Author: rfeng
Date: Tue Apr 22 13:56:26 2008
New Revision: 650652
URL: http://svn.apache.org/viewvc?rev=650652&view=rev
Log:
Add support for the new syntax of authorization/securityIdentity elements
Added:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java
(with props)
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java
(with props)
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java
(with props)
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java
(with props)
incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java
(with props)
incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml
(with props)
Removed:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/AllowPolicy.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/AllowPolicyProcessor.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/AuthorizationPolicy.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/DenyAllPolicy.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/DenyAllPolicyProcessor.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/PermitAllPolicy.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/PermitAllPolicyProcessor.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/RunAsPolicy.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/RunAsPolicyProcessor.java
Modified:
incubator/tuscany/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
Added:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java?rev=650652&view=auto
==============================================================================
---
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java
(added)
+++
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java
Tue Apr 22 13:56:26 2008
@@ -0,0 +1,83 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.tuscany.sca.policy.authorization;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.policy.Policy;
+
+/**
+ * Models the SCA Implementatatoin Security Policy Assertion for Authorization
+ *
+ * @version $Rev$ $Date$
+ */
+public class AuthorizationPolicy implements Policy {
+ public static final QName NAME = new QName(Constants.SCA10_NS,
"authorization");
+
+ public static enum AcessControl {
+ permitAll, denyAll, allow
+ };
+
+ private List<String> roleNames = new ArrayList<String>();
+
+ public AuthorizationPolicy() {
+ }
+
+ private AcessControl accessControl;
+
+ public AcessControl getAccessControl() {
+ return accessControl;
+ }
+
+ public void setAccessControl(AcessControl accessControl) {
+ this.accessControl = accessControl;
+ }
+
+ public List<String> getRoleNames() {
+ if (accessControl == AcessControl.allow) {
+ return roleNames;
+ } else {
+ throw new IllegalArgumentException("Role names are only available
for 'allow'");
+ }
+ }
+
+ public boolean isUnresolved() {
+ return false;
+ }
+
+ public void setUnresolved(boolean unresolved) {
+ }
+
+ public QName getSchemaName() {
+ return NAME;
+ }
+
+ public String toString() {
+ if (accessControl == AcessControl.allow) {
+ return accessControl.name() + " " + roleNames;
+ }
+ return accessControl.name();
+ }
+
+}
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java?rev=650652&view=auto
==============================================================================
---
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java
(added)
+++
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java
Tue Apr 22 13:56:26 2008
@@ -0,0 +1,119 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.tuscany.sca.policy.authorization;
+
+import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
+import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;
+
+import java.util.StringTokenizer;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.resolver.ModelResolver;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
+import
org.apache.tuscany.sca.contribution.service.ContributionResolveException;
+import org.apache.tuscany.sca.contribution.service.ContributionWriteException;
+
+public class AuthorizationPolicyProcessor implements
StAXArtifactProcessor<AuthorizationPolicy> {
+ private static final String ROLES = "roles";
+
+ public QName getArtifactType() {
+ return AuthorizationPolicy.NAME;
+ }
+
+ public AuthorizationPolicyProcessor(ModelFactoryExtensionPoint
modelFactories) {
+ }
+
+ public AuthorizationPolicy read(XMLStreamReader reader) throws
ContributionReadException, XMLStreamException {
+ AuthorizationPolicy policy = new AuthorizationPolicy();
+ int event = reader.getEventType();
+ QName start = reader.getName();
+ while (true) {
+ switch (event) {
+ case START_ELEMENT:
+ String ac = reader.getName().getLocalPart();
+ if ("allow".equals(ac)) {
+
policy.setAccessControl(AuthorizationPolicy.AcessControl.allow);
+ String roleNames = reader.getAttributeValue(null,
ROLES);
+ if (roleNames == null) {
+ throw new IllegalArgumentException("Required
attribute 'roles' is missing.");
+ }
+ StringTokenizer st = new StringTokenizer(roleNames);
+ while (st.hasMoreTokens()) {
+ policy.getRoleNames().add(st.nextToken());
+ }
+ } else if ("permitAll".equals(ac)) {
+
policy.setAccessControl(AuthorizationPolicy.AcessControl.permitAll);
+ } else if ("denyAll".endsWith(ac)) {
+
policy.setAccessControl(AuthorizationPolicy.AcessControl.denyAll);
+ }
+ break;
+ case END_ELEMENT:
+ if (start.equals(reader.getName())) {
+ if (reader.hasNext()) {
+ reader.next();
+ }
+ return policy;
+ }
+
+ }
+ if (reader.hasNext()) {
+ event = reader.next();
+ } else {
+ return policy;
+ }
+ }
+ }
+
+ public void write(AuthorizationPolicy policy, XMLStreamWriter writer)
throws ContributionWriteException,
+ XMLStreamException {
+ writer.writeStartElement(AuthorizationPolicy.NAME.getLocalPart());
+
+ writer.writeStartElement(policy.getAccessControl().name());
+
+ if (policy.getAccessControl() ==
AuthorizationPolicy.AcessControl.allow) {
+ StringBuffer sb = new StringBuffer();
+ for (String role : policy.getRoleNames()) {
+ sb.append(role);
+ }
+
+ if (sb.length() > 0) {
+ writer.writeAttribute(ROLES, sb.toString());
+ }
+ }
+
+ writer.writeEndElement();
+ writer.writeEndElement();
+ }
+
+ public Class<AuthorizationPolicy> getModelType() {
+ return AuthorizationPolicy.class;
+ }
+
+ public void resolve(AuthorizationPolicy policy, ModelResolver resolver)
throws ContributionResolveException {
+ //right now nothing to resolve
+ policy.setUnresolved(false);
+ }
+
+}
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java?rev=650652&view=auto
==============================================================================
---
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java
(added)
+++
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java
Tue Apr 22 13:56:26 2008
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.tuscany.sca.policy.identity;
+
+import javax.xml.namespace.QName;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.policy.Policy;
+
+/**
+ * Models the SCA Implementatatoin Security Policy Assertion for Security
Identity
+ *
+ * @version $Rev$ $Date$
+ */
+public class SecurityIdentityPolicy implements Policy {
+ public static final QName NAME = new QName(Constants.SCA10_NS,
"securityIdentity");
+
+ private boolean useCallerIdentity;
+
+ private String runAsRole;
+
+ public SecurityIdentityPolicy() {
+ }
+
+ public boolean isUnresolved() {
+ return false;
+ }
+
+ public void setUnresolved(boolean unresolved) {
+ }
+
+ public QName getSchemaName() {
+ return NAME;
+ }
+
+ public boolean isUseCallerIdentity() {
+ return useCallerIdentity;
+ }
+
+ public void setUseCallerIdentity(boolean useCallerIdentity) {
+ this.useCallerIdentity = useCallerIdentity;
+ }
+
+ public String getRunAsRole() {
+ return runAsRole;
+ }
+
+ public void setRunAsRole(String runAsRole) {
+ this.runAsRole = runAsRole;
+ }
+
+ public String toString() {
+ if (useCallerIdentity) {
+ return "useCallerIdentity";
+ }
+ return "runAs " + runAsRole;
+ }
+}
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java?rev=650652&view=auto
==============================================================================
---
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java
(added)
+++
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java
Tue Apr 22 13:56:26 2008
@@ -0,0 +1,105 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.tuscany.sca.policy.identity;
+
+import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
+import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.resolver.ModelResolver;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
+import
org.apache.tuscany.sca.contribution.service.ContributionResolveException;
+import org.apache.tuscany.sca.contribution.service.ContributionWriteException;
+
+public class SecurityIdentityPolicyProcessor implements
StAXArtifactProcessor<SecurityIdentityPolicy> {
+ private static final String ROLE = "role";
+
+ public QName getArtifactType() {
+ return SecurityIdentityPolicy.NAME;
+ }
+
+ public SecurityIdentityPolicyProcessor(ModelFactoryExtensionPoint
modelFactories) {
+ }
+
+ public SecurityIdentityPolicy read(XMLStreamReader reader) throws
ContributionReadException, XMLStreamException {
+ SecurityIdentityPolicy policy = new SecurityIdentityPolicy();
+ int event = reader.getEventType();
+ QName start = reader.getName();
+ while (true) {
+ switch (event) {
+ case START_ELEMENT:
+ String ac = reader.getName().getLocalPart();
+ if ("runAs".equals(ac)) {
+ String roleName = reader.getAttributeValue(null, ROLE);
+ if (roleName == null) {
+ throw new IllegalArgumentException("Required
attribute 'roles' is missing.");
+ }
+ policy.setRunAsRole(roleName);
+ } else if ("useCallerIdentity".equals(ac)) {
+ policy.setUseCallerIdentity(true);
+ }
+ break;
+ case END_ELEMENT:
+ if (start.equals(reader.getName())) {
+ if (reader.hasNext()) {
+ reader.next();
+ }
+ return policy;
+ }
+
+ }
+ if (reader.hasNext()) {
+ event = reader.next();
+ } else {
+ return policy;
+ }
+ }
+ }
+
+ public void write(SecurityIdentityPolicy policy, XMLStreamWriter writer)
throws ContributionWriteException,
+ XMLStreamException {
+ writer.writeStartElement(SecurityIdentityPolicy.NAME.getLocalPart());
+
+ String child = policy.isUseCallerIdentity() ? "useCallerIdentity" :
"runAs";
+ writer.writeStartElement(child);
+
+ if (!policy.isUseCallerIdentity()) {
+ writer.writeAttribute(ROLE, policy.getRunAsRole());
+ }
+
+ writer.writeEndElement();
+ writer.writeEndElement();
+ }
+
+ public Class<SecurityIdentityPolicy> getModelType() {
+ return SecurityIdentityPolicy.class;
+ }
+
+ public void resolve(SecurityIdentityPolicy policy, ModelResolver resolver)
throws ContributionResolveException {
+ //right now nothing to resolve
+ policy.setUnresolved(false);
+ }
+
+}
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified:
incubator/tuscany/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor?rev=650652&r1=650651&r2=650652&view=diff
==============================================================================
---
incubator/tuscany/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
(original)
+++
incubator/tuscany/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
Tue Apr 22 13:56:26 2008
@@ -16,9 +16,11 @@
# under the License.
# Implementation class for the artifact processor extension
-org.apache.tuscany.sca.policy.security.PermitAllPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#permitAll,model=org.apache.tuscany.sca.policy.security.PermitAllPolicy
-org.apache.tuscany.sca.policy.security.DenyAllPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#denyAll,model=org.apache.tuscany.sca.policy.security.DenyAllPolicy
-org.apache.tuscany.sca.policy.security.AllowPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#allow,model=org.apache.tuscany.sca.policy.security.AllowPolicy
-org.apache.tuscany.sca.policy.security.RunAsPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#runAs,model=org.apache.tuscany.sca.policy.security.RunAsPolicy
org.apache.tuscany.sca.policy.security.ws.Axis2ConfigParamPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#wsConfigParam,model=org.apache.tuscany.sca.policy.security.ws.Axis2ConfigParamPolicy
-org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#jaasAuthentication,model=org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicy
\ No newline at end of file
+org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#jaasAuthentication,model=org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicy
+org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#authorization,model=org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy
+org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#allow,model=org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy
+org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#permitAll,model=org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy
+org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#denyAll,model=org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy
+org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#securityIdentity,model=org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicy
+org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#runAs,model=org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicy
\ No newline at end of file
Added:
incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java?rev=650652&view=auto
==============================================================================
---
incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java
(added)
+++
incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java
Tue Apr 22 13:56:26 2008
