jena-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cla...@apache.org
Subject [5/5] jena git commit: Added example code Added example.jar Added example fuseki configuration
Date Sat, 24 Jan 2015 21:11:10 GMT
Added example code
Added example.jar
Added example fuseki configuration


Project: http://git-wip-us.apache.org/repos/asf/jena/repo
Commit: http://git-wip-us.apache.org/repos/asf/jena/commit/0e135b58
Tree: http://git-wip-us.apache.org/repos/asf/jena/tree/0e135b58
Diff: http://git-wip-us.apache.org/repos/asf/jena/diff/0e135b58

Branch: refs/heads/master
Commit: 0e135b58afd159487f9f156251582064a4104249
Parents: 51f169e
Author: Claude Warren <claude@apache.org>
Authored: Sat Jan 24 21:08:11 2015 +0000
Committer: Claude Warren <claude@apache.org>
Committed: Sat Jan 24 21:08:11 2015 +0000

----------------------------------------------------------------------
 jena-security/pom.xml                           |  68 +++++++++
 .../jena/security/example/ExampleEvaluator.java | 147 ++++++++++++++++++
 .../jena/security/example/SecurityExample.java  |  93 +++++++++++
 .../security/example/ShiroExampleEvaluator.java | 153 +++++++++++++++++++
 .../jena/security/example/ExampleEvaluator.java | 147 ------------------
 .../jena/security/example/SecurityExample.java  |  93 -----------
 .../apache/jena/security/example/example.ttl    |  49 ------
 .../apache/jena/security/example/example.ttl    |  49 ++++++
 .../jena/security/example/fuseki/config.ttl     |  82 ++++++++++
 .../jena/security/example/fuseki/shiro.ini      |  47 ++++++
 .../apache/jena/security/query/DataSetTest.java |   4 +-
 .../jena/security/query/QueryEngineTest.java    |   7 +-
 12 files changed, 645 insertions(+), 294 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/pom.xml
----------------------------------------------------------------------
diff --git a/jena-security/pom.xml b/jena-security/pom.xml
index 0b4bd80..7632b64 100644
--- a/jena-security/pom.xml
+++ b/jena-security/pom.xml
@@ -62,10 +62,45 @@
 	<build>
 		<plugins>
 			<plugin>
+	        	<groupId>org.codehaus.mojo</groupId>
+	        	<artifactId>build-helper-maven-plugin</artifactId>
+	        	<version>1.9.1</version>
+	        	<executions>
+	          		<execution>
+	            		<id>add-example-source</id>
+	            		<phase>generate-sources</phase>
+	            		<goals>
+	              			<goal>add-source</goal>
+	            		</goals>
+	            		<configuration>
+	              			<sources>
+	                			<source>src/example/java</source>
+	              			</sources>
+	            		</configuration>
+	          		</execution>
+	          		<execution>
+	            		<id>add-example-resource</id>
+	            		<phase>generate-sources</phase>
+	            		<goals>
+	              			<goal>add-resource</goal>
+	            		</goals>
+	            		<configuration>
+	              			<resources>
+	                			<resource>
+	                				<directory>src/example/resources</directory>
+	                				<targetPath>${project.build.outputDirectory}</targetPath>
+	                			</resource>
+	              			</resources>
+	            		</configuration>
+	          		</execution>
+	        	</executions>
+	      	</plugin>
+			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-javadoc-plugin</artifactId>
 				<!--  <version>2.9</version> -->
 				<configuration>
+					<excludePackageNames>org.apache.jena.security.example:org.apache.jena.security.example.*</excludePackageNames>
 					<tags>
 						<tag>
 							<name>sec.graph</name>
@@ -81,6 +116,7 @@
 						</tag>
 					</tags>
 					<overview>${basedir}/src/main/overview.html</overview>
+					 
 				</configuration>
 				<executions>
 					<execution>
@@ -94,12 +130,38 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-jar-plugin</artifactId>
+				<configuration>
+              		<excludes>
+                		<exclude>org/apache/jena/security/example/**</exclude>
+              		</excludes>
+            	</configuration>
 				<executions>
 					<execution>
+						<id>create-test-jar</id>
 						<goals>
 							<goal>test-jar</goal>
 						</goals>
 					</execution>
+					<execution>
+						<id>create-example-jar</id>
+		            	<phase>package</phase>
+		            	<goals>
+		              		<goal>jar</goal>
+		            	</goals>
+		            	<configuration>
+		            		<classedDirectory>target</classedDirectory>
+		              		<classifier>example</classifier>
+		              		<includes>
+		                		<include>../src/example/**</include>
+		                		<include>../src/example</include>
+		                		<include>META-INF/**</include>
