use of com.sun.identity.shared.debug.Debug in project OpenAM by OpenRock.
the class ApplicationsResourceTest method setUp.
@BeforeMethod
public void setUp() {
debug = mock(Debug.class);
applicationManagerWrapper = mock(ApplicationManagerWrapper.class);
applicationTypeManagerWrapper = mock(ApplicationTypeManagerWrapper.class);
applicationWrapper = mock(ApplicationWrapper.class);
queryAttributes = new HashMap<String, QueryAttribute>();
queryAttributes.put(STRING_ATTRIBUTE, new QueryAttribute(AttributeType.STRING, new SearchAttribute(STRING_ATTRIBUTE, "ou")));
queryAttributes.put(NUMERIC_ATTRIBUTE, new QueryAttribute(AttributeType.NUMBER, new SearchAttribute(NUMERIC_ATTRIBUTE, "ou")));
queryAttributes.put(DATE_ATTRIBUTE, new QueryAttribute(AttributeType.TIMESTAMP, new SearchAttribute(DATE_ATTRIBUTE, "ou")));
applicationsResource = new ApplicationsResource(debug, applicationManagerWrapper, applicationTypeManagerWrapper, queryAttributes, resourceErrorHandler) {
@Override
protected ApplicationWrapper createApplicationWrapper(JsonValue jsonValue, Subject mySubject) throws EntitlementException {
return applicationWrapper;
}
};
}
use of com.sun.identity.shared.debug.Debug in project OpenAM by OpenRock.
the class PrivilegeEvaluator method init.
/**
* Initializes the evaluator.
*
* @param adminSubject Administrator subject which is used fo evaluation.
* @param subject Subject to be evaluated.
* @param realm Realm Name
* @param applicationName Application Name.
* @param normalisedResourceName The normalised resource name.
* @param requestedResourceName The requested resource name.
* @param actions Action names.
* @param envParameters Environment parameters.
* @param recursive <code>true</code> for sub tree evaluation
* @throws com.sun.identity.entitlement.EntitlementException if
* initialization fails.
*/
private void init(Subject adminSubject, Subject subject, String realm, String applicationName, String normalisedResourceName, String requestedResourceName, Set<String> actions, Map<String, Set<String>> envParameters, boolean recursive) throws EntitlementException {
this.adminSubject = adminSubject;
this.subject = subject;
this.realm = realm;
this.applicationName = applicationName;
this.normalisedResourceName = normalisedResourceName;
this.requestedResourceName = requestedResourceName;
this.envParameters = envParameters;
this.actionNames = new HashSet<String>();
if (CollectionUtils.isNotEmpty(actions)) {
this.actionNames.addAll(actions);
}
Application appl = getApplication();
entitlementCombiner = appl.getEntitlementCombiner();
entitlementCombiner.init(realm, applicationName, normalisedResourceName, requestedResourceName, this.actionNames, recursive);
this.recursive = recursive;
if (PolicyConstants.DEBUG.messageEnabled()) {
Debug debug = PolicyConstants.DEBUG;
debug.message("[PolicyEval] PrivilegeEvaluator:init()");
debug.message("[PolicyEval] subject: " + getPrincipalId(subject));
debug.message("[PolicyEval] realm: " + realm);
debug.message("[PolicyEval] applicationName: " + applicationName);
debug.message("[PolicyEval] normalisedResourceName: " + this.normalisedResourceName);
debug.message("[PolicyEval] requestedResourceName: " + this.requestedResourceName);
debug.message("[PolicyEval] actions: " + actionNames);
if ((envParameters != null) && !envParameters.isEmpty()) {
debug.message("[PolicyEval] envParameters: " + envParameters.toString());
}
}
}
use of com.sun.identity.shared.debug.Debug in project OpenAM by OpenRock.
the class PrivilegeEvaluator method evaluate.
/**
* Responsible for the core evaluation of policies associated with the request resource.
