📄 permistestbench.java
字号:
try {
while (true) {
s= in.readLine();
if (s == null) return null;
if (s.startsWith("#")) continue;
int i = s.indexOf('='); // find the assignment mark
String varName = null;
if (i>=0){
varName = s.substring(0, i).intern();
s = s.substring(i+1);
String[] result = new String[2];
result[0] = varName;
result[1] = s;
return result;
}
else continue;
}
}
catch (Exception e) {
return null;
}
}
/**
* Initialises the <code>PBA API</code>, that is, specifies the policy's OID,
* the distinguished name of the SOA, the attribute repository to be used, and the
* implementation of the SignatureInterface interface that is responsible for
* verifying the digital signatures of the attribute certificates
*
* @return boolean indicating whether the <code>PBA API</code> was successfully initialised
*/
public boolean initialisePBAAPI() {
issrg.utils.repository.AttributeRepository r=vr;
try {
CustomisePERMIS.configureX509Flavour();
pbaApi = new PermisRBAC(new RepositoryACPolicyFinder(r, oID, new LDAPDNPrincipal(SOA), sv), r, null);
return true;
}
catch (Exception e) {
e.printStackTrace();
return false;
}
}
/**
* Reads a request contained in the request specification file.
* Each request must have the following format (the number of entries, NOE, specifies
* the minimun and maximun number):
* <p>
* <ul>
* <li> <code>RQ_NUMBER="number of the request being processed"; NOE [1,1]</code>
* <li> <code>(USER_DN || USER)="distinguished name of the requestor"; NOE [1,1]</code>
* <li> <code>(TARGET_DN || TARGET)="name of the requested resource (DN or URI)"; NOE [1,1]</code>
* <li> <code>ACTION="action being requested"; NOE [1,1]</code>
* <li> <code>ARG_TYPE="type of the argument"; NOE [0,N]</code>
* <li> <code>ARG_VALUE="value of the argument"; NOE [0,N]</code>
* </ul>
* <p>
* If a line starts with #, it will be considered as a comment (it is ignored).
* <p>
*
* Those field must appear in the order above specified.
* <p>
*
* @param in is buffered reader related to the request file
* @return true if the request is well-formed and it has been successfully read
*/
protected boolean loadRequest(BufferedReader in) {
String[] varValue; //to be used with loadVarValue()
String targetDN = ""; //name of the target
String action = ""; //name of the action
String value = ""; //value of the argument
String type = ""; //type of the argument
int argN; //Argument Number
ArrayList arguments = new ArrayList(); //List of arguments
varValue = loadVarValue(in);
if (varValue == null) return false;
if (varValue[0].intern() == "RQ_NUMBER") {
rqNumber = varValue[1];
} else return false;
varValue = loadVarValue(in);
if (varValue == null) return false;
if ((varValue[0].intern() == "USER_DN") || (varValue[0].intern() == "USER")) {
userDN = varValue[1];
} else return false;
varValue = loadVarValue(in);
if (varValue == null) return false;
if ((varValue[0].intern() == "TARGET_DN") || (varValue[0].intern() == "TARGET")) {
targetDN = varValue[1];
} else return false;
varValue = loadVarValue(in);
if (varValue == null) return false;
if (varValue[0].intern() == "ACTION") {
action = varValue[1];
} else return false;
//Now, we are looking for arguments
argN = -1; //index for the arguments ArrayList
do {
argN++;
try {
//We mark the current position of the file just in case there are no more arguments
in.mark(1024);
}
catch (Exception e)
{
return false;
}
varValue = loadVarValue(in);
if (varValue == null) break; //End of File
if (varValue[0].intern() == "RQ_NUMBER") {
try {
//No more arguments, therefore we return to the marked position
in.reset();
break;
}
catch (Exception e) {
return false;
}
}
if (varValue[0].intern() == "ARG_TYPE") {
//New argument
type = varValue[1];
varValue = loadVarValue(in);
if (varValue == null) return false;
if (varValue[0].intern() == "ARG_VALUE") {
value = varValue[1];
} else return false;
}
//We build a new PermisArgument and we add it to the ArrayList
arguments.add(argN, new PermisArgument(type, value));
} while (true);
//It's time to build the PermisAction
if (argN > 0) {
// Arguments were found, so we use the PermisAction(String, Arguments[]) constructor
PermisArgument[] permisArguments = new PermisArgument[arguments.size()];
permisArguments = (PermisArgument[]) arguments.toArray(permisArguments);
permisAction = new PermisAction(action, permisArguments);
} else
// No arguments were found, so we use the PermisAction(String) constructor
permisAction = new PermisAction(action);
//It's time to build the PermisTarget
try {
boolean isAURL;
//WE are going to check whether it is a URI
try {
new URL(targetDN);
isAURL = true;
}
catch (Exception e) {
// A MalformedURLException is thrown when the targetDN does not contain
// a valid URL
isAURL = false;
}
// Depending on the type of target, we should use different constructors
if (!isAURL)
permisTarget = new PermisTarget(targetDN, null);
else permisTarget = new PermisTarget(targetDN);
return true;
}
catch (Exception e) {
e.printStackTrace();
return false;
}
}
/**
* Writes the decision header. These are the fields filled by
* this method:
* <p>
* <ul>
* <li> <code>REQUEST_FILE="name of the file containing the requests"; NOE [1,1]</code>
* <li> <code>REQUEST_FILE_HASH="hash value of the request file"; NOE [1,1]</code>
* <li> <code>EVALUATION_DATE="date on which the decisions were taken"; NOE [1,1]</code>
* </ul>
*
* @param out is buffered writer related to the decision file
* @param rqFile the name of the file of the input requests
* @return true if the decision header was written
*/
protected boolean writeDecisionHeader(java.io.BufferedWriter out, String rqFile) {
try {
// Commet out those un-portable code, not very relevant to the test
out.write("REQUEST_FILE=");
//out.write(rqFile);
out.newLine();
out.write("REQUEST_FILE_HASH=");
byte[] hash = getRequestHash(rqFile); //SHA-1 hash
BigInteger bi = new BigInteger(hash);
bi = bi.abs();
String s = bi.toString(16); //String representation of Hex values
out.write(s);
out.newLine();
out.write("EVALUATION_DATE=");
//Current Date
//out.write(new java.text.SimpleDateFormat().format(new java.util.Date()));
out.newLine();
return true;
}
catch (Exception e) {
return false;
}
}
/**
* Writes the decision information related to a particular request.
* These are the fields filled by this method:
* <p>
* <ul>
* <li> <code>RQ_NUMBER="number of the request"; NOE [1,1]</code>
* <li> <code>RESULT_CODE="0: allowed; 1: not allowed; 2: Invalid input; 3: Run-time error"; NOE [1,1]</code>
* <li> <code>RESULT_INFO="code description"; NOE [1,1]</code>
* <li> <code>ADDITIONAL_INFO="additional info about exceptions or errors"; NOE [1,1]</code>
* </ul>
*
* @param out is buffered writer related to the decision file
* @param rqNumber is the number of the request
* @param code represents the decision code taken by the PDP
* @param info contains a verbose interpretation of the decision code
* @param additionalInfo provides data related to exceptions or malformed requests
* @return true if the decision was written
*/
protected boolean writeDecisionData(java.io.BufferedWriter out, String rqNumber,
String code, String info, String additionalInfo) {
try {
out.write("RQ_NUMBER=");
out.write(rqNumber); out.newLine();
out.write("RESULT_CODE=");
out.write(code); out.newLine();
out.write("RESULT_INFO=");
out.write(info); out.newLine();
out.write("ADDITIONAL_INFO=");
out.write(additionalInfo); out.newLine();
out.flush();
return true;
}
catch (Exception e) {
return false;
}
}
/**
* Coordinates the rest of protected methods in order to
* read all the requests contained in <code>rqFile</code> and to generate the authositaion decisions that will
* be stored in decisionFile
*
* @param rqFile is the name of the file containing the requests
* @param decisionFile is the name of the file that is going to contain the decisions
*/
public void loadRequestsAndGenerateDecisions(String rqFile, String decisionFile) {
try {
java.io.BufferedWriter out = new java.io.BufferedWriter(new java.io.FileWriter(decisionFile));
int code;
String resultInfo;
String additionalInfo;
//First, we write the decision header (reference to the request file, hash, date)
if (!writeDecisionHeader(out,rqFile)) return;
java.io.BufferedReader in = new java.io.BufferedReader(new java.io.FileReader(rqFile));
//Then, we read each request in the file
while (loadRequest(in)) {
resultInfo = "";
additionalInfo = "";
try{
// Requestor
java.security.Principal user = new LDAPDNPrincipal(userDN);
authenticate(user);
// Attribute Certificates related to the user
Subject s = pbaApi.getCreds(user, null);
// We obtain the authorisation decision
Hashtable env = new Hashtable();
env.put(((PermisRBAC)pbaApi).TIME_VARIABLE,clock);
if (!pbaApi.decision(s, permisAction, permisTarget, env)) {
code = 1;
resultInfo = "The action is not allowed";
}
else {
code = 0;
resultInfo = "Action succeeded";
}
} catch (PbaException pe) {
code = 2;
resultInfo = "Invalid input";
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -