[prev in list] [next in list] [prev in thread] [next in thread]
List: forgerock-openam-commit
Subject: [CommitOpenAM] [10814] branches/AME-4616: AME-4616 Merge changes from trunk
From: noreply () forgerock ! org
Date: 2014-09-30 13:49:13
Message-ID: 20140930134913.5EDC240934 () sources ! internal ! forgerock ! com
[Download RAW message or body]
[Attachment #2 (text/html)]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[10814] branches/AME-4616: AME-4616 Merge changes from trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: \
verdana,arial,helvetica,sans-serif; font-size: 10pt; } #msg dl a { font-weight: \
bold} #msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: \
bold; } #msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: \
6px; } #logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em \
0; } #logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg \
h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; } \
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; \
} #logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: \
-1.5em; padding-left: 1.5em; } #logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em \
1em 0 1em; background: white;} #logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid \
#fa0; border-bottom: 1px solid #fa0; background: #fff; } #logmsg table th { \
text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted \
#fa0; } #logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: \
0.2em 0.5em; } #logmsg table thead th { text-align: center; border-bottom: 1px solid \
#fa0; } #logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: \
6px; } #patch { width: 100%; }
#patch h4 {font-family: \
verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, \
#patch .copfile {border:1px solid #ccc;margin:10px 0;} #patch ins \
{background:#dfd;text-decoration:none;display:block;padding:0 10px;} #patch del \
{background:#fdd;text-decoration:none;display:block;padding:0 10px;} #patch .lines, \
.info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a \
href="http://sources.forgerock.org/changelog/openam/?cs=10814">10814</a></dd> \
<dt>Author</dt> <dd>craig.mcdonnell</dd> <dt>Date</dt> <dd>2014-09-30 14:49:13 +0100 \
(Tue, 30 Sep 2014)</dd> </dl>
<h3>Log Message</h3>
<pre>AME-4616 Merge changes from trunk</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#branchesAME4616openamopenamclientsdkpomxml">branches/AME-4616/openam/openam-clientsdk/pom.xml</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopen \
ssoOpenSSOApplicationPrivilegeManagerjava">branches/AME-4616/openam/openam-core/src/ma \
in/java/com/sun/identity/entitlement/opensso/OpenSSOApplicationPrivilegeManager.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopen \
ssoOpenSSOGroupSubjectjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOGroupSubject.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopen \
ssoOpenSSOUserSubjectjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOUserSubject.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopen \
ssoPrivilegeUtilsjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/PrivilegeUtils.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentityidmAMIdentityja \
va">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/idm/AMIdentity.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicyCondition \
TypeManagerjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/ConditionTypeManager.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAM \
IdentityMembershipConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AMIdentityMembershipCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAM \
IdentitySubjectjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AMIdentitySubject.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAu \
thLevelConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthLevelCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAu \
thSchemeConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthSchemeCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAu \
thenticateToRealmConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticateToRealmCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAu \
thenticateToServiceConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticateToServiceCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAu \
thenticatedUsersjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticatedUsers.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsIP \
Conditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/IPCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsLD \
APFilterConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/LDAPFilterCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsLE \
AuthLevelConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/LEAuthLevelCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsRe \
sourceEnvIPConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/ResourceEnvIPCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsSe \
ssionConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SessionCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsSe \
ssionPropertyConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SessionPropertyCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsSi \
mpleTimeConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SimpleTimeCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavaorgforgerockopenamnetworkipv4 \
IPv4Conditionjava">branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/network/ipv4/IPv4Condition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavaorgforgerockopenamnetworkipv6 \
IPv6Conditionjava">branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/network/ipv6/IPv6Condition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavaorgforgerockopenamupgradestep \
spolicyconditionsPolicyConditionUpgradeMapjava">branches/AME-4616/openam/openam-core/s \
rc/main/java/org/forgerock/openam/upgrade/steps/policy/conditions/PolicyConditionUpgradeMap.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainresourcesEntitlementExceptionprop \
erties">branches/AME-4616/openam/openam-core/src/main/resources/EntitlementException.properties</a></li>
<li><a href="#branchesAME4616openamopenamcoresrctestjavacomsunidentityentitlementxacm \
l3XACMLPrivilegeUtilsTestjava">branches/AME-4616/openam/openam-core/src/test/java/com/sun/identity/entitlement/xacml3/XACMLPrivilegeUtilsTest.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentAnyUserSubjectjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/AnyUserSubject.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentEntitlementExceptionjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/EntitlementException.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentEntitlementSubjectImpljava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/EntitlementSubjectImpl.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentGroupSubjectjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/GroupSubject.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentUserSubjectjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/UserSubject.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavaorgforgerockopenament \
itlementEntitlementRegistryjava">branches/AME-4616/openam/openam-entitlements/src/main/java/org/forgerock/openam/entitlement/EntitlementRegistry.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementAndConditionEvalTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndConditionEvalTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementAndConditionTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndConditionTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementAndSubjectTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndSubjectTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementCanBeDeletedAppTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/CanBeDeletedAppTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementDecisionMergeTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DecisionMergeTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementHttpStarEvaluationTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/HttpStarEvaluationTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementMultiWildcardEvalTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/MultiWildcardEvalTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementNotConditionTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/NotConditionTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementNotSubjectTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/NotSubjectTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementOrConditionEvalTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrConditionEvalTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementOrConditionTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrConditionTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementOrSubjectTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrSubjectTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementOrgAliasReferralTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrgAliasReferralTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementPrivilegeManagerTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/PrivilegeManagerTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementSingleWildCardEvaluatorTestjava">branches/AME-4616/openam/openam-federation/Op \
enFM/src/test/java/com/sun/identity/entitlement/SingleWildCardEvaluatorTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementWebServiceApplicationTestjava">branches/AME-4616/openam/openam-federation/Open \
FM/src/test/java/com/sun/identity/entitlement/WebServiceApplicationTest.java</a></li> \
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityenti \
tlementXACMLExportTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/XACMLExportTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementxacml3PrivilegeUtilsTestjava">branches/AME-4616/openam/openam-federation/OpenF \
M/src/test/java/com/sun/identity/entitlement/xacml3/PrivilegeUtilsTest.java</a></li> \
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentitypoli \
cyPrivilegeUtilsTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/policy/PrivilegeUtilsTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityres \
tListenerRestTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/ListenerRestTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityres \
tMultipleResourceRestTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/MultipleResourceRestTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityres \
tPrivilegeRestTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/PrivilegeRestTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityres \
tRestPermissionTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/RestPermissionTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityres \
tRestTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/RestTest.java</a></li>
<li><a href="#branchesAME4616openamopenamrestsrcmainjavaorgforgerockopenamforgerockre \
stentitlementsmodeljsonJsonEntitlementSubjectMixinjava">branches/AME-4616/openam/opena \
m-rest/src/main/java/org/forgerock/openam/forgerockrest/entitlements/model/json/JsonEntitlementSubjectMixin.java</a></li>
<li><a href="#branchesAME4616openamopenamrestsrctestjavaorgforgerockopenamforgerockre \
stentitlementsJsonPolicyParserTestjava">branches/AME-4616/openam/openam-rest/src/test/ \
java/org/forgerock/openam/forgerockrest/entitlements/JsonPolicyParserTest.java</a></li>
<li><a href="#branchesAME4616openamopenamtoolsopenaminstalltoolspomxml">branches/AME-4616/openam/openam-tools/openam-installtools/pom.xml</a></li>
<li><a href="#branchesAME4616openamopenamtoolsopenaminstalltoolssrctestjavacomsuniden \
tityinstalltoolsutilOSCheckerTestjava">branches/AME-4616/openam/openam-tools/openam-in \
stalltools/src/test/java/com/sun/identity/install/tools/util/OSCheckerTest.java</a></li>
<li><a href="#branchesAME4616openssoproductswebagentsMakefilelinuxmk">branches/AME-4616/opensso/products/webagents/Makefile.linux.mk</a></li>
<li><a href="#branchesAME4616openssoproductswebagentsbuildxml">branches/AME-4616/opensso/products/webagents/build.xml</a></li>
<li><a href="#branchesAME4616openssoproductswebagentsbuild_agentxml">branches/AME-4616/opensso/products/webagents/build_agent.xml</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li>branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/entitlement/conditions/</li>
<li>branches/AME-4616/openam/openam-core/src/test/java/org/forgerock/openam/entitlement/conditions/</li>
<li>branches/AME-4616/opensso/products/webagents/install/varnish/</li>
</ul>
<h3>Removed Paths</h3>
<ul>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopens \
soJavaOneDemoAccountConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/JavaOneDemoAccountCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopen \
ssoJavaOneDemoConditionjava">branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/JavaOneDemoCondition.java</a></li>
<li>branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/entitlement/conditions/</li>
<li>branches/AME-4616/openam/openam-core/src/test/java/org/forgerock/openam/entitlement/conditions/</li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentAuthenticatedESubjectjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/AuthenticatedESubject.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentBankingSubjectjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/BankingSubject.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentDNSNameConditionjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/DNSNameCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentIPConditionjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/IPCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentIdRepoRoleSubjectjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/IdRepoRoleSubject.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentRoleSubjectjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/RoleSubject.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentTimeConditionjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/TimeCondition.java</a></li>
<li><a href="#branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitle \
mentVirtualSubjectjava">branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/VirtualSubject.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementDNSNameEvalTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DNSNameEvalTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementDateRangeConditionEvaluationjava">branches/AME-4616/openam/openam-federation/O \
penFM/src/test/java/com/sun/identity/entitlement/DateRangeConditionEvaluation.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementDayConditionEvaluationjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DayConditionEvaluation.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementIPConditionEvalTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/IPConditionEvalTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementIPConditionTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/IPConditionTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementRoleSubjectTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/RoleSubjectTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementTimeConditionEvaluationjava">branches/AME-4616/openam/openam-federation/OpenFM \
/src/test/java/com/sun/identity/entitlement/TimeConditionEvaluation.java</a></li> \
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityenti \
tlementTimeConditionTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/TimeConditionTest.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityent \
itlementTimeZoneConditionEvaluationjava">branches/AME-4616/openam/openam-federation/Op \
enFM/src/test/java/com/sun/identity/entitlement/TimeZoneConditionEvaluation.java</a></li>
<li><a href="#branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentitypol \
icyIPCEvaluatorTestjava">branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/policy/IPCEvaluatorTest.java</a></li>
</ul>
<h3>Property Changed</h3>
<ul>
<li><a href="#branchesAME4616">branches/AME-4616/</a></li>
<li><a href="#branchesAME4616communityextensionscrowdprovider">branches/AME-4616/community/extensions/crowdprovider/</a></li>
<li><a href="#branchesAME4616openam">branches/AME-4616/openam/</a></li>
<li><a href="#branchesAME4616openamopenamdocumentationopenamdocsource">branches/AME-4616/openam/openam-documentation/openam-doc-source/</a></li>
<li><a href="#branchesAME4616openamopenamoauth2">branches/AME-4616/openam/openam-oauth2/</a></li>
<li><a href="#branchesAME4616openamopenamrestsrcmainjavaorgforgerockopenamforgerockre \
stIdentityResourceV1java">branches/AME-4616/openam/openam-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResourceV1.java</a></li>
<li><a href="#branchesAME4616openamagents">branches/AME-4616/openam-agents/</a></li>
<li><a href="#branchesAME4616opensso">branches/AME-4616/opensso/</a></li>
<li><a href="#branchesAME4616openssoproducts">branches/AME-4616/opensso/products/</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="branchesAME4616"></a>
<div class="propset"><h4>Property changes: branches/AME-4616</h4>
<pre class="diff"><span>
</span></pre></div>
<a id="svnmergeinfo"></a>
<div class="modfile"><h4>Modified: svn:mergeinfo</h4></div>
<span class="cx">/branches/AME-2526-SFO-between-sites:7510-8258
</span><span class="cx">/branches/AME-3423:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington:9534-9723
</span><span class="cx">/branches/AME-3719:9517-9879
</span><span class="cx">/branches/AME-4378:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459:10437-10535
</span><span class="cx">/branches/IIS7PostData:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted:6910-6946
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes:8747-8835
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation:7834-7844
</span><span class="cx">/branches/ame4103:9979,9981,9998,10000,10002,10007-10008,10016,10018,10038
</span><span class="cx">/branches/ame4272:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2:7508-7697
</span><span class="cx">/branches/andy-ame1316-connectionfactory:5311-5328
</span><span class="cx">/branches/andy-cts-connection-pool:7098-7175
</span><span class="cx">/branches/andy-openam-2654:6872-6911
</span><span class="cx">/branches/andy-openam-2880:6451-6503
</span><span class="cx">/branches/andy-openam-2907:6531-6534
</span><span class="cx">/branches/andy-openam-3006:6709-6749
</span><span class="cx">/branches/andy-openam-3063:6927-6948
</span><span class="cx">/branches/andy-openam-3193:7124-7128
</span><span class="cx">/branches/andy-openam-3248:7171-7715
</span><span class="cx">/branches/andy-openam2743:6372-6439
</span><span class="cx">/branches/andy-openam2744:6347-6367
</span><span class="cx">/branches/andyAme2972:8270-8318
</span><span class="cx">/branches/andyAme3196:8853-9084
</span><span class="cx">/branches/andyOpenam1708:5576-5592
</span><span class="cx">/branches/andyOpenam2140:7819-7862
</span><span class="cx">/branches/andyOpenam2373:5600-5706
</span><span class="cx">/branches/andyOpenam2525:5601-5733
</span><span class="cx">/branches/andyOpenam3509:7881-7963
</span><span class="cx">/branches/andyOpenam3638:8094-8172
</span><span class="cx">/branches/andyPolicyCrest:8295-8813
</span><span class="cx">/branches/apforrest-ame1316:4881-5305
</span><span class="cx">/branches/maven_merge:2556-3124
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug:6767-6804
</span><span class="cx">/branches/openam2742-andy:6266-6323
</span><span class="cx">/branches/pcunnington-AME-3115-refactor:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158:8476-8577
</span><span class="cx">/branches/pcunnington-AME-350:4165-4344
</span><span class="cx">/branches/pcunnington-ame-344:4651-5199
</span><span class="cx">/branches/pcunnington-oauth2:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114:8314-8341
</span><span class="cx">/branches/policyimprovements:5513-5515
</span><span class="cx">/branches/rwapshott-AME-1739:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2160-session-size:6086-6319
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars:6170-6194
</span><span class="cx">/trunk:10652-10780
</span><span class="cx"> + /branches/10.1.0-Xpress:3888-3892
</span><span class="cx">/branches/AME-2526-SFO-between-sites:7510-8258
</span><span class="cx">/branches/AME-3423:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington:9534-9723
</span><span class="cx">/branches/AME-3719:9517-9879
</span><span class="cx">/branches/AME-4378:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459:10437-10535
</span><span class="cx">/branches/AME-4547:10585-10783
</span><span class="cx">/branches/AME-4595:10581-10789
</span><span class="cx">/branches/IIS7PostData:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted:6910-6946
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes:8747-8835
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation:7834-7844
</span><span class="cx">/branches/ame4103:9979,9981,9998,10000,10002,10007-10008,10016,10018,10038
</span><span class="cx">/branches/ame4272:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2:7508-7697
</span><span class="cx">/branches/andy-ame1316-connectionfactory:5311-5328
</span><span class="cx">/branches/andy-cts-connection-pool:7098-7175
</span><span class="cx">/branches/andy-openam-2654:6872-6911
</span><span class="cx">/branches/andy-openam-2880:6451-6503
</span><span class="cx">/branches/andy-openam-2907:6531-6534
</span><span class="cx">/branches/andy-openam-3006:6709-6749
</span><span class="cx">/branches/andy-openam-3063:6927-6948
</span><span class="cx">/branches/andy-openam-3193:7124-7128
</span><span class="cx">/branches/andy-openam-3248:7171-7715
</span><span class="cx">/branches/andy-openam2743:6372-6439
</span><span class="cx">/branches/andy-openam2744:6347-6367
</span><span class="cx">/branches/andyAme2972:8270-8318
</span><span class="cx">/branches/andyAme3196:8853-9084
</span><span class="cx">/branches/andyOpenam1708:5576-5592
</span><span class="cx">/branches/andyOpenam2140:7819-7862
</span><span class="cx">/branches/andyOpenam2373:5600-5706
</span><span class="cx">/branches/andyOpenam2525:5601-5733
</span><span class="cx">/branches/andyOpenam3509:7881-7963
</span><span class="cx">/branches/andyOpenam3638:8094-8172
</span><span class="cx">/branches/andyPolicyCrest:8295-8813
</span><span class="cx">/branches/apforrest-ame1316:4881-5305
</span><span class="cx">/branches/maven_merge:2556-3124
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug:6767-6804
</span><span class="cx">/branches/openam2742-andy:6266-6323
</span><span class="cx">/branches/pcunnington-AME-3115-refactor:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158:8476-8577
</span><span class="cx">/branches/pcunnington-AME-350:4165-4344
</span><span class="cx">/branches/pcunnington-ame-344:4651-5199
</span><span class="cx">/branches/pcunnington-oauth2:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114:8314-8341
</span><span class="cx">/branches/policyimprovements:5513-5515
</span><span class="cx">/branches/rwapshott-AME-1739:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2160-session-size:6086-6319
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars:6170-6194
</span><span class="cx">/trunk:10652-10812
</span><a id="branchesAME4616communityextensionscrowdprovider"></a>
<div class="propset"><h4>Property changes: \
branches/AME-4616/community/extensions/crowdprovider</h4> <pre class="diff"><span>
</span></pre></div>
<a id="svnmergeinfo"></a>
<div class="modfile"><h4>Modified: svn:mergeinfo</h4></div>
<span class="cx">/branches/AME-3423/community/extensions/crowdprovider:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/community/extensions/crowdprovider:9534-9723
</span><span class="cx">/branches/AME-3719/community/extensions/crowdprovider:9517-9879
</span><span class="cx">/branches/AME-4378/community/extensions/crowdprovider:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/community/extensions/crowdprovider:10437-10535
</span><span class="cx">/branches/IIS7PostData/opensso/extensions/seraphprovider:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/community/extensions/crowdprovider:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/community/extensions/crowdprovider:6910-6946
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/community/extensions/crowdprovider:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/community/extensions/crowdprovider:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/community/extensions/crowdprovider:8747-8835
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/community/extensions/crowdprovider:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/community/extensions/crowdprovider:7834-7844
</span><span class="cx">/branches/allanCSDK/extensions/seraphprovider:64-163
</span><span class="cx">/branches/ame4272/community/extensions/crowdprovider:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/community/extensions/crowdprovider:7508-7697
</span><span class="cx">/branches/maven_merge/community/extensions/crowdprovider:2556-2561
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/community/extensions/crowdprovider:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/community/extensions/crowdprovider:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/community/extensions/crowdprovider:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/community/extensions/crowdprovider:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/community/extensions/crowdprovider:6767-6804
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/community/extensions/crowdprovider:8348-8473
</span><span class="cx">/branches/pcunnington-oauth2/community/extensions/crowdprovider:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/community/extensions/crowdprovider:8314-8341
</span><span class="cx">/branches/rwapshott-AME-1739/community/extensions/crowdprovider:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/community/extensions/crowdprovider:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/community/extensions/crowdprovider:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/community/extensions/crowdprovider:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/community/extensions/crowdprovider:6086-6319
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/community/extensions/crowdprovider:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/community/extensions/crowdprovider:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/community/extensions/crowdprovider:6170-6194
</span><span class="cx">/trunk/community/extensions/crowdprovider:2556-2930,10686-10687,10694-10696,10701,10713,10716,10719,10721,10723,10725,10728,10735
</span><span class="cx"> + \
/branches/AME-2526-SFO-between-sites/community/extensions/crowdprovider:7510-8258 \
</span><span class="cx">/branches/AME-3423/community/extensions/crowdprovider:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/community/extensions/crowdprovider:9534-9723
</span><span class="cx">/branches/AME-3719/community/extensions/crowdprovider:9517-9879
</span><span class="cx">/branches/AME-4378/community/extensions/crowdprovider:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/community/extensions/crowdprovider:10437-10535
</span><span class="cx">/branches/AME-4547/community/extensions/crowdprovider:10585-10783
</span><span class="cx">/branches/AME-4595/community/extensions/crowdprovider:10581-10789
</span><span class="cx">/branches/IIS7PostData/opensso/extensions/seraphprovider:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/community/extensions/crowdprovider:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/community/extensions/crowdprovider:6910-6946
