Example 6 with ResourceSearchIndexes
use of com.sun.identity.entitlement.ResourceSearchIndexes in project OpenAM by OpenRock.
the class ResourceNameSplitter method getIndexes.
/**
* Returns the different components on a resource that can be
* used to search for policies.
*
* @param resName Resource name.
* @param realm Current realm to be searched.
* @return the different components on a resource.
*/
public ResourceSearchIndexes getIndexes(String resName, String realm) {
try {
RelaxedURL url = new RelaxedURL(resName);
Set<String> hostIndexes = splitHost(url);
Set<String> pathIndexes = splitPath(url);
String path = url.getPath();
if (path.length() == 0) {
path = "/";
}
Set<String> parentPath = new HashSet<String>();
parentPath.add(path);
return new ResourceSearchIndexes(hostIndexes, pathIndexes, parentPath);
} catch (MalformedURLException e) {
Set<String> setHost = new HashSet<String>();
setHost.add(".");
if (!resName.startsWith("/")) {
resName = "/" + resName;
}
Set<String> setPath = splitPath(resName);
Set<String> parentPath = new HashSet<String>();
parentPath.add(resName);
return new ResourceSearchIndexes(setHost, setPath, parentPath);
}
}
Also used :
MalformedURLException(java.net.MalformedURLException)
HashSet(java.util.HashSet)
Set(java.util.Set)
ResourceSearchIndexes(com.sun.identity.entitlement.ResourceSearchIndexes)
HashSet(java.util.HashSet)
Example 7 with ResourceSearchIndexes
use of com.sun.identity.entitlement.ResourceSearchIndexes in project OpenAM by OpenRock.
the class TreeSearchIndexTest method simpleScenario.
/**
* Tests a simple straight through scenario, where a normalised URL is passed to the search index implementation.
*/
@Test
public void simpleScenario() throws Exception {
// Record that the indexes set should be returned when given the test url.
Set<String> indexes = new HashSet<String>();
indexes.add("some-test-index-1");
indexes.add("some-test-index-2");
when(treeService.searchTree("http://www.test.com:80/", "/test-realm")).thenReturn(indexes);
// Execute the actual evaluation.
ResourceSearchIndexes result = searchIndex.getIndexes("http://www.test.com:80/", "/test-realm");
// Verify the test results
assertEquals(asSet("://", "://.com", "://www.test.com", "://.test.com"), result.getHostIndexes());
assertEquals(indexes, result.getPathIndexes());
assertEquals(asSet("/"), result.getParentPathIndexes());
// Verify the use of the mock object.
verify(treeService).searchTree("http://www.test.com:80/", "/test-realm");
}
Also used :
ResourceSearchIndexes(com.sun.identity.entitlement.ResourceSearchIndexes)
HashSet(java.util.HashSet)
Test(org.testng.annotations.Test)
Example 8 with ResourceSearchIndexes
use of com.sun.identity.entitlement.ResourceSearchIndexes in project OpenAM by OpenRock.
the class OpenSSOApplicationPrivilegeManager method getSubResourceRelatedPrivileges.
private void getSubResourceRelatedPrivileges() throws EntitlementException {
if (!bPolicyAdmin) {
Set<String> applNames = new HashSet<String>();
applNames.addAll(readables.getApplications());
applNames.addAll(modifiables.getApplications());
applNames.addAll(delegatables.getApplications());
if (!applNames.isEmpty()) {
Set<String> hostIndex = new HashSet<String>();
hostIndex.add("://" + DNMapper.orgNameToDN(realm));
Set<String> pathParentIndexes = new HashSet<String>();
for (String applName : applNames) {
pathParentIndexes.add(RESOURCE_PREFIX + "/" + applName);
}
ResourceSearchIndexes rIndex = new ResourceSearchIndexes(hostIndex, null, pathParentIndexes);
OpenSSOIndexStore db = new OpenSSOIndexStore(dsameUserSubject, getHiddenRealmDN());
Iterator<IPrivilege> results = db.search("/", rIndex, Collections.EMPTY_SET, true, false);
while (results.hasNext()) {
Privilege p = (Privilege) results.next();
delegatables.evaluate(p, true);
modifiables.evaluate(p, true);
readables.evaluate(p, true);
}
}
}
}
Also used :
IPrivilege(com.sun.identity.entitlement.IPrivilege)
ResourceSearchIndexes(com.sun.identity.entitlement.ResourceSearchIndexes)
ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege)
IPrivilege(com.sun.identity.entitlement.IPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
HashSet(java.util.HashSet)
Example 9 with ResourceSearchIndexes
use of com.sun.identity.entitlement.ResourceSearchIndexes in project OpenAM by OpenRock.
