Example 6 with RequestType
use of com.helger.peppol.wsclient2.RequestType in project ddf by codice.
the class XacmlPdpTest method testResourceIsNotPermitted.
@Test
public void testResourceIsNotPermitted() {
HashMap<String, List<String>> security = new HashMap<String, List<String>>();
security.put(RESOURCE_ACCESS, Arrays.asList(ACCESS_TYPE_A, ACCESS_TYPE_B, ACCESS_TYPE_C));
KeyValueCollectionPermission resourcePermissions = new KeyValueCollectionPermissionImpl(CollectionPermission.READ_ACTION, security);
RequestType request = testRealm.createXACMLRequest(USER_NAME, generateSubjectInfo(TEST_COUNTRY), resourcePermissions);
assertThat(testRealm.isPermitted(request), equalTo(false));
}
Also used :
KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission)
HashMap(java.util.HashMap)
KeyValueCollectionPermissionImpl(ddf.security.permission.impl.KeyValueCollectionPermissionImpl)
ArrayList(java.util.ArrayList)
List(java.util.List)
RequestType(oasis.names.tc.xacml._3_0.core.schema.wd_17.RequestType)
Test(org.junit.Test)
Example 7 with RequestType
use of com.helger.peppol.wsclient2.RequestType in project ddf by codice.
the class XacmlPdpTest method testEnvironmentVariables.
@Test
public void testEnvironmentVariables() {
RequestType request = testRealm.createXACMLRequest(USER_NAME, generateSubjectInfo(TEST_COUNTRY), new KeyValueCollectionPermissionImpl(QUERY_ACTION));
List<AttributesType> attributes = request.getAttributes();
AttributesType environmentAttributes = null;
for (AttributesType attribute : attributes) {
if (attribute.getCategory().equals(ENVIRONMENT_CATEGORY)) {
environmentAttributes = attribute;
}
}
assertNotNull(environmentAttributes);
assertThat(environmentAttributes.getAttribute().get(0).getAttributeId(), is("item0"));
assertThat(environmentAttributes.getAttribute().get(0).getAttributeValue().size(), is(1));
assertThat(environmentAttributes.getAttribute().get(1).getAttributeId(), is("item1"));
assertThat(environmentAttributes.getAttribute().get(1).getAttributeValue().size(), is(2));
assertThat(environmentAttributes.getAttribute().get(2).getAttributeId(), is("item2"));
assertThat(environmentAttributes.getAttribute().get(2).getAttributeValue().size(), is(3));
}
Also used :
AttributesType(oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributesType)
KeyValueCollectionPermissionImpl(ddf.security.permission.impl.KeyValueCollectionPermissionImpl)
RequestType(oasis.names.tc.xacml._3_0.core.schema.wd_17.RequestType)
Test(org.junit.Test)
Example 8 with RequestType
use of com.helger.peppol.wsclient2.RequestType in project ddf by codice.
the class XacmlPdpTest method testActionBadAction.
@Test
public void testActionBadAction() {
RequestType request = testRealm.createXACMLRequest(USER_NAME, generateSubjectInfo(TEST_COUNTRY), new KeyValueCollectionPermissionImpl("bad"));
assertThat(testRealm.isPermitted(request), equalTo(false));
}
Also used :
KeyValueCollectionPermissionImpl(ddf.security.permission.impl.KeyValueCollectionPermissionImpl)
RequestType(oasis.names.tc.xacml._3_0.core.schema.wd_17.RequestType)
Test(org.junit.Test)
Example 9 with RequestType
use of com.helger.peppol.wsclient2.RequestType in project ddf by codice.
the class XacmlPdpTest method testActionBadCountry.
@Test
public void testActionBadCountry() {
RequestType request = testRealm.createXACMLRequest(USER_NAME, generateSubjectInfo("CAN"), new KeyValueCollectionPermissionImpl(QUERY_ACTION));
assertThat(testRealm.isPermitted(request), equalTo(false));
}
Also used :
KeyValueCollectionPermissionImpl(ddf.security.permission.impl.KeyValueCollectionPermissionImpl)
RequestType(oasis.names.tc.xacml._3_0.core.schema.wd_17.RequestType)
Test(org.junit.Test)
Example 10 with RequestType
use of com.helger.peppol.wsclient2.RequestType in project ddf by codice.
the class XacmlClientTest method testWrapperpoliciesdirectorypolicyadded.
@Test
public void testWrapperpoliciesdirectorypolicyadded() throws Exception {
LOGGER.debug("\n\n\n##### testXACMLWrapper_policies_directory_policy_added");
File policyDir = folder.newFolder("tempDir");
XacmlClient.defaultPollingIntervalInSeconds = 1;
// Perform Test
XacmlClient pdp = new XacmlClient(policyDir.getCanonicalPath(), new XmlParser(), mock(SecurityLogger.class));
File srcFile = new File(projectHome + File.separator + RELATIVE_POLICIES_DIR + File.separator + POLICY_FILE);
FileUtils.copyFileToDirectory(srcFile, policyDir);
Thread.sleep(2000);
RequestType xacmlRequestType = new RequestType();
xacmlRequestType.setCombinedDecision(false);
xacmlRequestType.setReturnPolicyIdList(false);
AttributesType actionAttributes = new AttributesType();
actionAttributes.setCategory(ACTION_CATEGORY);
AttributeType actionAttribute = new AttributeType();
actionAttribute.setAttributeId(ACTION_ID);
actionAttribute.setIncludeInResult(false);
AttributeValueType actionValue = new AttributeValueType();
actionValue.setDataType(STRING_DATA_TYPE);
actionValue.getContent().add(QUERY_ACTION);
actionAttribute.getAttributeValue().add(actionValue);
actionAttributes.getAttribute().add(actionAttribute);
AttributesType subjectAttributes = new AttributesType();
subjectAttributes.setCategory(SUBJECT_CATEGORY);
AttributeType subjectAttribute = new AttributeType();
subjectAttribute.setAttributeId(SUBJECT_ID);
subjectAttribute.setIncludeInResult(false);
AttributeValueType subjectValue = new AttributeValueType();
subjectValue.setDataType(STRING_DATA_TYPE);
subjectValue.getContent().add(TEST_USER_1);
subjectAttribute.getAttributeValue().add(subjectValue);
subjectAttributes.getAttribute().add(subjectAttribute);
AttributeType roleAttribute = new AttributeType();
roleAttribute.setAttributeId(ROLE_CLAIM);
roleAttribute.setIncludeInResult(false);
AttributeValueType roleValue = new AttributeValueType();
roleValue.setDataType(STRING_DATA_TYPE);
roleValue.getContent().add(ROLE);
roleAttribute.getAttributeValue().add(roleValue);
subjectAttributes.getAttribute().add(roleAttribute);
AttributesType categoryAttributes = new AttributesType();
categoryAttributes.setCategory(PERMISSIONS_CATEGORY);
AttributeType citizenshipAttribute = new AttributeType();
citizenshipAttribute.setAttributeId(CITIZENSHIP_ATTRIBUTE);
citizenshipAttribute.setIncludeInResult(false);
AttributeValueType citizenshipValue = new AttributeValueType();
citizenshipValue.setDataType(STRING_DATA_TYPE);
citizenshipValue.getContent().add(US_COUNTRY);
citizenshipAttribute.getAttributeValue().add(citizenshipValue);
categoryAttributes.getAttribute().add(citizenshipAttribute);
xacmlRequestType.getAttributes().add(actionAttributes);
xacmlRequestType.getAttributes().add(subjectAttributes);
xacmlRequestType.getAttributes().add(categoryAttributes);
// Perform Test
ResponseType xacmlResponse = pdp.evaluate(xacmlRequestType);
// Verify - The policy was loaded to allow a permit decision
JAXBContext jaxbContext = JAXBContext.newInstance(ResponseType.class);
Marshaller marshaller = jaxbContext.createMarshaller();
ObjectFactory objectFactory = new ObjectFactory();
Writer writer = new StringWriter();
marshaller.marshal(objectFactory.createResponse(xacmlResponse), writer);
LOGGER.debug("\nXACML 3.0 Response:\n{}", writer.toString());
assertEquals(xacmlResponse.getResult().get(0).getDecision(), DecisionType.PERMIT);
FileUtils.deleteDirectory(policyDir);
}
Also used :
XmlParser(org.codice.ddf.parser.xml.XmlParser)
Marshaller(javax.xml.bind.Marshaller)
AttributeValueType(oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType)
JAXBContext(javax.xml.bind.JAXBContext)
ResponseType(oasis.names.tc.xacml._3_0.core.schema.wd_17.ResponseType)
ObjectFactory(oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory)
StringWriter(java.io.StringWriter)
AttributeType(oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeType)
AttributesType(oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributesType)
File(java.io.File)
StringWriter(java.io.StringWriter)
Writer(java.io.Writer)
SecurityLogger(ddf.security.audit.SecurityLogger)
RequestType(oasis.names.tc.xacml._3_0.core.schema.wd_17.RequestType)
Test(org.junit.Test)
Aggregations
RequestType (oasis.names.tc.xacml._3_0.core.schema.wd_17.RequestType)14
Test (org.junit.Test)14
KeyValueCollectionPermissionImpl (ddf.security.permission.impl.KeyValueCollectionPermissionImpl)8
AttributesType (oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributesType)6
KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)5
AttributeType (oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeType)5
AttributeValueType (oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType)5
SecurityLogger (ddf.security.audit.SecurityLogger)4
ArrayList (java.util.ArrayList)4
List (java.util.List)4
File (java.io.File)3
StringWriter (java.io.StringWriter)3
Writer (java.io.Writer)3
ItemType (com.helger.peppol.wsclient2.ItemType)2
ResponseType (com.helger.peppol.wsclient2.ResponseType)2
ValidationResultType (com.helger.peppol.wsclient2.ValidationResultType)2
KeyValuePermission (ddf.security.permission.KeyValuePermission)2
AbstractRestServiceTest (eu.europa.ec.fisheries.uvms.docker.validation.common.AbstractRestServiceTest)2
HashMap (java.util.HashMap)2
JAXBContext (javax.xml.bind.JAXBContext)2
