PDPStateMgt.java example

Explorer
Security-Service-Validation-and-Verification-master
/* Copyright 2012-2015 SAP SE
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package eu.aniketos.securebpmn.xacml.pdp.state;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URI;
import java.util.Date;
import java.util.List;
import java.util.Properties;
import java.util.Vector;

import org.apache.log4j.PropertyConfigurator;

import eu.aniketos.securebpmn.xacml.api.SecurityError;
import eu.aniketos.securebpmn.xacml.api.autho.AttributeIdentifier;
import eu.aniketos.securebpmn.xacml.api.autho.AuthoAttribute;
import eu.aniketos.securebpmn.xacml.api.autho.AuthoResult;
import eu.aniketos.securebpmn.xacml.api.idm.IdInfo;
import eu.aniketos.securebpmn.xacml.pdp.PDPServer;
import eu.aniketos.securebpmn.xacml.pdpstate.DemoPDPStateMgt;
import eu.aniketos.securebpmn.xacml.pdpstate.PDPStateManagement;

import com.sun.xacml.ConfigurationStore;
import com.sun.xacml.ParsingException;
import com.sun.xacml.UnknownIdentifierException;

public class PDPStateMgt {

    private static long start, setup;

    private static PDPServer pdp;
    private static PDPStateManagement pdpStateMgt;
    private static DemoPDPStateMgt demoMgt;

    private static final String ADMIN_USER = "admin@aniketos.eu",
                                ADMIN_ROLE = "admin";

    private static AttributeIdentifier resource_subject = new AttributeIdentifier(
        URI.create("urn:oasis:names:tc:xacml:3.0:attribute-category:resource"),
        URI.create("http://www.w3.org/2001/XMLSchema#string"),
        URI.create("urn:custom:resource:subject-id"), null);

    private static AttributeIdentifier resource_role = new AttributeIdentifier(
        URI.create("urn:oasis:names:tc:xacml:3.0:attribute-category:resource"),
        URI.create("http://www.w3.org/2001/XMLSchema#string"),
        URI.create("urn:custom:resource:role"), null);

    /**
     * @param args
     * @throws IOException
     * @throws FileNotFoundException
     * @throws UnknownIdentifierException
     * @throws ParsingException
     */
    public static void main(String[] args) throws FileNotFoundException, IOException, ParsingException, UnknownIdentifierException {
        start = new Date().getTime();
        Properties log4jProps = new Properties();
        log4jProps.load(new BufferedInputStream(new FileInputStream(new File("src/test/log4j.properties"))));
        PropertyConfigurator.configure(log4jProps);

        init();
        demoSetup();
        setup = new Date().getTime();

        System.out.println("STARTUP TIME: " + ( setup - start));

        test1();
        long test1 = new Date().getTime();

        System.out.println("TEST TIME: " + (test1 - setup));

//
//		test2();
//		long test2 = new Date().getTime();
//
//		System.out.println("TEST TIME2: " + (test2 - test1));

        List<String> roles = demoMgt.getRoles("helmut@aniketos.eu");
        System.out.print("roles for helmut@aniketos.eu: ");
        for(String s : roles ) {
            System.out.print(s +", ");
        }
        System.out.println("");
    }

    private static void init() throws ParsingException, UnknownIdentifierException {
        //ConfigurationStore config = new ConfigurationStore(new File("src/test/runningExample/pdp-config.xml"));
        ConfigurationStore config = new ConfigurationStore(new File("src/test/runningExample/pdp-config-denyPolicies.xml"));


        pdp = new PDPServer(config.getDefaultPDPConfig());


        pdpStateMgt = PDPStateManagement.getInstance();
        demoMgt = new DemoPDPStateMgt();

    }

    private static void demoSetup() {
        demoMgt.addRole(ADMIN_USER, ADMIN_ROLE);

        List<String> roles = demoMgt.getRoles(ADMIN_USER);
        System.out.print("### TEST ### roles for " + ADMIN_USER + ": ");
        for(String s : roles ) {
            System.out.print(s +", ");
        }
        System.out.println("");

        demoMgt.addActivePolicy("preg");
        List<String> polices = demoMgt.getActivePolicies();
        System.out.print("### TEST ### active policies: ");
        for(String s : polices ) {
            System.out.print(s +", ");
        }
        System.out.println("");
    }


    private static void test1() {

        List<String> roles = demoMgt.getRoles("helmut@aniketos.eu");
        System.out.print("### TEST ### roles for helmut@aniketos.eu: ");
        for(String s : roles ) {
            System.out.print(s +", ");
        }
        System.out.println("");

        List<AuthoAttribute> attributes = new Vector<AuthoAttribute>();
        attributes.add(new AuthoAttribute(resource_subject, "helmut@aniketos.eu"));
        attributes.add(new AuthoAttribute(resource_role, "employee"));

        try {
            AuthoResult res = pdp.evaluate(new IdInfo(ADMIN_USER), "urn:runEx:role:assignment", "add", attributes);
            System.out.println("result: " + res.toString());

            long evalId = Long.parseLong(res.getObligations().get(0).getParameters().iterator().next().getValue());
            System.out.println("evalId: " + evalId);

//			try {
//				Thread.sleep(1000);
//			} catch (InterruptedException e) {
//				// TODO Auto-generated catch block
//				e.printStackTrace();
//			}

            pdp.notifyStateChange(evalId);
        } catch (SecurityError e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

        roles = demoMgt.getRoles("helmut@aniketos.eu");
        System.out.print("### TEST ### roles for helmut@aniketos.eu: ");
        for(String s : roles ) {
            System.out.print(s +", ");
        }
        System.out.println("");

    }


    private static void test2() {

        List<AuthoAttribute> attributes = new Vector<AuthoAttribute>();
        attributes.add(new AuthoAttribute(resource_subject, "helmut@aniketos.eu"));
        attributes.add(new AuthoAttribute(resource_role, "anotherRole"));

        try {
            AuthoResult res = pdp.evaluate(new IdInfo(ADMIN_USER), "urn:runEx:role:assignment", "add", attributes);
            System.out.println("result: " + res.toString());

            long evalId = Long.parseLong(res.getObligations().get(0).getParameters().iterator().next().getValue());
            System.out.println("evalId: " + evalId);

//			try {
//				Thread.sleep(1000);
//			} catch (InterruptedException e) {
//				// TODO Auto-generated catch block
//				e.printStackTrace();
//			}

            pdp.notifyStateChange(evalId);
        } catch (SecurityError e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

//		List<String> roles = demoMgt.getRoles("helmut@aniketos.eu");
//		System.out.print("roles for helmut@aniketos.eu: ");
//		for(String s : roles ) {
//			System.out.print(s +", ");
//		}
//		System.out.println("");

    }


}