WebSecurityRoleName


1   /*
2    * The contents of this file are subject to the terms 
3    * of the Common Development and Distribution License 
4    * (the License).  You may not use this file except in
5    * compliance with the License.
6    * 
7    * You can obtain a copy of the license at 
8    * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9    * glassfish/bootstrap/legal/CDDLv1.0.txt.
10   * See the License for the specific language governing 
11   * permissions and limitations under the License.
12   * 
13   * When distributing Covered Code, include this CDDL 
14   * Header Notice in each file and include the License file 
15   * at glassfish/bootstrap/legal/CDDLv1.0.txt.  
16   * If applicable, add the following below the CDDL Header, 
17   * with the fields enclosed by brackets [] replaced by
18   * you own identifying information: 
19   * "Portions Copyrighted [year] [name of copyright owner]"
20   * 
21   * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22   */
23  package com.sun.enterprise.tools.verifier.tests.web;
24  
25  import com.sun.enterprise.tools.verifier.tests.web.WebTest;
26  import java.util.*;
27  import java.io.*;
28  import com.sun.enterprise.deployment.*;
29  import com.sun.enterprise.tools.verifier.*;
30  import com.sun.enterprise.tools.verifier.tests.*;
31  import com.sun.enterprise.util.FileClassLoader;
32  
33  
34  /** 
35   * The Web role-name element contains the name of a security role.
36   */
37  public class WebSecurityRoleName extends WebTest implements WebCheck { 
38  
39      
40      /** 
41       * The Web role-name element contains the name of a security role.
42       *
43       * @param descriptor the Web deployment descriptor
44       *   
45       * @return <code>Result</code> the results for this assertion
46       */
47      public Result check(WebBundleDescriptor descriptor) {
48  
49      Result result = getInitializedResult();
50      ComponentNameConstructor compName = getVerifierContext().getComponentNameConstructor();
51  
52      if (descriptor.getSecurityConstraints().hasMoreElements()) {
53          boolean oneFailed = false;
54          boolean foundIt = false;
55              int naSr = 0;
56              int naAci = 0;
57              int noAci = 0;
58              int noSc = 0;
59          // get the security role name's in this .war
60          for (Enumeration e = descriptor.getSecurityConstraints() ; e.hasMoreElements() ;) {
61          foundIt = false;
62                  noSc++;
63          SecurityConstraintImpl securityConstraintImpl = (SecurityConstraintImpl)
64              e.nextElement();
65          AuthorizationConstraintImpl aci = (AuthorizationConstraintImpl) securityConstraintImpl.getAuthorizationConstraint();
66          if (aci != null) {
67                      noAci++;
68                      if (aci.getSecurityRoles().hasMoreElements()) {
69              for (Enumeration ee = aci.getSecurityRoles(); ee.hasMoreElements();) {
70                  SecurityRoleDescriptor srd = (SecurityRoleDescriptor) ee.nextElement();
71                  String   roleName = srd.getName(); 
72                  // jsb, nothing to test here...?
73                  if (roleName.length() > 0) {
74                  foundIt = true;
75                  } else {
76                  foundIt = false;
77                  }
78             
79                  if (foundIt) {
80                  result.addGoodDetails(smh.getLocalString
81                         ("tests.componentNameConstructor",
82                      "For [ {0} ]",
83                      new Object  [] {compName.toString()}));
84                  result.addGoodDetails(smh.getLocalString
85                                (getClass().getName() + ".passed",
86                                 "The security role name [ {0} ] found within web application [ {1} ]",
87                                 new Object  [] {roleName, descriptor.getName()}));
88                  } else {
89                  if (!oneFailed) {
90                      oneFailed = true;
91                  }
92                  result.addErrorDetails(smh.getLocalString
93                         ("tests.componentNameConstructor",
94                      "For [ {0} ]",
95                      new Object  [] {compName.toString()}));
96                  result.addErrorDetails(smh.getLocalString
97                                 (getClass().getName() + ".failed",
98                              "Error: The security role name [ {0} ] not found within web application [ {1} ]",
99                              new Object  [] {roleName, descriptor.getName()}));
100                 }
101             }
102             } else {
103             result.addNaDetails(smh.getLocalString
104                        ("tests.componentNameConstructor",
105                     "For [ {0} ]",
106                     new Object  [] {compName.toString()}));
107             result.notApplicable(smh.getLocalString
108                          (getClass().getName() + ".notApplicable1",
109                           "Not Applicable: There are no security roles in this security constraint within [ {0} ]",
110                           new Object  [] {descriptor.getName()}));                    naSr++;
111             }
112                 } else {
113             result.addNaDetails(smh.getLocalString
114                        ("tests.componentNameConstructor",
115                     "For [ {0} ]",
116                     new Object  [] {compName.toString()}));
117                     result.notApplicable(smh.getLocalString
118                                          (getClass().getName() + ".notApplicable2",
119                                           "Not Applicable: There is no authorization constraint in this security constraint within [ {0} ]",
120                                           new Object  [] {descriptor.getName()}));
121                     naAci++;
122                 }
123         }
124         if (oneFailed) {
125         result.setStatus(Result.FAILED);
126         } else if ((noSc == naAci) || (noAci == naSr)) {
127         result.setStatus(Result.NOT_APPLICABLE);
128         } else {
129         result.setStatus(Result.PASSED);
130         }
131     } else {
132         result.addNaDetails(smh.getLocalString
133                        ("tests.componentNameConstructor",
134                     "For [ {0} ]",
135                     new Object  [] {compName.toString()}));
136         result.notApplicable(smh.getLocalString
137                  (getClass().getName() + ".notApplicable",
138                   "There are no role-name elements within the web archive [ {0} ]",
139                   new Object  [] {descriptor.getName()}));
140     }
141 
142     return result;
143     }
144 }
145
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags