Package javax.security.jacc

Examples of javax.security.jacc.WebResourcePermission


        URL srcXml = classLoader.getResource("security/web2.xml");
        WebAppDocument webAppDoc = WebAppDocument.Factory.parse(srcXml, options);
        WebAppType webAppType = webAppDoc.getWebApp();
        SpecSecurityBuilder builder = new SpecSecurityBuilder();
        ComponentPermissions permissions = builder.buildSpecSecurityConfig(webAppType);
        Permission p = new WebResourcePermission("/Test/Foo", "GET,POST");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(new WebResourcePermission("/Test", ""), permissions, null));
        assertFalse(implies(new WebResourcePermission("/Test", "!"), permissions, null));
    }
View Full Code Here


        URL srcXml = classLoader.getResource("security/web3.xml");
        WebAppDocument webAppDoc = WebAppDocument.Factory.parse(srcXml, options);
        WebAppType webAppType = webAppDoc.getWebApp();
        SpecSecurityBuilder builder = new SpecSecurityBuilder();
        ComponentPermissions permissions = builder.buildSpecSecurityConfig(webAppType);
        Permission p = new WebResourcePermission("/Test/Foo", "GET,POST");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, null));
        p = new WebResourcePermission("/Test/Bar/Foo", "GET,POST");
        assertFalse(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, null));
        // check only GET method excluded here.
        p = new WebResourcePermission("/Test/Baz/Foo", "GET");
        assertFalse(implies(p, permissions, "Admin"));
        p = new WebResourcePermission("/Test/Baz/Foo", "POST");
        assertTrue(implies(p, permissions, "Admin"));
        // test excluding longer path than allowed
        p = new WebResourcePermission("/Foo/Baz", "GET");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
        p = new WebResourcePermission("/Foo/Bar/Foo", "POST");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
        p = new WebResourcePermission("/Foo/Bar/Foo", "GET");
        assertFalse(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
    }
View Full Code Here

        WebAppDocument webAppDoc = WebAppDocument.Factory.parse(srcXml, options);
        WebAppType webAppType = webAppDoc.getWebApp();
        SpecSecurityBuilder builder = new SpecSecurityBuilder();
        ComponentPermissions permissions = builder.buildSpecSecurityConfig(webAppType);
        // test excluding longer path than allowed
        Permission p = new WebResourcePermission("/Foo/Baz", "GET");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
        p = new WebResourcePermission("/Foo/Bar/Foo", "POST");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
        p = new WebResourcePermission("/Foo/Bar/Foo", "GET");
        assertFalse(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
        // test excluding longer path allows unchecked access to other http methods
        p = new WebResourcePermission("/Bar/Baz", "GET");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
        p = new WebResourcePermission("/Bar/Bar/Bar", "POST");
        assertTrue(implies(p, permissions, "Admin"));
        //This one is false unless excluded constraint allows other https methods unchecked access
//        assertFalse(implies(p, permissions, "Peon"));
        assertTrue(implies(p, permissions, "Peon"));
        p = new WebResourcePermission("/Bar/Bar/Bar", "GET");
        assertFalse(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
    }
View Full Code Here

        WebAppDocument webAppDoc = WebAppDocument.Factory.parse(srcXml, options);
        WebAppType webAppType = webAppDoc.getWebApp();
        SpecSecurityBuilder builder = new SpecSecurityBuilder();
        ComponentPermissions permissions = builder.buildSpecSecurityConfig(webAppType);
        // test excluding longer path than allowed
        Permission p = new WebResourcePermission("/foo/Baz", "GET");
        assertFalse(implies(p, permissions, "user"));
        assertFalse(implies(p, permissions, null));
        p = new WebResourcePermission("/bar", "GET");
        assertTrue(implies(p, permissions, "user"));
        assertTrue(implies(p, permissions, null));
        p = new WebUserDataPermission("/bar", "GET");
        assertTrue(implies(p, permissions, "user"));
        assertTrue(implies(p, permissions, null));
View Full Code Here

        URL srcXml = classLoader.getResource("security/web6.xml");
        WebAppDocument webAppDoc = WebAppDocument.Factory.parse(srcXml, options);
        WebAppType webAppType = webAppDoc.getWebApp();
        SpecSecurityBuilder builder = new SpecSecurityBuilder();
        ComponentPermissions permissions = builder.buildSpecSecurityConfig(webAppType);
        Permission p = new WebResourcePermission("/app/*", "GET");
        assertTrue(implies(p, permissions, "userGet"));
        assertFalse(implies(p, permissions, "userPost"));
        p = new WebResourcePermission("/app/home", "POST");
        assertTrue(implies(p, permissions, "userPost"));
        assertFalse(implies(p, permissions, "userGet"));
    }
View Full Code Here

        if (useExcluded) {
            for (URLPattern pattern : excludedPatterns.values()) {
                String name = pattern.getQualifiedPattern(allSet);
                String actions = pattern.getMethods();

                policyConfiguration.addToExcludedPolicy(new WebResourcePermission(name, actions));
                policyConfiguration.addToExcludedPolicy(new WebUserDataPermission(name, actions));
            }
        }
        for (Map.Entry<String, Map<String, URLPattern>> entry : rolesPatterns.entrySet()) {
            Set<URLPattern> currentRolePatterns = new HashSet<URLPattern>(entry.getValue().values());
            for (URLPattern pattern : entry.getValue().values()) {
                String name = pattern.getQualifiedPattern(currentRolePatterns);
                String actions = pattern.getMethods();
                WebResourcePermission permission = new WebResourcePermission(name, actions);
                policyConfiguration.addToRole(entry.getKey(), permission);
                HTTPMethods methods = pattern.getHTTPMethods();
                int transportType = pattern.getTransport();
                addOrUpdatePattern(uncheckedUserPatterns, name, methods, transportType);
            }
        }
        for (URLPattern pattern : uncheckedPatterns.values()) {
            String name = pattern.getQualifiedPattern(allSet);
            HTTPMethods methods = pattern.getHTTPMethods();

            addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);

            int transportType = pattern.getTransport();
            addOrUpdatePattern(uncheckedUserPatterns, name, methods, transportType);
        }

        /**
         * A <code>WebResourcePermission</code> and a <code>WebUserDataPermission</code> must be instantiated for
         * each <tt>url-pattern</tt> in the deployment descriptor and the default pattern "/", that is not combined
         * by the <tt>web-resource-collection</tt> elements of the deployment descriptor with ever HTTP method
         * value.  The permission objects must be contructed using the qualified pattern as their name and with
         * actions defined by the subset of the HTTP methods that do not occur in combination with the pattern.
         * The resulting permissions that must be added to the unchecked policy statements by calling the
         * <code>addToUncheckedPolcy</code> method on the <code>PolicyConfiguration</code> object.
         */
        for (URLPattern pattern : allSet) {
            String name = pattern.getQualifiedPattern(allSet);
            HTTPMethods methods = pattern.getComplementedHTTPMethods();

            if (methods.isNone()) {
                continue;
            }

            addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);
            addOrUpdatePattern(uncheckedUserPatterns, name, methods, URLPattern.NA);
        }

        URLPattern pattern = new URLPattern("/");
        if (!allSet.contains(pattern)) {
            String name = pattern.getQualifiedPattern(allSet);
            HTTPMethods methods = pattern.getComplementedHTTPMethods();

            addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);
            addOrUpdatePattern(uncheckedUserPatterns, name, methods, URLPattern.NA);
        }

        //Create the uncheckedPermissions for WebResourcePermissions
        for (UncheckedItem item : uncheckedResourcePatterns.keySet()) {
            HTTPMethods methods = uncheckedResourcePatterns.get(item);
            String actions = URLPattern.getMethodsWithTransport(methods, item.getTransportType());

            policyConfiguration.addToUncheckedPolicy(new WebResourcePermission(item.getName(), actions));
        }
        //Create the uncheckedPermissions for WebUserDataPermissions
        for (UncheckedItem item : uncheckedUserPatterns.keySet()) {
            HTTPMethods methods = uncheckedUserPatterns.get(item);
            String actions = URLPattern.getMethodsWithTransport(methods, item.getTransportType());
View Full Code Here

    protected WebAppContextWrapper setUpAppContext(String securityRealmName, SecurityHandlerFactory securityHandlerFactory, String policyContextId, RunAsSource runAsSource, String uriString) throws Exception {

        if (securityHandlerFactory == null) {
            Permissions unchecked = new Permissions();
            unchecked.add(new WebUserDataPermission("/", null));
            unchecked.add(new WebResourcePermission("/", ""));
            ComponentPermissions componentPermissions = new ComponentPermissions(new Permissions(), unchecked, Collections.<String, PermissionCollection>emptyMap());
            setUpJACC(Collections.<String, SubjectInfo>emptyMap(), Collections.<Principal, Set<String>>emptyMap(), componentPermissions, policyContextId);
            LoginService loginService = newLoginService();
//            final ServletCallbackHandler callbackHandler = new ServletCallbackHandler(loginService);
            final Subject subject = new Subject();
View Full Code Here

        }
    }

    public boolean isAuthMandatory(Request request, Object constraints) {
        try {
            defaultACC.checkPermission(new WebResourcePermission(request));
            return false;
        } catch (AccessControlException e) {
            return true;
        }
    }
View Full Code Here

            return false;
        }

        AccessControlContext acc = ((JACCUserIdentity)userIdentity).getAccessControlContext();
        try {
            acc.checkPermission(new WebResourcePermission(request));
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }
View Full Code Here

        PermissionCollection uncheckedPermissions = new Permissions();
        uncheckedPermissions.add(new WebUserDataPermission("/protected/*", ""));

        PermissionCollection excludedPermissions = new Permissions();
        uncheckedPermissions.add(new WebResourcePermission("/auth/logon.html", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/logon.html", ""));
//        uncheckedPermissions.add(new WebResourcePermission("/auth/j_security_check", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/j_security_check", ""));

        Map<String, PermissionCollection> rolePermissions = new HashMap<String, PermissionCollection>();
        PermissionCollection permissions = new Permissions();
        permissions.add(new WebResourcePermission("/protected/*", ""));
        rolePermissions.put("content-administrator", permissions);
        rolePermissions.put("auto-administrator", permissions);

        Set<String> securityRoles = new HashSet<String>();
        securityRoles.add("content-administrator");
View Full Code Here

TOP

Related Classes of javax.security.jacc.WebResourcePermission

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.