directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ckopp...@apache.org
Subject svn commit: r558849 [4/6] - in /directory/triplesec/trunk: admin-api/ admin-api/src/test/java/org/apache/directory/triplesec/admin/ admin-api/src/test/resources/ guardian-api/src/main/java/org/apache/ guardian-api/src/main/java/org/apache/directory/ gu...
Date Mon, 23 Jul 2007 20:02:03 GMT
Added: directory/triplesec/trunk/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriver.java
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriver.java?view=auto&rev=558849
==============================================================================
--- directory/triplesec/trunk/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriver.java (added)
+++ directory/triplesec/trunk/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriver.java Mon Jul 23 13:01:54 2007
@@ -0,0 +1,107 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.triplesec.guardian.ldap;
+
+
+import java.util.Hashtable;
+import java.util.Properties;
+
+import javax.naming.Context;
+import javax.naming.NamingException;
+import javax.naming.directory.InitialDirContext;
+
+import org.apache.directory.triplesec.guardian.ApplicationPolicy;
+import org.apache.directory.triplesec.guardian.ApplicationPolicyFactory;
+import org.apache.directory.triplesec.guardian.ConnectionDriver;
+import org.apache.directory.triplesec.guardian.GuardianException;
+import org.apache.directory.triplesec.guardian.StoreConnectionException;
+
+
+/**
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev: 62 $
+ */
+public class LdapConnectionDriver implements ConnectionDriver
+{
+    static
+    {
+        ApplicationPolicyFactory.registerDriver( new LdapConnectionDriver() );
+    }
+
+    public LdapConnectionDriver()
+    {
+    }
+
+    public boolean accept( String url )
+    {
+        if ( url.startsWith( "ldap://" ) )
+        {
+            return true;
+        }
+
+        return false;
+    }
+
+    public ApplicationPolicy newStore( String url, Properties info ) throws GuardianException
+    {
+        if ( info == null )
+        {
+            info = new Properties();
+        }
+
+        if ( url == null )
+        {
+            throw new IllegalArgumentException( "A non-null url must be provided." );
+        }
+
+        String application = info.getProperty( "applicationPrincipalDN" );
+        if ( application == null )
+        {
+            throw new IllegalArgumentException( "An applicationPrincipalDN property value must be provided." );
+        }
+
+        String password = info.getProperty( "applicationCredentials" );
+        if ( password == null )
+        {
+            throw new IllegalArgumentException( "The applicationCredentials property must be provided" );
+        }
+
+        Hashtable env = new Hashtable();
+        env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+        env.put( Context.PROVIDER_URL, url );
+        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+        env.put( Context.SECURITY_PRINCIPAL, info.get( "applicationPrincipalDN" ) );
+        env.put( Context.SECURITY_CREDENTIALS, info.get( "applicationCredentials" ) );
+
+        InitialDirContext ictx = null;
+        try
+        {
+            ictx = new InitialDirContext( env );
+        }
+        catch ( NamingException e )
+        {
+            env.remove( Context.SECURITY_CREDENTIALS ); // remove credentials before printing to log
+            throw new StoreConnectionException( "Failed to obtain initial context for " + env, e );
+        }
+
+        return new LdapApplicationPolicy( ictx, info );
+    }
+}

Added: directory/triplesec/trunk/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/ProfileIdIterator.java
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/ProfileIdIterator.java?view=auto&rev=558849
==============================================================================
--- directory/triplesec/trunk/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/ProfileIdIterator.java (added)
+++ directory/triplesec/trunk/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/ProfileIdIterator.java Mon Jul 23 13:01:54 2007
@@ -0,0 +1,107 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.triplesec.guardian.ldap;
+
+
+import java.util.Iterator;
+
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.SearchResult;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * An iterator over a NamingEnumeration containing the results of an LDAP 
+ * search over all profiles within an ApplicationPolicy.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class ProfileIdIterator implements Iterator
+{
+    private final static Logger log = LoggerFactory.getLogger( ProfileIdIterator.class );
+    private final NamingEnumeration underlying;
+    private String prefetchedProfileId;
+    
+    
+    ProfileIdIterator( NamingEnumeration underlying ) throws NamingException
+    {
+        this.underlying = underlying;
+        prefetch();
+    }
+
+    
+    private void prefetch() throws NamingException
+    {
+        if ( underlying.hasMore() )
+        {
+            SearchResult result = ( SearchResult ) underlying.next();
+            if ( result.getAttributes().get( "profileId" ) != null )
+            {
+                prefetchedProfileId = ( String ) result.getAttributes().get( "profileId" ).get();
+            }
+        }
+        else
+        {
+            prefetchedProfileId = null;
+        }
+    }
+    
+    
+    public boolean hasNext()
+    {
+        return prefetchedProfileId != null;
+    }
+
+    
+    public Object next()
+    {
+        String retval = prefetchedProfileId;
+        try
+        {
+            prefetch();
+        }
+        catch ( NamingException e )
+        {
+            log.error( "Premature truncation of underlying naming enumeration.", e );
+            if ( underlying != null ) 
+            {
+                try
+                {
+                    underlying.close();
+                }
+                catch ( NamingException e1 )
+                {
+                    log.error( "Failed to properly close the underlying naming enumeration.", e1 );
+                }
+            }
+        }
+        return retval;
+    }
+
+    
+    public void remove()
+    {
+        throw new UnsupportedOperationException();
+    }
+}

Added: directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/GuardianClient.java
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/GuardianClient.java?view=auto&rev=558849
==============================================================================
--- directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/GuardianClient.java (added)
+++ directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/GuardianClient.java Mon Jul 23 13:01:54 2007
@@ -0,0 +1,48 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.triplesec.guardian.ldap;
+
+
+import java.util.Properties;
+
+import org.apache.directory.triplesec.guardian.ApplicationPolicyFactory;
+
+
+/**
+ * An LDAP backed implementation of an application policy store.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class GuardianClient
+{
+    public static void main( String[] args ) throws Exception
+    {
+        Properties props = new Properties();
+        props.setProperty( "applicationPrincipalDN", "appName=mockApplication,ou=applications,dc=example,dc=com" );
+        props.setProperty( "applicationCredentials", "testing" );
+
+        Class.forName( "org.apache.directory.triplesec.guardian.ldap.LdapConnectionDriver" );
+        ApplicationPolicyFactory.newInstance( "ldap://localhost:10389/dc=example,dc=com", props );
+        
+        System.out.print( "Type any key to stop: " );
+        System.in.read();
+    }
+}

Added: directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java?view=auto&rev=558849
==============================================================================
--- directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java (added)
+++ directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java Mon Jul 23 13:01:54 2007
@@ -0,0 +1,818 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.triplesec.guardian.ldap;
+
+
+import java.util.HashSet;
+import java.util.Hashtable;
+import java.util.Iterator;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.ModificationItem;
+import javax.naming.ldap.InitialLdapContext;
+
+import org.apache.directory.triplesec.guardian.ApplicationPolicy;
+import org.apache.directory.triplesec.guardian.ApplicationPolicyFactory;
+import org.apache.directory.triplesec.guardian.ChangeType;
+import org.apache.directory.triplesec.guardian.Permission;
+import org.apache.directory.triplesec.guardian.PolicyChangeListener;
+import org.apache.directory.triplesec.guardian.Profile;
+import org.apache.directory.triplesec.guardian.Role;
+import org.apache.directory.triplesec.integration.TriplesecIntegration;
+
+
+/**
+ * TestCase to test the LDAP ApplicationPolicyStore implementation.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class LdapApplicationPolicyIntegrationTest extends TriplesecIntegration
+{
+    private Object lockObject = new Object();
+    private String originalName;
+    private ChangeType changeType;
+    private Profile profile;
+    private Role role;
+    private Permission permission;
+    private LdapApplicationPolicy store;
+
+
+    public LdapApplicationPolicyIntegrationTest( String string ) throws Exception
+    {
+        super( string );
+    }
+
+
+    public LdapApplicationPolicyIntegrationTest() throws Exception
+    {
+        super();
+    }
+
+
+    protected void setUp() throws Exception
+    {
+        super.setUp();
+        Properties props = new Properties();
+        props.setProperty( "applicationPrincipalDN", "appName=mockApplication,ou=applications,dc=example,dc=com" );
+        props.setProperty( "applicationCredentials", "testing" );
+
+        Class.forName( "org.apache.directory.triplesec.guardian.ldap.LdapConnectionDriver" );
+        store = ( LdapApplicationPolicy ) ApplicationPolicyFactory.
+                newInstance( "ldap://localhost:"+super.getLdapPort()+"/dc=example,dc=com", props );
+    }
+
+
+    protected void tearDown() throws Exception
+    {
+        super.tearDown();
+        store.close();
+        store = null;
+        changeType = null;
+        profile = null;
+        role = null;
+        permission = null;
+        originalName = null;
+    }
+
+
+    public void testGetApplicationNameAndProfile()
+    {
+        String applicationName = LdapApplicationPolicy.getApplicationName(
+                "appName=testingApp,ou=applications,dc=example,dc=com" );
+        assertEquals( "testingApp", applicationName );
+
+        try
+        {
+            LdapApplicationPolicy.getApplicationName( "notanapp=blahblah" );
+            fail( "should never get here due to an exception" );
+        }
+        catch ( IllegalArgumentException e )
+        {
+
+        }
+
+        Profile p = store.getProfile( "nonexistant" );
+        assertNull( p );
+
+        p = store.getProfile( "mockProfile0" );
+        assertTrue( p.getEffectivePermissions().isEmpty() );
+        assertEquals( 5, store.getRoles().size() );
+        assertEquals( p, store.getProfile( "mockProfile0" ) );
+
+        p = store.getProfile( "mockProfile1" );
+        assertEquals( 2, p.getEffectivePermissions().size() );
+        assertTrue( p.hasPermission( "mockPerm0" ) );
+        assertTrue( p.hasPermission( "mockPerm1" ) );
+        assertFalse( p.hasPermission( "mockPerm3") );
+        assertEquals( p, store.getProfile( "mockProfile1" ) );
+
+        p = store.getProfile( "mockProfile2" );
+        assertEquals( 2, p.getEffectivePermissions().size() );
+        assertTrue( p.hasPermission( "mockPerm0" ) );
+        assertTrue( p.hasPermission( "mockPerm1" ) );
+        assertFalse( p.hasPermission( "mockPerm3") );
+        assertEquals( p, store.getProfile( "mockProfile2" ) );
+
+        p = store.getProfile( "mockProfile3" );
+        assertEquals( 4, p.getEffectivePermissions().size() );
+        assertTrue( p.hasPermission( "mockPerm0" ) );
+        assertTrue( p.hasPermission( "mockPerm7" ) );
+        assertTrue( p.hasPermission( "mockPerm2" ) );
+        assertTrue( p.hasPermission( "mockPerm3" ) );
+        assertFalse( p.hasPermission( "mockPerm4" ) );
+        assertEquals( p, store.getProfile( "mockProfile3" ) );
+
+        p = store.getProfile( "mockProfile4" );
+        assertEquals( 7, p.getEffectivePermissions().size() );
+        assertTrue( p.hasPermission( "mockPerm0" ) );
+        assertFalse( p.hasPermission( "mockPerm1" ) );
+        assertTrue( p.hasPermission( "mockPerm2" ) );
+        assertTrue( p.hasPermission( "mockPerm3" ) );
+        assertTrue( p.hasPermission( "mockPerm4" ) );
+        assertTrue( p.hasPermission( "mockPerm5" ) );
+        assertTrue( p.hasPermission( "mockPerm6" ) );
+        assertFalse( p.hasPermission( "mockPerm7" ) );
+        assertFalse( p.hasPermission( "mockPerm8" ) );
+        assertTrue( p.hasPermission( "mockPerm9" ) );
+        assertFalse( p.hasPermission( "mockPerm14" ) );
+        assertEquals( p, store.getProfile( "mockProfile4" ) );
+
+        store.close();
+
+        try
+        {
+            store.getProfile( "asdf" );
+            fail( "should never get here due to an exception" );
+        }
+        catch ( IllegalStateException e )
+        {
+
+        }
+    }
+
+    
+    public void testGetDependantProfilesRole() throws Exception
+    {
+        Role role0 = store.getRoles().get( "mockRole0" );
+        Set dependents = store.getDependentProfileNames( role0 );
+        assertEquals( 1, dependents.size() );
+        
+        Role role1 = store.getRoles().get( "mockRole1" );
+        dependents = store.getDependentProfileNames( role1 );
+        assertEquals( 2, dependents.size() );
+        assertTrue( dependents.contains( "mockProfile1" ) );
+        
+        Role role2 = store.getRoles().get( "mockRole2" );
+        dependents = store.getDependentProfileNames( role2 );
+        assertEquals( 3, dependents.size() );
+        assertTrue( dependents.contains( "mockProfile1" ) );
+        assertTrue( dependents.contains( "mockProfile2" ) );
+        
+        Permission perm1 = store.getPermissions().get( "mockPerm1" );
+        dependents = store.getDependentProfileNames( perm1 );
+        assertEquals( 1, dependents.size() );
+
+        Permission perm7 = store.getPermissions().get( "mockPerm7" );
+        dependents = store.getDependentProfileNames( perm7 );
+        assertEquals( 3, dependents.size() );
+        assertTrue( dependents.contains( "mockProfile3" ) );
+        assertTrue( dependents.contains( "mockProfile4" ) );
+
+        Permission perm0 = store.getPermissions().get( "mockPerm0" );
+        dependents = store.getDependentProfileNames( perm0 );
+        assertEquals( 4, dependents.size() );
+        assertTrue( dependents.contains( "mockProfile2" ) );
+        assertTrue( dependents.contains( "mockProfile3" ) );
+        assertTrue( dependents.contains( "mockProfile4" ) );
+    }
+    
+    
+    public void testGetUserProfileIds() throws Exception
+    {
+        assertEquals( 5, this.store.getUserProfileIds( "akarasulu" ).size() );
+        assertEquals( 0, this.store.getUserProfileIds( "trustin" ).size() );
+    }
+
+
+    public void testGetProfileIds() throws Exception
+    {
+        Set<String> ids = new HashSet<String>();
+        for ( Iterator ii = this.store.getProfileIdIterator(); ii.hasNext(); /**/ )
+        {
+            ids.add( ( String ) ii.next() );
+        }
+        assertEquals( 5, ids.size() );
+        assertTrue( ids.contains( "mockProfile0" ) );
+        assertTrue( ids.contains( "mockProfile1" ) );
+        assertTrue( ids.contains( "mockProfile2" ) );
+        assertTrue( ids.contains( "mockProfile3" ) );
+        assertTrue( ids.contains( "mockProfile4" ) );
+        assertFalse( ids.contains( "bogus" ) );
+    }
+
+
+    private InitialLdapContext getNewAppContext() throws NamingException
+    {
+        Hashtable<String, String> env = new Hashtable<String, String>();
+        env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+        env.put( "java.naming.provider.url", "ldap://localhost:" +  super.getLdapPort()
+            + "/appName=mockApplication,ou=applications,dc=example,dc=com" );
+        env.put( "java.naming.security.principal", "uid=admin,ou=system" );
+        env.put( "java.naming.security.credentials", "secret" );
+        env.put( "java.naming.security.authentication", "simple" );
+        return new InitialLdapContext( env, null );
+    }
+    
+    
+    public void testAddDelNotifications() throws Exception
+    {
+        // get a connection to the server to be used for alterations
+        InitialLdapContext ctx = getNewAppContext();
+        
+        // prepare listener for notifications
+        store.addPolicyListener( new TestListener() );
+        Thread.sleep( 200 );
+        
+        // -------------------------------------------------------------------
+        // Test Permission Addition and Notification
+        // -------------------------------------------------------------------
+
+        Attributes attrs = new BasicAttributes( "objectClass", "policyPermission", true );
+        attrs.put( "permName", "mockPerm10" );
+        attrs.put( "description", "testValue" );
+        ctx.createSubcontext( "permName=mockPerm10,ou=permissions", attrs );
+
+        // wait until the object is set or exit in 10 seconds
+        long startTime = System.currentTimeMillis();
+        long totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( this.permission != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNull( this.profile );
+        assertNull( this.role );
+        assertNotNull( this.permission );
+        assertEquals( "mockPerm10", this.permission.getName() );
+        assertEquals( ChangeType.ADD, this.changeType );
+        assertEquals( "testValue", this.permission.getDescription() );
+        
+        // make sure that policy is updated with this new perm
+        assertEquals( this.permission, this.store.getPermissions().get( "mockPerm10" ) );
+        this.permission = null;
+        this.changeType = null;
+        
+        // -------------------------------------------------------------------
+        // Test Permission Deletion and Notification
+        // -------------------------------------------------------------------
+
+        ctx.destroySubcontext( "permName=mockPerm10,ou=permissions" );
+        
+        // wait until the object is set or exit in 10 seconds
+        startTime = System.currentTimeMillis();
+        totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( this.permission != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNull( this.profile );
+        assertNull( this.role );
+        assertNotNull( this.permission );
+        assertEquals( "mockPerm10", this.permission.getName() );
+        assertEquals( ChangeType.DEL, this.changeType );
+        assertEquals( "testValue", this.permission.getDescription() );
+        
+        // make sure that policy is updated with this new perm
+        assertNull( this.store.getPermissions().get( "mockPerm10" ) );
+        this.permission = null;
+        this.changeType = null;
+
+        // -------------------------------------------------------------------
+        // Test Role Addition and Notification
+        // -------------------------------------------------------------------
+
+        attrs = new BasicAttributes( "objectClass", "policyRole", true );
+        attrs.put( "roleName", "mockRole5" );
+        attrs.put( "description", "testValue" );
+        attrs.put( "grants", "mockPerm8" );
+        ctx.createSubcontext( "roleName=mockRole5,ou=roles", attrs );
+
+        // wait until the object is set or exit in 10 seconds
+        startTime = System.currentTimeMillis();
+        totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( this.role != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNull( this.profile );
+        assertNull( this.permission );
+        assertNotNull( this.role );
+
+        assertEquals( "mockRole5", this.role.getName() );
+        assertEquals( ChangeType.ADD, this.changeType );
+        assertEquals( "testValue", this.role.getDescription() );
+        assertTrue( role.hasPermission( "mockPerm8" ) );
+        assertFalse( role.hasPermission( "mockPerm1" ) );
+        
+        // make sure that policy is updated with this new role
+        assertEquals( this.role, this.store.getRoles().get( "mockRole5" ) );
+        this.role = null;
+        this.changeType = null;
+
+        // -------------------------------------------------------------------
+        // Test Role Deletions and Notification
+        // -------------------------------------------------------------------
+
+        ctx.destroySubcontext( "roleName=mockRole5,ou=roles" );
+
+        // wait until the object is set or exit in 10 seconds
+        startTime = System.currentTimeMillis();
+        totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( this.role != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNull( this.profile );
+        assertNull( this.permission );
+        assertNotNull( this.role );
+
+        assertEquals( "mockRole5", this.role.getName() );
+        assertEquals( ChangeType.DEL, this.changeType );
+        assertEquals( "testValue", this.role.getDescription() );
+        assertTrue( role.hasPermission( "mockPerm8" ) );
+        assertFalse( role.hasPermission( "mockPerm1" ) );
+        
+        // make sure that policy is updated with this new role
+        assertNull( this.store.getRoles().get( "mockRole5" ) );
+        this.role = null;
+        this.changeType = null;
+
+        // -------------------------------------------------------------------
+        // Test Profile Addition and Notification
+        // -------------------------------------------------------------------
+
+        attrs = new BasicAttributes( "objectClass", "policyProfile", true );
+        attrs.put( "profileId", "mockProfile5" );
+        attrs.put( "description", "testValue" );
+        attrs.put( "grants", "mockPerm8" );
+        attrs.put( "user", "akarasulu" );
+        ctx.createSubcontext( "profileId=mockProfile5,ou=profiles", attrs );
+
+        // wait until the object is set or exit in 10 seconds
+        startTime = System.currentTimeMillis();
+        totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( this.profile != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNull( this.role );
+        assertNull( this.permission );
+        assertNotNull( this.profile );
+
+        assertEquals( "mockProfile5", this.profile.getProfileId() );
+        assertEquals( ChangeType.ADD, this.changeType );
+        assertEquals( "testValue", this.profile.getDescription() );
+        assertTrue( profile.hasPermission( "mockPerm8" ) );
+        assertFalse( profile.hasPermission( "mockPerm1" ) );
+
+        // -------------------------------------------------------------------
+        // Test Profile Deletion and Notification
+        // -------------------------------------------------------------------
+
+        ctx.destroySubcontext( "profileId=mockProfile5,ou=profiles" );
+
+        // wait until the object is set or exit in 10 seconds
+        startTime = System.currentTimeMillis();
+        totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( this.profile != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNull( this.role );
+        assertNull( this.permission );
+        assertNotNull( this.profile );
+
+        assertEquals( "mockProfile5", this.profile.getProfileId() );
+        assertEquals( ChangeType.DEL, this.changeType );
+        assertEquals( "testValue", this.profile.getDescription() );
+        assertTrue( profile.hasPermission( "mockPerm8" ) );
+        assertFalse( profile.hasPermission( "mockPerm1" ) );
+    }
+
+    
+    public void testModifyNotifications() throws Exception
+    {
+        // get a connection to the server to be used for alterations
+        InitialLdapContext ctx = getNewAppContext();
+        
+        // prepare listener for notifications
+        store.addPolicyListener( new TestListener() );
+        Thread.sleep( 200 );
+        
+        // -------------------------------------------------------------------
+        // Test Profile Alteration and Notification
+        // -------------------------------------------------------------------
+
+        ctx.modifyAttributes( "profileId=mockProfile3,ou=profiles", new ModificationItem[] {
+            new ModificationItem( DirContext.ADD_ATTRIBUTE, 
+                new BasicAttribute( "description", "testValue" ) ),
+            new ModificationItem( DirContext.REPLACE_ATTRIBUTE, 
+                new BasicAttribute( "grants", "mockPerm1" ) )
+        } );
+        
+        // wait until the object is set or exit in 10 seconds
+        long startTime = System.currentTimeMillis();
+        long totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( profile != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNotNull( profile );
+        assertEquals( "mockProfile3", profile.getProfileId() );
+        assertEquals( ChangeType.MODIFY, changeType );
+        assertEquals( "testValue", profile.getDescription() );
+        assertTrue( profile.getGrants().contains( "mockPerm1" ));
+        assertFalse( profile.getGrants().contains( "mockPerm0" ));
+        assertFalse( profile.getGrants().contains( "mockPerm7" ));
+        profile = null;
+        changeType = null;
+        
+        // -------------------------------------------------------------------
+        // Test Role Alteration and Notification
+        // -------------------------------------------------------------------
+
+        ctx.modifyAttributes( "roleName=mockRole1,ou=roles", new ModificationItem[] {
+            new ModificationItem( DirContext.ADD_ATTRIBUTE, 
+                new BasicAttribute( "description", "testValue" ) ),
+            new ModificationItem( DirContext.REPLACE_ATTRIBUTE, 
+                new BasicAttribute( "grants", "mockPerm1" ) )
+        } );
+        
+        // wait until the object is set or exit in 10 seconds
+        startTime = System.currentTimeMillis();
+        totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( role != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNull( profile );
+        assertNotNull( role );
+        assertEquals( "mockRole1", role.getName() );
+        assertEquals( ChangeType.MODIFY, changeType );
+        assertEquals( "testValue", role.getDescription() );
+        assertTrue( role.getGrants().contains( "mockPerm1" ));
+        assertFalse( role.getGrants().contains( "mockPerm0" ));
+        
+        // make sure that policy is updated with this changed role
+        assertEquals( role, store.getRoles().get( "mockRole1" ) );
+        this.role = null;
+        this.changeType = null;
+        
+        // -------------------------------------------------------------------
+        // Test Permission Alteration and Notification
+        // -------------------------------------------------------------------
+
+        ctx.modifyAttributes( "permName=mockPerm1,ou=permissions", new ModificationItem[] {
+            new ModificationItem( DirContext.ADD_ATTRIBUTE, 
+                new BasicAttribute( "description", "testValue" ) )
+        } );
+        
+        // wait until the object is set or exit in 10 seconds
+        startTime = System.currentTimeMillis();
+        totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( this.permission != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNull( this.profile );
+        assertNull( this.role );
+        assertNotNull( this.permission );
+        assertEquals( "mockPerm1", this.permission.getName() );
+        assertEquals( ChangeType.MODIFY, this.changeType );
+        assertEquals( "testValue", this.permission.getDescription() );
+        
+        // make sure that policy is updated with this changed perm
+        assertEquals( this.permission, this.store.getPermissions().get( "mockPerm1" ) );
