KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > security > test > authorization > AuthorizationContextUnitTestCase


1 /*
2  * JBoss, Home of Professional Open Source
3  * Copyright 2005, JBoss Inc., and individual contributors as indicated
4  * by the @authors tag. See the copyright.txt in the distribution for a
5  * full listing of individual contributors.
6  *
7  * This is free software; you can redistribute it and/or modify it
8  * under the terms of the GNU Lesser General Public License as
9  * published by the Free Software Foundation; either version 2.1 of
10  * the License, or (at your option) any later version.
11  *
12  * This software is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15  * Lesser General Public License for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public
18  * License along with this software; if not, write to the Free
19  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21  */

22 package org.jboss.test.security.test.authorization;
23
24 import java.io.IOException JavaDoc;
25 import java.io.InputStreamReader JavaDoc;
26 import java.net.URL JavaDoc;
27 import java.util.HashMap JavaDoc;
28 import java.util.Map JavaDoc;
29
30 import javax.security.auth.Subject JavaDoc;
31 import javax.security.auth.callback.Callback JavaDoc;
32 import javax.security.auth.callback.CallbackHandler JavaDoc;
33 import javax.security.auth.callback.UnsupportedCallbackException JavaDoc;
34
35 import junit.extensions.TestSetup;
36 import junit.framework.Test;
37 import junit.framework.TestSuite;
38
39 import org.jboss.security.auth.spi.UsersObjectModelFactory;
40 import org.jboss.security.authorization.AuthorizationContext;
41 import org.jboss.security.authorization.AuthorizationException;
42 import org.jboss.security.authorization.Resource;
43 import org.jboss.security.authorization.config.SecurityConfigObjectModelFactory;
44 import org.jboss.security.config.PolicyConfig;
45 import org.jboss.test.JBossTestCase;
46 import org.jboss.test.JBossTestSetup;
47 import org.jboss.xb.binding.Unmarshaller;
48 import org.jboss.xb.binding.UnmarshallerFactory;
49
50 //$Id: AuthorizationContextUnitTestCase.java 45987 2006-06-29 20:59:29Z asaldhana $
51

52 /**
53  * Unit Tests for the JBoss Authorization Context
54  * @author <a HREF="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
55  * @since Jun 28, 2006
56  * @version $Revision: 45987 $
57  */

58 public class AuthorizationContextUnitTestCase extends JBossTestCase
59 {
60    private static PolicyConfig policyConfig = null;
61    
62    public AuthorizationContextUnitTestCase(String JavaDoc name)
63    {
64       super(name);
65    }
66    
67    
68    public static Test suite() throws Exception JavaDoc
69    {
70       TestSuite suite = new TestSuite();
71       suite.addTest(new TestSuite(AuthorizationContextUnitTestCase.class));
72       // Create an initializer for the test suite
73
TestSetup wrapper = new JBossTestSetup(suite)
74       {
75          protected void setUp() throws Exception JavaDoc
76          {
77             super.setUp();
78             String JavaDoc url = getResourceURL("security/authorization/authorization-policy.xml");
79             loadXMLConfig(new URL JavaDoc(url));
80          }
81          protected void tearDown() throws Exception JavaDoc
82          {
83             super.tearDown();
84          }
85       };
86       return wrapper;
87    }
88    
89    
90    /**
91     * Test the AuthorizationModule required behavior
92     */

93    public void testRequiredOptionBehavior() throws Exception JavaDoc
94    {
95       assertNotNull("PolicyConfig != null", policyConfig);
96       int result = getResult("required-permit-policy");
97       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
98       result = getResult("required-deny-policy");
99       assertTrue("DENY?", AuthorizationContext.DENY == result);
100    }
101    
102    /**
103     * Test the AuthorizationModule requisite behavior
104     */

105    public void testRequisiteOptionBehavior() throws Exception JavaDoc
106    {
107       assertNotNull("PolicyConfig != null", policyConfig);
108       int result = getResult("requisite-permit-policy");
109       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
110       result = getResult("requisite-deny-policy");
111       assertTrue("DENY?", AuthorizationContext.DENY == result);
112    }
113    
114    
115    /**
116     * Test the AuthorizationModule sufficient behavior
117     */

118    public void testSufficientOptionBehavior() throws Exception JavaDoc
119    {
120       assertNotNull("PolicyConfig != null", policyConfig);
121       int result = getResult("sufficient-permit-policy");
122       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
123       result = getResult("sufficient-deny-policy");
124       assertTrue("DENY?", AuthorizationContext.DENY == result);
125    }
126    
127    
128    /**
129     * Test the AuthorizationModule optional behavior
130     */

131    public void testOptionalOptionBehavior() throws Exception JavaDoc
132    {
133       assertNotNull("PolicyConfig != null", policyConfig);
134       int result = getResult("optional-permit-policy");
135       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
136       result = getResult("optional-deny-policy");
137       assertTrue("DENY?", AuthorizationContext.DENY == result);
138    }
139    
140    /**
141     * Test the AuthorizationModules combination behavior
142     */

143    public void testCombinationBehavior() throws Exception JavaDoc
144    {
145       assertNotNull("PolicyConfig != null", policyConfig);
146       int result = getResult("required-deny-sufficient-permit-policy");
147       assertTrue("DENY?", AuthorizationContext.DENY == result);
148       result = getResult("required-permit-sufficient-deny-policy");
149       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
150       result = getResult("required-permit-required-deny-policy");
151       assertTrue("DENY?", AuthorizationContext.DENY == result);
152       result = getResult("required-permit-required-permit-policy");
153       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
154       result = getResult("required-permit-required-permit-sufficient-deny-policy");
155       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
156       result = getResult("required-permit-required-permit-requisite-deny-policy");
157       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
158       result = getResult("required-permit-required-permit-optional-deny-policy");
159       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
160       result = getResult("required-permit-required-deny-requisite-permit-policy");
161       assertTrue("DENY?", AuthorizationContext.DENY == result);
162       result = getResult("requisite-permit-requisite-permit-sufficient-deny-policy");
163       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
164       
165       result = getResult("sufficient-permit-required-deny-policy");
166       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
167       result = getResult("sufficient-permit-sufficient-deny-policy");
168       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
169       result = getResult("optional-deny-sufficient-permit-required-deny-policy");
170       assertTrue("PERMIT?", AuthorizationContext.PERMIT == result);
171       
172       result = getResult("sufficient-deny-optional-deny-policy");
173       assertTrue("DENY?", AuthorizationContext.DENY == result);
174    }
175    
176    private int getResult(String JavaDoc policyName) throws Exception JavaDoc
177    {
178       int result = AuthorizationContext.DENY;
179       
180       AuthorizationContext aContext = new AuthorizationContext(policyName,
181             new Subject JavaDoc(),
182             new TestCallbackHandler());
183       aContext.setApplicationPolicy(policyConfig.get(policyName));
184       try
185       {
186          result = aContext.authorize(new Resource()
187          {
188             public String JavaDoc getLayer()
189             {
190                return "TEST";
191             }
192             
193             public Map JavaDoc getMap()
194             {
195                return new HashMap JavaDoc();
196             }
197           });
198       }
199       catch(AuthorizationException e)
200       {
201          result = AuthorizationContext.DENY;
202       }
203       return result;
204    }
205    
206    /**
207     * Use JBossXB to parse the security config file
208     * @param loginConfigURL
209     * @throws Exception
210     */

211    private static void loadXMLConfig(URL JavaDoc loginConfigURL)
212    throws Exception JavaDoc
213    {
214       SecurityConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
215       UsersObjectModelFactory uomf = new UsersObjectModelFactory();
216       
217       InputStreamReader JavaDoc xmlReader = new InputStreamReader JavaDoc(loginConfigURL.openStream());
218       Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
219       unmarshaller.mapFactoryToNamespace(uomf, "http://www.jboss.org/j2ee/schemas/XMLLoginModule");
220       policyConfig = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, (Object JavaDoc)null);
221    }
222    
223    /**
224     * Dummy CallbackHandler
225     */

226    private static class TestCallbackHandler implements CallbackHandler JavaDoc
227    {
228       public void handle(Callback JavaDoc[] arg0)
229       throws IOException JavaDoc, UnsupportedCallbackException JavaDoc
230       {
231       }
232    }
233 }
234
Popular Tags