You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2014/11/11 21:38:42 UTC
[03/11] directory-fortress-enmasse git commit: change package
structure and names, pom improvements, license
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/java/org/openldap/enmasse/PswdPolicyMgrImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/openldap/enmasse/PswdPolicyMgrImpl.java b/src/main/java/org/openldap/enmasse/PswdPolicyMgrImpl.java
deleted file mode 100644
index bab630b..0000000
--- a/src/main/java/org/openldap/enmasse/PswdPolicyMgrImpl.java
+++ /dev/null
@@ -1,187 +0,0 @@
-/*
- * This work is part of OpenLDAP Software <http://www.openldap.org/>.
- *
- * Copyright 1998-2014 The OpenLDAP Foundation.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted only as authorized by the OpenLDAP
- * Public License.
- *
- * A copy of this license is available in the file LICENSE in the
- * top-level directory of the distribution or, alternatively, at
- * <http://www.OpenLDAP.org/license.html>.
- */
-package org.openldap.enmasse;
-
-import org.openldap.fortress.PwPolicyMgr;
-import org.openldap.fortress.PwPolicyMgrFactory;
-import org.openldap.fortress.SecurityException;
-import org.openldap.fortress.rbac.PwPolicy;
-import org.openldap.fortress.rest.FortRequest;
-import org.openldap.fortress.rest.FortResponse;
-import org.apache.log4j.Logger;
-
-import java.util.List;
-
-/**
- * Utility for EnMasse Server. This class is thread safe.
- *
- * @author Shawn McKinney
- */
-class PswdPolicyMgrImpl
-{
- private static final String CLS_NM = PswdPolicyMgrImpl.class.getName();
- private static final Logger log = Logger.getLogger(CLS_NM);
-
- /**
- * ************************************************************************************************************************************
- * BEGIN PSWDPOLICYMGR
- * **************************************************************************************************************************************
- */
- FortResponse addPolicy(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- PwPolicy inPolicy = (PwPolicy) request.getEntity();
- PwPolicyMgr policyMgr = PwPolicyMgrFactory.createInstance(request.getContextId());
- policyMgr.setAdmin(request.getSession());
- policyMgr.add(inPolicy);
- response.setEntity(inPolicy);
- response.setErrorCode(0);
- }
- catch (org.openldap.fortress.SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse updatePolicy(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- PwPolicy inPolicy = (PwPolicy) request.getEntity();
- PwPolicyMgr policyMgr = PwPolicyMgrFactory.createInstance(request.getContextId());
- policyMgr.setAdmin(request.getSession());
- policyMgr.update(inPolicy);
- response.setEntity(inPolicy);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse deletePolicy(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- PwPolicy inPolicy = (PwPolicy) request.getEntity();
- PwPolicyMgr policyMgr = PwPolicyMgrFactory.createInstance(request.getContextId());
- policyMgr.setAdmin(request.getSession());
- policyMgr.delete(inPolicy);
- response.setEntity(inPolicy);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse readPolicy(FortRequest request)
- {
- FortResponse response = new FortResponse();
- PwPolicy outPolicy;
- try
- {
- PwPolicy inPolicy = (PwPolicy) request.getEntity();
- PwPolicyMgr policyMgr = PwPolicyMgrFactory.createInstance(request.getContextId());
- policyMgr.setAdmin(request.getSession());
- outPolicy = policyMgr.read(inPolicy.getName());
- response.setEntity(outPolicy);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse searchPolicy(FortRequest request)
- {
- FortResponse response = new FortResponse();
- List<PwPolicy> policyList;
- try
- {
- PwPolicy inPolicy = (PwPolicy) request.getEntity();
- PwPolicyMgr policyMgr = PwPolicyMgrFactory.createInstance(request.getContextId());
- policyMgr.setAdmin(request.getSession());
- policyList = policyMgr.search(inPolicy.getName());
- response.setEntities(policyList);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse updateUserPolicy(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- PwPolicy inPolicy = (PwPolicy) request.getEntity();
- PwPolicyMgr policyMgr = PwPolicyMgrFactory.createInstance(request.getContextId());
- policyMgr.setAdmin(request.getSession());
- String userId = request.getValue();
- policyMgr.updateUserPolicy(userId, inPolicy.getName());
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse deleteUserPolicy(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- PwPolicyMgr policyMgr = PwPolicyMgrFactory.createInstance(request.getContextId());
- policyMgr.setAdmin(request.getSession());
- String userId = request.getValue();
- policyMgr.deletePasswordPolicy(userId);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/java/org/openldap/enmasse/ReviewMgrImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/openldap/enmasse/ReviewMgrImpl.java b/src/main/java/org/openldap/enmasse/ReviewMgrImpl.java
deleted file mode 100644
index b647e34..0000000
--- a/src/main/java/org/openldap/enmasse/ReviewMgrImpl.java
+++ /dev/null
@@ -1,674 +0,0 @@
-/*
- * This work is part of OpenLDAP Software <http://www.openldap.org/>.
- *
- * Copyright 1998-2014 The OpenLDAP Foundation.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted only as authorized by the OpenLDAP
- * Public License.
- *
- * A copy of this license is available in the file LICENSE in the
- * top-level directory of the distribution or, alternatively, at
- * <http://www.OpenLDAP.org/license.html>.
- */
-package org.openldap.enmasse;
-
-import org.openldap.fortress.ReviewMgr;
-import org.openldap.fortress.ReviewMgrFactory;
-import org.openldap.fortress.SecurityException;
-import org.openldap.fortress.rbac.OrgUnit;
-import org.openldap.fortress.rbac.PermObj;
-import org.openldap.fortress.rbac.Permission;
-import org.openldap.fortress.rbac.Role;
-import org.openldap.fortress.rbac.SDSet;
-import org.openldap.fortress.rbac.User;
-import org.openldap.fortress.rbac.UserRole;
-import org.openldap.fortress.rest.FortRequest;
-import org.openldap.fortress.rest.FortResponse;
-import org.openldap.fortress.util.attr.VUtil;
-import org.apache.log4j.Logger;
-
-import java.util.List;
-import java.util.Set;
-
-/**
- * Utility for EnMasse Server. This class is thread safe.
- *
- * @author Shawn McKinney
- */
-class ReviewMgrImpl
-{
- private static final String CLS_NM = ReviewMgrImpl.class.getName();
- private static final Logger log = Logger.getLogger(CLS_NM);
-
- FortResponse readPermission(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- Permission inPerm = (Permission) request.getEntity();
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- Permission retPerm = reviewMgr.readPermission(inPerm);
- response.setEntity(retPerm);
- response.setErrorCode(0);
- }
- catch (org.openldap.fortress.SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse readPermObj(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- PermObj inObj = (PermObj) request.getEntity();
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- PermObj retObj = reviewMgr.readPermObj(inObj);
- response.setEntity(retObj);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse findPermissions(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- Permission inPerm = (Permission) request.getEntity();
- List<Permission> perms = reviewMgr.findPermissions(inPerm);
- response.setEntities(perms);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse findPermObjs(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- PermObj inObj = (PermObj) request.getEntity();
- List<PermObj> objs = null;
- if (VUtil.isNotNullOrEmpty(inObj.getOu()))
- {
- objs = reviewMgr.findPermObjs(new OrgUnit(inObj.getOu(), OrgUnit.Type.PERM));
- }
- else
- {
- objs = reviewMgr.findPermObjs(inObj);
- }
- response.setEntities(objs);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse readRole(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- Role inRole = (Role) request.getEntity();
- Role outRole = reviewMgr.readRole(inRole);
- response.setEntity(outRole);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse findRoles(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- String searchValue = request.getValue();
- if (request.getLimit() != null)
- {
- List<String> retRoles = reviewMgr.findRoles(searchValue, request.getLimit());
- response.setValues(retRoles);
- }
- else
- {
- List<Role> roles = reviewMgr.findRoles(searchValue);
- response.setEntities(roles);
- }
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse readUserM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- User inUser = (User) request.getEntity();
- User outUser = reviewMgr.readUser(inUser);
- response.setEntity(outUser);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse findUsersM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- User inUser = (User) request.getEntity();
- if (request.getLimit() != null)
- {
- List<String> retUsers = reviewMgr.findUsers(inUser, request.getLimit());
- response.setValues(retUsers);
- }
- else
- {
- List<User> retUsers;
- if (VUtil.isNotNullOrEmpty(inUser.getOu()))
- {
- retUsers = reviewMgr.findUsers(new OrgUnit(inUser.getOu(), OrgUnit.Type.USER));
- }
- else
- {
- retUsers = reviewMgr.findUsers(inUser);
- }
- response.setEntities(retUsers);
- }
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse assignedUsersM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- Role inRole = (Role) request.getEntity();
- if (request.getLimit() != null)
- {
- List<String> retUsers = reviewMgr.assignedUsers(inRole, request.getLimit());
- response.setValues(retUsers);
- }
- else
- {
- List<User> users = reviewMgr.assignedUsers(inRole);
- response.setEntities(users);
- response.setEntities(users);
- }
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse assignedRolesM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- if (VUtil.isNotNullOrEmpty(request.getValue()))
- {
- String userId = request.getValue();
- List<String> retRoles = reviewMgr.assignedRoles(userId);
- response.setValues(retRoles);
- }
- else
- {
- User inUser = (User) request.getEntity();
- List<UserRole> uRoles = reviewMgr.assignedRoles(inUser);
- response.setEntities(uRoles);
- }
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse authorizedUsersM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- Role inRole = (Role) request.getEntity();
- List<User> users = reviewMgr.authorizedUsers(inRole);
- response.setEntities(users);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse authorizedRoleM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- User inUser = (User) request.getEntity();
- Set<String> outSet = reviewMgr.authorizedRoles(inUser);
- response.setValueSet(outSet);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse permissionRolesM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- Permission inPerm = (Permission) request.getEntity();
- List<String> outList = reviewMgr.permissionRoles(inPerm);