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/community/extensions/crowdprovider:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/community/extensions/crowdprovider:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/community/extensions/crowdprovider:8747-8835
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/community/extensions/crowdprovider:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/community/extensions/crowdprovider:7834-7844
</span><span class="cx">/branches/allanCSDK/extensions/seraphprovider:64-163
</span><span class="cx">/branches/ame4272/community/extensions/crowdprovider:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/community/extensions/crowdprovider:7508-7697
</span><span class="cx">/branches/maven_merge/community/extensions/crowdprovider:2556-2561
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/community/extensions/crowdprovider:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/community/extensions/crowdprovider:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/community/extensions/crowdprovider:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/community/extensions/crowdprovider:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/community/extensions/crowdprovider:6767-6804
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/community/extensions/crowdprovider:8348-8473
</span><span class="cx">/branches/pcunnington-oauth2/community/extensions/crowdprovider:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/community/extensions/crowdprovider:8314-8341
</span><span class="cx">/branches/rwapshott-AME-1739/community/extensions/crowdprovider:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/community/extensions/crowdprovider:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/community/extensions/crowdprovider:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/community/extensions/crowdprovider:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/community/extensions/crowdprovider:6086-6319
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/community/extensions/crowdprovider:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/community/extensions/crowdprovider:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/community/extensions/crowdprovider:6170-6194
</span><span class="cx">/trunk/community/extensions/crowdprovider:2556-2930,10652-10812
</span><a id="branchesAME4616openam"></a>
<div class="propset"><h4>Property changes: branches/AME-4616/openam</h4>
<pre class="diff"><span>
</span></pre></div>
<a id="svnmergeinfo"></a>
<div class="modfile"><h4>Modified: svn:mergeinfo</h4></div>
<span class="cx">/branches/AME-2629/openam:7585-7632
</span><span class="cx">/branches/AME-2766-policy-entitlements-REST-APIs/openam:8455-8476
</span><span class="cx">/branches/AME-3087-entitlements-CREST-management/openam:8481-8664
</span><span class="cx">/branches/AME-3087_query_and_patch/openam:8667-8681
</span><span class="cx">/branches/AME-3405-session-read-from-cts/openam:8749-8823
</span><span class="cx">/branches/AME-3423/openam:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/openam:9534-9723
</span><span class="cx">/branches/AME-3719/openam:9517-9879
</span><span class="cx">/branches/AME-3726-script-sandboxing/openam:9663-9819
</span><span class="cx">/branches/AME-4378/openam:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/openam:10437-10535
</span><span class="cx">/branches/CTS-Async/openam:8847-9739
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/openam:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/openam:6910-6946
</span><span class="cx">/branches/OPENAM-3130-session-quota/openam:6958-6972
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/openam:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/openam:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/openam:8747-8835
</span><span class="cx">/branches/OPENAM-4028-connection-pool/openam:9750-10171
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/openam:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/openam:7834-7844
</span><span class="cx">/branches/ame4272/openam:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/openam:7508-7697
</span><span class="cx">/branches/andy-ame1316-connectionfactory/openam:5311-5328
</span><span class="cx">/branches/andy-cts-connection-pool/openam:7098-7175
</span><span class="cx">/branches/andy-openam-2654/openam:6872-6911
</span><span class="cx">/branches/andy-openam-2880/openam:6451-6503
</span><span class="cx">/branches/andy-openam-2907/openam:6531-6534
</span><span class="cx">/branches/andy-openam-3006/openam:6709-6749
</span><span class="cx">/branches/andy-openam-3063/openam:6927-6948
</span><span class="cx">/branches/andy-openam-3193/openam:7124-7128
</span><span class="cx">/branches/andy-openam-3248/openam:7171-7715
</span><span class="cx">/branches/andy-openam2743/openam:6372-6439
</span><span class="cx">/branches/andy-openam2744/openam:6347-6367
</span><span class="cx">/branches/andyAme2972/openam:8270-8318
</span><span class="cx">/branches/andyAme3102/openam:8312-8413
</span><span class="cx">/branches/andyAme3196/openam:8853-9084
</span><span class="cx">/branches/andyOpenam1708/openam:5576-5592
</span><span class="cx">/branches/andyOpenam2140/openam:7819-7862
</span><span class="cx">/branches/andyOpenam2373/openam:5600-5706
</span><span class="cx">/branches/andyOpenam2525/openam:5601-5733
</span><span class="cx">/branches/andyOpenam3509/openam:7881-7963
</span><span class="cx">/branches/andyOpenam3638/openam:8094-8172
</span><span class="cx">/branches/andyPolicyCrest/openam:8295-8813
</span><span class="cx">/branches/apforrest-ame1316/openam:4881-5305
</span><span class="cx">/branches/apforrest_ame805_indextree/openam:4567-4852
</span><span class="cx">/branches/dirk_oauth_perf:5904
</span><span class="cx">/branches/dirk_sts:5297,5314,5317-5318,5320-5321
</span><span class="cx">/branches/oidc_authn:8507,8540,8557-8559,8565-8566
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/openam:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/openam:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/openam:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/openam:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/openam:6767-6804
</span><span class="cx">/branches/openam2742-andy/openam:6266-6323
</span><span class="cx">/branches/openam_10.1.0_xacml3_JAS/openam:4039-4140
</span><span class="cx">/branches/openam_10.2.0_xacml3_JAS/openam:4141-4379
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/openam:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/openam:8476-8577
</span><span class="cx">/branches/pcunnington-AME-350/openam:4165-4344
</span><span class="cx">/branches/pcunnington-ame-344/openam:4651-5199
</span><span class="cx">/branches/pcunnington-oauth2/openam:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/openam:8314-8341
</span><span class="cx">/branches/policyimprovements/openam:5513-5515
</span><span class="cx">/branches/rest_sts_publish:8167,8180,8214,8227,8245,8260
</span><span class="cx">/branches/rest_sts_view_bean:9690-9965
</span><span class="cx">/branches/rwapshott-AME-1739/openam:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/openam:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/openam:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/openam:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2027-cts-oids-should-follow-fr-oid-scheme/openam:5609-5614
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/openam:6086-6319
</span><span class="cx">/branches/rwapshott-ame-2311-index-names/openam:6058-6069
</span><span class="cx">/branches/rwapshott-ame-258-cts-replication/openam:5548-6055
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/openam:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/openam:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/openam:6170-6194
</span><span class="cx">/branches/rwapshott-openam-2729-saml2-error/openam:6247-6257
</span><span class="cx">/branches/sts_oidc_saml:8310,8352,8355,8368,8378-8379,8387-8388,8403,8410,8416
</span><span class="cx">/branches/sts_oidc_saml_redux:8417-8422,8424,8440,8445-8446,8460,8490,8498
</span><span class="cx">/branches/sts_restart_persistence:9003-9005,9009-9414
</span><span class="cx">/branches/sts_saml2_encrypt:10424-10472,10474-10550
</span><span class="cx">/branches/sts_service_listeners:9968-10031,10047-10048,10053
</span><span class="cx">/branches/sts_token_gen_service:8706,8717-8720,8723-8725,8727-8728,8731,8737,8740-8742,8759-8760,8774-8776,8796-8797,8800-8801,8818-8819,8821
</span><span class="cx">/branches/sts_token_gen_service2:8844-8887,8894-9000
</span><span class="cx">/branches/sts_x509:10206-10398
</span><span class="cx">/trunk/openam:10652-10780
</span><span class="cx"> + /branches/AME-2526-SFO-between-sites/openam:7510-8258
</span><span class="cx">/branches/AME-2629/openam:7585-7632
</span><span class="cx">/branches/AME-2766-policy-entitlements-REST-APIs/openam:8455-8476
</span><span class="cx">/branches/AME-3087-entitlements-CREST-management/openam:8481-8664
</span><span class="cx">/branches/AME-3087_query_and_patch/openam:8667-8681
</span><span class="cx">/branches/AME-3405-session-read-from-cts/openam:8749-8823
</span><span class="cx">/branches/AME-3423/openam:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/openam:9534-9723
</span><span class="cx">/branches/AME-3719/openam:9517-9879
</span><span class="cx">/branches/AME-3726-script-sandboxing/openam:9663-9819
</span><span class="cx">/branches/AME-4378/openam:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/openam:10437-10535
</span><span class="cx">/branches/AME-4547/openam:10585-10783
</span><span class="cx">/branches/AME-4595/openam:10581-10789
</span><span class="cx">/branches/CTS-Async/openam:8847-9739
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/openam:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/openam:6910-6946
</span><span class="cx">/branches/OPENAM-3130-session-quota/openam:6958-6972
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/openam:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/openam:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/openam:8747-8835
</span><span class="cx">/branches/OPENAM-4028-connection-pool/openam:9750-10171
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/openam:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/openam:7834-7844
</span><span class="cx">/branches/ame4272/openam:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/openam:7508-7697
</span><span class="cx">/branches/andy-ame1316-connectionfactory/openam:5311-5328
</span><span class="cx">/branches/andy-cts-connection-pool/openam:7098-7175
</span><span class="cx">/branches/andy-openam-2654/openam:6872-6911
</span><span class="cx">/branches/andy-openam-2880/openam:6451-6503
</span><span class="cx">/branches/andy-openam-2907/openam:6531-6534
</span><span class="cx">/branches/andy-openam-3006/openam:6709-6749
</span><span class="cx">/branches/andy-openam-3063/openam:6927-6948
</span><span class="cx">/branches/andy-openam-3193/openam:7124-7128
</span><span class="cx">/branches/andy-openam-3248/openam:7171-7715
</span><span class="cx">/branches/andy-openam2743/openam:6372-6439
</span><span class="cx">/branches/andy-openam2744/openam:6347-6367
</span><span class="cx">/branches/andyAme2972/openam:8270-8318
</span><span class="cx">/branches/andyAme3102/openam:8312-8413
</span><span class="cx">/branches/andyAme3196/openam:8853-9084
</span><span class="cx">/branches/andyOpenam1708/openam:5576-5592
</span><span class="cx">/branches/andyOpenam2140/openam:7819-7862
</span><span class="cx">/branches/andyOpenam2373/openam:5600-5706
</span><span class="cx">/branches/andyOpenam2525/openam:5601-5733
</span><span class="cx">/branches/andyOpenam3509/openam:7881-7963
</span><span class="cx">/branches/andyOpenam3638/openam:8094-8172
</span><span class="cx">/branches/andyPolicyCrest/openam:8295-8813
</span><span class="cx">/branches/apforrest-ame1316/openam:4881-5305
</span><span class="cx">/branches/apforrest_ame805_indextree/openam:4567-4852
</span><span class="cx">/branches/dirk_oauth_perf:5904
</span><span class="cx">/branches/dirk_sts:5297,5314,5317-5318,5320-5321
</span><span class="cx">/branches/oidc_authn:8507,8540,8557-8559,8565-8566
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/openam:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/openam:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/openam:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/openam:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/openam:6767-6804
</span><span class="cx">/branches/openam2742-andy/openam:6266-6323
</span><span class="cx">/branches/openam_10.1.0_xacml3_JAS/openam:4039-4140
</span><span class="cx">/branches/openam_10.2.0_xacml3_JAS/openam:4141-4379
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/openam:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/openam:8476-8577
</span><span class="cx">/branches/pcunnington-AME-350/openam:4165-4344
</span><span class="cx">/branches/pcunnington-ame-344/openam:4651-5199
</span><span class="cx">/branches/pcunnington-oauth2/openam:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/openam:8314-8341
</span><span class="cx">/branches/policyimprovements/openam:5513-5515
</span><span class="cx">/branches/rest_sts_publish:8167,8180,8214,8227,8245,8260
</span><span class="cx">/branches/rest_sts_view_bean:9690-9965
</span><span class="cx">/branches/rwapshott-AME-1739/openam:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/openam:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/openam:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/openam:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2027-cts-oids-should-follow-fr-oid-scheme/openam:5609-5614
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/openam:6086-6319
</span><span class="cx">/branches/rwapshott-ame-2311-index-names/openam:6058-6069
</span><span class="cx">/branches/rwapshott-ame-258-cts-replication/openam:5548-6055
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/openam:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/openam:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/openam:6170-6194
</span><span class="cx">/branches/rwapshott-openam-2729-saml2-error/openam:6247-6257
</span><span class="cx">/branches/sts_oidc_saml:8310,8352,8355,8368,8378-8379,8387-8388,8403,8410,8416
</span><span class="cx">/branches/sts_oidc_saml_redux:8417-8422,8424,8440,8445-8446,8460,8490,8498
</span><span class="cx">/branches/sts_restart_persistence:9003-9005,9009-9414
</span><span class="cx">/branches/sts_saml2_encrypt:10424-10472,10474-10550
</span><span class="cx">/branches/sts_service_listeners:9968-10031,10047-10048,10053
</span><span class="cx">/branches/sts_token_gen_service:8706,8717-8720,8723-8725,8727-8728,8731,8737,8740-8742,8759-8760,8774-8776,8796-8797,8800-8801,8818-8819,8821
</span><span class="cx">/branches/sts_token_gen_service2:8844-8887,8894-9000
</span><span class="cx">/branches/sts_x509:10206-10398
</span><span class="cx">/trunk/openam:10652-10812
</span><a id="branchesAME4616openamopenamclientsdkpomxml"></a>
<div class="modfile"><h4>Modified: branches/AME-4616/openam/openam-clientsdk/pom.xml \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- branches/AME-4616/openam/openam-clientsdk/pom.xml 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-clientsdk/pom.xml 2014-09-30 13:49:13 UTC (rev \
10814) </span><span class="lines">@@ -251,10 +251,12 @@
</span><span class="cx"> \
<include>org/forgerock/openam/entitlement/indextree/TreeSaveIndex*</include>
</span><span class="cx"> \
<include>org/forgerock/openam/entitlement/indextree/TreeSearchIndex*</include>
</span><span class="cx"> \
<include>org/forgerock/openam/entitlement/utils/EntitlementUtils*</include>
</span><ins>+ \
<include>org/forgerock/openam/entitlement/conditions/**</include> \
</ins><span class="cx"> \
<include>org/forgerock/openam/services/cdm/**</include> </span><span \
class="cx"> \
<include>org/forgerock/openam/security/whitelist/**</include> \
</span><span class="cx"> \
<include>org/forgerock/openam/upgrade/UpgradeException*</include> \
</span><span class="cx"> \
<include>org/forgerock/openam/validation/ResponseValidationFilter*</include>
</span><ins>+ \
<include>META-INF/services/org.forgerock.openam.entitlement.ConditionTypeRegistry</include>
</ins><span class="cx"> </includes>
</span><span class="cx"> <excludes>
</span><span class="cx"> \
<exclude>com/iplanet/am/sdk/ldap/**</exclude> </span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopenssoJavaOneDemoAccountConditionjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/JavaOneDemoAccountCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/JavaOneDemoAccountCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/JavaOneDemoAccountCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,126 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: JavaOneDemoAccountCondition.java,v 1.1 2009/08/19 05:40:35 veiming Exp $
- */
-
-package com.sun.identity.entitlement.opensso;
-
-import com.iplanet.sso.SSOException;
-import com.iplanet.sso.SSOToken;
-import com.sun.identity.entitlement.ConditionDecision;
-import com.sun.identity.entitlement.EntitlementConditionAdaptor;
-import com.sun.identity.entitlement.EntitlementException;
-import com.sun.identity.idm.AMIdentity;
-import com.sun.identity.idm.IdRepoException;
-import com.sun.identity.idm.IdType;
-import com.sun.identity.security.AdminTokenAction;
-import com.sun.identity.shared.ldap.LDAPDN;
-import java.security.AccessController;
-import java.security.Principal;
-import java.util.Collections;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-
-/**
- *
- * @author dennis
- */
-public class JavaOneDemoAccountCondition extends EntitlementConditionAdaptor {
-
- public void setState(String state) {
- //DO NOTHING
- }
-
- public String getState() {
- return "";
- }
-
- public ConditionDecision evaluate(
- String realm,
- Subject subject,
- String resourceName,
- Map<String, Set<String>> environment
- ) throws EntitlementException {
- try {
- String accountNumber = getAccountNumber(resourceName);
- if (accountNumber == null) {
- return new ConditionDecision(false, Collections.EMPTY_MAP);
- }
- SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
- String uuid = getUUID(subject);
- AMIdentity amid = new AMIdentity(adminToken, uuid, IdType.USER,
- "/", null);
- Set<String> setHoH = amid.getAttribute(
- "head_of_household");
- if ((setHoH == null) || !setHoH.contains("1")) {
- return new ConditionDecision(false, Collections.EMPTY_MAP);
- }
- Set<String> account = \
amid.getAttribute("account_number");
- if ((account == null) || !account.contains(accountNumber)) {
- return new ConditionDecision(false, Collections.EMPTY_MAP);
- }
- return new ConditionDecision(true, Collections.EMPTY_MAP);
- } catch (IdRepoException ex) {
- return new ConditionDecision(false, Collections.EMPTY_MAP);
- } catch (SSOException ex) {
- return new ConditionDecision(false, Collections.EMPTY_MAP);
- }
- }
-
- private String getAccountNumber(String resourceName) {
- /*
- * Resource name can be of form
- * http://localhost:8080/C1DemoServer/resources/accounts/123456789012345
- * http://localhost:8080/C1DemoServer/resources/accounts/123456789012345/
- * http://localhost:8080/C1DemoServer/resources/accounts/123456789012345/phoneCollection/
- * etc
- */
- String prefix = "/resources/accounts/";
- String accountNumber;
- int start = resourceName.indexOf(prefix) + prefix.length();
- if ( start >= resourceName.length() ) {
- return null;
- }
- int end = resourceName.indexOf("/", start);
- if ( end == -1 ) {
- // No trailing slash
- accountNumber = resourceName.substring(start);
- } else {
- accountNumber = resourceName.substring(start, end);
- }
- return accountNumber;
- }
-
- public static String getUUID(Subject subject) {
- Set<Principal> userPrincipals = subject.getPrincipals();
- String uid = ((userPrincipals != null) && !userPrincipals.isEmpty()) \
?
- userPrincipals.iterator().next().getName() : null;
- String[] x = LDAPDN.explodeDN(uid, true);
- return x[0];
- }
-
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopenssoJavaOneDemoConditionjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/JavaOneDemoCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/JavaOneDemoCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/JavaOneDemoCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,140 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: JavaOneDemoCondition.java,v 1.1 2009/08/19 05:40:35 veiming Exp $
- */
-
-package com.sun.identity.entitlement.opensso;
-
-import com.iplanet.sso.SSOException;
-import com.iplanet.sso.SSOToken;
-import com.sun.identity.entitlement.ConditionDecision;
-import com.sun.identity.entitlement.EntitlementConditionAdaptor;
-import com.sun.identity.entitlement.EntitlementException;
-import com.sun.identity.idm.AMIdentity;
-import com.sun.identity.idm.IdRepoException;
-import com.sun.identity.idm.IdType;
-import com.sun.identity.security.AdminTokenAction;
-import com.sun.identity.shared.ldap.LDAPDN;
-import java.security.AccessController;
-import java.security.Principal;
-import java.util.Collections;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-
-/**
- *
- * @author dennis
- */
-public class JavaOneDemoCondition extends EntitlementConditionAdaptor {
-
- public void setState(String state) {
- //DO NOTHING
- }
-
- public String getState() {
- return "";
- }
-
- public ConditionDecision evaluate(
- String realm,
- Subject subject,
- String resourceName,
- Map<String, Set<String>> environment
- ) throws EntitlementException {
- try {
- String accountNumber = getAccountNumber(resourceName);
- if (accountNumber == null) {
- return new ConditionDecision(false, Collections.EMPTY_MAP);
- }
- SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
- String uuid = getUUID(subject);
- AMIdentity amid = new AMIdentity(adminToken, uuid, IdType.USER,
- "/", null);
- Set<String> setHoH = amid.getAttribute(
- "head_of_household");
- if ((setHoH == null) || !setHoH.contains("1")) {
- return new ConditionDecision(false, Collections.EMPTY_MAP);
- }
- Set<String> account = \
amid.getAttribute("account_number");
- if ((account == null) || !account.contains(accountNumber)) {
- return new ConditionDecision(false, Collections.EMPTY_MAP);
- }
- return new ConditionDecision(true, Collections.EMPTY_MAP);
- } catch (IdRepoException ex) {
- return new ConditionDecision(false, Collections.EMPTY_MAP);
- } catch (SSOException ex) {
- return new ConditionDecision(false, Collections.EMPTY_MAP);
- }
- }
-
- private String getAccountNumber(String resourceName)
- throws EntitlementException {
- try {
- /*
- * Resource name can be of form
- * http://localhost:8080/C1DemoServer/resources/phones/1234567890
- * http://localhost:8080/C1DemoServer/resources/phones/1234567890/
- * http://localhost:8080/C1DemoServer/resources/phones/1234567890/accountNumber/
- * etc
- */
- String prefix = "/resources/phones/";
- String telNumber;
- int start = resourceName.indexOf(prefix) + prefix.length();
- if ( start >= resourceName.length() ) {
- return null;
- }
- int end = resourceName.indexOf("/", start);
- if ( end == -1 ) {
- // No trailing slash
- telNumber = resourceName.substring(start);
- } else {
- telNumber = resourceName.substring(start, end);
- }
-
- SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
- AMIdentity amid = new AMIdentity(adminToken, telNumber,
- IdType.USER, "/", null);
- Set<String> accountNumbers = \
amid.getAttribute("account_number");
- return ((accountNumbers != null) && !accountNumbers.isEmpty()) ?
- accountNumbers.iterator().next() : null;
- } catch (IdRepoException ex) {
- return null;
- } catch (SSOException ex) {
- return null;
- }
- }
-
- public static String getUUID(Subject subject) {
- Set<Principal> userPrincipals = subject.getPrincipals();
- String uid = ((userPrincipals != null) && !userPrincipals.isEmpty()) \
?
- userPrincipals.iterator().next().getName() : null;
- String[] x = LDAPDN.explodeDN(uid, true);
- return x[0];
- }
-
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopenssoOpenSSOApplicationPrivilegeManagerjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOApplicationPrivilegeManager.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOApplicationPrivilegeManager.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOApplicationPrivilegeManager.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,6 +27,10 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement.opensso;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="lines">@@ -54,13 +58,14 @@
</span><span class="cx"> import \
com.sun.identity.entitlement.SubjectAttributesManager; </span><span class="cx"> \
import com.sun.identity.entitlement.SubjectDecision; </span><span class="cx"> import \
com.sun.identity.entitlement.SubjectImplementation; </span><del>-import \
com.sun.identity.entitlement.TimeCondition; </del><span class="cx"> import \
com.sun.identity.entitlement.interfaces.ResourceName; </span><span class="cx"> import \
com.sun.identity.entitlement.util.SearchFilter; </span><span class="cx"> import \
com.sun.identity.security.AdminTokenAction; </span><span class="cx"> import \
com.sun.identity.shared.ldap.util.DN; </span><span class="cx"> import \
com.sun.identity.sm.DNMapper; </span><span class="cx"> import \
com.sun.identity.sm.SMSEntry; </span><ins>+import \
org.forgerock.openam.entitlement.conditions.environment.SimpleTimeCondition; +
</ins><span class="cx"> import java.io.UnsupportedEncodingException;
</span><span class="cx"> import java.net.URLDecoder;
</span><span class="cx"> import java.net.URLEncoder;
</span><span class="lines">@@ -333,8 +338,8 @@
</span><span class="cx">
</span><span class="cx"> ap.setSubject(subjects);
</span><span class="cx"> EntitlementCondition cond = p.getCondition();
</span><del>- if (cond instanceof TimeCondition) {
- ap.setCondition((TimeCondition)cond);
</del><ins>+ if (cond instanceof SimpleTimeCondition) {
+ ap.setCondition(cond);
</ins><span class="cx"> }
</span><span class="cx"> return ap;
</span><span class="cx"> }
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopenssoOpenSSOGroupSubjectjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOGroupSubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOGroupSubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOGroupSubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,6 +24,11 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: OpenSSOGroupSubject.java,v 1.2 2009/08/21 21:52:01 \
hengming Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement.opensso;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOException;
</span><span class="lines">@@ -50,7 +55,10 @@
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * This class represents group identity for membership check
</span><ins>+ *
+ * @deprecated As of ForgeRock OpenAM 12.
</ins><span class="cx"> */
</span><ins>+@Deprecated
</ins><span class="cx"> public class OpenSSOGroupSubject extends GroupSubject {
</span><span class="cx"> /**
</span><span class="cx"> * Constructor.
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopenssoOpenSSOUserSubjectjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOUserSubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOUserSubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/OpenSSOUserSubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,6 +24,11 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: OpenSSOUserSubject.java,v 1.2 2009/08/21 21:52:01 \
hengming Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement.opensso;
</span><span class="cx">
</span><span class="cx">
</span><span class="lines">@@ -45,8 +50,10 @@
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * OpenSSOUserSubject to represent user identity for \
membership check </span><del>- * @author dorai
</del><ins>+ *
+ * @deprecated As of ForgeRock OpenAM 12.
