KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > core > authorization > permissions > PermissionUtilsTest


1 /*
2 jGuard is a security framework based on top of jaas (java authentication and authorization security).
3 it is written for web applications, to resolve simply, access control problems.
4 version $Name: $
5 http://sourceforge.net/projects/jguard/
6
7 Copyright (C) 2004 Charles GAY
8
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
13
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with this library; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22
23
24 jGuard project home page:
25 http://sourceforge.net/projects/jguard/
26
27 */

28 package net.sf.jguard.core.authorization.permissions;
29
30 import java.io.FilePermission JavaDoc;
31 import java.security.Permission JavaDoc;
32 import java.security.PermissionCollection JavaDoc;
33 import java.security.Permissions JavaDoc;
34 import java.security.Principal JavaDoc;
35 import java.security.ProtectionDomain JavaDoc;
36 import java.util.Enumeration JavaDoc;
37 import java.util.logging.Level JavaDoc;
38 import java.util.logging.Logger JavaDoc;
39
40 import javax.security.auth.Subject JavaDoc;
41
42 import junit.framework.TestCase;
43 import net.sf.jguard.core.authentication.credentials.JGuardCredential;
44 import net.sf.jguard.core.authorization.permissions.PermissionUtils;
45 import net.sf.jguard.core.authorization.permissions.URLPermission;
46 import net.sf.jguard.core.principals.UserPrincipal;
47
48 /**
49  *
50  * @author <a HREF="mailto:vberetti@users.sourceforge.net">Vincent Beretti</a>
51  */

52 public class PermissionUtilsTest extends TestCase {
53
54
55     private static final Logger JavaDoc logger = Logger.getLogger(PermissionUtilsTest.class.getName());
56
57     public void testEvaluatePermissionCollection()throws Throwable JavaDoc {
58         PermissionUtils.setCachesEnabled(true);
59         PermissionUtils.createCaches();
60
61         Subject JavaDoc subjectA = new Subject JavaDoc();
62
63         JGuardCredential nameA = new JGuardCredential();
64         nameA.setId("name");
65         nameA.setValue("userA");
66         JGuardCredential companyA = new JGuardCredential();
67         companyA.setId("company");
68         companyA.setValue("companyA");
69
70         subjectA.getPublicCredentials().add(nameA);
71         subjectA.getPublicCredentials().add(companyA);
72
73         if (logger.isLoggable(Level.FINEST)){
74             logger.finest("---- logging subject ----");
75             logger.finest(subjectA.toString());
76         }
77
78         UserPrincipal userPrincipal = new UserPrincipal(subjectA);
79
80         ProtectionDomain JavaDoc protectionDomain = new ProtectionDomain JavaDoc(null,new Permissions JavaDoc(),null,new Principal JavaDoc[]{userPrincipal});
81
82         PermissionCollection JavaDoc pc = new Permissions JavaDoc();
83         Permission JavaDoc p1 = new FilePermission JavaDoc("file://home", "read");
84         Permission JavaDoc p2 = new FilePermission JavaDoc("file://home/user/${subject.publicCredentials.name}", "read");
85         Permission JavaDoc p3 = new FilePermission JavaDoc("file://home/user/${subject.publicCredentials.company}", "read");
86         Permission JavaDoc p4 = new FilePermission JavaDoc("file://home/user/${subject.publicCredentials.name}/" +
87                 "${subject.publicCredentials.company}/${subject.publicCredentials.name}/" +
88                 "${subject.publicCredentials.name}/${subject.publicCredentials.company}", "read");
89         Permission JavaDoc p5 = new FilePermission JavaDoc("file://home/user/${subject.publicCredentials.age}", "read");
90         Permission JavaDoc p6 = new URLPermission("index","http://www.website.com/index.html?name=${subject.publicCredentials.name}");
91         Permission JavaDoc p7 = new URLPermission("index2","http://www.web�site.com/index.html?name=${subject.publicCredentials.name}");
92
93         pc.add(p1);
94         pc.add(p2);
95         pc.add(p3);
96         pc.add(p4);
97         pc.add(p5);
98         pc.add(p6);
99         pc.add(p7);
100
101         if (logger.isLoggable(Level.FINEST)){
102             logger.finest("---- logging unresolved permissions ----");
103             Enumeration JavaDoc unresolvedPermEnum = pc.elements();
104             while (unresolvedPermEnum.hasMoreElements()){
105                 logger.finest(unresolvedPermEnum.nextElement().toString());
106             }
107         }
108
109         PermissionCollection JavaDoc expectedPc = new Permissions JavaDoc();
110         Permission JavaDoc expectedP1 = new FilePermission JavaDoc("file://home", "read");
111         Permission JavaDoc expectedP2 = new FilePermission JavaDoc("file://home/user/userA", "read");
112         Permission JavaDoc expectedP3 = new FilePermission JavaDoc("file://home/user/companyA", "read");
113         Permission JavaDoc expectedP4 = new FilePermission JavaDoc("file://home/user/userA/companyA/userA/userA/companyA", "read");
114         Permission JavaDoc expectedP6 = new URLPermission("index", "http://www.website.com/index.html?name=userA");
115         Permission JavaDoc expectedP7 = new URLPermission("index2", "http://www.web�site.com/index.html?name=userA");
116
117         expectedPc.add(expectedP1);
118         expectedPc.add(expectedP2);
119         expectedPc.add(expectedP3);
120         expectedPc.add(expectedP4);
121         expectedPc.add(expectedP6);
122         expectedPc.add(expectedP7);
123
124         // getting resolved permissions
125
PermissionCollection JavaDoc resolvedPc = PermissionUtils.evaluatePermissionCollection(protectionDomain, pc);
126
127         if (logger.isLoggable(Level.FINEST)){
128             logger.finest("---- logging expected permissions ----");
129             Enumeration JavaDoc expectedPermEnum = expectedPc.elements();
130             while (expectedPermEnum.hasMoreElements()){
131                 logger.finest(expectedPermEnum.nextElement().toString());
132             }
133
134             logger.finest("---- logging resolved permissions ----");
135         }
136
137         int collectionSize = 0;
138         Enumeration JavaDoc permEnum = resolvedPc.elements();
139         while (permEnum.hasMoreElements()){
140             Permission JavaDoc resolvedPerm = (Permission JavaDoc) permEnum.nextElement();
141             logger.finest("verify implies for " + resolvedPerm.toString());
142             System.out.println("verify implies for " + resolvedPerm.toString());
143             assertTrue(expectedPc.implies(resolvedPerm));
144             collectionSize ++;
145         }
146         assertEquals(6,collectionSize);
147         System.out.println("END EVALUATE PERMISSION TEST");
148     }
149
150
151
152     public void testEvaluateCombinativePermissionCollection()throws Throwable JavaDoc {
153         PermissionUtils.setCachesEnabled(true);
154         PermissionUtils.createCaches();
155
156         Subject JavaDoc subject = new Subject JavaDoc();
157
158         JGuardCredential nameA = new JGuardCredential();
159         nameA.setId("name");
160         nameA.setValue("userA");
161         JGuardCredential nameB = new JGuardCredential();
162         nameB.setId("name");
163         nameB.setValue("userB");
164         JGuardCredential companyA = new JGuardCredential();
165         companyA.setId("company");
166         companyA.setValue("companyA");
167         JGuardCredential companyB = new JGuardCredential();
168         companyB.setId("company");
169         companyB.setValue("companyB");
170         JGuardCredential age = new JGuardCredential();
171         age.setId("age");
172         age.setValue("100");
173
174         subject.getPublicCredentials().add(nameA);
175         subject.getPublicCredentials().add(nameB);
176         subject.getPublicCredentials().add(companyA);
177         subject.getPublicCredentials().add(companyB);
178         subject.getPublicCredentials().add(age);
179
180         if (logger.isLoggable(Level.FINEST)){
181             logger.finest("---- logging subject ----");
182             logger.finest(subject.toString());
183         }
184
185         UserPrincipal userPrincipal = new UserPrincipal(subject);
186
187         ProtectionDomain JavaDoc protectionDomain = new ProtectionDomain JavaDoc(null,new Permissions JavaDoc(),null,new Principal JavaDoc[]{userPrincipal});
188
189         PermissionCollection JavaDoc pc = new Permissions JavaDoc();
190         Permission JavaDoc p1 = new FilePermission JavaDoc("file://home", "read");
191         Permission JavaDoc p2 = new FilePermission JavaDoc("file://home/user/${subject.publicCredentials.name}", "read");
192         Permission JavaDoc p3 = new FilePermission JavaDoc("file://home/user/${subject.publicCredentials.company}", "read");
193         Permission JavaDoc p4 = new FilePermission JavaDoc("file://home/user/${subject.publicCredentials.name}/" +
194                 "${subject.publicCredentials.company}/${subject.publicCredentials.age}", "read");
195         Permission JavaDoc p5 = new FilePermission JavaDoc("file://home/user/${subject.publicCredentials.company}/${subject.publicCredentials.company}", "read");
196         Permission JavaDoc p6 = new URLPermission("index","http://www.website.com/index.html?name=${subject.publicCredentials.name}&company=${subject.publicCredentials.company}&age=${subject.publicCredentials.age}");
