You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2004/11/25 23:55:23 UTC
svn commit: r106621 - in geronimo/trunk/specs/j2ee-jacc/src: java/javax/security/jacc test/javax/security/jacc
Author: djencks
Date: Thu Nov 25 14:55:22 2004
New Revision: 106621
URL: http://svn.apache.org/viewcvs?view=rev&rev=106621
Log:
GERONIMO-503. At least WebUserDataPermission serializes correctly. Most of the functionality here is untested
Modified:
geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/HTTPMethodSpec.java
geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java
geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java
geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebResourcePermissionTest.java
geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebUserDataPermissionTest.java
Modified: geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/HTTPMethodSpec.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/HTTPMethodSpec.java?view=diff&rev=106621&p1=geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/HTTPMethodSpec.java&r1=106620&p2=geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/HTTPMethodSpec.java&r2=106621
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/HTTPMethodSpec.java (original)
+++ geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/HTTPMethodSpec.java Thu Nov 25 14:55:22 2004
@@ -24,34 +24,29 @@
package javax.security.jacc;
/**
- *
* @version $Rev$ $Date$
*/
class HTTPMethodSpec {
- private final static String[] HTTP_METHODS = { "GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS", "TRACE" };
- private final static int[] HTTP_MASKS = { 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40 };
+ private final static String[] HTTP_METHODS = {"GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS", "TRACE"};
+ private final static int[] HTTP_MASKS = {0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40};
- private final static int NA =0x00;
- private final static int INTEGRAL =0x01;
- private final static int CONFIDENTIAL =0x02;
+ private final static int INTEGRAL = 0x01;
+ private final static int CONFIDENTIAL = 0x02;
+ private final static int NONE = INTEGRAL | CONFIDENTIAL;
- private int mask =0;
- private int transport =0;
+ private int mask = 0;
+ private int transport = 0;
private String actions;
- public HTTPMethodSpec(String name) {
- this(name, false);
- }
-
public HTTPMethodSpec(String[] HTTPMethods) {
this(HTTPMethods, null);
}
public HTTPMethodSpec(String name, boolean parseTransportType) {
if (name == null || name.length() == 0) {
- mask = 0x7F;
- transport = (parseTransportType? 0x03:NA);
+ mask = 0x7F;
+ transport = NONE;
} else {
String[] tokens = name.split(":", 2);
@@ -60,10 +55,10 @@
} else {
String[] methods = tokens[0].split(",", -1);
- for (int i=0; i<methods.length; i++) {
- boolean found =false;
+ for (int i = 0; i < methods.length; i++) {
+ boolean found = false;
- for (int j=0; j<HTTP_METHODS.length; j++) {
+ for (int j = 0; j < HTTP_METHODS.length; j++) {
if (methods[i].equals(HTTP_METHODS[j])) {
mask |= HTTP_MASKS[j];
found = true;
@@ -78,17 +73,17 @@
if (tokens.length == 2) {
if (!parseTransportType) throw new IllegalArgumentException("Invalid HTTPMethodSpec");
- if (tokens[1].length() == 0) {
- throw new IllegalArgumentException("Missing transport type");
+ if (tokens[1].equals("NONE")) {
+ transport = NONE;
} else if (tokens[1].equals("INTEGRAL")) {
transport = INTEGRAL;
} else if (tokens[1].equals("CONFIDENTIAL")) {
transport = CONFIDENTIAL;
} else {
- throw new IllegalArgumentException("Invalid transportType");
+ throw new IllegalArgumentException("Invalid transportType: " + tokens[1]);
}
} else {
- transport = (parseTransportType? 0x03:NA);
+ transport = NONE;
}
}
}
@@ -99,10 +94,10 @@
if (HTTPMethods == null || HTTPMethods.length == 0) {
mask = 0x7F;
} else {
- for (int i=0; i<HTTPMethods.length; i++) {
- boolean found =false;
+ for (int i = 0; i < HTTPMethods.length; i++) {
+ boolean found = false;
- for (int j=0; j<HTTP_METHODS.length; j++) {
+ for (int j = 0; j < HTTP_METHODS.length; j++) {
if (HTTPMethods[i].equals(HTTP_METHODS[j])) {
mask |= HTTP_MASKS[j];
found = true;
@@ -115,8 +110,8 @@
}
if (parseTransportType) {
- if (transportType.length() == 0) {
- transport = 0x03;
+ if (transportType.length() == 0 || transportType.equals("NONE")) {
+ transport = NONE;
} else if (transportType.equals("INTEGRAL")) {
transport = INTEGRAL;
} else if (transportType.equals("CONFIDENTIAL")) {
@@ -125,7 +120,7 @@
throw new IllegalArgumentException("Invalid transportType");
}
} else {
- transport = NA;
+ transport = NONE;
}
}
@@ -138,7 +133,7 @@
boolean first = true;
StringBuffer buffer = new StringBuffer();
- for (int i=0; i<HTTP_MASKS.length; i++) {
+ for (int i = 0; i < HTTP_MASKS.length; i++) {
if ((mask & HTTP_MASKS[i]) > 0) {
if (first) {
first = false;
@@ -149,15 +144,12 @@
}
}
- if (transport != NA) {
+ if (transport != NONE) {
buffer.append(":");
-
- if (transport != 0x03) {
- if (transport == INTEGRAL) {
- buffer.append("INTEGRAL");
- } else {
- buffer.append("CONFIDENTIAL");
- }
+ if (transport == INTEGRAL) {
+ buffer.append("INTEGRAL");
+ } else {
+ buffer.append("CONFIDENTIAL");
}
}
actions = buffer.toString();
Modified: geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java?view=diff&rev=106621&p1=geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java&r1=106620&p2=geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java&r2=106621
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java (original)
