User: stark
Date: 01/02/12 01:29:44
Added: security/src/main/org/jboss/test/security/test/ejbs/project
ProjRepositoryBean.java
ProjRepositoryStatefulProxy.java
ProjRepositoryStatelessProxy.java
Log:
Tests of the security proxy layer and custom JAAS security
Revision Changes Path
1.1
contrib/security/src/main/org/jboss/test/security/test/ejbs/project/ProjRepositoryBean.java
Index: ProjRepositoryBean.java
===================================================================
/*
* JBoss, the OpenSource EJB server
*
* Distributable under LGPL license.
* See terms of license at gnu.org.
*/
package org.jboss.test.security.test.ejbs.project;
import java.rmi.RemoteException;
import javax.ejb.CreateException;
import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
import javax.naming.Name;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository;
import org.jboss.test.security.test.ejbs.project.support.HeirMemoryMap;
/** The ProjRepository session bean implementation. This is a trivial
implementation that always creates the same set of project data.
@see javax.naming.Name
@see javax.naming.directory.Attributes
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class ProjRepositoryBean implements SessionBean, IProjRepository
{
private SessionContext context;
private HeirMemoryMap projRepository;
// --- Begin IProjRepository interface methods
public void createFolder(Name folderPath) throws NamingException, RemoteException
{
throw new RemoteException("Not implemented");
}
public void deleteFolder(Name folderPath,boolean recursive) throws
NamingException, RemoteException
{
throw new RemoteException("Not implemented");
}
public void createItem(Name itemPath,Attributes attributes) throws
NamingException, RemoteException
{
throw new RemoteException("Not implemented");
}
public void updateItem(Name itemPath,Attributes attributes) throws
NamingException, RemoteException
{
throw new RemoteException("Not implemented");
}
public void deleteItem(Name itemPath) throws NamingException, RemoteException
{
try
{
projRepository.unbind(itemPath);
}
catch(Exception e)
{
e.printStackTrace();
}
}
public Attributes getItem(Name itemPath) throws NamingException, RemoteException
{
System.out.println("ProjRepositoryBean.getItem() itemPath="+itemPath);
Attributes attributes = projRepository.getAttributes(itemPath);
return attributes;
}
// --- End IProjRepository interface methods
// --- Begin ProjRepositoryHome methods
public void ejbCreate(Name projectName) throws CreateException
{
System.out.println("ProjRepositoryBean.ejbCreate()
projectName="+projectName);
// Add the same data structure to every project
projRepository = new HeirMemoryMap();
try
{
BasicAttributes attributes = new BasicAttributes();
attributes.put("name", projectName);
attributes.put("owner", "scott");
DirContext projectCtx = projRepository.createSubcontext(projectName,
attributes);
attributes = new BasicAttributes();
attributes.put("name", "Drawings");
attributes.put("isFolder", "false");
attributes.put("contentType", "text/html");
attributes.put("size", "1024");
projectCtx.bind("readme.html", null, attributes);
attributes.put("owner", "scott");
// Documents subctx
attributes = new BasicAttributes();
attributes.put("name", "Documents");
attributes.put("isFolder", "true");
attributes.put("owner", "scott");
DirContext dctx = projectCtx.createSubcontext("Documents", attributes);
attributes = new BasicAttributes();
attributes.put("name", "index.html");
attributes.put("isFolder", "false");
attributes.put("contentType", "text/html");
attributes.put("size", "1234");
dctx.bind("index.html", null, attributes);
attributes.put("owner", "scott");
// Documents/Private subctx
attributes = new BasicAttributes();
attributes.put("name", "Private");
attributes.put("isFolder", "true");
attributes.put("owner", "scott");
dctx = projectCtx.createSubcontext("Documents/Private", attributes);
attributes = new BasicAttributes();
attributes.put("name", "passwords");
attributes.put("isFolder", "false");
attributes.put("contentType", "text/plain");
attributes.put("size", "8173");
attributes.put("owner", "scott");
dctx.bind("passwords", null, attributes);
// Documents/Public subctx
attributes = new BasicAttributes();
attributes.put("name", "Public");
attributes.put("isFolder", "true");
attributes.put("owner", "scott");
dctx = projectCtx.createSubcontext("Documents/Public", attributes);
attributes = new BasicAttributes();
attributes.put("name", "readme.txt");
attributes.put("isFolder", "false");
attributes.put("contentType", "text/plain");
attributes.put("size", "13584");
attributes.put("owner", "scott");
dctx.bind("readme.txt", null, attributes);
// Documents/Public/starksm subctx
attributes = new BasicAttributes();
attributes.put("name", "starksm");
attributes.put("isFolder", "true");
attributes.put("owner", "starksm");
dctx = projectCtx.createSubcontext("Documents/Public/starksm",
attributes);
attributes = new BasicAttributes();
attributes.put("name", ".bashrc");
attributes.put("isFolder", "false");
attributes.put("contentType", "text/plain");
attributes.put("size", "1167");
attributes.put("owner", "starksm");
dctx.bind(".bashrc", null, attributes);
// Drawing subctx
attributes = new BasicAttributes();
attributes.put("name", "Drawings");
attributes.put("isFolder", "true");
attributes.put("owner", "scott");
dctx = projectCtx.createSubcontext("Drawings", attributes);
attributes = new BasicAttributes();
attributes.put("name", "view1.jpg");
attributes.put("isFolder", "false");
attributes.put("contentType", "image/jpeg");
attributes.put("owner", "scott");
dctx.bind("view1.jpg", null, attributes);
}
catch(NamingException e)
{
throw new CreateException(e.toString(true));
}
}
// --- End ProjRepositoryHome methods
// --- Begin SessionBean interface methods
public void setSessionContext(SessionContext context)
{
this.context = context;
}
public void ejbRemove()
{
}
public void ejbActivate()
{
}
public void ejbPassivate()
{
}
// --- End SessionBean interface methods
}
1.1
contrib/security/src/main/org/jboss/test/security/test/ejbs/project/ProjRepositoryStatefulProxy.java
Index: ProjRepositoryStatefulProxy.java
===================================================================
/*
* JBoss, the OpenSource EJB server
*
* Distributable under LGPL license.
* See terms of license at gnu.org.
*/
package org.jboss.test.security.test.ejbs.project;
import java.rmi.RemoteException;
import java.security.Principal;
import javax.ejb.EJBContext;
import javax.naming.Name;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository;
/** A simple stateful security proxy example for the ProjRepository bean.
@see javax.naming.Name
@see javax.naming.directory.Attributes
@see org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class ProjRepositoryStatefulProxy implements IProjRepository
{
/**
* @label bean
* @clientRole state sink
* @supplierRole state source
*/
private IProjRepository projRepository;
private EJBContext ctx;
public void setContext(EJBContext ctx)
{
this.ctx = ctx;
System.out.println("ProjRepositoryStatefulProxy.setContext, ctx="+ctx);
}
public void setBean(Object bean)
{
projRepository = (IProjRepository) bean;
System.out.println("ProjRepositoryStatefulProxy.setBean,
bean="+projRepository);
}
// --- Begin IProjRepository interface methods
public void createFolder(Name folderPath)
{
System.out.println("ProjRepositoryStatefulProxy.createFolder,
folderPath="+folderPath);
}
public void deleteFolder(Name folderPath,boolean recursive)
{
System.out.println("ProjRepositoryStatefulProxy.deleteFolder,
folderPath="+folderPath);
}
public void createItem(Name itemPath,Attributes attributes)
{
System.out.println("ProjRepositoryStatefulProxy.createItem,
itemPath="+itemPath);
}
public void updateItem(Name itemPath,Attributes attributes)
{
System.out.println("ProjRepositoryStatefulProxy.updateItem,
itemPath="+itemPath);
}
public void deleteItem(Name itemPath)
{
Principal user = ctx.getCallerPrincipal();
String userID = user.getName();
System.out.println("ProjRepositoryStatefulProxy.deleteItem,
itemPath="+itemPath);
// Only the item owner can delete it
String owner = null;
try
{
Attributes attributes = projRepository.getItem(itemPath);
if( attributes != null )
{
Attribute attr = attributes.get("owner");
if( attr != null )
owner = (String) attr.get();
}
}
catch(Exception e)
{
e.printStackTrace();
throw new SecurityException("Failed to obtain owner for: "+itemPath);
}
if( owner == null )
throw new SecurityException("No owner assigned to: "+itemPath);
if( owner.equals(userID) == false )
throw new SecurityException("User: "+userID+" is not the owner of:
"+itemPath);
}
public Attributes getItem(Name itemPath)
{
System.out.println("ProjRepositoryStatefulProxy.getItem,
itemPath="+itemPath);
return null;
}
// --- End IProjRepository interface methods
}
1.1
contrib/security/src/main/org/jboss/test/security/test/ejbs/project/ProjRepositoryStatelessProxy.java
Index: ProjRepositoryStatelessProxy.java
===================================================================
/*
* JBoss, the OpenSource EJB server
*
* Distributable under LGPL license.
* See terms of license at gnu.org.
*/
package org.jboss.test.security.test.ejbs.project;
import java.rmi.RemoteException;
import java.security.AccessController;
import javax.naming.Name;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository;
import org.jboss.test.security.test.NamespacePermission;
/** A simple stateless security proxy example for the ProjRepository bean.
@see javax.naming.Name
@see javax.naming.directory.Attributes
@see org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class ProjRepositoryStatelessProxy implements IProjRepository
{
// --- Begin IProjRepository interface methods
public void createFolder(Name folderPath)
{
System.out.println("ProjRepositoryStatelessProxy.createFolder,
folderPath="+folderPath);
}
public void deleteFolder(Name folderPath,boolean recursive)
{
System.out.println("ProjRepositoryStatelessProxy.deleteFolder,
folderPath="+folderPath);
}
public void createItem(Name itemPath,Attributes attributes)
{
System.out.println("ProjRepositoryStatelessProxy.createItem,
itemPath="+itemPath);
}
public void updateItem(Name itemPath,Attributes attributes)
{
System.out.println("ProjRepositoryStatelessProxy.updateItem,
itemPath="+itemPath);
}
public void deleteItem(Name itemPath)
{
System.out.println("ProjRepositoryStatelessProxy.deleteItem,
itemPath="+itemPath);
}
public Attributes getItem(Name itemPath)
{
NamespacePermission p = new NamespacePermission(itemPath, "r---");
AccessController.checkPermission(p);
System.out.println("ProjRepositoryStatelessProxy.getItem,
itemPath="+itemPath);
return null;
}
// --- End IProjRepository interface methods
}
