1 22 package org.jboss.test.security.test.xacml; 23 24 import java.io.ByteArrayOutputStream ; 25 import java.io.OutputStream ; 26 import java.util.ArrayList ; 27 import java.util.Arrays ; 28 import java.util.HashSet ; 29 import java.util.Iterator ; 30 import java.util.List ; 31 import java.util.Set ; 32 import org.jboss.test.security.test.xacml.modules.JBossStaticPolicyFinderModule; 33 import org.jboss.test.security.test.xacml.modules.TestRoleAttributeFinderModule; 34 35 import com.sun.xacml.Indenter; 36 import com.sun.xacml.Obligation; 37 import com.sun.xacml.combine.PermitOverridesPolicyAlg; 38 import com.sun.xacml.ctx.Attribute; 39 import com.sun.xacml.ctx.RequestCtx; 40 import com.sun.xacml.ctx.ResponseCtx; 41 import com.sun.xacml.ctx.Result; 42 import com.sun.xacml.ctx.Status; 43 import com.sun.xacml.finder.AttributeFinder; 44 import com.sun.xacml.finder.PolicyFinder; 45 import com.sun.xacml.finder.impl.CurrentEnvModule; 46 import com.sun.xacml.finder.impl.SelectorModule; 47 import com.sun.xacml.support.finder.StaticRefPolicyFinderModule; 48 import com.sun.xacml.support.finder.URLPolicyFinderModule; 49 50 import org.jboss.logging.Logger; 51 52 54 60 public class XACMLUtil 61 { 62 public static void assertEquals(ResponseCtx first, ResponseCtx second) 64 throws Exception 65 { 66 assertResults(first.getResults(), second.getResults()); 67 } 68 69 public static void assertResults(Set first, Set second) throws Exception 71 { 72 if (first.size() != second.size()) 73 throw new Exception ("Size of results mismatch"); 74 75 Iterator iter = first.iterator(); 76 77 HashSet set2 = new HashSet (second); 79 80 while (iter.hasNext()) 83 { 84 Result result1 = (Result)(iter.next()); 85 Iterator it2 = set2.iterator(); 86 boolean matched = false; 87 88 while (it2.hasNext() && (! matched)) 90 { 91 Result result2 = (Result)(it2.next()); 92 if (result1.getDecision() != result2.getDecision()) 93 throw new Exception ("decision in the result do not match"); 94 assertStringMatch(result1.getResource(), result2.getResource()); 95 assertStatus(result1.getStatus(), result2.getStatus()); 96 assertObligations(result1.getObligations(), 97 result2.getObligations()); 98 matched = true; 99 } 100 101 if (matched) 103 it2.remove(); 104 else 105 throw new Exception ("result mismatch"); 106 } 107 } 108 109 public static void assertStringMatch(String first, String second) 110 throws Exception 111 { 112 Exception ex = new Exception (first + "!=" + second); 113 114 if (first == null && second != null) 115 throw ex; 116 if(second != null && first.equals(second) == false) 117 throw ex; 118 } 119 120 public static void assertStatus(Status first, Status second) 122 throws Exception 123 { 124 Exception ex = new Exception (first + "!=" + second); 125 Iterator it1 = first.getCode().iterator(); 126 Iterator it2 = second.getCode().iterator(); 127 128 while (it1.hasNext()) 130 { 131 if (! it2.hasNext()) 132 throw ex; 133 String code = (String )(it1.next()); 134 135 if (! (code).equals((String )(it2.next()))) 137 throw ex; 138 } 139 140 if (it2.hasNext()) 142 throw ex; 143 } 144 145 public static void assertObligations(Set first, Set second) 147 throws Exception 148 { 149 if (first.size() != first.size()) 150 throw new Exception ("Obligations sets do not match in size"); 151 152 Iterator it1 = first.iterator(); 153 154 HashSet set2 = new HashSet (second); 157 158 while (it1.hasNext()) 161 { 162 Obligation o1 = (Obligation)(it1.next()); 163 Iterator it2 = set2.iterator(); 164 boolean matched = false; 165 166 while (it2.hasNext() && (! matched)) 169 { 170 Obligation o2 = (Obligation)(it2.next()); 171 172 if ((o1.getId().equals(o2.getId())) && 174 (o1.getFulfillOn() == o2.getFulfillOn())) 175 { 176 List assignments1 = o1.getAssignments(); 178 List assignments2 = o2.getAssignments(); 179 180 if (assignments1.size() == assignments2.size()) 181 { 182 Iterator ait1 = assignments1.iterator(); 183 Iterator ait2 = assignments2.iterator(); 184 boolean assignmentsMatch = true; 185 186 while (ait1.hasNext() && assignmentsMatch) 187 { 188 Attribute attr1 = (Attribute)(ait1.next()); 189 Attribute attr2 = (Attribute)(ait2.next()); 190 191 if ((! attr1.getId().equals(attr2.getId())) || 192 (! attr1.getType().equals(attr2.getType())) || 193 (! attr1.getValue().equals(attr2.getValue()))) 194 assignmentsMatch = false; 195 } 196 197 matched = assignmentsMatch; 198 } 199 } 200 } 201 202 if (matched) 204 it2.remove(); 205 else 206 throw new Exception ("Obligations do not match"); 207 } 208 } 209 210 214 public static AttributeFinder getAttributeFinder() 215 { 216 AttributeFinder attributeFinder = new AttributeFinder(); 219 List attributeModules = new ArrayList (); 220 attributeModules.add(new TestRoleAttributeFinderModule()); 221 attributeModules.add(new CurrentEnvModule()); 222 attributeModules.add(new SelectorModule()); 223 attributeFinder.setModules(attributeModules); 224 return attributeFinder; 225 } 226 227 233 public static PolicyFinder getPolicyFinder(String [] policyFiles) throws Exception 234 { 235 List policyFileList = Arrays.asList(policyFiles); 236 PolicyFinder policyFinder = new PolicyFinder(); 237 HashSet policyModules = new HashSet (); 238 policyModules.add(new JBossStaticPolicyFinderModule(PermitOverridesPolicyAlg.algId, 239 policyFileList)); 240 policyModules.add(new StaticRefPolicyFinderModule(policyFileList)); 241 policyModules.add(new URLPolicyFinderModule()); 242 policyFinder.setModules(policyModules); 243 return policyFinder; 244 } 245 246 251 public static void logResponseCtxToSystemOut(ResponseCtx response, 252 boolean flag) 253 { 254 if(flag) 255 response.encode(System.out, new Indenter()); 256 } 257 258 public static void logRequest(Logger log, RequestCtx request) throws Exception 259 { 260 ByteArrayOutputStream baos = new ByteArrayOutputStream (); 261 request.encode(baos, new Indenter()); 262 log.debug("XACML Request:"+baos.toString()); 263 baos.close(); 264 } 265 } 266 | Popular Tags |