⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 distestnew.java

📁 一个完整的XACML工程,学习XACML技术的好例子!
💻 JAVA
📖 第 1 页 / 共 5 页
字号:
🔍
12345 
/*
 * Copyright (c) 2000-2005, University of Salford
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * Redistributions of source code must retain the above copyright notice, this
 * list of conditions and the following disclaimer.
 *
 * Redistributions in binary form must reproduce the above copyright notice,
 * this list of conditions and the following disclaimer in the documentation
 * and/or other materials provided with the distribution.
 *
 * Neither the name of the University of Salford nor the names of its
 * contributors may be used to endorse or promote products derived from this
 * software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

/*
* Copyright (c) 2006, University of Kent
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without 
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this 
* list of conditions and the following disclaimer.
* 
* Redistributions in binary form must reproduce the above copyright notice, 
* this list of conditions and the following disclaimer in the documentation 
* and/or other materials provided with the distribution. 
*
* 1. Neither the name of the University of Kent nor the names of its 
* contributors may be used to endorse or promote products derived from this 
* software without specific prior written permission. 
*
* 2. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS  
* IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
* PURPOSE ARE DISCLAIMED. 
*
* 3. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
* POSSIBILITY OF SUCH DAMAGE.
*
* 4. YOU AGREE THAT THE EXCLUSIONS IN PARAGRAPHS 2 AND 3 ABOVE ARE REASONABLE
* IN THE CIRCUMSTANCES.  IN PARTICULAR, YOU ACKNOWLEDGE (1) THAT THIS
* SOFTWARE HAS BEEN MADE AVAILABLE TO YOU FREE OF CHARGE, (2) THAT THIS
* SOFTWARE IS NOT "PRODUCT" QUALITY, BUT HAS BEEN PRODUCED BY A RESEARCH
* GROUP WHO DESIRE TO MAKE THIS SOFTWARE FREELY AVAILABLE TO PEOPLE WHO WISH
* TO USE IT, AND (3) THAT BECAUSE THIS SOFTWARE IS NOT OF "PRODUCT" QUALITY
* IT IS INEVITABLE THAT THERE WILL BE BUGS AND ERRORS, AND POSSIBLY MORE
* SERIOUS FAULTS, IN THIS SOFTWARE.
*
* 5. This license is governed, except to the extent that local laws
* necessarily apply, by the laws of England and Wales.
*/


package issrg.test.ds;

/*
 * UserSide.java
 *
 * Created on April 5, 2005, 3:53 PM
 */

import issrg.aef.SamplePKI;
import issrg.pba.rbac.LDAPDNPrincipal;
import issrg.pba.rbac.policies.*;
import issrg.pba.repository.*;
import java.util.Map;
import java.util.Hashtable;
import java.util.Enumeration;
import java.util.Vector;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.Date;
import java.util.GregorianCalendar;
import java.math.BigInteger;
import iaik.asn1.*;
import iaik.asn1.structures.*;
import issrg.dis.Comm;
import issrg.pba.rbac.SetOfSubsetsCredentials;
import issrg.pba.rbac.ExpirableCredentials;
import issrg.pba.rbac.AbsoluteValidityPeriod;
import issrg.pba.ParsedToken;
import issrg.pba.DelegatableToken;
import issrg.pba.*;
import issrg.pba.rbac.*;
import issrg.ac.*;
import issrg.ac.attributes.*;
//import org.apache.//log4j.//logger;
//import org.apache.//log4j.BasicConfigurator;

/**
 *  	This is the DIS java object. This object is used
 *	to check and issue ACs on behalf of other 
 *	managers.
 * 
 *	<p>DIS java object will use PERMIS PDP to 
 *	make sure that the issuer (manager) have enough 
 * 	privileges to issue an AC and the issuance of that AC
 *	must conform to delegation policy
 */
public class DISTestNew/* extends issrg.dis.DIS */{
    
    
//    static //logger //log = //logger.get//logger(DISTestNew.class);
//    static org.apache.//log4j.Appender appender;
//    static org.apache.//log4j.Layout layout = new org.apache.//log4j.PatternLayout("[%t] %-5p %c %x - %m%n");      
    
    //configuration files
    private static final String config_file = "dis.cfg";
    private static final String serial_file = "serialnumber.cfg";
    //use to read and write attribute certificate to LDAP
    protected static String AC_attribute;
    protected static String User_certificate;
    private static final String SEPARATOR = "|";
    private static final String DOUBLE_SEPARATOR = "||";
    protected static final int CREDS = 0;
    private static final int RULES = 1;
    