197
198         pc.add(p1);
199         pc.add(p2);
200         pc.add(p3);
201         pc.add(p4);
202         pc.add(p5);
203         pc.add(p6);
204
205         if (logger.isLoggable(Level.FINEST)){
206             logger.finest("---- logging unresolved permissions ----");
207             Enumeration JavaDoc unresolvedPermEnum = pc.elements();
208             while (unresolvedPermEnum.hasMoreElements()){
209                 logger.finest(unresolvedPermEnum.nextElement().toString());
210             }
211         }
212
213         PermissionCollection JavaDoc expectedPc = new Permissions JavaDoc();
214         Permission JavaDoc expectedP1 = new FilePermission JavaDoc("file://home", "read");
215         Permission JavaDoc expectedP2a = new FilePermission JavaDoc("file://home/user/userA", "read");
216         Permission JavaDoc expectedP2b = new FilePermission JavaDoc("file://home/user/userB", "read");
217         Permission JavaDoc expectedP3a = new FilePermission JavaDoc("file://home/user/companyA", "read");
218         Permission JavaDoc expectedP3b = new FilePermission JavaDoc("file://home/user/companyB", "read");
219         Permission JavaDoc expectedP4a = new FilePermission JavaDoc("file://home/user/userA/companyA/100", "read");
220         Permission JavaDoc expectedP4b = new FilePermission JavaDoc("file://home/user/userA/companyB/100", "read");
221         Permission JavaDoc expectedP4c = new FilePermission JavaDoc("file://home/user/userB/companyA/100", "read");
222         Permission JavaDoc expectedP4d = new FilePermission JavaDoc("file://home/user/userB/companyB/100", "read");
223         Permission JavaDoc expectedP5a = new FilePermission JavaDoc("file://home/user/companyA/companyA", "read");
224         Permission JavaDoc expectedP5b = new FilePermission JavaDoc("file://home/user/companyA/companyB", "read");
225         Permission JavaDoc expectedP5c = new FilePermission JavaDoc("file://home/user/companyB/companyA", "read");
226         Permission JavaDoc expectedP5d = new FilePermission JavaDoc("file://home/user/companyB/companyB", "read");
227         Permission JavaDoc expectedP6a = new URLPermission("index", "http://www.website.com/index.html?name=userA&company=companyA&age=100");
228         Permission JavaDoc expectedP6b = new URLPermission("index", "http://www.website.com/index.html?name=userA&company=companyB&age=100");
229         Permission JavaDoc expectedP6c = new URLPermission("index", "http://www.website.com/index.html?name=userB&company=companyA&age=100");
230         Permission JavaDoc expectedP6d = new URLPermission("index", "http://www.website.com/index.html?name=userB&company=companyB&age=100");
231
232         expectedPc.add(expectedP1);
233         expectedPc.add(expectedP2a);
234         expectedPc.add(expectedP2b);
235         expectedPc.add(expectedP3a);
236         expectedPc.add(expectedP3b);
237         expectedPc.add(expectedP4a);
238         expectedPc.add(expectedP4b);
239         expectedPc.add(expectedP4c);
240         expectedPc.add(expectedP4d);
241         expectedPc.add(expectedP5a);
242         expectedPc.add(expectedP5b);
243         expectedPc.add(expectedP5c);
244         expectedPc.add(expectedP5d);
245         expectedPc.add(expectedP6a);
246         expectedPc.add(expectedP6b);
247         expectedPc.add(expectedP6c);
248         expectedPc.add(expectedP6d);
249
250         // getting resolved permissions
251
PermissionCollection JavaDoc resolvedPc = PermissionUtils.evaluatePermissionCollection(protectionDomain, pc);
252
253         if (logger.isLoggable(Level.FINEST)){
254             logger.finest("---- logging expected permissions ----");
255             Enumeration JavaDoc expectedPermEnum = expectedPc.elements();
256             while (expectedPermEnum.hasMoreElements()){
257                 logger.finest(expectedPermEnum.nextElement().toString());
258             }
259
260             logger.finest("---- logging resolved permissions ----");
261         }
262
263         int collectionSize = 0;
264         Enumeration JavaDoc permEnum = resolvedPc.elements();
265         while (permEnum.hasMoreElements()){
266             Permission JavaDoc resolvedPerm = (Permission JavaDoc) permEnum.nextElement();
267             logger.finest("verify implies for " + resolvedPerm.toString());
268             System.out.println("verify implies for " + resolvedPerm.toString());
269             assertTrue(expectedPc.implies(resolvedPerm));
270             collectionSize ++;
271         }
272         assertEquals(17,collectionSize);
273         System.out.println("END EVALUATE COMBINATIVE PERMISSION TEST");
274
275     }
276
277 }
278
Popular Tags