-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("requisite-deny-policy");
+ assertTrue("DENY?", false == result);
+ }
+
+
+ /**
+ * Test the AuthorizationModule sufficient behavior
+ */
+ public void testSufficientOptionBehavior() throws Exception
+ {
+ boolean result = getResult("sufficient-permit-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("sufficient-deny-policy");
+ assertTrue("DENY?", false == result);
+ }
+
+
+ /**
+ * Test the AuthorizationModule optional behavior
+ */
+ public void testOptionalOptionBehavior() throws Exception
+ {
+ boolean result = getResult("optional-permit-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("optional-deny-policy");
+ assertTrue("DENY?", false == result);
+ }
+
+ /**
+ * Test the AuthorizationModules combination behavior
+ */
+ public void testCombinationBehavior() throws Exception
+ {
+ boolean result = getResult("required-deny-sufficient-permit-policy");
+ assertTrue("DENY?", false == result);
+ result = getResult("required-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-permit-required-deny-policy");
+ assertTrue("DENY?", false == result);
+ result = getResult("required-permit-required-permit-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-permit-required-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-permit-required-permit-requisite-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-permit-required-permit-optional-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("required-permit-required-deny-requisite-permit-policy");
+ assertTrue("DENY?", false == result);
+ result = getResult("requisite-permit-requisite-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", true == result);
+
+ result = getResult("sufficient-permit-required-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("sufficient-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", true == result);
+ result = getResult("optional-deny-sufficient-permit-required-deny-policy");
+ assertTrue("PERMIT?", true == result);
+
+ result = getResult("sufficient-deny-optional-deny-policy");
+ assertTrue("DENY?", false == result);
+ }
+
+ private boolean getResult(String policyName) throws Exception
+ {
+ SecurityContext securityContext = new JBossSecurityContext(policyName);
+ SecurityContextAssociation.setSecurityContext(securityContext);
+
+ CallbackHandler handler = new TestCallbackHandler();
+ JASPIServerAuthenticationManager aContext = new JASPIServerAuthenticationManager(policyName,
+ handler);
+ GenericMessageInfo requestMessage = new GenericMessageInfo(new Object(), new Object());
+ return aContext.isValid(requestMessage, new Subject(), "HttpServlet",
+ handler);
+ }
+
+ /**
+ * Use JBossXB to parse the security config file
+ * @param loginConfigURL
+ * @throws Exception
+ */
+ private static void loadXMLConfig(URL loginConfigURL)
+ throws Exception
+ {
+ if(loginConfigURL == null)
+ throw new IllegalArgumentException("loginConfigURL is null");
+ new StaxBasedConfigParser().parse2(loginConfigURL.openStream());
+ }
+
+ /**
+ * Dummy CallbackHandler
+ */
+ private static class TestCallbackHandler implements CallbackHandler
+ {
+ @SuppressWarnings("unused")
+ public void setSecurityInfo(Principal principal, Object credential)
+ {
+ }
+
+ public void handle(Callback[] arg0) throws IOException, UnsupportedCallbackException
+ {
+ }
+ }
+}
\ No newline at end of file
Added: trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/AuthorizationContex2tUnitTestCase.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/AuthorizationContex2tUnitTestCase.java (rev 0)
+++ trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/AuthorizationContex2tUnitTestCase.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -0,0 +1,233 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authorization;
+
+
+import java.io.IOException;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.Configuration;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.authorization.AuthorizationContext;
+import org.jboss.security.authorization.AuthorizationException;
+import org.jboss.security.authorization.Resource;
+import org.jboss.security.authorization.ResourceType;
+import org.jboss.security.config.ApplicationPolicyRegistration;
+import org.jboss.security.config.parser.StaxBasedConfigParser;
+import org.jboss.security.plugins.authorization.JBossAuthorizationContext;
+import org.jboss.test.JBossTestCase;
+import org.jboss.test.JBossTestSetup;
+
+
+public class AuthorizationContex2tUnitTestCase extends JBossTestCase
+{
+ public AuthorizationContex2tUnitTestCase(String name)
+ {
+ super(name);
+ }
+
+
+ public static Test suite() throws Exception
+ {
+ TestSuite suite = new TestSuite();
+ suite.addTest(new TestSuite(AuthorizationContex2tUnitTestCase.class));
+ // Create an initializer for the test suite
+ TestSetup wrapper = new JBossTestSetup(suite)
+ {
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL url = tcl.getResource("authorization/config/authorization-policy.xml");
+ if(url == null)
+ throw new IllegalStateException("config url is null");
+ Configuration.setConfiguration(XMLLoginConfigImpl.getInstance());
+ loadXMLConfig(url);
+ }
+ protected void tearDown() throws Exception
+ {
+ super.tearDown();
+ }
+ };
+ return wrapper;
+ }
+
+
+ /**
+ * Test the AuthorizationModule required behavior
+ */
+ public void testRequiredOptionBehavior() throws Exception
+ {
+ int result = getResult("required-permit-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ }
+
+ /**
+ * Test the AuthorizationModule requisite behavior
+ */
+ public void testRequisiteOptionBehavior() throws Exception
+ {
+ int result = getResult("requisite-permit-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("requisite-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ }
+
+
+ /**
+ * Test the AuthorizationModule sufficient behavior
+ */
+ public void testSufficientOptionBehavior() throws Exception
+ {
+ int result = getResult("sufficient-permit-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("sufficient-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ }
+
+
+ /**
+ * Test the AuthorizationModule optional behavior
+ */
+ public void testOptionalOptionBehavior() throws Exception
+ {
+ int result = getResult("optional-permit-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("optional-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ }
+
+ /**
+ * Test the AuthorizationModules combination behavior
+ */
+ public void testCombinationBehavior() throws Exception
+ {
+ int result = getResult("required-deny-sufficient-permit-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ result = getResult("required-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-permit-required-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ result = getResult("required-permit-required-permit-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-permit-required-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-permit-required-permit-requisite-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-permit-required-permit-optional-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("required-permit-required-deny-requisite-permit-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ result = getResult("requisite-permit-requisite-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+
+ result = getResult("sufficient-permit-required-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("sufficient-permit-sufficient-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+ result = getResult("optional-deny-sufficient-permit-required-deny-policy");
+ assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
+
+ result = getResult("sufficient-deny-optional-deny-policy");
+ assertTrue("DENY?", AuthorizationContext.DENY == result);
+ }
+
+ private int getResult(String policyName) throws Exception
+ {
+ int result = AuthorizationContext.DENY;
+
+ Configuration config = Configuration.getConfiguration();
+ if(config instanceof ApplicationPolicyRegistration == false)