</ins><span class="cx"> */
</span><ins>+@Deprecated
</ins><span class="cx"> public class OpenSSOUserSubject extends UserSubject {
</span><span class="cx"> /**
</span><span class="cx"> * Constructs an OpenSSOUserSubject
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentityentitlementopenssoPrivilegeUtilsjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/PrivilegeUtils.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/PrivilegeUtils.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/entitlement/opensso/PrivilegeUtils.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -30,32 +30,25 @@
</span><span class="cx"> */
</span><span class="cx"> package com.sun.identity.entitlement.opensso;
</span><span class="cx">
</span><del>-import com.iplanet.sso.SSOToken;
</del><span class="cx"> import com.iplanet.sso.SSOException;
</span><del>-import com.sun.identity.entitlement.Entitlement;
-import com.sun.identity.entitlement.EntitlementCondition;
-import com.sun.identity.entitlement.EntitlementSubject;
-import com.sun.identity.entitlement.OrSubject;
-import com.sun.identity.entitlement.OrCondition;
</del><ins>+import com.iplanet.sso.SSOToken;
</ins><span class="cx"> import com.sun.identity.entitlement.AndCondition;
</span><span class="cx"> import com.sun.identity.entitlement.Application;
</span><span class="cx"> import com.sun.identity.entitlement.ApplicationManager;
</span><del>-import com.sun.identity.entitlement.AuthenticatedESubject;
-import com.sun.identity.entitlement.Privilege;
</del><ins>+import com.sun.identity.entitlement.Entitlement;
+import com.sun.identity.entitlement.EntitlementCondition;
</ins><span class="cx"> import com.sun.identity.entitlement.EntitlementException;
</span><ins>+import com.sun.identity.entitlement.EntitlementSubject;
</ins><span class="cx"> import com.sun.identity.entitlement.IPrivilege;
</span><ins>+import com.sun.identity.entitlement.OrCondition;
+import com.sun.identity.entitlement.OrSubject;
+import com.sun.identity.entitlement.Privilege;
</ins><span class="cx"> import com.sun.identity.entitlement.PrivilegeManager;
</span><span class="cx"> import com.sun.identity.entitlement.ReferralPrivilege;
</span><span class="cx"> import com.sun.identity.entitlement.ResourceAttribute;
</span><del>-import com.sun.identity.entitlement.RoleSubject;
</del><span class="cx"> import com.sun.identity.entitlement.StaticAttributes;
</span><span class="cx"> import com.sun.identity.entitlement.UserAttributes;
</span><del>-import com.sun.identity.entitlement.UserSubject;
</del><span class="cx"> import \
com.sun.identity.entitlement.xacml3.XACMLPrivilegeUtils; </span><del>-import \
com.sun.identity.idm.AMIdentity;
-import com.sun.identity.idm.IdRepoException;
-import com.sun.identity.idm.IdType;
-import com.sun.identity.idm.IdUtils;
</del><span class="cx"> import com.sun.identity.policy.ActionSchema;
</span><span class="cx"> import com.sun.identity.policy.InvalidNameException;
</span><span class="cx"> import com.sun.identity.policy.NameNotFoundException;
</span><span class="lines">@@ -71,8 +64,6 @@
</span><span class="cx"> import com.sun.identity.policy.interfaces.Referral;
</span><span class="cx"> import com.sun.identity.policy.interfaces.ResponseProvider;
</span><span class="cx"> import com.sun.identity.policy.interfaces.Subject;
</span><del>-import com.sun.identity.policy.plugins.AMIdentitySubject;
-import com.sun.identity.policy.plugins.AuthenticatedUsers;
</del><span class="cx"> import \
com.sun.identity.policy.plugins.IDRepoResponseProvider; </span><span class="cx"> \
import com.sun.identity.policy.plugins.PrivilegeCondition; </span><span class="cx"> \
import com.sun.identity.policy.plugins.PrivilegeSubject; </span><span \
class="lines">@@ -80,11 +71,12 @@ </span><span class="cx"> import \
com.sun.identity.shared.ldap.util.DN; </span><span class="cx"> import \
com.sun.identity.sm.AttributeSchema; </span><span class="cx"> import \
com.sun.identity.sm.DNMapper; </span><ins>+
</ins><span class="cx"> import java.security.AccessController;
</span><span class="cx"> import java.util.Collections;
</span><span class="cx"> import java.util.HashMap;
</span><del>-import java.util.Map;
</del><span class="cx"> import java.util.HashSet;
</span><ins>+import java.util.Map;
</ins><span class="cx"> import java.util.Random;
</span><span class="cx"> import java.util.Set;
</span><span class="cx">
</span><span class="lines">@@ -255,53 +247,6 @@
</span><span class="cx"> new OrSubject(entitlementSubjects);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- private static Set<EntitlementSubject> toEntitlementSubject(
- AMIdentitySubject sbj,
- boolean exclusive) {
- SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
-
- try {
- Set<EntitlementSubject> result = new \
HashSet<EntitlementSubject>();
- Set<String> values = sbj.getValues();
-
- for (String uuid : values) {
- AMIdentity amid = IdUtils.getIdentity(adminToken, uuid);
- IdType type = amid.getType();
- if (type.equals(IdType.GROUP)) {
- OpenSSOGroupSubject grp = new OpenSSOGroupSubject(uuid);
- grp.setExclusive(exclusive);
- result.add(grp);
- } else if (type.equals(IdType.ROLE)) {
- RoleSubject role = new RoleSubject(uuid);
- role.setExclusive(exclusive);
- result.add(role);
- } else if (type.equals(IdType.USER)) {
- UserSubject user = new UserSubject(uuid);
- user.setExclusive(exclusive);
- result.add(user);
- } else {
- return Collections.EMPTY_SET;
- }
- }
- return result;
- } catch (IdRepoException ex) {
- return Collections.EMPTY_SET;
- }
- }
-
- private static Set<EntitlementSubject> toEntitlementSubject(
- AuthenticatedUsers sbj,
- boolean exclusive) {
- SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
-
- Set<EntitlementSubject> result = new \
HashSet<EntitlementSubject>();
- result.add(new AuthenticatedESubject());
- return result;
- }
-
-
</del><span class="cx"> private static EntitlementCondition \
toEntitlementCondition(Policy policy) </span><span class="cx"> throws \
PolicyException { </span><span class="cx"> Set conditionNames = \
policy.getConditionNames(); </span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentityidmAMIdentityjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/idm/AMIdentity.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/idm/AMIdentity.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/idm/AMIdentity.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -100,7 +100,7 @@
</span><span class="cx"> * @supported.api
</span><span class="cx"> */
</span><span class="cx">
</span><del>-public final class AMIdentity {
</del><ins>+public class AMIdentity {
</ins><span class="cx">
</span><span class="cx"> private String univIdWithoutDN;
</span><span class="cx">
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicyConditionTypeManagerjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/ConditionTypeManager.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/ConditionTypeManager.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/ConditionTypeManager.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -26,8 +26,10 @@
</span><span class="cx"> *
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
</ins><span class="cx">
</span><del>-
</del><span class="cx"> package com.sun.identity.policy;
</span><span class="cx">
</span><span class="cx"> import java.util.*;
</span><span class="lines">@@ -144,15 +146,11 @@
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * Returns the type of the \
<code>Condition</code> implementation. </span><del>- * For example \
<code>TimeCondition</code>, \
<code>DayTimeCondition</code>,
- * <code>IPCondition</code>.
</del><span class="cx"> *
</span><span class="cx"> * @param condition condition object for which this \
method will </span><span class="cx"> * return its associated type
</span><span class="cx"> *
</span><del>- * @return type of the condition, e.g. \
<code>AuthLevelConditon</code>,
- * <code>IPCondition</code>. Returns \
<code>null</code> if not
- * present.
</del><ins>+ * @return type of the condition. Returns \
<code>null</code> if not present. </ins><span class="cx"> */
</span><span class="cx"> public String getConditionTypeName(Condition condition) \
{ </span><span class="cx"> return (conditionTypeName(condition));
</span><span class="lines">@@ -242,15 +240,11 @@
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * Returns the type of the \
<code>Condition</code> implementation. </span><del>- * For example \
<code>TimeCondition</code>, \
<code>DayTimeCondition</code>,
- * <code>IPCondition</code>.
</del><span class="cx"> *
</span><span class="cx"> * @param condition condition object for which this \
method will </span><span class="cx"> * return its associated type
</span><span class="cx"> *
</span><del>- * @return type of the condition, e.g. \
<code>AuthLevelConditon</code>,
- * <code>IPCondition</code>. Returns \
<code>null</code> if not
- * present.
</del><ins>+ * @return type of the condition. Returns \
<code>null</code> if not present. </ins><span class="cx"> */
</span><span class="cx"> static String conditionTypeName(Condition condition) {
</span><span class="cx"> if (condition == null) {
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAMIdentityMembershipConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AMIdentityMembershipCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AMIdentityMembershipCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AMIdentityMembershipCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,10 +25,10 @@
</span><span class="cx"> * $Id: AMIdentityMembershipCondition.java,v 1.2 2008/06/25 \
05:43:50 qcheng Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><del>-
</del><span class="cx"> /*
</span><del>- * Portions Copyrighted [2011] [ForgeRock AS]
</del><ins>+ * Portions Copyrighted 2011-2014 ForgeRock AS
</ins><span class="cx"> */
</span><ins>+
</ins><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx">
</span><span class="cx"> import java.util.*;
</span><span class="lines">@@ -59,7 +59,10 @@
</span><span class="cx"> * in the environment is a member of at least one \
<code>AMIdentity</code> </span><span class="cx"> * object specified in \
the Condition. </span><span class="cx"> *
</span><ins>+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.AMIdentityMembershipCondition}
+ * instead.
</ins><span class="cx"> */
</span><ins>+@Deprecated
</ins><span class="cx"> public class AMIdentityMembershipCondition implements \
Condition { </span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAMIdentitySubjectjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AMIdentitySubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AMIdentitySubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AMIdentitySubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -69,8 +69,10 @@
</span><span class="cx"> * AMIdentitySubject is a <code>Subject</code> \
implementation that checks for </span><span class="cx"> * membership in a set of \
<code>AMIdentity</code> objects using the underlying </span><span \
class="cx"> * Identity repository service. </span><ins>+ *
+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.subject.AMIdentitySubject} instead. \
</ins><span class="cx"> */ </span><del>-
</del><ins>+@Deprecated
</ins><span class="cx"> public class AMIdentitySubject implements Subject {
</span><span class="cx">
</span><span class="cx"> private Set subjectValues = new HashSet();
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAuthLevelConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthLevelCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthLevelCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthLevelCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,9 +25,11 @@
</span><span class="cx"> * $Id: AuthLevelCondition.java,v 1.9 2009/05/26 08:06:23 \
kiran_gonipati Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><ins>+/*
+ * Portions Copyright 2014 ForgeRock AS
+ */
</ins><span class="cx">
</span><span class="cx">
</span><del>-
</del><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx">
</span><span class="cx"> import com.sun.identity.authentication.util.AMAuthUtils;
</span><span class="lines">@@ -61,7 +63,9 @@
</span><span class="cx"> * <code>env</code> map, \
<code>AuthLevel</code> is looked up from single sign on </span><span \
class="cx"> * token. </span><span class="cx"> *
</span><ins>+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.AuthLevelCondition} instead. \
</ins><span class="cx"> */ </span><ins>+@Deprecated
</ins><span class="cx"> public class AuthLevelCondition implements Condition {
</span><span class="cx">
</span><span class="cx"> private static final Debug DEBUG
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAuthSchemeConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthSchemeCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthSchemeCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthSchemeCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,10 +25,12 @@
</span><span class="cx"> * $Id: AuthSchemeCondition.java,v 1.6 2009/05/05 18:29:01 \
mrudul_uchil Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><ins>+/*
+ * Portions Copyright 2014 ForgeRock AS
+ */
</ins><span class="cx">
</span><span class="cx">
</span><span class="cx">
</span><del>-
</del><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx">
</span><span class="cx"> import com.sun.identity.authentication.util.AMAuthUtils;
</span><span class="lines">@@ -56,7 +58,9 @@
</span><span class="cx"> * of <code>Condition</code> that lets you \
define authentication module </span><span class="cx"> * instances for which a \
<code>Policy</code> applies. </span><span class="cx"> *
</span><ins>+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.AuthSchemeCondition} instead. \
</ins><span class="cx"> */ </span><ins>+@Deprecated
</ins><span class="cx"> public class AuthSchemeCondition implements Condition {
</span><span class="cx">
</span><span class="cx"> private static final Debug DEBUG
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAuthenticateToRealmConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticateToRealmCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticateToRealmCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticateToRealmCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,9 +25,8 @@
</span><span class="cx"> * $Id: AuthenticateToRealmCondition.java,v 1.6 2009/06/19 \
22:53:42 mrudul_uchil Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><del>-
</del><span class="cx"> /*
</span><del>- * Portions Copyrighted 2013 ForgeRock AS
</del><ins>+ * Portions Copyrighted 2013-2014 ForgeRock AS
</ins><span class="cx"> */
</span><span class="cx">
</span><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="lines">@@ -58,7 +57,9 @@
</span><span class="cx"> * implementation of <code>Condition</code> \
that lets you specify </span><span class="cx"> * the realm to which user should \
authenticate for the policy to apply </span><span class="cx"> *
</span><ins>+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.AuthenticateToRealmCondition} \
instead. </ins><span class="cx"> */
</span><ins>+@Deprecated
</ins><span class="cx"> public class AuthenticateToRealmCondition implements \
Condition { </span><span class="cx">
</span><span class="cx"> private static final Debug DEBUG
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAuthenticateToServiceConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticateToServiceCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticateToServiceCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticateToServiceCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,10 +25,12 @@
</span><span class="cx"> * $Id: AuthenticateToServiceCondition.java,v 1.7 2009/05/05 \
18:29:01 mrudul_uchil Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><ins>+/*
+ * Portions Copyright 2014 ForgeRock AS
+ */
</ins><span class="cx">
</span><span class="cx">
</span><span class="cx">
</span><del>-
</del><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx">
</span><span class="cx"> import com.sun.identity.authentication.util.AMAuthUtils;
</span><span class="lines">@@ -56,7 +58,10 @@
</span><span class="cx"> * implementation of <code>Condition</code> \
that lets you specify </span><span class="cx"> * the service to which user should \
authenticate for the policy to apply </span><span class="cx"> *
</span><ins>+ * @deprecated See {@link \
org.forgerock.openam.entitlement.conditions.environment.AuthenticateToServiceCondition}
+ * instead.
</ins><span class="cx"> */
</span><ins>+@Deprecated
</ins><span class="cx"> public class AuthenticateToServiceCondition implements \
Condition { </span><span class="cx">
</span><span class="cx"> private static final Debug DEBUG
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsAuthenticatedUsersjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticatedUsers.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticatedUsers.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/AuthenticatedUsers.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -45,7 +45,10 @@
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * This subject applies to all users with valid \
<code>SSOToken</code>. </span><ins>+ *
+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers} instead. \
</ins><span class="cx"> */ </span><ins>+@Deprecated
</ins><span class="cx"> public class AuthenticatedUsers implements Subject {
</span><span class="cx">
</span><span class="cx"> private static ValidValues validValues =
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsIPConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/IPCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/IPCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/IPCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,11 +25,11 @@
</span><span class="cx"> * $Id: IPCondition.java,v 1.5 2009/05/05 18:29:01 \
mrudul_uchil Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><del>-
</del><span class="cx"> /*
</span><span class="cx"> * Portions Copyrighted 2011-2014 ForgeRock AS
</span><span class="cx"> * Portions Copyrighted 2014 Nomura Research Institute, Ltd
</span><span class="cx"> */
</span><ins>+
</ins><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx">
</span><span class="cx"> import com.sun.identity.policy.interfaces.Condition;
</span><span class="lines">@@ -57,7 +57,9 @@
</span><span class="cx"> * of <code>Condition</code>. This lets you \
define the IP addresses, </span><span class="cx"> * IP address ranges and DNS name \
patterns for which the policy applies </span><span class="cx"> *
</span><ins>+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.IPCondition} instead. \
</ins><span class="cx"> */ </span><ins>+@Deprecated
</ins><span class="cx"> public class IPCondition implements Condition {
</span><span class="cx">
</span><span class="cx"> private static final Debug DEBUG
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsLDAPFilterConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/LDAPFilterCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/LDAPFilterCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/LDAPFilterCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,13 +25,13 @@
</span><span class="cx"> * $Id: LDAPFilterCondition.java,v 1.8 2009/11/20 23:52:55 \
ww203982 Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><del>-
</del><span class="cx"> /*
</span><del>- * Portions Copyrighted 2010-2011 ForgeRock AS
</del><ins>+ * Portions Copyrighted 2010-2014 ForgeRock AS
</ins><span class="cx"> */
</span><span class="cx">
</span><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx"> import java.util.ArrayList;
</span><ins>+import java.util.Collection;
</ins><span class="cx"> import java.util.Collections;
</span><span class="cx"> import java.util.Iterator;
</span><span class="cx"> import java.util.Locale;
</span><span class="lines">@@ -75,8 +75,10 @@
</span><span class="cx"> * user identified by sso token, in the directory specified
</span><span class="cx"> * in policy configuration service, satisfiies the ldap \
filter </span><span class="cx"> * specified in the condition
</span><ins>+ *
+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.LDAPFilterCondition} instead. \
</ins><span class="cx"> */ </span><del>-
</del><ins>+@Deprecated
</ins><span class="cx"> public class LDAPFilterCondition implements Condition {
</span><span class="cx">
</span><span class="cx"> static final String LDAP_SCOPE_BASE = \
"SCOPE_BASE"; </span><span class="lines">@@ -658,9 +660,9 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> //validate LDAP_FILTER
</span><del>- Set ldapFilterSet = (Set) properties.get(LDAP_FILTER);
- if ( ldapFilterSet != null ) {
- validateLdapFilterSet(ldapFilterSet);
</del><ins>+ Collection ldapFilterCollection = (Collection) \
properties.get(LDAP_FILTER); + if ( ldapFilterCollection != null ) {
+ validateLdapFilterCollection(ldapFilterCollection);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> return true;
</span><span class="lines">@@ -673,7 +675,7 @@
</span><span class="cx"> * @see #LDAP_FILTER
</span><span class="cx"> */
</span><span class="cx">
</span><del>- private boolean validateLdapFilterSet(Set ldapFilterSet)
</del><ins>+ private boolean validateLdapFilterCollection(Collection \
ldapFilterSet) </ins><span class="cx"> throws PolicyException {
</span><span class="cx"> if ( ldapFilterSet.isEmpty() ) {
</span><span class="cx"> String args[] = { LDAP_FILTER };
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsLEAuthLevelConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/LEAuthLevelCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/LEAuthLevelCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/LEAuthLevelCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,6 +25,9 @@
</span><span class="cx"> * $Id: LEAuthLevelCondition.java,v 1.5 2008/06/25 05:43:51 \
qcheng Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><ins>+/*
+ * Portions Copyright 2014 ForgeRock AS
+ */
</ins><span class="cx">
</span><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx">
</span><span class="lines">@@ -59,7 +62,9 @@
</span><span class="cx"> * <code>env</code> map, \
<code>AuthLevel</code> is looked up from single sign on </span><span \
class="cx"> * token. </span><span class="cx"> *
</span><ins>+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.LEAuthLevelCondition} \
instead. </ins><span class="cx"> */
</span><ins>+@Deprecated
</ins><span class="cx"> public class LEAuthLevelCondition implements Condition {
</span><span class="cx">
</span><span class="cx"> private static final Debug DEBUG
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsResourceEnvIPConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/ResourceEnvIPCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/ResourceEnvIPCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/ResourceEnvIPCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,11 +25,11 @@
</span><span class="cx"> * $Id: ResourceEnvIPCondition.java,v 1.4 2009/07/21 \
18:33:17 mrudul_uchil Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><del>-
</del><span class="cx"> /*
</span><del>- * Portions Copyrighted 2011-2013 ForgeRock Inc
</del><ins>+ * Portions Copyrighted 2011-2014 ForgeRock AS
</ins><span class="cx"> * Portions Copyrighted 2012 Open Source Solution Technology \
Corporation </span><span class="cx"> */
</span><ins>+
</ins><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx">
</span><span class="cx"> import java.util.Set;
</span><span class="lines">@@ -74,8 +74,10 @@
</span><span class="cx"> * condition decision and advices based on the client's \
environment or </span><span class="cx"> * resource such as IP address, DNS host \
name, location, etc. </span><span class="cx"> * For the first drop, we are only \
supporting IP address. </span><ins>+ *
+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.ResourceEnvIPCondition \
instead}. </ins><span class="cx"> */
</span><del>-
</del><ins>+@Deprecated
</ins><span class="cx"> public class ResourceEnvIPCondition implements Condition {
</span><span class="cx">
</span><span class="cx"> private static final Debug DEBUG
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsSessionConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SessionCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SessionCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SessionCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,10 +25,12 @@
</span><span class="cx"> * $Id: SessionCondition.java,v 1.4 2008/06/25 05:43:52 \
qcheng Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><ins>+/*
+ * Portions Copyright 2014 ForgeRock AS
+ */
</ins><span class="cx">
</span><span class="cx">
</span><span class="cx">
</span><del>-
</del><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx">
</span><span class="cx">
</span><span class="lines">@@ -64,7 +66,9 @@
</span><span class="cx"> * to terminate the user session if the session time exceeds \
the </span><span class="cx"> * maximum allowed.
</span><span class="cx"> *
</span><ins>+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.SessionCondition} instead. \
</ins><span class="cx"> */ </span><ins>+@Deprecated
</ins><span class="cx"> public class SessionCondition implements Condition {
</span><span class="cx">
</span><span class="cx"> /**
</span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsSessionPropertyConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SessionPropertyCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SessionPropertyCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SessionPropertyCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,6 +25,9 @@
</span><span class="cx"> * $Id: SessionPropertyCondition.java,v 1.4 2008/06/25 \
05:43:52 qcheng Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><ins>+/*
+ * Portions Copyright 2014 ForgeRock AS
+ */
</ins><span class="cx">
</span><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx"> import java.util.ArrayList;
</span><span class="lines">@@ -54,8 +57,10 @@
</span><span class="cx"> * implementation of <code>Condition</code> \
interface. </span><span class="cx"> * This condition checks whether session \
properties contain at least </span><span class="cx"> * one value of the each \
property listed in the <code>Condition</code> </span><ins>+ *
+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.SessionPropertyCondition} \
instead. </ins><span class="cx"> */
</span><del>-
</del><ins>+@Deprecated
</ins><span class="cx"> public class SessionPropertyCondition implements Condition {
</span><span class="cx">
</span><span class="cx"> private static final boolean IGNORE_VALUE_CASE_DEFAULT = \
true; </span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavacomsunidentitypolicypluginsSimpleTimeConditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SimpleTimeCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SimpleTimeCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/com/sun/identity/policy/plugins/SimpleTimeCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,10 +25,10 @@
</span><span class="cx"> * $Id: SimpleTimeCondition.java,v 1.5 2010/01/05 22:00:26 \
dillidorai Exp $ </span><span class="cx"> *
</span><span class="cx"> */
</span><del>-
</del><span class="cx"> /*
</span><del>- * Portions Copyrighted [2011] [ForgeRock AS]
</del><ins>+ * Portions Copyrighted 2011-2014 ForgeRock AS
</ins><span class="cx"> */
</span><ins>+
</ins><span class="cx"> package com.sun.identity.policy.plugins;
</span><span class="cx">
</span><span class="cx"> import com.sun.identity.policy.interfaces.Condition;
</span><span class="lines">@@ -49,7 +49,9 @@
</span><span class="cx"> * of <code>Condition</code>. This lets you \
define the time range </span><span class="cx"> * of week days and/or date range \
during which a policy applies. </span><span class="cx"> *
</span><ins>+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.SimpleTimeCondition} instead. \
</ins><span class="cx"> */ </span><ins>+@Deprecated
</ins><span class="cx"> public class SimpleTimeCondition implements Condition {
</span><span class="cx">
</span><span class="cx"> /** Key that is used to define current time that is \
passed in the </span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavaorgforgerockopenamnetworkipv4IPv4Conditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/network/ipv4/IPv4Condition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/network/ipv4/IPv4Condition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/network/ipv4/IPv4Condition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,10 +25,10 @@
</span><span class="cx"> * $Id: .java,v 1.5 2009/05/05 18:29:01 mrudul_uchil Exp $
</span><span class="cx"> *
</span><span class="cx"> */
</span><del>-
</del><span class="cx"> /*
</span><del>- * Portions Copyrighted [2011-2013] [ForgeRock Inc]
</del><ins>+ * Portions Copyrighted 2011-2014 ForgeRock AS
</ins><span class="cx"> */
</span><ins>+
</ins><span class="cx"> package org.forgerock.openam.network.ipv4;
</span><span class="cx">
</span><span class="cx"> import com.sun.identity.policy.interfaces.Condition;
</span><span class="lines">@@ -59,7 +59,9 @@
</span><span class="cx"> * of <code>Condition</code>. This lets you \
define the IP addresses, </span><span class="cx"> * IP address ranges and DNS name \
patterns for which the policy applies </span><span class="cx"> *
</span><ins>+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.IPv4Condition} instead. \
</ins><span class="cx"> */ </span><ins>+@Deprecated
</ins><span class="cx"> public class IPv4Condition implements Condition {
</span><span class="cx">
</span><span class="cx"> /** Key that is used in \
<code>IPv4Condition</code> to define the IP address \
</span></span></pre></div> <a \
id="branchesAME4616openamopenamcoresrcmainjavaorgforgerockopenamnetworkipv6IPv6Conditionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/network/ipv6/IPv6Condition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/network/ipv6/IPv6Condition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/network/ipv6/IPv6Condition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,7 +1,7 @@
</span><span class="cx"> /*
</span><span class="cx"> * DO NOT REMOVE COPYRIGHT NOTICES OR THIS HEADER.
</span><span class="cx"> *
</span><del>- * Copyright (c) 2013 ForgeRock Inc. All rights reserved.
</del><ins>+ * Copyright 2013-2014 ForgeRock AS
</ins><span class="cx"> *
</span><span class="cx"> * The contents of this file are subject to the terms
</span><span class="cx"> * of the Common Development and Distribution License
</span><span class="lines">@@ -21,6 +21,7 @@
</span><span class="cx"> * your own identifying information:
</span><span class="cx"> * "Portions Copyrighted [year] [name of copyright \
owner]" </span><span class="cx"> */
</span><ins>+
</ins><span class="cx"> package org.forgerock.openam.network.ipv6;
</span><span class="cx">
</span><span class="cx">
</span><span class="lines">@@ -38,7 +39,10 @@
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * @author alin.brici@forgerock.com
</span><ins>+ *
+ * @deprecated Use {@link \
org.forgerock.openam.entitlement.conditions.environment.IPv6Condition} instead. \
</ins><span class="cx"> */ </span><ins>+@Deprecated
</ins><span class="cx"> public class IPv6Condition implements Condition {
</span><span class="cx"> /** Key that is used in \
<code>IPv6Condition</code> to define the IP address </span><span \
class="cx"> * values for which a policy applies. The value corresponding to the \
key </span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainjavaorgforgerockopenamupgradestepspolicyconditionsPolicyConditionUpgradeMapjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/upgrade/steps/policy/conditions/PolicyConditionUpgradeMap.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/upgrade/steps/policy/conditions/PolicyConditionUpgradeMap.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/java/org/forgerock/openam/upgrade/steps/policy/conditions/PolicyConditionUpgradeMap.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -16,14 +16,38 @@
</span><span class="cx">
</span><span class="cx"> package \
org.forgerock.openam.upgrade.steps.policy.conditions; </span><span class="cx">
</span><ins>+import com.sun.identity.authentication.util.AMAuthUtils;
</ins><span class="cx"> import com.sun.identity.entitlement.EntitlementCondition;
</span><ins>+import com.sun.identity.entitlement.EntitlementException;
</ins><span class="cx"> import com.sun.identity.entitlement.EntitlementSubject;
</span><span class="cx"> import com.sun.identity.entitlement.opensso.PolicyCondition;
</span><span class="cx"> import com.sun.identity.entitlement.opensso.PolicySubject;
</span><ins>+import com.sun.identity.policy.interfaces.Condition;
+import org.forgerock.json.fluent.JsonValue;
+import org.forgerock.openam.entitlement.conditions.environment.AMIdentityMembershipCondition;
+import org.forgerock.openam.entitlement.conditions.environment.AuthLevelCondition;
+import org.forgerock.openam.entitlement.conditions.environment.AuthSchemeCondition;
+import org.forgerock.openam.entitlement.conditions.environment.AuthenticateToRealmCondition;
+import org.forgerock.openam.entitlement.conditions.environment.AuthenticateToServiceCondition;
+import org.forgerock.openam.entitlement.conditions.environment.ConditionConstants;
+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
+import org.forgerock.openam.entitlement.conditions.environment.LDAPFilterCondition;
+import org.forgerock.openam.entitlement.conditions.environment.LEAuthLevelCondition;
+import org.forgerock.openam.entitlement.conditions.environment.ResourceEnvIPCondition;
+import org.forgerock.openam.entitlement.conditions.environment.SessionCondition;
+import org.forgerock.openam.entitlement.conditions.environment.SessionPropertyCondition;
+import org.forgerock.openam.entitlement.conditions.environment.SimpleTimeCondition;
+import org.forgerock.openam.network.ipv4.IPv4Condition;
+import org.forgerock.openam.entitlement.conditions.subject.AMIdentitySubject;
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx">
</span><ins>+import java.util.ArrayList;
</ins><span class="cx"> import java.util.HashMap;
</span><span class="cx"> import java.util.Map;
</span><ins>+import java.util.Set;
</ins><span class="cx">
</span><ins>+import static \
org.forgerock.openam.entitlement.conditions.environment.ConditionConstants.VALUE_CASE_INSENSITIVE;
+
</ins><span class="cx"> /**
</span><span class="cx"> * A map containing all the migration logic from an old \
policy condition to a new entitlement condition. </span><span class="cx"> *
</span><span class="lines">@@ -55,8 +79,320 @@
</span><span class="cx"> }
</span><span class="cx"> });
</span><span class="cx"> */
</span><ins>+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.AuthLevelCondition.class.getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + AuthLevelCondition \
eCondition = new AuthLevelCondition(); + Map<String, \
Set<String>> properties = condition.getProperties(); +
+ String propAuthLevel = \
getValue(properties.get(ConditionConstants.AUTH_LEVEL)); + int \
authLevel = Integer.parseInt(AMAuthUtils.getDataFromRealmQualifiedData(propAuthLevel));
+
+ eCondition.setAuthLevel(authLevel);
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.AuthLevelCondition.class.getName(), + \
AuthLevelCondition.class.getName()); + return eCondition;
+ }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.LEAuthLevelCondition.class.getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + LEAuthLevelCondition \
eCondition = new LEAuthLevelCondition(); + Map<String, \
Set<String>> properties = condition.getProperties(); +
+ String propAuthLevel = \
getValue(properties.get(ConditionConstants.AUTH_LEVEL)); + int \
authLevel = Integer.parseInt(AMAuthUtils.getDataFromRealmQualifiedData(propAuthLevel));
+
+ eCondition.setAuthLevel(authLevel);
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.LEAuthLevelCondition.class.getName(), + \
LEAuthLevelCondition.class.getName()); + return eCondition;
+ }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.AuthenticateToServiceCondition.class
+ .getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + \
AuthenticateToServiceCondition eCondition = new AuthenticateToServiceCondition(); + \
Map<String, Set<String>> properties = condition.getProperties(); +
+ String authenticationService =
+ \
getValue(properties.get(ConditionConstants.AUTHENTICATE_TO_SERVICE)); +
+ eCondition.setAuthenticateToService(authenticationService);
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.AuthenticateToServiceCondition.class.getName(), + \
AuthenticateToServiceCondition.class.getName()); + return \
eCondition; + }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.AuthenticateToRealmCondition.class
+ .getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + \
AuthenticateToRealmCondition eCondition = new AuthenticateToRealmCondition(); + \
Map<String, Set<String>> properties = condition.getProperties(); +
+ String authenticationRealm =
+ \
getValue(properties.get(ConditionConstants.AUTHENTICATE_TO_REALM)); +
+ eCondition.setAuthenticateToRealm(authenticationRealm);
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.AuthenticateToRealmCondition.class.getName(), + \
AuthenticateToRealmCondition.class.getName()); + return \
eCondition; + }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.AMIdentityMembershipCondition.class
+ .getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + \
AMIdentityMembershipCondition eCondition = new AMIdentityMembershipCondition(); + \
Map<String, Set<String>> properties = condition.getProperties(); +
+ Set<String> amIdentityNames = \
properties.get(ConditionConstants.AM_IDENTITY_NAME); +
+ eCondition.setAmIdentityNames(amIdentityNames);
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.AMIdentityMembershipCondition.class.getName(), + \
AMIdentityMembershipCondition.class.getName()); + return \
eCondition; + }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.SessionCondition.class
+ .getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + SessionCondition \
eCondition = new SessionCondition(); + Map<String, \
Set<String>> properties = condition.getProperties(); +
+ Long maxSessionTime =
+ \
Long.parseLong(getValue(properties.get(ConditionConstants.MAX_SESSION_TIME))); + \
boolean terminateSession = + \
getValue(properties.get(ConditionConstants.TERMINATE_SESSION)).contains("true");
+
+ eCondition.setMaxSessionTime(maxSessionTime);
+ eCondition.setTerminateSession(terminateSession);
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.SessionCondition.class.getName(), + \
SessionCondition.class.getName()); + return eCondition;
+ }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.SimpleTimeCondition.class
+ .getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + SimpleTimeCondition \
eCondition = new SimpleTimeCondition(); + Map<String, \
Set<String>> properties = condition.getProperties(); +
+ String startTime = \
getValue(properties.get(Condition.START_TIME)); + String \
endTime = getValue(properties.get(Condition.END_TIME)); + \
String startDay = getValue(properties.get(Condition.START_DAY)); + \
String endDay = getValue(properties.get(Condition.END_DAY)); + \
String startDate = getValue(properties.get(Condition.START_DATE)); + \
String endDate = getValue(properties.get(Condition.END_DATE)); + \
String enforcementTimeZone = \
getValue(properties.get(Condition.ENFORCEMENT_TIME_ZONE)); +
+ eCondition.setStartTime(startTime);
+ eCondition.setEndTime(endTime);
+ eCondition.setStartDay(startDay);
+ eCondition.setEndDay(endDay);
+ eCondition.setStartDate(startDate);
+ eCondition.setEndDate(endDate);
+ eCondition.setEnforcementTimeZone(enforcementTimeZone);
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.SimpleTimeCondition.class.getName(), + \
SimpleTimeCondition.class.getName()); + return eCondition;
+ }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.SessionPropertyCondition.class
+ .getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + SessionPropertyCondition \
eCondition = new SessionPropertyCondition(); + Map<String, \
Set<String>> properties = condition.getProperties(); +
+ Map<String, Set<String>> props = new \
HashMap<String, Set<String>>(properties); + String \
ignoreValueCaseString = getValue(props.remove(VALUE_CASE_INSENSITIVE)); + \
boolean ignoreValueCase = true; + if (ignoreValueCaseString != \
null && !ignoreValueCaseString.isEmpty()) { + \
ignoreValueCase = Boolean.parseBoolean(ignoreValueCaseString); + \
} +
+ eCondition.setProperties(props);
+ eCondition.setIgnoreValueCase(ignoreValueCase);
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.SessionPropertyCondition.class.getName(), + \
SessionPropertyCondition.class.getName()); + return \
eCondition; + }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.AuthSchemeCondition.class
+ .getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + AuthSchemeCondition \
eCondition = new AuthSchemeCondition(); + Map<String, \
Set<String>> properties = condition.getProperties(); +
+ Set<String> authScheme = \
properties.get(Condition.AUTH_SCHEME); + String \
applicationName = getValue(properties.get(Condition.APPLICATION_NAME)); + \
String idleTimeoutString = \
getValue(properties.get(Condition.APPLICATION_IDLE_TIMEOUT)); + \
int idleTimeout = 0; + if (idleTimeoutString != null) {
+ idleTimeout = Integer.parseInt(idleTimeoutString);
+ }
+
+ eCondition.setAuthScheme(authScheme);
+ eCondition.setApplicationName(applicationName);
+ eCondition.setApplicationIdleTimeout(idleTimeout);
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.AuthSchemeCondition.class.getName(), + \
AuthSchemeCondition.class.getName()); + return eCondition;
+ }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.IPCondition.class
+ .getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + IPCondition eCondition = \
new IPCondition(); + Map<String, Set<String>> \
properties = condition.getProperties(); +
+ Set<String> ipRange = \
properties.get(IPv4Condition.IP_RANGE); + Set<String> \
dnsName = properties.get(Condition.DNS_NAME); + String startIp \
= getValue(properties.get(Condition.START_IP)); + String endIp \
= getValue(properties.get(Condition.END_IP)); +
+ try {
+ if (ipRange != null) {
+ eCondition.setIpRange(new \
ArrayList<String>(ipRange)); + }
+ if (dnsName != null){
+ eCondition.setDnsName(new \
ArrayList<String>(dnsName)); + }
+ eCondition.setStartIp(startIp);
+ eCondition.setEndIp(endIp);
+ } catch (EntitlementException e) {
+ throw new RuntimeException(e);
+ }
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.IPCondition.class.getName(), + \
IPCondition.class.getName()); + return eCondition;
+ }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.LDAPFilterCondition.class
+ .getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + LDAPFilterCondition \
eCondition = new LDAPFilterCondition(); + Map<String, \
Set<String>> properties = condition.getProperties(); +
+ eCondition.setState(new JsonValue(properties).toString());
+
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.LDAPFilterCondition.class.getName(), + \
LDAPFilterCondition.class.getName()); + return eCondition;
+ }
+ });
+
+ environmentConditionsUpgradeMap.put(com.sun.identity.policy.plugins.ResourceEnvIPCondition.class
+ .getName(),
+ new EntitlementConditionMigrator() {
+ @Override
+ public EntitlementCondition migrate(PolicyCondition condition, \
MigrationReport migrationReport) { + ResourceEnvIPCondition \
eCondition = new ResourceEnvIPCondition(); + Map<String, \
Set<String>> properties = condition.getProperties(); +
+ Set<String> resourceEnvIPConditionValue =
+ \
properties.get(ResourceEnvIPCondition.ENV_CONDITION_VALUE); +
+ \
eCondition.setResourceEnvIPConditionValue(resourceEnvIPConditionValue); +
+ migrationReport.migratedEnvironmentCondition(
+ \
com.sun.identity.policy.plugins.ResourceEnvIPCondition.class.getName(), + \
ResourceEnvIPCondition.class.getName()); + return eCondition;
+ }
+ });
+
+ subjectConditionsUpgradeMap.put(com.sun.identity.policy.plugins.AMIdentitySubject.class.getName(),
+ new SubjectConditionMigrator() {
+ @Override
+ public EntitlementSubject migrate(PolicySubject subject, \
MigrationReport migrationReport) { +
+ AMIdentitySubject eSubject = new AMIdentitySubject();
+
+ Set<String> subjects = subject.getValues();
+
+ eSubject.setSubjectValues(subjects);
+
+ migrationReport.migratedSubjectCondition(
+ \
com.sun.identity.policy.plugins.AMIdentitySubject.class.getName(), + \
AMIdentitySubject.class.getName()); + return eSubject;
+ }
+ });
+
+ subjectConditionsUpgradeMap.put(com.sun.identity.policy.plugins.AuthenticatedUsers.class.getName(),
+ new SubjectConditionMigrator() {
+ @Override
+ public EntitlementSubject migrate(PolicySubject subject, \
MigrationReport migrationReport) { +
+ AuthenticatedUsers eSubject = new AuthenticatedUsers();
+
+ migrationReport.migratedSubjectCondition(
+ \
com.sun.identity.policy.plugins.AuthenticatedUsers.class.getName(), + \
AuthenticatedUsers.class.getName()); + return eSubject;
+ }
+ });
</ins><span class="cx"> }
</span><span class="cx">
</span><ins>+ private <T> T getValue(Set<T> values) {
+ if (values != null && values.iterator().hasNext()) {
+ return values.iterator().next();
+ }
+ return null;
+ }
+
</ins><span class="cx"> /**
</span><span class="cx"> * Returns {@code true} if there exists an entry for \
migrating the specified old policy subject condition class. </span><span class="cx"> \
* </span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrcmainresourcesEntitlementExceptionproperties"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/main/resources/EntitlementException.properties \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/main/resources/EntitlementException.properties 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/main/resources/EntitlementException.properties 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -158,9 +158,26 @@
</span><span class="cx"> 434=Cannot authenticate request.
</span><span class="cx"> 435=Notification URL is malformed.
</span><span class="cx"> 436=Notification URL is missing.
</span><ins>+437=Requested client IP address must be specified.
+438=The resource or environment is not supported currently {0}.
</ins><span class="cx">
</span><span class="cx"> 450=Unable to search applications.
</span><span class="cx"> 451=Unable to search applications because administrator \
Single Sign On token is absent. </span><span class="cx">
</span><ins>+700=Invalid OAuth2 Scope ''{0}'': See RFC 6749 section 3.3 for allowed \
values. +710=AuthLevel value {0} not an integer
+711={0} property value should be defined.
+712=requestAuthLevel in request env not an Integer or Set.
+713=Authentication module instance can not be retrieved: {0}.
+720=Invalid administrator user ID or password from DSConfigMgr.
+721=AMIdentitySubject - can not check membership for user {0} and subject {1}
+730=Unable to parse SSO token authInstant to Date.
+740=At least one of the properties Start Date, Start Time, Start Day should be \
defined with non null value. +741=Should define value for {1}, since value is defined \
for {0} +750=Start IP can not be larger than end IP.
+
+800={0} property value should be an Integer.
+801={0} property value should be a Set of string values.