+        assertEquals( this.permission, this.store.getRoles().get( "mockRole1" ).getGrants().get( "mockPerm1" ) );
+        assertEquals( this.permission, this.store.getRoles().get( "mockRole2" ).getGrants().get( "mockPerm1" ) );
+        assertNull( this.store.getRoles().get( "mockRole0" ).getGrants().get( "mockPerm1" ) );
+        assertNull( this.store.getRoles().get( "mockRole3" ).getGrants().get( "mockPerm1" ) );
+        assertNull( this.store.getRoles().get( "mockRole4" ).getGrants().get( "mockPerm1" ) );
+        
+        ctx.close();
+    }
+    
+    
+    public void testRenameNotifications() throws Exception
+    {
+        // get a connection to the server to be used for alterations
+        InitialLdapContext ctx = getNewAppContext();
+        
+        // prepare listener for notifications
+        store.addPolicyListener( new TestListener() );
+        Thread.sleep( 200 );
+        
+        // -------------------------------------------------------------------
+        // Test Profile Rename and Notification
+        // -------------------------------------------------------------------
+
+        ctx.rename( "profileId=mockProfile3,ou=profiles", "profileId=renamed,ou=profiles" );
+        
+        // wait until the object is set or exit in 10 seconds
+        long startTime = System.currentTimeMillis();
+        long totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( profile != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNotNull( profile );
+        assertEquals( "renamed", profile.getProfileId() );
+        assertNotNull( originalName );
+        assertEquals( "mockProfile3", originalName );
+        profile = null;
+        originalName = null;
+        
+        // -------------------------------------------------------------------
+        // Test Role Rename and Notification
+        // -------------------------------------------------------------------
+
+        assertNotNull( store.getRoles().get( "mockRole0" ) );
+        assertNull( store.getRoles().get( "renamed" ) );
+        ctx.rename( "roleName=mockRole0,ou=roles", "roleName=renamed,ou=roles" );
+        
+        // wait until the object is set or exit in 10 seconds
+        startTime = System.currentTimeMillis();
+        totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 200 );
+                if ( role != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNull( profile );
+        assertNull( permission );
+        assertNull( store.getRoles().get( "mockRole0" ) );
+        assertNotNull( store.getRoles().get( "renamed" ) );
+        assertNotNull( role );
+        assertEquals( "renamed", role.getName() );
+        assertNotNull( originalName );
+        assertEquals( "mockRole0", originalName );
+        role = null;
+        originalName = null;
+
+        // -------------------------------------------------------------------
+        // Test Permission Rename and Notification
+        // -------------------------------------------------------------------
+
+        Attributes attrs = new BasicAttributes( "objectClass", "policyPermission", true );
+        attrs.put( "permName", "mockPerm10" );
+        attrs.put( "description", "testValue" );
+        ctx.createSubcontext( "permName=mockPerm10,ou=permissions", attrs );
+        ctx.rename( "permName=mockPerm10,ou=permissions", "permName=renamed,ou=permissions" );
+
+        // wait until the object is set or exit in 10 seconds
+        startTime = System.currentTimeMillis();
+        totalWaitTime = 0;
+        while ( totalWaitTime < 10000 )
+        {
+            synchronized( lockObject )
+            {
+                lockObject.wait( 250 );
+                if ( permission != null )
+                {
+                    break;
+                }
+                else
+                {
+                    totalWaitTime = System.currentTimeMillis() - startTime;
+                }
+            }
+        }
+
+        assertNull( profile );
+        assertNull( role );
+        assertNotNull( permission );
+        assertNotNull( store.getPermissions().get( "renamed" ) );
+        assertEquals( "renamed", permission.getName() );
+        assertNotNull( originalName );
+        assertEquals( "mockPerm10", originalName );
+    }
+
+
+    class TestListener implements PolicyChangeListener
+    {
+        public void roleChanged( ApplicationPolicy policy, Role role, ChangeType changeType )
+        {
+            synchronized( lockObject )
+            {
+                LdapApplicationPolicyIntegrationTest.this.role = role;
+                LdapApplicationPolicyIntegrationTest.this.changeType = changeType;
+                LdapApplicationPolicyIntegrationTest.this.lockObject.notifyAll();
+            }
+        }
+
+        public void roleRenamed( ApplicationPolicy policy, Role role, String oldName )
+        {
+            synchronized( lockObject )
+            {
+                LdapApplicationPolicyIntegrationTest.this.originalName = oldName;
+                LdapApplicationPolicyIntegrationTest.this.role = role;
+                LdapApplicationPolicyIntegrationTest.this.lockObject.notifyAll();
+            }
+        }
+
+        public void permissionChanged( ApplicationPolicy policy, Permission permission, ChangeType changeType )
+        {
+            synchronized( lockObject )
+            {
+                LdapApplicationPolicyIntegrationTest.this.permission = permission;
+                LdapApplicationPolicyIntegrationTest.this.changeType = changeType;
+                LdapApplicationPolicyIntegrationTest.this.lockObject.notifyAll();
+            }
+        }
+
+        public void permissionRenamed( ApplicationPolicy policy, Permission permission, String oldName )
+        {
+            synchronized( lockObject )
+            {
+                LdapApplicationPolicyIntegrationTest.this.originalName = oldName;
+                LdapApplicationPolicyIntegrationTest.this.permission = permission;
+                LdapApplicationPolicyIntegrationTest.this.lockObject.notifyAll();
+            }
+        }
+
+        public void profileChanged( ApplicationPolicy policy, Profile profile, ChangeType changeType )
+        {
+            synchronized( lockObject )
+            {
+                LdapApplicationPolicyIntegrationTest.this.profile = profile;
+                LdapApplicationPolicyIntegrationTest.this.changeType = changeType;
+                LdapApplicationPolicyIntegrationTest.this.lockObject.notifyAll();
+            }
+        }
+
+        public void profileRenamed( ApplicationPolicy policy, Profile profile, String oldName )
+        {
+            synchronized( lockObject )
+            {
+                LdapApplicationPolicyIntegrationTest.this.originalName = oldName;
+                LdapApplicationPolicyIntegrationTest.this.profile = profile;
+                LdapApplicationPolicyIntegrationTest.this.lockObject.notifyAll();
+            }
+        }
+    }
+}
+                                                     
\ No newline at end of file

Added: directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriverTest.java
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriverTest.java?view=auto&rev=558849
==============================================================================
--- directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriverTest.java (added)
+++ directory/triplesec/trunk/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriverTest.java Mon Jul 23 13:01:54 2007
@@ -0,0 +1,102 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.triplesec.guardian.ldap;
+
+
+import junit.framework.TestCase;
+
+import java.util.Properties;
+
+
+/**
+ * Tests the LDAP ConnectionDriver.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class LdapConnectionDriverTest extends TestCase
+{
+    public void testNullProperties()
+    {
+        LdapConnectionDriver driver = new LdapConnectionDriver();
+
+        try
+        {
+            driver.newStore( "", null );
+            fail( "should not get here due to exception" );
+        }
+        catch( IllegalArgumentException e )
+        {
+        }
+    }
+
+
+    public void testNullUrl()
+    {
+        LdapConnectionDriver driver = new LdapConnectionDriver();
+        Properties props = new Properties();
+        props.setProperty( "applicationPrincipalDN", "appName=something" );
+        props.setProperty( "applicationCredentials", "secret" );
+        try
+        {
+            driver.newStore( null, props );
+            fail( "should never get here due to an exception" );
+        }
+        catch ( IllegalArgumentException e )
+        {
+
+        }
+    }
+
+
+    public void testNoPrincipalName()
+    {
+        LdapConnectionDriver driver = new LdapConnectionDriver();
+
+        try
+        {
+            Properties props = new Properties();
+            props.setProperty( "applicationCredentials", "secret" );
+            driver.newStore( "", props );
+            fail( "should never get here due to an exception" );
+        }
+        catch ( IllegalArgumentException e )
+        {
+
+        }
+    }
+
+
+    public void testNoCredentials()
+    {
+        LdapConnectionDriver driver = new LdapConnectionDriver();
+        Properties props = new Properties();
+        props.setProperty( "applicationPrincipalDN", "appName=something" );
+        try
+        {
+            driver.newStore( "", props );
+            fail( "should never get here due to an exception" );
+        }
+        catch ( IllegalArgumentException e )
+        {
+
+        }
+    }
+}

Modified: directory/triplesec/trunk/guardian-ldap/src/test/resources/server.xml
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/guardian-ldap/src/test/resources/server.xml?view=diff&rev=558849&r1=558848&r2=558849
==============================================================================
--- directory/triplesec/trunk/guardian-ldap/src/test/resources/server.xml (original)
+++ directory/triplesec/trunk/guardian-ldap/src/test/resources/server.xml Mon Jul 23 13:01:54 2007
@@ -11,8 +11,8 @@
         <prop key="java.naming.security.principal">uid=admin,ou=system</prop>
         <prop key="java.naming.security.credentials">secret</prop>
         <prop key="java.naming.provider.url">dc=example,dc=com</prop>
-        <prop key="java.naming.factory.state">org.safehaus.triplesec.store.ProfileStateFactory</prop>
-        <prop key="java.naming.factory.object">org.safehaus.triplesec.store.ProfileObjectFactory</prop>
+        <prop key="java.naming.factory.state">org.apache.directory.triplesec.store.ProfileStateFactory</prop>
+        <prop key="java.naming.factory.object">org.apache.directory.triplesec.store.ProfileObjectFactory</prop>
 
         <prop key="kdc.primary.realm">EXAMPLE.COM</prop>
         <prop key="kdc.principal">krbtgt/EXAMPLE.COM@EXAMPLE.COM</prop>
@@ -37,7 +37,7 @@
 
         <prop key="safehaus.entry.basedn">ou=Users,dc=example,dc=com</prop>
         <prop key="safehaus.load.testdata">true</prop>
-        <prop key="kerberos.sam.type.7">org.safehaus.triplesec.verifier.hotp.DefaultHotpSamVerifier</prop>
+        <prop key="kerberos.sam.type.7">org.apache.directory.triplesec.verifier.hotp.DefaultHotpSamVerifier</prop>
       </props>
     </property>
   </bean>
@@ -121,7 +121,7 @@
         <bean class="org.apache.directory.server.core.schema.bootstrap.JavaSchema"/>
         <bean class="org.apache.directory.server.core.schema.bootstrap.Krb5kdcSchema"/>
         <bean class="org.apache.directory.server.core.schema.bootstrap.SystemSchema"/>
-        <bean class="org.safehaus.triplesec.store.schema.SafehausSchema"/>
+        <bean class="org.apache.directory.triplesec.store.schema.SafehausSchema"/>
       </set>
     </property>
     
@@ -203,7 +203,7 @@
         <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
           <property name="name"><value>policyProtectionService</value></property>
           <property name="interceptor">
-            <bean class="org.safehaus.triplesec.store.interceptor.PolicyProtectionInterceptor" />
+            <bean class="org.apache.directory.triplesec.store.interceptor.PolicyProtectionInterceptor" />
           </property>
         </bean>
       </list>

Added: directory/triplesec/trunk/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicy.java
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicy.java?view=auto&rev=558849
==============================================================================
--- directory/triplesec/trunk/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicy.java (added)
+++ directory/triplesec/trunk/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicy.java Mon Jul 23 13:01:54 2007
@@ -0,0 +1,557 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.triplesec.guardian.ldif;
+
+
+import org.apache.directory.shared.ldap.ldif.Entry;
+import org.apache.directory.shared.ldap.ldif.LdifReader;
+import org.apache.directory.triplesec.guardian.*;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.naming.directory.*;
+import javax.naming.NamingException;
+import javax.naming.NamingEnumeration;
+
+import java.io.File;
+import java.util.*;
+
+
+/**
+ * An LDIF file backed implementation of an application policy store.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+class LdifApplicationPolicy implements ApplicationPolicy
+{
+    /** the logger interface for this class */
+    private static Logger log = LoggerFactory.getLogger( LdifApplicationPolicy.class );
+    /** the name of the application this store is associated with */
+    private final String applicationName;
+    /** the dn of the application */
+    private final String applicationDn;
+    /** a breif description of this application */
+    private String description;
+    /** the LDIF file that was loaded for this application */
+    private final File ldifFile;
+    /** the raw entries contained within the LDIF file */
+//    private final Map entries;
+//    private Attributes application = null;
+    /** the {@link Permissions} defined for this store's application */
+    private Permissions permissions;
+    /** the {@link Roles} defined for this store's application */
+    private Roles roles;
+    /** the {@link Profile}s loaded from LDIF */
+    private Map profileMap;
+    /** map of userNames to sets of profile ids */
+    private Map userProfilesMap;
+
+    boolean isClosed = false;
+    /** the administrators super profile */
+    private Profile adminProfile;
+
+    
+    /**
+     * Creates an instance of the LDIF ApplicationPolicyStore.  Two properties are 
+     * expected in the info properties.  One is the dn of the application principal.  
+     * The other is the path to an ldif file.
+     * <table>
+     *   <tr><th>property</th><th>description</th></tr>
+     *   <tr><td>applicationPrincipalDN</td><td>the distinguished name of the application</td></tr>
+     *   <tr><td>ldifFilePath</td><td>the path to the LDIF file containing the entries to load</td></tr>
+     * </table>
+     *
+     * @param ctx the base context under which ou=applications and ou=users can be found
+     * @param info additional information needed to load the LDIF file
+     * @throws GuardianException if failures are encountered while loading objects from the backing store
+     */
+    public LdifApplicationPolicy( File ldifFile, Properties info ) throws GuardianException
+    {
+        this.userProfilesMap = new HashMap();
+        this.profileMap = new HashMap();
+        this.applicationDn = info.getProperty( "applicationPrincipalDN" );
+        // extract the applicationName from the applicationPrincipalDN
+        this.applicationName = getApplicationName( applicationDn );
+        // extract the path to the LDIF file to load 
+        this.ldifFile = ldifFile;
+        // loads the ldifs as a map of LdapNames to Attributes
+        load();
+        // create the admin profile with all permissions as grants and in all roles
+        this.adminProfile = new Profile( this, "admin", "admin", roles, permissions, 
+            new Permissions( applicationName, new Permission[0] ), false );
+    }
+
+    
+    private Map load() throws GuardianException
+    {
+        Map roleMap = new HashMap();
+        Map permissionMap = new HashMap();
+        Map profileMap = new HashMap();
+        Map entryMap = new HashMap();
+        try
+        {
+            LdifReader reader = new LdifReader();
+            List entries = reader.parseLdifFile( ldifFile.getAbsolutePath() );
+            for ( int ii = 0; ii < entries.size(); ii++ )
+            {
+                Entry entry = ( Entry ) entries.get( ii );
+                Attributes attributes = entry.getAttributes();
+                String dn = entry.getDn();
+                entryMap.put( dn, attributes );
+                
+                if ( dn.equals( applicationDn ) )
+                {
+//                    application = attributes;
+                }
+                else if ( dn.endsWith( applicationDn ) )
+                {
+                    Attribute oc = attributes.get( "objectClass" );
+                    if ( oc.contains( "policyPermission" ) )
+                    {
+                        permissionMap.put( dn, attributes );
+                    }
+                    else if ( oc.contains( "policyRole" ) )
+                    {
+                        roleMap.put( dn, attributes );
+                    }
+                    else if ( oc.contains( "policyProfile" ) )
+                    {
+                        profileMap.put( dn, attributes );
+                    }
+                }
+            }
+        }
+        catch ( Exception e )
+        {
+            String msg = "Failed to read from ldifFile '" + ldifFile + "'.";
+            log.error( msg, e );
+            throw new GuardianException( msg, e );
+        }
+        
+        loadPermissions( permissionMap );
+        loadRoles( roleMap );
+        loadProfiles( profileMap );
+        return entryMap;
+    }
+    
+
+    /**
+     * Loads the role entries extracted from the LDIF.
