User: stark
Date: 01/02/12 01:29:39
Added: security/src/main/org/jboss/test/security/test
AppCallbackHandler.java Main.java Main2.java
NamespacePermission.java
NamespacePermissionCollection.java
PermissionName.java ProjRepositoryMain.java
StatelessSessionClient.java
TstNamespacePermissions.java TstSRPLogin.java
TstTimedCache.java
Log:
Tests of the security proxy layer and custom JAAS security
Revision Changes Path
1.1
contrib/security/src/main/org/jboss/test/security/test/AppCallbackHandler.java
Index: AppCallbackHandler.java
===================================================================
package org.jboss.test.security.test;
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
/**
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class AppCallbackHandler implements CallbackHandler
{
private String username;
private char[] password;
public AppCallbackHandler(String username, char[] password)
{
this.username = username;
this.password = password;
}
public void handle(Callback[] callbacks) throws
IOException, UnsupportedCallbackException
{
for(int i = 0; i < callbacks.length; i++)
{
if (callbacks[i] instanceof NameCallback)
{
NameCallback nc = (NameCallback) callbacks[i];
nc.setName(username);
}
else if(callbacks[i] instanceof PasswordCallback)
{
PasswordCallback pc = (PasswordCallback) callbacks[i];
pc.setPassword(password);
}
else
{
throw new UnsupportedCallbackException(callbacks[i], "Unrecognized
Callback");
}
}
}
}
1.1 contrib/security/src/main/org/jboss/test/security/test/Main.java
Index: Main.java
===================================================================
package org.jboss.test.security.test;
import java.io.FilePermission;
import java.net.URL;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import javax.security.auth.Subject;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.SecurityPolicy;
import org.jboss.security.SecurityPolicyParser;
/** Simple test of the SecurityPolicyParser class.
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class Main
{
static void tstParser()
{
try
{
String policyName = "tst-policy.xml";
URL policyURL = Main2.class.getClassLoader().getResource(policyName);
System.out.println("policyName "+policyName+" -> "+policyURL);
SecurityPolicyParser policyStore = new SecurityPolicyParser(policyURL);
SecurityPolicy policy = new SecurityPolicy(policyStore);
policy.refresh();
Subject subject = new Subject();
subject.getPrincipals().add(new SimplePrincipal("starksm"));
CodeSource cs = new CodeSource(null, null);
PermissionCollection perms = policy.getPermissions(subject, cs);
System.out.println(perms);
Permission p = new FilePermission("D:\\Scott", "read");
boolean implied = perms.implies(p);
System.out.println("Granted: "+p+" -> "+implied);
p = new FilePermission("D:\\Scott\\", "read");
System.out.println("Granted: "+p+" -> "+perms.implies(p));
p = new FilePermission("/Scott/.bashrc", "read");
System.out.println("Granted: "+p+" -> "+perms.implies(p));
p = new FilePermission("/Scott/.bashrc", "read,write");
System.out.println("Granted: "+p+" -> "+perms.implies(p));
p = new FilePermission("/Scott/.bashrc", "delete");
System.out.println("Granted: "+p+" -> "+perms.implies(p));
}
catch(Exception e)
{
e.printStackTrace();
}
}
/**
* @param args the command line arguments
*/
public static void main(String args[])
{
tstParser();
}
}
1.1
contrib/security/src/main/org/jboss/test/security/test/Main2.java
Index: Main2.java
===================================================================
package org.jboss.test.security.test;
import java.net.URL;
import java.util.Map;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.util.PropertyPermission;
import javax.security.auth.Policy;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.SecurityPolicy;
import org.jboss.security.SecurityPolicyParser;
/** Tests of the SecurityPolicy custom Policy and Configuration behavior
as well as some performance tests.
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class Main2
{
static final int N = 10000;
public static void main(String args[])
{
try
{
System.setErr(System.out);
init(args[0]);
if( args.length == 2 && args[1].equals("-t") )
{
timing1();
timing2();
timing3();
timing4();
}
else
{
run();
}
}
catch(Exception e)
{
e.printStackTrace(System.out);
}
}
static void init(String policyName) throws Exception
{
// Create a subject security policy
System.out.println("java.class.path =
"+System.getProperty("java.class.path"));
URL policyURL = Main2.class.getClassLoader().getResource(policyName);
System.out.println("policyName "+policyName+" -> "+policyURL);
SecurityPolicyParser policyStore = new SecurityPolicyParser(policyURL);
SecurityPolicy policy = new SecurityPolicy(policyStore);
policy.refresh();
Policy.setPolicy(policy);
Configuration.setConfiguration(policy.getLoginConfiguration());
}
static void run() throws Exception
{
LoginContext lc = new LoginContext("test-domain");
lc.login();
Subject subject = lc.getSubject();
System.out.println("Subject="+subject);
SecurityPolicy.setActiveApp("test-domain");
CodeSource cs = new CodeSource(null, null);
System.out.println(Policy.getPolicy().getPermissions(subject, cs));
ProtectionDomain pd = Main2.class.getProtectionDomain();
cs = pd.getCodeSource();
System.out.println(Policy.getPolicy().getPermissions(subject, cs));
Subject.doAsPrivileged(subject, new PrivilegedAction()
{
public Object run()
{
SecurityDelegate.accessProject("Project1", "r---");
SecurityDelegate.accessProject("Project1", "rw--");
SecurityDelegate.accessProject("Project1", "rw-d");
SecurityDelegate.accessProject("Project1/Documents/Private",
"rwxd");
SecurityDelegate.accessProject("Project1/Documents/Public",
"r---");
SecurityDelegate.accessProject("Project1/Documents/Public/readme.html", "r---");
SecurityDelegate.accessProject("Project1/Documents/Public/readme.html", "rw--");
return null;
}
},
null
);
}
/** The code that executes the custom permission check needs to be in a
separate class so that we can jar it up to create a codesource separate
from the codesource in which tstCustomPolicy2.main comes.
*/
static class SecurityDelegate
{
static void accessProject(String path, String action)
{
System.out.println("+++ Begin SecurityDelegate.accessProject path:
"+path+" action: "+action);
Permission p = new NamespacePermission(path, action);
try
{
System.out.println("--- checkPermission: "+p);
AccessController.checkPermission(p);
System.out.println("Allowed access to: "+path+" for: "+action);
}
catch(SecurityException e)
{
System.out.println("Denied access to: "+path+" for: "+action);
}
try
{ // Try a Java2 permission check that should fail for everyone
p = new PropertyPermission("java.class.path", "write");
AccessController.checkPermission(p);
System.out.println("--- IllegalState, access allowed for: "+p);
}
catch(SecurityException e)
{
}
System.out.println("+++ End SecurityDelegate.accessProject");
}
}
static final void accessProject(String path, String action, boolean
checkPermission, boolean customPerm)
{
Permission p = null;
if( customPerm )
p = new NamespacePermission(path, action);
else
p = new RuntimePermission("exitVM");
if( checkPermission )
{
//System.out.println("+++ accessProject path: "+path+" action:
"+action);
try
{
//System.out.println("--- checkPermission: "+p);
AccessController.checkPermission(p);
//System.out.println("Allowed access to: "+path+" for: "+action);
}
catch(SecurityException e)
{
//System.out.println("Denied access to: "+path+" for: "+action);
}
}
}
static void timing1()
{
long start = System.currentTimeMillis();
for(int n = 0; n < N; n ++)
accessProject("Project1", "rw-d", false, false);
long end = System.currentTimeMillis();
System.out.println("timing1: No permissions, time="+(end - start));
}
static void timing2()
{
long start = System.currentTimeMillis();
for(int n = 0; n < N; n ++)
accessProject("Project1", "rw-d", true, false);
long end = System.currentTimeMillis();
System.out.println("timing2: Java2 permissions, time="+(end - start));
}
static void timing3() throws LoginException
{
LoginContext lc = new LoginContext("test");
long start = System.currentTimeMillis();
for(int n = 0; n < N; n ++)
{
lc.login();
Subject subject = lc.getSubject();
Subject.doAsPrivileged(subject, new PrivilegedAction()
{
public Object run()
{
accessProject("Project1", "rw-d", true, true);
return null;
}
},
null
);
lc.logout();
}
long end = System.currentTimeMillis();
System.out.println("timing3: JAAS permissions, time="+(end - start));
}
static void timing4() throws LoginException
{
LoginContext lc = new LoginContext("test");
long start = System.currentTimeMillis();
lc.login();
Subject subject = lc.getSubject();
for(int n = 0; n < N; n ++)
{
Subject.doAsPrivileged(subject, new PrivilegedAction()
{
public Object run()
{
accessProject("Project1", "rw-d", true, true);
return null;
}
},
null
);
}
lc.logout();
long end = System.currentTimeMillis();
System.out.println("timing4: JAAS permissions, time="+(end - start));
}
}
1.1
contrib/security/src/main/org/jboss/test/security/test/NamespacePermission.java
Index: NamespacePermission.java
===================================================================
package org.jboss.test.security.test;
import java.security.BasicPermission;
import java.security.Permission;
import java.security.PermissionCollection;
import javax.naming.Name;
/**
*
* @author [EMAIL PROTECTED]
* @version
*/
public class NamespacePermission extends BasicPermission
{
private PermissionName fullName;
private String actions;
/** Creates new NamespacePermission */
public NamespacePermission(String name, String actions)
{
super(name, actions);
this.actions = actions;
fullName = new PermissionName(name);
}
public NamespacePermission(Name name, String actions)
{
super(name.toString(), actions);
this.actions = actions;
fullName = new PermissionName(name);
}
public String getActions()
{
return actions;
}
public PermissionName getFullName()
{
return fullName;
}
public boolean implies(Permission p)
{
String pactions = p.getActions();
boolean implied = true;
for(int n = 0; n < actions.length(); n ++)
{
char a = actions.charAt(n);
char pa = pactions.charAt(n);
if( (a != '-' && pa != '-' && pa != a) )
{
implied = false;
break;
}
else if( a == '-' && pa != '-' )
{
implied = false;
break;
}
}
return implied;
}
public PermissionCollection newPermissionCollection()
{
return new NamespacePermissionCollection();
}
}
1.1
contrib/security/src/main/org/jboss/test/security/test/NamespacePermissionCollection.java
Index: NamespacePermissionCollection.java
===================================================================
package org.jboss.test.security.test;
import java.security.Permission;
import java.security.PermissionCollection;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Set;
import java.util.SortedMap;
import java.util.TreeMap;
/** The PermissionCollection object for NamespacePermissions.
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class NamespacePermissionCollection extends PermissionCollection
{
private TreeMap namespacePerms = new TreeMap();
private TreeMap namespaceKeys = new TreeMap(new
PermissionName.NameLengthComparator());
/** Creates new NamespacePermission */
public NamespacePermissionCollection()
{
}
public void add(Permission permission)
{
if( this.isReadOnly() )
throw new SecurityException("Cannot add permission to read-only
collection");
if( (permission instanceof NamespacePermission) == false )
throw new IllegalArgumentException("Only NamespacePermission can be
added, invalid="+permission);
NamespacePermission np = (NamespacePermission) permission;
PermissionName key = np.getFullName();
ArrayList tmp = (ArrayList) namespacePerms.get(key);
if( tmp == null )
{
tmp = new ArrayList();
namespacePerms.put(key, tmp);
namespaceKeys.put(key, key);
}
tmp.add(np);
}
/** Locate the closest permissions assigned to the namespace. This is based
*on the viewing the permission name as a heirarchical PermissionName and
*/
public boolean implies(Permission permission)
{
boolean implies = false;
if( namespacePerms.isEmpty() == true )
return false;
NamespacePermission np = (NamespacePermission) permission;
// See if there is an exact permission for the name
PermissionName key = np.getFullName();
ArrayList tmp = (ArrayList) namespacePerms.get(key);
if( tmp == null )
{ // Find the closest parent position.
SortedMap headMap = namespacePerms.headMap(key);
try
{
PermissionName lastKey = (PermissionName) headMap.lastKey();
if( lastKey.isParent(key) == true )
tmp = (ArrayList) namespacePerms.get(lastKey);
else
{
Iterator keys = headMap.keySet().iterator();
while( keys.hasNext() )
{
lastKey = (PermissionName) keys.next();
if( lastKey.isParent(key) == true )
{
tmp = (ArrayList) namespacePerms.get(lastKey);
break;
}
}
}
}
catch(NoSuchElementException e)
{ // Assign the first permission
Object firstKey = namespacePerms.firstKey();
tmp = (ArrayList) namespacePerms.get(firstKey);
}
}
// See if the permission is implied by any we found
if( tmp != null )
implies = isImplied(tmp, np);
//System.out.println("NPC["+this+"].implies("+np+") -> "+implies);
return implies;
}
public Enumeration elements()
{
Set s = namespaceKeys.keySet();
final Iterator iter = s.iterator();
Enumeration elements = new Enumeration()
{
ArrayList activeEntry;
int index;
public boolean hasMoreElements()
{
boolean hasMoreElements = true;
if( activeEntry == null || index >= activeEntry.size() )
{
hasMoreElements = iter.hasNext();
activeEntry = null;
}
return hasMoreElements;
}
public Object nextElement()
{
Object next = null;
if( activeEntry == null )
{
Object key = iter.next();
activeEntry = (ArrayList) namespacePerms.get(key);
index = 0;
next = activeEntry.get(index ++);
}
else
{
next = activeEntry.get(index ++);
}
return next;
}
};
return elements;
}
private boolean isImplied(ArrayList permissions, NamespacePermission np)
{
boolean isImplied = false;
for(int p = 0; p < permissions.size(); p ++)
{
Permission perm = (Permission) permissions.get(p);
isImplied |= perm.implies(np);
if( isImplied == true )
break;
}
return isImplied;
}
}
1.1
contrib/security/src/main/org/jboss/test/security/test/PermissionName.java
Index: PermissionName.java
===================================================================
package org.jboss.test.security.test;
import java.io.Serializable;
import java.security.BasicPermission;
import java.util.Comparator;
import java.util.Properties;
import javax.naming.CompoundName;
import javax.naming.Name;
import javax.naming.NamingException;
/** A javax.naming.Name based key class used as the name attribute
by NamespacePermissions.
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class PermissionName implements Comparable, Serializable
{
/** The Properties used for the project directory heirarchical names */
static Name emptyName;
static Properties nameSyntax = new Properties();
static
{
nameSyntax.put("jndi.syntax.direction", "left_to_right");
nameSyntax.put("jndi.syntax.separator", "/");
try
{
emptyName = new CompoundName("", nameSyntax);
}
catch(NamingException e)
{
}
}
private Name name;
/** An alternate PermissionName comparator that first orders names by
length(longer names before shorter names) to ensure that the most
precise names are seen first.
*/
public static class NameLengthComparator implements Comparator
{
public int compare(Object o1, Object o2)
{
PermissionName p1 = (PermissionName) o1;
PermissionName p2 = (PermissionName) o2;
// if p1 is longer than p2, its < p2 -> < 0
int compare = p2.size() - p1.size();
if( compare == 0 )
compare = p1.compareTo(p2);
return compare;
}
}
/** Creates new NamespacePermission */
public PermissionName(String name) throws IllegalArgumentException
{
try
{
this.name = new CompoundName(name, nameSyntax);
}
catch(NamingException e)
{
throw new IllegalArgumentException(e.toString(true));
}
}
public PermissionName(Name name)
{
this.name = name;
}
public int compareTo(Object obj)
{
PermissionName pn = (PermissionName) obj;
/* Each level must be compared. The first level to not be equals
determines the ordering of the names.
*/
int compare = 0;
int length = Math.min(name.size(), pn.name.size());
for(int n = 0; compare == 0 && n < length; n ++)
{
String atom0 = name.get(n);
String atom1 = pn.name.get(n);
compare = atom0.compareTo(atom1);
}
// If compare is still 0, order shorter name before longer ones
if( compare == 0 )
compare = name.size() - pn.name.size();
return compare;
}
public boolean equals(Object obj)
{
return compareTo(obj) == 0;
}
public int hashCode()
{
return name.hashCode();
}
public int size()
{
return name.size();
}
public boolean isParent(PermissionName childName)
{
boolean isParent = childName.name.startsWith(name);
return isParent;
}
public String toString()
{
return name.toString();
}
}
1.1
contrib/security/src/main/org/jboss/test/security/test/ProjRepositoryMain.java
Index: ProjRepositoryMain.java
===================================================================
package org.jboss.test.security.test;
import java.rmi.RemoteException;
import javax.naming.InitialContext;
import javax.naming.directory.Attributes;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.transaction.TransactionRolledbackException;
import org.jboss.security.SimplePrincipal;
import org.jboss.test.security.test.ejbs.project.interfaces.ProjRepository;
import org.jboss.test.security.test.ejbs.project.interfaces.ProjRepositoryHome;
import org.jboss.test.security.test.ejbs.project.support.DefaultName;
/** The client driver for testing secure access to the ProjRepository bean.
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class ProjRepositoryMain
{
static void runAs(String username, char[] password)
{
LoginContext lc = null;
try
{
AppCallbackHandler handler = new AppCallbackHandler(username, password);
lc = new LoginContext("ProjRepositoryMain", handler);
System.out.println("Created LoginContext, username="+username);
lc.login();
}
catch(LoginException le)
{
System.out.println("Login failed");
le.printStackTrace();
return;
}
System.out.println("Login complete");
try
{
InitialContext iniCtx = new InitialContext();
ProjRepositoryHome home = (ProjRepositoryHome)
iniCtx.lookup("ProjRepository");
System.out.println("Found ProjRepositoryHome");
DefaultName projectName = new DefaultName("Project1");
ProjRepository bean = home.create(projectName);
System.out.println("Created ProjRepository");
String[] paths = {
"Project1/Drawings/view1.jpg",
/*"Project1/readme.html",
"Project1/Documents/Private/passwords",
"Project1/Documents/Public/readme.txt",
"Project1/Documents/Public/starksm/.bashrc", */
};
System.out.println("Test of getItem()");
for(int p = 0; p < paths.length; p ++)
{
DefaultName name = new DefaultName(paths[p]);
try
{
Attributes attrs = bean.getItem(name);
System.out.println("getItem("+name+") -> "+attrs);
}
catch(RemoteException e)
{
printException(e);
return;
}
}
System.out.println("Test of deleteItem()");
// Try to delete an item
try
{
DefaultName name = new
DefaultName("Project1/Documents/Public/readme.txt");
bean.deleteItem(name);
System.out.println("deleteItem("+name+") succeeded");
name = new DefaultName("Project1/Documents/Public/starksm/.bashrc");
bean.deleteItem(name);
System.out.println("deleteItem("+name+") succeeded");
}
catch(RemoteException e)
{
printException(e);
}
lc.logout();
System.out.println("User logged out");
}
catch(Throwable e)
{
System.out.println("Unexpected error");
e.printStackTrace();
}
}
public static void main(String args[])
{
try
{
System.setErr(System.out);
if( args.length == 1 && args[0].equals("-mt") )
{
System.out.println("Running multi-threaded with simultaneous
logins");
// ...
}
else
{
System.out.println("Running single-threaded with sequential logins");
String[] user = {"scott", "starksm", "guest", "nobody"};
String[] pass = {"stark", "scott_stark", "guest", "badpass"};
for(int n = 0; n < user.length; n ++)
{
System.out.println("Running as user: "+user[n]);
runAs(user[n], pass[n].toCharArray());
}
}
}
catch(Throwable t)
{
t.printStackTrace();
}
}
static void printException(RemoteException e)
{
Throwable d = e.detail;
if( d instanceof TransactionRolledbackException )
{
TransactionRolledbackException tre = (TransactionRolledbackException) d;
d = tre.detail;
}
if( d instanceof RemoteException )
{
RemoteException re = (RemoteException) d;
d = re.detail;
}
if( d instanceof SecurityException )
System.out.println("Security Failure: "+e.getMessage());
else
d.printStackTrace();
}
}
1.1
contrib/security/src/main/org/jboss/test/security/test/StatelessSessionClient.java
Index: StatelessSessionClient.java
===================================================================
package org.jboss.test.security.test;
import java.io.IOException;
import javax.naming.InitialContext;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import org.jboss.test.security.test.ejbs.StatelessSession;
import org.jboss.test.security.test.ejbs.StatelessSessionHome;
/** Run with -Djava.security.auth.login.config=url_to_jaas_login_conf
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class StatelessSessionClient
{
static void runMT()
{
Thread t0 = new Thread()
{
public void run()
{
runAs("scott", "echoman".toCharArray());
}
};
Thread t1 = new Thread()
{
public void run()
{
runAs("stark", "javaman".toCharArray());
}
};
t0.start();
t1.start();
}
static void runAs(String username, char[] password)
{
LoginContext lc = null;
try
{
AppCallbackHandler handler = new AppCallbackHandler(username, password);
lc = new LoginContext("StatelessSessionClient", handler);
System.out.println("Created LoginContext, username="+username);
lc.login();
}
catch(LoginException le)
{
System.out.println("Login failed");
le.printStackTrace();
return;
}
try
{
InitialContext jndiContext = new InitialContext();
StatelessSessionHome home = (StatelessSessionHome)
jndiContext.lookup("StatelessSession2");
System.out.println("Found StatelessSessionHome");
StatelessSession bean = home.create();
System.out.println("Created StatelessSession");
System.out.println("Bean.echo('Hello') -> "+bean.echo("Hello"));
lc.logout();
}
catch(Exception e)
{
e.printStackTrace();
}
}
public static void main(String args[]) throws Exception
{
if( args.length == 1 && args[0].equals("-mt") )
{
System.out.println("Running multi-threaded with simultaneous logins");
runMT();
}
else
{
System.out.println("Running single-threaded with sequential logins");
runAs("scott", "echoman".toCharArray());
runAs("stark", "javaman".toCharArray());
}
}
}
1.1
contrib/security/src/main/org/jboss/test/security/test/TstNamespacePermissions.java
Index: TstNamespacePermissions.java
===================================================================
package org.jboss.test.security.test;
import java.io.FilePermission;
import java.net.URL;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Policy;
/** Tests of the NamespacePermissions.
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class TstNamespacePermissions
{
/**
* @param args the command line arguments
*/
public static void main(String args[])
{
System.setErr(System.out);
PermissionCollection pc = new NamespacePermissionCollection();
NamespacePermission p = new NamespacePermission("starksm/Project1", "r---");
pc.add(p);
p = new NamespacePermission("starksm/Project1/Documents/readme.html",
"rw--");
pc.add(p);
p = new NamespacePermission("starksm/Project1/Documents/Public", "rw--");
pc.add(p);
p = new NamespacePermission("starksm/Project1/Documents/Public/Private",
"----");
pc.add(p);
p = new NamespacePermission("Project1/Documents/Public", "r---");
pc.add(p);
System.out.println(pc);
p = new NamespacePermission("Project1/Drawings/view1.jpg", "r---");
boolean implied = pc.implies(p);
System.out.println("IsImplied[false]: "+p+" -> "+implied);
p = new NamespacePermission("Project1/Documents/view1.jpg", "r---");
implied = pc.implies(p);
System.out.println("IsImplied[false]: "+p+" -> "+implied);
p = new NamespacePermission("Project1/Documents/Public/view1.jpg", "r---");
implied = pc.implies(p);
System.out.println("IsImplied[true]: "+p+" -> "+implied);
p = new NamespacePermission("starksm/Project1", "r---");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
p = new NamespacePermission("starksm/Project1/Documents/Folder1", "r---");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
p = new NamespacePermission("starksm/Project1/Documents/readme.html",
"r---");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
p = new NamespacePermission("starksm/Project1/Documents/readme.html",
"rw--");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
p = new NamespacePermission("starksm/Project1/Documents/readme.html",
"-w--");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
p = new NamespacePermission("starksm/Project1/Documents/readme.html",
"rw-d");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
p = new NamespacePermission("starksm/Project1/Documents", "rw--");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
p = new NamespacePermission("starksm/Project1/Documents/Public/readme.html",
"r---");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
p = new NamespacePermission("starksm/Project1/Documents/Public/readme.html",
"rw--");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
p = new
NamespacePermission("starksm/Project1/Documents/Public/Private/readme.html", "r---");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
p = new
NamespacePermission("starksm/Project1/Documents/Public/Private/readme.html", "rw--");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
PermissionName n0 = new
PermissionName("starksm/Project1/Documents/readme.html");
PermissionName n1 = new
PermissionName("starksm/Project1/Documents/Folder1/readme.html");
System.out.println(n0+"compareTo"+n1+" -> "+n0.compareTo(n1));
p = new
NamespacePermission("starksm/Project1/Documents/Folder1/readme.html", "rw--");
System.out.println("IsImplied: "+p+" -> "+pc.implies(p));
}
}
1.1
contrib/security/src/main/org/jboss/test/security/test/TstSRPLogin.java
Index: TstSRPLogin.java
===================================================================
package org.jboss.test.security.test;
import java.net.URL;
import javax.security.auth.Policy;
import javax.security.auth.Subject;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.SecurityPolicy;
import org.jboss.security.SecurityPolicyParser;
/** A test of the SRPLogin module
@see security.srp.protocol.jaas.SRPLoginModule
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class TstSRPLogin
{
public static void main(String args[])
{
try
{
System.setErr(System.out);
init(args[0]);
run();
}
catch(Exception e)
{
e.printStackTrace(System.out);
}
}
/** Create a SecurityPolicy from a xml policy file and install it as the
JAAS Policy and Configuration implementations.
*/
static void init(String policyName) throws Exception
{
// Create a subject security policy
URL policyURL = Main2.class.getClassLoader().getResource(policyName);
System.out.println("policyName "+policyName+" -> "+policyURL);
SecurityPolicyParser policyStore = new SecurityPolicyParser(policyURL);
SecurityPolicy policy = new SecurityPolicy(policyStore);
policy.refresh();
Policy.setPolicy(policy);
Configuration.setConfiguration(policy.getLoginConfiguration());
}
static void run() throws Exception
{
AppCallbackHandler handler = new AppCallbackHandler("scott",
"stark".toCharArray());
LoginContext lc = new LoginContext("srp-login", handler);
lc.login();
Subject subject = lc.getSubject();
System.out.println("Subject="+subject);
}
}
1.1
contrib/security/src/main/org/jboss/test/security/test/TstTimedCache.java
Index: TstTimedCache.java
===================================================================
package org.jboss.test.security.test;
import java.io.FilePermission;
import java.net.URL;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Policy;
import org.jboss.util.TimedCachePolicy;
/** Tests of the TimedCachePolicy class.
@see org.jboss.util.TimedCachePolicy
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class TstTimedCache
{
static class Refreshable implements TimedCachePolicy.TimedEntry
{
int refreshes;
long expirationTime;
Object value;
Refreshable(long lifetime, Object value, int refreshes)
{
this.expirationTime = 1000 * lifetime;
this.value = value;
this.refreshes = refreshes;
}
public void init(long now)
{
expirationTime += now;
System.out.println(value+".init("+now+"),
expirationTime="+expirationTime);
}
public boolean isCurrent(long now)
{
System.out.println(value+".isCurrent("+now+") = "+(expirationTime >
now));
return expirationTime > now;
}
public boolean refresh()
{
refreshes --;
System.out.println(value+".refresh() = "+(refreshes > 0));
return refreshes > 0;
}
public Object getValue()
{
return value;
}
}
/**
* @param args the command line arguments
*/
public static void main(String args[])
{
TimedCachePolicy cache = new TimedCachePolicy(20, false, 1);
cache.init();
cache.start();
cache.insert("1", new Refreshable(5, "value1", 4));
cache.insert("2", new Refreshable(3, "value2", 10));
cache.insert("3", "value3");
long start = System.currentTimeMillis();
// Loop until the longest lived value is gone
while( cache.peek("2") != null )
{
long now = System.currentTimeMillis();
System.out.println("Elapsed: "+(now - start) / 1000);
System.out.println("get(1) -> "+cache.get("1"));
System.out.println("get(2) -> "+cache.get("2"));
System.out.println("get(3) -> "+cache.get("3"));
try
{
Thread.currentThread().sleep(3*1000);
}
catch(InterruptedException e)
{
}
}
long now = System.currentTimeMillis();
System.out.println("End, elapsed: "+(now - start) / 1000);
System.out.println("get(1) -> "+cache.get("1"));
System.out.println("get(2) -> "+cache.get("2"));
System.out.println("get(3) -> "+cache.get("3"));
}
}