+
</ins><span class="cx"> resource.validation.does.not.match.valid.resources={0} did \
not match any valid resources. </span><span class="cx"> \
resource.validation.invalid.resource={0} was invalid. </span></span></pre></div>
<a id="branchesAME4616openamopenamcoresrctestjavacomsunidentityentitlementxacml3XACMLPrivilegeUtilsTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-core/src/test/java/com/sun/identity/entitlement/xacml3/XACMLPrivilegeUtilsTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-core/src/test/java/com/sun/identity/entitlement/xacml3/XACMLPrivilegeUtilsTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-core/src/test/java/com/sun/identity/entitlement/xacml3/XACMLPrivilegeUtilsTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -23,13 +23,13 @@
</span><span class="cx"> import com.sun.identity.entitlement.Entitlement;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementCondition;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementException;
</span><del>-import com.sun.identity.entitlement.IPCondition;
</del><span class="cx"> import com.sun.identity.entitlement.Privilege;
</span><span class="cx"> import com.sun.identity.entitlement.ReferralPrivilege;
</span><span class="cx"> import com.sun.identity.entitlement.ResourceAttribute;
</span><span class="cx"> import com.sun.identity.entitlement.xacml3.core.Match;
</span><span class="cx"> import com.sun.identity.entitlement.xacml3.core.Policy;
</span><span class="cx"> import com.sun.identity.entitlement.xacml3.core.PolicySet;
</span><ins>+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
</ins><span class="cx"> import org.json.JSONException;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="cx">
</span></span></pre></div>
<a id="branchesAME4616openamopenamdocumentationopenamdocsource"></a>
<div class="propset"><h4>Property changes: \
branches/AME-4616/openam/openam-documentation/openam-doc-source</h4> <pre \
class="diff"><span> </span></pre></div>
<a id="svnmergeinfo"></a>
<div class="modfile"><h4>Modified: svn:mergeinfo</h4></div>
<span class="cx">/branches/AME-2629/openam/openam-documentation/openam-doc-source:7585-7632
</span><span class="cx">/branches/AME-3405-session-read-from-cts/openam/openam-documentation/openam-doc-source:8749-8823
</span><span class="cx">/branches/AME-3423/openam/openam-documentation/openam-doc-source:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/openam/openam-documentation/openam-doc-source:9534-9723
</span><span class="cx">/branches/AME-3719/openam/openam-documentation/openam-doc-source:9517-9879
</span><span class="cx">/branches/AME-3726-script-sandboxing/openam/openam-documentation/openam-doc-source:9663-9819
</span><span class="cx">/branches/AME-4378/openam/openam-documentation/openam-doc-source:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/openam/openam-documentation/openam-doc-source:10437-10535
</span><span class="cx">/branches/CTS-Async/openam/openam-documentation/openam-doc-source:8847-9739
</span><span class="cx">/branches/IIS7PostData/openam/openam-documentation/openam-doc-source:224-261
</span><span class="cx">/branches/IIS7PostData/openam/openam-documentation/openam-site:224-261
</span><span class="cx">/branches/OAuth2_Maven/openam/openam-documentation/openam-doc-source:2756-3584
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/openam/openam-documentation/openam-doc-source:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/openam/openam-documentation/openam-doc-source:6910-6946
</span><span class="cx">/branches/OPENAM-3130-session-quota/openam/openam-documentation/openam-doc-source:6958-6972
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/openam/openam-documentation/openam-doc-source:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/openam/openam-documentation/openam-doc-source:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/openam/openam-documentation/openam-doc-source:8747-8835
</span><span class="cx">/branches/OPENAM-4028-connection-pool/openam/openam-documentation/openam-doc-source:9750-10171
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/openam/openam-documentation/openam-doc-source:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/openam/openam-documentation/openam-doc-source:7834-7844
</span><span class="cx">/branches/ame4272/openam/openam-documentation/openam-doc-source:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/openam/openam-documentation/openam-doc-source:7508-7697
</span><span class="cx">/branches/andyAme3102/openam/openam-documentation/openam-doc-source:8312-8413
</span><span class="cx">/branches/andyOpenam1708/openam/openam-documentation/openam-doc-source:5576-5592
</span><span class="cx">/branches/maven_merge/openam/openam-documentation/openam-doc-source:2556-3124
</span><span class="cx">/branches/maven_merge/openam/openam-documentation/openam-site:2556-2631
</span><span class="cx">/branches/oidc_authn/openam-documentation/openam-doc-source:8507,8540,8557-8559,8565-8566
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/openam/openam-documentation/openam-doc-source:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/openam/openam-documentation/openam-doc-source:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/openam/openam-documentation/openam-doc-source:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/openam/openam-documentation/openam-doc-source:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/openam/openam-documentation/openam-doc-source:6767-6804
</span><span class="cx">/branches/openam_10.1.0_SAML2_FIXES/openam-documentation/openam-doc-source:3725-3740
</span><span class="cx">/branches/openam_10.1.0_jeff/openam-documentation/openam-doc-source:3128-3527
</span><span class="cx">/branches/openam_10.1.0_jeff/openam-documentation/openam-site:3128-3287
</span><span class="cx">/branches/openam_10.1.0_xacml3_JAS/openam/openam-documentation/openam-doc-source:4039-4140
</span><span class="cx">/branches/openam_10.2.0_xacml3_JAS/openam/openam-documentation/openam-doc-source:4141-4379
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/openam/openam-documentation/openam-doc-source:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/openam/openam-documentation/openam-doc-source:8476-8577
</span><span class="cx">/branches/pcunnington-oauth2/openam/openam-documentation/openam-doc-source:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/openam/openam-documentation/openam-doc-source:8314-8341
</span><span class="cx">/branches/rest_sts_view_bean/openam-documentation/openam-doc-source:9690-9965
</span><span class="cx">/branches/rwapshott-AME-1739/openam/openam-documentation/openam-doc-source:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/openam/openam-documentation/openam-doc-source:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/openam/openam-documentation/openam-doc-source:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/openam/openam-documentation/openam-doc-source:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2027-cts-oids-should-follow-fr-oid-scheme/openam/openam-documentation/openam-doc-source:5609-5614
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/openam/openam-documentation/openam-doc-source:6086-6319
</span><span class="cx">/branches/rwapshott-ame-2311-index-names/openam/openam-documentation/openam-doc-source:6058-6069
</span><span class="cx">/branches/rwapshott-ame-258-cts-replication/openam/openam-documentation/openam-doc-source:5548-6055
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/openam/openam-documentation/openam-doc-source:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/openam/openam-documentation/openam-doc-source:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/openam/openam-documentation/openam-doc-source:6170-6194
</span><span class="cx">/branches/rwapshott-openam-2729-saml2-error/openam/openam-documentation/openam-doc-source:6247-6257
</span><span class="cx">/branches/sts_oidc_saml_redux/openam-documentation/openam-doc-source:8417-8422,8424,8440,8445-8446,8460,8490,8498
</span><span class="cx">/branches/sts_restart_persistence/openam-documentation/openam-doc-source:9003-9005,9009-9414
</span><span class="cx">/branches/sts_saml2_encrypt/openam-documentation/openam-doc-source:10424-10472,10474-10550
</span><span class="cx">/branches/sts_service_listeners/openam-documentation/openam-doc-source:9968-10031,10047-10048,10053
</span><span class="cx">/branches/sts_token_gen_service/openam-documentation/openam-d \
oc-source:8706,8717-8720,8723-8725,8727-8728,8731,8737,8740-8742,8759-8760,8774-8776,8796-8797,8800-8801,8818-8819,8821
</span><span class="cx">/branches/sts_token_gen_service2/openam-documentation/openam-doc-source:8844-8887,8894-9000
</span><span class="cx">/branches/sts_x509/openam-documentation/openam-doc-source:10206-10398
</span><span class="cx">/trunk/openam/openam-documentation/openam-doc-source:3127-3332,10652-10778
</span><span class="cx">/trunk/openam/openam-documentation/openam-site:2556-2930
</span><span class="cx">/trunk/opensso/openam-site:2912-3070
</span><span class="cx"> + \
/branches/AME-2526-SFO-between-sites/openam/openam-documentation/openam-doc-source:7510-8258
</span><span class="cx">/branches/AME-2629/openam/openam-documentation/openam-doc-source:7585-7632
</span><span class="cx">/branches/AME-3405-session-read-from-cts/openam/openam-documentation/openam-doc-source:8749-8823
</span><span class="cx">/branches/AME-3423/openam/openam-documentation/openam-doc-source:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/openam/openam-documentation/openam-doc-source:9534-9723
</span><span class="cx">/branches/AME-3719/openam/openam-documentation/openam-doc-source:9517-9879
</span><span class="cx">/branches/AME-3726-script-sandboxing/openam/openam-documentation/openam-doc-source:9663-9819
</span><span class="cx">/branches/AME-4378/openam/openam-documentation/openam-doc-source:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/openam/openam-documentation/openam-doc-source:10437-10535
</span><span class="cx">/branches/AME-4547/openam/openam-documentation/openam-doc-source:10585-10783
</span><span class="cx">/branches/AME-4595/openam/openam-documentation/openam-doc-source:10581-10789
</span><span class="cx">/branches/CTS-Async/openam/openam-documentation/openam-doc-source:8847-9739
</span><span class="cx">/branches/IIS7PostData/openam/openam-documentation/openam-doc-source:224-261
</span><span class="cx">/branches/IIS7PostData/openam/openam-documentation/openam-site:224-261
</span><span class="cx">/branches/OAuth2_Maven/openam/openam-documentation/openam-doc-source:2756-3584
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/openam/openam-documentation/openam-doc-source:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/openam/openam-documentation/openam-doc-source:6910-6946
</span><span class="cx">/branches/OPENAM-3130-session-quota/openam/openam-documentation/openam-doc-source:6958-6972
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/openam/openam-documentation/openam-doc-source:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/openam/openam-documentation/openam-doc-source:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/openam/openam-documentation/openam-doc-source:8747-8835
</span><span class="cx">/branches/OPENAM-4028-connection-pool/openam/openam-documentation/openam-doc-source:9750-10171
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/openam/openam-documentation/openam-doc-source:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/openam/openam-documentation/openam-doc-source:7834-7844
</span><span class="cx">/branches/ame4272/openam/openam-documentation/openam-doc-source:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/openam/openam-documentation/openam-doc-source:7508-7697
</span><span class="cx">/branches/andyAme3102/openam/openam-documentation/openam-doc-source:8312-8413
</span><span class="cx">/branches/andyOpenam1708/openam/openam-documentation/openam-doc-source:5576-5592
</span><span class="cx">/branches/maven_merge/openam/openam-documentation/openam-doc-source:2556-3124
</span><span class="cx">/branches/maven_merge/openam/openam-documentation/openam-site:2556-2631
</span><span class="cx">/branches/oidc_authn/openam-documentation/openam-doc-source:8507,8540,8557-8559,8565-8566
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/openam/openam-documentation/openam-doc-source:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/openam/openam-documentation/openam-doc-source:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/openam/openam-documentation/openam-doc-source:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/openam/openam-documentation/openam-doc-source:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/openam/openam-documentation/openam-doc-source:6767-6804
</span><span class="cx">/branches/openam_10.1.0_SAML2_FIXES/openam-documentation/openam-doc-source:3725-3740
</span><span class="cx">/branches/openam_10.1.0_jeff/openam-documentation/openam-doc-source:3128-3527
</span><span class="cx">/branches/openam_10.1.0_jeff/openam-documentation/openam-site:3128-3287
</span><span class="cx">/branches/openam_10.1.0_xacml3_JAS/openam/openam-documentation/openam-doc-source:4039-4140
</span><span class="cx">/branches/openam_10.2.0_xacml3_JAS/openam/openam-documentation/openam-doc-source:4141-4379
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/openam/openam-documentation/openam-doc-source:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/openam/openam-documentation/openam-doc-source:8476-8577
</span><span class="cx">/branches/pcunnington-oauth2/openam/openam-documentation/openam-doc-source:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/openam/openam-documentation/openam-doc-source:8314-8341
</span><span class="cx">/branches/rest_sts_view_bean/openam-documentation/openam-doc-source:9690-9965
</span><span class="cx">/branches/rwapshott-AME-1739/openam/openam-documentation/openam-doc-source:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/openam/openam-documentation/openam-doc-source:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/openam/openam-documentation/openam-doc-source:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/openam/openam-documentation/openam-doc-source:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2027-cts-oids-should-follow-fr-oid-scheme/openam/openam-documentation/openam-doc-source:5609-5614
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/openam/openam-documentation/openam-doc-source:6086-6319
</span><span class="cx">/branches/rwapshott-ame-2311-index-names/openam/openam-documentation/openam-doc-source:6058-6069
</span><span class="cx">/branches/rwapshott-ame-258-cts-replication/openam/openam-documentation/openam-doc-source:5548-6055
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/openam/openam-documentation/openam-doc-source:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/openam/openam-documentation/openam-doc-source:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/openam/openam-documentation/openam-doc-source:6170-6194
</span><span class="cx">/branches/rwapshott-openam-2729-saml2-error/openam/openam-documentation/openam-doc-source:6247-6257
</span><span class="cx">/branches/sts_oidc_saml_redux/openam-documentation/openam-doc-source:8417-8422,8424,8440,8445-8446,8460,8490,8498
</span><span class="cx">/branches/sts_restart_persistence/openam-documentation/openam-doc-source:9003-9005,9009-9414
</span><span class="cx">/branches/sts_saml2_encrypt/openam-documentation/openam-doc-source:10424-10472,10474-10550
</span><span class="cx">/branches/sts_service_listeners/openam-documentation/openam-doc-source:9968-10031,10047-10048,10053
</span><span class="cx">/branches/sts_token_gen_service/openam-documentation/openam-d \
oc-source:8706,8717-8720,8723-8725,8727-8728,8731,8737,8740-8742,8759-8760,8774-8776,8796-8797,8800-8801,8818-8819,8821
</span><span class="cx">/branches/sts_token_gen_service2/openam-documentation/openam-doc-source:8844-8887,8894-9000
</span><span class="cx">/branches/sts_x509/openam-documentation/openam-doc-source:10206-10398
</span><span class="cx">/trunk/openam/openam-documentation/openam-doc-source:3127-3332,10652-10812
</span><span class="cx">/trunk/openam/openam-documentation/openam-site:2556-2930
</span><span class="cx">/trunk/opensso/openam-site:2912-3070
</span><a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementAnyUserSubjectjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/AnyUserSubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/AnyUserSubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/AnyUserSubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -25,6 +25,10 @@
</span><span class="cx"> * $Id: AnyUserSubject.java,v 1.1 2009/08/19 05:40:32 \
veiming Exp $ </span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx">
</span><span class="lines">@@ -35,10 +39,7 @@
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><span class="cx">
</span><del>-public class AnyUserSubject extends VirtualSubject {
- public VirtualId getVirtualId() {
- return VirtualId.ANY_USER;
- }
</del><ins>+public class AnyUserSubject implements SubjectImplementation {
</ins><span class="cx">
</span><span class="cx"> public SubjectDecision evaluate(
</span><span class="cx"> String realm,
</span></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementAuthenticatedESubjectjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/AuthenticatedESubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/AuthenticatedESubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/AuthenticatedESubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,111 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: AuthenticatedESubject.java,v 1.1 2009/08/19 05:40:32 veiming Exp $
- */
-package com.sun.identity.entitlement;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-
-public class AuthenticatedESubject extends VirtualSubject {
- public static final String ID = "_authenticated";
-
- public VirtualId getVirtualId() {
- return VirtualId.AUTHENTICATED;
- }
-
- /**
- * Sets state of the object
- * @param state State of the object encoded as string
- */
- public void setState(String state) {
- //DO NOTHING
- }
-
- /**
- * Returns state of the object
- * @return state of the object encoded as string
- */
- public String getState() {
- return "";
- }
-
- /**
- * Returns <code>SubjectDecision</code> of
- * <code>ESubject</code> evaluation
- * @param subject ESubject who is under evaluation.
- * @param resourceName Resource name.
- * @param environment Environment parameters.
- * @return <code>SubjectDecision</code> of
- * <code>ESubject</code> evaluation
- * @throws com.sun.identity.entitlement, EntitlementException in case
- * of any error
- */
- public SubjectDecision evaluate(
- Subject subject,
- String resourceName,
- Map<String, Set<String>> environment)
- throws EntitlementException {
- return null;
- }
-
- public void setName(String name) {
- }
-
- public String getName() {
- return null;
- }
-
- public Map<String, Set<String>> getSearchIndexAttributes() {
- Map<String, Set<String>> map = new HashMap<String, \
Set<String>>();
- Set<String> set = new HashSet<String>();
- set.add(SubjectAttributesCollector.ATTR_NAME_ALL_ENTITIES);
- map.put(SubjectAttributesCollector.NAMESPACE_IDENTITY, set);
- return map;
- }
-
- public Set<String> getRequiredAttributeNames() {
- return Collections.EMPTY_SET;
- }
-
- public SubjectDecision evaluate(
- String realm,
- SubjectAttributesManager mgr,
- Subject subject,
- String resourceName,
- Map<String, Set<String>> environment
- ) throws EntitlementException {
- return new SubjectDecision(true, Collections.EMPTY_MAP); //TOFIX
- }
-
- public boolean isIdentity() {
- return true;
- }
-
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementBankingSubjectjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/BankingSubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/BankingSubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/BankingSubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,37 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: BankingSubject.java,v 1.1 2009/08/19 05:40:32 veiming Exp $
- */
-package com.sun.identity.entitlement;
-
-public class BankingSubject extends UserSubject {
- public static enum Banker {
- ACCOUNT_OWNER,
- JOINT_ACCOUNT_OWNER,
- BANK_MANAGER,
- CLERK,
- ACCOUNT_MANAGER;
- }
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementDNSNameConditionjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/DNSNameCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/DNSNameCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/DNSNameCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,300 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: DNSNameCondition.java,v 1.2 2009/09/05 00:24:04 veiming Exp $
- */
-package com.sun.identity.entitlement;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-import org.json.JSONObject;
-import org.json.JSONException;
-
-/**
- * EntitlementCondition to represent IP, DNS name based constraint
- */
-public class DNSNameCondition extends EntitlementConditionAdaptor {
- /** Key that is used in an <code>DNSNameCondition</code> to define \
the DNS
- * name values for which a policy applies. The value corresponding to the
- * key has to be a <code>Set</code> with at most one element is a
- * <code>String</code> that conforms to the patterns described here.
- *
- * The patterns is :
- * <pre>
- * ccc.ccc.ccc.ccc
- * *.ccc.ccc.ccc</pre>
- * where c is any valid character for DNS domain/host name.
- * There could be any number of <code>.ccc</code> components.
- * Some sample values are:
- * <pre>
- * www.sun.com
- * finace.yahoo.com
- * *.yahoo.com
- * </pre>
- */
- public static final String DNS_NAME = "DnsName";
-
- /** Key that is used to define request DNS name that is passed in
- * the <code>env</code> parameter while invoking
- * <code>getConditionDecision</code> method of an
- * <code>DNSNameCondition</code>.
- * Value for the key should be a set of strings representing the
- * DNS names of the client, in the form <code>ccc.ccc.ccc</code>.
- * If the <code>env</code> parameter is null or does not
- * define value for <code>REQUEST_DNS_NAME</code>, the
- * value for <code>REQUEST_DNS_NAME</code> is obtained
- * from the single sign on token of the user
- *
- * @see com.sun.identity.policy.interfaces.Condition#getConditionDecision(com.iplanet.sso.SSOToken, \
java.util.Map)
- */
- public static final String REQUEST_DNS_NAME = "requestDnsName";
-
- private String domainNameMask;
- private String pConditionName;
-
- /**
- * Constructs an DNSNameCondition
- */
- public DNSNameCondition() {
- }
-
- /**
- * Constructs DNSNameCondition object
- *
- * @param domainNameMask domain name mask, for example *.example.com,
- * only wild card allowed is *
- */
- public DNSNameCondition(String domainNameMask) {
- this.domainNameMask = domainNameMask;
- }
-
- /**
- * Returns state of the object
- * @return state of the object encoded as string
- */
- public String getState() {
- return toString();
- }
-
- /**
- * Sets state of the object
- * @param state State of the object encoded as string
- */
- public void setState(String state) {
- try {
- JSONObject jo = new JSONObject(state);
- setState(jo);
- domainNameMask = jo.optString("domainNameMask");
- pConditionName = jo.optString("pConditionName");
- } catch (JSONException joe) {
- PrivilegeManager.debug.error("DNSNameCondition.setState", \
joe);
- }
- }
-
- /**
- * Returns <code>ConditionDecision</code> of
- * <code>EntitlementCondition</code> evaluation
- *
- * @param realm Realm name.
- * @param subject EntitlementCondition who is under evaluation.
- * @param resourceName Resource name.
- * @param environment Environment parameters.
- * @return <code>ConditionDecision</code> of
- * <code>EntitlementCondition</code> evaluation
- * @throws com.sun.identity.entitlement, EntitlementException in case
- * of any error
- */
- public ConditionDecision evaluate(
- String realm,
- Subject subject,
- String resourceName,
- Map<String, Set<String>> environment
- ) throws EntitlementException {
- if (environment != null) {
- Set<String> reqDnsNames = environment.get(REQUEST_DNS_NAME);
-
- if ((reqDnsNames == null) || reqDnsNames.isEmpty()) {
- return getFalseDecision();
- }
-
- for (String dns : reqDnsNames) {
- if (!isAllowedByDns(dns)) {
- return getFalseDecision();
- }
- }
-
- return new ConditionDecision(true, Collections.EMPTY_MAP);
- }
-
- return getFalseDecision();
- }
-
- private ConditionDecision getFalseDecision() {
- Set<String> set = new HashSet<String>();
- set.add(REQUEST_DNS_NAME + "=" + domainNameMask);
- Map<String, Set<String>> advice = new HashMap<String, \
Set<String>>();
- advice.put(getClass().getName(), set);
- return new ConditionDecision(false, advice);
- }
-
- private boolean isAllowedByDns(String dnsName)
- throws EntitlementException {
- if (domainNameMask.equals("*")) {
- return true;
- }
-
- dnsName = dnsName.toLowerCase();
- String mask = domainNameMask.toLowerCase();
- int starIndex = mask.indexOf("*");
-
- if (starIndex != -1) {
- // the dnsPattern is a string like *.ccc.ccc
- String dnsWildSuffix = mask.substring(starIndex+1);
- return dnsName.endsWith(dnsWildSuffix);
- }
-
- return mask.equalsIgnoreCase(dnsName);
- }
-
-
- /**
- * Returns the Domain Name Mask
- *
- * @return the Domain Name Mask
- */
- public String getDomainNameMask() {
- return domainNameMask;
- }
-
- /**
- * Sets the Domain Name Mask.
- *
- * @param domainNameMask the value for Domain Name Mask.
- */
- public void setDomainNameMask(String domainNameMask) {
- this.domainNameMask = domainNameMask;
- }
-
- /**
- * Returns OpenSSO policy subject name of the object
- * @return subject name as used in OpenSSO policy,
- * this is releavant only when UserECondition was created from
- * OpenSSO policy Condition
- */
- public String getPConditionName() {
- return pConditionName;
- }
-
- /**
- * Sets OpenSSO policy subject name of the object
- * @param pConditionName subject name as used in OpenSSO policy,
- * this is releavant only when UserECondition was created from
- * OpenSSO policy Condition
- */
- public void setPConditionName(String pConditionName) {
- this.pConditionName = pConditionName;
- }
-
- /**
- * Returns JSONObject mapping of the object
- * @return JSONObject mapping of the object
- */
- public JSONObject toJSONObject() throws JSONException {
- JSONObject jo = new JSONObject();
- toJSONObject(jo);
- jo.put("domainNameMask", domainNameMask);
- jo.put("pConditionName", pConditionName);
- return jo;
- }
-
- /**
- * Returns <code>true</code> if the passed in object is equal to \
this object
- * @param obj object to check for equality
- * @return <code>true</code> if the passed in object is equal to \
this object
- */
- @Override
- public boolean equals(Object obj) {
- if (!super.equals(obj)) {
- return false;
- }
- if (!getClass().equals(obj.getClass())) {
- return false;
- }
- DNSNameCondition object = (DNSNameCondition) obj;
- if (getDomainNameMask() == null) {
- if (object.getDomainNameMask() != null) {
- return false;
- }
- } else {
- if (!domainNameMask.equals(object.getDomainNameMask())) {
- return false;
- }
- }
- if (getPConditionName() == null) {
- if (object.getPConditionName() != null) {
- return false;
- }
- } else {
- if (!pConditionName.equals(object.getPConditionName())) {
- return false;
- }
- }
- return true;
- }
-
- /**
- * Returns hash code of the object
- * @return hash code of the object
- */
- @Override
- public int hashCode() {
- int code = super.hashCode();
- if (domainNameMask != null) {
- code += domainNameMask.hashCode();
- }
- if (pConditionName != null) {
- code += pConditionName.hashCode();
- }
- return code;
- }
-
- /**
- * Returns string representation of the object
- * @return string representation of the object
- */
- @Override
- public String toString() {
- String s = null;
- try {
- s = toJSONObject().toString(2);
- } catch (JSONException e) {
- PrivilegeManager.debug.error("DNSNameCondition.toString()", \
e);
- }
- return s;
- }
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementEntitlementExceptionjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/EntitlementException.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/EntitlementException.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/EntitlementException.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -83,7 +83,26 @@
</span><span class="cx"> public static final int MISSING_RESOURCE = 420;
</span><span class="cx"> public static final int JSON_PARSE_ERROR = 425;
</span><span class="cx"> public static final int AUTHENTICATION_ERROR = 434;
</span><ins>+ public static final int CLIENT_IP_EMPTY = 437;
+ public static final int RESOURCE_ENV_NOT_KNOWN = 438;
</ins><span class="cx">
</span><ins>+ public static final int CONDITION_EVALUTATION_FAILED = 510;
+
+ public static final int INVALID_OAUTH2_SCOPE = 700;
+ public static final int AUTH_LEVEL_NOT_INTEGER = 710;
+ public static final int PROPERTY_VALUE_NOT_DEFINED = 711;
+ public static final int AUTH_LEVEL_NOT_INT_OR_SET = 712;
+ public static final int AUTH_SCHEME_NOT_FOUND = 713;
+ public static final int INVALID_ADMIN = 720;
+ public static final int AM_ID_SUBJECT_MEMBERSHIP_EVALUATION_ERROR = 721;
+ public static final int UNABLE_TO_PARSE_SSOTOKEN_AUTHINSTANT = 730;
+ public static final int AT_LEAST_ONE_OF_TIME_PROPS_SHOULD_BE_DEFINED = 740;
+ public static final int PAIR_PROPERTY_NOT_DEFINED = 741;
+ public static final int END_IP_BEFORE_START_IP = 750;
+
+ public static final int PROPERTY_IS_NOT_AN_INTEGER = 800;
+ public static final int PROPERTY_IS_NOT_A_SET = 801;
+
</ins><span class="cx"> private int errorCode;
</span><span class="cx"> private String message;
</span><span class="cx"> private Object[] params;
</span><span class="lines">@@ -179,4 +198,4 @@
</span><span class="cx"> return (params != null) ? MessageFormat.format(msg, \
params) : </span><span class="cx"> msg;
</span><span class="cx"> }
</span><del>-}
</del><span class="cx">\ No newline at end of file
</span><ins>+}
</ins></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementEntitlementSubjectImpljava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/EntitlementSubjectImpl.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/EntitlementSubjectImpl.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/EntitlementSubjectImpl.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,6 +24,11 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: EntitlementSubjectImpl.java,v 1.2 2009/10/29 \
19:05:18 veiming Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import java.security.Principal;
</span><span class="lines">@@ -34,7 +39,10 @@
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * EntitlementSubject to represent group identity for \
membership check. </span><ins>+ *
+ * @deprecated As of ForgeRock OpenAM 12.
</ins><span class="cx"> */
</span><ins>+@Deprecated
</ins><span class="cx"> public abstract class EntitlementSubjectImpl implements \
SubjectImplementation { </span><span class="cx"> private String uuid;
</span><span class="cx"> private String pSubjectName;
</span></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementGroupSubjectjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/GroupSubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/GroupSubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/GroupSubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,6 +24,11 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: GroupSubject.java,v 1.1 2009/08/19 05:40:33 veiming \
Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import java.util.Collections;
</span><span class="lines">@@ -35,7 +40,10 @@
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * This class represents group identity for membership check
</span><ins>+ *
+ * @deprecated As of ForgeRock OpenAM 12.
</ins><span class="cx"> */
</span><ins>+@Deprecated
</ins><span class="cx"> public class GroupSubject extends EntitlementSubjectImpl {
</span><span class="cx"> public static final String GROUP_NAME = \
"group"; </span><span class="cx">
</span></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementIPConditionjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/IPCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/IPCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/IPCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,351 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: IPCondition.java,v 1.3 2009/09/05 00:24:04 veiming Exp $
- */
-
-/*
- * Portions Copyrighted 2013 ForgeRock Inc
- */
-
-package com.sun.identity.entitlement;
-
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-import java.util.StringTokenizer;
-import javax.security.auth.Subject;
-
-import org.forgerock.openam.utils.ValidateIPaddress;
-import org.json.JSONObject;
-import org.json.JSONException;
-
-import com.googlecode.ipv6.IPv6Address;
-import com.googlecode.ipv6.IPv6AddressRange;
-
-/**
- * Entitlement Condition to represent IP constraint
- */
-public class IPCondition extends EntitlementConditionAdaptor {
- /** Key that is used to define request IP address that is passed in
- * the <code>env</code> parameter while invoking
- * <code>getConditionDecision</code> method of an \
<code>IPCondition</code>.
- * Value for the key should be a <code>String</code> that is a \
string
- * representation of IP of the client, in the form n.n.n.n where n is a
- * value between 0 and 255 inclusive.
- *
- * @see com.sun.identity.policy.interfaces.Condition#getConditionDecision(com.iplanet.sso.SSOToken, \
java.util.Map)
- * @see DNSNameCondition#REQUEST_DNS_NAME
- */
- public static final String REQUEST_IP = "requestIp";
-
- private String startIp;
- private String endIp;
- private String pConditionName;
-
- /**
- * Constructs an IPCondition
- */
- public IPCondition() {
- }
-
- /**
- * Constructs IPCondition object:w
- * @param startIp starting ip of a range for example 121.122.123.124
- * @param endIp ending ip of a range, for example 221.222.223.224
- */
- public IPCondition(String startIp, String endIp) {
- this.startIp = startIp;
- this.endIp = endIp;
- }
-
- /**
- * Returns state of the object
- * @return state of the object encoded as string
- */
- public String getState() {
- return toString();
- }
-
- /**
- * Sets state of the object
- * @param state State of the object encoded as string
- */
- public void setState(String state) {
- try {
- JSONObject jo = new JSONObject(state);
- setState(jo);
- startIp = jo.optString("startIp");
- endIp = jo.optString("endIp");
- pConditionName = jo.optString("pConditionName");
- } catch (JSONException e) {
- PrivilegeManager.debug.error("IPCondition.setState", e);
- }
- }
-
- /**
- * Returns <code>ConditionDecision</code> of
- * <code>EntitlementCondition</code> evaluation
- *
- * @param realm Realm Name.
- * @param subject EntitlementCondition who is under evaluation.
- * @param resourceName Resource name.
- * @param environment Environment parameters.
- * @return <code>ConditionDecision</code> of
- * <code>EntitlementCondition</code> evaluation
- * @throws EntitlementException if any errors occur.
- */
- public ConditionDecision evaluate(
- String realm,
- Subject subject,
- String resourceName,
- Map<String, Set<String>> environment
- ) throws EntitlementException {
- String ip = null;
- Object ipObject = environment.get(REQUEST_IP);
-
- // code changed to fix issue 5440
- // IPCondition evaluation is breaking
- if (ipObject != null) {
- if (ipObject instanceof String) {
- ip = (String)ipObject;
- } else if (ipObject instanceof Set) {
- Set<String> setIP= (Set<String>)ipObject;
- ip = !setIP.isEmpty() ?
- setIP.iterator().next() : null;
- }
- }
-
- if ((ip != null) && isAllowedByIp(ip)) {
- return new ConditionDecision(true, Collections.EMPTY_MAP);
- }
-
- Set<String> set = new HashSet<String>();
- set.add(REQUEST_IP + "=" + startIp + "-" + endIp);
- Map<String, Set<String>> advice = new HashMap<String, \
Set<String>>();
- advice.put(getClass().getName(), set);
- return new ConditionDecision(false, advice);
- }
-
- private boolean isAllowedByIp(String ip) throws EntitlementException {
- String args[] = { "ip", ip };
- if(ValidateIPaddress.isIPv4(ip) &&
- ValidateIPaddress.isIPv4(startIp) && \
ValidateIPaddress.isIPv4(endIp)) {
- try{
- long requestIp = stringToIp(ip);
- long startIpNum = stringToIp(startIp);
- long endIpNum = stringToIp(endIp);
- return ((requestIp >= startIpNum) && (requestIp <= \
endIpNum));
- } catch (Exception e){
- throw new EntitlementException(400, args);
- }
- } else if(ValidateIPaddress.isIPv6(ip) &&
- ValidateIPaddress.isIPv6(startIp) && \
ValidateIPaddress.isIPv6(endIp)) {
- try{
- IPv6AddressRange ipv6Range = IPv6AddressRange.fromFirstAndLast(
- \
IPv6Address.fromString(startIp),IPv6Address.fromString(endIp));
- return ipv6Range.contains(IPv6Address.fromString(ip));
- } catch (Exception e){
- throw new EntitlementException(400, args);
- }
- } else {
- PrivilegeManager.debug.error("IP address invalid" + ip);
- throw new EntitlementException(400, args);
- }
- }
-
- private long stringToIp(String ip) throws EntitlementException {
- StringTokenizer st = new StringTokenizer(ip, ".");
- int tokenCount = st.countTokens();
- if ( tokenCount != 4 ) {
- String args[] = { "ip", ip };
- throw new EntitlementException(400, args);
- }
- long ipValue = 0L;
- while ( st.hasMoreElements()) {
- String s = st.nextToken();
- short ipElement = 0;
- try {
- ipElement = Short.parseShort(s);
- } catch(Exception e) {
- String args[] = { "ip", ip };
- throw new EntitlementException(400, args);
- }
- if ( ipElement < 0 || ipElement > 255 ) {
- String args[] = { "ipElement", s };
- throw new EntitlementException(400, args);
- }
- ipValue = ipValue * 256L + ipElement;
- }
- return ipValue;
- }
-
- /**
- * Return start IP.
- *
- * @return the start IP.
- */
- public String getStartIp() {
- return startIp;
- }
-
- /**
- * Set start IP.
- *
- * @param startIp Start IP.
- */
- public void setStartIp(String startIp) {
- this.startIp = startIp;
- }
-
- /**
- * Returns end IP.
- *
- * @return the end IP.
- */
- public String getEndIp() {
- return endIp;
- }
-
- /**
- * Sets end IP.
- *
- * @param endIp the end IP.
- */
- public void setEndIp(String endIp) {
- this.endIp = endIp;
- }
-
- /**
- * Returns OpenSSO policy subject name of the object
- * @return subject name as used in OpenSSO policy,
- * this is releavant only when UserECondition was created from
- * OpenSSO policy Condition
- */
- public String getPConditionName() {
- return pConditionName;
- }
-
- /**
- * Sets OpenSSO policy subject name of the object
- * @param pConditionName subject name as used in OpenSSO policy,
- * this is releavant only when UserECondition was created from
- * OpenSSO policy Condition
- */
- public void setPConditionName(String pConditionName) {
- this.pConditionName = pConditionName;
- }
-
- /**
- * Returns JSONObject mapping of the object
- * @return JSONObject mapping of the object
- */
- public JSONObject toJSONObject() throws JSONException {
- JSONObject jo = new JSONObject();
- toJSONObject(jo);
- jo.put("startIp", startIp);
- jo.put("endIp", endIp);
- jo.put("pConditionName", pConditionName);
- return jo;
- }
-
- /**
- * Returns <code>true</code> if the passed in object is equal to \
this object
- * @param obj object to check for equality
- * @return <code>true</code> if the passed in object is equal to \
this object
- */
- @Override
- public boolean equals(Object obj) {
- if (!super.equals(obj)) {
- return false;
- }
- IPCondition object = (IPCondition) obj;
- if (getStartIp() == null) {
- if (object.getStartIp() != null) {
- return false;
- }
- } else {
- if (!startIp.equals(object.getStartIp())) {
- return false;
- }
- }
- if (getEndIp() == null) {
- if (object.getEndIp() != null) {
- return false;
- }
- } else {
- if (!endIp.equals(object.getEndIp())) {
- return false;
- }
- }
- if (getPConditionName() == null) {
- if (object.getPConditionName() != null) {
- return false;
- }
- } else {
- if (!pConditionName.equals(object.getPConditionName())) {
- return false;
- }
- }
- return true;
- }
-
- /**
- * Returns hash code of the object
- * @return hash code of the object
- */
- @Override
- public int hashCode() {
- int code = super.hashCode();
-
- if (startIp != null) {
- code += startIp.hashCode();
- }
- if (endIp != null) {
- code += endIp.hashCode();
- }
- if (pConditionName != null) {
- code += pConditionName.hashCode();
- }
- return code;
- }
-
- /**
- * Returns string representation of the object
- * @return string representation of the object
- */
- @Override
- public String toString() {
- String s = null;
- try {
- s = toJSONObject().toString(2);
- } catch (JSONException e) {
- PrivilegeManager.debug.error("IPCondiiton.toString", e);
- }
- return s;
- }
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementIdRepoRoleSubjectjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/IdRepoRoleSubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/IdRepoRoleSubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/IdRepoRoleSubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,33 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: IdRepoRoleSubject.java,v 1.1 2009/08/19 05:40:33 veiming Exp $
- */
-package com.sun.identity.entitlement;
-
-/**
- * Identity Repository Role Subject.
- */
-public class IdRepoRoleSubject extends RoleSubject {
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementRoleSubjectjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/RoleSubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/RoleSubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/RoleSubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,135 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: RoleSubject.java,v 1.1 2009/08/19 05:40:33 veiming Exp $
- */
-package com.sun.identity.entitlement;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-
-/**
- * EntitlementSubject to represent role identity for membership check.
- */
-public class RoleSubject extends EntitlementSubjectImpl {
- public static final String ROLE_NAME = "role";
-
- /**
- * Constructs an RoleSubject
- */
- public RoleSubject() {
- super();
- }
-
- /**
- * Constructs RoleSubject
- * @param role the uuid of the role who is member of the EntitlementSubject
- */
- public RoleSubject(String role) {
- super(role);
- }
-
- /**
- * Constructs RoleSubject
- * @param role the uuid of the role who is member of the EntitlementSubject
- * @param pSubjectName subject name as used in OpenSSO policy,
- * this is releavant only when RoleSubject was created from
- * OpenSSO policy Subject
- */
- public RoleSubject(String role, String pSubjectName) {
- super(role, pSubjectName);
- }
-
- /**
- * Returns <code>SubjectDecision</code> of
- * <code>EntitlementSubject</code> evaluation
- *
- * @param realm Realm name.
- * @param subject EntitlementSubject who is under evaluation.
- * @param resourceName Resource name.
- * @param environment Environment parameters.
- * @return <code>SubjectDecision</code> of
- * <code>EntitlementSubject</code> evaluation
- * @throws EntitlementException if any errors ocurr.
- */
- public SubjectDecision evaluate(
- String realm,
- SubjectAttributesManager mgr,
- Subject subject,
- String resourceName,
- Map<String, Set<String>> environment)
- throws EntitlementException {
- boolean satified = false;
- Set publicCreds = subject.getPublicCredentials();
- if ((publicCreds != null) && !publicCreds.isEmpty()) {
- Map<String, Set<String>> attributes = (Map<String, \
Set<String>>)
- publicCreds.iterator().next();
- Set<String> values = attributes.get(
- SubjectAttributesCollector.NAMESPACE_MEMBERSHIP + ROLE_NAME);
- satified = (values != null) ? values.contains(getID()) : false;
- }
-
- satified = satified ^ isExclusive();
- return new SubjectDecision(satified, Collections.EMPTY_MAP);
- }
-
-
- /**
- * Returns search index attributes.
- *
- * @return search index attributes.
- */
- public Map<String, Set<String>> getSearchIndexAttributes() {
- Map<String, Set<String>> map = new HashMap<String, \
Set<String>>(2);
- Set<String> set = new HashSet<String>();
- set.add(getID());
- map.put(SubjectAttributesCollector.NAMESPACE_MEMBERSHIP + ROLE_NAME,
- set);
- return map;
- }
-
- /**
- * Returns required attribute names.
- *
- * @return required attribute names.
- */
- public Set<String> getRequiredAttributeNames() {
- Set<String> set = new HashSet<String>(2);
- set.add(SubjectAttributesCollector.NAMESPACE_MEMBERSHIP + ROLE_NAME);
- return set;
- }
-
- /**
- * Returns <code>true</code> is this subject is an identity object.
- *
- * @return <code>true</code> is this subject is an identity object.
- */
- public boolean isIdentity() {
- return true;
- }
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementTimeConditionjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/TimeCondition.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/TimeCondition.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/TimeCondition.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,754 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: TimeCondition.java,v 1.4 2010/01/05 22:00:26 dillidorai Exp $
- */
-package com.sun.identity.entitlement;
-
-
-import java.text.DateFormat;
-import java.text.SimpleDateFormat;
-import java.util.Calendar;
-import java.util.Date;
-import java.util.GregorianCalendar;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-import java.util.StringTokenizer;
-import java.util.TimeZone;
-import javax.security.auth.Subject;
-import org.json.JSONObject;
-import org.json.JSONException;
-
-/**
- * EntitlementCondition to represent time based constraint
- * @author dorai
- */
-public class TimeCondition extends EntitlementConditionAdaptor {
- /**
- * Key that is used to define current time that is passed in the
- * <code>env</code> parameter while invoking \
<code>getConditionDecision
- * </code> method of the <code>SimpleTimeCondition</code>. \
Value for the
- * key should be a <code>Long</code> object whose value is time in
- * milliseconds since epoch. If no value is given for this, it is assumed
- * to be the current system time
- *
- * @see com.sun.identity.policy.interfaces.Condition#getConditionDecision(com.iplanet.sso.SSOToken, \
java.util.Map)
- * @see com.sun.identity.policy.plugins.SimpleTimeCondition#ENFORCEMENT_TIME_ZONE
- */
- public static final String REQUEST_TIME = "requestTime";
-
- /**
- * Key that is used to define the time zone that is passed in
- * the <code>env</code> parameter while invoking
- * <code>getConditionDecision</code> method of a
- * <code>SimpleTimeCondition</code>
- * Value for the key should be a <code>TimeZone</code> object. This
- * would be used only if the <code>ENFORCEMENT_TIME_ZONE</code> is \
not
- * defined for the <code>SimpleTimeCondition</code>
- *
- * @see com.sun.identity.policy.interfaces.Condition#getConditionDecision(com.iplanet.sso.SSOToken, \
java.util.Map)
- * @see com.sun.identity.policy.plugins.SimpleTimeCondition#ENFORCEMENT_TIME_ZONE
- * @see java.util.TimeZone
- */
- public static final String REQUEST_TIME_ZONE = "requestTimeZone";
-
- private static final String DATE_FORMAT = "yyyy:MM:dd";
- private static final String[] DAYS_OF_WEEK = { "", "sun", \
"mon", "tue",
- "wed", "thu", "fri", "sat"};
-
- private String startTime;
- private String endTime;
- private String startDay;
- private String endDay;
- private String startDate;
- private String endDate;
- private String enforcementTimeZone;
- private String pConditionName;
-
- /**
- * Constructs an TimeCondition
- */
- public TimeCondition() {
- }
-
- /**
- * Constructs IPCondition object:w
- *
- * @param startTime
- * @param endTime
- * @param startDay
- * @param endDay
- */
- public TimeCondition(String startTime, String endTime,
- String startDay, String endDay) {
- this.startTime = startTime;
- this.endTime = endTime;
- this.startDay = startDay;
- this.endDay = endDay;
- }
-
- /**
- * Returns state of the object
- * @return state of the object encoded as string
- */
- public String getState() {
- return toString();
- }
-
- /**
- * Sets state of the object
- * @param state State of the object encoded as string
- */
- public void setState(String state) {
- try {
- JSONObject jo = new JSONObject(state);
- setState(jo);
- startTime = jo.optString("startTime");
- endTime = (jo.has("endTime")) ? \
jo.optString("endTime") : null;
- startDay = jo.optString("startDay");
- endDay = jo.optString("endDay");
- startDate = jo.optString("startDate");
- endDate = (jo.has("endDate")) ? \
jo.optString("endDate") : null;
- pConditionName = jo.optString("pConditionName");
- enforcementTimeZone = jo.optString("enforcementTimeZone");
- } catch (JSONException joe) {
- }
- }
-
- /**
- * Returns <code>ConditionDecision</code> of
- * <code>EntitlementCondition</code> evaluation
- *
- * @param realm Realm name.
- * @param subject EntitlementCondition who is under evaluation.
- * @param resourceName Resource name.
- * @param environment Environment parameters.
- * @return <code>ConditionDecision</code> of
- * <code>EntitlementCondition</code> evaluation
- * @throws com.sun.identity.entitlement, EntitlementException in case
- * of any error
- */
- public ConditionDecision evaluate(
- String realm,
- Subject subject,
- String resourceName,
- Map<String, Set<String>> environment)
- throws EntitlementException {
- boolean allowed = false;
- long currentGmt = System.currentTimeMillis();
-
-
- TimeZone timeZone = TimeZone.getDefault();
- if (environment != null) {
- String time = getProperty(environment, REQUEST_TIME);
- if (time != null) {
- try {
- currentGmt = Long.parseLong(time);
- } catch (NumberFormatException e) {
- //ignore
- }
- }
-
- String tZone = getProperty(environment, REQUEST_TIME_ZONE);
- if (tZone != null) {
- timeZone = TimeZone.getTimeZone(enforcementTimeZone);
- }
- }
-
- long[] effectiveRange = getEffectiveRange(currentGmt, timeZone);
- Map<String, Set<String>> advices = new HashMap<String, \
Set<String>>();
-
- if ((currentGmt >= effectiveRange[0]) &&
- (currentGmt <= effectiveRange[1])
- ) {
- allowed = true;
- long timeToLive = effectiveRange[1] - currentGmt;
- Set<String> setDuration = new HashSet<String>(2);
- Set<String> setMaxTime = new HashSet<String>(2);
- setDuration.add(Long.toString(timeToLive));
- setMaxTime.add(Long.toString(effectiveRange[1]));
- advices.put(ConditionDecision.TIME_TO_LIVE, setDuration);
- advices.put(ConditionDecision.MAX_TIME, setMaxTime);
- } else if (currentGmt < effectiveRange[0]) {
- long timeToLive = effectiveRange[0] - currentGmt;
- Set<String> setDuration = new HashSet<String>(2);
- Set<String> setMaxTime = new HashSet<String>(2);
- setDuration.add(Long.toString(timeToLive));
- setMaxTime.add(Long.toString(effectiveRange[0]));
- advices.put(ConditionDecision.TIME_TO_LIVE, setDuration);
- advices.put(ConditionDecision.MAX_TIME, setMaxTime);
- }
-
- return new ConditionDecision(allowed, advices);
- }
-
- private static String getProperty(
- Map<String, Set<String>> environment,
- String name
- ) {
- Set<String> set = environment.get(name);
- return ((set != null) && !set.isEmpty()) ? set.iterator().next() \
:null;
- }
-
- /**
- * @return the startTime
- */
- public String getStartTime() {
- return startTime;
- }
-
- /**
- * @param startTime the startTime to set
- */
- public void setStartTime(String startTime) {
- this.startTime = startTime;
- }
-
- /**
- * @return the endTime
- */
- public String getEndTime() {
- return endTime;
- }
-
- /**
- * @param endTime the endTime to set
- */
- public void setEndTime(String endTime) {
- this.endTime = endTime;
- }
-
- /**
- * @return the startDay
- */
- public String getStartDay() {
- return startDay;
- }
-
- /**
- * @param startDay the startDay to set
- */
- public void setStartDay(String startDay) {
- this.startDay = startDay;
- }
-
- /**
- * @return the endDay
- */
- public String getEndDay() {
- return endDay;
- }
-
- /**
- * @param endDay the endDay to set
- */
- public void setEndDay(String endDay) {
- this.endDay = endDay;
- }
-
- /**
- * @return the startDate
- */
- public String getStartDate() {
- return startDate;
- }
-
- /**
- * @param startDate the startDate to set
- */
- public void setStartDate(String startDate) {
- this.startDate = startDate;
- }
-
- /**
- * @return the endDate
- */
- public String getEndDate() {
- return endDate;
- }
-
- /**
- * @param endDate the endDate to set
- */
- public void setEndDate(String endDate) {
- this.endDate = endDate;
- }
-
- /**
- * @return the enforcementTimeZone
- */
- public String getEnforcementTimeZone() {
- return enforcementTimeZone;
- }
-
- /**
- * @param enforcementTimeZone the enforcementTimeZone to set
- */
- public void setEnforcementTimeZone(String enforcementTimeZone) {
- this.enforcementTimeZone = enforcementTimeZone;
- }
-
- /**
- * Returns OpenSSO policy subject name of the object
- * @return subject name as used in OpenSSO policy,
- * this is releavant only when UserECondition was created from
- * OpenSSO policy Condition
- */
- public String getPConditionName() {
- return pConditionName;
- }
-
- /**
- * Sets OpenSSO policy subject name of the object
- * @param pConditionName subject name as used in OpenSSO policy,
- * this is releavant only when UserECondition was created from
- * OpenSSO policy Condition
- */
- public void setPConditionName(String pConditionName) {
- this.pConditionName = pConditionName;
- }
-
- /**
- * Returns JSONObject mapping of the object
- * @return JSONObject mapping of the object
- */
- public JSONObject toJSONObject() throws JSONException {
- JSONObject jo = new JSONObject();
- toJSONObject(jo);
- jo.put("startTime", startTime);
-
- if (endTime != null) {
- jo.put("endTime", endTime);
- }
-
- jo.put("startDay", startDay);
- jo.put("endDay", endDay);
- jo.put("startDate", startDate);
-
- if (endDate != null) {
- jo.put("endDate", endDate);
- }
- jo.put("enforcementTimeZone", enforcementTimeZone);
- jo.put("pConditionName", pConditionName);
- return jo;
- }
-
- /**
- * Returns <code>true</code> if the passed in object is equal to \
this object
- * @param obj object to check for equality
- * @return <code>true</code> if the passed in object is equal to \
this object
- */
- @Override
- public boolean equals(Object obj) {
- if (!super.equals(obj)) {
- return false;
- }
- if (!getClass().equals(obj.getClass())) {
- return false;
- }
- TimeCondition object = (TimeCondition) obj;
- if (startDay == null) {
- if (object.getStartDay() != null) {
- return false;
- }
- } else {
- if (!startDay.equals(object.getStartDay())) {
- return false;
- }
- }
- if (getEndDay() == null) {
- if (object.getEndDay() != null) {
- return false;
- }
- } else {
- if (!endDay.equals(object.getEndDay())) {
- return false;
- }
- }
- if (startDate == null) {
- if (object.getStartDate() != null) {
- return false;
- }
- } else {
- if (!startDate.equals(object.getStartDate())) {
- return false;
- }
- }
- if (getEndDate() == null) {
- if (object.getEndDate() != null) {
- return false;
- }
- } else {
- if (!endDate.equals(object.getEndDate())) {
- return false;
- }
- }
-
- if (getEnforcementTimeZone() == null) {
- if (object.getEnforcementTimeZone() != null) {
- return false;
- }
- } else {
- if (!enforcementTimeZone.equals(object.getEnforcementTimeZone())) {
- return false;
- }
- }
-
- if (getPConditionName() == null) {
- if (object.getPConditionName() != null) {
- return false;
- }
- } else {
- if (!pConditionName.equals(object.getPConditionName())) {
- return false;
- }
- }
- return true;
- }
-
- /**
- * Returns hash code of the object
- * @return hash code of the object
- */
- @Override
- public int hashCode() {
- int code = super.hashCode();
- if (startTime != null) {
- code += startTime.hashCode();
- }
- if (startDate != null) {
- code += startDate.hashCode();
- }
- if (startDay != null) {
- code += startDay.hashCode();
- }
- if (endTime != null) {
- code += endTime.hashCode();
- }
- if (endDate != null) {
- code += endDate.hashCode();
- }
- if (endDay != null) {
- code += endDay.hashCode();
- }
- if (enforcementTimeZone != null) {
- code += enforcementTimeZone.hashCode();
- }
- if (pConditionName != null) {
- code += pConditionName.hashCode();
- }
- return code;
- }
-
- /**
- * Returns string representation of the object
- * @return string representation of the object
- */
- @Override
- public String toString() {
- String s = null;
- try {
- s = toJSONObject().toString(2);
- } catch (JSONException e) {
- PrivilegeManager.debug.error("TimeCondition.toString()", e);
- }
- return s;
- }
-
- private long getTime(Calendar calendar, String time, long defaultVal)
- throws EntitlementException {
- if ((time == null) || (time.length() == 0)) {
- return defaultVal;
- }
-
- int t = parseTimeString(time);
- if (t == -1) {
- return defaultVal;
- }
-
- int hours = t / 60;
- int minutes = t - hours * 60;
- calendar.set(Calendar.HOUR_OF_DAY, hours);
- calendar.set(Calendar.MINUTE, minutes);
- calendar.set(Calendar.SECOND, 0);
- calendar.set(Calendar.MILLISECOND, 0);
- return calendar.getTime().getTime();
- }
-
- /**
- * Using the start and end times and dates get the effective
- * start and end date in the <code>timeZone</code> specified
- * using the current time in GMT ( <code>currentGmt</code>).
- * @return long[] Array of <code>long</code> of size 2 where
- * end range.
- */
- private long[] getEffectiveRange(long currentGmt, TimeZone timeZone)
- throws EntitlementException {
- long[] effectiveRange = new long[2];
-
- Calendar calendar = new GregorianCalendar(timeZone);
- calendar.setTime( new Date(currentGmt) );
-
- long timeStart = getTime(calendar, startTime, Long.MIN_VALUE);
- long timeEnd = getTime(calendar, endTime, Long.MAX_VALUE);
-
- if( timeEnd < timeStart) {
- Calendar cal = new GregorianCalendar(timeZone);
- if (currentGmt < timeStart) {
- cal.setTime(new Date(timeStart));
- cal.roll(Calendar.DAY_OF_YEAR, false);
- timeStart = cal.getTime().getTime();
- } else {
- cal.setTime(new Date(timeEnd));
- cal.roll(Calendar.DAY_OF_YEAR, true);
- timeEnd = cal.getTime().getTime();
- }
- }
-
- long dayStart = Long.MIN_VALUE;
- /* need to set the date again on the calendar object
- Reason was discovered to be the fact that when HOUR_OF_DAY etc
- are set on the calendar the WEEK_OF_MONTH, DAY_OF_THE_WEEK
- gets initialized to "?" , and once that happens the below
- calendar.set(Calendar.DAY_OF_WEEK, startDay) does not seem
- to set the DAY_OF_WEEK, since the fields which it needs to set
- on the basis of like WEEK_OF_MONTH, WEEK_OF_YEAR are lost too.
- Setting the date again reinitializes all the necessary fields
- to be able to set "DAY_OF_WEEK" correctly below.
- */
-
- calendar.setTime( new Date(currentGmt) );
- int startD = parseDayString(startDay);
- if (startD != -1) {
- calendar.set(Calendar.DAY_OF_WEEK, startD);
- calendar.set(Calendar.HOUR_OF_DAY, 0);
- calendar.set(Calendar.MINUTE, 0);
- calendar.set(Calendar.SECOND, 0);
- calendar.set(Calendar.MILLISECOND, 0);
- dayStart = calendar.getTime().getTime();
- }
-
- long dayEnd = Long.MAX_VALUE;
- int endD = parseDayString(endDay);
- if (endD != -1) {
- calendar.set(Calendar.DAY_OF_WEEK, endD);
- calendar.set(Calendar.HOUR_OF_DAY, 24);
- calendar.set(Calendar.MINUTE, 0);
- calendar.set(Calendar.SECOND, 0);
- calendar.set(Calendar.MILLISECOND, 0);
- dayEnd = calendar.getTime().getTime();
- }
- if( dayEnd <= dayStart) {
- Calendar cal = new GregorianCalendar(timeZone);
- if ( currentGmt < dayStart) {
- cal.setTime(new Date(dayStart));
- cal.roll(Calendar.WEEK_OF_YEAR, false);
- dayStart = cal.getTime().getTime();
- } else {
- cal.setTime(new Date(dayEnd));
- cal.roll(Calendar.WEEK_OF_YEAR, true);
- dayEnd = cal.getTime().getTime();
- if (dayEnd <= dayStart) {
- // week is rolling over year, see issue 4326
- int ye = cal.get(Calendar.YEAR);
- cal.set(Calendar.YEAR, ye + 1);
- cal.set(Calendar.DAY_OF_WEEK, endD);
- cal.set(Calendar.HOUR_OF_DAY, 24);
- cal.set(Calendar.MINUTE, 0);
- cal.set(Calendar.SECOND, 0);
- cal.set(Calendar.MILLISECOND, 0);
- dayEnd = cal.getTime().getTime();
- }
- }
- }
-
- long dateStart = Long.MIN_VALUE;
- DateArray dateArray = validateDates(startDate, endDate);
-
- if (dateArray.startDateArray[0] != -1) {
- calendar.set(Calendar.YEAR, dateArray.startDateArray[0]);
- calendar.set(Calendar.MONTH, dateArray.startDateArray[1]);
- calendar.set(Calendar.DAY_OF_MONTH, dateArray.startDateArray[2]);
- calendar.set(Calendar.HOUR_OF_DAY, 0);
- calendar.set(Calendar.MINUTE, 0);
- calendar.set(Calendar.SECOND, 0);
- calendar.set(Calendar.MILLISECOND, 0);
- dateStart = calendar.getTime().getTime();
- }
-
- long dateEnd = Long.MAX_VALUE;
- if (dateArray.endDateArray[0] != -1) {
- calendar.set(Calendar.YEAR, dateArray.endDateArray[0]);
- calendar.set(Calendar.MONTH, dateArray.endDateArray[1]);
- calendar.set(Calendar.DAY_OF_MONTH, dateArray.endDateArray[2]);
- calendar.set(Calendar.HOUR_OF_DAY, 24);
- calendar.set(Calendar.MINUTE, 0);
- calendar.set(Calendar.SECOND, 0);
- calendar.set(Calendar.MILLISECOND, 0);
- dateEnd = calendar.getTime().getTime();
- }
-
- long rangeStart = Long.MIN_VALUE;
- if ( timeStart > rangeStart ) {
- rangeStart = timeStart;
- }
- if ( dayStart > rangeStart ) {
- rangeStart = dayStart;
- }
- if ( dateStart > rangeStart ) {
- rangeStart = dateStart;
- }
-
- long rangeEnd = Long.MAX_VALUE;
- if ( timeEnd < rangeEnd ) {
- rangeEnd = timeEnd;
- }
- if ( dayEnd < rangeEnd ) {
- rangeEnd = dayEnd;
- }
- if ( dateEnd < rangeEnd ) {
- rangeEnd = dateEnd;
- }
-
- effectiveRange[0] = rangeStart;
- effectiveRange[1] = rangeEnd;
-
- return effectiveRange;
- }
-
- /**
- * Converts time in <code>String</code> format to an int.
- * @exception PolicyException for invalid data.
- */
- private static int parseTimeString(String timeString)
- throws EntitlementException {
- if ((timeString == null) || (timeString.length() == 0)) {
- return -1;
- }
- StringTokenizer st = new StringTokenizer(timeString, ":");
- if ( st.countTokens() != 2 ) {
- String[] args = { "time", timeString };
- throw new EntitlementException(400, args);
- }
- String token1 = st.nextToken();
- String token2 = st.nextToken();
- int hour = -1;
- int minute = -1;
- try {
- hour = Integer.parseInt(token1);
- minute = Integer.parseInt(token2);
- } catch ( Exception e) {
- String[] args = { "time", timeString };
- throw new EntitlementException(400, args);
- }
- if ( (hour < 0) || (hour > 24) || (minute < 0) || (minute > 59) \
) {
- String[] args = { "time", timeString };
- throw new EntitlementException(400, args);
- }
- return hour * 60 + minute;
- }
-
- /**
- * Converts day in <code>String</code> format to an int.
- * based on the <code>DAYS_OF_WEEK</code>
- * @see #DAYS_OF_WEEK
- */
- private static int parseDayString(String dayString) {
- int day = -1;
- if ((dayString != null) && (dayString.length() > 0)) {
- String dayStringLc = dayString.toLowerCase();
- for (int i = 1; i < 8; i++) {
- if (DAYS_OF_WEEK[i].equals(dayStringLc)) {
- day = i;
- break;
- }
- }
- }
- return day;
- }
-
- /**
- * extracts <code>startDate</code> and \
<code>endDate</code> from the
- * respective <code>Set</code>, throws Exception for invalid data
- * like startDate > endDate or format.
- * @see #START_DATE
- * @see #END_DATE
- */
- private DateArray validateDates(String startDate, String endDate)
- throws EntitlementException {
- DateArray dateArray = new DateArray();
-
- if ((startDate == null) || (startDate.length() == 0)) {
- return dateArray;
- }
-
- DateFormat df = new SimpleDateFormat(DATE_FORMAT);
- df.setLenient(false);
- df.setTimeZone(TimeZone.getTimeZone("GMT"));
-
- Date dateStart = getDate(df, startDate);
- Date dateEnd = ((endDate == null) || (endDate.length() == 0)) ? null :
- getDate(df, endDate);
-
- if (dateEnd != null) {
- if (dateStart.getTime() > dateEnd.getTime()) {
- String[] args = {startDate, endDate};
- throw new EntitlementException(402, args);
- }
- }
-
- Calendar cal = new GregorianCalendar(TimeZone.getTimeZone("GMT"));
-
- cal.setTime(dateStart);
- dateArray.startDateArray[0] = cal.get(Calendar.YEAR);
- dateArray.startDateArray[1] = cal.get(Calendar.MONTH);
- dateArray.startDateArray[2] = cal.get(Calendar.DAY_OF_MONTH);
-
- if (dateEnd != null) {
- cal.setTime(dateEnd);
- dateArray.endDateArray[0] = cal.get(Calendar.YEAR);
- dateArray.endDateArray[1] = cal.get(Calendar.MONTH);
- dateArray.endDateArray[2] = cal.get(Calendar.DAY_OF_MONTH);
- }
-
- return dateArray;
- }
-
- private Date getDate(DateFormat df, String date)
- throws EntitlementException {
- try {
- return df.parse(date);
- } catch (Exception e) {
- String[] args = {startDate};
- throw new EntitlementException(401, args, e);
- }
- }
-
- class DateArray {
- int startDateArray[] = {-1,0,0};
- int endDateArray[] = {-1,0,0};
- }
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementUserSubjectjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/UserSubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/UserSubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/UserSubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,6 +24,11 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: UserSubject.java,v 1.1 2009/08/19 05:40:34 veiming \
Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx">
</span><span class="lines">@@ -36,8 +41,10 @@
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * EntitlementSubject to represent user identity for \
membership check </span><del>- * @author dorai
</del><ins>+ *
+ * @deprecated As of ForgeRock OpenAM 12.
</ins><span class="cx"> */
</span><ins>+@Deprecated
</ins><span class="cx"> public class UserSubject extends EntitlementSubjectImpl {
</span><span class="cx"> /**
</span><span class="cx"> * Constructs an UserSubject
</span></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavacomsunidentityentitlementVirtualSubjectjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/VirtualSubject.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/VirtualSubject.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/com/sun/identity/entitlement/VirtualSubject.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,51 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: VirtualSubject.java,v 1.2 2009/10/29 19:05:19 veiming Exp $
- */
-
-package com.sun.identity.entitlement;
-
-
-public abstract class VirtualSubject implements SubjectImplementation {
- public enum VirtualId {
- ANY_USER,
- AUTHENTICATED;
-
- public VirtualSubject newVirtualSubject() {
- switch (this) {
- case ANY_USER:
- return new AnyUserSubject();
-
- case AUTHENTICATED:
- return new AuthenticatedESubject();
-
- default:
- throw new AssertionError("undefined virtual ID:" + \
this);
- }
- }
- }
-
- public abstract VirtualId getVirtualId();
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamentitlementssrcmainjavaorgforgerockopenamentitlementEntitlementRegistryjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-entitlements/src/main/java/org/forgerock/openam/entitlement/EntitlementRegistry.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-entitlements/src/main/java/org/forgerock/openam/entitlement/EntitlementRegistry.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-entitlements/src/main/java/org/forgerock/openam/entitlement/EntitlementRegistry.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -21,13 +21,10 @@
</span><span class="cx"> import com.sun.identity.entitlement.AnyUserSubject;
</span><span class="cx"> import \
com.sun.identity.entitlement.AttributeLookupCondition; </span><span class="cx"> \
import com.sun.identity.entitlement.AttributeSubject; </span><del>-import \
com.sun.identity.entitlement.DNSNameCondition; </del><span class="cx"> import \
com.sun.identity.entitlement.DenyOverride; </span><span class="cx"> import \
com.sun.identity.entitlement.EntitlementCombiner; </span><span class="cx"> import \
com.sun.identity.entitlement.EntitlementCondition; </span><span class="cx"> import \
com.sun.identity.entitlement.EntitlementSubject; </span><del>-import \
com.sun.identity.entitlement.GroupSubject;
-import com.sun.identity.entitlement.IPCondition;
</del><span class="cx"> import com.sun.identity.entitlement.NoSubject;
</span><span class="cx"> import com.sun.identity.entitlement.NotCondition;
</span><span class="cx"> import com.sun.identity.entitlement.NotSubject;
</span><span class="lines">@@ -35,12 +32,9 @@
</span><span class="cx"> import com.sun.identity.entitlement.OrCondition;
</span><span class="cx"> import com.sun.identity.entitlement.OrSubject;
</span><span class="cx"> import com.sun.identity.entitlement.ResourceAttribute;
</span><del>-import com.sun.identity.entitlement.RoleSubject;
</del><span class="cx"> import com.sun.identity.entitlement.StaticAttributes;
</span><span class="cx"> import \
com.sun.identity.entitlement.StringAttributeCondition; </span><del>-import \
com.sun.identity.entitlement.TimeCondition; </del><span class="cx"> import \
com.sun.identity.entitlement.UserAttributes; </span><del>-import \
com.sun.identity.entitlement.UserSubject; </del><span class="cx">
</span><span class="cx"> import java.util.Map;
</span><span class="cx"> import java.util.ServiceLoader;
</span><span class="lines">@@ -98,22 +92,14 @@
</span><span class="cx"> registry.registerSubjectType("NOT", \
NotSubject.class); </span><span class="cx">
</span><span class="cx"> // Standard OpenAM entitlement conditions (policy \
conditions will be loaded later) </span><del>- \
registry.registerConditionType(IPCondition.class);
- registry.registerConditionType(DNSNameCondition.class);
</del><span class="cx"> \
registry.registerConditionType(NumericAttributeCondition.class); </span><del>- \
registry.registerConditionType(TimeCondition.class); </del><span class="cx"> \
registry.registerConditionType(AttributeLookupCondition.class); </span><span \
class="cx"> registry.registerConditionType(StringAttributeCondition.class); \
</span><span class="cx"> </span><span class="cx"> // Standard OpenAM \
subjects </span><span class="cx"> \
registry.registerSubjectType("NONE", NoSubject.class); </span><span \
class="cx"> registry.registerSubjectType(AnyUserSubject.class); </span><del>- \
//registry.registerSubjectType(AuthenticatedESubject.class); // Not \
implemented?
- registry.registerSubjectType(GroupSubject.class);
</del><span class="cx"> registry.registerSubjectType(AttributeSubject.class);
</span><del>- registry.registerSubjectType(UserSubject.class);
- registry.registerSubjectType(RoleSubject.class);
- //registry.registerSubjectType(IdRepoRoleSubject.class);
</del><span class="cx">
</span><span class="cx"> // Standard OpenAM resource attribute types
</span><span class="cx"> registry.registerAttributeType("User", \
UserAttributes.class); </span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementAndConditionEvalTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndConditionEvalTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndConditionEvalTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndConditionEvalTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,11 +27,16 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="cx"> import com.sun.identity.entitlement.opensso.SubjectUtils;
</span><span class="cx"> import com.sun.identity.security.AdminTokenAction;
</span><ins>+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
</ins><span class="cx"> import java.security.AccessController;
</span><span class="cx"> import java.util.HashMap;
</span><span class="cx"> import java.util.HashSet;
</span><span class="lines">@@ -43,6 +48,8 @@
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="cx">
</span><ins>+import static \
org.forgerock.openam.entitlement.conditions.environment.ConditionConstants.REQUEST_IP;
+
</ins><span class="cx"> public class AndConditionEvalTest {
</span><span class="cx"> private static final String PRIVILEGE_NAME = \
"AndConditionEvalTest"; </span><span class="cx"> private static final \
String ROOT_RESOURCE_NAME = </span><span class="lines">@@ -68,8 +75,10 @@
</span><span class="cx"> AndCondition cond = new AndCondition();
</span><span class="cx"> Set<EntitlementCondition> conditions = new \
</span><span class="cx"> HashSet<EntitlementCondition>();
</span><del>- conditions.add(new DNSNameCondition(DNS_MASK));
- conditions.add(new IPCondition(START_IP, END_IP));
</del><ins>+ IPCondition ipc = new IPCondition();
+ ipc.setStartIp(START_IP);
+ ipc.setEndIp(END_IP);
+ conditions.add(ipc);
</ins><span class="cx"> cond.setEConditions(conditions);
</span><span class="cx">
</span><span class="cx"> Privilege privilege = \
Privilege.getNewInstance(); </span><span class="lines">@@ -160,24 +169,12 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> String adv = advice.iterator().next();
</span><del>- if (!adv.equals(IPCondition.REQUEST_IP + "=" + \
START_IP + "-" + END_IP) </del><ins>+ if (!adv.equals(REQUEST_IP + \
"=" + START_IP + "-" + END_IP) </ins><span class="cx"> ) \
{ </span><span class="cx"> throw new Exception(
</span><span class="cx"> "AndConditionEvalTest.negativeTest: \
advice for IP Condition"); </span><span class="cx"> }
</span><span class="cx">
</span><del>- advice = advices.get(DNSNameCondition.class.getName());
- if ((advice == null) || advice.isEmpty()) {
- throw new Exception(
- "AndConditionEvalTest.negativeTest: no advice for DNS \
Condition.");
- }
-
- adv = advice.iterator().next();
- if (!adv.equals(DNSNameCondition.REQUEST_DNS_NAME + "=" + \
DNS_MASK)) {
- throw new Exception(
- "AndConditionEvalTest.negativeTest: incorrect advice for DNS \
Condition");
- }
-
</del><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> private Map<String, Set<String>> \
getEnvironment(String ipAddr, String dns) { </span><span class="lines">@@ -185,11 \
+182,11 @@ </span><span class="cx"> new HashMap<String, \
Set<String>>(); </span><span class="cx"> Set<String> dnsMask = \
new HashSet<String>(); </span><span class="cx"> dnsMask.add(dns);
</span><del>- environment.put(DNSNameCondition.REQUEST_DNS_NAME, dnsMask);
</del><ins>+ environment.put("requestDnsName", dnsMask);
</ins><span class="cx">
</span><span class="cx"> Set<String> ip = new HashSet<String>();
</span><span class="cx"> ip.add(ipAddr);
</span><del>- environment.put(IPCondition.REQUEST_IP, ip);
</del><ins>+ environment.put(REQUEST_IP, ip);
</ins><span class="cx">
</span><span class="cx"> return environment;
</span><span class="cx"> }
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementAndConditionTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndConditionTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndConditionTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndConditionTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,10 +24,18 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: AndConditionTest.java,v 1.1 2009/08/19 05:41:00 \
veiming Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import java.util.HashSet;
</span><span class="cx"> import java.util.Set;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.environment.SimpleTimeCondition;
+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
</ins><span class="cx"> import org.testng.annotations.Test;
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="lines">@@ -39,20 +47,20 @@
</span><span class="cx"> @Test
</span><span class="cx"> public void testConstruction() throws Exception {
</span><span class="cx">
</span><del>- IPCondition ipc = new IPCondition("100.100.100.100", \
"200.200.200.200");
- ipc.setPConditionName("ip1");
- DNSNameCondition dnsc = new DNSNameCondition("*.sun.com");
- dnsc.setPConditionName("ip2");
- TimeCondition tc = new TimeCondition("08:00", "16:00",
- "mon", "fri");
</del><ins>+ IPCondition ipc = new IPCondition();
+ ipc.setStartIp("100.100.100.100");
+ ipc.setEndIp("200.200.200.200");
+ SimpleTimeCondition tc = new SimpleTimeCondition();
+ tc.setStartTime("08:00");
+ tc.setEndTime("16:00");
+ tc.setStartDay("mon");
+ tc.setEndDay("fri");
</ins><span class="cx"> tc.setStartDate("01/01/2001");
</span><span class="cx"> tc.setEndDate("02/02/2002");
</span><span class="cx"> tc.setEnforcementTimeZone("PST");
</span><del>- tc.setPConditionName("tc1");
</del><span class="cx"> Set<EntitlementCondition> conditions
</span><span class="cx"> = new HashSet<EntitlementCondition>();
</span><span class="cx"> conditions.add(ipc);
</span><del>- conditions.add(dnsc);
</del><span class="cx"> conditions.add(tc);
</span><span class="cx"> AndCondition ac = new AndCondition(conditions);
</span><span class="cx">
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementAndSubjectTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndSubjectTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndSubjectTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/AndSubjectTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,6 +24,11 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: AndSubjectTest.java,v 1.1 2009/08/19 05:41:00 \
veiming Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx">
</span><span class="lines">@@ -48,16 +53,11 @@
</span><span class="cx"> gs1.setPSubjectName("g1");
</span><span class="cx"> GroupSubject gs3 = new \
GroupSubject("group31"); </span><span class="cx"> \
gs1.setPSubjectName("g3"); </span><del>- RoleSubject rs1 = new \
RoleSubject("role1");
- rs1.setPSubjectName("r1");
- NotSubject ns1 = new NotSubject(rs1);
- ns1.setPSubjectName("r1");
</del><span class="cx"> Set<EntitlementSubject> subjects = new \
HashSet<EntitlementSubject>(); </span><span class="cx"> \
subjects.add(us1); </span><span class="cx"> subjects.add(us2);
</span><span class="cx"> subjects.add(gs1);
</span><span class="cx"> subjects.add(gs2);
</span><del>- subjects.add(ns1);
</del><span class="cx"> AndSubject andSubject = new AndSubject(subjects);
</span><span class="cx"> AndSubject andSubuject1 = new AndSubject();
</span><span class="cx"> andSubuject1.setState(andSubject.getState());
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementCanBeDeletedAppTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/CanBeDeletedAppTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/CanBeDeletedAppTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/CanBeDeletedAppTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,6 +27,10 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="lines">@@ -41,6 +45,8 @@
</span><span class="cx"> import java.util.Map;
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="lines">@@ -128,7 +134,7 @@
</span><span class="cx"> Entitlement entitlement = new Entitlement(APPL_NAME,
</span><span class="cx"> \
"http://www.CanBeDeletedAppTest.com/*", actionValues); </span><span \
class="cx"> p.setEntitlement(entitlement); </span><del>- \
p.setSubject(new AuthenticatedESubject()); </del><ins>+ p.setSubject(new \
AuthenticatedUsers()); </ins><span class="cx"> pm.add(p);
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementDNSNameEvalTestjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DNSNameEvalTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DNSNameEvalTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DNSNameEvalTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,169 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: DNSNameEvalTest.java,v 1.1 2009/09/05 00:24:03 veiming Exp $
- *
- * Portions Copyrighted 2014 ForgeRock AS
- */
-
-package com.sun.identity.entitlement;
-
-import com.iplanet.sso.SSOToken;
-import com.sun.identity.entitlement.opensso.SubjectUtils;
-import com.sun.identity.security.AdminTokenAction;
-import java.security.AccessController;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-import org.testng.annotations.AfterClass;
-import org.testng.annotations.BeforeClass;
-import org.testng.annotations.Test;
-
-public class DNSNameEvalTest {
- private static final String PRIVILEGE_NAME = "DNSNameEvalTest";
- private static final String ROOT_RESOURCE_NAME =
- "http://www.DNSNameEvalTest.com";
- private static final String DNS_MASK = "*.dnsnameevaltest.com";
-
- private SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
- private Subject adminSubject = SubjectUtils.createSubject(adminToken);
- private boolean migrated = EntitlementConfiguration.getInstance(
- adminSubject, "/").migratedToEntitlementService();
-
- @BeforeClass
- public void setup() throws Exception {
- if (migrated) {
- Map<String, Boolean> actions = new HashMap<String, \
