* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
-
import static org.wamblee.security.authentication.UserMgtException.Reason.*;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
import java.util.Set;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
-
import java.util.Set;
import java.util.TreeSet;
public int size() {
return users.size();
}
-
+
@Override
public void clearCache() {
- // Empty
+ // Empty
}
}
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
import java.security.AccessController;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
import org.apache.commons.codec.binary.Hex;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
/**
* @param aName
* Name
*
- * @return True iff the validationo is ok.
+ * @return True iff the validationo is ok.
*/
boolean validate(String aName);
}
* Password validator.
*/
@Transient
- private NameValidator passwordValidator;
+ private transient NameValidator passwordValidator;
/**
* Password encoder.
*/
@Transient
- private MessageDigester passwordEncoder;
+ private transient MessageDigester passwordEncoder;
/**
* Constructs the user.
*/
@Override
public String toString() {
- String result = "User(name=" + name + ", password=" + password;
+ StringBuffer result = new StringBuffer("User(name=" + name + ", password=" + password);
for (Group group : groups) {
- result += (", group=" + group);
+ result.append(", group=" + group);
}
+ result.append(")");
- return result + ")";
+ return result.toString();
}
/*
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
import java.util.logging.Logger;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
import java.util.List;
* In case there is a conflict with an existing group.
*/
void createGroup(String aName);
-
+
/**
- * Checks if a user exists.
- * @param aUser User to check.
- * @return True iff user exists.
+ * Checks if a user exists.
+ *
+ * @param aUser
+ * User to check.
+ * @return True iff user exists.
*/
boolean checkUser(String aUser);
-
-
+
/**
- * Check if a group exists.
- * @param aGroup Group.
- * @return True iff group exists.
+ * Check if a group exists.
+ *
+ * @param aGroup
+ * Group.
+ * @return True iff group exists.
*/
boolean checkGroup(String aGroup);
-
+
/**
* Checks the password.
*
- * @param aUser
+ * @param aUser
* User to check password for.
* @param aPassword
* Password to check.
- * @throws UserMgtException In case user does not exist.
- * @return True iff password is ok.
+ * @throws UserMgtException
+ * In case user does not exist.
+ * @return True iff password is ok.
*/
boolean checkPassword(String aUser, String aPassword);
* Changes the password.
*
* @param aUser
- * User.
+ * User.
* @param aOldPassword
* Old password.
* @param aNewPassword
* New password.
*
- * @throws UserMgtException Inc ase the user does not exist.
- * @return True if the password was changed.
+ * @throws UserMgtException
+ * Inc ase the user does not exist.
+ * @return True if the password was changed.
*/
- boolean changePassword(String aUser, String aOldPassword, String aNewPassword);
+ boolean changePassword(String aUser, String aOldPassword,
+ String aNewPassword);
/**
*
* @param aPassword
* The password to set.
*
- * @throws UserMgtException Inc ase the user does not exist.
+ * @throws UserMgtException
+ * Inc ase the user does not exist.
*/
void setPassword(String aUser, String aPassword);
/**
* Checks if the user belongs to the given group.
- * @param aUser User
- * @param aGroup Group.
+ *
+ * @param aUser
+ * User
+ * @param aGroup
+ * Group.
* @return True iff user is in group
- * @throws UserMgtException In case the user or group do not exist.
+ * @throws UserMgtException
+ * In case the user or group do not exist.
*/
- boolean isInGroup(String aUser, String aGroup);
+ boolean isInGroup(String aUser, String aGroup);
/**
*
/**
* Gets all groups for a given user.
*
- * @param aUser user.
+ * @param aUser
+ * user.
* @return Groups.
*/
List<String> getGroups(String aUser);
-
+
/**
* Renames a user.
*
group.setName(aNewGroup);
groups.groupModified(group);
- // Because a group has changed, a cached user could contain reference to an old copy of the
- // group. Therefore, we clear the cache in this case.
+ // Because a group has changed, a cached user could contain reference to
+ // an old copy of the
+ // group. Therefore, we clear the cache in this case.
users.clearCache();
}
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
import java.util.EnumMap;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
import java.util.Set;
* @throws UserMgtException
* In case the user cannot be created.
*/
- User createUser(String aUsername, String aPassword)
- throws UserMgtException;
+ User createUser(String aUsername, String aPassword) throws UserMgtException;
/**
* Must be called whenever a user object has been modified to notify the
boolean add(User aUser);
/**
- * Removes a user.
- *
- * @param aUser User to remove
+ * Removes a user.
+ *
+ * @param aUser
+ * User to remove
* @return True iff user was removed.
*
*/
* @return The number of users.
*/
int size();
-
+
/**
- * Clears the user cache.
+ * Clears the user cache.
*/
void clearCache();
}
private EntityManager em;
/**
- * Constructs the group set.
- * @param aEm Contextual reference to an entity manager.
+ * Constructs the group set.
+ *
+ * @param aEm
+ * Contextual reference to an entity manager.
*/
public JpaGroupSet(EntityManager aEm) {
em = aEm;
return false;
}
em.persist(aGroup);
- em.flush(); // to make sure the version is updated.
+ em.flush(); // to make sure the version is updated.
return true;
}
public void userModified(User aUser) {
assert aUser.getPrimaryKey() != null;
User merged = entityManager.merge(aUser);
- // Need to flush the entity manager to make sure the version is updated.
+ // Need to flush the entity manager to make sure the version is updated.
entityManager.flush();
JpaMergeSupport.merge(merged, aUser);
cache.remove(aUser.getName());
}
entityManager.persist(aUser);
- entityManager.flush(); // to make sure the version is updated.
+ entityManager.flush(); // to make sure the version is updated.
setPasswordInfo(aUser);
cache.put(aUser.getName(), aUser);
TypedQuery<User> query = entityManager.createNamedQuery(
User.QUERY_FIND_BY_GROUP_NAME, User.class);
query.setParameter(User.NAME_PARAM, aGroup.getName());
-
+
List<User> list = query.getResultList();
users.addAll(list);
for (User user : users) {
@Override
public int size() {
- Long result = entityManager.createNamedQuery(User.QUERY_COUNT_USERS, Long.class).getSingleResult();
+ Long result = entityManager.createNamedQuery(User.QUERY_COUNT_USERS,
+ Long.class).getSingleResult();
return result.intValue();
}
-
+
@Override
public void clearCache() {
- cache.clear();
+ cache.clear();
}
}
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
/**
* This package provides support for managing users and their authentication.
*
* <br/>
*/
package org.wamblee.security.authentication;
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import javax.persistence.DiscriminatorColumn;
@Inheritance(strategy = InheritanceType.SINGLE_TABLE)
@DiscriminatorColumn(name = "TYPE")
public abstract class AbstractAuthorizationRule implements AuthorizationRule {
-
+
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Version
private int version;
-
- public AbstractAuthorizationRule() {
+
+ public AbstractAuthorizationRule() {
// Empty
}
-
- public AbstractAuthorizationRule(AbstractAuthorizationRule aRule) {
+
+ public AbstractAuthorizationRule(AbstractAuthorizationRule aRule) {
id = aRule.id;
version = aRule.version;
}
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import javax.persistence.DiscriminatorColumn;
@Table(name = "SEC_AUTH_SVC")
@Inheritance(strategy = InheritanceType.SINGLE_TABLE)
@DiscriminatorColumn(name = "TYPE")
-@NamedQueries(
- @NamedQuery(name = AbstractAuthorizationService.QUERY_FIND_BY_NAME,
- query = "select s from AbstractAuthorizationService s where s.name = :" +
- AbstractAuthorizationService.NAME_PARAM)
- )
-public abstract class AbstractAuthorizationService implements AuthorizationService {
-
+@NamedQueries(@NamedQuery(name = AbstractAuthorizationService.QUERY_FIND_BY_NAME, query = "select s from AbstractAuthorizationService s where s.name = :" +
+ AbstractAuthorizationService.NAME_PARAM))
+public abstract class AbstractAuthorizationService implements
+ AuthorizationService {
+
public static final String QUERY_FIND_BY_NAME = "AuthorizationService.findByName";
public static final String NAME_PARAM = "name";
-
+
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Version
private int version;
-
+
/**
* Name for this instance of the authorization service.
