Example 1 with OpenSSOGroupSubject
use of com.sun.identity.entitlement.opensso.OpenSSOGroupSubject in project OpenAM by OpenRock.
the class ApplicationPrivilegeBase method getSubjects.
protected Map<String, Set<String>> getSubjects(ApplicationPrivilege appPrivilege) {
Map<String, Set<String>> results = new HashMap<String, Set<String>>();
Set<SubjectImplementation> subjects = appPrivilege.getSubjects();
for (SubjectImplementation subject : subjects) {
String type = null;
String uuid = null;
if (subject instanceof OpenSSOUserSubject) {
type = PARAM_SUBJECT_USER;
uuid = ((OpenSSOUserSubject) subject).getID();
} else if (subject instanceof OpenSSOGroupSubject) {
type = PARAM_SUBJECT_GROUP;
uuid = ((OpenSSOGroupSubject) subject).getID();
}
if (type != null) {
Set<String> set = results.get(type);
if (set == null) {
set = new HashSet<String>();
results.put(type, set);
}
set.add(uuid);
}
}
return results;
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
OpenSSOGroupSubject(com.sun.identity.entitlement.opensso.OpenSSOGroupSubject)
OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject)
SubjectImplementation(com.sun.identity.entitlement.SubjectImplementation)
Example 2 with OpenSSOGroupSubject
use of com.sun.identity.entitlement.opensso.OpenSSOGroupSubject in project OpenAM by OpenRock.
the class TestGroupEvaluator method setup.
@BeforeClass
public void setup() throws Exception {
if (!migrated) {
return;
}
resourceTypeService = Mockito.mock(ResourceTypeService.class);
constraintValidator = Mockito.mock(ConstraintValidator.class);
applicationServiceFactory = Mockito.mock(ApplicationServiceFactory.class);
Application appl = new Application(APPL_NAME, ApplicationTypeManager.getAppplicationType(adminSubject, ApplicationTypeManager.URL_APPLICATION_TYPE_NAME));
// Test disabled, unable to fix model change
// Set<String> avaliableResources = new HashSet<String>();
// avaliableResources.add("http://www.testevaluator.com:80/*");
// appl.addResources(avaliableResources);
appl.setEntitlementCombiner(DenyOverride.class);
ApplicationManager.saveApplication(adminSubject, "/", appl);
PrivilegeManager pm = new PolicyPrivilegeManager(applicationServiceFactory, resourceTypeService, constraintValidator);
pm.initialize("/", adminSubject);
Map<String, Boolean> actions = new HashMap<String, Boolean>();
actions.put("GET", Boolean.TRUE);
Entitlement ent = new Entitlement(APPL_NAME, URL1, actions);
user1 = IdRepoUtils.createUser("/", USER1_NAME);
group1 = IdRepoUtils.createGroup("/", GROUP1_NAME);
group1.addMember(user1);
EntitlementSubject es1 = new OpenSSOGroupSubject(group1.getUniversalId());
Privilege privilege = Privilege.getNewInstance();
privilege.setName(PRIVILEGE1_NAME);
privilege.setEntitlement(ent);
privilege.setSubject(es1);
pm.add(privilege);
}
Also used :
HashMap(java.util.HashMap)
PolicyPrivilegeManager(com.sun.identity.entitlement.opensso.PolicyPrivilegeManager)
OpenSSOGroupSubject(com.sun.identity.entitlement.opensso.OpenSSOGroupSubject)
ApplicationServiceFactory(org.forgerock.openam.entitlement.service.ApplicationServiceFactory)
ResourceTypeService(org.forgerock.openam.entitlement.service.ResourceTypeService)
ConstraintValidator(org.forgerock.openam.entitlement.constraints.ConstraintValidator)
PolicyPrivilegeManager(com.sun.identity.entitlement.opensso.PolicyPrivilegeManager)
BeforeClass(org.testng.annotations.BeforeClass)
Example 3 with OpenSSOGroupSubject
use of com.sun.identity.entitlement.opensso.OpenSSOGroupSubject in project OpenAM by OpenRock.
the class ApplicationPrivilegeBase method getSubjects.
protected Set<SubjectImplementation> getSubjects(RequestContext rc) throws CLIException {
Set<SubjectImplementation> eSubjects = new HashSet<SubjectImplementation>();
boolean bUser = isUserSubject();
IdType idType = (bUser) ? IdType.USER : IdType.GROUP;
String realm = getStringOptionValue(IArgument.REALM_NAME);
List<String> subjects = rc.getOption(PARAM_SUBJECTS);
for (String s : subjects) {
// create AMIdentity just to get the uuid.
AMIdentity amid = new AMIdentity(null, s, idType, realm, null);
String universalId = amid.getUniversalId();
SubjectImplementation sbj = (bUser) ? new OpenSSOUserSubject(universalId) : new OpenSSOGroupSubject(universalId);
eSubjects.add(sbj);
}
return eSubjects;
}
Also used :
AMIdentity(com.sun.identity.idm.AMIdentity)
OpenSSOGroupSubject(com.sun.identity.entitlement.opensso.OpenSSOGroupSubject)
OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject)
SubjectImplementation(com.sun.identity.entitlement.SubjectImplementation)
HashSet(java.util.HashSet)
IdType(com.sun.identity.idm.IdType)
Aggregations
OpenSSOGroupSubject (com.sun.identity.entitlement.opensso.OpenSSOGroupSubject)3
SubjectImplementation (com.sun.identity.entitlement.SubjectImplementation)2
OpenSSOUserSubject (com.sun.identity.entitlement.opensso.OpenSSOUserSubject)2
HashMap (java.util.HashMap)2
HashSet (java.util.HashSet)2
PolicyPrivilegeManager (com.sun.identity.entitlement.opensso.PolicyPrivilegeManager)1
AMIdentity (com.sun.identity.idm.AMIdentity)1
IdType (com.sun.identity.idm.IdType)1
Set (java.util.Set)1
ConstraintValidator (org.forgerock.openam.entitlement.constraints.ConstraintValidator)1
ApplicationServiceFactory (org.forgerock.openam.entitlement.service.ApplicationServiceFactory)1
ResourceTypeService (org.forgerock.openam.entitlement.service.ResourceTypeService)1
BeforeClass (org.testng.annotations.BeforeClass)1
