KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > core > authorization > policy > LocalAccessControllerTest


1 package net.sf.jguard.core.authorization.policy;
2
3 import java.io.FilePermission JavaDoc;
4 import java.security.AccessControlException JavaDoc;
5 import java.security.Permission JavaDoc;
6 import java.security.PrivilegedActionException JavaDoc;
7 import java.security.PrivilegedExceptionAction JavaDoc;
8
9 import javax.security.auth.Subject JavaDoc;
10
11 import junit.framework.TestCase;
12 import net.sf.jguard.core.authorization.permissions.URLPermission;
13 import net.sf.jguard.core.principals.RolePrincipal;
14
15 public class LocalAccessControllerTest extends TestCase {
16
17     protected void setUp() throws Exception JavaDoc {
18         super.setUp();
19     }
20
21     public void testCheckPermission() throws PrivilegedActionException JavaDoc {
22         DummyPolicy policy = new DummyPolicy();
23         final Permission JavaDoc permission = new URLPermission("name");
24         policy.addPermission(permission);
25         final Subject JavaDoc subject = new Subject JavaDoc();
26         RolePrincipal principal = new RolePrincipal();
27         principal.addPermission(permission);
28         subject.getPrincipals().add(principal);
29         final LocalAccessController accessController = new LocalAccessController(policy);
30         try{
31              Subject.doAsPrivileged(subject, new PrivilegedExceptionAction JavaDoc() {
32                  public Object JavaDoc run() {
33                     //we wrap the ServletRequest to 'correct' the j2ee's JAAS handling
34 // according to the j2se way
35 accessController.checkPermission(permission);
36                      // the 'null' tells the SecurityManager to consider this resource access
37 //in an isolated context, ignoring the permissions of code currently
38 //on the execution stack.
39 return null;
40                  }
41                  },null);
42         }catch(AccessControlException JavaDoc ace){
43             fail(" user is not granted although if he has got the right permission ");
44         }
45         final Permission JavaDoc permission2 = new FilePermission JavaDoc("/toto","delete");
46         try{
47              Subject.doAsPrivileged(subject, new PrivilegedExceptionAction JavaDoc() {
48                  public Object JavaDoc run() {
49                     //we wrap the ServletRequest to 'correct' the j2ee's JAAS handling
50 // according to the j2se way
51 accessController.checkPermission(permission2);
52                      // the 'null' tells the SecurityManager to consider this resource access
53 //in an isolated context, ignoring the permissions of code currently
54 //on the execution stack.
55 return null;
56                  }
57                  },null);
58             fail(" user is granted although if he hasn't got the right permission ");
59         }catch(AccessControlException JavaDoc ace){
60                 //normal case
61 }
62         
63         
64     }
65
66 }
67
Popular Tags