Example 51 with Application
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class ApplicationsResourceTest method shouldUseSubjectFromContextOnRead.
@Test
public void shouldUseSubjectFromContextOnRead() throws EntitlementException {
// Given
String resourceID = "ferret";
SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
RealmContext realmContext = new RealmContext(mockSSOTokenContext);
realmContext.setSubRealm("badger", "badger");
Context serverContext = ClientContext.newInternalClientContext(realmContext);
Subject subject = new Subject();
given(mockSSOTokenContext.getCallerSubject()).willReturn(subject);
Application mockApplication = mock(Application.class);
given(applicationManagerWrapper.getApplication(any(Subject.class), anyString(), anyString())).willReturn(mockApplication);
// When
applicationsResource.readInstance(serverContext, resourceID, null);
// Then
verify(applicationManagerWrapper).getApplication(eq(subject), anyString(), anyString());
}
Also used :
ClientContext(org.forgerock.services.context.ClientContext)
RealmContext(org.forgerock.openam.rest.RealmContext)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
Context(org.forgerock.services.context.Context)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
RealmContext(org.forgerock.openam.rest.RealmContext)
Matchers.anyString(org.mockito.Matchers.anyString)
Application(com.sun.identity.entitlement.Application)
Subject(javax.security.auth.Subject)
Test(org.testng.annotations.Test)
Example 52 with Application
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class ApplicationsResourceTest method updateInstanceShouldReturnConflictExceptionWhenApplicationNameAlreadyExists.
@Test(expectedExceptions = ConflictException.class)
public void updateInstanceShouldReturnConflictExceptionWhenApplicationNameAlreadyExists() throws EntitlementException, ResourceException {
//Given
SSOTokenContext subjectContext = mock(SSOTokenContext.class);
RealmContext realmContext = new RealmContext(subjectContext);
realmContext.setSubRealm("REALM", "REALM");
Context context = ClientContext.newInternalClientContext(realmContext);
String resourceId = "iPlanetAMWebAgentService";
UpdateRequest request = mock(UpdateRequest.class);
Subject subject = new Subject();
JsonValue content = mock(JsonValue.class);
Application application = mock(Application.class);
Application newApplication = mock(Application.class);
given(subjectContext.getCallerSubject()).willReturn(subject);
given(request.getContent()).willReturn(content);
given(applicationManagerWrapper.getApplication(subject, "/REALM", resourceId)).willReturn(application);
given(applicationManagerWrapper.getApplication(subject, "/REALM", "APP_NAME")).willReturn(application);
given(applicationWrapper.getName()).willReturn("APP_NAME");
given(applicationWrapper.getApplication()).willReturn(newApplication);
given(newApplication.getLastModifiedDate()).willReturn(1000L);
doThrow(EntitlementException.class).when(applicationWrapper).toJsonValue();
//When
Promise<ResourceResponse, ResourceException> result = applicationsResource.updateInstance(context, resourceId, request);
//Then
result.getOrThrowUninterruptibly();
}
Also used :
ClientContext(org.forgerock.services.context.ClientContext)
RealmContext(org.forgerock.openam.rest.RealmContext)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
Context(org.forgerock.services.context.Context)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
RealmContext(org.forgerock.openam.rest.RealmContext)
ResourceResponse(org.forgerock.json.resource.ResourceResponse)
UpdateRequest(org.forgerock.json.resource.UpdateRequest)
JsonValue(org.forgerock.json.JsonValue)
ResourceException(org.forgerock.json.resource.ResourceException)
Matchers.anyString(org.mockito.Matchers.anyString)
Application(com.sun.identity.entitlement.Application)
Subject(javax.security.auth.Subject)
Test(org.testng.annotations.Test)
Example 53 with Application
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class ApplicationsResourceTest method shouldThrowInternalErrorIfResourceWillNotSave.
@Test(expectedExceptions = InternalServerErrorException.class)
public void shouldThrowInternalErrorIfResourceWillNotSave() throws EntitlementException, ResourceException {
//given
SSOTokenContext mockSSOTokenContext = mock(SSOTokenContext.class);
RealmContext realmContext = new RealmContext(mockSSOTokenContext);
realmContext.setSubRealm("/", "/");
CreateRequest mockCreateRequest = mock(CreateRequest.class);
Subject subject = new Subject();
Application mockApplication = mock(Application.class);
given(mockSSOTokenContext.getCallerSubject()).willReturn(subject);
given(applicationWrapper.getApplication()).willReturn(mockApplication);
given(mockApplication.getName()).willReturn("newApplication");
doThrow(new EntitlementException(1)).when(applicationManagerWrapper).saveApplication(any(Subject.class), anyString(), any(Application.class));
//when
Promise<ResourceResponse, ResourceException> result = applicationsResource.createInstance(realmContext, mockCreateRequest);
//then
result.getOrThrowUninterruptibly();
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
RealmContext(org.forgerock.openam.rest.RealmContext)
ResourceResponse(org.forgerock.json.resource.ResourceResponse)
CreateRequest(org.forgerock.json.resource.CreateRequest)
ResourceException(org.forgerock.json.resource.ResourceException)
Application(com.sun.identity.entitlement.Application)
Subject(javax.security.auth.Subject)
Test(org.testng.annotations.Test)
Example 54 with Application
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class PolicyManager method validateResourceForPrefixE.
private boolean validateResourceForPrefixE(String realm, String serviceName, Set<String> resourcePrefixes, String resourceName) throws PolicyException, EntitlementException {
String realmName = LDAPUtils.isDN(realm) ? DNMapper.orgNameToRealmName(realm) : realm;
Application appl = ApplicationManager.getApplication(PolicyConstants.SUPER_ADMIN_SUBJECT, realmName, serviceName);
com.sun.identity.entitlement.interfaces.ResourceName resComp = appl.getResourceComparator();
resourceName = resComp.canonicalize(resourceName);
for (String prefix : resourcePrefixes) {
boolean interpretWildCard = true;
com.sun.identity.entitlement.ResourceMatch resMatch = resComp.compare(resourceName, resComp.canonicalize(prefix), interpretWildCard);
if (resMatch.equals(com.sun.identity.entitlement.ResourceMatch.SUPER_RESOURCE_MATCH) || resMatch.equals(com.sun.identity.entitlement.ResourceMatch.WILDCARD_MATCH) || resMatch.equals(com.sun.identity.entitlement.ResourceMatch.EXACT_MATCH)) {
return true;
}
}
return false;
}
Also used :
Application(com.sun.identity.entitlement.Application)
Example 55 with Application
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class PolicyRequestHandler method getPolicyEvaluator.
/**
* Provides an instance of a policy evaluator.
* <p/>
* It is understood that serviceName == serviceTypeName == applicationTypeName.
* <p/>
* First attempts to provide an evaluator based on a configured realm and application for the subject making
* the request. If the realm and application are present, then the application's type is retrieved and passed
* through as the serviceTypeName to the evaluator along with the realm and application name.
* <p/>
* If the application name does not exist then the logic falls back to the old behaviour whereby the
* applicationName is set to the serviceTypeName. This legacy behaviour assumes that an application exists with a
* name that maps to the passed serviceTypeName.
*
* @param appToken
* the SSO token of the requester
* @param serviceTypeName
* the service type name
* @param appAttributes
* the app attributes
*
* @return an policy evaluator
*
* @throws PolicyException
* should an error occur during the retrieval of an appropriate policy evaluator
*/
private PolicyEvaluator getPolicyEvaluator(final SSOToken appToken, final String serviceTypeName, final Map<String, Set<String>> appAttributes) throws PolicyException {
try {
final String realm = CollectionUtils.getFirstItem(appAttributes.get(EVALUATION_REALM), "/");
final String applicationName = CollectionUtils.getFirstItem(appAttributes.get(EVALUATION_APPLICATION), serviceTypeName);
final Subject appSubject = SubjectUtils.createSubject(appToken);
final Application application = ApplicationManager.getApplication(appSubject, realm, applicationName);
if (application == null) {
throw new PolicyException(EntitlementException.RES_BUNDLE_NAME, String.valueOf(EntitlementException.APP_RETRIEVAL_ERROR), new Object[] { realm }, null);
}
final String applicationTypeName = application.getApplicationType().getName();
final String key = realm + "-" + applicationTypeName + "-" + applicationName;
if (!policyEvaluators.containsKey(key)) {
synchronized (policyEvaluators) {
if (!policyEvaluators.containsKey(key)) {
policyEvaluators.put(key, new PolicyEvaluator(realm, applicationTypeName, applicationName));
}
}
}
return policyEvaluators.get(key);
} catch (SSOException | EntitlementException e) {
throw new PolicyException(ResBundleUtils.rbName, "unable_to_get_an_evaluator", null, e);
}
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
PolicyEvaluator(com.sun.identity.policy.PolicyEvaluator)
PolicyException(com.sun.identity.policy.PolicyException)
SSOException(com.iplanet.sso.SSOException)
Application(com.sun.identity.entitlement.Application)
Subject(javax.security.auth.Subject)
Aggregations
Application (com.sun.identity.entitlement.Application)65
EntitlementException (com.sun.identity.entitlement.EntitlementException)37
Subject (javax.security.auth.Subject)29
ResourceResponse (org.forgerock.json.resource.ResourceResponse)22
Test (org.testng.annotations.Test)22
HashSet (java.util.HashSet)20
JsonValue (org.forgerock.json.JsonValue)18
Set (java.util.Set)16
ResourceException (org.forgerock.json.resource.ResourceException)16
RealmContext (org.forgerock.openam.rest.RealmContext)16
SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)16
HashMap (java.util.HashMap)15
ClientContext (org.forgerock.services.context.ClientContext)13
Context (org.forgerock.services.context.Context)13
Matchers.anyString (org.mockito.Matchers.anyString)13
UpgradeException (org.forgerock.openam.upgrade.UpgradeException)10
UpdateRequest (org.forgerock.json.resource.UpdateRequest)9
ApplicationWrapper (org.forgerock.openam.entitlement.rest.wrappers.ApplicationWrapper)9
Map (java.util.Map)8
BadRequestException (org.forgerock.json.resource.BadRequestException)7
