BasePortalJaccTestCase


1   /*
2     * JBoss, Home of Professional Open Source
3     * Copyright 2005, JBoss Inc., and individual contributors as indicated
4     * by the @authors tag. See the copyright.txt in the distribution for a
5     * full listing of individual contributors.
6     *
7     * This is free software; you can redistribute it and/or modify it
8     * under the terms of the GNU Lesser General Public License as
9     * published by the Free Software Foundation; either version 2.1 of
10    * the License, or (at your option) any later version.
11    *
12    * This software is distributed in the hope that it will be useful,
13    * but WITHOUT ANY WARRANTY; without even the implied warranty of
14    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15    * Lesser General Public License for more details.
16    *
17    * You should have received a copy of the GNU Lesser General Public
18    * License along with this software; if not, write to the Free
19    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21    */
22  package org.jboss.test.jacc.test.portal;
23  
24  import java.security.Policy  ;
25  import java.security.Principal  ;
26  import java.security.ProtectionDomain  ;
27  import java.security.acl.Group  ;
28  
29  import javax.security.auth.Subject  ;
30  import javax.security.jacc.PolicyConfiguration  ;
31  import javax.security.jacc.PolicyConfigurationFactory  ;
32  import javax.security.jacc.PolicyContext  ;
33  
34  import org.jboss.security.SecurityAssociation;
35  import org.jboss.security.SimpleGroup;
36  import org.jboss.security.SimplePrincipal;
37  import org.jboss.security.jacc.DelegatingPolicy;
38  import org.jboss.security.jacc.SubjectPolicyContextHandler;
39  import org.jboss.test.JBossTestCase;
40  
41  //$Id: BasePortalJaccTestCase.java 40338 2006-01-18 22:10:07Z asaldhana $
42  
43  /**
44   *  JBPORTAL-565: Create Testcase for JACC Usage
45   *  Base Class for the Portal Customized Jacc Use Cases
46   *  @author <a HREF="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
47   *  @since  Jan 18, 2006 
48   *  @version $Revision: 40338 $
49   */
50  public class BasePortalJaccTestCase extends JBossTestCase
51  {
52     protected PolicyConfiguration   pc = null;
53     
54     public BasePortalJaccTestCase(String   name)
55     {
56        super(name); 
57     }
58     
59     public void setUp()
60     {
61        Policy   policy = Policy.getPolicy();
62        if(policy instanceof DelegatingPolicy == false) 
63        {
64           //Set up the Policy 
65           policy = new DelegatingPolicy();
66        }
67        //Set up the external permission types
68        Class  [] ext = new Class  [] {PortalPermission.class};
69        
70        ((DelegatingPolicy)policy).setExternalPermissionTypes(ext);
71        Policy.setPolicy(policy);
72        //Have the policy load/update itself
73        policy.refresh(); 
74     } 
75     
76     protected void checkAdminAccess(Policy   policy) throws Exception  
77     {
78        //Check context access
79        PortalObjectPermission callerperm = getPortalObjectPermission("/");
80        ProtectionDomain   pd = getProtectionDomain("testAdmin", "admin");
81        assertTrue("Admin can access context?", policy.implies(pd, callerperm));
82        
83        //Check access to portal
84        callerperm = getPortalObjectPermission("/default"); 
85        assertTrue("Admin can access portal?", policy.implies(pd, callerperm));
86        
87        //Check access to page
88        callerperm = getPortalObjectPermission("/default/default"); 
89        assertTrue("Admin can access page?", policy.implies(pd, callerperm));
90        
91        //Check access to window
92        callerperm = getPortalObjectPermission("/default/default/a"); 
93        assertTrue("Admin can access window?", policy.implies(pd, callerperm)); 
94     }
95     
96     protected void checkEmployeeAccess(Policy   policy) throws Exception  
97     {
98        //Check context access
99        PortalObjectPermission callerperm = getPortalObjectPermission("/");
100       ProtectionDomain   pd = getProtectionDomain("testEmployee", "employee");
101       assertFalse("Employee can't access context?", policy.implies(pd, callerperm));
102       
103       //Check access to portal
104       callerperm = getPortalObjectPermission("/default"); 
105       assertTrue("Employee can access portal?", policy.implies(pd, callerperm));
106       
107       //Check access to page
108       callerperm = getPortalObjectPermission("/default/default"); 
109       assertTrue("Employee can access page?", policy.implies(pd, callerperm));
110       
111       //Check access to window
112       callerperm = getPortalObjectPermission("/default/default/a"); 
113       assertTrue("Employee can access window?", policy.implies(pd, callerperm)); 
114       
115       callerperm = getPortalObjectPermission("/someportal"); 
116       assertFalse("Employee cant access someportal?", policy.implies(pd, callerperm)); 
117    }
118    
119    protected void checkBadEmployeeAccess(Policy   policy) throws Exception  
120    {
121       //Check context access
122       PortalObjectPermission callerperm = getPortalObjectPermission("/");
123       ProtectionDomain   pd = getProtectionDomain("testBadEmployee", "bademployee");
124       assertFalse("BadEmployee can't access context?", policy.implies(pd, callerperm));
125       
126       //Check access to portal
127       callerperm = getPortalObjectPermission("/default"); 
128       assertFalse("BadEmployee can't access portal?", policy.implies(pd, callerperm));
129       
130       //Check access to page
131       callerperm = getPortalObjectPermission("/default/default"); 
132       assertFalse("BadEmployee can't access page?", policy.implies(pd, callerperm));
133       
134       //Check access to window
135       callerperm = getPortalObjectPermission("/default/default/a"); 
136       assertFalse("BadEmployee can't access window?", policy.implies(pd, callerperm)); 
137    }
138    
139    protected void checkJanitorAccess(Policy   policy) throws Exception  
140    {
141       //Check context access
142       PortalObjectPermission callerperm = getPortalObjectPermission("/");
143       ProtectionDomain   pd = getProtectionDomain("testJanitor", "janitor");
144       assertFalse("Janitor can't access context?", policy.implies(pd, callerperm));
145       
146       //Check access to portal
147       callerperm = getPortalObjectPermission("/default"); 
148       assertFalse("Janitor can't access portal?", policy.implies(pd, callerperm));
149       
150       //Check access to page
151       callerperm = getPortalObjectPermission("/default/default"); 
152       assertFalse("Janitor can't access page?", policy.implies(pd, callerperm));
153       
154       //Check access to window
155       callerperm = getPortalObjectPermission("/default/default/a"); 
156       assertTrue("Janitor can access window?", policy.implies(pd, callerperm)); 
157    } 
158    
159    protected ProtectionDomain   getProtectionDomain(String   username, String   role) throws Exception  
160    {
161       Group   gp = new SimpleGroup("Roles");
162       gp.addMember(new SimplePrincipal(role));
163       Principal   sp = new SimplePrincipal(username);
164       prepareAndSetAuthenticatedSubject(sp,gp);
165       return new ProtectionDomain  (null,null,null,new Principal  [] { sp,gp} );
166    } 
167    
168    protected PolicyConfiguration   getPolicyConfiguration(String   ctx) throws Exception   
169    { 
170       PolicyConfigurationFactory   pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory(); 
171       pc = pcf.getPolicyConfiguration(ctx, true);
172       assertNotNull("PolicyConfiguration is not null", pc);
173       return pc;
174    }
175    
176    protected PortalObjectPermission getPortalObjectPermission(String   uri)
177    {
178       return new PortalObjectPermission(uri, "view");
179    }
180    
181    /**
182     * This method prepares a Subject with the principal and the group
183     * passed as parameters and registers the Subject with the
184     * PolicyContext
185     * 
186     * @param p
187     * @param gp
188     * @throws Exception
189     */
190    private void prepareAndSetAuthenticatedSubject(Principal   p , Group   gp) throws Exception  
191    {
192       Subject   subject = new Subject  ();
193       subject.getPrincipals().add(p);
194       subject.getPrincipals().add(gp);
195       
196       SecurityAssociation.setSubject(subject);
197       //Register the default active Subject PolicyContextHandler
198       SubjectPolicyContextHandler handler = new SubjectPolicyContextHandler();
199       PolicyContext.registerHandler(SubjectPolicyContextHandler.SUBJECT_CONTEXT_KEY,
200          handler, true);
201    } 
202 
203 }
204
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags