You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tuscany.apache.org by rf...@apache.org on 2008/04/22 22:56:38 UTC
svn commit: r650652 - in
/incubator/tuscany/java/sca/modules/policy-security/src:
main/java/org/apache/tuscany/sca/policy/authorization/
main/java/org/apache/tuscany/sca/policy/identity/
main/java/org/apache/tuscany/sca/policy/security/ main/resources/...
Author: rfeng
Date: Tue Apr 22 13:56:26 2008
New Revision: 650652
URL: http://svn.apache.org/viewvc?rev=650652&view=rev
Log:
Add support for the new syntax of authorization/securityIdentity elements
Added:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java (with props)
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java (with props)
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java (with props)
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java (with props)
incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java (with props)
incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml (with props)
Removed:
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/AllowPolicy.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/AllowPolicyProcessor.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/AuthorizationPolicy.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/DenyAllPolicy.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/DenyAllPolicyProcessor.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/PermitAllPolicy.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/PermitAllPolicyProcessor.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/RunAsPolicy.java
incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/RunAsPolicyProcessor.java
Modified:
incubator/tuscany/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
Added: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java?rev=650652&view=auto
==============================================================================
--- incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java (added)
+++ incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java Tue Apr 22 13:56:26 2008
@@ -0,0 +1,83 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.tuscany.sca.policy.authorization;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.policy.Policy;
+
+/**
+ * Models the SCA Implementatatoin Security Policy Assertion for Authorization
+ *
+ * @version $Rev$ $Date$
+ */
+public class AuthorizationPolicy implements Policy {
+ public static final QName NAME = new QName(Constants.SCA10_NS, "authorization");
+
+ public static enum AcessControl {
+ permitAll, denyAll, allow
+ };
+
+ private List<String> roleNames = new ArrayList<String>();
+
+ public AuthorizationPolicy() {
+ }
+
+ private AcessControl accessControl;
+
+ public AcessControl getAccessControl() {
+ return accessControl;
+ }
+
+ public void setAccessControl(AcessControl accessControl) {
+ this.accessControl = accessControl;
+ }
+
+ public List<String> getRoleNames() {
+ if (accessControl == AcessControl.allow) {
+ return roleNames;
+ } else {
+ throw new IllegalArgumentException("Role names are only available for 'allow'");
+ }
+ }
+
+ public boolean isUnresolved() {
+ return false;
+ }
+
+ public void setUnresolved(boolean unresolved) {
+ }
+
+ public QName getSchemaName() {
+ return NAME;
+ }
+
+ public String toString() {
+ if (accessControl == AcessControl.allow) {
+ return accessControl.name() + " " + roleNames;
+ }
+ return accessControl.name();
+ }
+
+}
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java?rev=650652&view=auto
==============================================================================
--- incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java (added)
+++ incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java Tue Apr 22 13:56:26 2008
@@ -0,0 +1,119 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.tuscany.sca.policy.authorization;
+
+import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
+import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;
+
+import java.util.StringTokenizer;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.resolver.ModelResolver;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
+import org.apache.tuscany.sca.contribution.service.ContributionResolveException;
+import org.apache.tuscany.sca.contribution.service.ContributionWriteException;
+
+public class AuthorizationPolicyProcessor implements StAXArtifactProcessor<AuthorizationPolicy> {
+ private static final String ROLES = "roles";
+
+ public QName getArtifactType() {
+ return AuthorizationPolicy.NAME;
+ }
+
+ public AuthorizationPolicyProcessor(ModelFactoryExtensionPoint modelFactories) {
+ }
+
+ public AuthorizationPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException {
+ AuthorizationPolicy policy = new AuthorizationPolicy();
+ int event = reader.getEventType();
+ QName start = reader.getName();
+ while (true) {
+ switch (event) {
+ case START_ELEMENT:
+ String ac = reader.getName().getLocalPart();
+ if ("allow".equals(ac)) {
+ policy.setAccessControl(AuthorizationPolicy.AcessControl.allow);
+ String roleNames = reader.getAttributeValue(null, ROLES);
+ if (roleNames == null) {
+ throw new IllegalArgumentException("Required attribute 'roles' is missing.");
+ }
+ StringTokenizer st = new StringTokenizer(roleNames);
+ while (st.hasMoreTokens()) {
+ policy.getRoleNames().add(st.nextToken());
+ }
+ } else if ("permitAll".equals(ac)) {
+ policy.setAccessControl(AuthorizationPolicy.AcessControl.permitAll);
+ } else if ("denyAll".endsWith(ac)) {
+ policy.setAccessControl(AuthorizationPolicy.AcessControl.denyAll);
+ }
+ break;
+ case END_ELEMENT:
+ if (start.equals(reader.getName())) {
+ if (reader.hasNext()) {
+ reader.next();
+ }
+ return policy;
+ }
+
+ }
+ if (reader.hasNext()) {
+ event = reader.next();
+ } else {
+ return policy;
+ }
+ }
+ }
+
+ public void write(AuthorizationPolicy policy, XMLStreamWriter writer) throws ContributionWriteException,
+ XMLStreamException {
+ writer.writeStartElement(AuthorizationPolicy.NAME.getLocalPart());
+
+ writer.writeStartElement(policy.getAccessControl().name());
+
+ if (policy.getAccessControl() == AuthorizationPolicy.AcessControl.allow) {
+ StringBuffer sb = new StringBuffer();
+ for (String role : policy.getRoleNames()) {
+ sb.append(role);
+ }
+
+ if (sb.length() > 0) {
+ writer.writeAttribute(ROLES, sb.toString());
+ }
+ }
+
+ writer.writeEndElement();
+ writer.writeEndElement();
+ }
+
+ public Class<AuthorizationPolicy> getModelType() {
+ return AuthorizationPolicy.class;
+ }
+
+ public void resolve(AuthorizationPolicy policy, ModelResolver resolver) throws ContributionResolveException {
+ //right now nothing to resolve
+ policy.setUnresolved(false);
+ }
+
+}
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java?rev=650652&view=auto
==============================================================================
--- incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java (added)
+++ incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java Tue Apr 22 13:56:26 2008
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.tuscany.sca.policy.identity;
+
+import javax.xml.namespace.QName;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.policy.Policy;
+
+/**
+ * Models the SCA Implementatatoin Security Policy Assertion for Security Identity
+ *
+ * @version $Rev$ $Date$
+ */
+public class SecurityIdentityPolicy implements Policy {
+ public static final QName NAME = new QName(Constants.SCA10_NS, "securityIdentity");
+
+ private boolean useCallerIdentity;
+
+ private String runAsRole;
+
+ public SecurityIdentityPolicy() {
+ }
+
+ public boolean isUnresolved() {
+ return false;
+ }
+
+ public void setUnresolved(boolean unresolved) {
+ }
+
+ public QName getSchemaName() {
+ return NAME;
+ }
+
+ public boolean isUseCallerIdentity() {
+ return useCallerIdentity;
+ }
+
+ public void setUseCallerIdentity(boolean useCallerIdentity) {
+ this.useCallerIdentity = useCallerIdentity;
+ }
+
+ public String getRunAsRole() {
+ return runAsRole;
+ }
+
+ public void setRunAsRole(String runAsRole) {
+ this.runAsRole = runAsRole;
+ }
+
+ public String toString() {
+ if (useCallerIdentity) {
+ return "useCallerIdentity";
+ }
+ return "runAs " + runAsRole;
+ }
+}
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicy.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java?rev=650652&view=auto
==============================================================================
--- incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java (added)
+++ incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java Tue Apr 22 13:56:26 2008
@@ -0,0 +1,105 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.tuscany.sca.policy.identity;
+
+import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
+import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.resolver.ModelResolver;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
+import org.apache.tuscany.sca.contribution.service.ContributionResolveException;
+import org.apache.tuscany.sca.contribution.service.ContributionWriteException;
+
+public class SecurityIdentityPolicyProcessor implements StAXArtifactProcessor<SecurityIdentityPolicy> {
+ private static final String ROLE = "role";
+
+ public QName getArtifactType() {
+ return SecurityIdentityPolicy.NAME;
+ }
+