the class OpenSSOApplicationPrivilegeManager method getPrivileges.
static Iterator<IPrivilege> getPrivileges(String realm) throws EntitlementException {
Set<String> hostIndex = new HashSet<String>();
hostIndex.add("://" + DNMapper.orgNameToDN(realm));
Set<String> pathParentIndex = new HashSet<String>();
pathParentIndex.add(RESOURCE_PREFIX);
ResourceSearchIndexes rIndex = new ResourceSearchIndexes(hostIndex, null, pathParentIndex);
Set<String> subjectIndex = Collections.EMPTY_SET;
SSOToken adminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
Subject dsameUserSubject = SubjectUtils.createSubject(adminToken);
OpenSSOIndexStore db = new OpenSSOIndexStore(dsameUserSubject, getHiddenRealmDN());
return db.search("/", rIndex, subjectIndex, true, false);
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
ResourceSearchIndexes(com.sun.identity.entitlement.ResourceSearchIndexes)
EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject)
Subject(javax.security.auth.Subject)
OrSubject(com.sun.identity.entitlement.OrSubject)
HashSet(java.util.HashSet)
Example 10 with ResourceSearchIndexes
use of com.sun.identity.entitlement.ResourceSearchIndexes in project OpenAM by OpenRock.
the class OpenSSOApplicationPrivilegeManager method getPrivileges.
private void getPrivileges() throws EntitlementException {
Set<String> hostIndex = new HashSet<String>();
hostIndex.add("://" + DNMapper.orgNameToDN(realm));
Set<String> pathParentIndex = new HashSet<String>();
pathParentIndex.add(RESOURCE_PREFIX);
ResourceSearchIndexes rIndex = new ResourceSearchIndexes(hostIndex, null, pathParentIndex);
SubjectAttributesManager sam = SubjectAttributesManager.getInstance(dsameUserSubject);
Set<String> subjectIndex = (bPolicyAdmin) ? Collections.EMPTY_SET : sam.getSubjectSearchFilter(caller, APPL_NAME);
OpenSSOIndexStore db = new OpenSSOIndexStore(dsameUserSubject, getHiddenRealmDN());
Iterator<IPrivilege> results = db.search("/", rIndex, subjectIndex, true, false);
while (results.hasNext()) {
Privilege p = (Privilege) results.next();
if (bPolicyAdmin || doesSubjectMatch(p, resourcePrefix)) {
delegatables.evaluate(p);
modifiables.evaluate(p);
readables.evaluate(p);
}
}
}
Also used :
SubjectAttributesManager(com.sun.identity.entitlement.SubjectAttributesManager)
IPrivilege(com.sun.identity.entitlement.IPrivilege)
ResourceSearchIndexes(com.sun.identity.entitlement.ResourceSearchIndexes)
ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege)
IPrivilege(com.sun.identity.entitlement.IPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
HashSet(java.util.HashSet)
Aggregations
ResourceSearchIndexes (com.sun.identity.entitlement.ResourceSearchIndexes)11
HashSet (java.util.HashSet)9
Test (org.testng.annotations.Test)5
IPrivilege (com.sun.identity.entitlement.IPrivilege)3
Privilege (com.sun.identity.entitlement.Privilege)3
Set (java.util.Set)3
SSOToken (com.iplanet.sso.SSOToken)2
ApplicationPrivilege (com.sun.identity.entitlement.ApplicationPrivilege)2
ReferralPrivilege (com.sun.identity.entitlement.ReferralPrivilege)2
SSOException (com.iplanet.sso.SSOException)1
EntitlementException (com.sun.identity.entitlement.EntitlementException)1
EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)1
OrSubject (com.sun.identity.entitlement.OrSubject)1
PrivilegeIndexStore (com.sun.identity.entitlement.PrivilegeIndexStore)1
SubjectAttributesManager (com.sun.identity.entitlement.SubjectAttributesManager)1
MalformedURLException (java.net.MalformedURLException)1
ArrayList (java.util.ArrayList)1
Matcher (java.util.regex.Matcher)1
Subject (javax.security.auth.Subject)1
DN (org.forgerock.opendj.ldap.DN)1