+++ geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java Thu Nov 25 14:55:22 2004
@@ -45,14 +45,17 @@
super(request.getServletPath());
urlPatternSpec = new URLPatternSpec(request.getServletPath());
- httpMethodSpec = new HTTPMethodSpec(request.getMethod());
+ httpMethodSpec = new HTTPMethodSpec(request.getMethod(), false);
}
public WebResourcePermission(String name, String actions) {
super(name);
+// if (actions.indexOf(':') != -1) {
+// throw new IllegalArgumentException("Transports not allowed in WebResourcePermission httpMethodSpec");
+// }
urlPatternSpec = new URLPatternSpec(name);
- httpMethodSpec = new HTTPMethodSpec(actions);
+ httpMethodSpec = new HTTPMethodSpec(actions, false);
}
public WebResourcePermission(String urlPattern, String[] HTTPMethods) {
@@ -93,7 +96,7 @@
private synchronized void readObject(ObjectInputStream in) throws IOException {
urlPatternSpec = new URLPatternSpec(in.readUTF());
- httpMethodSpec = new HTTPMethodSpec(in.readUTF());
+ httpMethodSpec = new HTTPMethodSpec(in.readUTF(), false);
}
private synchronized void writeObject(ObjectOutputStream out) throws IOException {
Modified: geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java?view=diff&rev=106621&p1=geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java&r1=106620&p2=geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java&r2=106621
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java (original)
+++ geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java Thu Nov 25 14:55:22 2004
@@ -67,7 +67,7 @@
super(request.getServletPath());
urlPatternSpec = new URLPatternSpec(request.getServletPath());
- httpMethodSpec = new HTTPMethodSpec(request.getMethod());
+ httpMethodSpec = new HTTPMethodSpec(request.getMethod(), true);
}
public WebUserDataPermission(String name, String actions) {
@@ -115,7 +115,7 @@
private synchronized void readObject(ObjectInputStream in) throws IOException {
urlPatternSpec = new URLPatternSpec(in.readUTF());
- httpMethodSpec = new HTTPMethodSpec(in.readUTF());
+ httpMethodSpec = new HTTPMethodSpec(in.readUTF(), true);
}
private synchronized void writeObject(ObjectOutputStream out) throws IOException {
Modified: geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebResourcePermissionTest.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebResourcePermissionTest.java?view=diff&rev=106621&p1=geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebResourcePermissionTest.java&r1=106620&p2=geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebResourcePermissionTest.java&r2=106621
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebResourcePermissionTest.java (original)
+++ geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebResourcePermissionTest.java Thu Nov 25 14:55:22 2004
@@ -24,6 +24,11 @@
package javax.security.jacc;
import java.security.Permission;
+import java.io.ByteArrayOutputStream;
+import java.io.ObjectOutputStream;
+import java.io.ByteArrayInputStream;
+import java.io.ObjectInputStream;
+
import junit.framework.TestCase;
/**
@@ -31,6 +36,17 @@
* @version $Rev$ $Date$
*/
public class WebResourcePermissionTest extends TestCase {
+
+ public void testSerialization() throws Exception {
+ WebResourcePermission permission = new WebResourcePermission("/bar/*:/bar/stool", "GET,POST");
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ ObjectOutputStream oos = new ObjectOutputStream(baos);
+ oos.writeObject(permission);
+ ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
+ ObjectInputStream ois = new ObjectInputStream(bais);
+ Object o = ois.readObject();
+ assertEquals(permission, o);
+ }
/*
* Testing WebResourcePermission(java.lang.String, java.lang.String)
Modified: geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebUserDataPermissionTest.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebUserDataPermissionTest.java?view=diff&rev=106621&p1=geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebUserDataPermissionTest.java&r1=106620&p2=geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebUserDataPermissionTest.java&r2=106621
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebUserDataPermissionTest.java (original)
+++ geronimo/trunk/specs/j2ee-jacc/src/test/javax/security/jacc/WebUserDataPermissionTest.java Thu Nov 25 14:55:22 2004
@@ -23,6 +23,12 @@
package javax.security.jacc;
+import java.io.ByteArrayOutputStream;
+import java.io.ObjectOutputStream;
+import java.io.ByteArrayInputStream;
+import java.io.ObjectInputStream;
+import java.io.IOException;
+
import junit.framework.TestCase;
/**
@@ -57,6 +63,24 @@
fail("Missing transportType");
} catch(IllegalArgumentException iae) {
}
+ }
+
+ public void testSerialization() throws Exception {
+ testSerialization(new WebUserDataPermission("/foo", "GET,POST:INTEGRAL"));
+ testSerialization(new WebUserDataPermission("/foo", "GET,POST:NONE"));
+ testSerialization(new WebUserDataPermission("/foo", ""));
+ testSerialization(new WebUserDataPermission("/foo", ":NONE"));
+ testSerialization(new WebUserDataPermission("/foo", "GET,POST"));
+ }
+
+ private void testSerialization(WebUserDataPermission permission) throws IOException, ClassNotFoundException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ ObjectOutputStream oos = new ObjectOutputStream(baos);
+ oos.writeObject(permission);
+ ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
+ ObjectInputStream ois = new ObjectInputStream(bais);
+ Object o = ois.readObject();
+ assertEquals(permission, o);
}
public void testImpliesStringString() {