+ public SecurityIdentityPolicyProcessor(ModelFactoryExtensionPoint modelFactories) {
+ }
+
+ public SecurityIdentityPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException {
+ SecurityIdentityPolicy policy = new SecurityIdentityPolicy();
+ int event = reader.getEventType();
+ QName start = reader.getName();
+ while (true) {
+ switch (event) {
+ case START_ELEMENT:
+ String ac = reader.getName().getLocalPart();
+ if ("runAs".equals(ac)) {
+ String roleName = reader.getAttributeValue(null, ROLE);
+ if (roleName == null) {
+ throw new IllegalArgumentException("Required attribute 'roles' is missing.");
+ }
+ policy.setRunAsRole(roleName);
+ } else if ("useCallerIdentity".equals(ac)) {
+ policy.setUseCallerIdentity(true);
+ }
+ break;
+ case END_ELEMENT:
+ if (start.equals(reader.getName())) {
+ if (reader.hasNext()) {
+ reader.next();
+ }
+ return policy;
+ }
+
+ }
+ if (reader.hasNext()) {
+ event = reader.next();
+ } else {
+ return policy;
+ }
+ }
+ }
+
+ public void write(SecurityIdentityPolicy policy, XMLStreamWriter writer) throws ContributionWriteException,
+ XMLStreamException {
+ writer.writeStartElement(SecurityIdentityPolicy.NAME.getLocalPart());
+
+ String child = policy.isUseCallerIdentity() ? "useCallerIdentity" : "runAs";
+ writer.writeStartElement(child);
+
+ if (!policy.isUseCallerIdentity()) {
+ writer.writeAttribute(ROLE, policy.getRunAsRole());
+ }
+
+ writer.writeEndElement();
+ writer.writeEndElement();
+ }
+
+ public Class<SecurityIdentityPolicy> getModelType() {
+ return SecurityIdentityPolicy.class;
+ }
+
+ public void resolve(SecurityIdentityPolicy policy, ModelResolver resolver) throws ContributionResolveException {
+ //right now nothing to resolve
+ policy.setUnresolved(false);
+ }
+
+}
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/identity/SecurityIdentityPolicyProcessor.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified: incubator/tuscany/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor?rev=650652&r1=650651&r2=650652&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor (original)
+++ incubator/tuscany/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor Tue Apr 22 13:56:26 2008
@@ -16,9 +16,11 @@
# under the License.
# Implementation class for the artifact processor extension
-org.apache.tuscany.sca.policy.security.PermitAllPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#permitAll,model=org.apache.tuscany.sca.policy.security.PermitAllPolicy
-org.apache.tuscany.sca.policy.security.DenyAllPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#denyAll,model=org.apache.tuscany.sca.policy.security.DenyAllPolicy
-org.apache.tuscany.sca.policy.security.AllowPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#allow,model=org.apache.tuscany.sca.policy.security.AllowPolicy
-org.apache.tuscany.sca.policy.security.RunAsPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#runAs,model=org.apache.tuscany.sca.policy.security.RunAsPolicy
org.apache.tuscany.sca.policy.security.ws.Axis2ConfigParamPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#wsConfigParam,model=org.apache.tuscany.sca.policy.security.ws.Axis2ConfigParamPolicy
-org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#jaasAuthentication,model=org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicy
\ No newline at end of file
+org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#jaasAuthentication,model=org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicy
+org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#authorization,model=org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy
+org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#allow,model=org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy
+org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#permitAll,model=org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy
+org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#denyAll,model=org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy
+org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#securityIdentity,model=org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicy
+org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#runAs,model=org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicy
\ No newline at end of file
Added: incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java?rev=650652&view=auto
==============================================================================
--- incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java (added)
+++ incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java Tue Apr 22 13:56:26 2008
@@ -0,0 +1,88 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.tuscany.sca.policy.security;
