testds.java

一个完整的XACML工程,学习XACML技术的好例子!

/*
* Copyright (c) 2006, University of Kent
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without 
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this 
* list of conditions and the following disclaimer.
* 
* Redistributions in binary form must reproduce the above copyright notice, 
* this list of conditions and the following disclaimer in the documentation 
* and/or other materials provided with the distribution. 
*
* 1. Neither the name of the University of Kent nor the names of its 
* contributors may be used to endorse or promote products derived from this 
* software without specific prior written permission. 
*
* 2. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS  
* IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
* PURPOSE ARE DISCLAIMED. 
*
* 3. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* 4. YOU AGREE THAT THE EXCLUSIONS IN PARAGRAPHS 2 AND 3 ABOVE ARE REASONABLE
* IN THE CIRCUMSTANCES.  IN PARTICULAR, YOU ACKNOWLEDGE (1) THAT THIS
* SOFTWARE HAS BEEN MADE AVAILABLE TO YOU FREE OF CHARGE, (2) THAT THIS
* SOFTWARE IS NOT "PRODUCT" QUALITY, BUT HAS BEEN PRODUCED BY A RESEARCH
* GROUP WHO DESIRE TO MAKE THIS SOFTWARE FREELY AVAILABLE TO PEOPLE WHO WISH
* TO USE IT, AND (3) THAT BECAUSE THIS SOFTWARE IS NOT OF "PRODUCT" QUALITY
* IT IS INEVITABLE THAT THERE WILL BE BUGS AND ERRORS, AND POSSIBLY MORE
* SERIOUS FAULTS, IN THIS SOFTWARE.
*
* 5. This license is governed, except to the extent that local laws
* necessarily apply, by the laws of England and Wales.
*/

/*
 * TestDS.java
 *
 * Created on December 14, 2005, 10:25 AM
 */

package issrg.test.ds;

import issrg.pba.Action;
import issrg.pba.Subject;
import issrg.pba.rbac.BadURLException;
import issrg.pba.rbac.CustomisePERMIS;
import issrg.pba.rbac.LDAPDNPrincipal;
import issrg.pba.rbac.PermisAction;
import issrg.pba.rbac.PermisRBAC;
import issrg.pba.rbac.PermisTarget;
import issrg.pba.rbac.URLHandler;
import issrg.pba.rbac.x509.RepositoryACPolicyFinder;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.Hashtable;
import java.util.Map;
//import org.apache.log4j.Logger;
//import org.apache.log4j.BasicConfigurator;




/**
 *
 * @author anhnt
 */
public class TestDS extends DISTestNew {
//    static Logger log = Logger.getLogger(TestDS.class);
//    static org.apache.log4j.Appender appender;
//    static org.apache.log4j.Layout layout = new org.apache.log4j.PatternLayout("[%t] %-5p %c %x - %m%n");      
    
    
    /** Creates a new instance of TestDS */
    public TestDS(String path) throws Exception {            
        super(path);        
//        log.setLevel(org.apache.log4j.Level.OFF);  
//        appender = new org.apache.log4j.WriterAppender(layout, System.out);        
//        BasicConfigurator.configure(appender);        
    }
    public void initialize(issrg.utils.repository.AttributeRepository r, String path) { 
        try {
//            log.setLevel(org.apache.log4j.Level.ERROR);        
            issrg.test.ds.VirtualLDAP repository = (issrg.test.ds.VirtualLDAP) r;                        
            String separator = System.getProperties().getProperty("file.separator");
//            log.info("Geting the policy");
            String policyPath = path.concat(separator);
            policyPath = policyPath.concat("policy.ace");            
            java.io.InputStream reader = null;
            try {
                reader = new FileInputStream(policyPath);
            } catch(FileNotFoundException fnfe) {
//                log.fatal("policy file is not found");
                throw fnfe;
            }
            byte[] policy = new byte[reader.available()];
            reader.read(policy);
            repository.populate(SOA.toUpperCase(), AC_attribute, policy);
            
            String soaCerPath = path.concat(separator);
            soaCerPath = soaCerPath.concat("soacert.cer");
//            log.info(soaCerPath);
            try {
                reader = new FileInputStream(soaCerPath);
            } catch(FileNotFoundException fnfe) {
//                log.fatal("soa certificate is not found");
                throw fnfe;
            }
            byte[] soacert = new byte[reader.available()];
            reader.read(soacert);
            repository.populate(SOA.toUpperCase(), User_certificate, soacert);
            
            String disCerPath = path.concat(separator);
            disCerPath = disCerPath.concat("discert.cer");
//            log.info(disCerPath);
            try {
                reader = new FileInputStream(disCerPath);//reader = this.getClass().getResourceAsStream(disCerPath);
            } catch(FileNotFoundException fnfe) {
//                log.fatal("dis certificate is not found");
                throw fnfe;
            } 
            byte[] discert = new byte[reader.available()];
            reader.read(discert);
            repository.populate(DIS.toUpperCase(), User_certificate, discert);
            
            String disACPath = path.concat(separator);
            disACPath = disACPath.concat("dis.ace");
//            log.info("disACPath");
            try {
                reader = new FileInputStream(disACPath);//reader = this.getClass().getResourceAsStream(disACPath);
            } catch(FileNotFoundException fnfe) {
//                log.fatal("dis AC is not found");
                throw fnfe;
            }
            byte[] disAC = new byte[reader.available()];
            reader.read(disAC);
            repository.populate(DIS.toUpperCase(), AC_attribute, disAC);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
    
    public void doIssuing(int count, String issuer, String holder, String[] roleValues, String roleType, String from, String to, String _assert, String depth) {
        try {            
            String ret = signForMe(issuer, holder, roleValues, roleType, from, to, _assert, depth);                       
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
    
    public void testIssuing() {
//        log.debug("Starting the issuing process");
        
        //NOTE: I  HOPE THE TESTS HERE ARE ENOUGH FOR THE TESTING THE PDP. COMPARE TO OSCAR'S TESTS, THIS TEST SUITE HAS MUCH MORE ACs 
        int count = 1;
        
        //ISSSUED BY SOA
        
        
        String[] roles = new String[] {"Admin"};
        doIssuing(count, "cn=soa,ou=admin,o=permis,c=gb", "cn=dis,ou=admin,o=permis,c=gb", roles, "permisRole", "2004.01.01 00:00:00", "2010.01.01 00:00:00", "cannot", "0"); count++;
               
        
        roles = new String[] {"Admin", "Professor"};