+ throw new IllegalStateException("JAAS Configuration does not support application policy registration");
+ ApplicationPolicyRegistration appPolicyRegistration = (ApplicationPolicyRegistration) config;
+
+ JBossAuthorizationContext aContext = new JBossAuthorizationContext(policyName,
+ new Subject(),
+ new TestCallbackHandler());
+ aContext.setApplicationPolicy(appPolicyRegistration.getApplicationPolicy(policyName));
+ try
+ {
+ result = aContext.authorize(new Resource()
+ {
+ HashMap<String,Object> contextMap = new HashMap<String,Object>();
+
+ public ResourceType getLayer()
+ {
+ return ResourceType.WEB;
+ }
+
+ @SuppressWarnings("unchecked")
+ public Map getMap()
+ {
+ return contextMap;
+ }
+
+ public void add(String key, Object value)
+ {
+ contextMap.put(key, value);
+ }
+ });
+ }
+ catch(AuthorizationException e)
+ {
+ result = AuthorizationContext.DENY;
+ }
+ return result;
+ }
+
+ /**
+ * Use JBossXB to parse the security config file
+ * @param loginConfigURL
+ * @throws Exception
+ */
+ private static void loadXMLConfig(URL loginConfigURL)
+ throws Exception
+ {
+ if(loginConfigURL == null)
+ throw new IllegalArgumentException("loginConfigURL is null");
+ new StaxBasedConfigParser().parse2(loginConfigURL.openStream());
+ }
+
+ /**
+ * Dummy CallbackHandler
+ */
+ private static class TestCallbackHandler implements CallbackHandler
+ {
+ public void handle(Callback[] arg0)
+ throws IOException, UnsupportedCallbackException
+ {
+ }
+ }
+}
\ No newline at end of file
Added: trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/StaxConfigParser2UnitTestCase.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/StaxConfigParser2UnitTestCase.java (rev 0)
+++ trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/config/StaxConfigParser2UnitTestCase.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -0,0 +1,375 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.config;
+
+import java.io.InputStream;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+
+import junit.framework.Assert;
+
+import org.jboss.security.acl.config.ACLProviderEntry;
+import org.jboss.security.audit.config.AuditProviderEntry;
+import org.jboss.security.auth.container.config.AuthModuleEntry;
+import org.jboss.security.auth.login.BaseAuthenticationInfo;
+import org.jboss.security.auth.login.LoginModuleStackHolder;
+import org.jboss.security.authorization.config.AuthorizationModuleEntry;
+import org.jboss.security.config.ACLInfo;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.ApplicationPolicyRegistration;
+import org.jboss.security.config.AuditInfo;
+import org.jboss.security.config.AuthorizationInfo;
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.IdentityTrustInfo;
+import org.jboss.security.config.MappingInfo;
+import org.jboss.security.config.StandaloneConfiguration;
+import org.jboss.security.config.parser.StaxBasedConfigParser;
+import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
+import org.jboss.security.mapping.MappingType;
+import org.jboss.security.mapping.config.MappingModuleEntry;
+import org.jboss.test.AbstractJBossSXTest;
+
+/**
+ * Unit test the stax based config parser
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 22, 2010
+ */
+public class StaxConfigParser2UnitTestCase extends AbstractJBossSXTest
+{
+ public StaxConfigParser2UnitTestCase(String name)
+ {
+ super(name);
+ }
+
+ public void testSecurityConfig5() throws Exception
+ {
+ Configuration.setConfiguration(StandaloneConfiguration.getInstance());
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream is = tcl.getResourceAsStream("config/securityConfig5.xml");
+ StaxBasedConfigParser parser = new StaxBasedConfigParser();
+
+ parser.schemaValidate(is);
+
+ is = tcl.getResourceAsStream("config/securityConfig5.xml");
+ parser.parse2(is);
+
+ TestSecurityConfig5.validateJAASConfiguration();
+ TestSecurityConfig5.validateJASPIConfiguration();
+ TestSecurityConfig5.validateCompleteConfiguration();
+ TestSecurityConfig5.validateApplicationPolicyExtension();
+ }
+
+ public void testIdentityTrustConfig() throws Exception
+ {
+ Configuration.setConfiguration(StandaloneConfiguration.getInstance());
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream is = tcl.getResourceAsStream("config/identitytrust-config.xml");
+ StaxBasedConfigParser parser = new StaxBasedConfigParser();
+ parser.schemaValidate(is);
+
+ is = tcl.getResourceAsStream("config/identitytrust-config.xml");
+ parser.parse2(is);
+
+ TestIdentityTrustConfig.testConfJavaEE();
+ }
+
+ private static ApplicationPolicy getApplicationPolicy(String domainName)
+ {
+ Configuration config = Configuration.getConfiguration();
+ if(config instanceof ApplicationPolicyRegistration == false)
+ throw new RuntimeException("Config is not of type ApplicationPolicyRegistration");
+
+ ApplicationPolicyRegistration apr = (ApplicationPolicyRegistration) config;
+ return apr.getApplicationPolicy(domainName);
+ }
+
+ // Internal class to represent the securityConfig5.xml validation
+ private static class TestSecurityConfig5
+ {
+ public static void validateJAASConfiguration()
+ {
+ ApplicationPolicy jaasConfig = getApplicationPolicy("conf-jaas");
+ BaseAuthenticationInfo authInfo = jaasConfig.getAuthenticationInfo();
+ List<?> entries = authInfo.getModuleEntries();
+ assertEquals("Number of entries = 2", 2, entries.size());
+
+ // First Entry
+ Object entry = entries.get(0);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
+ AppConfigurationEntry ace = (AppConfigurationEntry) entry;
+ assertEquals("LM Name", "org.jboss.test.TestLoginModule", ace.getLoginModuleName());
+ assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
+ Map<String, ?> aceOptions = ace.getOptions();
+ assertEquals("Number of options = 3", 3, aceOptions.size());
+ assertEquals("name=1.1", "1.1", aceOptions.get("name"));
+ assertEquals("succeed=true", "true", aceOptions.get("succeed"));
+ assertEquals("throwEx=false", "false", aceOptions.get("throwEx"));
+
+ // Second Entry
+ entry = entries.get(1);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
+ ace = (AppConfigurationEntry) entry;
+ assertEquals("LM Name", "org.jboss.test.TestLoginModule2", ace.getLoginModuleName());
+ assertEquals("Optional expected", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, ace.getControlFlag());
+ aceOptions = ace.getOptions();
+ assertEquals("Number of options = 4", 4, aceOptions.size());
+ assertEquals("name=1.2", "1.2", aceOptions.get("name"));
+ assertEquals("succeed=false", "false", aceOptions.get("succeed"));
+ assertEquals("throwEx=true", "true", aceOptions.get("throwEx"));
+ assertEquals("dummy=d", "d", aceOptions.get("dummy"));
+
+ }
+
+ public static void validateJASPIConfiguration()
+ {
+ ApplicationPolicy jaspiConfig = getApplicationPolicy("conf-jaspi");
+ BaseAuthenticationInfo authInfo = jaspiConfig.getAuthenticationInfo();
+ List<?> entries = authInfo.getModuleEntries();
+ assertEquals("Number of entries = 2", 2, entries.size());
+
+ // First Entry
+ Object entry = entries.get(0);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
+ AuthModuleEntry ace = (AuthModuleEntry) entry;
+ assertEquals("LM Name", "TestAuthModule", ace.getAuthModuleName());
+ assertEquals("Required", ControlFlag.REQUIRED, ace.getControlFlag());
+ Map<String, ?> aceOptions = ace.getOptions();
+ assertEquals("Number of options = 3", 3, aceOptions.size());
+ assertEquals("usersProperties=u", "u", aceOptions.get("usersProperties"));
+ assertEquals("rolesProperties=r", "r", aceOptions.get("rolesProperties"));
+ assertEquals("unauthenticatedIdentity=anonymous", "anonymous", aceOptions.get("unauthenticatedIdentity"));
+
+ // Second Entry
+ entry = entries.get(1);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AuthModuleEntry);
+ ace = (AuthModuleEntry) entry;
+ assertEquals("LM Name", "TestAuthModule2", ace.getAuthModuleName());
+ assertEquals("Required", ControlFlag.REQUIRED, ace.getControlFlag());
+ aceOptions = ace.getOptions();
+ assertEquals("Number of options = 0", 0, aceOptions.size());
