Example 11 with Debug
use of com.sun.identity.shared.debug.Debug in project OpenAM by OpenRock.
the class ApplicationsResourceTest method setUp.
@BeforeMethod
public void setUp() {
debug = mock(Debug.class);
applicationManagerWrapper = mock(ApplicationManagerWrapper.class);
applicationTypeManagerWrapper = mock(ApplicationTypeManagerWrapper.class);
applicationWrapper = mock(ApplicationWrapper.class);
queryAttributes = new HashMap<String, QueryAttribute>();
queryAttributes.put(STRING_ATTRIBUTE, new QueryAttribute(AttributeType.STRING, new SearchAttribute(STRING_ATTRIBUTE, "ou")));
queryAttributes.put(NUMERIC_ATTRIBUTE, new QueryAttribute(AttributeType.NUMBER, new SearchAttribute(NUMERIC_ATTRIBUTE, "ou")));
queryAttributes.put(DATE_ATTRIBUTE, new QueryAttribute(AttributeType.TIMESTAMP, new SearchAttribute(DATE_ATTRIBUTE, "ou")));
applicationsResource = new ApplicationsResource(debug, applicationManagerWrapper, applicationTypeManagerWrapper, queryAttributes, resourceErrorHandler) {
@Override
protected ApplicationWrapper createApplicationWrapper(JsonValue jsonValue, Subject mySubject) throws EntitlementException {
return applicationWrapper;
}
};
}
Also used :
ApplicationTypeManagerWrapper(org.forgerock.openam.entitlement.rest.wrappers.ApplicationTypeManagerWrapper)
JsonValue(org.forgerock.json.JsonValue)
Matchers.anyString(org.mockito.Matchers.anyString)
ApplicationManagerWrapper(org.forgerock.openam.entitlement.rest.wrappers.ApplicationManagerWrapper)
Subject(javax.security.auth.Subject)
SearchAttribute(com.sun.identity.entitlement.util.SearchAttribute)
EntitlementException(com.sun.identity.entitlement.EntitlementException)
ApplicationWrapper(org.forgerock.openam.entitlement.rest.wrappers.ApplicationWrapper)
QueryAttribute(org.forgerock.openam.entitlement.rest.query.QueryAttribute)
Debug(com.sun.identity.shared.debug.Debug)
BeforeMethod(org.testng.annotations.BeforeMethod)
Example 12 with Debug
use of com.sun.identity.shared.debug.Debug in project OpenAM by OpenRock.
the class PrivilegeEvaluator method init.
/**
* Initializes the evaluator.
*
* @param adminSubject Administrator subject which is used fo evaluation.
* @param subject Subject to be evaluated.
* @param realm Realm Name
* @param applicationName Application Name.
* @param normalisedResourceName The normalised resource name.
* @param requestedResourceName The requested resource name.
* @param actions Action names.
* @param envParameters Environment parameters.
* @param recursive <code>true</code> for sub tree evaluation
* @throws com.sun.identity.entitlement.EntitlementException if
* initialization fails.
*/
private void init(Subject adminSubject, Subject subject, String realm, String applicationName, String normalisedResourceName, String requestedResourceName, Set<String> actions, Map<String, Set<String>> envParameters, boolean recursive) throws EntitlementException {
this.adminSubject = adminSubject;
this.subject = subject;
this.realm = realm;
this.applicationName = applicationName;
this.normalisedResourceName = normalisedResourceName;
this.requestedResourceName = requestedResourceName;
this.envParameters = envParameters;
this.actionNames = new HashSet<String>();
if (CollectionUtils.isNotEmpty(actions)) {
this.actionNames.addAll(actions);
}
Application appl = getApplication();
entitlementCombiner = appl.getEntitlementCombiner();
entitlementCombiner.init(realm, applicationName, normalisedResourceName, requestedResourceName, this.actionNames, recursive);
this.recursive = recursive;
if (PolicyConstants.DEBUG.messageEnabled()) {
Debug debug = PolicyConstants.DEBUG;
debug.message("[PolicyEval] PrivilegeEvaluator:init()");
debug.message("[PolicyEval] subject: " + getPrincipalId(subject));
debug.message("[PolicyEval] realm: " + realm);
debug.message("[PolicyEval] applicationName: " + applicationName);
debug.message("[PolicyEval] normalisedResourceName: " + this.normalisedResourceName);
debug.message("[PolicyEval] requestedResourceName: " + this.requestedResourceName);
debug.message("[PolicyEval] actions: " + actionNames);
if ((envParameters != null) && !envParameters.isEmpty()) {
debug.message("[PolicyEval] envParameters: " + envParameters.toString());
}
}
}
Also used :
Debug(com.sun.identity.shared.debug.Debug)
Example 13 with Debug
use of com.sun.identity.shared.debug.Debug in project OpenAM by OpenRock.
the class PrivilegeEvaluator method evaluate.
/**
* Responsible for the core evaluation of policies associated with the request resource.
*
* @param realm
* the evaluation realm
*
* @return a list of applicable entitlements
*
* @throws EntitlementException
*/
private List<Entitlement> evaluate(String realm) throws EntitlementException {
final Debug debug = PolicyConstants.DEBUG;
// Search for relevant policies.
final SubjectAttributesManager sam = SubjectAttributesManager.getInstance(adminSubject, realm);
final Set<String> subjectIndexes = sam.getSubjectSearchFilter(subject, applicationName);
final PrivilegeIndexStore indexStore = PrivilegeIndexStore.getInstance(adminSubject, realm);
final Iterator<IPrivilege> policyIterator = indexStore.search(realm, indexes, subjectIndexes, recursive);
int totalCount = 0;
IPrivilege policy;
// First collect policies to be evaluated locally.
final Set<IPrivilege> localBatch = new HashSet<IPrivilege>(2 * TASKS_PER_THREAD);
while (totalCount < TASKS_PER_THREAD && policyIterator.hasNext()) {
policy = policyIterator.next();
if (policy instanceof ReferralPrivilege) {
// We want to ignore referrals - deprecated.
continue;
}
if (debug.messageEnabled()) {
debug.message("[PolicyEval] PolicyEvaluator.evaluate");
debug.message("[PolicyEval] search result: privilege=" + policy.getName());
}
localBatch.add(policy);
totalCount++;
}
// Define an evaluation context.
final PrivilegeEvaluatorContext context = new PrivilegeEvaluatorContext(realm, normalisedResourceName, applicationName);
final Object appToken = AppTokenHandler.getAndClear();
// Submit additional policies to be executed by worker threads.
final Set<IPrivilege> threadBatch = new HashSet<IPrivilege>(2 * TASKS_PER_THREAD);
boolean tasksSubmitted = false;
while (policyIterator.hasNext()) {
tasksSubmitted = true;
policy = policyIterator.next();
if (policy instanceof ReferralPrivilege) {
// We want to ignore referrals - deprecated.
continue;
}
if (debug.messageEnabled()) {
debug.message("[PolicyEval] PolicyEvaluator.evaluate");
debug.message("[PolicyEval] search result: privilege=" + policy.getName());
}
threadBatch.add(policy);
totalCount++;
if (threadBatch.size() == TASKS_PER_THREAD) {
final Set<IPrivilege> copiedBatch = new HashSet<IPrivilege>(threadBatch);
threadPool.submit(new PrivilegeTask(this, copiedBatch, isMultiThreaded, appToken, context));
threadBatch.clear();
}
}
if (!threadBatch.isEmpty()) {
// Submit any remaining policies.
threadPool.submit(new PrivilegeTask(this, threadBatch, isMultiThreaded, appToken, context));
}
// Submit the local policies.
final Runnable localTask = new PrivilegeTask(this, localBatch, tasksSubmitted, appToken, context);
localTask.run();
// Wait for submitted threads to complete evaluation.
if (tasksSubmitted) {
if (isMultiThreaded) {
receiveEvalResults(totalCount);
} else {
boolean isDone = false;
while (!resultQ.isEmpty() && !isDone) {
entitlementCombiner.add(resultQ.remove(0));
isDone = entitlementCombiner.isDone();
}
}
} else if (eException == null) {
boolean isDone = false;
while (!resultQ.isEmpty() && !isDone) {
entitlementCombiner.add(resultQ.remove(0));
isDone = entitlementCombiner.isDone();
}
}
if (eException != null) {
// Throw caught exception.
throw eException;
}
return entitlementCombiner.getResults();
}
Also used :
PrivilegeEvaluatorContext(org.forgerock.openam.entitlement.PrivilegeEvaluatorContext)
Debug(com.sun.identity.shared.debug.Debug)
HashSet(java.util.HashSet)
Example 14 with Debug
use of com.sun.identity.shared.debug.Debug in project OpenAM by OpenRock.
the class AuthLevelConditionTest method setUp.
@BeforeMethod
public void setUp() {
Debug debug = mock(Debug.class);
coreWrapper = mock(CoreWrapper.class);
condition = new AuthLevelCondition(debug, coreWrapper);
}
Also used :
CoreWrapper(org.forgerock.openam.core.CoreWrapper)
Debug(com.sun.identity.shared.debug.Debug)
BeforeMethod(org.testng.annotations.BeforeMethod)
Example 15 with Debug
use of com.sun.identity.shared.debug.Debug in project OpenAM by OpenRock.
the class LdapSearchHandlerTest method setUp.
@BeforeMethod
public void setUp() throws Exception {
mockConnection = mock(Connection.class);
mockRequest = mock(SearchRequest.class);
debug = mock(Debug.class);
handler = new LdapSearchHandler(new CTSDataLayerConfiguration("ou=test-case"), debug);
}
Also used :
SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest)
Connection(org.forgerock.opendj.ldap.Connection)
LdapSearchHandler(org.forgerock.openam.sm.datalayer.impl.ldap.LdapSearchHandler)
Debug(com.sun.identity.shared.debug.Debug)
CTSDataLayerConfiguration(org.forgerock.openam.cts.impl.CTSDataLayerConfiguration)
BeforeMethod(org.testng.annotations.BeforeMethod)
Aggregations
Debug (com.sun.identity.shared.debug.Debug)50
BeforeMethod (org.testng.annotations.BeforeMethod)15
IOException (java.io.IOException)14
ByteString (org.forgerock.opendj.ldap.ByteString)10
FileNotFoundException (java.io.FileNotFoundException)8
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)7
HashSet (java.util.HashSet)6
LdapException (org.forgerock.opendj.ldap.LdapException)6
BufferedReader (java.io.BufferedReader)5
File (java.io.File)5
Subject (javax.security.auth.Subject)5
CoreWrapper (org.forgerock.openam.core.CoreWrapper)5
Test (org.testng.annotations.Test)5
StringReader (java.io.StringReader)4
UnsupportedEncodingException (java.io.UnsupportedEncodingException)4
SSOToken (com.iplanet.sso.SSOToken)3
ByteArrayOutputStream (java.io.ByteArrayOutputStream)3
ArrayList (java.util.ArrayList)3
ZipFile (java.util.zip.ZipFile)3
