当前位置: 首页>>代码示例>>Java>>正文


Java AccessMgr类代码示例

本文整理汇总了Java中org.apache.directory.fortress.core.AccessMgr的典型用法代码示例。如果您正苦于以下问题:Java AccessMgr类的具体用法?Java AccessMgr怎么用?Java AccessMgr使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。

AccessMgr类属于org.apache.directory.fortress.core包,在下文中一共展示了AccessMgr类的35个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: getPermissions

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * Retrieve RBAC session permissions from Fortress and place in the Wicket session.
 */
static void getPermissions( Component component, AccessMgr accessMgr )
{
    try
    {
        if ( IS_PERM_CACHED )
        {
            FtSession session = ( FtSession ) component.getSession();
            List<Permission> permissions = accessMgr.sessionPermissions( session.getSession() );
            ( ( FtSession ) FtSession.get() ).setPermissions( permissions );
        }
    }
    catch ( org.apache.directory.fortress.core.SecurityException se )
    {
        String error = "getPermissions caught SecurityException=" + se;
        LOG.error( error );
        throw new RuntimeException( error );
    }
}
 
开发者ID:shawnmckinney,项目名称:fortress-saml-demo,代码行数:22,代码来源:SecUtils.java


示例2: createResponse

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * ************************************************************************************************************************************
 * BEGIN ACCESSMGR
 * **************************************************************************************************************************************
 */
/* No qualifier */ FortResponse authenticate( FortRequest request )
{
    FortResponse response = createResponse();
    
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( request.getContextId() );
        User inUser = (User) request.getEntity();
        Session outSession = accessMgr.authenticate( inUser.getUserId(), inUser.getPassword() );
        response.setSession( outSession );
        response.setErrorCode( GlobalErrIds.NO_ERROR );
    }
    catch ( SecurityException se )
    {
        createError( response, LOG, se );
    }
    
    return response;
}
 
开发者ID:apache,项目名称:directory-fortress-enmasse,代码行数:25,代码来源:AccessMgrImpl.java


示例3: createSession

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * Creates a session, trusted or untrested
 * 
 * @param request The request We want to create a session for
 * @param trusted Is the session trusted or not
 * @return The created response
 */
private FortResponse createSession( FortRequest request, boolean trusted )
{
    FortResponse response = createResponse();
    
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( request.getContextId() );
        User inUser = (User) request.getEntity();
        Session outSession = accessMgr.createSession( inUser, trusted );
        response.setSession( outSession );
    }
    catch ( SecurityException se )
    {
        createError( response, LOG, se );
    }
    
    return response;
}
 
开发者ID:apache,项目名称:directory-fortress-enmasse,代码行数:26,代码来源:AccessMgrImpl.java


示例4: sessionPermissions

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
FortResponse sessionPermissions( FortRequest request )
{
    FortResponse response = createResponse();
    
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( request.getContextId() );
        Session session = request.getSession();
        List<Permission> perms = accessMgr.sessionPermissions( session );
        response.setSession( session );
        response.setEntities( perms );
    }
    catch ( SecurityException se )
    {
        createError( response, LOG, se );
    }
    
    return response;
}
 
开发者ID:apache,项目名称:directory-fortress-enmasse,代码行数:20,代码来源:AccessMgrImpl.java


示例5: sessionRoles

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
FortResponse sessionRoles( FortRequest request )
{
    FortResponse response = createResponse();
    
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( request.getContextId() );
        Session session = request.getSession();
        List<UserRole> roles = accessMgr.sessionRoles( session );
        response.setEntities( roles );
        response.setSession( session );
    }
    catch ( SecurityException se )
    {
        createError( response, LOG, se );
    }
    
    return response;
}
 
开发者ID:apache,项目名称:directory-fortress-enmasse,代码行数:20,代码来源:AccessMgrImpl.java


示例6: authorizedSessionRoles

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
FortResponse authorizedSessionRoles( FortRequest request )
{
    FortResponse response = createResponse();
    
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( request.getContextId() );
        Session session = request.getSession();
        Set<String> roles = accessMgr.authorizedRoles( session );
        response.setValueSet( roles );
        response.setSession( session );
    }
    catch ( SecurityException se )
    {
        createError( response, LOG, se );
    }
    
    return response;
}
 
开发者ID:apache,项目名称:directory-fortress-enmasse,代码行数:20,代码来源:AccessMgrImpl.java


示例7: addActiveRole

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
FortResponse addActiveRole( FortRequest request )
{
    FortResponse response = createResponse();
    
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( request.getContextId() );
        UserRole uRole = (UserRole)request.getEntity();
        Session session = request.getSession();
        accessMgr.addActiveRole( session, uRole );
        response.setSession( session );
    }
    catch ( SecurityException se )
    {
        createError( response, LOG, se );
    }
    
    return response;
}
 
开发者ID:apache,项目名称:directory-fortress-enmasse,代码行数:20,代码来源:AccessMgrImpl.java


示例8: dropActiveRole

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
FortResponse dropActiveRole( FortRequest request )
{
    FortResponse response = createResponse();
    
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( request.getContextId() );
        UserRole uRole = (UserRole)request.getEntity();
        Session session = request.getSession();
        accessMgr.dropActiveRole( session, uRole );
        response.setSession( session );
    }
    catch ( SecurityException se )
    {
        createError( response, LOG, se );
    }
    
    return response;
}
 
开发者ID:apache,项目名称:directory-fortress-enmasse,代码行数:20,代码来源:AccessMgrImpl.java


示例9: getUserId

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
FortResponse getUserId( FortRequest request )
{
    FortResponse response = createResponse();
    
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( request.getContextId() );
        Session session = request.getSession();
        String userId = accessMgr.getUserId( session );
        User outUser = new User( userId );
        response.setSession( session );
        response.setEntity( outUser );
    }
    catch ( SecurityException se )
    {
        createError( response, LOG, se );
    }
    
    return response;
}
 
开发者ID:apache,项目名称:directory-fortress-enmasse,代码行数:21,代码来源:AccessMgrImpl.java


示例10: getUser

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
FortResponse getUser( FortRequest request )
{
    FortResponse response = createResponse();
    
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( request.getContextId() );
        Session session = request.getSession();
        User outUser = accessMgr.getUser( session );
        response.setSession( session );
        response.setEntity( outUser );
    }
    catch ( SecurityException se )
    {
        createError( response, LOG, se );
    }
    
    return response;
}
 
开发者ID:apache,项目名称:directory-fortress-enmasse,代码行数:20,代码来源:AccessMgrImpl.java


示例11: getUserIds

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * @param msg
 * @param uArray
 */
public static void getUserIds( String msg, String[][] uArray )
{
    LogUtil.logIt( msg );
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        for ( String[] usr : uArray )
        {
            User user = UserTestData.getUser( usr );
            Session session = accessMgr.authenticate( user.getUserId(), user.getPassword() );
            assertNotNull( session );
            String userId = accessMgr.getUserId( session );
            assertTrue( "getUserIds failed compare found userId [" + userId + "] valid userId ["
                + UserTestData.getUserId( usr ) + "]", userId.equalsIgnoreCase( UserTestData.getUserId( usr ) ) );
        }
        LOG.debug( "getUserIds successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error(
            "getUserIds: failed with SecurityException rc=" + ex.getErrorId() + ", msg="
                + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:30,代码来源:AccessMgrImplTest.java


示例12: getUsers

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * @param msg
 * @param uArray
 */
public static void getUsers( String msg, String[][] uArray )
{
    LogUtil.logIt( msg );
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        for ( String[] usr : uArray )
        {
            User user = UserTestData.getUser( usr );
            Session session = accessMgr.createSession( user, false );
            assertNotNull( session );
            user = accessMgr.getUser( session );
            UserTestData.assertEquals( user, usr );
        }
        LOG.debug( "getUsers successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error(
            "getUsers: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(),
            ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:29,代码来源:AccessMgrImplTest.java


示例13: createAdminSession

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 *
 */
public static Session createAdminSession()
{
    Session adminSess = null;
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        User admin = UserTestData.getUser( UserTestData.USERS_TU0[0] );
        adminSess = accessMgr.createSession( admin, false );
    }
    catch ( SecurityException ex )
    {
        String error = " static initializer caught SecurityException rc=" + ex.getErrorId() + ", msg="
            + ex.getMessage();
        LOG.error( error );
    }
    return adminSess;
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:21,代码来源:DelegatedMgrImplTest.java


示例14: createSessionTrusted

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * Create trusted RBAC Session.  This API will attempt to activate all of the User's assigned Roles.
 *
 * @param userId  Case insensitive userId.
 */
public static void createSessionTrusted(String userId)
{
    String szLocation = ".createSessionTrusted";
    try
    {
        // Instantiate the AccessMgr implementation which perform runtime RBAC operations.
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());

        // The User entity is used to pass data into the createSession API.
        User user = new User(userId);

        // The API will verify User is good and perform Role activations.  Request will fail if User is locked out of ldap for any reason.
        Session session = accessMgr.createSession(user, true);

        // createSession will throw SecurityException if fails thus the Session should never be null.
        assertNotNull(session);
        LOG.info(szLocation + "  userId [" + userId + "] successful");
    }
    catch (SecurityException ex)
    {
        LOG.error(szLocation + " userId [" + userId + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:30,代码来源:CreateSessionSample.java


示例15: createSession

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * Test Utility wraps OpenAcccessManager createSession API.
 *
 * @param userId          String contains case insensitive userId field.
 * @param password        String contains case sensitive, clear text password field.
 * @param activationRoles array of Role names targeted for activation into User's RBAC Session.
 * @return User RBAC Session that is used for subsequent AccessMgr API calls.
 */
private static Session createSession( String userId, String password, String[] activationRoles, AccessMgr accessMgr )
{
    String szLocation = ".createSession";
    Session session = null;
    try
    {
        User user = new User( userId, password, activationRoles );
        user.addProperty( "system.user.name", System.getProperty( "user.name" ) );
        //user.addProperty("system.timezone VAL", System.getProperty("user.timezone VAL"));
        user.addProperty( "system.country", System.getProperty( "user.country" ) );

        // Create an Fortress Session.  The Session contains the user's activated
        // roles along with other related attributes and status information (i.e. password status)
        session = accessMgr.createSession( user, false );
        LOG.info( szLocation + " with roles successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error(
            szLocation + " with roles caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(),
            ex );
        fail( ex.getMessage() );
    }
    return session;
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:34,代码来源:AccessMgrSample.java


示例16: authenticate

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * The authenticate API is used for use cases where RBAC authorization is not required.  This API will authenticate
 * the User's password and will check password policies but will not activate User's Roles into the return Session.
 *
 * @param userId   String contains case insensitive userId field.
 * @param password String contains case sensitive, clear text password field.
 * @return User Session that has no Roles activated thus will fail checkAccess and sessionPermission calls.
 */
private static Session authenticate( String userId, String password, AccessMgr accessMgr )
{
    String szLocation = ".authenticate";
    Session session = null;
    try
    {
        // authenticate will check the password but will not activated any roles into Session.
        session = accessMgr.authenticate( userId, password );
        LOG.info( szLocation + " successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
    return session;
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:26,代码来源:AccessMgrSample.java


示例17: initializeFtSession

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * Create a Fortress Session and load into a Wicket Session along with perms.
 *
 * @param component contains handle to wicket session.
 * @param j2eePolicyMgr used to call deserize api
 * @param accessMgr used to call fortress api for role op
 * @param userId contains the instance of fortress session deserialized.
 */
static boolean initializeFtSession(Component component, J2eePolicyMgr j2eePolicyMgr, AccessMgr accessMgr, String
    userId) throws SecurityException
{
    boolean result = false;
    Session realmSession = null;
    try
    {
        realmSession = j2eePolicyMgr.createSession( new User( userId ), true );
        result = true;
    }
    catch( org.apache.directory.fortress.core.SecurityException se )
    {
        if( se.getErrorId() == GlobalErrIds.USER_NOT_FOUND )
        {
            LOG.info( "initializeFtSession User: " + userId + ", not found, terminate login");
        }
        else
        {
            String error = "initializeFtSession exception during createSession for user: " + userId + ", error=" + se.getMessage();
            LOG.info( error );
            throw new RuntimeException( error );
        }
    }
    if( result )
    {
        synchronized ( ( FtSession ) FtSession.get() )
        {
            if ( SecUtils.getSession( component ) == null )
            {
                LOG.info( "realmSession user: " + realmSession.getUserId() );
                // Retrieve user permissions and attach RBAC session to Wicket session:
                ( ( FtSession ) FtSession.get() ).setSession( realmSession );
                getPermissions( component, accessMgr );
            }
        }
    }
    return result;
}
 
开发者ID:shawnmckinney,项目名称:fortress-saml-demo,代码行数:47,代码来源:SecUtils.java


示例18: authenticateUsers

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * @param msg
 * @param uArray
 * @param multiplier
 */
private static void authenticateUsers( String msg, String[][] uArray, int multiplier )
{
    LogUtil.logIt( msg );
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        for ( String[] usr : uArray )
        {
            User user = UserTestData.getUser( usr );
            Session session = accessMgr.authenticate( user.getUserId(), user.getPassword() );
            assertNotNull( session );
            // todo: need to test to ensure roles are not added to session.
            // now try negative test case:
            try
            {
                accessMgr.authenticate( user.getUserId(), "wrongpw" );
                fail( "authenticateUsers failed negative test" );
            }
            catch ( SecurityException se )
            {
                assertTrue( "authenticateUsers reset excep id check",
                    se.getErrorId() == GlobalErrIds.USER_PW_INVLD );
                // pass
            }
        }
        LOG.debug( "authenticateUsers successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error( "authenticateUsers: failed with SecurityException rc=" + ex.getErrorId() + ", msg="
            + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:40,代码来源:AccessMgrImplTest.java


示例19: authenticateLockedUsers

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * @param msg
 * @param uArray
 */
private static void authenticateLockedUsers( String msg, String[][] uArray )
{
    LogUtil.logIt( msg );
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        for ( String[] usr : uArray )
        {
            User user = UserTestData.getUser( usr );
            // now try negative test case:
            try
            {
                accessMgr.authenticate( user.getUserId(), user.getPassword() );
                fail( CLS_NM + ".authenticateLockedUsers failed test" );
            }
            catch ( SecurityException se )
            {
                assertTrue( CLS_NM + "authenticateLockedUsers reset excep id check",
                    se.getErrorId() == GlobalErrIds.USER_PW_LOCKED );
                // pass
                //LOG.error("locked=" + se.getMsgid() + " msg=" + se.getMessage());
            }
        }
        LOG.debug( "authenticateLockedUsers successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error( "authenticateLockedUsers: failed with SecurityException rc=" + ex.getErrorId()
            + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:37,代码来源:AccessMgrImplTest.java


示例20: authenticateResetUsers

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * @param msg
 * @param uArray
 */
private static void authenticateResetUsers( String msg, String[][] uArray, String[] plcy )
{
    LogUtil.logIt( msg );
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        PwPolicyMgr policyMgr = PswdPolicyMgrImplTest.getManagedPswdMgr();
        for ( String[] usr : uArray )
        {
            User user = UserTestData.getUser( usr );
            // update this user with pw policy that requires change after reset:
            policyMgr.updateUserPolicy( user.getUserId(), PolicyTestData.getName( plcy ) );
            // now try negative test case:
            try
            {
                accessMgr.authenticate( user.getUserId(), user.getPassword() );
                //accessMgr.authenticate( user.getUserId(), user.getPassword() );
                fail( CLS_NM + ".authenticateResetUsers failed test" );
            }
            catch ( SecurityException se )
            {
                assertTrue( CLS_NM + "authenticateResetUsers reset excep id check",
                    se.getErrorId() == GlobalErrIds.USER_PW_RESET );
                // pass
            }
        }
        LOG.debug( "authenticateResetUsers successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error( "authenticateResetUsers: failed with SecurityException rc=" + ex.getErrorId()
            + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:40,代码来源:AccessMgrImplTest.java


示例21: createSessionsWithRoles

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void createSessionsWithRoles( String msg, String[][] uArray, String[][] rArray )
{
    LogUtil.logIt( msg );
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        for ( String[] usr : uArray )
        {
            User user = UserTestData.getUser( usr );
            List<UserRole> rlsRequested = new ArrayList<>();
            int cnt = 0;
            for ( String[] rle : rArray )
            {
                rlsRequested.add( RoleTestData.getUserRole( user.getUserId(), rle ) );
                user.setRoles( rlsRequested );
                Session session = accessMgr.createSession( user, false );
                assertTrue( CLS_NM + ".createSessionsWithRoles failed role search USER [" + user.getUserId()
                    + "] CNT [" + ++cnt + "] size [" + session.getRoles().size() + "]", cnt == session.getRoles()
                    .size() );
                String userId = accessMgr.getUserId( session );
                assertTrue( CLS_NM + ".createSessionsWithRoles failed compare found userId [" + userId
                    + "] valid userId [" + UserTestData.getUserId( usr ) + "]",
                    userId.equalsIgnoreCase( UserTestData.getUserId( usr ) ) );
                UserTestData.assertEquals( user, usr );
            }
        }
        LOG.debug( "createSessionsWithRoles successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error( "createSessionsWithRoles: failed with SecurityException rc=" + ex.getErrorId()
            + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:41,代码来源:AccessMgrImplTest.java


示例22: createSessionsWithRolesTrusted

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void createSessionsWithRolesTrusted( String msg, String[][] uArray, String[][] rArray )
{
    LogUtil.logIt( msg );
    
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        
        for ( String[] usr : uArray )
        {
            User user = UserTestData.getUser( usr );
            List<UserRole> rlsRequested = new ArrayList<>();
            int cnt = 0;
            for ( String[] rle : rArray )
            {
                rlsRequested.add( RoleTestData.getUserRole( user.getUserId(), rle ) );
                user.setRoles( rlsRequested );
                Session session = accessMgr.createSession( user, true );
                assertTrue( CLS_NM + ".createSessionsWithRolesTrusted failed role search USER [" + user.getUserId()
                    + "] CNT [" + ++cnt + "] size [" + session.getRoles().size() + "]", cnt == session.getRoles()
                    .size() );
                String userId = accessMgr.getUserId( session );
                assertTrue( CLS_NM + ".createSessionsWithRolesTrusted failed compare found userId [" + userId
                    + "] valid userId [" + UserTestData.getUserId( usr ) + "]",
                    userId.equalsIgnoreCase( UserTestData.getUserId( usr ) ) );
                UserTestData.assertEquals( user, usr );
            }
        }
        LOG.debug( "createSessionsWithRolesTrusted successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error( "createSessionsWithRolesTrusted: failed with SecurityException rc=" + ex.getErrorId()
            + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:43,代码来源:AccessMgrImplTest.java


