Package org.apache.qpid.server.security.access.config

Examples of org.apache.qpid.server.security.access.config.RuleSet


        CurrentActor.set(new TestLogActor(messageLogger));
    }

    private RuleSet createGroupRuleSet()
    {
        final RuleSet rs = new RuleSet();

        // Rule expressed with username
        rs.grant(0, "user1", Permission.ALLOW, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
        // Rules expressed with groups
        rs.grant(1, ALLOWED_GROUP, Permission.ALLOW, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
        rs.grant(2, DENIED_GROUP, Permission.DENY, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);
        // Catch all rule
        rs.grant(3, Rule.ALL, Permission.DENY_LOG, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY);

        return rs;
    }
View Full Code Here


    /**
     * Tests that a grant access method rule allows any access operation to be performed on any component
     */
    public void testAuthoriseAccessMethodWhenAllAccessOperationsAllowedOnAllComponents() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet();

        // grant user4 access right on any method in any component
        rs.grant(1, "user4", Permission.ALLOW, Operation.ACCESS, ObjectType.METHOD, new ObjectProperties(ObjectProperties.STAR));
        configureAccessControl(rs);
        SecurityManager.setThreadSubject(TestPrincipalUtils.createTestSubject("user4"));

        ObjectProperties actionProperties = new ObjectProperties("getName");
        actionProperties.put(ObjectProperties.Property.COMPONENT, "Test");
View Full Code Here

    /**
     * Tests that a grant access method rule allows any access operation to be performed on a specified component
     */
    public void testAuthoriseAccessMethodWhenAllAccessOperationsAllowedOnSpecifiedComponent() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet();

        // grant user5 access right on any methods in "Test" component
        ObjectProperties ruleProperties = new ObjectProperties(ObjectProperties.STAR);
        ruleProperties.put(ObjectProperties.Property.COMPONENT, "Test");
        rs.grant(1, "user5", Permission.ALLOW, Operation.ACCESS, ObjectType.METHOD, ruleProperties);
        configureAccessControl(rs);
        SecurityManager.setThreadSubject(TestPrincipalUtils.createTestSubject("user5"));

        ObjectProperties actionProperties = new ObjectProperties("getName");
        actionProperties.put(ObjectProperties.Property.COMPONENT, "Test");
View Full Code Here

    public void testAccess() throws Exception
    {
        Subject subject = TestPrincipalUtils.createTestSubject("user1");
        SecurityManager.setThreadSubject(subject);

        RuleSet mockRuleSet = mock(RuleSet.class);

        InetAddress inetAddress = InetAddress.getLocalHost();
        InetSocketAddress inetSocketAddress = new InetSocketAddress(inetAddress, 1);

        DefaultAccessControl accessControl = new DefaultAccessControl(mockRuleSet);
View Full Code Here

        SecurityManager.setThreadSubject(subject);

        InetAddress inetAddress = InetAddress.getLocalHost();
        InetSocketAddress inetSocketAddress = new InetSocketAddress(inetAddress, 1);

        RuleSet mockRuleSet = mock(RuleSet.class);
        when(mockRuleSet.check(
                subject,
                Operation.ACCESS,
                ObjectType.VIRTUALHOST,
                ObjectProperties.EMPTY,
                inetAddress)).thenThrow(new RuntimeException());
View Full Code Here

    /**
     * Tests that a grant access method rule allows any access operation to be performed on a specified component
     */
    public void testAuthoriseAccessMethodWhenSpecifiedAccessOperationsAllowedOnSpecifiedComponent() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet();

        // grant user6 access right on "getAttribute" method in "Test" component
        ObjectProperties ruleProperties = new ObjectProperties("getAttribute");
        ruleProperties.put(ObjectProperties.Property.COMPONENT, "Test");
        rs.grant(1, "user6", Permission.ALLOW, Operation.ACCESS, ObjectType.METHOD, ruleProperties);
        configureAccessControl(rs);
        SecurityManager.setThreadSubject(TestPrincipalUtils.createTestSubject("user6"));

        ObjectProperties properties = new ObjectProperties("getAttribute");
        properties.put(ObjectProperties.Property.COMPONENT, "Test");
View Full Code Here

    /**
     * Tests that granting of all method rights on a method allows a specified operation to be performed on any component
     */
    public void testAuthoriseAccessUpdateMethodWhenAllRightsGrantedOnSpecifiedMethodForAllComponents() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet();

        // grant user8 all rights on method queryNames in all component
        rs.grant(1, "user8", Permission.ALLOW, Operation.ALL, ObjectType.METHOD, new ObjectProperties("queryNames"));
        configureAccessControl(rs);
        SecurityManager.setThreadSubject(TestPrincipalUtils.createTestSubject("user8"));

        ObjectProperties properties = new ObjectProperties();
        properties.put(ObjectProperties.Property.COMPONENT, "Test");
View Full Code Here

    /**
     * Tests that granting of all method rights allows any operation to be performed on any component
     */
    public void testAuthoriseAccessUpdateMethodWhenAllRightsGrantedOnAllMethodsInAllComponents() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet();

        // grant user9 all rights on any method in all component
        rs.grant(1, "user9", Permission.ALLOW, Operation.ALL, ObjectType.METHOD, new ObjectProperties());
        configureAccessControl(rs);
        SecurityManager.setThreadSubject(TestPrincipalUtils.createTestSubject("user9"));

        ObjectProperties properties = new ObjectProperties("queryNames");
        properties.put(ObjectProperties.Property.COMPONENT, "Test");
View Full Code Here

    /**
     * Tests that granting of access method rights with mask allows matching operations to be performed on the specified component
     */
    public void testAuthoriseAccessMethodWhenMatchingAcessOperationsAllowedOnSpecifiedComponent() throws ConfigurationException
    {
        final RuleSet rs = new RuleSet();

        // grant user9 all rights on "getAttribute*" methods in Test component
        ObjectProperties ruleProperties = new ObjectProperties();
        ruleProperties.put(ObjectProperties.Property.COMPONENT, "Test");
        ruleProperties.put(ObjectProperties.Property.NAME, "getAttribute*");

        rs.grant(1, "user9", Permission.ALLOW, Operation.ACCESS, ObjectType.METHOD, ruleProperties);
        configureAccessControl(rs);
        SecurityManager.setThreadSubject(TestPrincipalUtils.createTestSubject("user9"));

        ObjectProperties properties = new ObjectProperties("getAttributes");
        properties.put(ObjectProperties.Property.COMPONENT, "Test");
View Full Code Here

     *
     */
    public void testValidRule() throws Exception
    {
        final PlainConfiguration config = writeACLConfig("ACL DENY-LOG user1 ACCESS VIRTUALHOST");
        final RuleSet rs = config.getConfiguration();
        assertEquals(1, rs.getRuleCount());

        final Map<Integer, Rule> rules = rs.getAllRules();
        assertEquals(1, rules.size());
        final Rule rule = rules.get(0);
        assertEquals("Rule has unexpected identity", "user1", rule.getIdentity());
        assertEquals("Rule has unexpected operation", Operation.ACCESS, rule.getAction().getOperation());
        assertEquals("Rule has unexpected operation", ObjectType.VIRTUALHOST, rule.getAction().getObjectType());
View Full Code Here

TOP

Related Classes of org.apache.qpid.server.security.access.config.RuleSet

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.