Examples of org.jboss.security.identity.RoleGroup

• org.jboss.security.identity.RoleGroup
  Represents a group of roles @author Anil.Saldhana@redhat.com @since Nov 16, 2007 @version $Revision$

      }
   }

   public void testSecurityRoleRef() throws Exception
   {
      RoleGroup principalRole = SecurityTestUtil.getRoleGroup(new String[] {"roleA"});

      //Create a ContextMap
      Map<String,Object> cmap = new HashMap<String,Object>();

      EJBResource ejbResource = new EJBResource(cmap);

      SimpleRoleGroup roleGroup = new SimpleRoleGroup("Roles");
      roleGroup.addRole(new SimpleRole("testRole"));
      sc.getUtil().setRoles(roleGroup);

      //Retrieve the roles
      RoleGroup scRoles = sc.getUtil().getRoles();
      assertNotNull(scRoles);
      assertTrue(scRoles.containsAll(new SimpleRole("testRole")));
   }

      am.authorize(wr);//This should just pass as the default module PERMITS all
   }

   private RoleGroup getRoleGroup()
   {
      RoleGroup rg = new SimpleRoleGroup(SecurityConstants.ROLES_IDENTIFIER);
      rg.addRole(new SimpleRole("ServletUserRole"));
      return rg;
   }

   private class AuthzCallable implements Callable<Boolean>
   {
      private TestResource resource = new TestResource();
      public Boolean call() throws Exception
      {
         RoleGroup role = SecurityTestUtil.getRoleGroup("roleA");
         Subject subject = new Subject();
         return am.authorize(resource, subject, role) == AuthorizationContext.PERMIT;
      }

   private class AuthzSetAndCall implements Callable<Boolean>
   {
      private TestResource resource = new TestResource();
      public Boolean call() throws Exception
      {
         RoleGroup role = SecurityTestUtil.getRoleGroup("roleA");
         Subject subject = new Subject();
         return am.authorize(resource, subject, role) == AuthorizationContext.PERMIT;
      }

      return ap;
   }

   private RoleGroup getRoleGroup()
   {
      RoleGroup rg = new SimpleRoleGroup(SecurityConstants.ROLES_IDENTIFIER);
      rg.getRoles().add(new SimpleRole("ServletUserRole"));
      return rg;
   }

         resources[i] = new TestResource(i, "Test Resource " + i);

      // Identity 'john' has two roles (role1 and role2).
      Role role1 = RoleFactory.createRole("role1");
      Role role2 = RoleFactory.createRole("role2");
      RoleGroup roleGroup = RoleFactory.createRoleGroup("RoleGroup");
      roleGroup.addRole(role1);
      roleGroup.addRole(role2);
      this.identity = IdentityFactory.createIdentityWithRole("john", roleGroup);

      // create the ACLs for the resources.
      ACLEntry entry1 = new ACLEntryImpl(BasicACLPermission.READ, "role1");
      ACLEntry entry2 = new ACLEntryImpl(

        final SecurityContext securityContext = doPrivileged(securityContext());
        if (securityContext == null) {
            return false;
        }

        RoleGroup roleGroup = null;

        RunAs runAs = securityContext.getIncomingRunAs();
        if (runAs != null && runAs instanceof RunAsIdentity) {
            RunAsIdentity runAsIdentity = (RunAsIdentity) runAs;
            roleGroup = runAsIdentity.getRunAsRolesAsRoleGroup();
        } else {

            AuthorizationManager am = securityContext.getAuthorizationManager();
            SecurityContextCallbackHandler scb = new SecurityContextCallbackHandler(securityContext);

            roleGroup = am.getSubjectRoles(securityContext.getSubjectInfo().getAuthenticatedSubject(), scb);
        }

        List<Role> roles = roleGroup.getRoles();

        // TODO - Review most performant way.
        Set<String> requiredRoles = new HashSet<String>();
        for (String current : roleNames) {
            requiredRoles.add(current);

        final SecurityContext securityContext = doPrivileged(securityContext());
        if (securityContext == null) {
            return false;
        }

        RoleGroup roleGroup = null;

        RunAs runAs = securityContext.getIncomingRunAs();
        if (runAs != null && runAs instanceof RunAsIdentity) {
            RunAsIdentity runAsIdentity = (RunAsIdentity) runAs;
            roleGroup = runAsIdentity.getRunAsRolesAsRoleGroup();
        } else {
            AuthorizationManager am = securityContext.getAuthorizationManager();
            SecurityContextCallbackHandler scb = new SecurityContextCallbackHandler(securityContext);

            roleGroup = am.getSubjectRoles(securityContext.getSubjectInfo().getAuthenticatedSubject(), scb);
        }

        List<Role> roles = roleGroup.getRoles();

        // TODO - Review most performant way.
        Set<String> requiredRoles = new HashSet<String>();
        for (String current : roleNames) {
            requiredRoles.add(current);

            AssertionType assertion = SAMLUtil.fromElement(tokenElement);

            // check the assertion statements and look for role attributes.
            AttributeStatementType attributeStatement = this.getAttributeStatement(assertion);
            if (attributeStatement != null) {
                RoleGroup rolesGroup = new SimpleRoleGroup(SAML20CommonTokenRoleAttributeProvider.JBOSS_ROLE_PRINCIPAL_NAME);
                List<ASTChoiceType> attributeList = attributeStatement.getAttributes();
                for (ASTChoiceType obj : attributeList) {
                    AttributeType attribute = obj.getAttribute();
                    if (attribute != null) {
                        // if this is a role attribute, get its values and add them to the role set.
                        if (tokenRoleAttributeName.equals(attribute.getName())) {
                            for (Object value : attribute.getAttributeValue()) {
                                rolesGroup.addRole(new SimpleRole((String) value));
                            }
                        }
                    }
                }
                result.setMappedObject(rolesGroup);