@@ -0,0 +1,88 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.tuscany.sca.policy.security;
+
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamConstants;
+import javax.xml.stream.XMLStreamReader;
+
+import junit.framework.Assert;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy;
+import
org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;
+import org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicy;
+import org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicyProcessor;
+import org.junit.Test;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class PolicyProcessorTestCase {
+ private final static List<String> SEQ =
+ Arrays.asList("permitAll",
+ "allow [r1, r2]",
+ "denyAll",
+ "runAs admin",
+ "useCallerIdentity",
+ "permitAll",
+ "allow [r1, r2]",
+ "denyAll",
+ "runAs admin");
+
+ @Test
+ public void testRead() throws Exception {
+ List<String> results = new ArrayList<String>();
+ Map<QName, StAXArtifactProcessor> processors = new HashMap<QName,
StAXArtifactProcessor>();
+ processors.put(AuthorizationPolicy.NAME, new
AuthorizationPolicyProcessor(null));
+ processors.put(SecurityIdentityPolicy.NAME, new
SecurityIdentityPolicyProcessor(null));
+ processors.put(new QName(Constants.SCA10_NS, "allow"), new
AuthorizationPolicyProcessor(null));
+ processors.put(new QName(Constants.SCA10_NS, "permitAll"), new
AuthorizationPolicyProcessor(null));
+ processors.put(new QName(Constants.SCA10_NS, "denyAll"), new
AuthorizationPolicyProcessor(null));
+ processors.put(new QName(Constants.SCA10_NS, "runAs"), new
SecurityIdentityPolicyProcessor(null));
+ InputStream is =
getClass().getResourceAsStream("mock_policy_definitions.xml");
+ XMLInputFactory factory = XMLInputFactory.newInstance();
+ XMLStreamReader reader = factory.createXMLStreamReader(is);
+ while (true) {
+ int event = reader.getEventType();
+ if (event == XMLStreamConstants.START_ELEMENT) {
+ if ("policySet".equals(reader.getName().getLocalPart())) {
+ reader.nextTag();
+
results.add(processors.get(reader.getName()).read(reader).toString());
+ }
+ }
+ if (reader.hasNext()) {
+ reader.next();
+ } else {
+ break;
+ }
+ }
+ Assert.assertEquals(SEQ, results);
+ }
+}
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added:
incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml?rev=650652&view=auto
==============================================================================
---
incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml
(added)
+++
incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml
Tue Apr 22 13:56:26 2008
@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="ASCII"?>
+<!--
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+-->
+<definitions xmlns="http://www.osoa.org/xmlns/sca/1.0";
targetNamespace="http://tuscany.apache.org/xmlns/sca/1.0";
+ xmlns:sca="http://www.osoa.org/xmlns/sca/1.0";>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps1" provides="authorization"
appliesTo="sca:implementation">
+ <authorization>
+ <permitAll />
+ </authorization>
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps2" provides="authorization"
appliesTo="sca:implementation">
+ <authorization>
+ <allow roles="r1 r2" />
+ </authorization>
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps3" provides="authorization"
appliesTo="sca:implementation">
+ <authorization>
+ <denyAll />
+ </authorization>
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps4" provides="securityIdentity"
appliesTo="sca:implementation">
+ <securityIdentity>
+ <runAs role="admin" />
+ </securityIdentity>
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps5" provides="securityIdentity"
appliesTo="sca:implementation">
+ <securityIdentity>
+ <useCallerIdentity />
+ </securityIdentity>
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps6" provides="authorization"
appliesTo="sca:implementation">
+ <permitAll />
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps7" provides="authorization"
appliesTo="sca:implementation">
+ <allow roles="r1 r2" />
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps8" provides="authorization"
appliesTo="sca:implementation">
+ <denyAll />
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps9" provides="securityIdentity"
appliesTo="sca:implementation">
+ <runAs role="admin" />
+ </policySet>
+
+</definitions>
\ No newline at end of file
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml
------------------------------------------------------------------------------
svn:keywords = Rev Date
