Package org.apache.qpid.server.security.access.config

Examples of org.apache.qpid.server.security.access.config.RuleSet

203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
    /**
     * Tests that a grant access method rule allows any access operation to be performed on a specified component
     */
    public void testAuthoriseAccessMethodWhenAllAccessOperationsAllowedOnSpecifiedComponent() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet(mock(EventLoggerProvider.class));

        // grant user5 access right on any methods in "Test" component
        ObjectProperties ruleProperties = new ObjectProperties(ObjectProperties.STAR);
        ruleProperties.put(ObjectProperties.Property.COMPONENT, "Test");
        rs.grant(1, "user5", Permission.ALLOW, Operation.ACCESS, ObjectType.METHOD, ruleProperties);
        configureAccessControl(rs);
        Subject.doAs(TestPrincipalUtils.createTestSubject("user5"), new PrivilegedAction<Object>()
        {
            @Override
            public Object run()
View Full Code Here
246
247
248
249
250
251
252
253
254
255
256
        Subject.doAs(subject, new PrivilegedExceptionAction<Object>()
        {
            @Override
            public Object run() throws Exception
            {
                RuleSet mockRuleSet = mock(RuleSet.class);



                DefaultAccessControl accessControl = new DefaultAccessControl(mockRuleSet);
View Full Code Here
279
280
281
282
283
284
285
286
287
288
289
290
            @Override
            public Object run() throws Exception
            {


                RuleSet mockRuleSet = mock(RuleSet.class);
                when(mockRuleSet.check(
                        subject,
                        Operation.ACCESS,
                        ObjectType.VIRTUALHOST,
                        ObjectProperties.EMPTY,
                        inetAddress)).thenThrow(new RuntimeException());
View Full Code Here
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
    /**
     * Tests that a grant access method rule allows any access operation to be performed on a specified component
     */
    public void testAuthoriseAccessMethodWhenSpecifiedAccessOperationsAllowedOnSpecifiedComponent() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet(mock(EventLoggerProvider.class));

        // grant user6 access right on "getAttribute" method in "Test" component
        ObjectProperties ruleProperties = new ObjectProperties("getAttribute");
        ruleProperties.put(ObjectProperties.Property.COMPONENT, "Test");
        rs.grant(1, "user6", Permission.ALLOW, Operation.ACCESS, ObjectType.METHOD, ruleProperties);
        configureAccessControl(rs);
        Subject.doAs(TestPrincipalUtils.createTestSubject("user6"), new PrivilegedAction<Object>()
        {
            @Override
            public Object run()
View Full Code Here
340
341
342
343
344
345
346
347
348
349
350
351
352
353
    /**
     * Tests that granting of all method rights on a method allows a specified operation to be performed on any component
     */
    public void testAuthoriseAccessUpdateMethodWhenAllRightsGrantedOnSpecifiedMethodForAllComponents() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet(mock(EventLoggerProvider.class));

        // grant user8 all rights on method queryNames in all component
        rs.grant(1, "user8", Permission.ALLOW, Operation.ALL, ObjectType.METHOD, new ObjectProperties("queryNames"));
        configureAccessControl(rs);
        Subject.doAs(TestPrincipalUtils.createTestSubject("user8"), new PrivilegedAction<Object>()
        {
            @Override
            public Object run()
View Full Code Here
379
380
381
382
383
384
385
386
387
388
389
390
391
392
    /**
     * Tests that granting of all method rights allows any operation to be performed on any component
     */
    public void testAuthoriseAccessUpdateMethodWhenAllRightsGrantedOnAllMethodsInAllComponents() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet(mock(EventLoggerProvider.class));

        // grant user9 all rights on any method in all component
        rs.grant(1, "user9", Permission.ALLOW, Operation.ALL, ObjectType.METHOD, new ObjectProperties());
        configureAccessControl(rs);
        Subject.doAs(TestPrincipalUtils.createTestSubject("user9"), new PrivilegedAction<Object>()
        {
            @Override
            public Object run()
View Full Code Here
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
    /**
     * Tests that granting of access method rights with mask allows matching operations to be performed on the specified component
     */
    public void testAuthoriseAccessMethodWhenMatchingAccessOperationsAllowedOnSpecifiedComponent() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet(mock(EventLoggerProvider.class));

        // grant user9 all rights on "getAttribute*" methods in Test component
        ObjectProperties ruleProperties = new ObjectProperties();
        ruleProperties.put(ObjectProperties.Property.COMPONENT, "Test");
        ruleProperties.put(ObjectProperties.Property.NAME, "getAttribute*");

        rs.grant(1, "user9", Permission.ALLOW, Operation.ACCESS, ObjectType.METHOD, ruleProperties);
        configureAccessControl(rs);
        Subject.doAs(TestPrincipalUtils.createTestSubject("user9"), new PrivilegedAction<Object>()
        {
            @Override
            public Object run()
View Full Code Here
64
65
66
67
68
69
70
    @Override
    public void setUp() throws Exception
    {
        super.setUp();

        _ruleSet = new RuleSet(mock(EventLoggerProvider.class));
    }
View Full Code Here
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
    protected void setUp() throws Exception
    {
        super.setUp();

        final RuleSet rs = new RuleSet();
        rs.addGroup("aclGroup1", Arrays.asList(new String[] {"member1", "member2"}));

        // Rule expressed with username
        rs.grant(0, "user1", Permission.ALLOW, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
        // Rule expressed with a acl group
        rs.grant(1, "aclGroup1", Permission.ALLOW, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
        // Rule expressed with an external group
        rs.grant(2, "extGroup1", Permission.DENY, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
        // Catch all rule
        rs.grant(3, Rule.ALL, Permission.DENY_LOG, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);

        _plugin = (AccessControl) AccessControl.FACTORY.newInstance(createConfiguration(rs));

        SecurityManager.setThreadSubject(null);
       
View Full Code Here
66
67
68
69
70
71
72
73
    @Override
    public void setUp() throws Exception
    {
        super.setUp();

        _ruleSet = new RuleSet();
        _ruleSet.configure(RuleSet.TRANSITIVE, Boolean.FALSE);
    }
View Full Code Here
TOP

Related Classes of org.apache.qpid.server.security.access.config.RuleSet

  • org.apache.qpid.server.security.access.config.PlainConfigurationTest
  • org.apache.qpid.server.security.access.ObjectProperties
  • org.apache.qpid.server.security.access.Permission
  • org.apache.qpid.server.security.access.plugins.AccessControlTest
  • org.apache.qpid.server.security.access.plugins.DefaultAccessControlTest
  • org.apache.qpid.server.security.access.plugins.PlainConfigurationTest
  • org.apache.qpid.server.security.access.plugins.RuleSetTest
  • java.security.Principal
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.