- response.setValues(outList);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse authorizedPermissionRolesM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- Permission inPerm = (Permission) request.getEntity();
- Set<String> outSet = reviewMgr.authorizedPermissionRoles(inPerm);
- response.setValueSet(outSet);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse permissionUsersM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- Permission inPerm = (Permission) request.getEntity();
- List<String> outList = reviewMgr.permissionUsers(inPerm);
- response.setValues(outList);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse authorizedPermissionUsersM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- Permission inPerm = (Permission) request.getEntity();
- Set<String> outSet = reviewMgr.authorizedPermissionUsers(inPerm);
- response.setValueSet(outSet);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse userPermissionsM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- User inUser = (User) request.getEntity();
- List<Permission> perms = reviewMgr.userPermissions(inUser);
- response.setEntities(perms);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse rolePermissionsM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- Role inRole = (Role) request.getEntity();
- List<Permission> perms = reviewMgr.rolePermissions(inRole);
- response.setEntities(perms);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse ssdRoleSetsM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- Role inRole = (Role) request.getEntity();
- List<SDSet> outSets = reviewMgr.ssdRoleSets(inRole);
- response.setEntities(outSets);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse ssdRoleSetM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- SDSet inSet = (SDSet) request.getEntity();
- SDSet outSet = reviewMgr.ssdRoleSet(inSet);
- response.setEntity(outSet);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse ssdRoleSetRolesM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- SDSet inSet = (SDSet) request.getEntity();
- Set<String> outSet = reviewMgr.ssdRoleSetRoles(inSet);
- response.setValueSet(outSet);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse ssdRoleSetCardinalityM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- SDSet inSet = (SDSet) request.getEntity();
- int cardinality = reviewMgr.ssdRoleSetCardinality(inSet);
- inSet.setCardinality(cardinality);
- response.setEntity(inSet);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- }
- return response;
- }
-
- FortResponse ssdSetsM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- SDSet inSdSet = (SDSet) request.getEntity();
- List<SDSet> outSets = reviewMgr.ssdSets(inSdSet);
- response.setEntities(outSets);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse dsdRoleSetsM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- Role inRole = (Role) request.getEntity();
- List<SDSet> outSets = reviewMgr.dsdRoleSets(inRole);
- response.setEntities(outSets);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse dsdRoleSetM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- SDSet inSet = (SDSet) request.getEntity();
- SDSet outSet = reviewMgr.dsdRoleSet(inSet);
- response.setEntity(outSet);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse dsdRoleSetRolesM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- SDSet inSet = (SDSet) request.getEntity();
- Set<String> outSet = reviewMgr.dsdRoleSetRoles(inSet);
- response.setValueSet(outSet);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-
- FortResponse dsdRoleSetCardinalityM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- SDSet inSet = (SDSet) request.getEntity();
- int cardinality = reviewMgr.dsdRoleSetCardinality(inSet);
- inSet.setCardinality(cardinality);
- response.setEntity(inSet);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- }
- return response;
- }
-
- FortResponse dsdSetsM(FortRequest request)
- {
- FortResponse response = new FortResponse();
- try
- {
- ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(request.getContextId());
- reviewMgr.setAdmin(request.getSession());
- SDSet inSdSet = (SDSet) request.getEntity();
- List<SDSet> outSets = reviewMgr.dsdSets(inSdSet);
- response.setEntities(outSets);
- response.setErrorCode(0);
- }
- catch (SecurityException se)
- {
- log.info(CLS_NM + " caught " + se);
- response.setErrorCode(se.getErrorId());
- response.setErrorMessage(se.getMessage());
- }
- return response;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/java/org/openldap/enmasse/SecurityOutFaultInterceptor.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/openldap/enmasse/SecurityOutFaultInterceptor.java b/src/main/java/org/openldap/enmasse/SecurityOutFaultInterceptor.java
deleted file mode 100644
index 0bfd174..0000000
--- a/src/main/java/org/openldap/enmasse/SecurityOutFaultInterceptor.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * This work is part of OpenLDAP Software <http://www.openldap.org/>.
- *
- * Copyright 1998-2014 The OpenLDAP Foundation.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted only as authorized by the OpenLDAP
- * Public License.
- *
- * A copy of this license is available in the file LICENSE in the
- * top-level directory of the distribution or, alternatively, at
- * <http://www.OpenLDAP.org/license.html>.
- */
-package org.openldap.enmasse;
-
-import org.apache.cxf.interceptor.Fault;
-import org.apache.cxf.interceptor.security.AccessDeniedException;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.phase.AbstractPhaseInterceptor;
-import org.apache.cxf.phase.Phase;
-import org.apache.cxf.transport.http.AbstractHTTPDestination;
-
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * Utility for EnMasse Server. This class is thread safe.
- *
- * @author Shawn McKinney
- */
-
-public class SecurityOutFaultInterceptor extends AbstractPhaseInterceptor<Message>
-{
- public SecurityOutFaultInterceptor()
- {
- super(Phase.PRE_STREAM);
-
- }
-
- public void handleMessage(Message message) throws Fault
- {
- Fault fault = (Fault) message.getContent(Exception.class);
- Throwable ex = fault.getCause();
- if (!(ex instanceof SecurityException))
- {
- throw new RuntimeException("Security Exception is expected:" + ex);
- }
-
- HttpServletResponse response = (HttpServletResponse) message.getExchange().getInMessage()
- .get(AbstractHTTPDestination.HTTP_RESPONSE);
- int status = ex instanceof AccessDeniedException ? 403 : 401;
- response.setStatus(status);
- try
- {
- response.getOutputStream().write(ex.getMessage().getBytes());
- response.getOutputStream().flush();
- }
- catch (IOException iex)
- {
- // ignore
- }
-
- message.getInterceptorChain().abort();
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/java/org/openldap/enmasse/fortress-javadoc.css
----------------------------------------------------------------------
diff --git a/src/main/java/org/openldap/enmasse/fortress-javadoc.css b/src/main/java/org/openldap/enmasse/fortress-javadoc.css
deleted file mode 100755
index 8f2e4cc..0000000
--- a/src/main/java/org/openldap/enmasse/fortress-javadoc.css
+++ /dev/null
@@ -1,33 +0,0 @@
-BODY { color: #000000;
- background-color: #FFFFFF;
- font-family: sans-serif }
-
-A:link { color: #0101DF;
- text-decoration: underline }
-
-A:visited { color: #610B38;
- text-decoration: underline }
-
-A:hover { color: #0B3B0B;
- text-decoration: underline }
-
-PRE { background-color: #99CC66;
- margin: 15px 30px;
- padding: 10px 10px;
- border: 1px solid #000000 }
-
-# the following will add space between list items:
-#LI { margin: 10px 0px }
-
-TH { background-color: #FFFFFF; color: #003300;
- font-size: 125%;
- font-weight: bold }
-
-
-# Classes defined specifically for Javadoc
-.TableHeadingColor { background-color: #D8D8D8 }
-
-.NavBarCell1 { background-color: #99CC66 }
-
-.FrameItemFont { font-size: 90% }
-
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/java/org/openldap/enmasse/overview.html
----------------------------------------------------------------------
diff --git a/src/main/java/org/openldap/enmasse/overview.html b/src/main/java/org/openldap/enmasse/overview.html
deleted file mode 100755
index 559c5a5..0000000
--- a/src/main/java/org/openldap/enmasse/overview.html
+++ /dev/null
@@ -1,93 +0,0 @@
-<!--
- ~ This work is part of OpenLDAP Software <http://www.openldap.org/>.
- ~
- ~ Copyright 1998-2014 The OpenLDAP Foundation.
- ~ All rights reserved.
- ~
- ~ Redistribution and use in source and binary forms, with or without
- ~ modification, are permitted only as authorized by the OpenLDAP
- ~ Public License.
- ~
- ~ A copy of this license is available in the file LICENSE in the
- ~ top-level directory of the distribution or, alternatively, at
- ~ <http://www.OpenLDAP.org/license.html>.
- -->
-<html>
- <head>
- <title>Overview of the org.openldap.enmasse component</title>
- </head>
- <body>
- EnMasse is a web application that implements <A HREF="http://en.wikipedia.org/wiki/Representational_state_transfer">RESTful</A> Web services to interface with
- <A HREF="http://www.jts.us/iamfortress/javadocs/api/index.html">Fortress</A> and <A HREF="http://www.openldap.org/">OpenLDAP</A>.
-
- <h2>What technologies are in use?</h2>
-
- EnMasse was built using established <A HREF="http://www.opensource.org/">Open Source</A> technologies including
- <A HREF="http://cxf.apache.org/">Apache CXF</A> (web services stack), <A HREF="http://www.springsource.org/">Spring Framework</A> (glue), <A HREF="http://maven.apache.org/">Maven</A> (dependencies)
- and <A HREF="http://java.sun.com/xml/downloads/jaxb.html">JAXB</A> (data binding layer) and runs inside any reasonably compliant Java Servlets container.
-
- <a href="org/openldap/enmasse/FortressService.html">EnMasse service</a> access control decisions are enforced using <A HREF="http://www.jts.us/iamfortress/javadocs/api-sentry/index.html?overview-summary.html">Sentry</A> which itself
- uses declarative <A HREF="http://docs.oracle.com/javaee/5/tutorial/doc/bnbwk.html">Java EE Security</A> and <A HREF="http://static.springsource.org/spring-security/site/">Spring Security</A> policy hooks that are wired to
- connect back to the <A HREF="org/openldap/fortress/rbac/package-summary.html">Fortress</A> <A HREF="http://en.wikipedia.org/wiki/Role-based_access_control">RBAC</A> component.
