KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > security > test > xacml > XACMLUtil


1 /*
2  * JBoss, Home of Professional Open Source
3  * Copyright 2005, JBoss Inc., and individual contributors as indicated
4  * by the @authors tag. See the copyright.txt in the distribution for a
5  * full listing of individual contributors.
6  *
7  * This is free software; you can redistribute it and/or modify it
8  * under the terms of the GNU Lesser General Public License as
9  * published by the Free Software Foundation; either version 2.1 of
10  * the License, or (at your option) any later version.
11  *
12  * This software is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15  * Lesser General Public License for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public
18  * License along with this software; if not, write to the Free
19  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21  */

22 package org.jboss.test.security.test.xacml;
23
24 import java.io.ByteArrayOutputStream JavaDoc;
25 import java.io.OutputStream JavaDoc;
26 import java.util.ArrayList JavaDoc;
27 import java.util.Arrays JavaDoc;
28 import java.util.HashSet JavaDoc;
29 import java.util.Iterator JavaDoc;
30 import java.util.List JavaDoc;
31 import java.util.Set JavaDoc;
32 import org.jboss.test.security.test.xacml.modules.JBossStaticPolicyFinderModule;
33 import org.jboss.test.security.test.xacml.modules.TestRoleAttributeFinderModule;
34
35 import com.sun.xacml.Indenter;
36 import com.sun.xacml.Obligation;
37 import com.sun.xacml.combine.PermitOverridesPolicyAlg;
38 import com.sun.xacml.ctx.Attribute;
39 import com.sun.xacml.ctx.RequestCtx;
40 import com.sun.xacml.ctx.ResponseCtx;
41 import com.sun.xacml.ctx.Result;
42 import com.sun.xacml.ctx.Status;
43 import com.sun.xacml.finder.AttributeFinder;
44 import com.sun.xacml.finder.PolicyFinder;
45 import com.sun.xacml.finder.impl.CurrentEnvModule;
46 import com.sun.xacml.finder.impl.SelectorModule;
47 import com.sun.xacml.support.finder.StaticRefPolicyFinderModule;
48 import com.sun.xacml.support.finder.URLPolicyFinderModule;
49
50 import org.jboss.logging.Logger;
51
52 //$Id: XACMLUtil.java 58115 2006-11-04 08:42:14Z scott.stark@jboss.org $
53

54 /**
55  * Some Util methods for the XACML Suite of tests
56  * @author <a HREF="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
57  * @since May 30, 2006
58  * @version $Revision: 58115 $
59  */

60 public class XACMLUtil
61 {
62    //Validate that two PDP responses are the same semantically
63
public static void assertEquals(ResponseCtx first, ResponseCtx second)
64    throws Exception JavaDoc
65    {
66       assertResults(first.getResults(), second.getResults());
67    }
68    
69    // Validate that two PDP response->results are the same semantically
70
public static void assertResults(Set JavaDoc first, Set JavaDoc second) throws Exception JavaDoc
71    {
72       if (first.size() != second.size())
73          throw new Exception JavaDoc("Size of results mismatch");
74       
75       Iterator JavaDoc iter = first.iterator();
76       
77       // A set allows us to remove matching results individually
78
HashSet JavaDoc set2 = new HashSet JavaDoc(second);
79       
80       // consider each Result in the first Response, and try to find an
81
// equivalent one in the second Response
82
while (iter.hasNext())
83       {
84          Result result1 = (Result)(iter.next());
85          Iterator JavaDoc it2 = set2.iterator();
86          boolean matched = false;
87          
88          // go through the second list, and see if there's a matching Result
89
while (it2.hasNext() && (! matched))
90          {
91             Result result2 = (Result)(it2.next());
92             if (result1.getDecision() != result2.getDecision())
93                throw new Exception JavaDoc("decision in the result do not match");
94             assertStringMatch(result1.getResource(), result2.getResource());
95             assertStatus(result1.getStatus(), result2.getStatus());
96             assertObligations(result1.getObligations(),
97                   result2.getObligations());
98             matched = true;
99          }
100          
101          // When matched, remove the result from the second set
102
if (matched)
103             it2.remove();
104          else
105             throw new Exception JavaDoc("result mismatch");
106       }
107    }
108    
109    public static void assertStringMatch(String JavaDoc first, String JavaDoc second)
110    throws Exception JavaDoc
111    {
112       Exception JavaDoc ex = new Exception JavaDoc(first + "!=" + second);
113       
114       if (first == null && second != null)
115          throw ex;
116       if(second != null && first.equals(second) == false)
117          throw ex;
118    }
119    
120    // Validate that two PDP response ->Status are the same semantically
121
public static void assertStatus(Status first, Status second)
122    throws Exception JavaDoc
123    {
124       Exception JavaDoc ex = new Exception JavaDoc(first + "!=" + second);
125       Iterator JavaDoc it1 = first.getCode().iterator();
126       Iterator JavaDoc it2 = second.getCode().iterator();
127       
128       // Same code appear in the status?
129
while (it1.hasNext())
130       {
131          if (! it2.hasNext())
132             throw ex;
133          String JavaDoc code = (String JavaDoc)(it1.next());
134          
135          // check that the specific code is the same at each step
136
if (! (code).equals((String JavaDoc)(it2.next())))
137             throw ex;
138       }
139       
140       // if there's still more in the second list, then they're not equal
141
if (it2.hasNext())
142          throw ex;
143    }
144    
145    // Validate that two PDP response->Obligations are the same semantically
146
public static void assertObligations(Set JavaDoc first, Set JavaDoc second)
147    throws Exception JavaDoc
148    {
149       if (first.size() != first.size())
150          throw new Exception JavaDoc("Obligations sets do not match in size");
151       
152       Iterator JavaDoc it1 = first.iterator();
153       
154       // Set for the second set of Obligations, so we can
155
// remove the matching Obligation at each step
156
HashSet JavaDoc set2 = new HashSet JavaDoc(second);
157       
158       // For each Obligation in the first set, and try to find an
159
// equivalent one in the second set
160
while (it1.hasNext())
161       {
162          Obligation o1 = (Obligation)(it1.next());
163          Iterator JavaDoc it2 = set2.iterator();
164          boolean matched = false;
165          
166          // go through the second set, and see if there's a matching
167
// Obligation
168
while (it2.hasNext() && (! matched))
169          {
170             Obligation o2 = (Obligation)(it2.next());
171             
172             // Match identifier and fulfillOn setting
173
if ((o1.getId().equals(o2.getId())) &&
174                   (o1.getFulfillOn() == o2.getFulfillOn()))
175             {
176                // Match the assignments
177
List JavaDoc assignments1 = o1.getAssignments();
178                List JavaDoc assignments2 = o2.getAssignments();
179                
180                if (assignments1.size() == assignments2.size())
181                {
182                   Iterator JavaDoc ait1 = assignments1.iterator();
183                   Iterator JavaDoc ait2 = assignments2.iterator();
184                   boolean assignmentsMatch = true;
185                   
186                   while (ait1.hasNext() && assignmentsMatch)
187                   {
188                      Attribute attr1 = (Attribute)(ait1.next());
189                      Attribute attr2 = (Attribute)(ait2.next());
190                      
191                      if ((! attr1.getId().equals(attr2.getId())) ||
192                            (! attr1.getType().equals(attr2.getType())) ||
193                            (! attr1.getValue().equals(attr2.getValue())))
194                         assignmentsMatch = false;
195                   }
196                   
197                   matched = assignmentsMatch;
198                }
199             }
200          }
201          
202          // If matched, remove it from the set
203
if (matched)
204             it2.remove();
205          else
206             throw new Exception JavaDoc("Obligations do not match");
207       }
208    }
209    
210    /**
211     * Get a prebuilt AttributeFinder
212     * @return
213     */

214    public static AttributeFinder getAttributeFinder()
215    {
216       //Prefill the attribute finder with the Sun's impl of
217
//environment attribute module and the selector attribute module
218
AttributeFinder attributeFinder = new AttributeFinder();
219       List JavaDoc attributeModules = new ArrayList JavaDoc();
220       attributeModules.add(new TestRoleAttributeFinderModule());
221       attributeModules.add(new CurrentEnvModule());
222       attributeModules.add(new SelectorModule());
223       attributeFinder.setModules(attributeModules);
224       return attributeFinder;
225    }
226    
227    /**
228     * Get a Prebuilt PolicyFinder with the passed array of policy files
229     * @param policyFiles
230     * @return
231     * @throws Exception
232     */

233    public static PolicyFinder getPolicyFinder(String JavaDoc[] policyFiles) throws Exception JavaDoc
234    {
235       List JavaDoc policyFileList = Arrays.asList(policyFiles);
236       PolicyFinder policyFinder = new PolicyFinder();
237       HashSet JavaDoc policyModules = new HashSet JavaDoc();
238       policyModules.add(new JBossStaticPolicyFinderModule(PermitOverridesPolicyAlg.algId,
239             policyFileList));
240       policyModules.add(new StaticRefPolicyFinderModule(policyFileList));
241       policyModules.add(new URLPolicyFinderModule());
242       policyFinder.setModules(policyModules);
243       return policyFinder;
244    }
245    
246    /**
247     * Log the PDP response to system out
248     * @param response
249     * @param flag true=response will be displayed false=no
250     */

251    public static void logResponseCtxToSystemOut(ResponseCtx response,
252          boolean flag)
253    {
254       if(flag)
255         response.encode(System.out, new Indenter());
256    }
257    
258    public static void logRequest(Logger log, RequestCtx request) throws Exception JavaDoc
259    {
260       ByteArrayOutputStream JavaDoc baos = new ByteArrayOutputStream JavaDoc();
261       request.encode(baos, new Indenter());
262       log.debug("XACML Request:"+baos.toString());
263       baos.close();
264    }
265 }
266
Popular Tags