You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tuscany.apache.org by sl...@apache.org on 2011/10/31 11:38:53 UTC
svn commit: r1195401 - in /tuscany/sca-java-2.x/trunk:
modules/builder/src/main/java/org/apache/tuscany/sca/builder/impl/
modules/policy-security-jsr250/src/main/java/org/apache/tuscany/sca/policy/security/jsr250/
modules/policy-security-jsr250/src/tes...
Author: slaws
Date: Mon Oct 31 10:38:52 2011
New Revision: 1195401
URL: http://svn.apache.org/viewvc?rev=1195401&view=rev
Log:
Ensure that fully resolved JSR250 policy sets, added by the policy processor on the fly, are not re-resolved. Hence the dynamic information in the policy sets is not lost.
Added:
tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/java/org/apache/tuscany/sca/policy/operations/helloworld/HelloWorldService1.java
Modified:
tuscany/sca-java-2.x/trunk/modules/builder/src/main/java/org/apache/tuscany/sca/builder/impl/ComponentPolicyBuilderImpl.java
tuscany/sca-java-2.x/trunk/modules/policy-security-jsr250/src/main/java/org/apache/tuscany/sca/policy/security/jsr250/JSR250PolicyProcessor.java
tuscany/sca-java-2.x/trunk/modules/policy-security-jsr250/src/test/java/org/apache/tuscany/sca/policy/security/jsr250/PolicyProcessorTestCase.java
tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/java/org/apache/tuscany/sca/policy/operations/helloworld/HelloWorldClient.java
tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/resources/org/apache/tuscany/sca/policy/operations/helloworld/helloworld.composite
tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/test/java/org/apache/tuscany/sca/policy/operations/OperationsPolicyTestCase.java
Modified: tuscany/sca-java-2.x/trunk/modules/builder/src/main/java/org/apache/tuscany/sca/builder/impl/ComponentPolicyBuilderImpl.java
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/modules/builder/src/main/java/org/apache/tuscany/sca/builder/impl/ComponentPolicyBuilderImpl.java?rev=1195401&r1=1195400&r2=1195401&view=diff
==============================================================================
--- tuscany/sca-java-2.x/trunk/modules/builder/src/main/java/org/apache/tuscany/sca/builder/impl/ComponentPolicyBuilderImpl.java (original)
+++ tuscany/sca-java-2.x/trunk/modules/builder/src/main/java/org/apache/tuscany/sca/builder/impl/ComponentPolicyBuilderImpl.java Mon Oct 31 10:38:52 2011
@@ -443,16 +443,24 @@ public class ComponentPolicyBuilderImpl
// or external attachement
// resolve policy set names that have been specified for the
// policy subject against the real policy sets from the
- // definitions files
+ // definitions files.
+ // Some policy plugins, e.g. JSR250, add resolved policy sets
+ // on the fly as they read details from annotations. So check
+ // that policy sets are unresolved befor blowing them away with
+ // a warning
Set<PolicySet> policySets = new HashSet<PolicySet>();
if (definitions != null) {
for (PolicySet policySet : subject.getPolicySets()) {
- int index = definitions.getPolicySets().indexOf(policySet);
- if (index != -1) {
- policySets.add(definitions.getPolicySets().get(index));
+ if (policySet.isUnresolved()){
+ int index = definitions.getPolicySets().indexOf(policySet);
+ if (index != -1) {
+ policySets.add(definitions.getPolicySets().get(index));
+ } else {
+ // PolicySet cannot be resolved
+ warning(context.getMonitor(), "PolicySetNotFoundAtBuild", subject, policySet);
+ }
} else {
- // PolicySet cannot be resolved
- warning(context.getMonitor(), "PolicySetNotFoundAtBuild", subject, policySet);
+ policySets.add(policySet);
}
}
}
Modified: tuscany/sca-java-2.x/trunk/modules/policy-security-jsr250/src/main/java/org/apache/tuscany/sca/policy/security/jsr250/JSR250PolicyProcessor.java
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/modules/policy-security-jsr250/src/main/java/org/apache/tuscany/sca/policy/security/jsr250/JSR250PolicyProcessor.java?rev=1195401&r1=1195400&r2=1195401&view=diff
==============================================================================
--- tuscany/sca-java-2.x/trunk/modules/policy-security-jsr250/src/main/java/org/apache/tuscany/sca/policy/security/jsr250/JSR250PolicyProcessor.java (original)
+++ tuscany/sca-java-2.x/trunk/modules/policy-security-jsr250/src/main/java/org/apache/tuscany/sca/policy/security/jsr250/JSR250PolicyProcessor.java Mon Oct 31 10:38:52 2011
@@ -25,9 +25,14 @@ import javax.annotation.security.PermitA
import javax.annotation.security.RolesAllowed;
import javax.annotation.security.RunAs;
import javax.xml.namespace.QName;
+import javax.xml.xpath.XPath;
+import javax.xml.xpath.XPathExpression;
+import javax.xml.xpath.XPathExpressionException;
import org.apache.tuscany.sca.assembly.AssemblyFactory;
import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.common.xml.stax.reader.NamespaceContextImpl;
+import org.apache.tuscany.sca.common.xml.xpath.XPathHelper;
import org.apache.tuscany.sca.core.ExtensionPointRegistry;
import org.apache.tuscany.sca.core.FactoryExtensionPoint;
import org.apache.tuscany.sca.implementation.java.IntrospectionException;
@@ -59,17 +64,31 @@ public class JSR250PolicyProcessor exten
private static final QName DENY_ALL = new QName(Constants.SCA11_TUSCANY_NS,"denyAll");
private PolicyFactory policyFactory;
+ private XPathHelper xpathHelper;
+ private String appliesToString = "//sca:implementation.java";
+ private XPathExpression appliesToExpression = null;
- public JSR250PolicyProcessor(ExtensionPointRegistry registry) {
+ public JSR250PolicyProcessor(ExtensionPointRegistry registry) throws IntrospectionException {
super(registry.getExtensionPoint(FactoryExtensionPoint.class).getFactory(AssemblyFactory.class));
this.policyFactory = registry.getExtensionPoint(FactoryExtensionPoint.class).getFactory(PolicyFactory.class);
+
+ this.xpathHelper = XPathHelper.getInstance(registry);
+ NamespaceContextImpl nsContext = new NamespaceContextImpl(null);
+ nsContext.register("sca", "http://docs.oasis-open.org/ns/opencsa/sca/200912");
+ XPath path = xpathHelper.newXPath();
+ try {
+ appliesToExpression = xpathHelper.compile(path, nsContext, appliesToString);
+ } catch (XPathExpressionException e) {
+ throw new IntrospectionException(e);
+ }
}
+/*
public JSR250PolicyProcessor(AssemblyFactory assemblyFactory, PolicyFactory policyFactory) {
super(assemblyFactory);
this.policyFactory = policyFactory;
}
-
+*/
@Override
public <T> void visitClass(Class<T> clazz, JavaImplementation type) throws IntrospectionException {
@@ -84,14 +103,7 @@ public class JSR250PolicyProcessor exten
SecurityIdentityPolicy policy = new SecurityIdentityPolicy();
policy.setRunAsRole(roleName);
-
- PolicySet policySet = policyFactory.createPolicySet();
- policySet.setName(RUN_AS);
- PolicyExpression policyExpression = policyFactory.createPolicyExpression();
- policyExpression.setName(SecurityIdentityPolicy.NAME);
- policyExpression.setPolicy(policy);
- policySet.getPolicies().add(policyExpression);
- policySet.setUnresolved(false);
+ PolicySet policySet = createPolicySet(RUN_AS, SecurityIdentityPolicy.NAME, policy);
type.getPolicySets().add(policySet);
}
@@ -108,13 +120,7 @@ public class JSR250PolicyProcessor exten
policy.getRoleNames().add(role);
}
- PolicySet policySet = policyFactory.createPolicySet();
- policySet.setName(ALLOW);
- PolicyExpression policyExpression = policyFactory.createPolicyExpression();
- policyExpression.setName(AuthorizationPolicy.NAME);
- policyExpression.setPolicy(policy);
- policySet.getPolicies().add(policyExpression);
- policySet.setUnresolved(false);
+ PolicySet policySet = createPolicySet(ALLOW, AuthorizationPolicy.NAME, policy);
type.getPolicySets().add(policySet);
}
@@ -122,14 +128,7 @@ public class JSR250PolicyProcessor exten
if(permitAll != null) {
AuthorizationPolicy policy = new AuthorizationPolicy();
policy.setAccessControl(AuthorizationPolicy.AcessControl.permitAll);
-
- PolicySet policySet = policyFactory.createPolicySet();
- policySet.setName(PERMIT_ALL);
- PolicyExpression policyExpression = policyFactory.createPolicyExpression();
- policyExpression.setName(AuthorizationPolicy.NAME);
- policyExpression.setPolicy(policy);
- policySet.getPolicies().add(policyExpression);
- policySet.setUnresolved(false);
+ PolicySet policySet = createPolicySet(PERMIT_ALL, AuthorizationPolicy.NAME, policy);
type.getPolicySets().add(policySet);
}
@@ -154,14 +153,7 @@ public class JSR250PolicyProcessor exten
Operation operation = getOperationModel(method, type);
if (operation != null){
- PolicySet policySet = policyFactory.createPolicySet();
- policySet.setName(ALLOW);
- PolicyExpression policyExpression = policyFactory.createPolicyExpression();
- policyExpression.setName(AuthorizationPolicy.NAME);
- policyExpression.setPolicy(policy);
- policySet.getPolicies().add(policyExpression);
- policySet.setUnresolved(false);
-
+ PolicySet policySet = createPolicySet(ALLOW, AuthorizationPolicy.NAME, policy);
operation.getPolicySets().add(policySet);
}
}
@@ -175,14 +167,7 @@ public class JSR250PolicyProcessor exten
Operation operation = getOperationModel(method, type);
if (operation != null){
- PolicySet policySet = policyFactory.createPolicySet();
- policySet.setName(PERMIT_ALL);
- PolicyExpression policyExpression = policyFactory.createPolicyExpression();
- policyExpression.setName(AuthorizationPolicy.NAME);
- policyExpression.setPolicy(policy);
- policySet.getPolicies().add(policyExpression);
- policySet.setUnresolved(false);
-
+ PolicySet policySet = createPolicySet(PERMIT_ALL, AuthorizationPolicy.NAME, policy);
operation.getPolicySets().add(policySet);
}
}
@@ -196,14 +181,7 @@ public class JSR250PolicyProcessor exten
Operation operation = getOperationModel(method, type);
if (operation != null){
- PolicySet policySet = policyFactory.createPolicySet();
- policySet.setName(DENY_ALL);
- PolicyExpression policyExpression = policyFactory.createPolicyExpression();
- policyExpression.setName(AuthorizationPolicy.NAME);
- policyExpression.setPolicy(policy);
- policySet.getPolicies().add(policyExpression);
- policySet.setUnresolved(false);
-
+ PolicySet policySet = createPolicySet(DENY_ALL, AuthorizationPolicy.NAME, policy);
operation.getPolicySets().add(policySet);
}
}
@@ -219,4 +197,25 @@ public class JSR250PolicyProcessor exten
return null;
}
+
+ /**
+ * Here we generate policy sets on the fly so they have to be configured as though they
+ * had been read and resolved from a defintions.xml file. I.e. they have to have appropriate
+ * appliesTo configuration and be marked as resolved.