-
- EnMasse server-side is a <a href="http://java.sun.com/developer/technicalArticles/tools/webapps_1/">Java Web program</a> artifact and is wholly dependent on <A HREF="org/openldap/fortress/package-summary.html">Fortress</A>
- but also needs a <A HREF="http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol">V3 compliant LDAP</A> server like OpenLDAP. For more information on installing and setting up OpenLDAP check out
- <A HREF="http://www.jts.us/iamfortress/guides/README-QUICKSTART.html">Fortress Quickstart</A>
-
- <h2>What can EnMasse do?</h2>
-
- Contained within this application are Web APIs to perform authentication, authorization, administration, audit and password policies.
- The most important package in this system, <A HREF="org/openldap/enmasse/package-summary.html">org.openldap.enmasse</A>, contains the public Web APIs that are called by external systems.
-
- There is a one-to-one correspondence between a Fortress API and an EnMasse Web service. The Fortress
- APIs are organized into 'Managers' each implementing a specific area of functionality within the
- Identity and Access Management lifecycle.
- For a list of EnMasse services, see <a href="org/openldap/enmasse/FortressService.html">FortressService</a>.
-
- <h3>Fortress Manager Overview</h3>
- <ol>
- <li><a href="http://www.jts.us/iamfortress/javadocs/api/org.openldap.fortress/AccessMgr.html">AccessMgr</a> - This object performs runtime access control operations on objects that are provisioned <a href="http://csrc.nist.gov/groups/SNS/rbac/documents/draft-rbac-implementation-std-v01.pdf">RBAC</a> entities that reside in LDAP directory.</li>
- <li><a href="http://www.jts.us/iamfortress/javadocs/api/org.openldap.fortress/AdminMgr.html">AdminMgr</a> - This object performs administrative functions to provision Fortress <a href="http://csrc.nist.gov/groups/SNS/rbac/documents/draft-rbac-implementation-std-v01.pdf">RBAC</a> entities into the LDAP directory.</li>
- <li><a href="http://www.jts.us/iamfortress/javadocs/api/org.openldap.fortress/AuditMgr.html">AuditMgr</a> - This interface prescribes methods used to search OpenLDAP's slapd access log.</li>
- <li><a href="http://www.jts.us/iamfortress/javadocs/api/org.openldap.fortress/DelAccessMgr.html">DelegatedAccessMgr</a> - This interface prescribes the API for performing runtime delegated access control operations on objects that are provisioned Fortress <a href="http://profsandhu.com/journals/tissec/p113-oh.pdf">ARBAC02</a> entities that reside in LDAP directory.</li>
- <li><a href="http://www.jts.us/iamfortress/javadocs/api/org.openldap.fortress/DelAdminMgr.html">DelegatedAdminMgr</a> - This class prescribes the <a href="http://profsandhu.com/journals/tissec/p113-oh.pdf">ARBAC02</a> DelegatedAdminMgr interface for performing policy administration of Fortress ARBAC entities that reside in LDAP directory.</li>
- <li><a href="http://www.jts.us/iamfortress/javadocs/api/org.openldap.fortress/DelReviewMgr.html">DelegatedReviewMgr</a> - This class prescribes the <a href="http://profsandhu.com/journals/tissec/p113-oh.pdf">ARBAC02</a> DelegatedReviewMgr interface for performing policy interrogation of provisioned Fortress ARBAC02 entities that reside in LDAP directory.</li>
- <li><a href="http://www.jts.us/iamfortress/javadocs/api/org.openldap.fortress/PwPolicyMgr.html">PswdPolicyMgr</a> - This object adheres to <a href="http://tools.ietf.org/html/draft-behera-ldap-password-policy-10">IETF PW policy draft</a> and is used to perform administrative and review functions on the <a href="org/openldap/fortress/pwpolicy/PswdPolicy.html">PWPOLICIES</a> and <a href="org/openldap/fortress/rbac/User.html">USERS</a> data sets within Fortress.</li>
- <li><a href="http://www.jts.us/iamfortress/javadocs/api/org.openldap.fortress/ReviewMgr.html">ReviewMgr</a> - This interface prescribes the administrative review functions on already provisioned Fortress <a href="http://csrc.nist.gov/groups/SNS/rbac/documents/draft-rbac-implementation-std-v01.pdf">RBAC</a> entities that reside in LDAP directory.</li>
- </ol>
-
- <h2>How can I connect with EnMasse?</h2>
-
- Clients have a choice in how to connect with the EnMasse Web services. Integration can occur using a
- preferred Web service toolkit like <a href="http://axis.apache.org/axis/">AXIS 1</a>, <a href="http://axis.apache.org/axis2/java/core/">AXIS 2</a>,
- <a href="http://metro.java.net/">Metro</a>, <a href="http://cxf.apache.org/">CXF</a>, <a href="http://static.springsource.org/spring-ws/sites/1.5/">Spring Web Services</a>,
- <a href="http://wso2.com/products/web-services-framework/php">WSO2</a>, <a href="http://jquery.com/">JQuery</a>, etc, or by using the Fortress APIs
- themselves which have built in support for calling EnMasse.
-
- The Fortress API plugs into its backend data repository (LDAP) using a simple facade pattern that
- shields its clients from downstream details. The behavior of the Fortress APIs does not change based
- on the route it takes.
-
- <h3>Options for EnMasse service Integration</h3>
- <ol>
- <li>Client uses Fortress to connect to EnMasse:<br>
- Client-->Fortress-->HTTP/S-->EnMasse</li>
- <li>Client uses other Web frameworks to connect to EnMasse:<br>
- Client[Axis, Metro, CXF, SpringWS,...]-->HTTP/S-->EnMasse</li>
- </ol>
- </p>
- <h2>What are the conditions of use?</h2>
- <p>
- This software development kit is open source, thus free to use and distribute via the <a href="http://www.OpenLDAP.org/license.html">OpenLDAP Public License</a>.
- It was developed and tested on open systems like <a href="http://www.ubuntu.com/">Ubuntu</a> and <a href="http://www.centos.org/">Centos</a> and was helped along
- by the following open source products:
- <ol>
- <li><a href="http://www.openldap.org/project/">The OpenLDAP Project</a></li>
- <li><a href="http://www.apache.org/">The Apache Software Foundation</a></li>
- <li><a href="http://www.unboundid.com/">UnboundID</a></li>
- <li><a href="http://www.eigenbase.org/">The Eigenbase Project</a></li>
- <li><a href="http://ehcache.org/">Ehcache</a></li>
- </ol>
- </p>
- </body>
-</html>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/java/org/openldap/enmasse/package.html
----------------------------------------------------------------------
diff --git a/src/main/java/org/openldap/enmasse/package.html b/src/main/java/org/openldap/enmasse/package.html
deleted file mode 100755
index c83365d..0000000
--- a/src/main/java/org/openldap/enmasse/package.html
+++ /dev/null
@@ -1,27 +0,0 @@
-<!--
- Copyright (C) 2011-2014, JoshuaTree. All Rights Reserved.
- Licensed to Joshua Tree Software, LLC under New BSD license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- JTS licenses this file to You under the New BSD License
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- https://joshuatreesoftware.us/
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<html>
- <head>
- <title>Package Documentation for {@link us.jts.enmasse.FortressService}</title>
- </head>
- <body>
- <p>
- This package contains Web APIs that are used by HTTP programs to provide Identity and Access Management functionality.
- The javadoc for the EnMasse services: {@link us.jts.enmasse.FortressService}
- </p>
- </body>
-</html>
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/resources/FortressRestServerRoles.xml
----------------------------------------------------------------------
diff --git a/src/main/resources/FortressRestServerRoles.xml b/src/main/resources/FortressRestServerRoles.xml
new file mode 100644
index 0000000..5d80d8c
--- /dev/null
+++ b/src/main/resources/FortressRestServerRoles.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<project basedir="." default="all" name="Fortress Rest Server Role Policy">
+ <taskdef classname="org.apache.directory.fortress.core.ant.FortressAntTask" name="FortressAdmin" >
+ <classpath path="${java.class.path}"/>
+ </taskdef>
+
+ <target name="all">
+ <FortressAdmin>
+
+ <addrole>
+ <!-- This role is checked by the servlet container using JavaEE security. All callers must be assigned this role
+ plus at least one more of the interceptor roles from below -->
+ <role name="fortress-rest-user" description="This is JavaEE role required to call Fortress Rest server"/>
+
+ <!-- These roles are checked by the FortressInterceptor authorization annotation inside FortressServiceImpl class. -->
+
+ <!-- Users assigned the fortress-rest-super-user role will gain access to services.
+ This is hard-wired in the FortressServiceImpl policy-->
+ <role name="fortress-rest-super-user" description="This role is accepted by all of the Fortress Rest services"/>
+
+ <!-- Users assigned to the fortress-power-user role will gain access to all services.
+ This is via inheritance relationship with all of the other service roles-->
+ <role name="fortress-rest-power-user" description="This role inherits all of the other Fortress Rest services roles"/>
+ <role name="fortress-rest-access-user" description="This role gains access to the Fortress Rest Access Mgr services"/>
+ <role name="fortress-rest-admin-user" description="This role gains access to the Fortress Rest Admin Mgr services"/>
+ <role name="fortress-rest-review-user" description="This role gains access to the Fortress Rest Delegated Access services"/>
+ <role name="fortress-rest-delaccess-user" description="This role gains access to the Fortress Rest Delegatged Admin services"/>
+ <role name="fortress-rest-deladmin-user" description="This role gains access to the Fortress Rest Delegated Admin services"/>
+ <role name="fortress-rest-delreview-user" description="This role gains access to the Fortress Rest Delegated Review services"/>
+ <role name="fortress-rest-pwmgr-user" description="This role gains access to the Fortress Rest Password Policy Mgr services"/>
+ <role name="fortress-rest-audit-user" description="This role gains access to the Fortress Rest Audit Mgr services"/>
+ <role name="fortress-rest-config-user" description="This role gains access to the Fortress Rest Config Mgr services"/>
+ </addrole>
+
+ <addroleinheritance>
+ <!-- Users assigned fortress-web-power-user role will inherit each of the following roles. -->
+ <relationship child="fortress-web-power-user" parent="fortress-rest-access-user"/>
+ <relationship child="fortress-web-power-user" parent="fortress-rest-admin-user"/>
+ <relationship child="fortress-web-power-user" parent="fortress-rest-review-user"/>
+ <relationship child="fortress-web-power-user" parent="fortress-rest-delaccess-user"/>
+ <relationship child="fortress-web-power-user" parent="fortress-rest-deladmin-user"/>
+ <relationship child="fortress-web-power-user" parent="fortress-rest-delreview-user"/>
+ <relationship child="fortress-web-power-user" parent="fortress-rest-pwmgr-user"/>
+ <relationship child="fortress-web-power-user" parent="fortress-rest-audit-user"/>
+ <relationship child="fortress-web-power-user" parent="fortress-rest-config-user"/>
+ </addroleinheritance>
+
+ </FortressAdmin>
+ </target>
+</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/resources/META-INF/context.xml
----------------------------------------------------------------------
diff --git a/src/main/resources/META-INF/context.xml b/src/main/resources/META-INF/context.xml
index efcb9b4..35ce73c 100644
--- a/src/main/resources/META-INF/context.xml
+++ b/src/main/resources/META-INF/context.xml
@@ -1,6 +1,25 @@
-<Context path="/commander" reloadable="true">
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
- <Realm className="org.openldap.sentry.tomcat.Tc7AccessMgrProxy"
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<Context reloadable="true">
+
+ <Realm className="org.apache.directory.fortress.realm.tomcat.Tc7AccessMgrProxy"
debug="0"
resourceName="UserDatabase"
defaultRoles=""
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/resources/applicationContext.xml
----------------------------------------------------------------------
diff --git a/src/main/resources/applicationContext.xml b/src/main/resources/applicationContext.xml
index 1c88ed4..f88693d 100644
--- a/src/main/resources/applicationContext.xml
+++ b/src/main/resources/applicationContext.xml
@@ -1,4 +1,23 @@
<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
<beans default-autowire="byName"
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@@ -13,7 +32,7 @@
http://www.springframework.org/schema/util/spring-util-3.0.xsd
http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd">
- <context:component-scan base-package="org.openldap" />
+ <context:component-scan base-package="org.apache.directory" />
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
@@ -28,15 +47,15 @@
</jaxrs:inInterceptors>
<jaxrs:outFaultInterceptors>
- <bean class="org.openldap.enmasse.SecurityOutFaultInterceptor"/>
+ <bean class="org.apache.directory.fortress.rest.SecurityOutFaultInterceptor"/>
</jaxrs:outFaultInterceptors>
</jaxrs:server>
- <bean id="annotationsInterceptor" class="org.openldap.enmasse.FortressInterceptor">
+ <bean id="annotationsInterceptor" class="org.apache.directory.fortress.rest.FortressInterceptor">
<property name="securedObject" ref="securedObject"/>
</bean>
- <bean id="securedObject" class="org.openldap.enmasse.FortressServiceImpl"/>
+ <bean id="securedObject" class="org.apache.directory.fortress.rest.FortressServiceImpl"/>
</beans>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/resources/ehcache.xml
----------------------------------------------------------------------
diff --git a/src/main/resources/ehcache.xml b/src/main/resources/ehcache.xml
index d5d394b..411716e 100755
--- a/src/main/resources/ehcache.xml
+++ b/src/main/resources/ehcache.xml
@@ -1,26 +1,30 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
- ~ This work is part of OpenLDAP Software <http://www.openldap.org/>.
- ~
- ~ Copyright 1998-2014 The OpenLDAP Foundation.
- ~ All rights reserved.
- ~
- ~ Redistribution and use in source and binary forms, with or without
- ~ modification, are permitted only as authorized by the OpenLDAP
- ~ Public License.
- ~
- ~ A copy of this license is available in the file LICENSE in the
- ~ top-level directory of the distribution or, alternatively, at
- ~ <http://www.OpenLDAP.org/license.html>.
- -->
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
<!--
Fortress CacheManager Configuration
==========================
This ehcache.xml corresponds to a single CacheManager.
-->
-<ehcache name="fortress-enmasse" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<ehcache name="fortress-rest" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="ehcache.xsd"
updateCheck="true" monitoring="autodetect"
dynamicConfig="true"
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/resources/fortress.properties
----------------------------------------------------------------------
diff --git a/src/main/resources/fortress.properties b/src/main/resources/fortress.properties
index ab5de01..ef88874 100644
--- a/src/main/resources/fortress.properties
+++ b/src/main/resources/fortress.properties
@@ -1,13 +1,29 @@
#
-# Copyright (c) 2011-2014. JoshuaTree. All Rights Reserved.
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
#
# Host name and port of LDAP DIT:
host=localhost
-port=389
+port=10389
# These credentials are used for read/write access to all nodes under suffix:
-admin.user=cn=Manager,dc=openldap,dc=org
+admin.user=uid=admin,ou=system
# LDAP admin root pass is encrypted using 'encrypt' target in build.xml:
admin.pw=secret
@@ -24,7 +40,7 @@ max.admin.conn=25
# This node contains fortress properties stored on behalf of connecting LDAP clients:
config.realm=DEFAULT
-config.root=ou=Config,dc=openldap,dc=org
+config.root=ou=Config,dc=example,dc=com
# enable this to see trace statements when connection pool allocates new connections:
debug.ldap.pool=true
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/resources/log4j.xml
----------------------------------------------------------------------
diff --git a/src/main/resources/log4j.xml b/src/main/resources/log4j.xml
index 24dc054..fef9954 100644
--- a/src/main/resources/log4j.xml
+++ b/src/main/resources/log4j.xml
@@ -1,7 +1,22 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
- ~ Copyright © 2011-2014. JoshuaTree. All Rights Reserved.
- -->
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
<log4j:configuration debug="false" xmlns:log4j="http://jakarta.apache.org/log4j/">
@@ -21,7 +36,7 @@
</layout>
</appender>
- <category name="org.openldap.enmasse.FortressInterceptor" class="org.apache.log4j.Logger" additivity="false">
+ <category name="org.apache.directory.fortress.rest.FortressInterceptor" class="org.apache.log4j.Logger" additivity="false">
<priority value="INFO" class="org.apache.log4j.Level"/>
<appender-ref ref="console"/>
</category>
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/main/webapp/WEB-INF/web.xml
----------------------------------------------------------------------
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index 828ded2..d5e012a 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -1,30 +1,27 @@
<!--
- ~ This work is part of OpenLDAP Software <http://www.openldap.org/>.
- ~
- ~ Copyright 1998-2014 The OpenLDAP Foundation.
- ~ All rights reserved.
- ~
- ~ Redistribution and use in source and binary forms, with or without
- ~ modification, are permitted only as authorized by the OpenLDAP
- ~ Public License.
- ~
- ~ A copy of this license is available in the file LICENSE in the
- ~ top-level directory of the distribution or, alternatively, at
- ~ <http://www.OpenLDAP.org/license.html>.
- -->
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
- <display-name>EnMasse Policy Server</display-name>
-
- <!--
- <error-page>
- <exception-type>java.lang.Throwable</exception-type>
- <location>/myErrorPage.html</location>
- </error-page>
- -->
+ <display-name>Fortress Rest Server</display-name>
<!-- Add for Spring support -->
<context-param>
@@ -46,43 +43,8 @@
<url-pattern>/*</url-pattern>
</servlet-mapping>
- <!--filter>
- <filter-name>springSecurityFilterChain</filter-name>
- <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
- </filter-->
-
- <!--filter-mapping>
- <filter-name>springSecurityFilterChain</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping-->
-
- <!--security-constraint>
- <display-name>EnMasse Security Constraint</display-name>
- <web-resource-collection>
- <web-resource-name>Protected Area</web-resource-name>
- <url-pattern>/*</url-pattern>
- <http-method>DELETE</http-method>
- <http-method>GET</http-method>
- <http-method>POST</http-method>
- <http-method>PUT</http-method>
- </web-resource-collection>
- <auth-constraint>
- <role-name>role1</role-name>
- </auth-constraint>
- </security-constraint-->
-
- <!--filter>
- <filter-name>springSecurityFilterChain</filter-name>
- <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
- </filter>
-
- <filter-mapping>
- <filter-name>springSecurityFilterChain</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping-->
-
<security-constraint>
- <display-name>En Masse Security Constraint</display-name>
+ <display-name>Fortress Rest Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
@@ -92,19 +54,19 @@
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
- <role-name>role1</role-name>
+ <role-name>fortress-rest-user</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>BASIC</auth-method>
- <realm-name>Java Sentry Realm Authentication Area</realm-name>
+ <realm-name>Fortress Rest Realm Authentication Area</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
- <role-name>role1</role-name>
+ <role-name>fortress-rest</role-name>
</security-role>
</web-app>
http://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse/blob/99852b55/src/site/apt/README.apt
----------------------------------------------------------------------
diff --git a/src/site/apt/README.apt b/src/site/apt/README.apt
index b3c1fc8..3aba5e6 100755
--- a/src/site/apt/README.apt
+++ b/src/site/apt/README.apt
@@ -85,7 +85,7 @@ binaries: http://iamfortress.org/projects
http://tomcat.apache.org/download-70.cgi
6. Fortress Sentry package (a.k.a Realm) installed:
-instructions: http://jts.us/iamfortress/javadocs/api-sentry/org/openldap/fortress/sentry/tomcat/package-summary.html
+instructions: http://jts.us/iamfortress/javadocs/api-sentry/org.apache.directory.fortress.core/sentry/tomcat/package-summary.html
binaries: http://iamfortress.org/projects
_________________________________________________________________________________
###################################################################################