*
* @param realm
* the evaluation realm
*
* @return a list of applicable entitlements
*
* @throws EntitlementException
*/
private List<Entitlement> evaluate(String realm) throws EntitlementException {
final Debug debug = PolicyConstants.DEBUG;
// Search for relevant policies.
final SubjectAttributesManager sam = SubjectAttributesManager.getInstance(adminSubject, realm);
final Set<String> subjectIndexes = sam.getSubjectSearchFilter(subject, applicationName);
final PrivilegeIndexStore indexStore = PrivilegeIndexStore.getInstance(adminSubject, realm);
final Iterator<IPrivilege> policyIterator = indexStore.search(realm, indexes, subjectIndexes, recursive);
int totalCount = 0;
IPrivilege policy;
// First collect policies to be evaluated locally.
final Set<IPrivilege> localBatch = new HashSet<IPrivilege>(2 * TASKS_PER_THREAD);
while (totalCount < TASKS_PER_THREAD && policyIterator.hasNext()) {
policy = policyIterator.next();
if (policy instanceof ReferralPrivilege) {
// We want to ignore referrals - deprecated.
continue;
}
if (debug.messageEnabled()) {
debug.message("[PolicyEval] PolicyEvaluator.evaluate");
debug.message("[PolicyEval] search result: privilege=" + policy.getName());
}
localBatch.add(policy);
totalCount++;
}
// Define an evaluation context.
final PrivilegeEvaluatorContext context = new PrivilegeEvaluatorContext(realm, normalisedResourceName, applicationName);
final Object appToken = AppTokenHandler.getAndClear();
// Submit additional policies to be executed by worker threads.
final Set<IPrivilege> threadBatch = new HashSet<IPrivilege>(2 * TASKS_PER_THREAD);
boolean tasksSubmitted = false;
while (policyIterator.hasNext()) {
tasksSubmitted = true;
policy = policyIterator.next();
if (policy instanceof ReferralPrivilege) {
// We want to ignore referrals - deprecated.
continue;
}
if (debug.messageEnabled()) {
debug.message("[PolicyEval] PolicyEvaluator.evaluate");
debug.message("[PolicyEval] search result: privilege=" + policy.getName());
}
threadBatch.add(policy);
totalCount++;
if (threadBatch.size() == TASKS_PER_THREAD) {
final Set<IPrivilege> copiedBatch = new HashSet<IPrivilege>(threadBatch);
threadPool.submit(new PrivilegeTask(this, copiedBatch, isMultiThreaded, appToken, context));
threadBatch.clear();
}
}
if (!threadBatch.isEmpty()) {
// Submit any remaining policies.
threadPool.submit(new PrivilegeTask(this, threadBatch, isMultiThreaded, appToken, context));
}
// Submit the local policies.
final Runnable localTask = new PrivilegeTask(this, localBatch, tasksSubmitted, appToken, context);
localTask.run();
// Wait for submitted threads to complete evaluation.
if (tasksSubmitted) {
if (isMultiThreaded) {
receiveEvalResults(totalCount);
} else {
boolean isDone = false;
while (!resultQ.isEmpty() && !isDone) {
entitlementCombiner.add(resultQ.remove(0));
isDone = entitlementCombiner.isDone();
}
}
} else if (eException == null) {
boolean isDone = false;
while (!resultQ.isEmpty() && !isDone) {
entitlementCombiner.add(resultQ.remove(0));
isDone = entitlementCombiner.isDone();
}
}
if (eException != null) {
// Throw caught exception.
throw eException;
}
return entitlementCombiner.getResults();
}
use of com.sun.identity.shared.debug.Debug in project OpenAM by OpenRock.
the class AuthLevelConditionTest method setUp.
@BeforeMethod
public void setUp() {
Debug debug = mock(Debug.class);
coreWrapper = mock(CoreWrapper.class);
condition = new AuthLevelCondition(debug, coreWrapper);
}
use of com.sun.identity.shared.debug.Debug in project OpenAM by OpenRock.
the class LdapSearchHandlerTest method setUp.
@BeforeMethod
public void setUp() throws Exception {
mockConnection = mock(Connection.class);
mockRequest = mock(SearchRequest.class);
debug = mock(Debug.class);
handler = new LdapSearchHandler(new CTSDataLayerConfiguration("ou=test-case"), debug);
}
Aggregations