+     * 
+     * @throws GuardianException if there is a problem with a role 
+     */
+    private void loadRoles( Map roleMap ) throws GuardianException
+    {
+        Set roleSet = new HashSet();
+
+        try
+        {
+            Iterator keys = roleMap.keySet().iterator();
+            while ( keys.hasNext() )
+            {
+                String dn = ( String ) keys.next();
+                Attributes entry = ( Attributes ) roleMap.get( dn );
+                String roleName = ( String ) entry.get( "roleName" ).get();
+                Set permSet = new HashSet();
+                Attribute attributes = entry.get( "grants" );
+
+                if ( attributes != null )
+                {
+                    NamingEnumeration grantsEnumeration = entry.get( "grants" ).getAll();
+                    while ( grantsEnumeration.hasMore() )
+                    {
+                        String permName = ( String ) grantsEnumeration.next();
+                        permSet.add( permissions.get( permName ) );
+                        log.debug( "granting permission '" + permName + "' to role '" + roleName
+                                + " in application '" + applicationName + "'" );
+                    }
+                }
+                Permission[] permArray = new Permission[permSet.size()];
+                Permissions grants = new Permissions( applicationName, ( Permission[] ) permSet.toArray( permArray ) );
+
+                Attribute description = entry.get( "description" );
+                Role role;
+                if ( description == null || description.size() == 0 )
+                {
+                    role = new Role( this, roleName, grants );
+                }
+                else
+                {
+                    role = new Role( this, roleName, grants, ( String ) description.get() );
+                }
+
+                roleSet.add( role );
+                log.debug( "loading role '" + roleName + "' for application '" + applicationName + "'" );
+            }
+        }
+        catch ( NamingException e )
+        {
+            String msg = "Failed on search to find roles for application " + applicationName;
+            log.error( msg, e );
+            throw new GuardianException( msg, e );
+        }
+
+        Role[] roleArray = new Role[roleSet.size()];
+        roleArray = ( Role[] ) roleSet.toArray( roleArray );
+        this.roles = new Roles( applicationName, roleArray );
+    }
+
+
+    /**
+     * Loads the permission entries extracted from the LDIF.
+     * 
+     * @throws GuardianException if there is a problem with a permission
+     */
+    private void loadPermissions( Map permissionMap ) throws GuardianException
+    {
+        Set permSet = new HashSet();
+
+        try
+        {
+            Iterator keys = permissionMap.keySet().iterator();
+            while ( keys.hasNext() )
+            {
+                String dn = ( String ) keys.next();
+                Attributes entry = ( Attributes ) permissionMap.get( dn );
+                String permName = ( String ) entry.get( "permName" ).get();
+                Permission perm;
+                Attribute description = entry.get( "description" );
+                if ( description != null )
+                {
+                    perm = new Permission( applicationName, permName, ( String ) description.get() );
+                }
+                else
+                {
+                    perm = new Permission( applicationName, permName );
+                }
+                log.debug( "loading permission " + permName + " for application " + applicationName );
+                permSet.add( perm );
+            }
+        }
+        catch ( NamingException e )
+        {
+            String msg = "Failed on load of permissions for application " + applicationName;
+            log.error( msg, e );
+            throw new GuardianException( msg, e );
+        }
+
+        Permission[] permArray = new Permission[permSet.size()];
+        permArray = ( Permission[] ) permSet.toArray( permArray );
+        this.permissions = new Permissions( applicationName, permArray );
+    }
+
+
+    public String getApplicationName()
+    {
+        return this.applicationName;
+    }
+
+
+    public String getDescription()
+    {
+        return this.description;
+    }
+
+
+    public Roles getRoles()
+    {
+        return this.roles;
+    }
+
+
+    public Permissions getPermissions()
+    {
+        return permissions;
+    }
+
+    
+    private static boolean parseBoolean( String bool )
+    {
+        if ( bool.equals( "true" ) )
+        {
+            return true;
+        }
+        
+        return false;
+    }
+
+    
+    /**
+     * Loads the profile entries extracted from the LDIF.
+     * 
+     * @throws GuardianException if there is a problem with a profile 
+     */
+    private void loadProfiles( Map profileEntryMap ) throws GuardianException
+    {
+        String[] profileDns = new String[profileEntryMap.size()];
+        profileEntryMap.keySet().toArray( profileDns );
+        
+        for ( int ii = 0; ii < profileDns.length; ii++ )
+        {
+            Profile profile;
+            Permissions grants;
+            Permissions denials;
+            Roles roles;
+            String dn = profileDns[ii];
+            Attributes entry = ( Attributes ) profileEntryMap.get( dn );
+            String profileId;
+            String userName;
+            boolean disabled = false;
+            
+            Attribute disabledAttr = entry.get( "safehausDisabled" );
+            try
+            {
+                if ( disabledAttr != null )
+                {
+                    disabled = parseBoolean( ( ( String ) disabledAttr.get() ).toLowerCase() );
+                }
+            }
+            catch ( Exception e )
+            {
+                throw new GuardianException( "Failed trying to access safehausDiabled attribute: " + dn );
+            }
+            
+            try
+            {
+                profileId = ( String ) entry.get( "profileId" ).get();
+            }
+            catch ( Exception e )
+            {
+                throw new GuardianException( "Could not find profileId attribute for profile: " + dn );
+            }
+
+            try
+            {
+                userName = ( String ) entry.get( "user" ).get();
+            }
+            catch ( Exception e )
+            {
+                throw new GuardianException( "Could not find user attribute for profile: " + dn );
+            }
+
+            // -------------------------------------------------------------------------------
+            // process and assemble the profile's granted permissions
+            // -------------------------------------------------------------------------------
+
+            Attribute grantsAttribute = entry.get( "grants" );
+            if ( grantsAttribute != null )
+            {
+                Set grantsSet = new HashSet();
+                try
+                {
+                    NamingEnumeration grantsEnumeration = grantsAttribute.getAll();
+                    while ( grantsEnumeration.hasMore() )
+                    {
+                        String grantedPermName = ( String ) grantsEnumeration.next();
+                        grantsSet.add( this.permissions.get( grantedPermName ) );
+                    }
+                }
+                catch ( NamingException e )
+                {
+                    throw new GuardianException( "Failed to get grants for profile: " + dn );
+                }
+
+                Permission[] grantsArray = new Permission[grantsSet.size()];
+                grants = new Permissions( applicationName, ( Permission[] ) grantsSet.toArray( grantsArray ) );
+            }
+            else
+            {
+                grants = new Permissions( applicationName, new Permission[0] );
+            }
+
+            // -------------------------------------------------------------------------------
+            // process and assemble the profile's granted permissions
+            // -------------------------------------------------------------------------------
+
+            Attribute denialsAttribute = entry.get( "denials" );
+            if ( denialsAttribute != null )
+            {
+                Set denialsSet = new HashSet();
+                try
+                {
+                    NamingEnumeration denialsEnumeration = denialsAttribute.getAll();
+                    while ( denialsEnumeration.hasMore() )
+                    {
+                        String deniedPermName = ( String ) denialsEnumeration.next();
+                        denialsSet.add( this.permissions.get( deniedPermName ) );
+                    }
+                }
+                catch ( NamingException e )
+                {
+                    throw new GuardianException( "Failed to get denials for profile: " + dn );
+                }
+                Permission[] denialsArray = new Permission[denialsSet.size()];
+                denials = new Permissions( applicationName, ( Permission[] ) denialsSet.toArray( denialsArray ) );
+            }
+            else
+            {
+                denials = new Permissions( applicationName, new Permission[0] );
+            }
+
+            // -------------------------------------------------------------------------------
+            // process and assemble the profile's assigned roles
+            // -------------------------------------------------------------------------------
+
+            Attribute rolesAttribute = entry.get( "roles" );
+            if ( rolesAttribute != null )
+            {
+                Set rolesSet = new HashSet();
+                try
+                {
+                    NamingEnumeration rolesEnumeration = rolesAttribute.getAll();
+                    while ( rolesEnumeration.hasMore() )
+                    {
+                        String assignedRoleName = ( String ) rolesEnumeration.next();
+                        rolesSet.add( this.roles.get( assignedRoleName ) );
+                    }
+                }
+                catch ( NamingException e )
+                {
+                    throw new GuardianException( "Failed to get roles for profile: " + dn );
+                }
+                Role[] rolesArray = new Role[rolesSet.size()];
+                roles = new Roles( applicationName, ( Role[] ) rolesSet.toArray( rolesArray ) );
+            }
+            else
+            {
+                roles = new Roles( applicationName, new Role[0] );
+            }
+
+            Attribute description = entry.get( "description" );
+            if ( description == null || description.size() == 0 )
+            {
+                profile = new Profile( this, profileId, userName, roles, grants, denials, disabled );
+            }
+            else
+            {
+                String desc = "null";
+                try
+                {
+                    desc = ( String ) description.get();
+                }
+                catch ( NamingException e )
+                {
+                    throw new GuardianException( "Failed to get description for profile: " + dn );
+                }
+                profile = new Profile( this, profileId, userName, roles, grants, denials, desc, disabled );
+            }
+            
+            profileMap.put( profileId, profile );
+            
+            Set profileIdSet = ( Set ) userProfilesMap.get( userName );
+            if ( profileIdSet == null )
+            {
+                profileIdSet = new HashSet();
+                userProfilesMap.put( userName, profileIdSet );
+            }
+            profileIdSet.add( profileId );
+
+            if ( log.isDebugEnabled() )
+            {
+                log.debug( "loaded profile '" + profileId + "' in application '" + applicationName + "'" );
+            }
+        }
+    }
+    
+
+    public Profile getProfile( String userName ) throws GuardianException
+    {
+        if ( isClosed )
+        {
+            throw new IllegalStateException( "This policy object has been closed." );
+        }
+
+        if ( profileMap.containsKey( userName ) )
+        {
+            return ( Profile ) profileMap.get( userName );
+        }
+
+        return null;
+    }
+
+
+    public void close() throws GuardianException
+    {
+        isClosed = true;
+    }
+
+
+    static String getApplicationName( String principalDN )
+    {
+        String rdn = principalDN.split( "," )[0].trim();
+        String[] rdnPair = rdn.split( "=" );
+
+        if ( ! rdnPair[0].trim().equalsIgnoreCase( "appName" ) )
+        {
+            throw new IllegalArgumentException( "Application principal name '" + principalDN
+                    + "' is not an application DN" );
+        }
+
+        return rdnPair[1].trim();
+    }
+
+
+    public boolean removePolicyListener( PolicyChangeListener listener )
+    {
+        throw new RuntimeException( "Not implemented yet!" );
+    }
+
+
+    public boolean addPolicyListener( PolicyChangeListener listener )
+    {
+        throw new RuntimeException( "Not implemented yet!" );
+    }
+
+
+    public Set getDependentProfileNames( Role role ) throws GuardianException
+    {
+        throw new RuntimeException( "Not implemented yet!" );
+    }
+
+
+    public Set getDependentProfileNames( Permission permission ) throws GuardianException
+    {
+        throw new RuntimeException( "Not implemented yet!" );
+    }
+
+
+    public Set getUserProfileIds( String userName ) throws GuardianException
+    {
+        Set profileSet = ( Set ) userProfilesMap.get( userName );
+        if ( profileSet == null )
+        {
+            return Collections.EMPTY_SET;
+        }
+        return Collections.unmodifiableSet( profileSet );
+    }
+    
+    
+    public Iterator getProfileIdIterator()
+    {
+        return profileMap.keySet().iterator();
+    }
+
+
+    public Profile getAdminProfile()
+    {
+        return adminProfile;
+    }
+}

Added: directory/triplesec/trunk/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifConnectionDriver.java
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifConnectionDriver.java?view=auto&rev=558849
==============================================================================
--- directory/triplesec/trunk/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifConnectionDriver.java (added)
+++ directory/triplesec/trunk/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifConnectionDriver.java Mon Jul 23 13:01:54 2007
@@ -0,0 +1,103 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.triplesec.guardian.ldif;
+
+
+import java.io.File;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.Properties;
+
+import org.apache.directory.shared.ldap.NotImplementedException;
+import org.apache.directory.triplesec.guardian.ApplicationPolicy;
+import org.apache.directory.triplesec.guardian.ApplicationPolicyFactory;
+import org.apache.directory.triplesec.guardian.ConnectionDriver;
+import org.apache.directory.triplesec.guardian.GuardianException;
+
+
+/**
+ * A simple LDIF file based driver for guardian.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev: 62 $
+ */
+public class LdifConnectionDriver implements ConnectionDriver
+{
+    static
+    {
+        ApplicationPolicyFactory.registerDriver( new LdifConnectionDriver() );
+    }
+
+    
+    public LdifConnectionDriver()
+    {
+    }
+
+    
+    public boolean accept( String url )
+    {
+        if ( ( url.startsWith( "file://" ) || url.startsWith( "jar:" ) ) && url.endsWith( ".ldif" ) )
+        {
+            return true;
+        }
+
+        return false;
+    }
+    
+
+    public ApplicationPolicy newStore( String url, Properties info ) throws GuardianException
+    {
+        if ( info == null )
+        {
+            info = new Properties();
+        }
+
+        if ( url == null )
+        {
+            throw new IllegalArgumentException( "A non-null url must be provided." );
+        }
+
+        String application = info.getProperty( "applicationPrincipalDN" );
+        if ( application == null )
+        {
+            throw new IllegalArgumentException( "An applicationPrincipalDN property value must be provided." );
+        }
+        
+        if ( url.startsWith( "file://" ) )
+        {
+            File ldifFile = null;
+            try
+            {
+                ldifFile = new File( new URL( url ).getPath() );
+            }
+            catch ( MalformedURLException e )
+            {
+                throw new GuardianException( "Malformed LDIF file URL: " + url );
+            }
+            return new LdifApplicationPolicy( ldifFile, info );
+        }
+        else if ( url.startsWith( "jar:" ) )
+        {
+            throw new NotImplementedException();
+        }
+        
+        throw new GuardianException( "Unrecognized URL scheme for " );
+    }
+}

Added: directory/triplesec/trunk/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdapConnectionDriverTest.java
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdapConnectionDriverTest.java?view=auto&rev=558849
==============================================================================
--- directory/triplesec/trunk/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdapConnectionDriverTest.java (added)
+++ directory/triplesec/trunk/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdapConnectionDriverTest.java Mon Jul 23 13:01:54 2007
@@ -0,0 +1,79 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.triplesec.guardian.ldif;
+
+
+import junit.framework.TestCase;
+
+import java.util.Properties;
+
+
+/**
+ * Tests the LDAP ConnectionDriver.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class LdapConnectionDriverTest extends TestCase
+{
+    public void testNullProperties()
+    {
+        LdifConnectionDriver driver = new LdifConnectionDriver();
+        try
+        {
+            driver.newStore( "", null );
+            fail( "should not get here due to exception" );
+        }
+        catch( IllegalArgumentException e )
+        {
+        }
+    }
+
+
+    public void testNullUrl()
+    {
+        LdifConnectionDriver driver = new LdifConnectionDriver();
+        Properties props = new Properties();
+        props.setProperty( "applicationPrincipalDN", "appName=something" );
+        try
+        {
+            driver.newStore( null, props );
+            fail( "should never get here due to an exception" );
+        }
+        catch ( IllegalArgumentException e )
+        {
+        }
+    }
+
+
+    public void testNoPrincipalName()
+    {
+        LdifConnectionDriver driver = new LdifConnectionDriver();
+        try
+        {
+            Properties props = new Properties();
+            driver.newStore( "", props );
+            fail( "should never get here due to an exception" );
+        }
+        catch ( IllegalArgumentException e )
+        {
+        }
+    }
+}

Added: directory/triplesec/trunk/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicyTest.java
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicyTest.java?view=auto&rev=558849
==============================================================================
--- directory/triplesec/trunk/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicyTest.java (added)
+++ directory/triplesec/trunk/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicyTest.java Mon Jul 23 13:01:54 2007
@@ -0,0 +1,207 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.triplesec.guardian.ldif;
+
+
+import junit.framework.TestCase;
+
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Properties;
+import java.util.Set;
+
+import org.apache.directory.triplesec.guardian.ApplicationPolicyFactory;
+import org.apache.directory.triplesec.guardian.Profile;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * TestCase to test the LDAP ApplicationPolicyStore implementation.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class LdifApplicationPolicyTest extends TestCase
+{
+    Logger log = LoggerFactory.getLogger( LdifApplicationPolicyTest.class );
+    LdifApplicationPolicy policy;
+
+
+    public LdifApplicationPolicyTest( String string ) throws Exception
+    {
+        super( string );
+    }
+
+
+    public LdifApplicationPolicyTest() throws Exception
+    {
+        super();
+    }
+
+
+    protected void setUp() throws Exception
+    {
+        super.setUp();
+        Properties props = new Properties();
+        props.setProperty( "applicationPrincipalDN", "appName=mockApplication,ou=applications,dc=example,dc=com" );
+        Class.forName( "org.apache.directory.triplesec.guardian.ldif.LdifConnectionDriver" );
+        String url = System.getProperty( "ldif.url", "file://src/test/resources/server.ldif" );
+        log.info( "using url for ldif file: " + url );
+        policy = ( LdifApplicationPolicy ) ApplicationPolicyFactory.newInstance( url, props );
+    }
+
+
+    protected void tearDown() throws Exception
+    {
+        super.tearDown();
+        policy.close();
+        policy = null;
+    }
+
+
+    public void testGetProfileIds() throws Exception
+    {
+        Set ids = new HashSet();
+        for ( Iterator ii = this.policy.getProfileIdIterator(); ii.hasNext(); /**/ )
+        {
+            ids.add( ii.next() );
+        }
+        assertEquals( 5, ids.size() );
+        assertTrue( ids.contains( "mockProfile0" ) );
+        assertTrue( ids.contains( "mockProfile1" ) );
+        assertTrue( ids.contains( "mockProfile2" ) );
+        assertTrue( ids.contains( "mockProfile3" ) );
+        assertTrue( ids.contains( "mockProfile4" ) );
+        assertFalse( ids.contains( "bogus" ) );
+    }
+
+
+    public void testGetApplicationNameString()
+    {
+        String applicationName = LdifApplicationPolicy.getApplicationName(
+                "appName=testingApp,ou=applications,dc=example,dc=com" );
+        assertEquals( "testingApp", applicationName );
+
+        try
+        {
+            LdifApplicationPolicy.getApplicationName( "notanapp=blahblah" );
+            fail( "should never get here due to an exception" );
+        }
+        catch ( IllegalArgumentException e )
+        {
+        }
+    }
+
+
+    public void testNonExistantProfile()
+    {
+        Profile p = policy.getProfile( "nonexistant" );
+        assertNull( p );
+    }
+
+
+    public void testProfile0()
+    {
+        Profile p = policy.getProfile( "mockProfile0" );
+        assertTrue( p.getEffectivePermissions().isEmpty() );
+        assertEquals( 5, policy.getRoles().size() );
+        assertEquals( p, policy.getProfile( "mockProfile0" ) );
+    }
+
+
+    public void testProfile1()
+    {
+        Profile p = policy.getProfile( "mockProfile1" );
+        assertEquals( 2, p.getEffectivePermissions().size() );
+        assertTrue( p.hasPermission( "mockPerm0" ) );
+        assertTrue( p.hasPermission( "mockPerm1" ) );
+        assertFalse( p.hasPermission( "mockPerm3") );
+        assertEquals( p, policy.getProfile( "mockProfile1" ) );
+    }
+
+
+    public void testProfile2()
+    {
+        Profile p = policy.getProfile( "mockProfile2" );
+        assertEquals( 2, p.getEffectivePermissions().size() );
+        assertTrue( p.hasPermission( "mockPerm0" ) );
+        assertTrue( p.hasPermission( "mockPerm1" ) );
+        assertFalse( p.hasPermission( "mockPerm3") );
+        assertEquals( p, policy.getProfile( "mockProfile2" ) );
+    }
+
+
+    public void testProfile3()
+    {
+        Profile p = policy.getProfile( "mockProfile3" );
+        assertEquals( 4, p.getEffectivePermissions().size() );
+        assertTrue( p.hasPermission( "mockPerm0" ) );
+        assertTrue( p.hasPermission( "mockPerm7" ) );
+        assertTrue( p.hasPermission( "mockPerm2" ) );
+        assertTrue( p.hasPermission( "mockPerm3" ) );
+        assertFalse( p.hasPermission( "mockPerm4" ) );
+        assertEquals( p, policy.getProfile( "mockProfile3" ) );
+    }
+
+
+    public void testProfile4()
+    {
+        Profile p = policy.getProfile( "mockProfile4" );
+        assertEquals( 7, p.getEffectivePermissions().size() );
+        assertTrue( p.hasPermission( "mockPerm0" ) );
+        assertFalse( p.hasPermission( "mockPerm1" ) );
+        assertTrue( p.hasPermission( "mockPerm2" ) );
+        assertTrue( p.hasPermission( "mockPerm3" ) );
+        assertTrue( p.hasPermission( "mockPerm4" ) );
+        assertTrue( p.hasPermission( "mockPerm5" ) );
+        assertTrue( p.hasPermission( "mockPerm6" ) );
+        assertFalse( p.hasPermission( "mockPerm7" ) );
+        assertFalse( p.hasPermission( "mockPerm8" ) );
+        assertTrue( p.hasPermission( "mockPerm9" ) );
+        assertFalse( p.hasPermission( "mockPerm14" ) );
+        assertEquals( p, policy.getProfile( "mockProfile4" ) );
+    }
+    
+    
+    public void testGetUserProfileIds() 
+    {
+        Set ids = policy.getUserProfileIds( "akarasulu" );
+        assertEquals( 5, ids.size() );
+        ids = policy.getUserProfileIds( "trustin" );
+        assertEquals( 0, ids.size() );
+    }
+
+
+    public void testClosedState()
+    {
+        policy.close();
+        try
+        {
+            policy.getProfile( "asdf" );
+            fail( "should never get here due to an exception" );
+        }
+        catch ( Exception e )
+        {
+
+        }
+    }
+}
+                                                     
\ No newline at end of file

Modified: directory/triplesec/trunk/integration/pom.xml
URL: http://svn.apache.org/viewvc/directory/triplesec/trunk/integration/pom.xml?view=diff&rev=558849&r1=558848&r2=558849
==============================================================================
--- directory/triplesec/trunk/integration/pom.xml (original)
+++ directory/triplesec/trunk/integration/pom.xml Mon Jul 23 13:01:54 2007
@@ -105,7 +105,7 @@
             <configuration>
               <systemProperties>
                 <property>
-                  <name>org.safehaus.triplesec.integration.resourcesDirectory</name>
+                  <name>org.apache.directory.triplesec.integration.resourcesDirectory</name>
                   <value>${basedir}/src/test/resources</value>
                 </property>
               </systemProperties>



Mime
View raw message