+		                		<include>org/apache/jena/security/example/**</include>
+		              		</includes>
+		              		<excludes>
+		              			<exclude>META-INF/DEPENDENCIES</exclude>
+		              		</excludes>
+		            	</configuration>
+		          	</execution>
 				</executions>
 			</plugin>
 		</plugins>
@@ -131,5 +193,11 @@
 			<groupId>org.apache.commons</groupId>
 			<artifactId>commons-lang3</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.apache.shiro</groupId>
+			<artifactId>shiro-core</artifactId>
+			<version>1.2.2</version>
+			<scope>provided</scope>
+		</dependency>
 	</dependencies>
 </project>

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/example/java/org/apache/jena/security/example/ExampleEvaluator.java
----------------------------------------------------------------------
diff --git a/jena-security/src/example/java/org/apache/jena/security/example/ExampleEvaluator.java
b/jena-security/src/example/java/org/apache/jena/security/example/ExampleEvaluator.java
new file mode 100644
index 0000000..2ec4cb0
--- /dev/null
+++ b/jena-security/src/example/java/org/apache/jena/security/example/ExampleEvaluator.java
@@ -0,0 +1,147 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jena.security.example;
+
+import java.security.Principal;
+import java.util.Set;
+
+import org.apache.http.auth.BasicUserPrincipal;
+import org.apache.jena.security.SecurityEvaluator;
+
+import com.hp.hpl.jena.graph.NodeFactory;
+import com.hp.hpl.jena.rdf.model.AnonId;
+import com.hp.hpl.jena.rdf.model.Model;
+import com.hp.hpl.jena.rdf.model.Property;
+import com.hp.hpl.jena.rdf.model.RDFNode;
+import com.hp.hpl.jena.rdf.model.Resource;
+import com.hp.hpl.jena.rdf.model.ResourceFactory;
+import com.hp.hpl.jena.vocabulary.RDF;
+
+/**
+ * An example evaluator that only provides access to messages in the graph that 
+ * are from or to the principal.
+ *
+ */
+public class ExampleEvaluator implements SecurityEvaluator {
+	
+	private Principal principal;
+	private Model model;
+	private RDFNode msgType = ResourceFactory.createResource( "http://example.com/msg" );
+	private Property pTo = ResourceFactory.createProperty( "http://example.com/to" );
+	private Property pFrom = ResourceFactory.createProperty( "http://example.com/from" );
+	
+	/**
+	 * 
+	 * @param model The graph we are going to evaluate against.
+	 */
+	public ExampleEvaluator( Model model )
+	{
+		this.model = model;
+	}
+	
+	@Override
+	public boolean evaluate(Object principal, Action action, SecNode graphIRI) {
+		// we allow any action on a graph.
+		return true;
+	}
+
+	private boolean evaluate( Object principalObj, Resource r )
+	{
+		Principal principal = (Principal)principalObj;
+		// a message is only available to sender or recipient
+		if (r.hasProperty( RDF.type, msgType ))
+		{
+			return r.hasProperty( pTo, principal.getName() ) ||
+					r.hasProperty( pFrom, principal.getName());
+		}
+		return true;	
+	}
+	
+	private boolean evaluate( Object principal, SecNode node )
+	{
+		if (node.equals( SecNode.ANY )) {
+			return false;  // all wild cards are false
+		}
+		
+		if (node.getType().equals( SecNode.Type.URI)) {
+			Resource r = model.createResource( node.getValue() );
+			return evaluate( principal, r );
+		}
+		else if (node.getType().equals( SecNode.Type.Anonymous)) {
+			Resource r = model.getRDFNode( NodeFactory.createAnon( new AnonId( node.getValue()) )
).asResource();
+			return evaluate( principal, r );
+		}
+		else
+		{
+			return true;
+		}
+
+	}
+	
+	private boolean evaluate( Object principal, SecTriple triple ) {
+		return evaluate( principal, triple.getSubject()) &&
+				evaluate( principal, triple.getObject()) &&
+				evaluate( principal, triple.getPredicate());
+	}
+	
+	@Override
+	public boolean evaluate(Object principal, Action action, SecNode graphIRI, SecTriple triple)
{
+		return evaluate( principal, triple );
+	}
+
+	@Override
+	public boolean evaluate(Object principal, Set<Action> actions, SecNode graphIRI) {
+		return true;
+	}
+
+	@Override
+	public boolean evaluate(Object principal, Set<Action> actions, SecNode graphIRI,
+			SecTriple triple) {
+		return evaluate( principal, triple );
+	}
+
+	@Override
+	public boolean evaluateAny(Object principal, Set<Action> actions, SecNode graphIRI)
{
+		return true;
+	}
+
+	@Override
+	public boolean evaluateAny(Object principal, Set<Action> actions, SecNode graphIRI,
+			SecTriple triple) {
+		return evaluate( principal, triple );
+	}
+
+	@Override
+	public boolean evaluateUpdate(Object principal, SecNode graphIRI, SecTriple from, SecTriple
to) {
+		return evaluate( principal, from ) && evaluate( principal, to );
+	}
+
+	public void setPrincipal( String userName )
+	{
+		if (userName == null)
+		{
+			principal = null;
+		}
+		principal = new BasicUserPrincipal( userName );
+	}
+	@Override
+	public Principal getPrincipal() {
+		return principal;
+	}
+
+}

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/example/java/org/apache/jena/security/example/SecurityExample.java
----------------------------------------------------------------------
diff --git a/jena-security/src/example/java/org/apache/jena/security/example/SecurityExample.java
b/jena-security/src/example/java/org/apache/jena/security/example/SecurityExample.java
new file mode 100644
index 0000000..9a8ae36
--- /dev/null
+++ b/jena-security/src/example/java/org/apache/jena/security/example/SecurityExample.java
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jena.security.example;
+
+import java.net.URL;
+
+import org.apache.jena.security.Factory;
+
+import com.hp.hpl.jena.rdf.model.Model;
+import com.hp.hpl.jena.rdf.model.ModelFactory;
+import com.hp.hpl.jena.rdf.model.Property;
+import com.hp.hpl.jena.rdf.model.RDFNode;
+import com.hp.hpl.jena.rdf.model.ResIterator;
+import com.hp.hpl.jena.rdf.model.Resource;
+import com.hp.hpl.jena.rdf.model.ResourceFactory;
+import com.hp.hpl.jena.rdf.model.Statement;
+import com.hp.hpl.jena.vocabulary.RDF;
+
+public class SecurityExample {
+
+	/**
+	 * @param args
+	 */
+
+	public static void main(String[] args) {
+		String[] names = { "alice", "bob", "chuck", "darla" };
+
+		RDFNode msgType = ResourceFactory
+				.createResource("http://example.com/msg");
+		Property pTo = ResourceFactory.createProperty("http://example.com/to");
+		Property pFrom = ResourceFactory
+				.createProperty("http://example.com/from");
+		Property pSubj = ResourceFactory
+				.createProperty("http://example.com/subj");
+
+		Model model = ModelFactory.createDefaultModel();
+		URL url = SecurityExample.class.getClassLoader().getResource(
+				"org/apache/jena/security/example/example.ttl");
+		model.read(url.toExternalForm());
+		ResIterator ri = model.listSubjectsWithProperty(RDF.type, msgType);
+		System.out.println("All the messages");
+		while (ri.hasNext()) {
+			Resource msg = ri.next();
+			Statement to = msg.getProperty(pTo);
+			Statement from = msg.getProperty(pFrom);
+			Statement subj = msg.getProperty(pSubj);
+			System.out.println(String.format("%s to: %s  from: %s  subj: %s",
+					msg, to.getObject(), from.getObject(), subj.getObject()));
+		}
+		System.out.println();
+
+		ExampleEvaluator evaluator = new ExampleEvaluator(model);
+		model = Factory.getInstance(evaluator,
+				"http://example.com/SecuredModel", model);
+		for (String userName : names) {
+			evaluator.setPrincipal(userName);
+
+			System.out.println("Messages " + userName + " can manipulate");
+			ri = model.listSubjectsWithProperty(RDF.type, msgType);
+			while (ri.hasNext()) {
+				Resource msg = ri.next();
+				Statement to = msg.getProperty(pTo);
+				Statement from = msg.getProperty(pFrom);
+				Statement subj = msg.getProperty(pSubj);
+				System.out.println(String.format(
+						"%s to: %s  from: %s  subj: %s", msg, to.getObject(),
+						from.getObject(), subj.getObject()));
+			}
+			ri.close();
+			for (String name : names)
+			{
+				System.out.println( String.format( "%s messages to %s", model.listSubjectsWithProperty(
pTo, name ).toList().size(), name ) );
+			}
+			System.out.println();
+		}
+	}
+
+}

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/example/java/org/apache/jena/security/example/ShiroExampleEvaluator.java
----------------------------------------------------------------------
diff --git a/jena-security/src/example/java/org/apache/jena/security/example/ShiroExampleEvaluator.java
b/jena-security/src/example/java/org/apache/jena/security/example/ShiroExampleEvaluator.java
new file mode 100644
index 0000000..87fca4e
--- /dev/null
+++ b/jena-security/src/example/java/org/apache/jena/security/example/ShiroExampleEvaluator.java
@@ -0,0 +1,153 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jena.security.example;
+
+import java.util.Set;
+
+import org.apache.jena.security.SecurityEvaluator;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.subject.Subject;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.hp.hpl.jena.graph.NodeFactory;
+import com.hp.hpl.jena.rdf.model.AnonId;
+import com.hp.hpl.jena.rdf.model.Model;
+import com.hp.hpl.jena.rdf.model.Property;
+import com.hp.hpl.jena.rdf.model.RDFNode;
+import com.hp.hpl.jena.rdf.model.Resource;
+import com.hp.hpl.jena.rdf.model.ResourceFactory;
+import com.hp.hpl.jena.vocabulary.RDF;
+
+/**
+ * Class to use Shiro to provide credentials.
+ * Used for same example as ExampleEvaluator
+ *
+ */
+public class ShiroExampleEvaluator implements SecurityEvaluator {
+
+	private static final Logger LOG = LoggerFactory.getLogger(ShiroExampleEvaluator.class);
+	private Model model;
+	private RDFNode msgType = ResourceFactory.createResource( "http://example.com/msg" );
+	private Property pTo = ResourceFactory.createProperty( "http://example.com/to" );
+	private Property pFrom = ResourceFactory.createProperty( "http://example.com/from" );
+	
+	/**
+	 * 
+	 * @param model The graph we are going to evaluate against.
+	 */
+	public ShiroExampleEvaluator( Model model )
+	{
+		this.model = model;
+	}
+	
+	@Override
+	public boolean evaluate(Object principal, Action action, SecNode graphIRI) {
+		// we allow any action on a graph.
+		return true;
+	}
+
+	private boolean evaluate( Object principalObj, Resource r )
+	{
+		Subject subject = (Subject)principalObj;
+		if (! subject.isAuthenticated())
+		{
+			LOG.info( "User not authenticated");
+			return false;
+		}
+		// a message is only available to sender or recipient
+		LOG.debug( "checking {}", subject.getPrincipal());
+		Object principal = subject.getPrincipal();
+		if ("admin".equals(principal.toString()))
+		{
+			return true;
+		}
+		if (r.hasProperty( RDF.type, msgType ))
+		{
+			return r.hasProperty( pTo, subject.getPrincipal().toString() ) ||
+					r.hasProperty( pFrom, subject.getPrincipal().toString());
+		}
+		return true;	
+	}
+	
+	private boolean evaluate( Object principal, SecNode node )
+	{
+		if (node.equals( SecNode.ANY )) {
+			return false;  // all wild cards are false
+		}
+		
+		if (node.getType().equals( SecNode.Type.URI)) {
+			Resource r = model.createResource( node.getValue() );
+			return evaluate( principal, r );
+		}
+		else if (node.getType().equals( SecNode.Type.Anonymous)) {
+			Resource r = model.getRDFNode( NodeFactory.createAnon( new AnonId( node.getValue()) )
).asResource();
+			return evaluate( principal, r );
+		}
+		else
+		{
+			return true;
+		}
+
+	}
+	
+	private boolean evaluate( Object principal, SecTriple triple ) {
+		return evaluate( principal, triple.getSubject()) &&
+				evaluate( principal, triple.getObject()) &&
+				evaluate( principal, triple.getPredicate());
+	}
+	
+	@Override
+	public boolean evaluate(Object principal, Action action, SecNode graphIRI, SecTriple triple)
{
+		return evaluate( principal, triple );
+	}
+
+	@Override
+	public boolean evaluate(Object principal, Set<Action> actions, SecNode graphIRI) {
+		return true;
+	}
+
+	@Override
+	public boolean evaluate(Object principal, Set<Action> actions, SecNode graphIRI,
+			SecTriple triple) {
+		return evaluate( principal, triple );
+	}
+
+	@Override
+	public boolean evaluateAny(Object principal, Set<Action> actions, SecNode graphIRI)
{
+		return true;
+	}
+
+	@Override
+	public boolean evaluateAny(Object principal, Set<Action> actions, SecNode graphIRI,
+			SecTriple triple) {
+		return evaluate( principal, triple );
+	}
+
+	@Override
+	public boolean evaluateUpdate(Object principal, SecNode graphIRI, SecTriple from, SecTriple
to) {
+		return evaluate( principal, from ) && evaluate( principal, to );
+	}
+
+	@Override
+	public Object getPrincipal() {
+		return SecurityUtils.getSubject();
+	}
+
+
+}

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/example/org/apache/jena/security/example/ExampleEvaluator.java
----------------------------------------------------------------------
diff --git a/jena-security/src/example/org/apache/jena/security/example/ExampleEvaluator.java
b/jena-security/src/example/org/apache/jena/security/example/ExampleEvaluator.java
deleted file mode 100644
index 9a1831a..0000000
--- a/jena-security/src/example/org/apache/jena/security/example/ExampleEvaluator.java
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jena.security.example;
-
-import java.security.Principal;
-import java.util.Set;
-
-import org.apache.http.auth.BasicUserPrincipal;
-import org.apache.jena.security.SecurityEvaluator;
-
-import com.hp.hpl.jena.graph.Node;
-import com.hp.hpl.jena.graph.NodeFactory;
-import com.hp.hpl.jena.rdf.model.AnonId;
-import com.hp.hpl.jena.rdf.model.Model;
-import com.hp.hpl.jena.rdf.model.Property;
-import com.hp.hpl.jena.rdf.model.RDFNode;
-import com.hp.hpl.jena.rdf.model.Resource;
-import com.hp.hpl.jena.rdf.model.ResourceFactory;
-import com.hp.hpl.jena.vocabulary.RDF;
-
-/**
- * An example evaluator that only provides access ot messages in the graph that 
- * are from or to the principal.
- *
- */
-public class ExampleEvaluator implements SecurityEvaluator {
-	
-	private Principal principal;
-	private Model model;
-	private RDFNode msgType = ResourceFactory.createResource( "http://example.com/msg" );
-	private Property pTo = ResourceFactory.createProperty( "http://example.com/to" );
-	private Property pFrom = ResourceFactory.createProperty( "http://example.com/from" );
-	
-	/**
-	 * 
-	 * @param model The graph we are going to evaluate against.
-	 */
-	public ExampleEvaluator( Model model )
-	{
-		this.model = model;
-	}
-	
-	@Override
-	public boolean evaluate(Action action, SecNode graphIRI) {
-		// we allow any action on a graph.
-		return true;
-	}
-
-	private boolean evaluate( Resource r )
-	{
-		// a message is only available to sender or recipient
-		if (r.hasProperty( RDF.type, msgType ))
-		{
-			return r.hasProperty( pTo, principal.getName() ) ||
-					r.hasProperty( pFrom, principal.getName());
-		}
-		return true;	
-	}
-	
-	private boolean evaluate( SecNode node )
-	{
-		if (node.equals( SecNode.ANY )) {
-			return false;  // all wild cards are false
-		}
-		
-		if (node.getType().equals( SecNode.Type.URI)) {
-			Resource r = model.createResource( node.getValue() );
-			return evaluate( r );
-		}
-		else if (node.getType().equals( SecNode.Type.Anonymous)) {
-			Resource r = model.getRDFNode( NodeFactory.createAnon( new AnonId( node.getValue()) )
).asResource();
-			return evaluate( r );
-		}
-		else
-		{
-			return true;
-		}
-
-	}
-	
-	private boolean evaluate( SecTriple triple ) {
-		return evaluate( triple.getSubject()) &&
-				evaluate( triple.getObject()) &&
-				evaluate( triple.getPredicate());
-	}
-	
-	@Override
-	public boolean evaluate(Action action, SecNode graphIRI, SecTriple triple) {
-		return evaluate( triple );
-	}
-
-	@Override
-	public boolean evaluate(Set<Action> actions, SecNode graphIRI) {
-		return true;
-	}
-
-	@Override
-	public boolean evaluate(Set<Action> actions, SecNode graphIRI,
-			SecTriple triple) {
-		return evaluate( triple );
-	}
-
-	@Override
-	public boolean evaluateAny(Set<Action> actions, SecNode graphIRI) {
-		return true;
-	}
-
-	@Override
-	public boolean evaluateAny(Set<Action> actions, SecNode graphIRI,
-			SecTriple triple) {
-		return evaluate( triple );
-	}
-
-	@Override
-	public boolean evaluateUpdate(SecNode graphIRI, SecTriple from, SecTriple to) {
-		return evaluate( from ) && evaluate( to );
-	}
-
-	public void setPrincipal( String userName )
-	{
-		if (userName == null)
-		{
-			principal = null;
-		}
-		principal = new BasicUserPrincipal( userName );
-	}
-	@Override
-	public Principal getPrincipal() {
-		return principal;
-	}
-
-}

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/example/org/apache/jena/security/example/SecurityExample.java
----------------------------------------------------------------------
diff --git a/jena-security/src/example/org/apache/jena/security/example/SecurityExample.java
b/jena-security/src/example/org/apache/jena/security/example/SecurityExample.java
deleted file mode 100644
index 9a8ae36..0000000
--- a/jena-security/src/example/org/apache/jena/security/example/SecurityExample.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jena.security.example;
-
-import java.net.URL;
-
-import org.apache.jena.security.Factory;
-
-import com.hp.hpl.jena.rdf.model.Model;
-import com.hp.hpl.jena.rdf.model.ModelFactory;
-import com.hp.hpl.jena.rdf.model.Property;
-import com.hp.hpl.jena.rdf.model.RDFNode;
-import com.hp.hpl.jena.rdf.model.ResIterator;
-import com.hp.hpl.jena.rdf.model.Resource;
-import com.hp.hpl.jena.rdf.model.ResourceFactory;
-import com.hp.hpl.jena.rdf.model.Statement;
-import com.hp.hpl.jena.vocabulary.RDF;
-
-public class SecurityExample {
-
-	/**
-	 * @param args
-	 */
-
-	public static void main(String[] args) {
-		String[] names = { "alice", "bob", "chuck", "darla" };
-
-		RDFNode msgType = ResourceFactory
-				.createResource("http://example.com/msg");
-		Property pTo = ResourceFactory.createProperty("http://example.com/to");
-		Property pFrom = ResourceFactory
-				.createProperty("http://example.com/from");
-		Property pSubj = ResourceFactory
-				.createProperty("http://example.com/subj");
-
-		Model model = ModelFactory.createDefaultModel();
-		URL url = SecurityExample.class.getClassLoader().getResource(
-				"org/apache/jena/security/example/example.ttl");
-		model.read(url.toExternalForm());
-		ResIterator ri = model.listSubjectsWithProperty(RDF.type, msgType);
-		System.out.println("All the messages");
-		while (ri.hasNext()) {
-			Resource msg = ri.next();
-			Statement to = msg.getProperty(pTo);
-			Statement from = msg.getProperty(pFrom);
-			Statement subj = msg.getProperty(pSubj);
-			System.out.println(String.format("%s to: %s  from: %s  subj: %s",
-					msg, to.getObject(), from.getObject(), subj.getObject()));
-		}
-		System.out.println();
-
-		ExampleEvaluator evaluator = new ExampleEvaluator(model);
-		model = Factory.getInstance(evaluator,
-				"http://example.com/SecuredModel", model);
-		for (String userName : names) {
-			evaluator.setPrincipal(userName);
-
-			System.out.println("Messages " + userName + " can manipulate");
-			ri = model.listSubjectsWithProperty(RDF.type, msgType);
-			while (ri.hasNext()) {
-				Resource msg = ri.next();
-				Statement to = msg.getProperty(pTo);
-				Statement from = msg.getProperty(pFrom);
-				Statement subj = msg.getProperty(pSubj);
-				System.out.println(String.format(
-						"%s to: %s  from: %s  subj: %s", msg, to.getObject(),
-						from.getObject(), subj.getObject()));
-			}
-			ri.close();
-			for (String name : names)
-			{
-				System.out.println( String.format( "%s messages to %s", model.listSubjectsWithProperty(
pTo, name ).toList().size(), name ) );
-			}
-			System.out.println();
-		}
-	}
-
-}

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/example/org/apache/jena/security/example/example.ttl
----------------------------------------------------------------------
diff --git a/jena-security/src/example/org/apache/jena/security/example/example.ttl b/jena-security/src/example/org/apache/jena/security/example/example.ttl
deleted file mode 100644
index 7047629..0000000
--- a/jena-security/src/example/org/apache/jena/security/example/example.ttl
+++ /dev/null
@@ -1,49 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-@prefix ex: <http://example.com/> .
-@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
-
-ex:msg1 rdf:type ex:msg; 
-	ex:to "bob";
-	ex:from "alice" ;
-	ex:subj "alice to bob 1";
-	.
-
-ex:msg2  rdf:type ex:msg; 
-	ex:to "alice";
-	ex:from "bob";
-	ex:subj "bob to alice 1";
-	.
-	
-ex:msg3  rdf:type ex:msg; 
-	ex:to "chuck" ;
-	ex:from "alice";
-	ex:subj "alice to chuck 1";
-	.
-	
-ex:msg4  rdf:type ex:msg; 
-	ex:to "darla" ;
-	ex:from "bob" ;
-	ex:subj "bob to darla 1"
-	.
-
-ex:msg5  rdf:type ex:msg; 
-	ex:to "alice";
-	ex:from "bob";
-	ex:subj "bob to alice 2";
-	.
-	
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/example/resources/org/apache/jena/security/example/example.ttl
----------------------------------------------------------------------
diff --git a/jena-security/src/example/resources/org/apache/jena/security/example/example.ttl
b/jena-security/src/example/resources/org/apache/jena/security/example/example.ttl
new file mode 100644
index 0000000..7047629
--- /dev/null
+++ b/jena-security/src/example/resources/org/apache/jena/security/example/example.ttl
@@ -0,0 +1,49 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+@prefix ex: <http://example.com/> .
+@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+
+ex:msg1 rdf:type ex:msg; 
+	ex:to "bob";
+	ex:from "alice" ;
+	ex:subj "alice to bob 1";
+	.
+
+ex:msg2  rdf:type ex:msg; 
+	ex:to "alice";
+	ex:from "bob";
+	ex:subj "bob to alice 1";
+	.
+	
+ex:msg3  rdf:type ex:msg; 
+	ex:to "chuck" ;
+	ex:from "alice";
+	ex:subj "alice to chuck 1";
+	.
+	
+ex:msg4  rdf:type ex:msg; 
+	ex:to "darla" ;
+	ex:from "bob" ;
+	ex:subj "bob to darla 1"
+	.
+
+ex:msg5  rdf:type ex:msg; 
+	ex:to "alice";
+	ex:from "bob";
+	ex:subj "bob to alice 2";
+	.
+	
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/example/resources/org/apache/jena/security/example/fuseki/config.ttl
----------------------------------------------------------------------
diff --git a/jena-security/src/example/resources/org/apache/jena/security/example/fuseki/config.ttl
b/jena-security/src/example/resources/org/apache/jena/security/example/fuseki/config.ttl
new file mode 100644
index 0000000..6f4a3af
--- /dev/null
+++ b/jena-security/src/example/resources/org/apache/jena/security/example/fuseki/config.ttl
@@ -0,0 +1,82 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+@prefix fuseki:  <http://jena.apache.org/fuseki#> .
+@prefix tdb:     <http://jena.hpl.hp.com/2008/tdb#> .
+@prefix rdf:     <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix rdfs:    <http://www.w3.org/2000/01/rdf-schema#> .
+@prefix ja:      <http://jena.hpl.hp.com/2005/11/Assembler#> .
+@prefix sec:    <http://apache.org/jena/security/Assembler#> .
+@prefix my:     <http://example.org/#> .
+
+#[] ja:loadClass "com.hp.hpl.jena.tdb.TDB" .
+[] ja:loadClass    "org.apache.jena.security.SecuredAssembler" .
+
+tdb:DatasetTDB  rdfs:subClassOf  ja:RDFDataset .
+tdb:GraphTDB    rdfs:subClassOf  ja:Model .
+sec:Model       rdfs:subClassOf  ja:NamedModel .
+
+my:dataset rdf:type tdb:DatasetTDB;
+    tdb:location "/tmp/myApp" ;
+    tdb:unionDefaultGraph true ;
+    .
+
+my:baseModel rdf:type tdb:GraphTDB ;
+    tdb:dataset my:dataset .   
+
+my:securedModel rdf:type sec:Model ;
+    sec:baseModel my:baseModel ;
+    ja:modelName "https://example.org/securedModel" ;
+    sec:evaluatorImpl my:secEvaluator .
+  
+my:secEvaluator rdf:type sec:Evaluator ;
+    sec:args [  
+        rdf:_1 my:baseModel ;
+    ] ;
+    sec:evaluatorClass "org.apache.jena.security.example.ShiroExampleEvaluator" .
+
+my:securedDataset rdf:type ja:RDFDataset ;
+   ja:defaultGraph my:securedModel .
+
+my:fuseki rdf:type fuseki:Server ;
+   # Server-wide context parameters can be given here.
+   # For example, to set query timeouts: on a server-wide basis:
+   # Format 1: "1000" -- 1 second timeout
+   # Format 2: "10000,60000" -- 10s timeout to first result, then 60s timeout to for rest
of query.
+   # See java doc for ARQ.queryTimeout
+   # ja:context [ ja:cxtName "arq:queryTimeout" ;  ja:cxtValue "10000" ] ;
+
+   # Load custom code (rarely needed)
+   # ja:loadClass "your.code.Class" ;
+
+   # Services available.  Only explicitly listed services are configured.
+   #  If there is a service description not linked from this list, it is ignored.
+   fuseki:services (
+     my:service1
+   ) .
+
+    
+my:service1 rdf:type fuseki:Service ;
+    fuseki:name                       "myAppFuseki" ;       # http://host:port/myAppFuseki
+    fuseki:serviceQuery               "query" ;    # SPARQL query service
+    fuseki:serviceQuery               "sparql" ;   # SPARQL query service
+    fuseki:serviceUpdate              "update" ;   # SPARQL query service
+    fuseki:serviceUpload              "upload" ;   # Non-SPARQL upload service
+    fuseki:serviceReadWriteGraphStore "data" ;     # SPARQL Graph store protocol (read and
write)
+    # A separate ead-only graph store endpoint:
+    fuseki:serviceReadGraphStore      "get" ;      # SPARQL Graph store protocol (read only)
+    fuseki:dataset                   my:securedDataset ;
+    .

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/example/resources/org/apache/jena/security/example/fuseki/shiro.ini
----------------------------------------------------------------------
diff --git a/jena-security/src/example/resources/org/apache/jena/security/example/fuseki/shiro.ini
b/jena-security/src/example/resources/org/apache/jena/security/example/fuseki/shiro.ini
new file mode 100644
index 0000000..d0ce2c3
--- /dev/null
+++ b/jena-security/src/example/resources/org/apache/jena/security/example/fuseki/shiro.ini
@@ -0,0 +1,47 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+[main]
+# Development
+ssl.enabled = false 
+
+plainMatcher=org.apache.shiro.authc.credential.SimpleCredentialsMatcher
+#iniRealm=org.apache.shiro.realm.text.IniRealm 
+iniRealm.credentialsMatcher = $plainMatcher
+
+localhost=org.apache.jena.fuseki.authz.LocalhostFilter
+
+[users]
+# Implicitly adds "iniRealm =  org.apache.shiro.realm.text.IniRealm"
+admin=admin
+alice=alice
+bob=bob
+chuck=chuck
+darla=darla
+
+[roles]
+
+[urls]
+## Control functions open to anyone
+/$/status = anon
+/$/ping   = anon
+
+## restrict access.  Must log in with above.
+/$/** = authcBasic,user[admin]
+
+
+# Everything else
+/**=anon

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/test/java/org/apache/jena/security/query/DataSetTest.java
----------------------------------------------------------------------
diff --git a/jena-security/src/test/java/org/apache/jena/security/query/DataSetTest.java b/jena-security/src/test/java/org/apache/jena/security/query/DataSetTest.java
index 51f3080..ef4bf93 100644
--- a/jena-security/src/test/java/org/apache/jena/security/query/DataSetTest.java
+++ b/jena-security/src/test/java/org/apache/jena/security/query/DataSetTest.java
@@ -209,7 +209,7 @@ public class DataSetTest {
 				{
 					count++;
 					final QuerySolution soln = results.nextSolution();
-					System.out.println( soln );
+					//System.out.println( soln );
 				}
 				// 2x 3 values + type triple
 				Assert.assertEquals(8, count);
@@ -231,7 +231,7 @@ public class DataSetTest {
 				{
 					count++;
 					final QuerySolution soln = results.nextSolution();
-					System.out.println( soln );
+					//System.out.println( soln );
 				}
 				// 2x 3 values + type triple
 				// all are in the base graph so no named graphs

http://git-wip-us.apache.org/repos/asf/jena/blob/0e135b58/jena-security/src/test/java/org/apache/jena/security/query/QueryEngineTest.java
----------------------------------------------------------------------
diff --git a/jena-security/src/test/java/org/apache/jena/security/query/QueryEngineTest.java
b/jena-security/src/test/java/org/apache/jena/security/query/QueryEngineTest.java
index a27e4f6..97da8fa 100644
--- a/jena-security/src/test/java/org/apache/jena/security/query/QueryEngineTest.java
+++ b/jena-security/src/test/java/org/apache/jena/security/query/QueryEngineTest.java
@@ -219,7 +219,7 @@ public class QueryEngineTest {
 				{
 					count++;
 					final QuerySolution soln = results.nextSolution();
-					System.out.println( soln );
+					//System.out.println( soln );
 				}
 				// 2x 3 values + type triple
 				Assert.assertEquals(8, count);
@@ -241,10 +241,11 @@ public class QueryEngineTest {
 				{
 					count++;
 					final QuerySolution soln = results.nextSolution();
-					System.out.println( soln );
+					//System.out.println( soln );
 				}
 				// 2x 3 values + type triple
-				Assert.assertEquals(8, count);
+				// no named graphs so no results.
+				Assert.assertEquals(0, count);
 			}
 			finally
 			{


Mime
View raw message