Examples of org.jboss.security.config.ApplicationPolicy

• org.jboss.security.config.ApplicationPolicy
  Application Policy Information Holder - Authentication - Authorization - Audit - Mapping @author Anil Saldhana @since Jun 9, 2006 @version $Revision: 69642 $

      authzBean = (AuthorizationPolicyBean) super.getBean("TestPolicy2$AuthorizationPolicy");
      assertEquals(policyBean2.getAuthorizationPolicy(), authzBean);
      BeanValidator.validateAuthorizationBean(authzBean);

      // verify the contents of the authorization policies.
      ApplicationPolicy policy = XMLLoginConfigImpl.getInstance().getApplicationPolicy("TestPolicy1");
      PolicyValidator.validateAuthorizationPolicy("TestPolicy1", policy.getAuthorizationInfo());

      policy = XMLLoginConfigImpl.getInstance().getApplicationPolicy("TestPolicy2");
      PolicyValidator.validateAuthorizationPolicy("TestPolicy2", policy.getAuthorizationInfo());
   }

      trustBean = (IdentityTrustPolicyBean) super.getBean("TestPolicy2$IdentityTrustPolicy");
      assertEquals(policyBean2.getIdentityTrustPolicy(), trustBean);
      BeanValidator.validateIdentityTrustBean(trustBean);

      // verify the contents of the identity-trust policies.
      ApplicationPolicy policy = XMLLoginConfigImpl.getInstance().getApplicationPolicy("TestPolicy1");
      PolicyValidator.validateIdentityTrustPolicy("TestPolicy1", policy.getIdentityTrustInfo());

      policy = XMLLoginConfigImpl.getInstance().getApplicationPolicy("TestPolicy2");
      PolicyValidator.validateIdentityTrustPolicy("TestPolicy2", policy.getIdentityTrustInfo());

   }

      assertNotNull("ApplicationPolicyBean not found", bean);
      assertNotNull("Parent policy name has not been set", bean.getParentPolicy());
      assertEquals("Unexpected parent policy name", "TestPolicy1", bean.getParentPolicy());

      // validate the real application policy has been created with the expected contents.
      ApplicationPolicy policy = XMLLoginConfigImpl.getInstance().getApplicationPolicy("TestPolicy2");
      assertNotNull("Application policy not found", policy);

      // validate the constructed authentication policy.
      PolicyValidator.validateAuthenticationPolicy("TestPolicy2", (AuthenticationInfo) policy.getAuthenticationInfo());
      // validate the constructed authorization policy.
      PolicyValidator.validateAuthorizationPolicy("TestPolicy2", policy.getAuthorizationInfo());
      // validate the constructed acl policy.
      PolicyValidator.validateACLPolicy("TestPolicy2", policy.getAclInfo());
      // validate the constructed role-mapping policy, whose configuration comes exclusively from the parent policy.
      PolicyValidator.validateRoleMappingPolicy("TestPolicy1", policy.getMappingInfo("role"));
      // validate the constructed audit policy.
      PolicyValidator.validateAuditPolicy("TestPolicy2", policy.getAuditInfo());
      // validate the constructed identity-trust policy.
      PolicyValidator.validateIdentityTrustPolicy("TestPolicy2", policy.getIdentityTrustInfo());

      // now validate the jaspi authentication extension.
      bean = (ApplicationPolicyBean) super.getBean("TestPolicy4");
      assertNotNull("ApplicationPolicyBean not found", bean);
      assertNotNull("Parent policy name has not been set", bean.getParentPolicy());
      assertEquals("Unexpected parent policy name", "TestPolicy3", bean.getParentPolicy());
      // validate the real application policy has been created with the expected contents.
      policy = XMLLoginConfigImpl.getInstance().getApplicationPolicy("TestPolicy4");
      assertNotNull("Application policy not found", policy);
      // validate the constructed jaspi authentication policy.
      PolicyValidator.validateJaspiAuthenticationPolicy("TestPolicy4", (JASPIAuthenticationInfo) policy
            .getAuthenticationInfo());
   }

      assertEquals("dummy=dr", "dr", itieOptions.get("dummy"));
   }

   public void testApplicationPolicyExtension()
   {
      ApplicationPolicy completeConfig = config.get("conf-jaas-extend");
      assertNotNull("conf-jaas-extend is not null", completeConfig);
      BaseAuthenticationInfo bai = completeConfig.getAuthenticationInfo();
      assertNotNull("BaseAuthenticationInfo is not null", bai);
      assertEquals("3 login modules", 3, bai.getModuleEntries().size());

      // Authorization
      AuthorizationInfo azi = completeConfig.getAuthorizationInfo();
      assertNotNull("AuthorizationInfo is not null", azi);
      assertEquals("3 authz modules", 3, azi.getModuleEntries().size());

      // ACL
      ACLInfo aclInfo = completeConfig.getAclInfo();
      assertNotNull("Unexpected null ACLInfo", aclInfo);
      assertEquals("Unexpected number of acl modules", 3, aclInfo.getModuleEntries().size());

      // Role Mapping
      MappingInfo mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
      assertNotNull("MappingInfo is not null", mappingInfo);
      // we expect 2 modules because one has been configured as a mapping of type "role"
      assertEquals("2 map modules", 2, mappingInfo.getModuleEntries().size());

      // Mapping
      mappingInfo = completeConfig.getMappingInfo(MappingType.PRINCIPAL.toString());
      assertNotNull("MappingInfo is not null", mappingInfo);
      MappingModuleEntry[] mappingEntries = mappingInfo.getMappingModuleEntry();
      assertEquals("Invalid number of entries", 2, mappingEntries.length);
      assertEquals("org.jboss.test.mapping.MappingModule1", mappingEntries[0].getMappingModuleName());
      assertEquals("org.jboss.test.mapping.MappingModule3", mappingEntries[1].getMappingModuleName());
      // same test as above: we expect 2 role-mapping modules: 1 from rolemapping and 1 from mapping with type "role".
      mappingInfo = completeConfig.getMappingInfo(MappingType.ROLE.toString());
      assertNotNull("MappingInfo is not null", mappingInfo);
      mappingEntries = mappingInfo.getMappingModuleEntry();
      assertEquals("Invalid number of entries", 2, mappingEntries.length);
      assertEquals("org.jboss.test.TestMappingModule", mappingEntries[0].getMappingModuleName());
      assertEquals("org.jboss.test.mapping.MappingModule2", mappingEntries[1].getMappingModuleName());

      // Audit
      AuditInfo ai = completeConfig.getAuditInfo();
      assertNotNull("AuditInfo", ai);
      AuditProviderEntry[] apelist = ai.getAuditProviderEntry();
      assertEquals("Audit entry length=1", 1, apelist.length);

      // Identity Trust
      IdentityTrustInfo iti = completeConfig.getIdentityTrustInfo();
      assertNotNull("IdentityTrustInfo", iti);
      IdentityTrustModuleEntry[] itilist = iti.getIdentityTrustModuleEntry();
      assertEquals("IdentityTrustModuleEntry length=1", 1, itilist.length);

      // JASPI authentication policy extension
      ApplicationPolicy jaspiPolicy = config.get("conf-jaspi-extend");
      assertNotNull("Unexpected null conf-jaspi-extend application policy", jaspiPolicy);
      BaseAuthenticationInfo authInfo = jaspiPolicy.getAuthenticationInfo();
      assertNotNull("Unexpected null jaspi configuration", authInfo);
      List<?> entries = authInfo.getModuleEntries();
      assertEquals("Invalid number of auth modules", 3, entries.size());
   }

      assertEquals("Invalid number of auth modules", 3, entries.size());
   }

   public void testAddDeletionOfApplicationPolicies()
   {
      ApplicationPolicy aPolicy = new ApplicationPolicy("test");
      SecurityConfiguration.addApplicationPolicy(aPolicy);
      ApplicationPolicy ap = SecurityConfiguration.getApplicationPolicy("test");
      assertNotNull("Application Policy for test != null", ap);
      assertEquals("Application Policy Name = test", "test", ap.getName());

      SecurityConfiguration.removeApplicationPolicy("test");
      assertNull("Application Policy for test is null", SecurityConfiguration.getApplicationPolicy("test"));
   }

      // Load the config if PolicyConfig is empty
      if (this.appConfigs.size() == 0)
         this.loadConfig();

      AppConfigurationEntry[] entry = null;
      ApplicationPolicy aPolicy = this.getApplicationPolicy(appName);
      BaseAuthenticationInfo authInfo = null;
      if (aPolicy != null)
         authInfo = aPolicy.getAuthenticationInfo();

      if (authInfo == null)
      {
         if (log.isTraceEnabled())
            log.trace("getAppConfigurationEntry(" + appName + "), no entry in appConfigs, tyring parentCont: "
                  + parentConfig);
         if (parentConfig != null)
            entry = parentConfig.getAppConfigurationEntry(appName);
         if (entry == null)
         {
            if (log.isTraceEnabled())
               log.trace("getAppConfigurationEntry(" + appName + "), no entry in parentConfig, trying: "
                     + DEFAULT_APP_CONFIG_NAME);
         }
         ApplicationPolicy defPolicy = appConfigs.get(DEFAULT_APP_CONFIG_NAME);
         authInfo = defPolicy != null ? (AuthenticationInfo) defPolicy.getAuthenticationInfo() : null;
      }

      if (authInfo != null)
      {
         if (log.isTraceEnabled())

         sm.checkPermission(REFRESH_PERM);
      AuthenticationInfo authInfo = new AuthenticationInfo(appName);
      authInfo.setAppConfigurationEntry(entries);
      if (log.isTraceEnabled())
         log.trace("addAppConfig(" + appName + "), authInfo=" + authInfo);
      ApplicationPolicy aPolicy = new ApplicationPolicy(appName, authInfo);
      appConfigs.add(aPolicy);
      SecurityConfiguration.addApplicationPolicy(aPolicy);
   }

    */
   public ApplicationPolicy getApplicationPolicy(String domainName)
   {
      if (appConfigs == null || appConfigs.size() == 0)
         loadConfig();
      ApplicationPolicy aPolicy = null;
      if(appConfigs != null )
         aPolicy = appConfigs.get(domainName);
      if (aPolicy != null)
         SecurityConfiguration.addApplicationPolicy(aPolicy);
      return aPolicy;

    *
    * @return the parsed AuthenticationInfo object
    */
   public BaseAuthenticationInfo getAuthenticationInfo(String domainName)
   {
      ApplicationPolicy aPolicy = getApplicationPolicy(domainName);
      return aPolicy != null ? aPolicy.getAuthenticationInfo() : null;
   }

         throw new IllegalStateException("Security Context is null");
      String secDomain = securityContext.getSecurityDomain();

      String defaultAppDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
      //Get the modules from the SecurityConfiguration
      ApplicationPolicy ap = SecurityConfiguration.getApplicationPolicy(secDomain);
      if(ap == null)
      {
         ap = SecurityConfiguration.getApplicationPolicy(defaultAppDomain);
      }
      if(ap == null)
         throw new IllegalStateException("No Application Policy found");
      BaseAuthenticationInfo bai = ap.getAuthenticationInfo();
      if(bai == null)
         throw new IllegalStateException("Authentication Info not set in security domain="+ secDomain
               + " or "+ defaultAppDomain);

      if(bai instanceof AuthenticationInfo)