Mailing-List: contact commits-help@archiva.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@archiva.apache.org
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r702748 - in /archiva/branches/MRM-124: ./
 archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/
 archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/java/org/apache/maven/archiva/xmlrpc/security/
 archiv...
Date: Wed, 08 Oct 2008 08:01:03 -0000
To: commits@archiva.apache.org
From: oching@apache.org
Message-Id: <20081008080104.157B02388961@eris.apache.org>

Author: oching
Date: Wed Oct  8 01:01:02 2008
New Revision: 702748

URL: http://svn.apache.org/viewvc?rev=702748&view=rev
Log:
added test cases for XmlRpcAuthenticator

Added:
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/META-INF/
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/META-INF/redback/
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/META-INF/redback/redback-core.xml
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/apache/
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/apache/maven/
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/apache/maven/archiva/
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/apache/maven/archiva/xmlrpc/
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/apache/maven/archiva/xmlrpc/security/
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/apache/maven/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.xml
Modified:
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/pom.xml
    archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/java/org/apache/maven/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.java
    archiva/branches/MRM-124/pom.xml

Modified: archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/pom.xml
URL: http://svn.apache.org/viewvc/archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/pom.xml?rev=702748&r1=702747&r2=702748&view=diff
==============================================================================
--- archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/pom.xml (original)
+++ archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/pom.xml Wed Oct  8 01:01:02 2008
@@ -47,5 +47,37 @@
       <groupId>org.apache.archiva</groupId>
       <artifactId>archiva-security</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.codehaus.plexus</groupId>
+      <artifactId>plexus-spring</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <!-- use spring for the unit tests?
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-test</artifactId>
+      <scope>test</scope>
+    </dependency>
+     -->
+    <dependency>
+      <groupId>org.codehaus.redback</groupId>
+      <artifactId>redback-authorization-rbac</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.codehaus.redback</groupId>
+      <artifactId>redback-keys-memory</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.codehaus.redback</groupId>
+      <artifactId>redback-users-memory</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.codehaus.redback</groupId>
+      <artifactId>redback-rbac-memory</artifactId>
+      <scope>test</scope>
+    </dependency>
   </dependencies>
 </project>

Modified: archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/java/org/apache/maven/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.java
URL: http://svn.apache.org/viewvc/archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/java/org/apache/maven/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.java?rev=702748&r1=702747&r2=702748&view=diff
==============================================================================
--- archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/java/org/apache/maven/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.java (original)
+++ archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/java/org/apache/maven/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.java Wed Oct  8 01:01:02 2008
@@ -1,3 +1,5 @@
+package org.apache.maven.archiva.xmlrpc.security;
+
 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
@@ -16,176 +18,199 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.apache.maven.archiva.xmlrpc.security;
 
-import junit.framework.TestCase;
+import java.io.File;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.maven.archiva.configuration.ArchivaConfiguration;
+import org.apache.maven.archiva.security.ArchivaRoleConstants;
+import org.apache.maven.archiva.security.UserRepositories;
 import org.apache.xmlrpc.XmlRpcRequest;
-import org.apache.xmlrpc.XmlRpcRequestConfig;
 import org.apache.xmlrpc.common.XmlRpcHttpRequestConfigImpl;
-import org.codehaus.plexus.redback.authentication.AuthenticationDataSource;
-import org.codehaus.plexus.redback.authentication.AuthenticationException;
-import org.codehaus.plexus.redback.authentication.AuthenticationResult;
-import org.codehaus.plexus.redback.authorization.AuthorizationException;
-import org.codehaus.plexus.redback.authorization.AuthorizationResult;
-import org.codehaus.plexus.redback.keys.KeyManager;
-import org.codehaus.plexus.redback.policy.AccountLockedException;
-import org.codehaus.plexus.redback.policy.UserSecurityPolicy;
-import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.rbac.RBACManager;
+import org.codehaus.plexus.redback.role.RoleManager;
 import org.codehaus.plexus.redback.system.SecuritySystem;
 import org.codehaus.plexus.redback.users.User;
 import org.codehaus.plexus.redback.users.UserManager;
 import org.codehaus.plexus.redback.users.UserNotFoundException;
-
+import org.codehaus.plexus.spring.PlexusInSpringTestCase;
+import org.easymock.MockControl;
+import org.easymock.classextension.MockClassControl;
+
+/**
+ * XmlRpcAuthenticatorTest
+ * 
+ * @version $Id XmlRpcAuthenticatorTest.java
+ */
 public class XmlRpcAuthenticatorTest
-    extends TestCase
+//extends AbstractDependencyInjectionSpringContextTests
+    extends PlexusInSpringTestCase
 {
-    private static final String USERNAME = "username";
+    protected static final String USER_GUEST = "guest";
+
+    protected static final String USER_ADMIN = "admin";
+
+    protected static final String USER_ALPACA = "alpaca";
 
-    private static final String PASSWORD = "password";
+    private static final String PASSWORD = "password123";
 
-    public void testAuthentication()
+    protected SecuritySystem securitySystem;
+
+    protected RoleManager roleManager;
+    
+    private MockControl xmlRpcRequestControl;
+    
+    private XmlRpcRequest xmlRpcRequest;
+    
+    private XmlRpcAuthenticator authenticator;
+    
+    private MockControl configControl;
+    
+    private XmlRpcHttpRequestConfigImpl config; 
+    
+    public void setUp()
         throws Exception
     {
-        MockSecuritySystem securitySystem = new MockSecuritySystem( true, true, USERNAME, PASSWORD );
-        XmlRpcAuthenticator authenticator = new XmlRpcAuthenticator( securitySystem );
-        MockXmlRpcRequest request = new MockXmlRpcRequest( USERNAME, PASSWORD );
-
-        //assertTrue( authenticator.isAuthorized( request ) );
+        super.setUp();
+        
+        securitySystem = (SecuritySystem) lookup( SecuritySystem.class, "testable" );        
+        roleManager = (RoleManager) lookup( RoleManager.class, "default" );
+        
+        // Some basic asserts.
+        assertNotNull( securitySystem );        
+        assertNotNull( roleManager );
+        
+        // Setup Admin User.
+        User adminUser = createUser( USER_ADMIN, "Admin User", null );
+        roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_SYSTEM_ADMIN, adminUser.getPrincipal().toString() );
+
+        // Setup Guest User.
+        User guestUser = createUser( USER_GUEST, "Guest User", null );
+        roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString() );
+        
+        configControl = MockClassControl.createControl( XmlRpcHttpRequestConfigImpl.class );
+        config = ( XmlRpcHttpRequestConfigImpl ) configControl.getMock();
+        
+        xmlRpcRequestControl = MockControl.createControl( XmlRpcRequest.class );
+        xmlRpcRequest = ( XmlRpcRequest ) xmlRpcRequestControl.getMock();    
+        
+        authenticator = new XmlRpcAuthenticator( securitySystem );        
     }
-
-    class MockXmlRpcRequest
-        implements XmlRpcRequest
+            
+    private User createUser( String principal, String fullname, String password )
+        throws UserNotFoundException
     {
-        private final XmlRpcHttpRequestConfigImpl configImpl;
-
-        public MockXmlRpcRequest( String username, String password )
-        {
-            configImpl = new XmlRpcHttpRequestConfigImpl();
-            configImpl.setBasicUserName( username );
-            configImpl.setBasicPassword( password );
-        }
-
-        public XmlRpcRequestConfig getConfig()
-        {
-            return configImpl;
-        }
-
-        public String getMethodName()
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public Object getParameter( int pIndex )
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public int getParameterCount()
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
+        UserManager userManager = securitySystem.getUserManager();
+    
+        User user = userManager.createUser( principal, fullname, principal + "@testable.archiva.apache.org" );
+        securitySystem.getPolicy().setEnabled( false );
+        userManager.addUser( user );
+        securitySystem.getPolicy().setEnabled( true );
+        
+        user.setPassword( password );        
+        userManager.updateUser( user );
+        
+        return user;
     }
-
-    class MockSecuritySystem
-        implements SecuritySystem
+    
+    public void testIsAuthorizedUserExistsButNotAuthorized()
+        throws Exception
     {
-        private final boolean authorized;
-
-        private final boolean authenticate;
-
-        private final String username;
-
-        private final String password;
-
-        public MockSecuritySystem( boolean authorized, boolean authenticate, String username, String password )
-        {
-            this.authorized = authorized;
-            this.authenticate = authenticate;
-            this.username = username;
-            this.password = password;
-        }
-
-        public SecuritySession authenticate( AuthenticationDataSource dataSource )
-            throws AuthenticationException, UserNotFoundException, AccountLockedException
-        {
-            return new SecuritySession()
-            {
-
-                public AuthenticationResult getAuthenticationResult()
-                {
-                    throw new UnsupportedOperationException( "Not supported yet." );
-                }
-
-                public User getUser()
-                {
-                    throw new UnsupportedOperationException( "Not supported yet." );
-                }
-
-                public boolean isAuthenticated()
-                {
-                    throw new UnsupportedOperationException();
-                }
-            };
-        }
-
-        public AuthorizationResult authorize( SecuritySession session, Object arg1 )
-            throws AuthorizationException
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public AuthorizationResult authorize( SecuritySession session, Object arg1, Object arg2 )
-            throws AuthorizationException
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public String getAuthenticatorId()
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public String getAuthorizerId()
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public KeyManager getKeyManager()
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public UserSecurityPolicy getPolicy()
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public String getUserManagementId()
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public UserManager getUserManager()
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public boolean isAuthenticated( AuthenticationDataSource dataSource )
-            throws AuthenticationException, UserNotFoundException, AccountLockedException
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public boolean isAuthorized( SecuritySession session, Object arg1 )
-            throws AuthorizationException
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
-
-        public boolean isAuthorized( SecuritySession session, Object arg1, Object arg2 )
-            throws AuthorizationException
-        {
-            throw new UnsupportedOperationException( "Not supported yet." );
-        }
+        createUser( USER_ALPACA, "Al 'Archiva' Paca", PASSWORD );
+        
+        UserManager userManager = securitySystem.getUserManager();
+        try
+        {
+            User user  = userManager.findUser( USER_ALPACA );
+            assertEquals( USER_ALPACA, user.getPrincipal() );
+        }
+        catch ( UserNotFoundException e )
+        {
+            fail( "User should exist in the database." );                        
+        }
+        
+        xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
+        
+        configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
+        
+        configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
+        
+        xmlRpcRequestControl.replay();
+        configControl.replay();
+        
+        boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
+        
+        xmlRpcRequestControl.verify();
+        configControl.verify();
+        
+        assertFalse( isAuthorized );
     }
+    
+    public void testIsAuthorizedUserExistsAndAuthorized()
+        throws Exception
+    {
+        createUser( USER_ALPACA, "Al 'Archiva' Paca", PASSWORD );
+        
+        UserManager userManager = securitySystem.getUserManager();
+        try
+        {
+            User user  = userManager.findUser( USER_ALPACA );
+            assertEquals( USER_ALPACA, user.getPrincipal() );
+        }
+        catch ( UserNotFoundException e )
+        {
+            fail( "User should exist in the database." );                        
+        }
+        
+        //TODO cannot assign global repo manager role - it says role does not exist :|
+        
+        //roleManager.assignRole( ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE, USER_ALPACA );
+        
+        xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
+        
+        configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
+        
+        configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
+        
+        xmlRpcRequestControl.replay();
+        configControl.replay();
+        
+        boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
+        
+        xmlRpcRequestControl.verify();
+        configControl.verify();
+        
+        //assertTrue( isAuthorized );
+    }
+    
+    public void testIsAuthorizedUserDoesNotExist()
+        throws Exception
+    {   
+        UserManager userManager = securitySystem.getUserManager();
+        try
+        {
+            userManager.findUser( USER_ALPACA );
+            fail( "User should not exist in the database." );
+        }
+        catch ( UserNotFoundException e )
+        {
+            assertEquals( "Unable to find user 'alpaca'", e.getMessage() );            
+        }
+        
+        xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
+        
+        configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
+        
+        configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
+        
+        xmlRpcRequestControl.replay();
+        configControl.replay();
+        
+        boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
+                
+        xmlRpcRequestControl.verify();
+        configControl.verify();
+        
+        assertFalse( isAuthorized );
+    }    
 }