示例23: sessionRoles

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void sessionRoles( String msg, String[][] uArray, String[][] rArray )
{
    LogUtil.logIt( msg );
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        for ( String[] usr : uArray )
        {
            User user = UserTestData.getUser( usr );
            Session session = accessMgr.createSession( user, false );
            assertNotNull( session );
            String userId = accessMgr.getUserId( session );
            assertTrue( CLS_NM + ".sessionRoles failed compare found userId [" + userId + "] valid userId ["
                + UserTestData.getUserId( usr ) + "]", userId.equalsIgnoreCase( UserTestData.getUserId( usr ) ) );
            UserTestData.assertEquals( user, usr );
            List<UserRole> uRoles = accessMgr.sessionRoles( session );
            assertNotNull( uRoles );
            assertEquals(
                CLS_NM + ".sessionRoles user role check failed list size user [" + user.getUserId() + "]",
                rArray.length, uRoles.size() );
            for ( String[] rle : rArray )
            {
                assertTrue( CLS_NM + ".sessionRoles failed role search USER [" + user.getUserId() + "] ROLE1 ["
                    + RoleTestData.getName( rle ) + "] should be present",
                    uRoles.contains( RoleTestData.getUserRole( UserTestData.getUserId( usr ), rle ) ) );
            }
        }
        LOG.debug( "sessionRoles successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error(
            "sessionRoles: failed with SecurityException rc=" + ex.getErrorId() + ", msg="
                + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:43,代码来源:AccessMgrImplTest.java


示例24: createSessionsWithRole

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * Call the AccessMgr createSession API passing a single Role for activation.  Successful RBAC Session should
 * contains same Role activated.
 *
 * @param userId  Case insensitive userId.
 * @param password Password is case sensitive, clear text but is stored in directory as hashed value.
 * @param role contains role name of Role targeted for Activation.
 */
public static void createSessionsWithRole(String userId, String password, String role)
{
    String szLocation = ".createSessionsWithRole";
    try
    {
        // Instantiate the AccessMgr implementation which perform runtime RBAC operations.
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());

        // The User entity is used to pass data into the createSession API.
        User user = new User(userId, password, role);

        // The API will authenticate the User password, evaluate password policies and perform Role activations.
        Session session = accessMgr.createSession(user, false);

        // createSession will throw SecurityException if fails thus the Session should never be null.
        assertNotNull(session);

        // do some validations
        // Get the User's activated Roles.
        List<UserRole> sessRoles = session.getRoles();
        assertTrue(szLocation + " userId [" + userId + "]  with roles failed role check", sessRoles.contains(new UserRole(role)));
        LOG.info(szLocation + "  userId [" + userId + "] successful");
    }
    catch (SecurityException ex)
    {
        LOG.error(szLocation + " userId [" + userId + "]  caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:38,代码来源:CreateSessionSample.java


示例25: testCheckAccess

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * The checkAccess API is used to perform authorization on User.  It will return a 'true' if User is authorized to
 * perform operation or a 'false' if User is not.  This API is useful for performing method or service level authorization
 * within Server side programs.  It is expected that this API will be wrapped by other application Security frameworks
 * i.e. Spring or Java EE to provide fine-grained permission check authorization capabilities to business applications
 * running in the datacenter.
 */
public static void testCheckAccess()
{
    String szLocation = ".testCheckAccess";
    try
    {
        // Instantiate the AccessMgr implementation.
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );

        // utility function will create an Fortress Session.  The Session contains the user's activated
        // roles along with other related attributes and status information (i.e. password status)
        Session session = createSession( CreateUserSample.TEST_USERID,
            CreateUserSample.TEST_PASSWORD, accessMgr );
        assertNotNull( session );

        for ( int i = 1; i < 6; i++ )
        {
            // Fortress Permissions have an Object name and Operation name.  There is a one to many relationship between
            // objects and operations.  An example is object name "MyDataBaseTable" operations "READ", "WRITE", "DELETE". or object "MyFile" operations "R", "W", "C" or "MyClassName" "methodA", "methodB", "methodC", or "MyPageName.ControlName" "checkOut", "applyDiscount".
            Permission inPerm = new Permission( CreatePermSample.TEST_PERM_OBJECT,
                CreatePermSample.TEST_PERM_OPERATION_PREFIX + i );
            // method will return a 'true' if authorized or 'false' if not.
            boolean result = accessMgr.checkAccess( session, inPerm );
            assertTrue( szLocation, result );
            LOG.info( szLocation + " user [" + session.getUserId() + "] permission object ["
                + inPerm.getObjName() + "] operation name [" + inPerm.getOpName() + "] success" );
        }
    }
    catch ( SecurityException ex )
    {
        LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:41,代码来源:AccessMgrSample.java


示例26: testSessionPermissions

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * The sessionPermissions API is useful for GUI programs that need to cache all of the User's Permissions in the
 * HTTP Session or application cache.  This is useful when providing access control lists for menu items and other
 * controls that sometimes need to check authorizations on.  This API will return all permissions that are granted
 * to User's activated Roles along with Permissions that have been granted directly to the User entity itself.
 */
public static void testSessionPermissions()
{
    String szLocation = ".testSessionPermissions";
    try
    {
        // Instantiate the AccessMgr implementation.
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );

        // utility function will create an Fortress Session.  The Session contains the user's activated
        // roles along with other related attributes and status information (i.e. password status)
        Session session = createSession( CreateUserSample.TEST_USERID,
            CreateUserSample.TEST_PASSWORD, accessMgr );
        assertNotNull( session );
        List<Permission> perms = accessMgr.sessionPermissions( session );
        assertNotNull( perms );
        assertTrue( szLocation + " list check, expected: 5, actual:" + perms.size(), perms.size() == 5 );

        // iterate over expected permissions to make sure they are returned from sessionPermissions API.
        for ( int i = 1; i < 6; i++ )
        {
            // A Permission consists of an object name and operation name.
            Permission checkPerm = new Permission( CreatePermSample.TEST_PERM_OBJECT,
                CreatePermSample.TEST_PERM_OPERATION_PREFIX + i );
            boolean result = accessMgr.checkAccess( session, checkPerm );
            assertTrue( szLocation, result );
            LOG.info( szLocation + " user [" + session.getUserId() + "] permission object ["
                + checkPerm.getObjName() + "] operation name [" + checkPerm.getOpName() + "] success" );
        }
    }
    catch ( SecurityException ex )
    {
        LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:42,代码来源:AccessMgrSample.java


示例27: testSessionRoles

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * The RBAC Session can be interrogated to return the list of all activated Roles within a User's Session.  The API
 * will cache these Roles in the User's Session object.  The Roles will also include temporal data that is used to
 * enforce the day, date and time for which a given Role may be placed in the User's Session.
 */
public static void testSessionRoles()
{
    String szLocation = ".testSessionRoles";
    User inUser = new User( CreateUserSample.TEST_USERID );
    try
    {
        // Instantiate the AccessMgr implementation.
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        // utility function will create an Fortress Session.  The Session contains the user's activated
        // roles along with other related attributes and status information (i.e. password status)
        Session session = createSession( CreateUserSample.TEST_USERID,
            CreateUserSample.TEST_PASSWORD, accessMgr );
        // A null Session would be a bug and should never happen.  Fortress will throw a SecurityException if it cannot create.
        assertNotNull( session );
        // Get the activated Roles from the Session.
        List<UserRole> uRoles = accessMgr.sessionRoles( session );
        // The list of Roles could be null if User has not been assigned any or if all assigned failed activation checks.
        assertNotNull( uRoles );
        // Test to see that the list size is same as expected.
        assertTrue( szLocation + " list check, expected: 10, actual:" + uRoles.size(), uRoles.size() == 10 );

        // Test to ensure that all of the roles activated are returned in the uRoles list.  In a real
        // program this would not be necessary.
        for ( int i = 1; i < 11; i++ )
        {
            UserRole inUserRole = new UserRole( inUser.getUserId(), CreateRoleSample.TEST_ROLE_PREFIX + i );
            assertTrue(
                szLocation + " contains check userId [" + inUserRole.getUserId() + "] role ["
                    + inUserRole.getName() + "]", uRoles.contains( inUserRole ) );
            LOG.info( szLocation + " userId [" + inUserRole.getUserId() + "] activated role ["
                + inUserRole.getName() + "] found in session" );
        }
    }
    catch ( SecurityException ex )
    {
        LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:45,代码来源:AccessMgrSample.java


示例28: testAddActiveRoles

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * The addActivateRole API allows only Roles that have been assigned to a given User to be activated in their
 * RBAC Session.  The API will also ensure that a given Role has passed its constraint tests which include
 * Static Separation of Duty (SSD) and RBAC Role temporal constraint validations.
 */
public static void testAddActiveRoles()
{
    String szLocation = ".testAddActiveRoles";
    try
    {
        // Instantiate the AccessMgr implementation.
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        // authenticate will check the password but will not activated any roles into Session.
        Session session = authenticate( CreateUserSample.TEST_USERID, CreateUserSample.TEST_PASSWORD,
            accessMgr );
        assertNotNull( session );
        // now, activate roles into User's Session one at a time:
        for ( int i = 1; i < 11; i++ )
        {
            UserRole addUserRole = new UserRole( CreateUserSample.TEST_USERID, CreateRoleSample.TEST_ROLE_PREFIX
                + i );
            accessMgr.addActiveRole( session, addUserRole );
            LOG.info( szLocation + " userId [" + addUserRole.getUserId() + "] activated role ["
                + addUserRole.getName() + "] added to session" );
        }
    }
    catch ( SecurityException ex )
    {
        LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:33,代码来源:AccessMgrSample.java


示例29: testDropActiveRoles

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * RBAC compliant systems allow User Roles to be activated and deactivated from their Session.  This facilitates
 * the principle of least privilege which prescribes only giving User's as much capability as they need to complete
 * their job duties.  This means not all Roles that a User may be authorized to activated will necessarily be active
 * at any one point in time.  This allows for separation of duty restrictions to be enforced.
 */
public static void testDropActiveRoles()
{
    String szLocation = ".testDropActiveRoles";
    User inUser = new User( CreateUserSample.TEST_USERID );
    try
    {
        // Instantiate the AccessMgr implementation.
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        // Calling createSession and not setting any roles on User beforehand will attempt to activate all assigned Roles:
        Session session = createSession( CreateUserSample.TEST_USERID,
            CreateUserSample.TEST_PASSWORD, accessMgr );
        assertNotNull( session );
        // now, drop roles from User's Session one at a time:
        for ( int i = 1; i < 11; i++ )
        {
            UserRole dropUserRole = new UserRole( inUser.getUserId(), CreateRoleSample.TEST_ROLE_PREFIX + i );
            accessMgr.dropActiveRole( session, dropUserRole );
            LOG.info( szLocation + " userId [" + dropUserRole.getUserId() + "] deactivated role ["
                + dropUserRole.getName() + "] removed from session" );
        }
    }
    catch ( SecurityException ex )
    {
        LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:34,代码来源:AccessMgrSample.java


示例30: getAccessManager

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
public AccessMgr getAccessManager() {
  return accessManager;
}
 
开发者ID:bliblidotcom,项目名称:cas-fortress-example,代码行数:4,代码来源:FortressDecisionVoter.java


示例31: setAccessManager

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
public void setAccessManager(AccessMgr accessManager) {
  this.accessManager = accessManager;
}
 
开发者ID:bliblidotcom,项目名称:cas-fortress-example,代码行数:4,代码来源:FortressDecisionVoter.java


示例32: enableFortress

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
     * Enables fortress session on behalf of a java.security.Principal retrieved from the container.
     *
     * @param component
     * @param servletReq
     * @param j2eePolicyMgr
     * @param accessMgr
     * @throws SecurityException
     */
    public static boolean enableFortress( Component component, HttpServletRequest servletReq, J2eePolicyMgr j2eePolicyMgr, AccessMgr accessMgr ) throws SecurityException
    {
        boolean result = false;
        // Get the principal from the container:
        ExpiringUsernameAuthenticationToken principal = (ExpiringUsernameAuthenticationToken)servletReq.getUserPrincipal();
        // Is this a secured page && has the User successfully authenticated already?
        boolean isSecured = principal != null;
        if(isSecured)
        {
            // Only perform this step once per user web session:
            if( !isLoggedIn( component ) )
            {
                //String userId = principal.getName();
                String userId = getUserId( (SAMLCredential)principal.getCredentials() );
                if( StringUtils.isEmpty( userId ))
                {
                    // This is default where SSOCircle places email address:
                    //userId = principal.getName();
                    userId = getSurName( (SAMLCredential)principal.getCredentials() );
                    if( StringUtils.isEmpty( userId ))
                    {
                        throw new RuntimeException( "No userid found in SAML assertion for principal" + principal.getName() );
                    }
                }
/*
                else
                {
                    SAMLCredential credential = (SAMLCredential)principal.getCredentials();
                    for ( org.opensaml.saml2.core.Attribute attr : credential.getAttributes())
                    {
                        String fname = attr.getFriendlyName();
                        String name = attr.getName();
                        LOG.info( "saml attribute name; " + name );
                        String[] attributeValues = credential.getAttributeAsStringArray(name);
                        for( String val : attributeValues )
                        {
                            LOG.info( "saml attribute value:" + val );
                        }
                    }
                }
                    */

                // Create the fortress session and assert into the Web app's session along with user's perms:
                result = SecUtils.initializeFtSession( component, j2eePolicyMgr, accessMgr, userId );
            }
            else
            {
                result = true;
            }
        }
        else
        {
            LOG.warn( "Unsecured request: " + servletReq.getRequestURL() );
            throw new RuntimeException( "Unauthenticated user detected for request:" + servletReq.getRequestURL() );
        }
        return result;
    }
 
开发者ID:shawnmckinney,项目名称:fortress-saml-demo,代码行数:67,代码来源:SecUtils.java


示例33: createSessions

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void createSessions( String msg, String[][] uArray, String[][] rArray )
{
    LogUtil.logIt( msg );
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        for ( String[] usr : uArray )
        {
            User user = UserTestData.getUser( usr );
            Session session = accessMgr.createSession( user, false );
            assertNotNull( session );
            String userId = accessMgr.getUserId( session );
            assertTrue( CLS_NM + ".createSessions failed compare found userId [" + userId + "] valid userId ["
                + UserTestData.getUserId( usr ) + "]", userId.equalsIgnoreCase( UserTestData.getUserId( usr ) ) );
            UserTestData.assertEquals( user, usr );
            List<UserRole> uRoles = session.getRoles();
            assertNotNull( uRoles );
            assertEquals( CLS_NM + ".createSessions user role check failed list size user [" + user.getUserId()
                + "]", rArray.length, uRoles.size() );
            for ( String[] rle : rArray )
            {
                assertTrue( CLS_NM + ".createSessions failed role search USER [" + user.getUserId() + "] ROLE1 ["
                    + RoleTestData.getName( rle ) + "] should be present",
                    uRoles.contains( RoleTestData.getUserRole( UserTestData.getUserId( usr ), rle ) ) );
            }

            // now try negative test case:
            try
            {
                User userBad = new User( user.getUserId(), "badpw" );
                accessMgr.createSession( userBad, false );
                fail( CLS_NM + ".createSessions failed negative test" );
            }
            catch ( SecurityException se )
            {
                assertTrue( CLS_NM + "createSessions excep id check", se.getErrorId() == GlobalErrIds.USER_PW_INVLD );
                // pass
            }
        }
        LOG.debug( "createSessions successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error(
            "createSessions: failed with SecurityException rc=" + ex.getErrorId() + ", msg="
                + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:55,代码来源:AccessMgrImplTest.java


示例34: createSessionsTrusted

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void createSessionsTrusted( String msg, String[][] uArray, String[][] rArray )
{
    LogUtil.logIt( msg );
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        for ( String[] usr : uArray )
        {
            User user = UserTestData.getUser( usr );
            Session session = accessMgr.createSession( user, true );
            assertNotNull( session );
            String userId = accessMgr.getUserId( session );
            assertTrue( CLS_NM + ".createSessionsTrusted failed compare found userId [" + userId
                + "] valid userId [" + UserTestData.getUserId( usr ) + "]",
                userId.equalsIgnoreCase( UserTestData.getUserId( usr ) ) );
            UserTestData.assertEquals( user, usr );
            List<UserRole> uRoles = session.getRoles();
            assertNotNull( uRoles );
            assertEquals(
                CLS_NM + ".createSessionsTrusted user role check failed list size user [" + user.getUserId() + "]",
                rArray.length, uRoles.size() );
            for ( String[] rle : rArray )
            {
                assertTrue( CLS_NM + ".createSessionsTrusted failed role search USER [" + user.getUserId()
                    + "] ROLE1 [" + RoleTestData.getName( rle ) + "] should be present",
                    uRoles.contains( RoleTestData.getUserRole( UserTestData.getUserId( usr ), rle ) ) );
            }

            // now try negative test case:
            try
            {
                User badUser = new User( user.getUserId() + "wrong" );
                accessMgr.createSession( badUser, true );
                fail( CLS_NM + ".createSessionsTrusted failed negative test" );
            }
            catch ( SecurityException se )
            {
                assertTrue( CLS_NM + "createSessionsTrusted excep id check",
                    se.getErrorId() == GlobalErrIds.USER_NOT_FOUND );
                // pass
            }
        }
        LOG.debug( "createSessionsTrusted successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error( "createSessionsTrusted: failed with SecurityException rc=" + ex.getErrorId()
            + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:57,代码来源:AccessMgrImplTest.java


示例35: createSessionsDSD

import org.apache.directory.fortress.core.AccessMgr; //导入依赖的package包/类
/**
 *
 * @param msg
 * @param uArray
 * @param dsdArray
 */
public static void createSessionsDSD( String msg, String[][] uArray, String[][] dsdArray )
{
    LogUtil.logIt( msg );
    try
    {
        AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
        int i = 0;
        for ( String[] usr : uArray )
        {
            SDSet dsd = RoleTestData.getSDSet( dsdArray[i++] );
            User user = UserTestData.getUser( usr );
            Session session = accessMgr.createSession( user, false );
            assertNotNull( session );
            String userId = accessMgr.getUserId( session );
            assertTrue( CLS_NM + ".createSessionsDSD failed compare found userId [" + userId + "] valid userId ["
                + UserTestData.getUserId( usr ) + "]", userId.equalsIgnoreCase( UserTestData.getUserId( usr ) ) );
            UserTestData.assertEquals( user, usr );
            List<UserRole> uRoles = session.getRoles();
            assertNotNull( uRoles );
            // was the number of members in test DSD greater than the cardinality?
            if ( dsd.getMembers().size() < dsd.getCardinality() )
            {
                assertEquals(
                    CLS_NM + ".createSessionsDSD role list size check failed user-role user [" + user.getUserId()
                        + "]", dsd.getMembers().size(), uRoles.size() );
            }
            else
            {
                assertEquals(
                    CLS_NM + ".createSessionsDSD role cardinality check failed user-role list size user ["
                        + user.getUserId() + "] dsd set [" + dsd.getName() + "] card [" + dsd.getCardinality()
                        + "] listsize [" + uRoles.size() + "]", dsd.getCardinality() - 1, uRoles.size() );
            }
        }
        LOG.debug( "createSessionsDSD successful" );
    }
    catch ( SecurityException ex )
    {
        LOG.error( "createSessionsDSD: failed with SecurityException rc=" + ex.getErrorId() + ", msg="
            + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
 
开发者ID:apache,项目名称:directory-fortress-core,代码行数:50,代码来源:AccessMgrImplTest.java



注:本文中的org.apache.directory.fortress.core.AccessMgr类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。