*/
- private String name;
-
- public AbstractAuthorizationService() {
- // Empty.
+ private String name;
+
+ public AbstractAuthorizationService() {
+ // Empty.
}
-
- public AbstractAuthorizationService(String aName) {
- name = aName;
+
+ public AbstractAuthorizationService(String aName) {
+ name = aName;
}
-
- public AbstractAuthorizationService(AbstractAuthorizationService aSvc) {
+
+ public AbstractAuthorizationService(AbstractAuthorizationService aSvc) {
id = aSvc.id;
version = aSvc.version;
name = aSvc.name;
}
-
+
public String getName() {
return name;
}
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import javax.persistence.DiscriminatorColumn;
@Inheritance(strategy = InheritanceType.SINGLE_TABLE)
@DiscriminatorColumn(name = "TYPE")
public abstract class AbstractOperationCondition implements OperationCondition {
-
+
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Version
private int version;
-
- public AbstractOperationCondition() {
+
+ public AbstractOperationCondition() {
// Empty
}
-
- public AbstractOperationCondition(AbstractOperationCondition aCondition) {
+
+ public AbstractOperationCondition(AbstractOperationCondition aCondition) {
id = aCondition.id;
version = aCondition.version;
}
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import javax.persistence.DiscriminatorColumn;
@Inheritance(strategy = InheritanceType.SINGLE_TABLE)
@DiscriminatorColumn(name = "TYPE")
public abstract class AbstractPathCondition implements PathCondition {
-
+
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Version
private int version;
-
- public AbstractPathCondition() {
+
+ public AbstractPathCondition() {
// Empty
}
-
- public AbstractPathCondition(AbstractPathCondition aCondition) {
+
+ public AbstractPathCondition(AbstractPathCondition aCondition) {
id = aCondition.id;
version = aCondition.version;
}
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import javax.persistence.DiscriminatorColumn;
@Inheritance(strategy = InheritanceType.SINGLE_TABLE)
@DiscriminatorColumn(name = "TYPE")
public abstract class AbstractUserCondition implements UserCondition {
-
+
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Version
private int version;
-
- public AbstractUserCondition() {
+
+ public AbstractUserCondition() {
// Empty.
}
-
- public AbstractUserCondition(AbstractUserCondition aCondition) {
+
+ public AbstractUserCondition(AbstractUserCondition aCondition) {
id = aCondition.id;
version = aCondition.version;
}
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
-
import javax.persistence.DiscriminatorValue;
import javax.persistence.Entity;
public AnyUserCondition() {
// Empty.
}
-
+
@Override
public void setUserAdmin(UserAdministration aAdmin) {
- // Empty. Don't need user admin.
+ // Empty. Don't need user admin.
}
@Override
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import java.util.logging.Logger;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* @author Erik Brakkee
*/
public interface AuthorizationRule {
-
+
/**
- * Sets the user admnistration to use.
- * @param aAdmin User administration.
+ * Sets the user admnistration to use.
+ *
+ * @param aAdmin
+ * User administration.
*/
- void setUserAdministration(UserAdministration aAdmin);
+ void setUserAdministration(UserAdministration aAdmin);
/**
* Returns the supported object types for which this authorization rule
*
* @return Authorization result.
*/
- AuthorizationResult isAllowed(Object aResource,
- Operation aOperation, String aUser);
+ AuthorizationResult isAllowed(Object aResource, Operation aOperation,
+ String aUser);
}
\ No newline at end of file
* User accessor.
*/
void setUserAccessor(UserAccessor aUserAccessor);
-
+
/**
- * Sets the user administration so that the authorization service can check
+ * Sets the user administration so that the authorization service can check
* information for the the current user.
- *
- * @param aUserAdmin User administration.
+ *
+ * @param aUserAdmin
+ * User administration.
*/
- void setUserAdministration(UserAdministration aUserAdmin);
+ void setUserAdministration(UserAdministration aUserAdmin);
}
\ No newline at end of file
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import java.util.ArrayList;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
-
import javax.persistence.Column;
import javax.persistence.DiscriminatorValue;
import javax.persistence.Entity;
import org.wamblee.security.authentication.UserAdministration;
-
/**
* Checks if a user against a specific group.
*
*/
@Column(name = "GRP")
private String group;
-
+
@Transient
- private UserAdministration admin;
+ private UserAdministration admin;
/**
* Constructs the condition.
protected GroupUserCondition() {
group = null;
}
-
+
@Override
public void setUserAdmin(UserAdministration aAdmin) {
- admin = aAdmin;
+ admin = aAdmin;
}
@Override
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import javax.persistence.Access;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import javax.persistence.DiscriminatorValue;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import javax.persistence.DiscriminatorValue;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import static org.wamblee.security.authorization.AuthorizationResult.*;
* appropriate is determined by a
* {@link org.wamblee.security.authorization.AbstractUserCondition}.</li>
* <li>The operation that is requested. Whether the operation is appropriate is
- * determined by a {@link org.wamblee.security.authorization.AbstractOperationCondition}
- * .</li>
+ * determined by a
+ * {@link org.wamblee.security.authorization.AbstractOperationCondition} .</li>
* </ul>
* In case all three conditions match, the condition returns the configured
* result passed at construction (GRANTED or DENIED). If the resource is not of
/**
* Operation that this rule is for.
*/
-
+
private OperationCondition operationCondition;
/**
*
* @return Authorization result,
*/
- protected AuthorizationResult isAllowedWithPath(String aPath, Operation aOperation,
- String aUser) {
+ protected AuthorizationResult isAllowedWithPath(String aPath,
+ Operation aOperation, String aUser) {
if (!pathCondition.matches(aPath)) {
return UNDECIDED;
}
try {
resourceClass = Class.forName(aResourceClass);
} catch (ClassNotFoundException e) {
- LOGGER.log(Level.SEVERE, "Cannot find resource class '" + aResourceClass + "'",
- e);
+ LOGGER.log(Level.SEVERE, "Cannot find resource class '" +
+ aResourceClass + "'", e);
throw new IllegalArgumentException(e.getMessage(), e);
}
}
protected void setUserCondition(UserCondition aUserCondition) {
userCondition = aUserCondition;
}
-
+
@Override
public void setUserAdministration(UserAdministration aAdmin) {
- userCondition.setUserAdmin(aAdmin);
+ userCondition.setUserAdmin(aAdmin);
}
}
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import org.wamblee.security.authentication.UserAdministration;
* @author Erik Brakkee
*/
public interface UserCondition {
-
+
/**
- * Sets the user administration object.
- * @param aAdmin User administration.
+ * Sets the user administration object.
+ *
+ * @param aAdmin
+ * User administration.
*/
void setUserAdmin(UserAdministration aAdmin);
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
// been made.
service.set(null);
}
-
+
/*
* (non-Javadoc)
*
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
/**
* The authorization package provides an authorization service that can be used to
* check whether users have the rights to perform certain operations.
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
import java.util.Set;
checkGroupCount(3);
}
-
- public void testRenameGroupTwice() {
- Group group = new Group("x");
- groups.add(group);
+
+ public void testRenameGroupTwice() {
+ Group group = new Group("x");
+ groups.add(group);
groups.groupModified(group);
group.setName("y");
groups.groupModified(group);
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
import org.wamblee.security.authentication.Md5HexMessageDigester;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authentication;
import org.wamblee.security.authentication.Group;
import org.wamblee.security.authentication.UserMgtException;
import org.wamblee.security.authentication.UserMgtException.Reason;
-
/**
* User management test utilities.
*
RegexpNameValidator.PASSWORD_PATTERN, Reason.INVALID_PASSWORD,
"Password must be at least 6 chars"), new Md5HexMessageDigester());
user.addGroup(aGroup);
- return user;
+ return user;
}
public static void addUserToGroup(User aUser, Group aGroup)
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import static org.wamblee.security.authorization.AuthorizationResult.*;
private AuthorizationService service;
private TestUserAccessor userAccessor;
-
protected AuthorizationService getService() {
return service;
protected void setUp() throws Exception {
super.setUp();
- userAccessor = new TestUserAccessor();
-
+ userAccessor = new TestUserAccessor();
+
rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class);
rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class);
rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class);
}
protected UserAccessor getUserAccessor() {
- return userAccessor;
+ return userAccessor;
}
-
- protected UserAdministration getUserAdministration() {
+
+ protected UserAdministration getUserAdministration() {
return userAccessor.getUserAdmin();
}
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import junit.framework.TestCase;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import junit.framework.TestCase;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import junit.framework.TestCase;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import static org.wamblee.security.authorization.AuthorizationResult.*;
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
/**
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import org.wamblee.security.authentication.InMemoryGroupSet;
import org.wamblee.security.authentication.UserAdministrationImpl;
import org.wamblee.security.authentication.UserMgtException.Reason;
-
/**
* User access that always returns a user that belongs to a fixed group.
*
private static final String GROUP = "users";
- private UserAdministration userAdmin;
-
- public TestUserAccessor() {
- userAdmin = new UserAdministrationImpl(
- new InMemoryUserSet(new RegexpNameValidator(
- RegexpNameValidator.PASSWORD_PATTERN, Reason.INVALID_PASSWORD,
+ private UserAdministration userAdmin;
+
+ public TestUserAccessor() {
+ userAdmin = new UserAdministrationImpl(new InMemoryUserSet(
+ new RegexpNameValidator(RegexpNameValidator.PASSWORD_PATTERN,
+ Reason.INVALID_PASSWORD,
"Password must contain at least 6 characters"),
- new Md5HexMessageDigester()), new InMemoryGroupSet(),
+ new Md5HexMessageDigester()), new InMemoryGroupSet(),
new RegexpNameValidator(RegexpNameValidator.ID_PATTERN,
Reason.INVALID_USERNAME, "Invalid user"),
new RegexpNameValidator(RegexpNameValidator.ID_PATTERN,
Reason.INVALID_GROUPNAME, "Invalid group"));
- userAdmin.createGroup(GROUP);
- userAdmin.createUser(USER, PASSWORD);
- userAdmin.addUserToGroup(USER, GROUP);
+ userAdmin.createGroup(GROUP);
+ userAdmin.createUser(USER, PASSWORD);
+ userAdmin.addUserToGroup(USER, GROUP);
}
-
+
// NOTE: This is only for test. Normally the user accessor would not depend
- // on user administration. This just ensures that a user administration is created
- // that knows about the given user.
+ // on user administration. This just ensures that a user administration is
+ // created
+ // that knows about the given user.
public UserAdministration getUserAdmin() {
return userAdmin;
}
-
+
/*
* (non-Javadoc)
*
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
import static org.wamblee.security.authorization.AuthorizationResult.*;
* @author Erik Brakkee
*/
public class UrlAuthorizationRuleTest extends TestCase {
-
- private TestUserAccessor userAccessor;
-
- public void setUp() {
- userAccessor = new TestUserAccessor();
-
+
+ private TestUserAccessor userAccessor;
+
+ public void setUp() {
+ userAccessor = new TestUserAccessor();
+
}
-
+
/**
* Constructs the rule with a result of UNDECIDED. Verifies that an
* IllegalArgumentException is thrown.