directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r570591 - in /directory/sandbox/djencks/triplesec-jacc2: admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/ guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ guardian-api/src/test/java/org/apache/di...
Date Tue, 28 Aug 2007 23:01:29 GMT
Author: djencks
Date: Tue Aug 28 16:01:28 2007
New Revision: 570591

URL: http://svn.apache.org/viewvc?rev=570591&view=rev
Log:
Remove some of the worst hacks in jacc usage

Added:
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryRealmPolicy.java
  (with props)
    directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapRealmPolicy.java
  (with props)
Modified:
    directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/ChildMap.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactory.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ConnectionDriver.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/Roles.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactoryTest.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockConnectionDriver.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriver.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriverTest.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifConnectionDriver.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdapConnectionDriverTest.java
    directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipal.java
    directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java
    directory/sandbox/djencks/triplesec-jacc2/jacc/src/test/java/org/apache/directory/triplesec/jacc/TripleSecPolicyIntegrationTest.java

Modified: directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/ChildMap.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/ChildMap.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/ChildMap.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/ChildMap.java
Tue Aug 28 16:01:28 2007
@@ -65,8 +65,8 @@
         String name = buf.toString();
         try
         {
-            for (NamingEnumeration ne = ctx.search( name, filter, controls) ; ne.hasMoreElements();
) {
-                SearchResult result = ( SearchResult ) ne.nextElement();
+            for (NamingEnumeration<SearchResult> ne = ctx.search( name, filter, controls)
; ne.hasMoreElements(); ) {
+                SearchResult result = ne.nextElement();
                 Attributes attrs = result.getAttributes();
                 String dn = result.getName();
                 String pcRdn = dn + "," + rdn;

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactory.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactory.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactory.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactory.java
Tue Aug 28 16:01:28 2007
@@ -220,7 +220,7 @@
         {
             try
             {
-                return driver.newStore( url, info );
+                return driver.newApplicationPolicy( url, info );
             }
             catch( StoreConnectionException e )
             {

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ConnectionDriver.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ConnectionDriver.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ConnectionDriver.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ConnectionDriver.java
Tue Aug 28 16:01:28 2007
@@ -53,7 +53,7 @@
      * @return the connected {@link ApplicationPolicy}
      * @throws GuardianException if failed to connect
      */
-    ApplicationPolicy newStore( String url, Properties info ) throws GuardianException;
+    ApplicationPolicy newApplicationPolicy( String url, Properties info ) throws GuardianException;
 
     RealmPolicy newRealmPolicy( String url, Properties info );
 }

Added: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryRealmPolicy.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryRealmPolicy.java?rev=570591&view=auto
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryRealmPolicy.java
(added)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryRealmPolicy.java
Tue Aug 28 16:01:28 2007
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.directory.triplesec.guardian;
+
+import java.security.Permission;
+import java.security.Permissions;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+
+import javax.naming.directory.Attributes;
+import javax.naming.directory.Attribute;
+import javax.naming.NamingException;
+import javax.naming.NamingEnumeration;
+
+/**
+ * @version $Rev:564501 $ $Date:2007-08-10 00:58:38 -0700 (Fri, 10 Aug 2007) $
+ */
+public class EntryRealmPolicy implements RealmPolicy {
+
+    private final Map<String, ApplicationPolicy> applicationPolicies;
+
+    public EntryRealmPolicy( Map<String, ApplicationPolicy> applicationPolicies )
+    {
+        this.applicationPolicies = applicationPolicies;
+    }
+
+    public Profile getProfile( String profileId, String applicationRdn ) throws GuardianException
+    {
+        ApplicationPolicy applicationPolicy = applicationPolicies.get(applicationRdn);
+        if ( applicationPolicy != null) {
+            return applicationPolicy.getProfile( profileId );
+        }
+        return null;
+    }
+
+    public void close()
+    {
+        for ( ApplicationPolicy applicationPolicy: applicationPolicies.values() )
+        {
+            applicationPolicy.close();
+        }
+        applicationPolicies.clear();
+    }
+
+}

Propchange: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryRealmPolicy.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryRealmPolicy.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryRealmPolicy.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/Roles.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/Roles.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/Roles.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/Roles.java
Tue Aug 28 16:01:28 2007
@@ -80,12 +80,12 @@
             {
                 continue;
             }
-            
+
             if( !applicationName.equals( r.getApplicationRelativeDistinguishedName() ) )
             {
                 throw new IllegalArgumentException( "Invalid applicationRdn: " + r.getApplicationRelativeDistinguishedName()
);
             }
-            
+
             this.roles.put( r.getName(), r );
         }
     }

