Example 6 with OpenSSOUserSubject
use of com.sun.identity.entitlement.opensso.OpenSSOUserSubject in project OpenAM by OpenRock.
the class PrivilegeManagerTest method createPrivilege.
private Privilege createPrivilege() throws EntitlementException {
Map<String, Boolean> actionValues = new HashMap<String, Boolean>();
actionValues.put("GET", Boolean.TRUE);
actionValues.put("POST", Boolean.FALSE);
String resourceName = "http://www.privilegemanagertest.com:80";
Entitlement entitlement = new Entitlement(APPL_NAME, resourceName, actionValues);
entitlement.setName("ent1");
String user11 = "id=user11,ou=user," + ServiceManager.getBaseDN();
String user12 = "id=user12,ou=user," + ServiceManager.getBaseDN();
ua1 = new OpenSSOUserSubject();
ua1.setID(user11);
ua2 = new OpenSSOUserSubject();
ua2.setID(user12);
Set<EntitlementSubject> subjects = new HashSet<EntitlementSubject>();
subjects.add(ua1);
subjects.add(ua2);
OrSubject os = new OrSubject(subjects);
IPv4Condition ipc = new IPv4Condition();
ipc.setStartIpAndEndIp(startIp, endIp);
SimpleTimeCondition tc = new SimpleTimeCondition();
tc.setStartTime("08:00");
tc.setEndTime("16:00");
tc.setStartDay("mon");
tc.setEndDay("fri");
Set<EntitlementCondition> conditions = new HashSet<EntitlementCondition>();
conditions.add(tc);
StaticAttributes sa1 = new StaticAttributes();
Set<String> aValues = new HashSet<String>();
aValues.add("a10");
aValues.add("a20");
sa1.setPropertyName("a");
sa1.setPropertyValues(aValues);
sa1.setPResponseProviderName("sa");
StaticAttributes sa2 = new StaticAttributes();
Set<String> bValues = new HashSet<String>();
bValues.add("b10");
bValues.add("b20");
sa2.setPropertyName("b");
sa2.setPropertyValues(bValues);
sa2.setPResponseProviderName("sa");
UserAttributes uat1 = new UserAttributes();
uat1.setPropertyName("email");
uat1.setPResponseProviderName("ua");
UserAttributes uat2 = new UserAttributes();
uat2.setPropertyName("uid");
uat2.setPResponseProviderName("ua");
Set<ResourceAttribute> ra = new HashSet<ResourceAttribute>();
ra.add(sa1);
ra.add(sa2);
ra.add(uat1);
ra.add(uat2);
Privilege priv = Privilege.getNewInstance();
priv.setName(PRIVILEGE_NAME);
priv.setEntitlement(entitlement);
priv.setSubject(os);
priv.setCondition(ipc);
priv.setResourceAttributes(ra);
priv.setDescription(PRIVILEGE_DESC);
return priv;
}
Also used :
HashMap(java.util.HashMap)
SimpleTimeCondition(org.forgerock.openam.entitlement.conditions.environment.SimpleTimeCondition)
IPv4Condition(org.forgerock.openam.entitlement.conditions.environment.IPv4Condition)
OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject)
HashSet(java.util.HashSet)
Example 7 with OpenSSOUserSubject
use of com.sun.identity.entitlement.opensso.OpenSSOUserSubject in project OpenAM by OpenRock.
the class DelegationIsAllowedSubResourceTest method createDelegationPrivilege.
private void createDelegationPrivilege() throws SMSException, EntitlementException, SSOException, IdRepoException, InterruptedException {
ApplicationPrivilege ap = new ApplicationPrivilege(DELEGATE_PRIVILEGE_NAME);
OpenSSOUserSubject sbj = new OpenSSOUserSubject();
sbj.setID(user1.getUniversalId());
Set<SubjectImplementation> subjects = new HashSet<SubjectImplementation>();
subjects.add(sbj);
ap.setSubject(subjects);
Map<String, Set<String>> appRes = new HashMap<String, Set<String>>();
Set<String> res = new HashSet<String>();
appRes.put(APPL_NAME, res);
res.add(DELEGATED_RESOURCE);
ap.setApplicationResources(appRes);
ap.setActionValues(ApplicationPrivilege.PossibleAction.READ);
ApplicationPrivilegeManager apm = ApplicationPrivilegeManager.getInstance("/", adminSubject);
apm.addPrivilege(ap);
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject)
HashSet(java.util.HashSet)
Example 8 with OpenSSOUserSubject
use of com.sun.identity.entitlement.opensso.OpenSSOUserSubject in project OpenAM by OpenRock.
the class DelegationPrivilegeIdRepoAccessTest method addUserToPrivilege.
private void addUserToPrivilege() throws EntitlementException {
ApplicationPrivilegeManager mgr = ApplicationPrivilegeManager.getInstance(SUB_REALM, PrivilegeManager.superAdminSubject);
ApplicationPrivilege ap = mgr.getPrivilege(DELEGATE_PRIVILEGE_NAME);
Set<SubjectImplementation> eSubjects = new HashSet<SubjectImplementation>();
OpenSSOUserSubject sbj = new OpenSSOUserSubject();
sbj.setID(delegatedUser.getUniversalId());
eSubjects.add(sbj);
OpenSSOUserSubject sbj1 = new OpenSSOUserSubject();
sbj1.setID(delegatedUser1.getUniversalId());
eSubjects.add(sbj1);
ap.setSubject(eSubjects);
mgr.replacePrivilege(ap);
}
Also used :
OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject)
HashSet(java.util.HashSet)
Example 9 with OpenSSOUserSubject
use of com.sun.identity.entitlement.opensso.OpenSSOUserSubject in project OpenAM by OpenRock.
the class DelegationPrivilegeSubResourceTest method createDelegationPrivilege.
private void createDelegationPrivilege(String dpName, String uuid, String resource, ApplicationPrivilege.PossibleAction actions) throws SMSException, EntitlementException, SSOException, IdRepoException, InterruptedException {
ApplicationPrivilege ap = new ApplicationPrivilege(dpName);
OpenSSOUserSubject sbj = new OpenSSOUserSubject();
sbj.setID(uuid);
Set<SubjectImplementation> subjects = new HashSet<SubjectImplementation>();
subjects.add(sbj);
ap.setSubject(subjects);
Map<String, Set<String>> appRes = new HashMap<String, Set<String>>();
Set<String> res = new HashSet<String>();
appRes.put(ApplicationTypeManager.URL_APPLICATION_TYPE_NAME, res);
res.add(resource);
ap.setApplicationResources(appRes);
ap.setActionValues(actions);
ApplicationPrivilegeManager apm = ApplicationPrivilegeManager.getInstance("/", adminSubject);
apm.addPrivilege(ap);
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject)
HashSet(java.util.HashSet)
Example 10 with OpenSSOUserSubject
use of com.sun.identity.entitlement.opensso.OpenSSOUserSubject in project OpenAM by OpenRock.
the class DelegationPrivilegeTest method testAdd.
@Test
public void testAdd() throws Exception {
ApplicationPrivilegeManager mgr = ApplicationPrivilegeManager.getInstance(realm, SubjectUtils.createSubject(adminToken));
ApplicationPrivilege ap = new ApplicationPrivilege(testParams.get("DELEGATE_PRIVILEGE_NAME"));
OpenSSOUserSubject sbj = new OpenSSOUserSubject();
sbj.setID(delegatedUser.getUniversalId());
Set<SubjectImplementation> subjects = new HashSet<SubjectImplementation>();
subjects.add(sbj);
ap.setSubject(subjects);
String delResource = testParams.get("DELEGATED_RESOURCE");
Map<String, Set<String>> appRes = new HashMap<String, Set<String>>();
Set<String> res = new HashSet<String>();
appRes.put(ApplicationTypeManager.URL_APPLICATION_TYPE_NAME, res);
res.add(delResource);
ap.setApplicationResources(appRes);
ap.setActionValues(ApplicationPrivilege.PossibleAction.READ_MODIFY_DELEGATE);
mgr.addPrivilege(ap);
Application app = ApplicationManager.getApplication(PrivilegeManager.superAdminSubject, realm, ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
// Test disabled, unable to fix model change.
// if (app.getResources().contains(delResource)) {
// throw new Exception("DelegationPrivilegeTest.testAdd:" +
// "application resources should not have delegated resource");
// }
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject)
HashSet(java.util.HashSet)
Test(org.testng.annotations.Test)
AfterTest(org.testng.annotations.AfterTest)
BeforeTest(org.testng.annotations.BeforeTest)
Aggregations
OpenSSOUserSubject (com.sun.identity.entitlement.opensso.OpenSSOUserSubject)22
HashMap (java.util.HashMap)19
HashSet (java.util.HashSet)17
Set (java.util.Set)11
Entitlement (com.sun.identity.entitlement.Entitlement)4
Privilege (com.sun.identity.entitlement.Privilege)4
IPv4Condition (org.forgerock.openam.entitlement.conditions.environment.IPv4Condition)4
SubjectImplementation (com.sun.identity.entitlement.SubjectImplementation)3
UserSubject (com.sun.identity.entitlement.UserSubject)3
Test (org.testng.annotations.Test)3
SSOException (com.iplanet.sso.SSOException)2
AndCondition (com.sun.identity.entitlement.AndCondition)2
EntitlementCondition (com.sun.identity.entitlement.EntitlementCondition)2
EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)2
OrSubject (com.sun.identity.entitlement.OrSubject)2
ResourceAttribute (com.sun.identity.entitlement.ResourceAttribute)2
StaticAttributes (com.sun.identity.entitlement.StaticAttributes)2
UserAttributes (com.sun.identity.entitlement.UserAttributes)2
OpenSSOGroupSubject (com.sun.identity.entitlement.opensso.OpenSSOGroupSubject)2
AMIdentity (com.sun.identity.idm.AMIdentity)2