    //following parameters are readed from configuration file
    private static String PKC;
    protected static String SOA;
    protected static String DIS;
    public String OID;
    private static String LDAP = null;
    private static String rootDN;
    private static String rootPass;
    private static boolean downgradeable; //whether or not privileges for the requested AC can be downgraded based on the issuer's privileges and policy
    private static String SIGN_KEY_PATH;
    private static String SIGN_KEY_PASSWORD;
    private static String DIS_AC_LOCATION = null;    
    
    public static issrg.utils.repository.AttributeRepository r;
    private static boolean NO_DOWNGRADE = false;

    private iaik.x509.X509Certificate x509;
    private issrg.security.DefaultSecurity ds;
    protected issrg.pba.rbac.SignatureVerifier sv = new SamplePKI();
    private issrg.pba.PolicyParser pp;
    VirtualLDAP ldapUtility;

    private issrg.security.DefaultSecurity signingUtility = new issrg.security.PKCS12Security();
    private Map roleTypes;// = new Hashtable();
    SetOfSubsetsCredentials emptyCreds = new SetOfSubsetsCredentials();      
    private final static String NO_DELEGATION="-1";
    private static final String SEPARATOR_APACHE = ",";
    private static final String SPACE = " ";
    private boolean verbose;
//    private issrg.pba.PolicyParser pp;    
    private RoleHierarchyPolicy roleHierarchyPolicy;
    issrg.pba.AuthTokenParser tokenParser;
    issrg.pba.rbac.policies.AllocationPolicy allocationPolicy;      
    issrg.dis.DISRAPandParser policyFinder;
    issrg.pba.rbac.RuleComparator comparator;
    
    issrg.ac.attributes.AttributeAuthorityInformationAccess aaia = null;
    Vector trustedProxy = new Vector();
    issrg.ac.attributes.AuthorityAttributeIdentifier aai = null;
    issrg.simplePERMIS.SimplePERMISAuthTokenRepository repository;
    java.util.Vector soas = new java.util.Vector();
    
    String rootcaDN;
    java.security.cert.X509Certificate signerPKC;
    protected int virtualSerialNumber = 1;
    GeneralNames DISGeneralNames;
    IssuerSerial rootCASerial;
    AlgorithmID signatureAlg;
    
    private static final String SATISFIED = "satisfied";
    
    private static final String CLIENTDN = "clientDN";
    private static final String ISSUERDN = "issuerDN";
    private static final String HOLDERDN = "holderDN";
    private static final String IOBO = "issuedOnBehalfOf";
    private static final String SERIAL = "serialNumber";
    private static final String ROLETYPESVALUES = "roleTypesValues";
    private static final String DELEGATION_DEPTH = "delegation depth";
    private static final String NOT_BEFORE = "notBefore";
    private static final String NOT_AFTER = "notAfter";
    private static final String INDEX = "index";

    public DISTestNew() throws Exception {
        
    }
     public DISTestNew(String path) throws Exception {
          try {
            readConfigFile(path);        
            SOA = issrg.utils.RFC2253NameParser.toCanonicalDN(SOA);
            if (SOA == null) {
                System.out.println("Error with SOA's DN");
                System.exit(-1);
            }           
            
            String keyPath = path.substring(0, path.length());
	    String separator = System.getProperties().getProperty("file.separator");
	    keyPath = keyPath.concat(separator);
	    SIGN_KEY_PATH = keyPath.concat(SIGN_KEY_PATH);      

            signingUtility.login(SIGN_KEY_PATH, SIGN_KEY_PASSWORD.toCharArray());
            signerPKC = signingUtility.getVerificationCertificate();             
            DIS = issrg.utils.RFC2253NameParser.toCanonicalDN(signerPKC.getSubjectDN().getName());
            if (DIS == null) {
                throw new Exception("Error with DIS's signing key: DN of the key's holder is in correct format");                
            }
            DIS = DIS.toUpperCase();           
            try {                    
                rootcaDN = ((iaik.asn1.structures.Name) signerPKC.getIssuerDN()).getRFC2253String();
            } catch (iaik.utils.RFC2253NameParserException rnpe) {                    
                throw new Exception("Failed to decode DNs", rnpe);
            }
            
            issrg.dis.LDAPUtility.AC_attribute=AC_attribute;             
            ldapUtility = new VirtualLDAP();
            r = (issrg.utils.repository.AttributeRepository) ldapUtility;
            initialize(r,path);
12345

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -