Author: vtence
Date: Mon Nov 15 16:25:37 2004
New Revision: 73655
Added:
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/CyclicAssociationException.java
Modified:
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/AttributeProvider.java
incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authentication/attribute/AttributeProviderTest.java
Log:
Attributes can now be inherited - this should be enough to be functional
Modified:
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/AttributeProvider.java
==============================================================================
---
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/AttributeProvider.java
(original)
+++
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/AttributeProvider.java
Mon Nov 15 16:25:37 2004
@@ -23,6 +23,7 @@
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
+import java.util.Iterator;
import java.util.Map;
public class AttributeProvider implements InformationProvider
@@ -44,19 +45,52 @@
Principal[] principals = ( Principal[] ) s.getPrincipals().toArray(
new Principal[s.getPrincipals().size()] );
for ( int i = 0; i < principals.length; i++ )
{
- Principal p = principals[i];
- s.getPrincipals().addAll( attributes( p ) );
+ final Principal p = principals[i];
+ fillWithAttributes( s.getPrincipals(), p );
}
}
public boolean addAllAttributes( Principal principal, Collection
attributes )
{
- return attributes( principal ).addAll( attributes );
+ boolean modified = false;
+ for ( Iterator it = attributes.iterator(); it.hasNext(); )
+ {
+ Principal attribute = ( Principal ) it.next();
+ modified |= addAttribute( principal, attribute );
+ }
+
+ return modified;
}
public boolean addAttribute( Principal principal, Principal attribute )
{
+ detectCyclicAssociation( attribute, principal );
return attributes( principal ).add( attribute );
+ }
+
+ private void detectCyclicAssociation( Principal attribute, Principal
principal )
+ {
+ Collection attributes = getAllAttributes( attribute );
+ if ( attributes.contains( principal ) ) throw new
CyclicAssociationException( principal, attribute );
+ }
+
+ private Collection getAllAttributes( Principal principal )
+ {
+ final Collection attributes = new HashSet();
+ fillWithAttributes( attributes, principal );
+ return attributes;
+ }
+
+ private void fillWithAttributes( Collection principals, Principal p )
+ {
+ final Collection attributes = attributes( p );
+
+ for ( Iterator it = attributes.iterator(); it.hasNext(); )
+ {
+ Principal attribute = ( Principal ) it.next();
+ principals.add( attribute );
+ fillWithAttributes( principals, attribute );
+ }
}
private Collection attributes( Principal principal )
Added:
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/CyclicAssociationException.java
==============================================================================
--- (empty file)
+++
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/CyclicAssociationException.java
Mon Nov 15 16:25:37 2004
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.janus.authentication.attribute;
+
+import java.security.Principal;
+
+public class CyclicAssociationException extends RuntimeException
+{
+ private final Principal m_principal;
+ private final Principal m_attribute;
+
+ public CyclicAssociationException( Principal principal, Principal
attribute )
+ {
+ m_principal = principal;
+ m_attribute = attribute;
+ }
+
+ public String getMessage()
+ {
+ final StringBuffer sb = new StringBuffer();
+ sb.append( "Cyclic association detected between [" ).append(
m_principal ).append( "] and [" ).append( m_attribute ).append( "]" );
+ return sb.toString();
+ }
+
+ public Principal getPrincipal()
+ {
+ return m_principal;
+ }
+
+ public Principal getAttribute()
+ {
+ return m_attribute;
+ }
+}
Modified:
incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authentication/attribute/AttributeProviderTest.java
==============================================================================
---
incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authentication/attribute/AttributeProviderTest.java
(original)
+++
incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authentication/attribute/AttributeProviderTest.java
Mon Nov 15 16:25:37 2004
@@ -21,7 +21,6 @@
import org.apache.janus.testmodel.Groups;
import org.apache.janus.testmodel.Subjects;
import org.apache.janus.testmodel.Usernames;
-import org.apache.janus.authentication.group.GroupPrincipal;
import javax.security.auth.Subject;
import java.security.Principal;
@@ -38,10 +37,6 @@
m_provider = new AttributeProvider();
}
- /**
- * o population traverses entire graph of associations
- */
-
public void testPopulatesSubjectWithAttributesOfSubjectPrincipal()
{
Collection groups = Arrays.asList( new Principal[] { Groups.geeks(),
Groups.men() });
@@ -54,7 +49,6 @@
public void testLooksAtAllSubjectPrincipalsWhenPopulating()
{
- m_provider = new AttributeProvider();
m_provider.addAttribute( Usernames.joe(), Groups.geeks() );
m_provider.addAttribute( Groups.canadians(), Groups.men() );
@@ -67,7 +61,6 @@
public void testPrincipalHasNoAttributeByDefault()
{
- m_provider = new AttributeProvider();
Subject joe = Subjects.joe();
m_provider.populate( joe );
@@ -78,7 +71,6 @@
public void testDuplicateAttributesAreIgnored()
{
- m_provider = new AttributeProvider();
assertTrue( m_provider.addAttribute( Usernames.joe(), Groups.geeks() )
);
assertFalse( m_provider.addAttribute( Usernames.joe(), Groups.geeks()
) );
@@ -88,5 +80,33 @@
Collection expectedPrincipals = Collections.singleton( Groups.geeks()
);
Collection actualPrincipals = joe.getPrincipals( GroupPrincipal.class
);
assertTrue( CollectionUtils.isEqualCollection( expectedPrincipals,
actualPrincipals ) );
+ }
+
+ public void testAttributesAreInheritedFromOtherAttributes()
+ {
+ m_provider.addAttribute( Usernames.joe(), Groups.canadians() );
+ m_provider.addAttribute( Groups.canadians(), Groups.geeks() );
+ m_provider.addAttribute( Groups.geeks(), Groups.men() );
+
+ Subject joe = Subjects.joe();
+ m_provider.populate( joe );
+
+ Collection expectedPrincipals = Arrays.asList( new Principal[] {
Groups.canadians(), Groups.geeks(), Groups.men() } );
+ assertTrue( CollectionUtils.isSubCollection( expectedPrincipals,
joe.getPrincipals()));
+ }
+
+ public void testForbidsCyclicAttributesAssociations()
+ {
+ m_provider.addAttribute( Groups.canadians(), Groups.men() );
+ m_provider.addAttribute( Groups.men(), Groups.geeks() );
+ try
+ {
+ m_provider.addAttribute( Groups.geeks(), Groups.canadians() );
+ fail("Cyclic associations are allowed");
+ }
+ catch ( CyclicAssociationException e )
+ {
+ assertTrue( true );
+ }
}
}
