001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.test.security.test;
023:
024: import java.security.Permissions;
025: import javax.security.jacc.WebUserDataPermission;
026:
027: import junit.framework.TestCase;
028:
029: /** Tests of the JAAC WebUserDataPermission
030: *
031: * @author Scott.Stark@jboss.org
032: * @version $Revision: 57211 $
033: */
034: public class WebUserDataPermissionUnitTestCase extends TestCase {
035:
036: public WebUserDataPermissionUnitTestCase(String name) {
037: super (name);
038: }
039:
040: public void testCtor2() throws Exception {
041: String nullActions = null;
042: WebUserDataPermission p = new WebUserDataPermission("/",
043: nullActions);
044: String actions = p.getActions();
045: assertTrue("actions(" + actions + ") == null", actions == null);
046:
047: p = new WebUserDataPermission("", "POST");
048: actions = p.getActions();
049: assertTrue("actions(" + actions + ") == POST", actions
050: .equals("POST"));
051:
052: p = new WebUserDataPermission("/", "POST");
053: actions = p.getActions();
054: assertTrue("actions(" + actions + ") == POST", actions
055: .equals("POST"));
056:
057: p = new WebUserDataPermission("/",
058: "GET,POST,PUT,DELETE,HEAD,OPTIONS,TRACE");
059: actions = p.getActions();
060: assertTrue("actions(" + actions + ") == null", actions == null);
061:
062: p = new WebUserDataPermission("/", "TRACE,GET,DELETE");
063: actions = p.getActions();
064: assertTrue("actions(" + actions + ") == DELETE,GET,TRACE",
065: actions.equals("DELETE,GET,TRACE"));
066:
067: p = new WebUserDataPermission("/", "TRACE,GET,DELETE:NONE");
068: actions = p.getActions();
069: assertTrue("actions(" + actions + ") == DELETE,GET,TRACE",
070: actions.equals("DELETE,GET,TRACE"));
071:
072: p = new WebUserDataPermission("/",
073: "TRACE,GET,DELETE:CONFIDENTIAL");
074: actions = p.getActions();
075: assertTrue("actions(" + actions
076: + ") == DELETE,GET,TRACE:CONFIDENTIAL", actions
077: .equals("DELETE,GET,TRACE:CONFIDENTIAL"));
078: }
079:
080: public void testImpliesPermission() throws Exception {
081: String nullActions = null;
082: WebUserDataPermission p0 = new WebUserDataPermission("/",
083: nullActions);
084: WebUserDataPermission p1 = new WebUserDataPermission("/", "GET");
085: assertTrue("p0.implies(p1)", p0.implies(p1));
086:
087: p0 = new WebUserDataPermission("/", "");
088: assertTrue("p0.implies(p1)", p0.implies(p1));
089:
090: p0 = new WebUserDataPermission("/", "GET");
091: assertTrue("p0.implies(p1)", p0.implies(p1));
092:
093: p1 = new WebUserDataPermission("", "GET");
094: assertTrue("p0.implies(p1)", p0.implies(p1));
095:
096: p0 = new WebUserDataPermission("/*", nullActions);
097: p1 = new WebUserDataPermission("/any", "GET");
098: assertTrue("p0.implies(p1)", p0.implies(p1));
099:
100: p0 = new WebUserDataPermission("/*", "GET");
101: p1 = new WebUserDataPermission("/any", "GET");
102: assertTrue("p0.implies(p1)", p0.implies(p1));
103:
104: p0 = new WebUserDataPermission("/any/*", "GET");
105: p1 = new WebUserDataPermission("/any", "GET");
106: assertTrue("p0.implies(p1)", p0.implies(p1));
107:
108: p1 = new WebUserDataPermission("/any/", "GET");
109: assertTrue("p0.implies(p1)", p0.implies(p1));
110:
111: p0 = new WebUserDataPermission("/any/more/*", "GET");
112: p1 = new WebUserDataPermission("/any/more/andsome", "GET");
113: assertTrue("p0.implies(p1)", p0.implies(p1));
114:
115: p0 = new WebUserDataPermission("*.jsp", "POST,GET");
116: p1 = new WebUserDataPermission("/snoop.jsp", "GET,POST");
117: assertTrue("p0.implies(p1)", p0.implies(p1));
118:
119: p1 = new WebUserDataPermission("/snoop.jsp", "GET,POST:NONE");
120: assertTrue("p0.implies(p1)", p0.implies(p1));
121:
122: p0 = new WebUserDataPermission("*.jsp", "POST,GET,TRACE");
123: assertTrue("p0.implies(p1)", p0.implies(p1));
124:
125: p0 = new WebUserDataPermission("/snoop.jsp", "POST,GET,TRACE");
126: assertTrue("p0.implies(p1)", p0.implies(p1));
127:
128: p0 = new WebUserDataPermission(
129: "/:/secured.jsp:/unchecked.jsp:/excluded.jsp:/sslprotected.jsp",
130: "POST,GET");
131: p1 = new WebUserDataPermission(
132: "/:/secured.jsp:/excluded.jsp:/sslprotected.jsp:/unchecked.jsp",
133: "GET,POST");
134: assertTrue("p0.implies(p1)", p0.implies(p1));
135:
136: p0 = new WebUserDataPermission("*.jsp", "POST,GET,TRACE:NONE");
137: p1 = new WebUserDataPermission("/snoop.jsp", "GET,POST");
138: assertTrue("p0.implies(p1)", p0.implies(p1));
139:
140: p0 = new WebUserDataPermission("*.jsp",
141: "POST,GET,TRACE:CONFIDENTIAL");
142: p1 = new WebUserDataPermission("/snoop.jsp",
143: "GET,POST:CONFIDENTIAL");
144: assertTrue("p0.implies(p1)", p0.implies(p1));
145: }
146:
147: public void testNotImpliesPermission() throws Exception {
148: String nullActions = null;
149: WebUserDataPermission p0 = new WebUserDataPermission("/", "GET");
150: WebUserDataPermission p1 = new WebUserDataPermission("/",
151: nullActions);
152: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
153:
154: p1 = new WebUserDataPermission("/", "POST");
155: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
156:
157: p0 = new WebUserDataPermission("", "");
158: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
159:
160: p1 = new WebUserDataPermission("/", "GET,POST");
161: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
162:
163: p0 = new WebUserDataPermission("/any/*", "GET");
164: p1 = new WebUserDataPermission("/anymore", "GET");
165: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
166:
167: p1 = new WebUserDataPermission("/anyx", "GET");
168: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
169:
170: p1 = new WebUserDataPermission("/any/more", "GET,POST");
171: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
172:
173: p0 = new WebUserDataPermission("/*", "GET");
174: p1 = new WebUserDataPermission("/anyx", "GET,POST");
175: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
176:
177: p0 = new WebUserDataPermission("*.jsp", "GET");
178: p1 = new WebUserDataPermission("/", "GET");
179: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
180:
181: p0 = new WebUserDataPermission("*.jsp", "GET");
182: p1 = new WebUserDataPermission("/*", "GET");
183: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
184:
185: p0 = new WebUserDataPermission("*.jsp", "GET");
186: p1 = new WebUserDataPermission("/jsp", "GET");
187: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
188:
189: p0 = new WebUserDataPermission("*.jsp", "GET");
190: p1 = new WebUserDataPermission("/snoop,jsp", "GET");
191: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
192:
193: p0 = new WebUserDataPermission("*.jsp",
194: "POST,GET,TRACE:CONFIDENTIAL");
195: p1 = new WebUserDataPermission("/snoop.jsp", "GET,POST");
196: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
197:
198: p0 = new WebUserDataPermission("*.jsp",
199: "POST,GET,TRACE:CONFIDENTIAL");
200: p1 = new WebUserDataPermission("/snoop.jsp",
201: "GET,POST:INTEGRAL");
202: assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
203: }
204:
205: public void testMatch() {
206: Permissions perms = new Permissions();
207: WebUserDataPermission p = new WebUserDataPermission(
208: "/protected/exact/get/roleA",
209: "DELETE,HEAD,OPTIONS,POST,PUT,TRACEL");
210: perms.add(p);
211: p = new WebUserDataPermission("/protected/exact/get/roleA",
212: "GET");
213: perms.add(p);
214:
215: p = new WebUserDataPermission("/protected/exact/get/roleA",
216: null);
217: assertFalse("/protected/exact/get/roleA null is implied", perms
218: .implies(p));
219: }
220:
221: public void testQualifiedPatterns() {
222: try {
223: /* No pattern may exist in the URLPatternList that matches
224: the first pattern.
225: */
226: WebUserDataPermission p = new WebUserDataPermission("/:/*",
227: "");
228: fail("Should not have been able to use a pattern with matching qualifiying pattern");
229: } catch (IllegalArgumentException e) {
230: // Failed as expected
231: }
232:
233: try {
234: /* If the first pattern is a path-prefix pattern, only exact
235: patterns matched by the first pattern and path-prefix patterns
236: matched by, but different from, the first pattern may occur
237: in the URLPatternList.
238: */
239: WebUserDataPermission p = new WebUserDataPermission(
240: "/*:*.ext", "");
241: fail("Should not have been able to use a pattern with extension qualifiying pattern");
242: } catch (IllegalArgumentException e) {
243: // Failed as expected
244: }
245:
246: try {
247: /* If the first pattern is an extension pattern, only exact
248: patterns that are matched by the first pattern and path-prefix
249: patterns may occur in the URLPatternList.
250: */
251: WebUserDataPermission p = new WebUserDataPermission(
252: "*.ext:*.ext2", "");
253: fail("Should not have been able to use an extension in qualifiying pattern");
254: } catch (IllegalArgumentException e) {
255: // Failed as expected
256: }
257:
258: try {
259: /* If the first pattern is the default pattern, "/", any
260: pattern except the default pattern may occur in the
261: URLPatternList.
262: */
263: WebUserDataPermission p0 = new WebUserDataPermission("/:/",
264: "");
265: fail("Should not have been able to use the default pattern in qualifiying pattern");
266: } catch (IllegalArgumentException e) {
267: // Failed as expected
268: }
269:
270: try {
271: /* If the first pattern is an exact pattern a URLPatternList
272: must not be present in the URLPatternSpec.
273: */
274: WebUserDataPermission p0 = new WebUserDataPermission(
275: "/exact:/*", "");
276: fail("Should not have been able to use a qualifiying pattern");
277: } catch (IllegalArgumentException e) {
278: // Failed as expected
279: }
280: }
281: }
|