Initial commit.
This commit is contained in:
parent
9e46082e2d
commit
998a7eb2e1
|
@ -0,0 +1,76 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<parent>
|
||||
<groupId>eu.aniketos.securebpmn.xacml</groupId>
|
||||
<artifactId>eu.aniketos.securebpmn.xacml.parent</artifactId>
|
||||
<version>1.0</version>
|
||||
<relativePath>../eu.aniketos.securebpmn.xacml.parent/pom.xml</relativePath>
|
||||
</parent>
|
||||
<artifactId>eu.aniketos.securebpmn.xacml.api</artifactId>
|
||||
<version>0.1</version>
|
||||
<packaging>jar</packaging>
|
||||
<name>SecureBPMN XACML - Core API</name>
|
||||
<url>http://maven.apache.org</url>
|
||||
<properties>
|
||||
<cxf-version>2.5.1</cxf-version>
|
||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||
</properties>
|
||||
<build>
|
||||
<finalName>${artifactId}</finalName>
|
||||
<plugins>
|
||||
<!-- Java 1.5 -->
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-compiler-plugin</artifactId>
|
||||
<configuration>
|
||||
<source>1.5</source>
|
||||
<target>1.5</target>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<!-- Java2WS -->
|
||||
<plugin>
|
||||
<groupId>org.apache.cxf</groupId>
|
||||
<artifactId>cxf-java2ws-plugin</artifactId>
|
||||
<!-- version>${cxf-version}</version -->
|
||||
<version>${cxf-version}</version>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.apache.cxf</groupId>
|
||||
<artifactId>cxf-rt-frontend-jaxws</artifactId>
|
||||
<!-- version>${cxf-version}</version -->
|
||||
<version>${cxf-version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.cxf</groupId>
|
||||
<artifactId>cxf-rt-frontend-simple</artifactId>
|
||||
<!-- version>${cxf-version}</version -->
|
||||
<version>${cxf-version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>process-classes</id>
|
||||
<phase>process-classes</phase>
|
||||
<configuration>
|
||||
<className>eu.aniketos.securebpmn.xacml.api.autho.IPDP</className>
|
||||
<genWsdl>true</genWsdl>
|
||||
<verbose>true</verbose>
|
||||
</configuration>
|
||||
<goals>
|
||||
<goal>java2ws</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>junit</groupId>
|
||||
<artifactId>junit</artifactId>
|
||||
<version>[4.8,)</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
|
@ -0,0 +1,61 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<parent>
|
||||
<groupId>eu.aniketos.securebpmn.xacml</groupId>
|
||||
<artifactId>eu.aniketos.securebpmn.xacml.parent</artifactId>
|
||||
<version>1.0</version>
|
||||
<relativePath>../eu.aniketos.securebpmn.xacml.parent/pom.xml</relativePath>
|
||||
</parent>
|
||||
<artifactId>pdp-wsdlclient</artifactId>
|
||||
<packaging>jar</packaging>
|
||||
<version>0.1</version>
|
||||
<name>pdp</name>
|
||||
<url>http://maven.apache.org</url>
|
||||
<build>
|
||||
<finalName>${artifactId}</finalName>
|
||||
<sourceDirectory>target/generated/cxf/src</sourceDirectory>
|
||||
<outputDirectory>target/generated/cxf/bin</outputDirectory>
|
||||
<plugins>
|
||||
<!-- Java 1.5 -->
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-compiler-plugin</artifactId>
|
||||
<configuration>
|
||||
<source>1.5</source>
|
||||
<target>1.5</target>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<!-- generate java files from wsdl -->
|
||||
<plugin>
|
||||
<groupId>org.apache.cxf</groupId>
|
||||
<artifactId>cxf-codegen-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>generate-sources</id>
|
||||
<phase>generate-sources</phase>
|
||||
<configuration>
|
||||
<sourceRoot>${project.build.directory}/generated/cxf/src</sourceRoot>
|
||||
<wsdlOptions>
|
||||
<wsdlOption>
|
||||
<wsdl>${project.build.directory}/generated/wsdl/IPDP.wsdl</wsdl>
|
||||
</wsdlOption>
|
||||
</wsdlOptions>
|
||||
</configuration>
|
||||
<goals>
|
||||
<goal>wsdl2java</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>junit</groupId>
|
||||
<artifactId>junit</artifactId>
|
||||
<version>3.8.1</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
|
@ -0,0 +1,29 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api;
|
||||
|
||||
import javax.xml.bind.annotation.XmlType;
|
||||
|
||||
/**
|
||||
*
|
||||
* Defines the main type of the SecurityError
|
||||
*/
|
||||
@XmlType(namespace="http://aniketos.eu/")
|
||||
public enum ErrorType {
|
||||
AUTHENTICATION_FAILED,
|
||||
AUTHORIZATION_FAILED,
|
||||
CONFIGURATION_ERROR
|
||||
}
|
|
@ -0,0 +1,39 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api;
|
||||
|
||||
import javax.xml.bind.annotation.XmlType;
|
||||
|
||||
/**
|
||||
* Defines a more detailed reason for the error
|
||||
*
|
||||
*/
|
||||
@XmlType(namespace="http://aniketos.eu/")
|
||||
public enum ReasonType {
|
||||
SSO_ENGINE_ERROR,
|
||||
MISSING_CAS_TICKET,
|
||||
MISSING_USER,
|
||||
INVALID_CAS_TICKET,
|
||||
INVALID_USERNAME_PASSWORD,
|
||||
CAS_TICKET_WRONG_SERVICE,
|
||||
|
||||
INVALID_PARAMETERS,
|
||||
PDE_ENGINE_ERROR,
|
||||
BREAK_GLASS,
|
||||
UNDEFINED_POLICY,
|
||||
INVALID_XACML,
|
||||
DENY
|
||||
}
|
|
@ -0,0 +1,199 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api;
|
||||
|
||||
import javax.xml.ws.WebFault;
|
||||
|
||||
|
||||
@WebFault(targetNamespace="aniketos.eu/") //, name="SecurityError" name="eu.aniketos.SecurityError", faultBean="eu.aniketos.SecurityError
|
||||
public class SecurityError extends Exception {
|
||||
|
||||
private static final long serialVersionUID = 1031874369988364332L;
|
||||
|
||||
protected ErrorType error;
|
||||
protected ReasonType reason;
|
||||
|
||||
protected String message;
|
||||
|
||||
protected long evaluationId;
|
||||
|
||||
private static final String[] error_messages = {
|
||||
"Authentication failed",
|
||||
"Authorization failed",
|
||||
"Configuration error"
|
||||
};
|
||||
|
||||
|
||||
private static final String[] reason_messages = {
|
||||
"SSO Engine error",
|
||||
"Missing Security Token",
|
||||
"Missing authenticated user",
|
||||
"Invalid Security Token",
|
||||
"Invalid Username or Password",
|
||||
"Security Token not valid for requested service",
|
||||
|
||||
"Invalid parameters",
|
||||
"PDE Engine error",
|
||||
"Access requires break-glass",
|
||||
"No policy defined for requested resource",
|
||||
"Invalid XACML Defintion",
|
||||
"User is not permitted to access the requested resource"
|
||||
};
|
||||
|
||||
/**
|
||||
* Creating a new SecurityError, message is generated from error and reason
|
||||
*
|
||||
* @param error
|
||||
* @param reason
|
||||
*/
|
||||
public SecurityError(ErrorType error, ReasonType reason) {
|
||||
super(generateMessage(error, reason));
|
||||
this.message = super.getMessage();
|
||||
this.error = error;
|
||||
this.reason = reason;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creating a new SecurityError, message is generated from error and reason, enhanced with additionalMessage
|
||||
*
|
||||
* @param error
|
||||
* @param reason
|
||||
* @param additionalMessage
|
||||
*/
|
||||
public SecurityError(ErrorType error, ReasonType reason, String additionalMessage) {
|
||||
super(generateMessage(error, reason, additionalMessage));
|
||||
this.message = super.getMessage();
|
||||
this.error = error;
|
||||
this.reason = reason;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creating a new SecurityError, message is generated from error and reason
|
||||
*
|
||||
* @param error
|
||||
* @param reason
|
||||
* @param exception
|
||||
*/
|
||||
public SecurityError(ErrorType error, ReasonType reason, Throwable exception) {
|
||||
super(generateMessage(error, reason), exception);
|
||||
this.message = super.getMessage();
|
||||
this.error = error;
|
||||
this.reason = reason;
|
||||
}
|
||||
/**
|
||||
* Creating a new SecurityError, message is generated from error and reason, enhanced with additionalMessage
|
||||
*
|
||||
* @param error
|
||||
* @param reason
|
||||
* @param additionalMessage
|
||||
* @param exception
|
||||
*/
|
||||
public SecurityError(ErrorType error, ReasonType reason, String additionalMessage, Throwable exception) {
|
||||
super(generateMessage(error, reason, additionalMessage), exception);
|
||||
this.message = super.getMessage();
|
||||
this.error = error;
|
||||
this.reason = reason;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creating a new Security Error with a free defined message. Should only be used to create a new SecurityError in Proxies, wrapping a received error
|
||||
* @param message
|
||||
* @param error
|
||||
* @param reason
|
||||
*/
|
||||
public SecurityError(String message, ErrorType error, ReasonType reason) {
|
||||
super(message);
|
||||
this.message = super.getMessage();
|
||||
this.error = error;
|
||||
this.reason = reason;
|
||||
}
|
||||
|
||||
/**
|
||||
* returns the main error type for this SecurityError
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public ErrorType getError() {
|
||||
return error;
|
||||
}
|
||||
/**
|
||||
* should not be used to create a new message; is required for web service interfaces
|
||||
* @param error
|
||||
*/
|
||||
public void setError(ErrorType error) {
|
||||
this.error = error;
|
||||
}
|
||||
|
||||
/**
|
||||
* returns the more detailed reason for this SecurityError
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public ReasonType getReason() {
|
||||
return reason;
|
||||
}
|
||||
|
||||
/**
|
||||
* should not be used to create a new message; is required for web service interfaces
|
||||
* @param reason
|
||||
*/
|
||||
public void setReason(ReasonType reason) {
|
||||
this.reason = reason;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getMessage() {
|
||||
return this.message;
|
||||
}
|
||||
|
||||
/**
|
||||
* DO NOT USE! Required for SCA
|
||||
* @param message
|
||||
*/
|
||||
public void setMessage(String message) {
|
||||
//required for SCA? i.e., finding "message" as attribute with getters and setters
|
||||
this.message = message;
|
||||
}
|
||||
|
||||
public long getEvaluationId() {
|
||||
return evaluationId;
|
||||
}
|
||||
|
||||
public void setEvaluationId(long evaluationId) {
|
||||
this.evaluationId = evaluationId;
|
||||
}
|
||||
|
||||
|
||||
// /**
|
||||
// * DO NOT USE! Required for SCA
|
||||
// *
|
||||
// */
|
||||
// public SecurityError() {
|
||||
//
|
||||
// }
|
||||
|
||||
|
||||
|
||||
private static String generateMessage(ErrorType error, ReasonType reason) {
|
||||
return error_messages[error.ordinal()] + ": " + reason_messages[reason.ordinal()];
|
||||
|
||||
}
|
||||
|
||||
private static String generateMessage(ErrorType error, ReasonType reason, String additionalMessage) {
|
||||
return generateMessage(error, reason) + " (" + additionalMessage + ")";
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,99 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import java.net.URI;
|
||||
|
||||
|
||||
/**
|
||||
*
|
||||
* Allows to identify attributes by its defining URIs, e.g., as key for hash tables
|
||||
* <br/>
|
||||
* As attributes within xacml cannot be uniquely identified using their java objects, this
|
||||
* class can be used as such a unique identification
|
||||
*
|
||||
*/
|
||||
public class AttributeIdentifier {
|
||||
|
||||
protected URI category, attributeType, attributeId, issuer;
|
||||
|
||||
public AttributeIdentifier(URI category, URI attributeType, URI attributeId, URI issuer) {
|
||||
if ( category == null || attributeId == null || attributeType == null ) {
|
||||
throw new RuntimeException("category, type and ID must not be null!");
|
||||
}
|
||||
this.category = category;
|
||||
this.attributeType = attributeType;
|
||||
this.attributeId = attributeId;
|
||||
this.issuer = issuer;
|
||||
}
|
||||
|
||||
|
||||
public AttributeIdentifier() {
|
||||
//needed for web service stuff.. should not be used otherwise
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
if ( issuer == null ) {
|
||||
return category.hashCode() + attributeId.hashCode() + attributeType.hashCode();
|
||||
} else {
|
||||
return category.hashCode() + attributeId.hashCode() + attributeType.hashCode() + issuer.hashCode();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(Object o) {
|
||||
if ( o instanceof AttributeIdentifier) {
|
||||
AttributeIdentifier a = (AttributeIdentifier) o;
|
||||
if ( this.category.equals(a.category) &&
|
||||
this.attributeType.equals(a.attributeType) &&
|
||||
this.attributeId.equals(a.attributeId) &&
|
||||
((this.issuer == null && a.issuer == null) || this.issuer.equals(a.issuer))) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "[category]" + category + "[category];[type]" + attributeType + "[type];[id]" + attributeId + "[id];[issuer]" + issuer + "[issuer]";
|
||||
}
|
||||
|
||||
|
||||
public URI getCategory() {
|
||||
return category;
|
||||
}
|
||||
|
||||
public URI getAttributeType() {
|
||||
return attributeType;
|
||||
}
|
||||
|
||||
public URI getAttributeId() {
|
||||
return attributeId;
|
||||
}
|
||||
|
||||
public URI getIssuer() {
|
||||
return issuer;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,83 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import java.net.URI;
|
||||
|
||||
import javax.xml.bind.annotation.XmlType;
|
||||
|
||||
@XmlType(namespace="http://aniketos.eu/autho")
|
||||
public class AuthoAttribute {
|
||||
|
||||
public static final URI OBLIGATION_CATEGORY = URI.create("urn:category:obligation");
|
||||
|
||||
enum STATUS {
|
||||
MISSING,
|
||||
RESOLVED,
|
||||
RESOLUTION_ERROR
|
||||
}
|
||||
private Long id;
|
||||
|
||||
protected AttributeIdentifier attrId;
|
||||
protected String value;
|
||||
|
||||
protected boolean underRevision;
|
||||
|
||||
//TODO save, if -) within initial request -) requested through
|
||||
public static final int INITIAL_REQUST = 0x1, ATTR_RESOLVER = 0x2;
|
||||
|
||||
|
||||
|
||||
public AuthoAttribute() {
|
||||
// needed for web service stuff
|
||||
}
|
||||
|
||||
public AuthoAttribute(AttributeIdentifier attrId, String value) {
|
||||
this.attrId = attrId;
|
||||
this.value = value;
|
||||
}
|
||||
|
||||
|
||||
|
||||
public AuthoAttribute(URI categoryId, URI attributeId, URI dataType, String value) {
|
||||
this.attrId = new AttributeIdentifier(categoryId, dataType, attributeId, null);
|
||||
this.value = value;
|
||||
}
|
||||
|
||||
public AttributeIdentifier getAttributeIdentifier() {
|
||||
return this.attrId;
|
||||
}
|
||||
|
||||
public void setAttributeIdentifier(AttributeIdentifier attrId) {
|
||||
this.attrId = attrId;
|
||||
}
|
||||
|
||||
public String getValue() {
|
||||
return value;
|
||||
}
|
||||
|
||||
public void setValue(String value) {
|
||||
this.value = value;
|
||||
}
|
||||
|
||||
public void setId(Long id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,46 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import eu.aniketos.securebpmn.api.idm.IdInfo;
|
||||
|
||||
public class AuthoInfo extends IdInfo {
|
||||
|
||||
public AuthoInfo() {
|
||||
|
||||
}
|
||||
|
||||
public AuthoInfo(IdInfo idInfo) {
|
||||
super(idInfo); //TODO copy arguments
|
||||
}
|
||||
|
||||
//List of attributes assigned to the user, e.g., roles, etc.
|
||||
//for usual, this information is obtained by the IDM
|
||||
protected List<AuthoAttribute> userAttributes;
|
||||
|
||||
protected String IDManager;
|
||||
|
||||
|
||||
|
||||
// String getProxyGrantingTicket();
|
||||
// String getAuthenticatedUser();
|
||||
// SecurityError getException();
|
||||
// boolean hasError();
|
||||
// ErrorType getError();
|
||||
// ReasonType getReason();
|
||||
}
|
|
@ -0,0 +1,56 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import java.net.URI;
|
||||
import java.util.Collection;
|
||||
|
||||
import javax.xml.bind.annotation.XmlType;
|
||||
|
||||
@XmlType(namespace="http://aniketos.eu/autho")
|
||||
public class AuthoObligation {
|
||||
|
||||
private Long id;
|
||||
private String type;
|
||||
private Collection<AuthoAttribute> parameters;
|
||||
|
||||
public AuthoObligation() {
|
||||
|
||||
}
|
||||
|
||||
public AuthoObligation(URI type) {
|
||||
this.type = type.toString();
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
public void setId(Long id) {
|
||||
this.id = id;
|
||||
}
|
||||
public String getType() {
|
||||
return type;
|
||||
}
|
||||
public void setType(String type) {
|
||||
this.type = type;
|
||||
}
|
||||
public Collection<AuthoAttribute> getParameters() {
|
||||
return parameters;
|
||||
}
|
||||
public void setParameters(Collection<AuthoAttribute> parameters) {
|
||||
this.parameters = parameters;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,155 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import javax.xml.bind.annotation.XmlType;
|
||||
|
||||
import eu.aniketos.securebpmn.api.idm.IdInfo;
|
||||
|
||||
@XmlType(namespace="http://eu.aniketos/autho")
|
||||
public class AuthoResult {
|
||||
|
||||
// public enum DECISION {
|
||||
// DECISION_PERMIT,
|
||||
// DECISION_DENY,
|
||||
// DECISION_INDETERMINATE,
|
||||
// DECISION_NOT_APPLICABLE,
|
||||
// INVALID_DECISION;
|
||||
//
|
||||
// private String[] messages = { "Permit", "Deny",
|
||||
// "Indeterminate",
|
||||
// "NotApplicable", "Invalid" };
|
||||
//
|
||||
// public String getMessage() {
|
||||
// return messages[this.ordinal()];
|
||||
// }
|
||||
//
|
||||
// public static DECISION getFromInt(int decision) {
|
||||
// switch (decision) {
|
||||
// case 0:
|
||||
// return DECISION_PERMIT;
|
||||
// case 1:
|
||||
// return DECISION_DENY;
|
||||
// case 2:
|
||||
// return DECISION_INDETERMINATE;
|
||||
// case 3:
|
||||
// return DECISION_NOT_APPLICABLE;
|
||||
// case 5:
|
||||
// return INVALID_DECISION;
|
||||
// }
|
||||
// return null;
|
||||
// }
|
||||
// }
|
||||
|
||||
private Long evaluationId;
|
||||
|
||||
private Long id;
|
||||
|
||||
/**
|
||||
* The user for which the evaluation was done. Especially needed, if the
|
||||
* pep provides the raw AuthInfo to the PDP
|
||||
*/
|
||||
private IdInfo idInfo;
|
||||
|
||||
private Decision decision;
|
||||
|
||||
|
||||
|
||||
private List<String> statusCode;
|
||||
|
||||
private String statusMessage;
|
||||
|
||||
private List<AuthoAttribute> missingAttributes;
|
||||
|
||||
private List<AuthoObligation> obligations;
|
||||
|
||||
public String toString() {
|
||||
StringBuffer buff =new StringBuffer(decision.toString());
|
||||
buff.append(", statusCodes: ");
|
||||
for (String code : statusCode) {
|
||||
buff.append(code); buff.append(", ");
|
||||
}
|
||||
buff.append(", statusMessage: "); buff.append(statusMessage);
|
||||
buff.append(" obligations: "); buff.append(obligations == null ? "null" : obligations.size());
|
||||
return buff.toString();
|
||||
}
|
||||
|
||||
public IdInfo getIdInfo() {
|
||||
return idInfo;
|
||||
}
|
||||
|
||||
public void setIdInfo(IdInfo idInfo) {
|
||||
this.idInfo = idInfo;
|
||||
}
|
||||
|
||||
public Decision getDecision() {
|
||||
return decision;
|
||||
}
|
||||
|
||||
public void setDecision(Decision decision) {
|
||||
this.decision = decision;
|
||||
}
|
||||
|
||||
public List<AuthoAttribute> getMissingAttributes() {
|
||||
return missingAttributes;
|
||||
}
|
||||
|
||||
public void setMissingAttributes(List<AuthoAttribute> missingAttributes) {
|
||||
this.missingAttributes = missingAttributes;
|
||||
}
|
||||
|
||||
public List<AuthoObligation> getObligations() {
|
||||
return obligations;
|
||||
}
|
||||
|
||||
public void setObligations(List<AuthoObligation> obligations) {
|
||||
this.obligations = obligations;
|
||||
}
|
||||
|
||||
public void setEvaluationId(Long evaluationId) {
|
||||
this.evaluationId = evaluationId;
|
||||
}
|
||||
|
||||
public Long getEvaluationId() {
|
||||
return evaluationId;
|
||||
}
|
||||
|
||||
public void setId(Long id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public List<String> getStatusCode() {
|
||||
return statusCode;
|
||||
}
|
||||
|
||||
public void setStatusCode(List<String> statusCode) {
|
||||
this.statusCode = statusCode;
|
||||
}
|
||||
|
||||
public String getStatusMessage() {
|
||||
return statusMessage;
|
||||
}
|
||||
|
||||
public void setStatusMessage(String statusMessage) {
|
||||
this.statusMessage = statusMessage;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,52 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import javax.xml.bind.annotation.XmlType;
|
||||
|
||||
@XmlType(namespace="http://aniketos.eu/autho")
|
||||
public enum Decision {
|
||||
DECISION_PERMIT,
|
||||
DECISION_DENY,
|
||||
DECISION_INDETERMINATE,
|
||||
DECISION_NOT_APPLICABLE,
|
||||
INVALID_DECISION;
|
||||
|
||||
private String[] messages = { "Permit", "Deny",
|
||||
"Indeterminate",
|
||||
"NotApplicable", "Invalid" };
|
||||
|
||||
public String getMessage() {
|
||||
return messages[this.ordinal()];
|
||||
}
|
||||
|
||||
public static Decision getFromInt(int decision) {
|
||||
switch (decision) {
|
||||
case 0:
|
||||
return DECISION_PERMIT;
|
||||
case 1:
|
||||
return DECISION_DENY;
|
||||
case 2:
|
||||
return DECISION_INDETERMINATE;
|
||||
case 3:
|
||||
return DECISION_NOT_APPLICABLE;
|
||||
case 5:
|
||||
return INVALID_DECISION;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,75 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import java.net.URI;
|
||||
import java.util.List;
|
||||
import java.util.Vector;
|
||||
|
||||
/**
|
||||
*
|
||||
* Attribtues resolved at runtime by the com.sun.xacml.attr.AttributeDesignator
|
||||
*
|
||||
*/
|
||||
public class DesignatorAttribute {
|
||||
|
||||
protected AttributeIdentifier attrId;
|
||||
|
||||
|
||||
protected List<String> values;
|
||||
|
||||
public DesignatorAttribute(AttributeIdentifier attrId) {
|
||||
this.attrId = attrId;
|
||||
}
|
||||
|
||||
public DesignatorAttribute(URI attributeId, URI dataType, URI categoryId) {
|
||||
this.attrId = new AttributeIdentifier(categoryId, dataType, attributeId, null);
|
||||
}
|
||||
|
||||
public AttributeIdentifier getAttrId() {
|
||||
return attrId;
|
||||
}
|
||||
|
||||
public void setAttrId(AttributeIdentifier attrId) {
|
||||
this.attrId = attrId;
|
||||
}
|
||||
|
||||
public List<String> getValues() {
|
||||
return values;
|
||||
}
|
||||
public void setValues(List<String> values) {
|
||||
this.values = values;
|
||||
}
|
||||
|
||||
public void addBagValue(String bagValue) {
|
||||
if ( values == null ) {
|
||||
values = new Vector<String>();
|
||||
}
|
||||
values.add(bagValue);
|
||||
}
|
||||
|
||||
public List<String> getBagValues() {
|
||||
return this.values;
|
||||
}
|
||||
|
||||
public boolean isSingleValue() {
|
||||
return values!= null && values.size() == 1 ? true : false;
|
||||
}
|
||||
|
||||
public boolean isEmptyValue() {
|
||||
return values == null ? true : false;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,24 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import eu.aniketos.securebpmn.api.idm.IdInfo;
|
||||
|
||||
public interface IAuthoManager {
|
||||
|
||||
AuthoInfo getIdentityInformation(IdInfo idInfo);
|
||||
|
||||
}
|
|
@ -0,0 +1,36 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public interface IContextProvider {
|
||||
/**
|
||||
* resolves one attribute
|
||||
*
|
||||
* writes the result to attr and returns it as string
|
||||
*
|
||||
* @param attr
|
||||
* @return
|
||||
*/
|
||||
String resolveAttribute(AuthoAttribute attr);
|
||||
/**
|
||||
* resolves a set of attributes, returns number of errors
|
||||
* @param attr
|
||||
* @return
|
||||
*/
|
||||
int resolveAttributes(List<AuthoAttribute> attr);
|
||||
}
|
|
@ -0,0 +1,28 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public interface IObligationService {
|
||||
|
||||
public boolean supportsObligation(AuthoObligation obligation);
|
||||
|
||||
public boolean fulfillObligation(AuthoObligation obligation);
|
||||
|
||||
public boolean fulfillObligation(List<AuthoObligation> obligation);
|
||||
|
||||
}
|
|
@ -0,0 +1,42 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import javax.jws.WebParam;
|
||||
import javax.jws.WebService;
|
||||
|
||||
import eu.aniketos.securebpmn.api.SecurityError;
|
||||
import eu.aniketos.securebpmn.api.idm.IdInfo;
|
||||
|
||||
@WebService(targetNamespace="aniketos.eu/autho")
|
||||
public interface IPDP {
|
||||
|
||||
String evaluateXACML(@WebParam(name="xacmlRequ")String xacmlRequest) throws SecurityError;
|
||||
|
||||
AuthoResult evaluate(@WebParam(name="idInfo") IdInfo idInfo,
|
||||
@WebParam(name="resource") String resource,
|
||||
@WebParam(name="action")String action,
|
||||
@WebParam(name="attributes") List<AuthoAttribute> attributes) throws SecurityError;
|
||||
|
||||
String getXACMLPEPConfig();
|
||||
|
||||
boolean logBreakGlassAccess(@WebParam(name="evaluationId") long evaluationId, @WebParam(name="justification") String justification);
|
||||
|
||||
void notifyStateChange(@WebParam(name="evaluationId") long evaluationId) throws SecurityError;
|
||||
|
||||
}
|
|
@ -0,0 +1,37 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public interface IPDPManagement {
|
||||
|
||||
long loadPolicyVersion(long version);
|
||||
|
||||
boolean setEmergencyLeve(long level, boolean active);
|
||||
|
||||
// role management
|
||||
List<String> getRoles(String userId);
|
||||
|
||||
void addRole(String userId, String role);
|
||||
|
||||
void removeRole(String userId, String role);
|
||||
|
||||
|
||||
//patient - physician relationship
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.autho;
|
||||
|
||||
import eu.aniketos.securebpmn.api.SecurityError;
|
||||
import eu.aniketos.securebpmn.api.log.AccessControlRequest;
|
||||
|
||||
/**
|
||||
*
|
||||
* This interface allows the PDP to pass an access control request
|
||||
* to the PDP State module and update the pdp state according to the
|
||||
* executed action
|
||||
*
|
||||
*/
|
||||
public interface IPDPStateManagement {
|
||||
/**
|
||||
* update the PDPState according to the access control request
|
||||
* @param execRequest
|
||||
*/
|
||||
void updatePDPState(AccessControlRequest execRequest) throws SecurityError;
|
||||
|
||||
}
|
|
@ -0,0 +1,63 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.idm;
|
||||
|
||||
|
||||
/**
|
||||
* contains (technology neutral) authentication information information, e.g.,
|
||||
* <ul>
|
||||
* <li>SAML Token</li>
|
||||
* <li>CAS Token</li>
|
||||
* <li>OpenID Token</li>
|
||||
* </ul>
|
||||
*
|
||||
*/
|
||||
public class AuthInfo {
|
||||
protected String authProviderId;
|
||||
protected String token;
|
||||
protected IdInfo idInfo;
|
||||
|
||||
public AuthInfo() {
|
||||
|
||||
}
|
||||
|
||||
public AuthInfo(String authProviderId, String token) {
|
||||
this.authProviderId = authProviderId;
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
protected AuthInfo(IdInfo idInfo) {
|
||||
this.idInfo = idInfo;
|
||||
}
|
||||
|
||||
public String getAuthProviderId() {
|
||||
return authProviderId;
|
||||
}
|
||||
|
||||
public void setAuthProviderId(String authProviderId) {
|
||||
this.authProviderId = authProviderId;
|
||||
}
|
||||
|
||||
public String getToken() {
|
||||
return token;
|
||||
}
|
||||
|
||||
public void setToken(String token) {
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -0,0 +1,38 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.idm;
|
||||
|
||||
/**
|
||||
*
|
||||
* Resovles the AuthInfo with aim of a ID Provider
|
||||
*
|
||||
*
|
||||
*/
|
||||
public interface IIDProvider {
|
||||
/**
|
||||
* Resolved the AuthInfo t
|
||||
*
|
||||
* @param authInfo
|
||||
* @return
|
||||
*/
|
||||
IdInfo authenticate(AuthInfo authInfo);
|
||||
|
||||
boolean isValidInfo(String info);
|
||||
|
||||
AuthInfo createAuthInfo(String info);
|
||||
|
||||
String getProviderID();
|
||||
}
|
|
@ -0,0 +1,23 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.idm;
|
||||
|
||||
import java.net.URL;
|
||||
|
||||
public interface IIDProviderFactory {
|
||||
IIDProvider getClient(URL casServer, URL service);
|
||||
IIDProviderProxy getProxyClient(URL casServer, URL service);
|
||||
}
|
|
@ -0,0 +1,26 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.idm;
|
||||
|
||||
import java.net.URL;
|
||||
|
||||
public interface IIDProviderProxy extends IIDProvider {
|
||||
|
||||
IdInfo authenticate(AuthInfo authInfo, boolean proxy);
|
||||
|
||||
String getProxyTicket(IdInfo idInfo, URL targetService);
|
||||
|
||||
}
|
|
@ -0,0 +1,55 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.idm;
|
||||
|
||||
import java.net.URL;
|
||||
|
||||
import eu.aniketos.securebpmn.api.SecurityError;
|
||||
|
||||
public interface ITicketProvider {
|
||||
/**
|
||||
* This method logs in at the SSO Engine (i.e., the CAS Server)
|
||||
* <br/>
|
||||
* In case of <b>any error</b> (e.g., ConnectException, IOException) which result out of an
|
||||
* incorrect infrastructure, this functions returns null, which signals "not logged in"
|
||||
*
|
||||
* @param username used to login at the SSO Engine (i.e., CAS Server)
|
||||
* @param password used to login at the SSO Engine (i.e., CAS Server)
|
||||
* @return the value of the Ticket Granting Cookie. <b>CAUTION</b> If the return value is null,
|
||||
* the login has not been successful, it has to be called login again!
|
||||
*/
|
||||
public String login(String username, String password) throws SecurityError;
|
||||
|
||||
/**
|
||||
* This function is used for every (Web Service) Call that is done in the SoKNOS system, as for each of these
|
||||
* call a Service Ticket (CAS Ticket) is required.
|
||||
*
|
||||
* @param service The URL of the service for which the service ticket is required
|
||||
* @return
|
||||
* @throws InvalidCASTicketException This exception is thrown, if there is no valid CAS Ticket available (i.e.,
|
||||
* the user is not logged in or the CAS session expired, etc.)
|
||||
*/
|
||||
public AuthInfo getServiceTicket(URL service) throws SecurityError;
|
||||
|
||||
/**
|
||||
* Invalidates any existing active session. If no active session is available, no error is thrown. If
|
||||
* this function is called, for further getServiceTicket() calls a (re)login is required
|
||||
*
|
||||
* @return <b>true</b>, if logout has been successful or no active session was found and <b>false</b>,
|
||||
* if any error occured (e.g., network error)
|
||||
*/
|
||||
public boolean logout();
|
||||
}
|
|
@ -0,0 +1,22 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.idm;
|
||||
|
||||
import java.net.URL;
|
||||
|
||||
public interface ITicketProviderFactory {
|
||||
ITicketProvider getTicketProvider(URL idProvder);
|
||||
}
|
|
@ -0,0 +1,94 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.idm;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import javax.xml.bind.annotation.XmlType;
|
||||
|
||||
/**
|
||||
*
|
||||
* Contains authentication information (ID Provider) and authorization
|
||||
* relevant information (identity management) about the user
|
||||
*
|
||||
*/
|
||||
@XmlType(namespace="http://idm.aniketos.eu/")
|
||||
public class IdInfo {
|
||||
|
||||
|
||||
|
||||
//the resolved userID
|
||||
protected String userId; // Required
|
||||
|
||||
//ID Provider which was used to resolve the userID
|
||||
protected String IdProvider; // Required
|
||||
|
||||
//List of services which are in the call chain to the current instance
|
||||
protected List<String> callChain; // Optional, technology dependant, e.g., CAS
|
||||
|
||||
public IdInfo(String userId) {
|
||||
this.userId = userId;
|
||||
}
|
||||
|
||||
|
||||
public IdInfo(String userId, String IdProvider, List<String> callChaind) {
|
||||
this.userId = userId;
|
||||
this.IdProvider = IdProvider;
|
||||
this.callChain = callChaind;
|
||||
}
|
||||
|
||||
protected IdInfo(IdInfo copy) {
|
||||
this.userId = copy.userId;
|
||||
this.IdProvider = copy.IdProvider;
|
||||
this.callChain = copy.callChain;
|
||||
}
|
||||
|
||||
protected IdInfo() {
|
||||
|
||||
}
|
||||
|
||||
|
||||
public String getUserId() {
|
||||
return userId;
|
||||
}
|
||||
|
||||
|
||||
public void setUserId(String userId) {
|
||||
this.userId = userId;
|
||||
}
|
||||
|
||||
|
||||
public String getIdProvider() {
|
||||
return IdProvider;
|
||||
}
|
||||
|
||||
|
||||
public void setIdProvider(String idProvider) {
|
||||
IdProvider = idProvider;
|
||||
}
|
||||
|
||||
|
||||
public List<String> getCallChain() {
|
||||
return callChain;
|
||||
}
|
||||
|
||||
|
||||
public void setCallChain(List<String> callChain) {
|
||||
this.callChain = callChain;
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -0,0 +1,216 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.log;
|
||||
|
||||
import java.net.URI;
|
||||
import java.util.Collection;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
|
||||
import eu.aniketos.securebpmn.api.autho.AuthoAttribute;
|
||||
import eu.aniketos.securebpmn.api.autho.AuthoObligation;
|
||||
import eu.aniketos.securebpmn.api.autho.AuthoResult;
|
||||
import eu.aniketos.securebpmn.api.autho.DesignatorAttribute;
|
||||
import eu.aniketos.securebpmn.api.idm.IdInfo;
|
||||
|
||||
public class AccessControlRequest extends LogEntry {
|
||||
|
||||
private Long evaluationId;
|
||||
private long policyVersion;
|
||||
private Date execTime;
|
||||
|
||||
//request part
|
||||
private IdInfo idInfo;
|
||||
private URI resource;
|
||||
private String action;
|
||||
|
||||
private Collection<AuthoAttribute> attributes;
|
||||
|
||||
//RequestCtx
|
||||
private Object request;
|
||||
private String xacmlRequest;
|
||||
|
||||
|
||||
private AuthoResult result;
|
||||
private List<AuthoObligation> obligations;
|
||||
|
||||
private List<DesignatorAttribute> designAttrs;
|
||||
|
||||
//ResponseCtx
|
||||
private Object response;
|
||||
private String xacmlResponse;
|
||||
|
||||
|
||||
private long duration;
|
||||
private String errorMessage;
|
||||
|
||||
public AccessControlRequest() {
|
||||
super(null, Log_Type.ACCESS_REQUEST);
|
||||
}
|
||||
|
||||
public AccessControlRequest(Long evaluationId, String xacmlRequest) {
|
||||
super(new Date(), Log_Type.ACCESS_REQUEST);
|
||||
this.evaluationId = evaluationId;
|
||||
this.xacmlRequest = xacmlRequest;
|
||||
}
|
||||
|
||||
public AccessControlRequest(Long evaluationId, IdInfo idInfo,
|
||||
URI resource, String action, List<AuthoAttribute> attributes) {
|
||||
super(new Date(), Log_Type.ACCESS_REQUEST);
|
||||
this.evaluationId = evaluationId;
|
||||
this.idInfo = idInfo;
|
||||
this.resource = resource;
|
||||
this.action = action;
|
||||
this.attributes = attributes;
|
||||
}
|
||||
|
||||
public void finished(Object request, Object response, String xacmlResponse,
|
||||
Date execTime, long policyVersion,
|
||||
List<DesignatorAttribute> designAttrs) {
|
||||
duration = new Date().getTime() - getArrival().getTime();
|
||||
this.setRequest(request);
|
||||
this.setResponse(response);
|
||||
this.execTime = execTime;
|
||||
this.policyVersion = policyVersion;
|
||||
this.xacmlResponse = xacmlResponse;
|
||||
this.designAttrs = designAttrs;
|
||||
}
|
||||
|
||||
public void finished(Object request, Object response, AuthoResult result,
|
||||
Date execTime, long policyVersion,
|
||||
List<DesignatorAttribute> designAttrs) {
|
||||
duration = new Date().getTime() - getArrival().getTime();
|
||||
this.setRequest(request);
|
||||
this.setResponse(response);
|
||||
this.execTime = execTime;
|
||||
this.policyVersion = policyVersion;
|
||||
this.result = result;
|
||||
this.designAttrs = designAttrs;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
public Long getEvaluationId() {
|
||||
return evaluationId;
|
||||
}
|
||||
public void setEvaluationId(Long evaluationId) {
|
||||
this.evaluationId = evaluationId;
|
||||
}
|
||||
public String getXacmlRequest() {
|
||||
return xacmlRequest;
|
||||
}
|
||||
public void setXacmlRequest(String xacmlRequest) {
|
||||
this.xacmlRequest = xacmlRequest;
|
||||
}
|
||||
public URI getResource() {
|
||||
return resource;
|
||||
}
|
||||
public void setResource(URI resource) {
|
||||
this.resource = resource;
|
||||
}
|
||||
public String getAction() {
|
||||
return action;
|
||||
}
|
||||
public void setAction(String action) {
|
||||
this.action = action;
|
||||
}
|
||||
public Collection<AuthoAttribute> getAttributes() {
|
||||
return attributes;
|
||||
}
|
||||
public void setAttributes(Collection<AuthoAttribute> attributes) {
|
||||
this.attributes = attributes;
|
||||
}
|
||||
public AuthoResult getResult() {
|
||||
return result;
|
||||
}
|
||||
public void setResult(AuthoResult result) {
|
||||
this.result = result;
|
||||
}
|
||||
public long getDuration() {
|
||||
return duration;
|
||||
}
|
||||
public void setDuration(long duration) {
|
||||
this.duration = duration;
|
||||
}
|
||||
public void setErrorMessage(String errorMessage) {
|
||||
this.errorMessage = errorMessage;
|
||||
}
|
||||
public String getErrorMessage() {
|
||||
return errorMessage;
|
||||
}
|
||||
public void setXacmlResponse(String xacmlResponse) {
|
||||
this.xacmlResponse = xacmlResponse;
|
||||
}
|
||||
public String getXacmlResponse() {
|
||||
return xacmlResponse;
|
||||
}
|
||||
public void setObligations(List<AuthoObligation> obligations) {
|
||||
this.obligations = obligations;
|
||||
}
|
||||
public List<AuthoObligation> getObligations() {
|
||||
return obligations;
|
||||
}
|
||||
|
||||
public void setPolicyVersion(long policyVersion) {
|
||||
this.policyVersion = policyVersion;
|
||||
}
|
||||
|
||||
public long getPolicyVersion() {
|
||||
return policyVersion;
|
||||
}
|
||||
|
||||
public void setRequest(Object request) {
|
||||
this.request = request;
|
||||
}
|
||||
|
||||
public Object getRequest() {
|
||||
return request;
|
||||
}
|
||||
|
||||
public void setResponse(Object response) {
|
||||
this.response = response;
|
||||
}
|
||||
|
||||
public Object getResponse() {
|
||||
return response;
|
||||
}
|
||||
|
||||
public List<DesignatorAttribute> getDesignatorAttributes() {
|
||||
return this.designAttrs;
|
||||
}
|
||||
|
||||
public void setDesignatorAttributes(List<DesignatorAttribute> designAttrs) {
|
||||
this.designAttrs = designAttrs;
|
||||
}
|
||||
|
||||
public IdInfo getIdInfo() {
|
||||
return idInfo;
|
||||
}
|
||||
|
||||
public void setIdInfo(IdInfo idInfo) {
|
||||
this.idInfo = idInfo;
|
||||
}
|
||||
|
||||
public Date getExecTime() {
|
||||
return execTime;
|
||||
}
|
||||
|
||||
public void setExecTime(Date execTime) {
|
||||
this.execTime = execTime;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,59 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.log;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
public class EventNotification extends LogEntry {
|
||||
|
||||
protected EventNotification(Date arrival, Log_Type type) {
|
||||
super(arrival, type);
|
||||
}
|
||||
|
||||
private Long id;
|
||||
|
||||
private Long evaluationId;
|
||||
private Log_Type type;
|
||||
private String message;
|
||||
|
||||
|
||||
public Long getEvaluationId() {
|
||||
return evaluationId;
|
||||
}
|
||||
public void setEvaluationId(Long evaluationId) {
|
||||
this.evaluationId = evaluationId;
|
||||
}
|
||||
public Log_Type getType() {
|
||||
return type;
|
||||
}
|
||||
public void setType(Log_Type type) {
|
||||
this.type = type;
|
||||
}
|
||||
public String getMessage() {
|
||||
return message;
|
||||
}
|
||||
public void setMessage(String message) {
|
||||
this.message = message;
|
||||
}
|
||||
public void setId(Long id) {
|
||||
this.id = id;
|
||||
}
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -0,0 +1,42 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.log;
|
||||
|
||||
|
||||
|
||||
public interface ILogStore {
|
||||
/**
|
||||
* store the provided AccessControlRequest to the log store;
|
||||
* this function should not block and return immediately, i.e.,
|
||||
* the request should be put on a queue and handled by another
|
||||
* thread
|
||||
* @param requ
|
||||
*/
|
||||
void storeAccessControlRequest(AccessControlRequest requ);
|
||||
|
||||
boolean logBreakGlassAccess();
|
||||
|
||||
boolean shutdown();
|
||||
|
||||
/**
|
||||
* returns a new unique ID; this ID should be used to create a new
|
||||
* AccessControlRequest
|
||||
* @return
|
||||
*/
|
||||
Long getNewEvaluationId();
|
||||
|
||||
AccessControlRequest getAccessControlRequest(Long evaluationId);
|
||||
}
|
|
@ -0,0 +1,49 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.log;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
public abstract class LogEntry {
|
||||
|
||||
public enum Log_Type {
|
||||
ACCESS_REQUEST,
|
||||
BREAK_GLASS
|
||||
}
|
||||
|
||||
protected LogEntry(Date arrival, Log_Type type) {
|
||||
this.arrival = arrival;
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
private Date arrival;
|
||||
// private byte[] chkSum;
|
||||
//
|
||||
// private Long previous;
|
||||
|
||||
private Log_Type type;
|
||||
|
||||
public Date getArrival() {
|
||||
return arrival;
|
||||
}
|
||||
public void setArrival(Date arrival) {
|
||||
this.arrival = arrival;
|
||||
}
|
||||
|
||||
public Log_Type getLogtype() {
|
||||
return type;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,22 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.pep;
|
||||
|
||||
import eu.aniketos.securebpmn.api.autho.AuthoObligation;
|
||||
|
||||
public interface IObligationContext {
|
||||
public void fulfill(AuthoObligation obligation);
|
||||
}
|
|
@ -0,0 +1,29 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.pep;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import eu.aniketos.securebpmn.api.autho.AuthoAttribute;
|
||||
import eu.aniketos.securebpmn.api.idm.IdInfo;
|
||||
|
||||
public interface IPEP {
|
||||
|
||||
boolean authorized(String subjectId, String resource, String action, List<AuthoAttribute> ctxAttrs);
|
||||
|
||||
boolean authorized(IdInfo idInfo, String resource, String action, List<AuthoAttribute> ctxAttrs);
|
||||
|
||||
}
|
|
@ -0,0 +1,22 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.api.pep;
|
||||
|
||||
import eu.aniketos.securebpmn.api.idm.IIDProviderProxy;
|
||||
|
||||
public interface IPEPProxy extends IIDProviderProxy {
|
||||
|
||||
}
|
|
@ -0,0 +1,53 @@
|
|||
/* Copyright 2012-2015 SAP SE
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package eu.aniketos.securebpmn.xacml.api;
|
||||
|
||||
import junit.framework.Test;
|
||||
import junit.framework.TestCase;
|
||||
import junit.framework.TestSuite;
|
||||
|
||||
/**
|
||||
* Unit test for simple App.
|
||||
*/
|
||||
public class AppTest
|
||||
extends TestCase
|
||||
{
|
||||
/**
|
||||
* Create the test case
|
||||
*
|
||||
* @param testName name of the test case
|
||||
*/
|
||||
public AppTest( String testName )
|
||||
{
|
||||
super( testName );
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the suite of tests being tested
|
||||
*/
|
||||
public static Test suite()
|
||||
{
|
||||
return new TestSuite( AppTest.class );
|
||||
}
|
||||
|
||||
/**
|
||||
* Rigourous Test :-)
|
||||
*/
|
||||
public void testApp()
|
||||
{
|
||||
assertTrue( true );
|
||||
}
|
||||
}
|
|
@ -12,6 +12,7 @@
|
|||
<modules>
|
||||
<module>../com.sun.xacml</module>
|
||||
<module>../com.sun.xacml.support</module>
|
||||
<module>../eu.aniketos.securebpmn.xacml.api</module>
|
||||
</modules>
|
||||
<build>
|
||||
<plugins>
|
||||
|
|
Reference in New Issue