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactoryTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactoryTest.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactoryTest.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactoryTest.java
Tue Aug 28 16:01:28 2007
@@ -136,7 +136,7 @@
             return url.startsWith( prefix );
         }
 
-        public ApplicationPolicy newStore(String url, Properties info) throws GuardianException
{
+        public ApplicationPolicy newApplicationPolicy(String url, Properties info) throws
GuardianException {
             return new ApplicationPolicy()
             {
                 public String getApplicationRelativeDistinguishedName() {
@@ -235,12 +235,12 @@
             counter = 0;
         }
 
-        public ApplicationPolicy newStore( String url, Properties info ) throws GuardianException
+        public ApplicationPolicy newApplicationPolicy( String url, Properties info ) throws
GuardianException
         {
             counter++;
             if( counter == 3 )
             {
-                return super.newStore( url, info );
+                return super.newApplicationPolicy( url, info );
             }
             
             throw new StoreConnectionException();

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockConnectionDriver.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockConnectionDriver.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockConnectionDriver.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockConnectionDriver.java
Tue Aug 28 16:01:28 2007
@@ -52,7 +52,7 @@
         return false;
     }
 
-    public ApplicationPolicy newStore( String url, Properties info ) throws GuardianException
+    public ApplicationPolicy newApplicationPolicy( String url, Properties info ) throws GuardianException
     {
         return new MockApplicationPolicy();
     }

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriver.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriver.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriver.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriver.java
Tue Aug 28 16:01:28 2007
@@ -45,7 +45,9 @@
 {
     static
     {
-        ApplicationPolicyFactory.registerDriver( new LdapConnectionDriver() );
+        LdapConnectionDriver connectionDriver = new LdapConnectionDriver();
+        ApplicationPolicyFactory.registerDriver( connectionDriver );
+        RealmPolicyFactory.registerDriver( connectionDriver );
     }
 
     public LdapConnectionDriver()
@@ -54,15 +56,38 @@
 
     public boolean accept( String url )
     {
-        if ( url.startsWith( "ldap://" ) )
-        {
-            return true;
-        }
+        return url.startsWith( "ldap://" );
+
+    }
+
+    public ApplicationPolicy newApplicationPolicy( String url, Properties info ) throws GuardianException
+    {
+        InitialDirContext ictx = getContext( info, url );
+
+        String applicationRdn = getApplicationRdn( info );
+
+        return new LdapApplicationPolicy( ictx, applicationRdn );
+    }
+
+    public RealmPolicy newRealmPolicy( String url, Properties info )
+    {
+        InitialDirContext ictx = getContext( info, url );
+
+        String applicationRdn = getApplicationRdn( info );
 
-        return false;
+        return new LdapRealmPolicy( ictx, applicationRdn );
     }
 
-    public ApplicationPolicy newStore( String url, Properties info ) throws GuardianException
+    private String getApplicationRdn( Properties info )
+    {
+        String applicationRdn = info.getProperty("applicationRDN");
+        if (applicationRdn == null) {
+            throw new IllegalArgumentException( "The ApplicationRDN property must be provided"
);
+        }
+        return applicationRdn;
+    }
+
+    private InitialDirContext getContext( Properties info, String url )
     {
         if ( info == null )
         {
@@ -86,11 +111,6 @@
             throw new IllegalArgumentException( "The applicationCredentials property must
be provided" );
         }
 
-        String applicationRdn = info.getProperty("applicationRDN");
-        if (applicationRdn == null) {
-            throw new IllegalArgumentException( "The ApplicationRDN property must be provided"
);
-        }
-
         Hashtable env = new Hashtable();
         env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
         env.put( Context.PROVIDER_URL, url );
@@ -108,12 +128,7 @@
             env.remove( Context.SECURITY_CREDENTIALS ); // remove credentials before printing
to log
             throw new StoreConnectionException( "Failed to obtain initial context for " +
env, e );
         }
-
-        return new LdapApplicationPolicy( ictx, applicationRdn );
+        return ictx;
     }
 
-    public RealmPolicy newRealmPolicy( String url, Properties info )
-    {
-        return null;
-    }
 }

Added: directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapRealmPolicy.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapRealmPolicy.java?rev=570591&view=auto
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapRealmPolicy.java
(added)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapRealmPolicy.java
Tue Aug 28 16:01:28 2007
@@ -0,0 +1,88 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.directory.triplesec.guardian.ldap;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+
+import org.apache.directory.triplesec.guardian.ApplicationPolicy;
+import org.apache.directory.triplesec.guardian.EntryRealmPolicy;
+import org.apache.directory.triplesec.guardian.GuardianException;
+
+/**
+ * An LDAP backed implementation of a realm policy store.
+ *
+ * @version $Rev$
+ */
+class LdapRealmPolicy extends EntryRealmPolicy
+{
+
+    /**
+     * the realm JNDI Context at the base under which ou=applications can be found
+     */
+    private static final String[] ATTRS = {"appName"};
+    private static final SearchControls APPS_CONTROLS = new SearchControls( SearchControls.ONELEVEL_SCOPE,
0, 0, ATTRS, false, false );
+    private static final String APPS_QUERY = "(& (appName=*) (objectClass=policyApplication)
)";
+
+
+    /**
+     * Creates an instance of the LDAP ApplicationPolicyStore.
+     *
+     * @param ctx            the realm base context under which ou=applications and ou=users
can be found
+     * @param applicationRdn relative distinguished name for this app context inside ctx
+     * @throws org.apache.directory.triplesec.guardian.GuardianException
+     *          if failures are encountered while loading objects from the backing store
+     */
+    public LdapRealmPolicy( DirContext ctx, String applicationRdn ) throws GuardianException
+    {
+        super( buildApplicationPolicies( ctx, applicationRdn ) );
+    }
+
+    private static Map<String, ApplicationPolicy> buildApplicationPolicies( DirContext
ctx, String applicationRdn )
+    {
+        Map<String, ApplicationPolicy> applicationPolicies = new HashMap<String,
ApplicationPolicy>();
+        try
+        {
+            for ( NamingEnumeration<SearchResult> ne = ctx.search( applicationRdn,
APPS_QUERY, APPS_CONTROLS ); ne.hasMoreElements(); )
+            {
+                SearchResult result = ne.nextElement();
+                String dn = result.getName();
+                Attribute attr = result.getAttributes().get("appName");
+                String contextId = ( String ) attr.get();
+                String pcRdn = dn + "," + applicationRdn;
+                ApplicationPolicy applicationPolicy = new LdapApplicationPolicy( ctx, pcRdn
);
+                applicationPolicies.put( contextId, applicationPolicy );
+            }
+        } catch ( NamingException e )
+        {
+            throw new GuardianException( e );
+        }
+        return applicationPolicies;
+    }
+
+}

Propchange: directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapRealmPolicy.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapRealmPolicy.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapRealmPolicy.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriverTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriverTest.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriverTest.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapConnectionDriverTest.java
Tue Aug 28 16:01:28 2007
@@ -39,7 +39,7 @@
 
         try
         {
-            driver.newStore( "", null );
+            driver.newApplicationPolicy( "", null );
             fail( "should not get here due to exception" );
         }
         catch( IllegalArgumentException e )
@@ -56,7 +56,7 @@
         props.setProperty( "applicationCredentials", "secret" );
         try
         {
-            driver.newStore( null, props );
+            driver.newApplicationPolicy( null, props );
             fail( "should never get here due to an exception" );
         }
         catch ( IllegalArgumentException e )
@@ -74,7 +74,7 @@
         {
             Properties props = new Properties();
             props.setProperty( "applicationCredentials", "secret" );
-            driver.newStore( "", props );
+            driver.newApplicationPolicy( "", props );
             fail( "should never get here due to an exception" );
         }
         catch ( IllegalArgumentException e )
@@ -91,7 +91,7 @@
         props.setProperty( "applicationPrincipalDN", "appName=something" );
         try
         {
-            driver.newStore( "", props );
+            driver.newApplicationPolicy( "", props );
             fail( "should never get here due to an exception" );
         }
         catch ( IllegalArgumentException e )

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifConnectionDriver.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifConnectionDriver.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifConnectionDriver.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifConnectionDriver.java
Tue Aug 28 16:01:28 2007
@@ -66,7 +66,7 @@
     }
 
 
-    public ApplicationPolicy newStore( String url, Properties info ) throws GuardianException
+    public ApplicationPolicy newApplicationPolicy( String url, Properties info ) throws GuardianException
     {
         if ( info == null )
         {

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdapConnectionDriverTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdapConnectionDriverTest.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdapConnectionDriverTest.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdapConnectionDriverTest.java
Tue Aug 28 16:01:28 2007
@@ -38,7 +38,7 @@
         LdifConnectionDriver driver = new LdifConnectionDriver();
         try
         {
-            driver.newStore( "", null );
+            driver.newApplicationPolicy( "", null );
             fail( "should not get here due to exception" );
         }
         catch( IllegalArgumentException e )
@@ -54,7 +54,7 @@
         props.setProperty( "applicationPrincipalDN", "appName=something" );
         try
         {
-            driver.newStore( null, props );
+            driver.newApplicationPolicy( null, props );
             fail( "should never get here due to an exception" );
         }
         catch ( IllegalArgumentException e )
@@ -69,7 +69,7 @@
         try
         {
             Properties props = new Properties();
-            driver.newStore( "", props );
+            driver.newApplicationPolicy( "", props );
             fail( "should never get here due to an exception" );
         }
         catch ( IllegalArgumentException e )

Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipal.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipal.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipal.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipal.java
Tue Aug 28 16:01:28 2007
@@ -33,9 +33,9 @@
 {
 
     private final String profileId;
-    private final ApplicationPolicy realmPolicy;
+    private final RealmPolicy realmPolicy;
 
-    public TriplesecRealmPrincipal( String profileId, ApplicationPolicy realmPolicy )
+    public TriplesecRealmPrincipal( String profileId, RealmPolicy realmPolicy )
     {
         this.profileId = profileId;
         this.realmPolicy = realmPolicy;
@@ -53,8 +53,8 @@
      */
     public Profile getProfile(String applicationName)
     {
-//        return realmPolicy.getProfile(profileId, applicationName);
-        return realmPolicy.getProfile(profileId);
+        return realmPolicy.getProfile(profileId, applicationName);
+//        return realmPolicy.getProfile(profileId);
     }
 
 

Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java
Tue Aug 28 16:01:28 2007
@@ -28,7 +28,7 @@
 import javax.security.auth.login.LoginException;
 import javax.security.auth.callback.CallbackHandler;
 
-import org.apache.directory.triplesec.guardian.ApplicationPolicy;
+import org.apache.directory.triplesec.guardian.RealmPolicy;
 
 /**
  * @version $Rev:564501 $ $Date:2007-08-10 00:58:38 -0700 (Fri, 10 Aug 2007) $
@@ -37,11 +37,11 @@
 {
 
     public static final String PROFILE_KEY = LdapBindLoginModule.PREFIX + "profileID";
-    public static final String POLICY_KEY = LdapBindLoginModule.PREFIX + "applicationPolicy";
+    public static final String POLICY_KEY = LdapBindLoginModule.PREFIX + "realmPolicy";
 
     private Subject subject;
     private String profileId;
-    private ApplicationPolicy applicationPolicy;
+    private RealmPolicy realmPolicy;
     private Principal principal;
 
     public void initialize( Subject subject, CallbackHandler callbackHandler, Map<String,
?> sharedState, Map<String, ?> options )
@@ -52,10 +52,10 @@
         {
             throw new IllegalArgumentException( "No profileID supplied in sharedState" );
         }
-        applicationPolicy = ( ApplicationPolicy ) options.get( POLICY_KEY );
-        if ( applicationPolicy == null )
+        realmPolicy = ( RealmPolicy ) options.get( POLICY_KEY );
+        if ( realmPolicy == null )
         {
-            throw new IllegalArgumentException( "No application policy in options" );
+            throw new IllegalArgumentException( "No realm policy in options" );
         }
     }
 
@@ -66,7 +66,7 @@
 
     public boolean commit() throws LoginException
     {
-        principal = new TriplesecRealmPrincipal( profileId, applicationPolicy );
+        principal = new TriplesecRealmPrincipal( profileId, realmPolicy );
         subject.getPrincipals().add( principal );
         return true;
     }

Modified: directory/sandbox/djencks/triplesec-jacc2/jacc/src/test/java/org/apache/directory/triplesec/jacc/TripleSecPolicyIntegrationTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jacc/src/test/java/org/apache/directory/triplesec/jacc/TripleSecPolicyIntegrationTest.java?rev=570591&r1=570590&r2=570591&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jacc/src/test/java/org/apache/directory/triplesec/jacc/TripleSecPolicyIntegrationTest.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/jacc/src/test/java/org/apache/directory/triplesec/jacc/TripleSecPolicyIntegrationTest.java
Tue Aug 28 16:01:28 2007
@@ -36,58 +36,62 @@
 import javax.naming.directory.Attributes;
 import javax.naming.directory.InitialDirContext;
 import javax.security.auth.Subject;
-import javax.security.auth.spi.LoginModule;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
 import javax.security.jacc.PolicyConfiguration;
 import javax.security.jacc.PolicyConfigurationFactory;
 import javax.security.jacc.PolicyContext;
 
-import org.apache.directory.triplesec.guardian.ApplicationPolicy;
-import org.apache.directory.triplesec.guardian.ApplicationPolicyFactory;
+import org.apache.directory.triplesec.guardian.RealmPolicy;
+import org.apache.directory.triplesec.guardian.RealmPolicyFactory;
 import org.apache.directory.triplesec.guardian.StoreConnectionException;
 import org.apache.directory.triplesec.guardian.StringPermission;
 import org.apache.directory.triplesec.integration.TriplesecIntegration;
 import org.apache.directory.triplesec.jaas.LdapBindLoginModule;
-import org.apache.directory.triplesec.jaas.SafehausLoginModule;
 import org.apache.directory.triplesec.jaas.TriplesecRealmPrincipalLoginModule;
 
 /**
  * @version $Rev$ $Date$
  */
-public class TripleSecPolicyIntegrationTest extends TriplesecIntegration {
+public class TripleSecPolicyIntegrationTest extends TriplesecIntegration
+{
     public final static String POLICY_CONFIG_FACTORY = "javax.security.jacc.PolicyConfigurationFactory.provider";
 
     private static final String APP_NAME = "mockContext";
 
-    private ApplicationPolicy applicationPolicy;
+    private RealmPolicy realmPolicy;
     private static final String BASE_URL = "dc=example,dc=com";
     private String providerUrl;
     private static boolean POLICY_INSTALLED = false;
     private PolicyConfigurationFactory policyConfigurationFactory;
     private Properties props;
 
-    public TripleSecPolicyIntegrationTest() throws Exception {
+    public TripleSecPolicyIntegrationTest() throws Exception
+    {
         super();
     }
 
-    public TripleSecPolicyIntegrationTest(String string) throws Exception {
-        super(string);
+    public TripleSecPolicyIntegrationTest( String string ) throws Exception
+    {
+        super( string );
     }
 
-    protected void setUp() throws Exception {
+    protected void setUp() throws Exception
+    {
         super.setUp();
         providerUrl = "ldap://localhost:" + super.getLdapPort() + "/" + BASE_URL;
         props = new Properties();
-        props.setProperty("applicationRDN", "appName=" + APP_NAME + ",appName=mockApplication,ou=applications");
+//        props.setProperty("applicationRDN", "appName=" + APP_NAME + ",appName=mockApplication,ou=applications");
+        props.setProperty( "applicationRDN", "appName=mockApplication,ou=applications" );
 //        props.setProperty("applicationPrincipalDN", "appName=" + APP_NAME + ",appName=mockApplication,ou=applications,"
+ BASE_URL);
 //        props.setProperty("applicationCredentials", "testing");
-        props.setProperty("applicationPrincipalDN", "uid=admin,ou=system");
-        props.setProperty("applicationCredentials", "secret");
+        props.setProperty( "applicationPrincipalDN", "uid=admin,ou=system" );
+        props.setProperty( "applicationCredentials", "secret" );
         //TODO we need something
 //        props.setProperty( DaoFactory.IMPLEMENTATION_CLASS, LdapDaoFactory.class.getName()
);
         props.setProperty( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"
);
@@ -98,75 +102,83 @@
 
         props.setProperty( TripleSecPolicyConfigurationFactory.LDAP_ROOT_DN_KEY, "" );
 
-        Class.forName("org.apache.directory.triplesec.guardian.ldap.LdapConnectionDriver");
+        Class.forName( "org.apache.directory.triplesec.guardian.ldap.LdapConnectionDriver"
);
 
 
-        if (!POLICY_INSTALLED) {
+        if ( !POLICY_INSTALLED )
+        {
             Policy policy = new TripleSecPolicy();
             policy.refresh();
-            Policy.setPolicy(policy);
+            Policy.setPolicy( policy );
 
             POLICY_INSTALLED = true;
         }
 
-        System.setProperty(POLICY_CONFIG_FACTORY, TripleSecPolicyConfigurationFactory.class.getName());
+        System.setProperty( POLICY_CONFIG_FACTORY, TripleSecPolicyConfigurationFactory.class.getName()
);
         Thread currentThread = Thread.currentThread();
         ClassLoader oldClassLoader = currentThread.getContextClassLoader();
-        currentThread.setContextClassLoader(this.getClass().getClassLoader());
-        try {
+        currentThread.setContextClassLoader( this.getClass().getClassLoader() );
+        try
+        {
             policyConfigurationFactory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
-        } finally {
-            currentThread.setContextClassLoader(oldClassLoader);
+        } finally
+        {
+            currentThread.setContextClassLoader( oldClassLoader );
         }
-        ((TripleSecPolicyConfigurationFactory)policyConfigurationFactory).setLdapProperties(props);
+        ( ( TripleSecPolicyConfigurationFactory ) policyConfigurationFactory ).setLdapProperties(
props );
     }
 
 
-    protected void tearDown() throws Exception {
+    protected void tearDown() throws Exception
+    {
         super.tearDown();
-        if ( applicationPolicy != null) {
-            applicationPolicy.close();
+        if ( realmPolicy != null )
+        {
+            realmPolicy.close();
         }
-        applicationPolicy = null;
+        realmPolicy = null;
     }
 
 
     /**
      * N.B. this test tends to fail run in IDE's due to a ProtectionDomain on the stack
      * that does not have any Principals.
-     *
+     * <p/>
      * N.B. this test succeeds when it is the only test.  Disabling since the other test
is more interesting.
      *
      * @throws Exception
      */
-    public void xtestLogin() throws Exception {
-        PolicyContext.setContextID(APP_NAME);
-        PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(APP_NAME,
false);
+    public void xtestLogin() throws Exception
+    {
+        PolicyContext.setContextID( APP_NAME );
+        PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(
APP_NAME, false );
         policyConfiguration.commit();
-        StringPermission perm = new StringPermission("mockPerm0");
-        applicationPolicy = ApplicationPolicyFactory.newInstance(providerUrl, props);
+        StringPermission perm = new StringPermission( "mockPerm0" );
+        realmPolicy = RealmPolicyFactory.newInstance( providerUrl, props );
 
-        checkPermission(perm);
+        checkPermission( perm );
     }
 
-    public void testAddPermission() throws Exception {
-        StringPermission perm = new StringPermission("mockPerm100");
-        PolicyContext.setContextID(APP_NAME);
-        PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(APP_NAME,
false);
-        policyConfiguration.addToRole("mockRole1", perm);
+    public void testAddPermission() throws Exception
+    {
+        StringPermission perm = new StringPermission( "mockPerm100" );
+        PolicyContext.setContextID( APP_NAME );
+        PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(
APP_NAME, false );
+        policyConfiguration.addToRole( "mockRole1", perm );
         policyConfiguration.commit();
-        applicationPolicy = ApplicationPolicyFactory.newInstance(providerUrl, props);
+        realmPolicy = RealmPolicyFactory.newInstance( providerUrl, props );
 
-        InitialDirContext ctx = getContext(providerUrl, props);
+        InitialDirContext ctx = getContext( providerUrl, props );
 
         String contextDn = "roleName=mockRole1,ou=roles,appName=mockContext,appName=mockApplication,ou=applications";
         Attributes attrs = ctx.getAttributes( contextDn );
         assertEquals( "mockPerm0", ( String ) attrs.get( "grants" ).get() );
 
-        checkPermission(perm);
+        checkPermission( perm );
     }
 
-    private InitialDirContext getContext(String url, Properties info) {
+    private InitialDirContext getContext( String url, Properties info )
+    {
         if ( url == null )
         {
             throw new IllegalArgumentException( "A non-null url must be provided." );
@@ -205,70 +217,89 @@
     }
 
 
-    private void checkPermission(StringPermission perm) throws LoginException {
+    private void checkPermission( StringPermission perm ) throws LoginException
+    {
         Map<String, Object> options = new HashMap<String, Object>();
-        options.put(Context.PROVIDER_URL, providerUrl);
-        options.put(Context.SECURITY_AUTHENTICATION, "simple");
-        options.put( LdapBindLoginModule.REALM_KEY, "example.com");
-        options.put( TriplesecRealmPrincipalLoginModule.POLICY_KEY, applicationPolicy );
+        options.put( Context.PROVIDER_URL, providerUrl );
+        options.put( Context.SECURITY_AUTHENTICATION, "simple" );
+        options.put( LdapBindLoginModule.REALM_KEY, "example.com" );
+        options.put( TriplesecRealmPrincipalLoginModule.POLICY_KEY, realmPolicy );
         LoginModule module = new TriplesecRealmPrincipalLoginModule();
         Subject subject = new Subject();
 //        CallbackHandler callbackHandler = new TestCallbackHandler("akarasulu", "mockProfile1",
"maxwell".toCharArray());
         CallbackHandler callbackHandler = null;
         Map<String, Object> sharedState = new HashMap<String, Object>();
-        sharedState.put(TriplesecRealmPrincipalLoginModule.PROFILE_KEY, "mockProfile1");
-        module.initialize(subject, callbackHandler, sharedState, options);
+        sharedState.put( TriplesecRealmPrincipalLoginModule.PROFILE_KEY, "mockProfile1" );
+        module.initialize( subject, callbackHandler, sharedState, options );
         module.login();
         module.commit();
 
-        final AccessControlContext acc = (AccessControlContext) Subject.doAsPrivileged(subject,
new PrivilegedAction() {
-            public Object run() {
+        PolicyContext.setContextID( APP_NAME );
+        
+        final AccessControlContext acc = ( AccessControlContext ) Subject.doAsPrivileged(
subject, new PrivilegedAction()
+        {
+            public Object run()
+            {
                 return AccessController.getContext();
             }
-        }, null);
-        acc.checkPermission(perm);
+        }, null );
+        acc.checkPermission( perm );
 
-        assertTrue((Boolean)Subject.doAsPrivileged(subject, new PrivilegedAction() {
+        assertTrue( ( Boolean ) Subject.doAsPrivileged( subject, new PrivilegedAction()
+        {
 
-            public Object run() {
-                try {
-                    acc.checkPermission(new StringPermission("mockPerm0"));
+            public Object run()
+            {
+                try
+                {
+                    acc.checkPermission( new StringPermission( "mockPerm0" ) );
                     return true;
-                } catch (AccessControlException  e) {
+                } catch ( AccessControlException e )
+                {
                     return false;
                 }
             }
-        }, null));
-        assertTrue((Boolean)Subject.doAs(subject, new PrivilegedAction() {
+        }, null ) );
+        assertTrue( ( Boolean ) Subject.doAs( subject, new PrivilegedAction()
+        {
 
-            public Object run() {
-                try {
-                    acc.checkPermission(new StringPermission("mockPerm0"));
+            public Object run()
+            {
+                try
+                {
+                    acc.checkPermission( new StringPermission( "mockPerm0" ) );
                     return true;
-                } catch (AccessControlException  e) {
+                } catch ( AccessControlException e )
+                {
                     return false;
                 }
             }
-        }));
+        } ) );
     }
 
-    private static class TestCallbackHandler implements CallbackHandler {
+    private static class TestCallbackHandler implements CallbackHandler
+    {
         private final String name;
         private final String profileId;
         private final char[] password;
 
-        public TestCallbackHandler(String name, String profileId, char[] password) {
+        public TestCallbackHandler( String name, String profileId, char[] password )
+        {
             this.name = name;
             this.profileId = profileId;
             this.password = password;
         }
 
-        public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
-            for (Callback callback : callbacks) {
-                if (callback instanceof NameCallback) {
-                    ((NameCallback) callback).setName(name);
-                } else if (callback instanceof PasswordCallback) {
-                    ((PasswordCallback) callback).setPassword(password);
+        public void handle( Callback[] callbacks ) throws IOException, UnsupportedCallbackException
+        {
+            for ( Callback callback : callbacks )
+            {
+                if ( callback instanceof NameCallback )
+                {
+                    ( ( NameCallback ) callback ).setName( name );
+                } else if ( callback instanceof PasswordCallback )
+                {
+                    ( ( PasswordCallback ) callback ).setPassword( password );
 //                } else if (callback instanceof ProfileIdCallback) {
 //                    ((ProfileIdCallback) callback).setProfileId(profileId);
                 }



Mime
View raw message