Added: archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/META-INF/redback/redback-core.xml
URL: http://svn.apache.org/viewvc/archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/META-INF/redback/redback-core.xml?rev=702748&view=auto
==============================================================================
--- archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/META-INF/redback/redback-core.xml (added)
+++ archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/META-INF/redback/redback-core.xml Wed Oct  8 01:01:02 2008
@@ -0,0 +1,210 @@
+<redback-role-model>
+  <modelVersion>1.0.0</modelVersion>
+  <applications>
+    <application>
+      <id>Redback XWork Integration Security Core</id>
+      <version>1.0</version>
+      <resources>
+        <resource>
+          <id>global</id>
+          <name>*</name>
+          <permanent>true</permanent>
+          <description>
+            global resource implies full access for authorization
+          </description>
+        </resource>
+        <resource>
+          <id>username</id>
+          <name>${username}</name>
+          <permanent>true</permanent>
+          <description>
+            replaced with the username of the principal at authorization
+            check time
+          </description>
+        </resource>
+      </resources>
+      <operations>
+        <operation>
+          <id>configuration-edit</id>
+          <name>configuration-edit</name>
+          <description>edit configuration</description>
+          <permanent>true</permanent>
+        </operation>
+        <operation>
+          <id>user-management-user-create</id>
+          <name>user-management-user-create</name>
+          <description>create user</description>
+          <permanent>true</permanent>
+        </operation>
+        <operation>
+          <id>user-management-user-edit</id>
+          <name>user-management-user-edit</name>
+          <description>edit user</description>
+          <permanent>true</permanent>
+        </operation>
+        <operation>
+          <id>user-management-user-role</id>
+          <name>user-management-user-role</name>
+          <description>user roles</description>
+          <permanent>true</permanent>
+        </operation>
+        <operation>
+          <id>user-management-user-delete</id>
+          <name>user-management-user-delete</name>
+          <description>delete user</description>
+          <permanent>true</permanent>
+        </operation>
+        <operation>
+          <id>user-management-user-list</id>
+          <name>user-management-user-list</name>
+          <description>list users</description>
+          <permanent>true</permanent>
+        </operation>
+        <operation>
+          <id>user-management-role-grant</id>
+          <name>user-management-role-grant</name>
+          <description>grant role</description>
+          <permanent>true</permanent>
+        </operation>
+        <operation>
+          <id>user-management-role-drop</id>
+          <name>user-management-role-drop</name>
+          <description>drop role</description>
+          <permanent>true</permanent>
+        </operation>
+        <operation>
+          <id>user-management-rbac-admin</id>
+          <name>user-management-rbac-admin</name>
+          <description>administer rbac</description>
+          <permanent>true</permanent>
+        </operation>
+        <operation>
+          <id>guest-access</id>
+          <name>guest-access</name>
+          <description>access guest</description>
+          <permanent>true</permanent>
+        </operation>
+        <operation>
+          <id>add-repository</id>
+          <name>add-repository</name>
+          <description>add repository</description>
+          <permanent>true</permanent>
+        </operation>
+      </operations>
+      <roles>
+        <role>
+          <id>system-administrator</id>
+          <name>System Administrator</name>
+          <permanent>true</permanent>
+          <assignable>true</assignable>
+          <permissions>
+            <permission>
+              <id>edit-redback-configuration</id>
+              <name>Edit Redback Configuration</name>
+              <operation>configuration-edit</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
+            <permission>
+              <id>manage-rbac-setup</id>
+              <name>User RBAC Management</name>
+              <operation>user-management-rbac-admin</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
+          </permissions>
+          <childRoles>
+            <childRole>user-administrator</childRole>
+          </childRoles>
+        </role>
+        <role>
+          <id>user-administrator</id>
+          <name>User Administrator</name>
+          <permanent>true</permanent>
+          <assignable>true</assignable>
+          <permissions>
+            <permission>
+              <id>drop-roles-for-anyone</id>
+              <name>Drop Roles for Anyone</name>
+              <operation>user-management-role-drop</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
+            <permission>
+              <id>grant-roles-for-anyone</id>
+              <name>Grant Roles for Anyone</name>
+              <operation>user-management-role-grant</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
+            <permission>
+              <id>user-create</id>
+              <name>Create Users</name>
+              <operation>user-management-user-create</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
+            <permission>
+              <id>user-delete</id>
+              <name>Delete Users</name>
+              <operation>user-management-user-delete</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
+            <permission>
+              <id>user-edit</id>
+              <name>Edit Users</name>
+              <operation>user-management-user-edit</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
+            <permission>
+              <id>access-users-roles</id>
+              <name>Access Users Roles</name>
+              <operation>user-management-user-role</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
+            <permission>
+              <id>access-user-list</id>
+              <name>Access User List</name>
+              <operation>user-management-user-list</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
+          </permissions>
+        </role>
+        <role>
+          <id>registered-user</id>
+          <name>Registered User</name>
+          <permanent>true</permanent>
+          <assignable>true</assignable>
+          <permissions>
+            <permission>
+              <id>edit-user-by-username</id>
+              <name>Edit User Data by Username</name>
+              <operation>user-management-user-edit</operation>
+              <resource>username</resource>
+              <permanent>true</permanent>
+            </permission>
+          </permissions>
+        </role>
+        <role>
+          <id>guest</id>
+          <name>Guest</name>
+          <permanent>true</permanent>
+          <assignable>true</assignable>
+          <permissions>
+            <permission>
+              <id>guest-permission</id>
+              <name>Guest Permission</name>
+              <operation>guest-access</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
+          </permissions>
+        </role>        
+      </roles>
+    </application>
+  </applications>
+</redback-role-model>
\ No newline at end of file

Added: archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/apache/maven/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.xml
URL: http://svn.apache.org/viewvc/archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/apache/maven/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.xml?rev=702748&view=auto
==============================================================================
--- archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/apache/maven/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.xml (added)
+++ archiva/branches/MRM-124/archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/org/apache/maven/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.xml Wed Oct  8 01:01:02 2008
@@ -0,0 +1,192 @@
+<?xml version="1.0" ?>
+<component-set>
+  <components>
+     
+    <!-- x  
+    <component>
+      <role>org.apache.maven.archiva.security.UserRepositories</role>
+      <role-hint>default</role-hint>
+      <implementation>org.apache.maven.archiva.security.DefaultUserRepositories</implementation>
+      <description>DefaultUserRepositories</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.system.SecuritySystem</role>
+          <role-hint>testable</role-hint>
+          <field-name>securitySystem</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>rbacManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.role.RoleManager</role>
+          <role-hint>default</role-hint>
+          <field-name>roleManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.apache.maven.archiva.configuration.ArchivaConfiguration</role>
+          <field-name>archivaConfiguration</field-name>
+        </requirement>
+      </requirements>
+    </component>
+     -->
+    
+    <component>
+      <role>org.codehaus.plexus.redback.system.SecuritySystem</role>
+      <role-hint>testable</role-hint>
+      <implementation>org.codehaus.plexus.redback.system.DefaultSecuritySystem</implementation>
+      <description>DefaultSecuritySystem:</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.authentication.AuthenticationManager</role>
+          <field-name>authnManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.authorization.Authorizer</role>
+          <role-hint>rbac</role-hint>
+          <field-name>authorizer</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.users.UserManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>userManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.keys.KeyManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>keyManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.policy.UserSecurityPolicy</role>
+          <field-name>policy</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.authorization.Authorizer</role>
+      <role-hint>rbac</role-hint>
+      <implementation>org.codehaus.plexus.redback.authorization.rbac.RbacAuthorizer</implementation>
+      <description>RbacAuthorizer:</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>manager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.users.UserManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>userManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.authorization.rbac.evaluator.PermissionEvaluator</role>
+          <role-hint>default</role-hint>
+          <field-name>evaluator</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
+          <role-hint>default</role-hint>
+          <field-name>config</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.authorization.rbac.evaluator.PermissionEvaluator</role>
+      <role-hint>default</role-hint>
+      <implementation>org.codehaus.plexus.redback.authorization.rbac.evaluator.DefaultPermissionEvaluator</implementation>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.users.UserManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>userManager</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.role.RoleManager</role>
+      <role-hint>default</role-hint>
+      <implementation>org.codehaus.plexus.redback.role.DefaultRoleManager</implementation>
+      <description>RoleProfileManager:</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.role.validator.RoleModelValidator</role>
+          <role-hint>default</role-hint>
+          <field-name>modelValidator</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.role.processor.RoleModelProcessor</role>
+          <role-hint>default</role-hint>
+          <field-name>modelProcessor</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.role.template.RoleTemplateProcessor</role>
+          <role-hint>default</role-hint>
+          <field-name>templateProcessor</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>rbacManager</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.role.processor.RoleModelProcessor</role>
+      <role-hint>default</role-hint>
+      <implementation>org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor</implementation>
+      <description>DefaultRoleModelProcessor: inserts the components of the model that can be populated into the rbac manager</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>rbacManager</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.role.template.RoleTemplateProcessor</role>
+      <role-hint>default</role-hint>
+      <implementation>org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor</implementation>
+      <description>DefaultRoleTemplateProcessor: inserts the components of a template into the rbac manager</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>rbacManager</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <!-- 
+    <component>
+      <role>org.apache.maven.archiva.configuration.ArchivaConfiguration</role>
+      <implementation>org.apache.maven.archiva.configuration.DefaultArchivaConfiguration</implementation>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.registry.Registry</role>
+          <role-hint>configured</role-hint>
+        </requirement>
+      </requirements>
+    </component>
+    <component>
+      <role>org.codehaus.plexus.registry.Registry</role>
+      <role-hint>configured</role-hint>
+      <implementation>org.codehaus.plexus.registry.commons.CommonsConfigurationRegistry</implementation>
+      <configuration>
+        <properties>
+          <system/>
+          <xml fileName="${basedir}/target/test-conf/archiva.xml"
+               config-name="org.apache.maven.archiva.base" config-at="org.apache.maven.archiva"/>
+        </properties>
+      </configuration>
+    </component>
+     -->
+     
+  </components>
+</component-set>
\ No newline at end of file

Modified: archiva/branches/MRM-124/pom.xml
URL: http://svn.apache.org/viewvc/archiva/branches/MRM-124/pom.xml?rev=702748&r1=702747&r2=702748&view=diff
==============================================================================
--- archiva/branches/MRM-124/pom.xml (original)
+++ archiva/branches/MRM-124/pom.xml Wed Oct  8 01:01:02 2008
@@ -949,6 +949,19 @@
           </exclusion>
         </exclusions>
       </dependency>
+      <!-- use spring test in xmlrpc?
+      <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-test</artifactId>
+        <version>2.5.1</version>
+        <exclusions>
+          <exclusion>
+            <groupId>commons-logging</groupId>
+            <artifactId>commons-logging</artifactId>
+          </exclusion>
+        </exclusions>
+      </dependency>
+       -->
       <dependency>
         <groupId>org.apache.maven</groupId>
         <artifactId>maven-artifact</artifactId>