directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r491329 - in /directory/sandbox/triplesec-jacc: ./ jacc/ jacc/src/main/java/org/apache/directory/ jacc/src/main/java/org/apache/directory/triplesec/ jacc/src/main/java/org/apache/directory/triplesec/jacc/ jacc/src/main/java/org/apache/geron...
Date Sat, 30 Dec 2006 21:56:54 GMT
Author: djencks
Date: Sat Dec 30 13:56:54 2006
New Revision: 491329

URL: http://svn.apache.org/viewvc?view=rev&rev=491329
Log:
move the beginnings of a jacc implementation over from geronimo

Added:
    directory/sandbox/triplesec-jacc/jacc/
      - copied from r491319, geronimo/sandbox/triplesec/geronimo-triplesec/
    directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/
    directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/
    directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/
    directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java
  (with props)
    directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java
  (with props)
Removed:
    directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/geronimo/triplesec/
Modified:
    directory/sandbox/triplesec-jacc/jacc/pom.xml
    directory/sandbox/triplesec-jacc/pom.xml

Modified: directory/sandbox/triplesec-jacc/jacc/pom.xml
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc/jacc/pom.xml?view=diff&rev=491329&r1=491319&r2=491329
==============================================================================
--- directory/sandbox/triplesec-jacc/jacc/pom.xml (original)
+++ directory/sandbox/triplesec-jacc/jacc/pom.xml Sat Dec 30 13:56:54 2006
@@ -22,17 +22,22 @@
     <modelVersion>4.0.0</modelVersion>
 
     <parent>
-        <groupId>org.apache.geronimo.triplesec</groupId>
-        <artifactId>modules</artifactId>
-        <version>1.2-SNAPSHOT</version>
+        <groupId>org.apache.directory.triplesec</groupId>
+        <artifactId>build</artifactId>
+        <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
-    <artifactId>geronimo-triplesec</artifactId>
-    <name>Geronimo :: TripleSec</name>
+    <artifactId>triplesec-jacc</artifactId>
+    <name>TripleSec :: JACC</name>
     
     <dependencies>
         
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>triplesec-jaas</artifactId>
+            <version>${project.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.apache.geronimo.specs</groupId>
             <artifactId>geronimo-j2ee-jacc_1.0_spec</artifactId>

Added: directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java?view=auto&rev=491329
==============================================================================
--- directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java
(added)
+++ directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java
Sat Dec 30 13:56:54 2006
@@ -0,0 +1,167 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.directory.triplesec.jacc;
+
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Principal;
+import java.security.ProtectionDomain;
+import java.util.Enumeration;
+
+import javax.security.jacc.PolicyConfiguration;
+import javax.security.jacc.PolicyContextException;
+
+import org.apache.directory.triplesec.guardian.Profile;
+import org.apache.directory.triplesec.jaas.SafehausPrincipal;
+
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class TripleSecPolicyConfiguration implements PolicyConfiguration {
+    final static int OPEN = 1;
+    final static int IN_SERVICE = 2;
+    final static int DELETED = 3;
+
+    private final String contextID;
+    private int state;
+
+    TripleSecPolicyConfiguration(String contextID) {
+        this.contextID = contextID;
+        this.state = OPEN;
+    }
+
+    public String getContextID() throws PolicyContextException {
+        return contextID;
+    }
+
+    public boolean implies(ProtectionDomain domain, Permission permission) {
+
+        Principal[] principals = domain.getPrincipals();
+        if (principals.length == 0) return false;
+
+        for (int i = 0; i < principals.length; i++) {
+            Principal principal = principals[i];
+            if (principal instanceof SafehausPrincipal) {
+                Profile profile = ((SafehausPrincipal)principal).getAuthorizationProfile(contextID);
+
+                return profile.implies(permission);
+
+            }
+        }
+        // if no TripleSec principal found, deny access.
+        return false;
+    }
+
+    public void addToRole(String roleName, PermissionCollection permissions) throws PolicyContextException
{
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+
+        Enumeration e = permissions.elements();
+        while (e.hasMoreElements()) {
+            addToRole(roleName, (Permission) e.nextElement());
+        }
+    }
+
+    public void addToRole(String roleName, Permission permission) throws PolicyContextException
{
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+
+        //TODO Install contextId/rolename to permission association in TripleSec LDAP
+    }
+
+    public void addToUncheckedPolicy(PermissionCollection permissions) throws PolicyContextException
{
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+
+        Enumeration e = permissions.elements();
+        while (e.hasMoreElements()) {
+            addToUncheckedPolicy((Permission) e.nextElement());
+        }
+    }
+
+    public void addToUncheckedPolicy(Permission permission) throws PolicyContextException
{
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+
+        //TODO Install permission association in TripleSec LDAP unchecked role
+    }
+
+    public void addToExcludedPolicy(PermissionCollection permissions) throws PolicyContextException
{
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+
+        Enumeration e = permissions.elements();
+        while (e.hasMoreElements()) {
+            addToExcludedPolicy((Permission) e.nextElement());
+        }
+    }
+
+    public void addToExcludedPolicy(Permission permission) throws PolicyContextException
{
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+
+        //TODO Install permission association in TripleSec LDAP excluded (denied) role
+    }
+
+    public void removeRole(String roleName) throws PolicyContextException {
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+
+        //TODO remove contextId/role (?? maybe role in all contextIds?) from TripleSec LDAP
+    }
+
+    public void removeUncheckedPolicy() throws PolicyContextException {
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+
+        //TODO remove contextId/unchecked (?? maybe unchecked in all contextIds?) from TripleSec
LDAP
+    }
+
+    public void removeExcludedPolicy() throws PolicyContextException {
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+
+        //TODO remove contextId/excluded (?? maybe excluded in all contextIds?) from TripleSec
LDAP
+    }
+
+    public void linkConfiguration(javax.security.jacc.PolicyConfiguration link) throws PolicyContextException
{
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+    }
+
+    public void delete() throws PolicyContextException {
+        state = DELETED;
+    }
+
+    public void commit() throws PolicyContextException {
+        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+
+        state = IN_SERVICE;
+    }
+
+    public boolean inService() throws PolicyContextException {
+        return (state == IN_SERVICE);
+    }
+
+    //TODO I have no idea what side effects this might have, but it's needed in some form
from GeronimoPolicyConfigurationFactory.
+    //see JACC spec 1.0 section 3.1.1.1 discussion of in service and deleted.
+    //spec p. 31 3.1.7 on the effects of remove:
+    //If the getPolicyConfiguration method  is used, the value true should be passed as the
second
+    //  argument to cause the  corresponding policy statements to be deleted from the context.
+    public void open(boolean remove) {
+        if (remove) {
+            //TODO Clear triplesec ldap for this contextId (??)
+        }
+        state = OPEN;
+    }
+
+    int getState() {
+        return state;
+    }
+}

Propchange: directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java?view=auto&rev=491329
==============================================================================
--- directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java
(added)
+++ directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java
Sat Dec 30 13:56:54 2006
@@ -0,0 +1,72 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.directory.triplesec.jacc;
+
+import java.util.HashMap;
+import java.util.Map;
+import javax.security.jacc.PolicyConfiguration;
+import javax.security.jacc.PolicyConfigurationFactory;
+import javax.security.jacc.PolicyContextException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class TripleSecPolicyConfigurationFactory extends PolicyConfigurationFactory {
+
+    private final Log log = LogFactory.getLog(TripleSecPolicyConfigurationFactory.class);
+    private static TripleSecPolicyConfigurationFactory singleton;
+    private Map configurations = new HashMap();
+
+    public TripleSecPolicyConfigurationFactory() {
+        synchronized (TripleSecPolicyConfigurationFactory.class) {
+            if (singleton != null) {
+                log.error("Singleton already assigned.  There may be more than one TripleSecPolicyConfigurationFactory
being used.");
+                throw new IllegalStateException("Singleton already assigned");
+            }
+            singleton = this;
+        }
+    }
+
+    public PolicyConfiguration getPolicyConfiguration(String contextID, boolean remove) throws
PolicyContextException {
+        TripleSecPolicyConfiguration configuration = (TripleSecPolicyConfiguration) configurations.get(contextID);
+
+        if (configuration == null) {
+            configuration = new TripleSecPolicyConfiguration(contextID);
+            configurations.put(contextID, configuration);
+        } else {
+            configuration.open(remove);
+        }
+
+        log.trace("Get " + (remove ? "CLEANED" : "") + " policy configuration " + contextID);
+        return configuration;
+    }
+
+    public boolean inService(String contextID) throws PolicyContextException {
+        PolicyConfiguration configuration = getPolicyConfiguration(contextID, false);
+
+        log.trace("Policy configuration " + contextID + " put into service");
+        return configuration.inService();
+    }
+
+    static TripleSecPolicyConfigurationFactory getSingleton() {
+        return singleton;
+    }
+}

Propchange: directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: directory/sandbox/triplesec-jacc/pom.xml
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc/pom.xml?view=diff&rev=491329&r1=491328&r2=491329
==============================================================================
--- directory/sandbox/triplesec-jacc/pom.xml (original)
+++ directory/sandbox/triplesec-jacc/pom.xml Sat Dec 30 13:56:54 2006
@@ -133,6 +133,11 @@
         <version>1.0.1</version>
       </dependency>
       <dependency>
+        <groupId>org.apache.geronimo.specs</groupId>
+        <artifactId>geronimo-j2ee-jacc_1.0_spec</artifactId>
+        <version>1.0.1</version>
+      </dependency>
+      <dependency>
         <groupId>jetty</groupId>
         <artifactId>org.mortbay.jetty</artifactId>
         <version>5.1.12</version>
@@ -637,6 +642,7 @@
         <module>profile</module>
         <module>testdata</module>
         <module>jaas</module>
+        <module>jacc</module>
         <module>sms</module>
         <module>itest-data</module>
         <module>store</module>
@@ -678,6 +684,7 @@
         <module>profile</module>
         <module>testdata</module>
         <module>jaas</module>
+        <module>jacc</module>
         <module>sms</module>
         <module>store</module>
         <module>verifier</module>
@@ -734,6 +741,7 @@
         <module>profile</module>
         <module>testdata</module>
         <module>jaas</module>
+        <module>jacc</module>
         <module>sms</module>
         <module>store</module>
         <module>verifier</module>



Mime
View raw message