+ LoginModuleStackHolder lmsh = ace.getLoginModuleStackHolder();
+ assertEquals("lm-stack", "lm-stack", lmsh.getName());
+ AppConfigurationEntry[] appEntries = lmsh.getAppConfigurationEntry();
+ assertEquals("App Entries in LMSH=1", 1, appEntries.length);
+
+ Object appEntry = appEntries[0];
+ assertTrue("Entry instanceof AppConfigurationEntry", appEntry instanceof AppConfigurationEntry);
+ AppConfigurationEntry appace = (AppConfigurationEntry) appEntry;
+ assertEquals("LM Name", "org.jboss.security.auth.spi.UsersRolesLoginModule", appace.getLoginModuleName());
+ assertEquals("Optional", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, appace.getControlFlag());
+ Map<String, ?> appaceOptions = appace.getOptions();
+ assertEquals("Number of options = 3", 3, appaceOptions.size());
+ assertEquals("usersProperties=u", "u", appaceOptions.get("usersProperties"));
+ assertEquals("rolesProperties=r", "r", appaceOptions.get("rolesProperties"));
+ assertEquals("unauthenticatedIdentity=anonymous", "anonymous", appaceOptions.get("unauthenticatedIdentity"));
+ }
+
+ public static void validateCompleteConfiguration()
+ {
+ ApplicationPolicy completeConfig = getApplicationPolicy("conf-complete");
+ BaseAuthenticationInfo authInfo = completeConfig.getAuthenticationInfo();
+ List<?> entries = authInfo.getModuleEntries();
+ assertEquals("Number of entries = 1", 1, entries.size());
+
+ // First Entry
+ Object entry = entries.get(0);
+ assertTrue("Entry instanceof AppConfigurationEntry", entry instanceof AppConfigurationEntry);
+ AppConfigurationEntry ace = (AppConfigurationEntry) entry;
+ assertEquals("LM Name", "org.jboss.test.TestLoginModule", ace.getLoginModuleName());
+ assertEquals("Required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ace.getControlFlag());
+ Map<String, ?> aceOptions = ace.getOptions();
+ assertEquals("Number of options = 3", 3, aceOptions.size());
+ assertEquals("name=1.1", "1.1", aceOptions.get("name"));
+ assertEquals("succeed=true", "true", aceOptions.get("succeed"));
+ assertEquals("throwEx=false", "false", aceOptions.get("throwEx"));
+
+ // Authorization
+ AuthorizationInfo authzInfo = completeConfig.getAuthorizationInfo();
+ assertNotNull("AuthorizationInfo is not null", authzInfo);
+ AuthorizationModuleEntry[] authzEntries = authzInfo.getAuthorizationModuleEntry();
+ assertEquals("Length of authorization entries = 1", 1, authzEntries.length);
+ AuthorizationModuleEntry authzEntry = authzEntries[0];
+ assertEquals("TestPolicyModule", "org.jboss.test.TestPolicyModule", authzEntry.getPolicyModuleName());
+ assertEquals("Required", ControlFlag.REQUIRED, authzEntry.getControlFlag());
+ Map<String, ?> authzoptions = authzEntry.getOptions();
+ assertEquals("Number of options = 2", 2, authzoptions.size());
+ assertEquals("name=authz", "authz", authzoptions.get("name"));
+ assertEquals("succeed=true", "true", authzoptions.get("succeed"));
+
+ // ACL (instance-based authorization)
+ ACLInfo aclInfo = completeConfig.getAclInfo();
+ assertNotNull("Unexpected null ACLInfo found", aclInfo);
+ ACLProviderEntry[] aclEntries = aclInfo.getACLProviderEntry();
+ assertNotNull("Unexpected null set of acl entries", aclEntries);
+ assertEquals("Invalid number of acl entries", 2, aclEntries.length);
+ // first entry should be org.jboss.security.authz.ACLModule1.
+ Assert.assertEquals("org.jboss.security.authz.ACLModule1", aclEntries[0].getAclProviderName());
+ Assert.assertEquals("REQUIRED", aclEntries[0].getControlFlag().toString());
+ Map<String, ?> options = aclEntries[0].getOptions();
+ Assert.assertNotNull("Unexpected null options map", options);
+ Assert.assertTrue("Option aclOption1 was not found", options.containsKey("aclOption1"));
+ Assert.assertEquals("value1", options.get("aclOption1"));
+ Assert.assertTrue("Option aclOption2 was not found", options.containsKey("aclOption2"));
+ Assert.assertEquals("value2", options.get("aclOption2"));
+ // second entry should be the org.jboss.security.authz.ACLModule2.
+ Assert.assertEquals("org.jboss.security.authz.ACLModule2", aclEntries[1].getAclProviderName());
+ Assert.assertEquals("REQUIRED", aclEntries[1].getControlFlag().toString());
+ options = aclEntries[1].getOptions();
+ Assert.assertNotNull("Unexpected null options map", options);
+ Assert.assertTrue("Option aclOption3 was not found", options.containsKey("aclOption3"));
+ Assert.assertEquals("value3", options.get("aclOption3"));
+ Assert.assertTrue("Option aclOption4 was not found", options.containsKey("aclOption4"));
+ Assert.assertEquals("value4", options.get("aclOption4"));
+
+ // Mapping
+ MappingInfo mappingInfo = completeConfig.getMappingInfo(MappingType.PRINCIPAL.toString());
+ assertNotNull("MappingInfo is not null", mappingInfo);
+ MappingModuleEntry[] mappingEntries = mappingInfo.getMappingModuleEntry();
+ assertEquals("Invalid number of entries", 1, mappingEntries.length);
+ MappingModuleEntry mappingEntry = mappingEntries[0];
+ assertEquals("org.jboss.test.mapping.MappingModule1", mappingEntry.getMappingModuleName());
+ Map<String, ?> mappingOptions = mappingEntry.getOptions();
+ assertEquals("Invalid number of options", 1, mappingOptions.size());
+ Assert.assertTrue("Option option1 was not found", mappingOptions.containsKey("option1"));
+ assertEquals("value1", mappingOptions.get("option1"));
+
+ // Role Mapping
+ mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
+ assertNotNull("MappingInfo is not null", mappingInfo);
+ MappingModuleEntry[] mmearr = mappingInfo.getMappingModuleEntry();
+ assertEquals("Mapping entry length=1", 1, mmearr.length);
+ MappingModuleEntry mme = mmearr[0];
+ assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
+ Map<String, ?> mmOptions = mme.getOptions();
+ assertEquals("Number of options = 2", 2, mmOptions.size());
+ assertEquals("name=rolemap", "rolemap", mmOptions.get("name"));
+ assertEquals("succeed=true", "true", mmOptions.get("succeed"));
+
+ // Audit
+ AuditInfo ai = completeConfig.getAuditInfo();
+ assertNotNull("AuditInfo", ai);
+ AuditProviderEntry[] apelist = ai.getAuditProviderEntry();
+ assertEquals("Audit entry length=1", 1, apelist.length);
+ AuditProviderEntry ape = apelist[0];
+ assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
+ Map<String, ?> auditOptions = ape.getOptions();
+ assertEquals("Number of options = 2", 2, auditOptions.size());
+ assertEquals("name=auditprovider", "auditprovider", auditOptions.get("name"));
+ assertEquals("succeed=false", "false", auditOptions.get("succeed"));
+
+ // Identity Trust
+ IdentityTrustInfo iti = completeConfig.getIdentityTrustInfo();
+ assertNotNull("IdentityTrustInfo", iti);
+ IdentityTrustModuleEntry[] itilist = iti.getIdentityTrustModuleEntry();
+ assertEquals("IdentityTrustModuleEntry length=1", 1, itilist.length);
+ IdentityTrustModuleEntry itie = itilist[0];
+ assertEquals("TestMappingModule", "org.jboss.test.TestMappingModule", mme.getMappingModuleName());
+ Map<String, ?> itieOptions = itie.getOptions();
+ assertEquals("Number of options = 3", 3, itieOptions.size());
+ assertEquals("name=trustprovider", "trustprovider", itieOptions.get("name"));
+ assertEquals("succeed=true", "true", itieOptions.get("succeed"));
+ assertEquals("dummy=dr", "dr", itieOptions.get("dummy"));
+ }
+
+ public static void validateApplicationPolicyExtension()
+ {
+ ApplicationPolicy completeConfig = getApplicationPolicy("conf-jaas-extend");
+ assertNotNull("conf-jaas-extend is not null", completeConfig);
+ BaseAuthenticationInfo bai = completeConfig.getAuthenticationInfo();
+ assertNotNull("BaseAuthenticationInfo is not null", bai);
+ assertEquals("3 login modules", 3, bai.getModuleEntries().size());
+
+ // Authorization
+ AuthorizationInfo azi = completeConfig.getAuthorizationInfo();
+ assertNotNull("AuthorizationInfo is not null", azi);
+ assertEquals("3 authz modules", 3, azi.getModuleEntries().size());
+
+ // ACL
+ ACLInfo aclInfo = completeConfig.getAclInfo();
+ assertNotNull("Unexpected null ACLInfo", aclInfo);
+ assertEquals("Unexpected number of acl modules", 3, aclInfo.getModuleEntries().size());
+
+ // Role Mapping
+ MappingInfo mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
+ assertNotNull("MappingInfo is not null", mappingInfo);
+ // we expect 2 modules because one has been configured as a mapping of type "role"
+ assertEquals("2 map modules", 2, mappingInfo.getModuleEntries().size());
+
+ // Mapping
+ mappingInfo = completeConfig.getMappingInfo(MappingType.PRINCIPAL.toString());
+ assertNotNull("MappingInfo is not null", mappingInfo);
+ MappingModuleEntry[] mappingEntries = mappingInfo.getMappingModuleEntry();
+ assertEquals("Invalid number of entries", 2, mappingEntries.length);
+ assertEquals("org.jboss.test.mapping.MappingModule1", mappingEntries[0].getMappingModuleName());
+ assertEquals("org.jboss.test.mapping.MappingModule3", mappingEntries[1].getMappingModuleName());
+ // same test as above: we expect 2 role-mapping modules: 1 from rolemapping and 1 from mapping with type "role".
+ mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
+ assertNotNull("MappingInfo is not null", mappingInfo);
+ mappingEntries = mappingInfo.getMappingModuleEntry();
+ assertEquals("Invalid number of entries", 2, mappingEntries.length);
+ assertEquals("org.jboss.test.TestMappingModule", mappingEntries[0].getMappingModuleName());
+ assertEquals("org.jboss.test.mapping.MappingModule2", mappingEntries[1].getMappingModuleName());
+
+ // Audit
+ AuditInfo ai = completeConfig.getAuditInfo();
+ assertNotNull("AuditInfo", ai);
+ AuditProviderEntry[] apelist = ai.getAuditProviderEntry();
+ assertEquals("Audit entry length=1", 1, apelist.length);
+
+ // Identity Trust
+ IdentityTrustInfo iti = completeConfig.getIdentityTrustInfo();
+ assertNotNull("IdentityTrustInfo", iti);
+ IdentityTrustModuleEntry[] itilist = iti.getIdentityTrustModuleEntry();
+ assertEquals("IdentityTrustModuleEntry length=1", 1, itilist.length);
+
+ // JASPI authentication policy extension
+ ApplicationPolicy jaspiPolicy = getApplicationPolicy("conf-jaspi-extend");
+ assertNotNull("Unexpected null conf-jaspi-extend application policy", jaspiPolicy);
+ BaseAuthenticationInfo authInfo = jaspiPolicy.getAuthenticationInfo();
+ assertNotNull("Unexpected null jaspi configuration", authInfo);
+ List<?> entries = authInfo.getModuleEntries();
+ assertEquals("Invalid number of auth modules", 3, entries.size());
+ }
+ } //End class TestSecurityConfig5
+
+
+ //Validate the identitytrust-config.xml
+ private static class TestIdentityTrustConfig
+ {
+ public static void testConfJavaEE()
+ {
+ ApplicationPolicy javaeeConfig = getApplicationPolicy("conf-javaee");
+ IdentityTrustInfo identityTrust = javaeeConfig.getIdentityTrustInfo();
+ assertNotNull("IdentityTrustInfo", identityTrust);
+
+ IdentityTrustModuleEntry[] itilist = identityTrust.getIdentityTrustModuleEntry();
+ assertEquals("IdentityTrustModuleEntry length=1", 1, itilist.length);
+
+ IdentityTrustModuleEntry itme = itilist[0];
+ assertEquals("org.jboss.security.identitytrust.modules.JavaEETrustModule", itme.getName());
+ }
+ }
+
+}
\ No newline at end of file
Added: trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/mapping/LdapAttributeMappingProvider2UnitTestCase.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/mapping/LdapAttributeMappingProvider2UnitTestCase.java (rev 0)
+++ trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/mapping/LdapAttributeMappingProvider2UnitTestCase.java 2011-01-29 13:46:01 UTC (rev 160)
@@ -0,0 +1,131 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.mapping;
+
+import java.io.File;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+
+import javax.security.auth.login.Configuration;
+
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextFactory;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.security.config.parser.StaxBasedConfigParser;
+import org.jboss.security.identity.Attribute;
+import org.jboss.security.mapping.MappingContext;
+import org.jboss.security.mapping.MappingManager;
+import org.jboss.security.mapping.MappingType;
+import org.jboss.test.security.ldap.OpenDSUnitTestsAdapter;
+
+/**
+ * LdapAttributeMappingProvider tests
+ * @author Anil.Saldhana at redhat.com
+ */
+public class LdapAttributeMappingProvider2UnitTestCase extends OpenDSUnitTestsAdapter
+{
+ public static Test suite() throws Exception
+ {
+ TestSuite suite = new TestSuite();
+ suite.addTest(new LdapAttributeMappingProvider2UnitTestCase("testLDAPAttributes"));
+ return suite;
+ }
+
+ public LdapAttributeMappingProvider2UnitTestCase(String name)
+ {
+ super(name);
+ }
+
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ XMLLoginConfigImpl xmlLogin = XMLLoginConfigImpl.getInstance();
+ Configuration.setConfiguration(xmlLogin);
+
+ ApplicationPolicy ap = new ApplicationPolicy("test");
+ SecurityConfiguration.addApplicationPolicy(ap);
+
+ //Let us add the ldapAttributes.ldif
+ String fileName = targetDir + "ldap" + fs + "ldapAttributes.ldif";
+ boolean op = util.addLDIF(serverHost, port, adminDN, adminPW, new File(fileName).toURI().toURL());
+ assertTrue(op);
+ }
+
+ public void testLDAPAttributes() throws Exception
+ {
+ StaxBasedConfigParser parser = new StaxBasedConfigParser();
+ parser.parse2(Thread.currentThread().getContextClassLoader().getResourceAsStream("ldap/ldap-attributes-config.xml"));
+
+ SecurityContext sc = SecurityContextFactory.createSecurityContext("test");
+ MappingManager mm = sc.getMappingManager();
+ assertNotNull("MappingManager != null", mm);
+
+ MappingContext<List<Attribute<String>>> mc = mm.getMappingContext(MappingType.ATTRIBUTE.name());
+ assertNotNull("MappingContext != null", mc);
+ assertEquals("1 module", 1,mc.getModules().size());
+ HashMap<String,Object> map = new HashMap<String,Object>();
+
+ map.put(SecurityConstants.PRINCIPAL_IDENTIFIER, new SimplePrincipal("jduke"));
+
+ List<Attribute<String>> attList = new ArrayList<Attribute<String>>();
+
+ mc.performMapping(map, attList);
+ attList = (List<Attribute<String>>) mc.getMappingResult().getMappedObject();
+
+ boolean foundEmail = false;
+ boolean foundEmployeeType = false;
+ boolean foundEmployeeNumber = false;
+
+ assertNotNull("Attribute List is not null?", attList);
+
+ for(Attribute<String> att: attList)
+ {
+ String attName = att.getName();
+ if(attName.equals(Attribute.TYPE.EMAIL_ADDRESS.get()))
+ {
+ assertEquals("theduke at somecastle.man",att.getValue());
+ foundEmail = true;
+ }
+ if(attName.equals("employeeType"))
+ {
+ assertEquals("permanent",att.getValue());
+ foundEmployeeType = true;
+ }
+ if(attName.equals("employeeNumber"))
+ {
+ assertEquals("007",att.getValue());
+ foundEmployeeNumber = true;
+ }
+ }
+ assertTrue("Found Email", foundEmail);
+ assertTrue("Found Emp Type", foundEmployeeType);
+ assertTrue("Found Emp Number", foundEmployeeNumber);
+ }
+}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list