+
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamConstants;
+import javax.xml.stream.XMLStreamReader;
+
+import junit.framework.Assert;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy;
+import org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;
+import org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicy;
+import org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicyProcessor;
+import org.junit.Test;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class PolicyProcessorTestCase {
+ private final static List<String> SEQ =
+ Arrays.asList("permitAll",
+ "allow [r1, r2]",
+ "denyAll",
+ "runAs admin",
+ "useCallerIdentity",
+ "permitAll",
+ "allow [r1, r2]",
+ "denyAll",
+ "runAs admin");
+
+ @Test
+ public void testRead() throws Exception {
+ List<String> results = new ArrayList<String>();
+ Map<QName, StAXArtifactProcessor> processors = new HashMap<QName, StAXArtifactProcessor>();
+ processors.put(AuthorizationPolicy.NAME, new AuthorizationPolicyProcessor(null));
+ processors.put(SecurityIdentityPolicy.NAME, new SecurityIdentityPolicyProcessor(null));
+ processors.put(new QName(Constants.SCA10_NS, "allow"), new AuthorizationPolicyProcessor(null));
+ processors.put(new QName(Constants.SCA10_NS, "permitAll"), new AuthorizationPolicyProcessor(null));
+ processors.put(new QName(Constants.SCA10_NS, "denyAll"), new AuthorizationPolicyProcessor(null));
+ processors.put(new QName(Constants.SCA10_NS, "runAs"), new SecurityIdentityPolicyProcessor(null));
+ InputStream is = getClass().getResourceAsStream("mock_policy_definitions.xml");
+ XMLInputFactory factory = XMLInputFactory.newInstance();
+ XMLStreamReader reader = factory.createXMLStreamReader(is);
+ while (true) {
+ int event = reader.getEventType();
+ if (event == XMLStreamConstants.START_ELEMENT) {
+ if ("policySet".equals(reader.getName().getLocalPart())) {
+ reader.nextTag();
+ results.add(processors.get(reader.getName()).read(reader).toString());
+ }
+ }
+ if (reader.hasNext()) {
+ reader.next();
+ } else {
+ break;
+ }
+ }
+ Assert.assertEquals(SEQ, results);
+ }
+}
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/test/java/org/apache/tuscany/sca/policy/security/PolicyProcessorTestCase.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added: incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml?rev=650652&view=auto
==============================================================================
--- incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml (added)
+++ incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml Tue Apr 22 13:56:26 2008
@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="ASCII"?>
+<!--
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+-->
+<definitions xmlns="http://www.osoa.org/xmlns/sca/1.0" targetNamespace="http://tuscany.apache.org/xmlns/sca/1.0"
+ xmlns:sca="http://www.osoa.org/xmlns/sca/1.0">
+
+ <!-- POLICY SETS -->
+ <policySet name="ps1" provides="authorization" appliesTo="sca:implementation">
+ <authorization>
+ <permitAll />
+ </authorization>
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps2" provides="authorization" appliesTo="sca:implementation">
+ <authorization>
+ <allow roles="r1 r2" />
+ </authorization>
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps3" provides="authorization" appliesTo="sca:implementation">
+ <authorization>
+ <denyAll />
+ </authorization>
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps4" provides="securityIdentity" appliesTo="sca:implementation">
+ <securityIdentity>
+ <runAs role="admin" />
+ </securityIdentity>
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps5" provides="securityIdentity" appliesTo="sca:implementation">
+ <securityIdentity>
+ <useCallerIdentity />
+ </securityIdentity>
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps6" provides="authorization" appliesTo="sca:implementation">
+ <permitAll />
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps7" provides="authorization" appliesTo="sca:implementation">
+ <allow roles="r1 r2" />
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps8" provides="authorization" appliesTo="sca:implementation">
+ <denyAll />
+ </policySet>
+
+ <!-- POLICY SETS -->
+ <policySet name="ps9" provides="securityIdentity" appliesTo="sca:implementation">
+ <runAs role="admin" />
+ </policySet>
+
+</definitions>
\ No newline at end of file
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/tuscany/java/sca/modules/policy-security/src/test/resources/org/apache/tuscany/sca/policy/security/mock_policy_definitions.xml
------------------------------------------------------------------------------
svn:keywords = Rev Date