+ */
+ private PolicySet createPolicySet(QName policySetName, QName policyExpressionName, Object policy){
+
+ PolicyExpression policyExpression = policyFactory.createPolicyExpression();
+ policyExpression.setName(policyExpressionName);
+ policyExpression.setPolicy(policy);
+
+ PolicySet policySet = policyFactory.createPolicySet();
+ policySet.setName(policySetName);
+ policySet.setAppliesTo(appliesToString);
+ policySet.setAppliesToXPathExpression(appliesToExpression);
+ policySet.getPolicies().add(policyExpression);
+ policySet.setUnresolved(false);
+
+ return policySet;
+ }
}
Modified: tuscany/sca-java-2.x/trunk/modules/policy-security-jsr250/src/test/java/org/apache/tuscany/sca/policy/security/jsr250/PolicyProcessorTestCase.java
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/modules/policy-security-jsr250/src/test/java/org/apache/tuscany/sca/policy/security/jsr250/PolicyProcessorTestCase.java?rev=1195401&r1=1195400&r2=1195401&view=diff
==============================================================================
--- tuscany/sca-java-2.x/trunk/modules/policy-security-jsr250/src/test/java/org/apache/tuscany/sca/policy/security/jsr250/PolicyProcessorTestCase.java (original)
+++ tuscany/sca-java-2.x/trunk/modules/policy-security-jsr250/src/test/java/org/apache/tuscany/sca/policy/security/jsr250/PolicyProcessorTestCase.java Mon Oct 31 10:38:52 2011
@@ -155,7 +155,7 @@ public class PolicyProcessorTestCase ext
registry.start();
serviceProcessor = new ServiceProcessor(new DefaultAssemblyFactory(), new DefaultJavaInterfaceFactory(registry));
policyProcessor = new PolicyProcessor(registry);
- jsr250Processor = new JSR250PolicyProcessor(new DefaultAssemblyFactory(), new DefaultPolicyFactory());
+ jsr250Processor = new JSR250PolicyProcessor(registry);
visitor = new PolicyJavaInterfaceVisitor(registry);
JavaImplementationFactory javaImplementationFactory = new DefaultJavaImplementationFactory();
type = javaImplementationFactory.createJavaImplementation();
Modified: tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/java/org/apache/tuscany/sca/policy/operations/helloworld/HelloWorldClient.java
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/java/org/apache/tuscany/sca/policy/operations/helloworld/HelloWorldClient.java?rev=1195401&r1=1195400&r2=1195401&view=diff
==============================================================================
--- tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/java/org/apache/tuscany/sca/policy/operations/helloworld/HelloWorldClient.java (original)
+++ tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/java/org/apache/tuscany/sca/policy/operations/helloworld/HelloWorldClient.java Mon Oct 31 10:38:52 2011
@@ -26,10 +26,14 @@ public class HelloWorldClient implements
@Reference
public HelloWorld helloWorldWS;
+ @Reference
+ public HelloWorld helloWorldWS1;
+
public String getGreetings(String s) {
String response = helloWorldWS.getGreetings(s);
+ response += helloWorldWS1.getGreetings(s);
System.out.println("At client: " + response);
return response;
- }
+ }
}
Added: tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/java/org/apache/tuscany/sca/policy/operations/helloworld/HelloWorldService1.java
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/java/org/apache/tuscany/sca/policy/operations/helloworld/HelloWorldService1.java?rev=1195401&view=auto
==============================================================================
--- tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/java/org/apache/tuscany/sca/policy/operations/helloworld/HelloWorldService1.java (added)
+++ tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/java/org/apache/tuscany/sca/policy/operations/helloworld/HelloWorldService1.java Mon Oct 31 10:38:52 2011
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.tuscany.sca.policy.operations.helloworld;
+
+import javax.annotation.security.PermitAll;
+
+@PermitAll
+public class HelloWorldService1 implements HelloWorld {
+
+ public String getGreetings(String s) {
+ String response = "Hello " + s;
+ System.out.println("At service: " + response);
+ return response;
+ }
+
+}
Modified: tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/resources/org/apache/tuscany/sca/policy/operations/helloworld/helloworld.composite
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/resources/org/apache/tuscany/sca/policy/operations/helloworld/helloworld.composite?rev=1195401&r1=1195400&r2=1195401&view=diff
==============================================================================
--- tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/resources/org/apache/tuscany/sca/policy/operations/helloworld/helloworld.composite (original)
+++ tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/main/resources/org/apache/tuscany/sca/policy/operations/helloworld/helloworld.composite Mon Oct 31 10:38:52 2011
@@ -26,6 +26,7 @@
<component name="HelloWorldClient">
<implementation.java class="org.apache.tuscany.sca.policy.operations.helloworld.HelloWorldClient"/>
<reference name="helloWorldWS" target="HelloWorldService"/>
+ <reference name="helloWorldWS1" target="HelloWorldService1"/>
</component>
<component name="HelloWorldService">
@@ -35,4 +36,11 @@
</service>
</component>
+ <component name="HelloWorldService1">
+ <implementation.java class="org.apache.tuscany.sca.policy.operations.helloworld.HelloWorldService1"/>
+ <service name="HelloWorld">
+ <binding.ws/>
+ </service>
+ </component>
+
</composite>
Modified: tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/test/java/org/apache/tuscany/sca/policy/operations/OperationsPolicyTestCase.java
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/test/java/org/apache/tuscany/sca/policy/operations/OperationsPolicyTestCase.java?rev=1195401&r1=1195400&r2=1195401&view=diff
==============================================================================
--- tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/test/java/org/apache/tuscany/sca/policy/operations/OperationsPolicyTestCase.java (original)
+++ tuscany/sca-java-2.x/trunk/testing/itest/policy/operations/src/test/java/org/apache/tuscany/sca/policy/operations/OperationsPolicyTestCase.java Mon Oct 31 10:38:52 2011
@@ -19,22 +19,25 @@
package org.apache.tuscany.sca.policy.operations;
+import javax.xml.namespace.QName;
+
import junit.framework.TestCase;
+import org.apache.tuscany.sca.assembly.Composite;
+import org.apache.tuscany.sca.assembly.xml.Constants;
import org.apache.tuscany.sca.node.Contribution;
import org.apache.tuscany.sca.node.Node;
import org.apache.tuscany.sca.node.NodeFactory;
+import org.apache.tuscany.sca.node.impl.NodeImpl;
import org.apache.tuscany.sca.policy.operations.helloworld.HelloWorld;
public class OperationsPolicyTestCase extends TestCase {
+
+ private static final QName PERMIT_ALL = new QName(Constants.SCA11_TUSCANY_NS,"permitAll");
private Node node;
private HelloWorld helloWorld;
- public void testCalculator() throws Exception {
- assertEquals("Hello petra", helloWorld.getGreetings("petra"));
- }
-
@Override
protected void setUp() throws Exception {
node = NodeFactory.newInstance().createNode(new Contribution("test", "target/classes"));
@@ -47,4 +50,16 @@ public class OperationsPolicyTestCase ex
node.stop();
}
+ public void testCalculator() throws Exception {
+ assertEquals("Hello petraHello petra", helloWorld.getGreetings("petra"));
+ Composite domainComposite = ((NodeImpl)node).getDomainComposite();
+
+ // Check that the operation level policy is present
+ assertEquals(PERMIT_ALL,
+ domainComposite.getComponents().get(1).getImplementation().getOperations().get(0).getPolicySets().get(0).getName());
+
+ // Check that the class level policy is present
+ assertEquals(PERMIT_ALL,
+ domainComposite.getComponents().get(2).getImplementation().getPolicySets().get(0).getName());
+ }
}