diff options
author | lresende <lresende@13f79535-47bb-0310-9956-ffa450edef68> | 2010-01-29 06:00:49 +0000 |
---|---|---|
committer | lresende <lresende@13f79535-47bb-0310-9956-ffa450edef68> | 2010-01-29 06:00:49 +0000 |
commit | 25dddcef1d32403e1d857e48ebc1bbac9baf2523 (patch) | |
tree | b2df842c819d7dcf2e861777777639815d514c9a /sca-java-1.x/tags/1.6-RC2/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization | |
parent | 40aa7960a748c80a2465d5ca78e8f91d43296c8e (diff) |
Java SCA 1.6 RC2 Release Tag
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@904390 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to '')
2 files changed, 236 insertions, 0 deletions
diff --git a/sca-java-1.x/tags/1.6-RC2/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java b/sca-java-1.x/tags/1.6-RC2/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java new file mode 100644 index 0000000000..d58fa51256 --- /dev/null +++ b/sca-java-1.x/tags/1.6-RC2/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicy.java @@ -0,0 +1,84 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.policy.authorization; + +import java.util.ArrayList; +import java.util.List; + +import javax.xml.namespace.QName; + +import org.apache.tuscany.sca.assembly.xml.Constants; +import org.apache.tuscany.sca.policy.Policy; + +/** + * Models the SCA Implementation Security Policy Assertion for Authorization. + * + * @version $Rev$ $Date$ + */ +public class AuthorizationPolicy implements Policy { + public static final QName NAME = new QName(Constants.SCA10_NS, "authorization"); + + public static enum AcessControl { + permitAll, denyAll, allow + }; + + private List<String> roleNames = new ArrayList<String>(); + + public AuthorizationPolicy() { + } + + private AcessControl accessControl; + + public AcessControl getAccessControl() { + return accessControl; + } + + public void setAccessControl(AcessControl accessControl) { + this.accessControl = accessControl; + } + + public List<String> getRoleNames() { + if (accessControl == AcessControl.allow) { + return roleNames; + } else { + throw new IllegalArgumentException("Role names are only available for 'allow'"); + } + } + + public boolean isUnresolved() { + return false; + } + + public void setUnresolved(boolean unresolved) { + } + + public QName getSchemaName() { + return NAME; + } + + @Override + public String toString() { + if (accessControl == AcessControl.allow) { + return accessControl.name() + " " + roleNames; + } + return accessControl.name(); + } + +} diff --git a/sca-java-1.x/tags/1.6-RC2/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java b/sca-java-1.x/tags/1.6-RC2/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java new file mode 100644 index 0000000000..30fb0b32a4 --- /dev/null +++ b/sca-java-1.x/tags/1.6-RC2/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authorization/AuthorizationPolicyProcessor.java @@ -0,0 +1,152 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.policy.authorization; + +import static javax.xml.stream.XMLStreamConstants.END_ELEMENT; +import static javax.xml.stream.XMLStreamConstants.START_ELEMENT; + +import java.util.StringTokenizer; + +import javax.xml.namespace.QName; +import javax.xml.stream.XMLStreamException; +import javax.xml.stream.XMLStreamReader; +import javax.xml.stream.XMLStreamWriter; + +import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint; +import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor; +import org.apache.tuscany.sca.contribution.resolver.ModelResolver; +import org.apache.tuscany.sca.contribution.service.ContributionReadException; +import org.apache.tuscany.sca.contribution.service.ContributionResolveException; +import org.apache.tuscany.sca.contribution.service.ContributionWriteException; +import org.apache.tuscany.sca.monitor.Monitor; +import org.apache.tuscany.sca.monitor.Problem; +import org.apache.tuscany.sca.monitor.Problem.Severity; +import org.apache.tuscany.sca.monitor.impl.ProblemImpl; + +/** + * + * @version $Rev$ $Date$ + */ +public class AuthorizationPolicyProcessor implements StAXArtifactProcessor<AuthorizationPolicy> { + private static final String ROLES = "roles"; + private Monitor monitor; + + public QName getArtifactType() { + return AuthorizationPolicy.NAME; + } + + public AuthorizationPolicyProcessor(ModelFactoryExtensionPoint modelFactories, Monitor monitor) { + this.monitor = monitor; + } + + /** + * Report a error. + * + * @param problems + * @param message + * @param model + */ + private void error(String message, Object model, Object... messageParameters) { + if (monitor != null) { + Problem problem = new ProblemImpl(this.getClass().getName(), "policy-security-validation-messages", Severity.ERROR, model, message, (Object[])messageParameters); + monitor.problem(problem); + } + } + + public AuthorizationPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException { + AuthorizationPolicy policy = new AuthorizationPolicy(); + int event = reader.getEventType(); + QName start = reader.getName(); + while (true) { + switch (event) { + case START_ELEMENT: + String ac = reader.getName().getLocalPart(); + if ("allow".equals(ac)) { + policy.setAccessControl(AuthorizationPolicy.AcessControl.allow); + String roleNames = reader.getAttributeValue(null, ROLES); + if (roleNames == null) { + error("RequiredAttributeRolesMissing", reader); + //throw new IllegalArgumentException("Required attribute 'roles' is missing."); + } else { + StringTokenizer st = new StringTokenizer(roleNames); + while (st.hasMoreTokens()) { + policy.getRoleNames().add(st.nextToken()); + } + } + } else if ("permitAll".equals(ac)) { + policy.setAccessControl(AuthorizationPolicy.AcessControl.permitAll); + } else if ("denyAll".endsWith(ac)) { + policy.setAccessControl(AuthorizationPolicy.AcessControl.denyAll); + } + break; + case END_ELEMENT: + if (start.equals(reader.getName())) { + if (reader.hasNext()) { + reader.next(); + } + return policy; + } + + } + if (reader.hasNext()) { + event = reader.next(); + } else { + return policy; + } + } + } + + public void write(AuthorizationPolicy policy, XMLStreamWriter writer) throws ContributionWriteException, + XMLStreamException { + writer.writeStartElement(AuthorizationPolicy.NAME.getLocalPart()); + + writer.writeStartElement(policy.getAccessControl().name()); + + if (policy.getAccessControl() == AuthorizationPolicy.AcessControl.allow) { + StringBuffer sb = new StringBuffer(); + for (String role : policy.getRoleNames()) { + sb.append(role); + } + + if (sb.length() > 0) { + writer.writeAttribute(ROLES, sb.toString()); + } + } + + writer.writeEndElement(); + writer.writeEndElement(); + } + + public Class<AuthorizationPolicy> getModelType() { + return AuthorizationPolicy.class; + } + + public void resolve(AuthorizationPolicy policy, ModelResolver resolver) throws ContributionResolveException { + + if ((policy.getAccessControl() == AuthorizationPolicy.AcessControl.allow) && + (policy.getRoleNames().isEmpty())){ + // role names are required so leave policy unresolved + return; + } + + //right now nothing to resolve + policy.setUnresolved(false); + } + +} |