Boolean>();
- actions.put("GET", Boolean.TRUE);
- Entitlement ent = new Entitlement(
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME,
- ROOT_RESOURCE_NAME + "/*", actions);
-
- Privilege privilege = Privilege.getNewInstance();
- privilege.setName(PRIVILEGE_NAME);
- privilege.setEntitlement(ent);
- privilege.setSubject(new AnyUserSubject());
- privilege.setCondition(new DNSNameCondition(DNS_MASK));
-
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- pm.add(privilege);
- Thread.sleep(1000);
- }
- }
-
- @AfterClass
- public void clean() throws EntitlementException {
- if (migrated) {
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- pm.remove(PRIVILEGE_NAME);
- }
- }
-
- @Test
- public void positiveTest() throws Exception {
- Map<String, Set<String>> environment = getEnvironment(
- "www.dnsnameevaltest.com");
-
- Evaluator evaluator = new Evaluator(adminSubject,
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
- List<Entitlement> entitlements = evaluator.evaluate("/", \
adminSubject,
- ROOT_RESOURCE_NAME + "/index.html", environment, false);
-
- if ((entitlements == null) || entitlements.isEmpty()) {
- throw new Exception(
- "DNSNameEvalTest.positiveTest: no entitlements \
returned");
- }
-
- Entitlement ent = entitlements.get(0);
- Boolean result = ent.getActionValue("GET");
-
- if ((result == null) || !result) {
- throw new Exception(
- "DNSNameEvalTest.positiveTest: incorrect decision");
- }
-
- Map<String, Set<String>> advice = ent.getAdvices();
- if ((advice != null) && !advice.isEmpty()) {
- throw new Exception(
- "DNSNameEvalTest.positiveTest: do not expect \
advices.");
- }
- }
-
- @Test
- public void negativeTest() throws Exception {
- Map<String, Set<String>> environment = getEnvironment(
- "www.dnsnameevaltest1.com");
-
- Evaluator evaluator = new Evaluator(adminSubject,
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
- List<Entitlement> entitlements = evaluator.evaluate("/", \
adminSubject,
- ROOT_RESOURCE_NAME + "/index.html", environment, false);
-
- if ((entitlements == null) || entitlements.isEmpty()) {
- throw new Exception(
- "DNSNameEvalTest.negativeTest: no entitlements \
returned");
- }
-
- Entitlement ent = entitlements.get(0);
- Boolean result = ent.getActionValue("GET");
-
- if ((result != null) && result) {
- throw new Exception(
- "DNSNameEvalTest.negativeTest: incorrect decision");
- }
-
- Map<String, Set<String>> advices = ent.getAdvices();
- if ((advices == null) || advices.isEmpty()) {
- throw new Exception(
- "DNSNameEvalTest.negativeTest: no advices.");
- }
-
- Set<String> advice = advices.get(DNSNameCondition.class.getName());
- if ((advice == null) || advice.isEmpty()) {
- throw new Exception(
- "DNSNameEvalTest.negativeTest: no advice for \
DNSNameCondition.");
- }
-
- String adv = advice.iterator().next();
- if (!adv.equals(DNSNameCondition.REQUEST_DNS_NAME + "=" + \
DNS_MASK)) {
- throw new Exception(
- "DNSNameEvalTest.negativeTest: incorrect decision");
- }
- }
-
- private Map<String, Set<String>> getEnvironment(String dns) {
- Map<String, Set<String>> environment =
- new HashMap<String, Set<String>>();
- Set<String> ip = new HashSet<String>();
- ip.add(dns);
- environment.put(DNSNameCondition.REQUEST_DNS_NAME, ip);
- return environment;
- }
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementDateRangeConditionEvaluationjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DateRangeConditionEvaluation.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DateRangeConditionEvaluation.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DateRangeConditionEvaluation.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,146 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: DateRangeConditionEvaluation.java,v 1.2 2009/10/13 22:37:53 veiming Exp $
- *
- * Portions Copyrighted 2014 ForgeRock AS
- */
-
-package com.sun.identity.entitlement;
-
-import com.iplanet.sso.SSOToken;
-import com.sun.identity.entitlement.opensso.SubjectUtils;
-import com.sun.identity.security.AdminTokenAction;
-import java.security.AccessController;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-import org.testng.annotations.AfterClass;
-import org.testng.annotations.BeforeClass;
-import org.testng.annotations.Test;
-
-public class DateRangeConditionEvaluation {
- private static final String PRIVILEGE_NAME =
- "DateRangeConditionEvaluationPrivilege";
- private static final String URL =
- "http://www.daterangeconditionevaluation.com";
- private SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
- private Subject adminSubject = SubjectUtils.createSubject(adminToken);
- private boolean migrated = EntitlementConfiguration.getInstance(
- adminSubject, "/").migratedToEntitlementService();
-
- @BeforeClass
- public void setup() throws Exception {
- if (!migrated) {
- return;
- }
-
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- Map<String, Boolean> actions = new HashMap<String, Boolean>();
- actions.put("GET", Boolean.TRUE);
- Entitlement ent = new Entitlement(
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME, URL, actions);
-
- Privilege privilege = Privilege.getNewInstance();
- privilege.setName(PRIVILEGE_NAME);
- privilege.setEntitlement(ent);
- privilege.setSubject(new AnyUserSubject());
-
- TimeCondition tc = new TimeCondition();
- tc.setStartDate("2008:01:01");
- tc.setEndDate("2010:01:01");
- privilege.setCondition(tc);
- pm.add(privilege);
- }
-
- @AfterClass
- public void cleanup() throws Exception {
- if (!migrated) {
- return;
- }
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- pm.remove(PRIVILEGE_NAME);
- }
-
- @Test
- public void positiveTest() throws Exception {
- boolean result = evaluate();
- if (!result) {
- throw new Exception("DateRangeConditionEvaluation.positiveTest \
fails");
- }
- }
-
- private boolean evaluate()
- throws Exception {
- Set actions = new HashSet();
- actions.add("GET");
- Evaluator evaluator = new Evaluator(
- SubjectUtils.createSubject(adminToken),
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
- Map<String, Set<String>> conditions = new
- HashMap<String, Set<String>>();
- Set<String> setTime = new HashSet<String>();
- // 7/31/09 12:05 AM
- setTime.add("1249027551534");
- conditions.put(TimeCondition.REQUEST_TIME, setTime);
- return evaluator.hasEntitlement("/", null,
- new Entitlement(URL, actions), conditions);
-
- }
-
- @Test (dependsOnMethods = {"positiveTest"})
- public void negativeTest() throws Exception {
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- Privilege p = pm.findByName(PRIVILEGE_NAME);
- TimeCondition tc = (TimeCondition)p.getCondition();
- tc.setEndDate("2008:01:02");
- pm.modify(p);
- boolean result = evaluate();
- if (result) {
- throw new Exception("DateRangeConditionEvaluation.negativeTest \
fails");
- }
- }
-
- @Test (dependsOnMethods = {"negativeTest"})
- public void indefiniteEndDate() throws Exception {
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- Privilege p = pm.findByName(PRIVILEGE_NAME);
- TimeCondition tc = (TimeCondition)p.getCondition();
- tc.setEndDate(null);
- pm.modify(p);
- boolean result = evaluate();
- if (!result) {
- throw new Exception("DateRangeConditionEvaluation.indefiniteEndDate \
fails");
- }
- }
-
-}
-
</del></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementDayConditionEvaluationjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DayConditionEvaluation.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DayConditionEvaluation.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DayConditionEvaluation.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,111 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: DayConditionEvaluation.java,v 1.1 2009/08/19 05:41:00 veiming Exp $
- *
- * Portions Copyrighted 2014 ForgeRock AS
- */
-
-package com.sun.identity.entitlement;
-
-import com.iplanet.sso.SSOToken;
-import com.sun.identity.entitlement.opensso.SubjectUtils;
-import com.sun.identity.security.AdminTokenAction;
-import java.security.AccessController;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-import org.testng.annotations.AfterClass;
-import org.testng.annotations.BeforeClass;
-import org.testng.annotations.Test;
-
-public class DayConditionEvaluation {
- private static final String PRIVILEGE_NAME =
- "DayConditionEvaluationPrivilege";
- private static final String URL = \
"http://www.dayconditionevaluation.com";
- private SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
- private Subject adminSubject = SubjectUtils.createSubject(adminToken);
- private boolean migrated = EntitlementConfiguration.getInstance(
- adminSubject, "/").migratedToEntitlementService();
-
- @BeforeClass
- public void setup() throws Exception {
- if (!migrated) {
- return;
- }
-
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- Map<String, Boolean> actions = new HashMap<String, Boolean>();
- actions.put("GET", Boolean.TRUE);
- Entitlement ent = new Entitlement(
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME, URL, actions);
-
- Privilege privilege = Privilege.getNewInstance();
- privilege.setName(PRIVILEGE_NAME);
- privilege.setEntitlement(ent);
- privilege.setSubject(new AnyUserSubject());
-
- TimeCondition tc = new TimeCondition();
- tc.setStartDay("mon");
- tc.setEndDay("fri");
- privilege.setCondition(tc);
- pm.add(privilege);
- Thread.sleep(1000);
- }
-
- @AfterClass
- public void cleanup() throws Exception {
- if (!migrated) {
- return;
- }
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- pm.remove(PRIVILEGE_NAME);
- }
-
- @Test
- public void evaluate()
- throws Exception {
- Set actions = new HashSet();
- actions.add("GET");
- Evaluator evaluator = new Evaluator(
- SubjectUtils.createSubject(adminToken),
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
- Map<String, Set<String>> conditions = new
- HashMap<String, Set<String>>();
- Set<String> setTime = new HashSet<String>();
- setTime.add("1249027551534");
- conditions.put(TimeCondition.REQUEST_TIME, setTime);
- Boolean result = evaluator.hasEntitlement("/", null,
- new Entitlement(URL, actions), conditions);
- if (!result) {
- throw new Exception("DayConditionEvaluation.evaluate fails");
- }
- }
-}
-
</del></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementDecisionMergeTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DecisionMergeTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DecisionMergeTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/DecisionMergeTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,6 +27,10 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOException;
</span><span class="lines">@@ -44,6 +48,8 @@
</span><span class="cx"> import java.util.Map;
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="lines">@@ -69,7 +75,7 @@
</span><span class="cx"> actionValues.put("GET", true);
</span><span class="cx"> Entitlement e1 = new \
Entitlement("http://www.DecisionMergeTest.com/a/*", </span><span \
class="cx"> actionValues); </span><del>- EntitlementSubject sbj = \
new AuthenticatedESubject(); </del><ins>+ EntitlementSubject sbj = new \
AuthenticatedUsers(); </ins><span class="cx">
</span><span class="cx"> Privilege p1 = Privilege.getNewInstance();
</span><span class="cx"> p1.setName("DecisionMergeTestPolicy1");
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementHttpStarEvaluationTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/HttpStarEvaluationTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/HttpStarEvaluationTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/HttpStarEvaluationTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,6 +27,10 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="lines">@@ -39,6 +43,8 @@
</span><span class="cx"> import java.util.Map;
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="lines">@@ -64,7 +70,7 @@
</span><span class="cx"> \
ApplicationTypeManager.URL_APPLICATION_TYPE_NAME, "http://*", </span><span \
class="cx"> actions); </span><span class="cx"> \
privilege.setEntitlement(entitlement); </span><del>- privilege.setSubject(new \
AuthenticatedESubject()); </del><ins>+ privilege.setSubject(new \
AuthenticatedUsers()); </ins><span class="cx"> pm.add(privilege);
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementIPConditionEvalTestjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/IPConditionEvalTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/IPConditionEvalTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/IPConditionEvalTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,171 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: IPConditionEvalTest.java,v 1.1 2009/09/05 00:24:03 veiming Exp $
- *
- * Portions Copyrighted 2014 ForgeRock AS
- */
-
-package com.sun.identity.entitlement;
-
-import com.iplanet.sso.SSOToken;
-import com.sun.identity.entitlement.opensso.SubjectUtils;
-import com.sun.identity.security.AdminTokenAction;
-import java.security.AccessController;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-import org.testng.annotations.AfterClass;
-import org.testng.annotations.BeforeClass;
-import org.testng.annotations.Test;
-
-public class IPConditionEvalTest {
- private static final String PRIVILEGE_NAME = "IPConditionEvalTest";
- private static final String ROOT_RESOURCE_NAME =
- "http://www.IPConditionEvalTest.com";
- private static final String START_IP = "100.100.100.100";
- private static final String END_IP = "200.200.200.200";
-
- private SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
- private Subject adminSubject = SubjectUtils.createSubject(adminToken);
- private boolean migrated = EntitlementConfiguration.getInstance(
- adminSubject, "/").migratedToEntitlementService();
-
- @BeforeClass
- public void setup() throws Exception {
- if (migrated) {
- Map<String, Boolean> actions = new HashMap<String, \
Boolean>();
- actions.put("GET", Boolean.TRUE);
- Entitlement ent = new Entitlement(
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME,
- ROOT_RESOURCE_NAME + "/*", actions);
-
- Privilege privilege = Privilege.getNewInstance();
- privilege.setName(PRIVILEGE_NAME);
- privilege.setEntitlement(ent);
- privilege.setSubject(new AnyUserSubject());
- privilege.setCondition(new IPCondition(START_IP, END_IP));
-
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- pm.add(privilege);
- Thread.sleep(1000);
- }
- }
-
- @AfterClass
- public void clean() throws EntitlementException {
- if (migrated) {
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- pm.remove(PRIVILEGE_NAME);
- }
- }
-
- @Test
- public void positiveTest() throws Exception {
- Map<String, Set<String>> environment = getEnvironment(
- "100.100.100.200");
-
- Evaluator evaluator = new Evaluator(adminSubject,
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
- List<Entitlement> entitlements = evaluator.evaluate("/", \
adminSubject,
- ROOT_RESOURCE_NAME + "/index.html", environment, false);
-
- if ((entitlements == null) || entitlements.isEmpty()) {
- throw new Exception(
- "IPConditionEvalTest.positiveTest: no entitlements \
returned");
- }
-
- Entitlement ent = entitlements.get(0);
- Boolean result = ent.getActionValue("GET");
-
- if ((result == null) || !result) {
- throw new Exception(
- "IPConditionEvalTest.positiveTest: incorrect \
decision");
- }
-
- Map<String, Set<String>> advice = ent.getAdvices();
- if ((advice != null) && !advice.isEmpty()) {
- throw new Exception(
- "IPConditionEvalTest.positiveTest: do not expect \
advices.");
- }
- }
-
- @Test
- public void negativeTest() throws Exception {
- Map<String, Set<String>> environment = getEnvironment(
- "210.100.100.200");
-
- Evaluator evaluator = new Evaluator(adminSubject,
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
- List<Entitlement> entitlements = evaluator.evaluate("/", \
adminSubject,
- ROOT_RESOURCE_NAME + "/index.html", environment, false);
-
- if ((entitlements == null) || entitlements.isEmpty()) {
- throw new Exception(
- "IPConditionEvalTest.negativeTest: no entitlements \
returned");
- }
-
- Entitlement ent = entitlements.get(0);
- Boolean result = ent.getActionValue("GET");
-
- if ((result != null) && result) {
- throw new Exception(
- "IPConditionEvalTest.negativeTest: incorrect \
decision");
- }
-
- Map<String, Set<String>> advices = ent.getAdvices();
- if ((advices == null) || advices.isEmpty()) {
- throw new Exception(
- "IPConditionEvalTest.negativeTest: no advices.");
- }
-
- Set<String> advice = advices.get(IPCondition.class.getName());
- if ((advice == null) || advice.isEmpty()) {
- throw new Exception(
- "IPConditionEvalTest.negativeTest: no advice for \
IPCondition.");
- }
-
- String adv = advice.iterator().next();
- if (!adv.equals(IPCondition.REQUEST_IP + "=" + START_IP + \
"-" + END_IP)
- ) {
- throw new Exception(
- "IPConditionEvalTest.negativeTest: incorrect \
decision");
- }
- }
-
- private Map<String, Set<String>> getEnvironment(String ipAddr) {
- Map<String, Set<String>> environment =
- new HashMap<String, Set<String>>();
- Set<String> ip = new HashSet<String>();
- ip.add(ipAddr);
- environment.put(IPCondition.REQUEST_IP, ip);
- return environment;
- }
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementIPConditionTestjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/IPConditionTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/IPConditionTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/IPConditionTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,109 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: IPConditionTest.java,v 1.1 2009/08/19 05:41:00 veiming Exp $
- */
-package com.sun.identity.entitlement;
-
-
-import org.testng.annotations.Test;
-
-/**
- *
- * @author dillidorai
- */
-public class IPConditionTest {
-
- @Test
- public void testConstruction() throws Exception {
- String startIp = "100.100.100.100";
- String endIp = "200.200.200.200";
-
- IPCondition ipc = new IPCondition(startIp, endIp);
- ipc.setPConditionName("ip1");
-
- String readIp = ipc.getStartIp();
- if (!startIp.equals(readIp)) {
- throw new Exception("IPConditionTest.testConstruction():" +
- " read startIp did not equal startIp set in constructor");
- }
-
- readIp = ipc.getEndIp();
- if (!endIp.equals(readIp)) {
- throw new Exception("IPConditionTest.testConstruction():" +
- " read endIp did not equal endIp set in constructor");
- }
-
- startIp = "120.120.120.120";
- endIp = "220.220.220.220";
- ipc.setStartIp(startIp);
- ipc.setEndIp(endIp);
-
- readIp = ipc.getStartIp();
- if (!startIp.equals(readIp)) {
- throw new Exception("IPConditionTest.testConstruction():" +
- " read startIp did no tequal startIp set");
- }
-
- readIp = ipc.getEndIp();
- if (!endIp.equals(readIp)) {
- throw new Exception("IPConditionTest.testConstruction():" +
- " read endIp did not tequal endIp set");
- }
-
- String dnsName = "*.sun.com";
- DNSNameCondition dnsc = new DNSNameCondition(dnsName);
- dnsc.setPConditionName("ip2");
-
- String rdnsName = dnsc.getDomainNameMask();
- if (!dnsName.equals(rdnsName)) {
- throw new Exception("IPConditionTest.testConstruction():" +
- " read dnsName did not equal dnsName set in constructor");
- }
-
- dnsName = "*.iplanet.com";
- dnsc.setDomainNameMask(dnsName);
- rdnsName = dnsc.getDomainNameMask();
- if (!dnsName.equals(rdnsName)) {
- throw new Exception("IPConditionTest.testConstruction():" +
- " read dnsName did not equal dnsName set");
- }
-
- IPCondition ipc1 = new IPCondition();
- ipc1.setState(ipc.getState());
- DNSNameCondition dnsc1 = new DNSNameCondition();
- dnsc1.setState(dnsc.getState());
-
- if (!ipc1.equals(ipc)) {
- throw new Exception("IPConditionTest.testConstruction():" +
- " ipc1 not equal ipc");
- }
- if (!dnsc1.equals(dnsc)) {
- throw new Exception("IPConditionTest.testConstruction():" +
- " dnsc1 not equal dnsc");
- }
-
- }
-
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementMultiWildcardEvalTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/MultiWildcardEvalTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/MultiWildcardEvalTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/MultiWildcardEvalTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,6 +27,10 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="lines">@@ -39,6 +43,8 @@
</span><span class="cx"> import java.util.Map;
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="lines">@@ -55,7 +61,7 @@
</span><span class="cx"> actionValues.put("GET", true);
</span><span class="cx"> Entitlement e1 = new Entitlement(
</span><span class="cx"> "http://sun.com/a/*/b/*/c", \
actionValues); </span><del>- EntitlementSubject sbj = new \
AuthenticatedESubject(); </del><ins>+ EntitlementSubject sbj = new \
AuthenticatedUsers(); </ins><span class="cx">
</span><span class="cx"> Privilege p1 = Privilege.getNewInstance();
</span><span class="cx"> p1.setName("MultiWildcardEvalTest");
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementNotConditionTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/NotConditionTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/NotConditionTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/NotConditionTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -35,6 +35,7 @@
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import static org.testng.Assert.assertTrue;
</span><span class="cx"> import org.testng.annotations.Test;
</span><ins>+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
</ins><span class="cx">
</span><span class="cx">
</span><span class="cx"> public class NotConditionTest {
</span><span class="lines">@@ -42,8 +43,9 @@
</span><span class="cx"> @Test
</span><span class="cx"> public void testConstruction() throws Exception {
</span><span class="cx">
</span><del>- IPCondition ipc = new IPCondition("100.100.100.100", \
"200.200.200.200");
- ipc.setPConditionName("ip1");
</del><ins>+ IPCondition ipc = new IPCondition();
+ ipc.setStartIp("100.100.100.100");
+ ipc.setEndIp("200.200.200.200");
</ins><span class="cx"> NotCondition ac = new NotCondition(ipc);
</span><span class="cx"> NotCondition ac1 = new NotCondition();
</span><span class="cx"> ac1.setState(ac.getState());
</span><span class="lines">@@ -63,8 +65,12 @@
</span><span class="cx"> //given
</span><span class="cx"> Set<EntitlementCondition> conditions = new \
HashSet<EntitlementCondition>(); </span><span class="cx">
</span><del>- IPCondition ip = new IPCondition("192.168.0.1", \
"192.168.0.2");
- IPCondition ip2 = new IPCondition("192.168.0.5", \
"192.168.0.6"); </del><ins>+ IPCondition ip = new IPCondition();
+ ip.setStartIp("192.168.0.1");
+ ip.setEndIp("192.168.0.2");
+ IPCondition ip2 = new IPCondition();
+ ip2.setStartIp("192.168.0.5");
+ ip2.setEndIp("192.168.0.6");
</ins><span class="cx">
</span><span class="cx"> conditions.add(ip);
</span><span class="cx"> conditions.add(ip2);
</span><span class="lines">@@ -82,7 +88,9 @@
</span><span class="cx"> public void testSingleSubjectEnforced() {
</span><span class="cx"> //given
</span><span class="cx"> Set<EntitlementCondition> conditions = new \
HashSet<EntitlementCondition>(); </span><del>- IPCondition ip = new \
IPCondition("192.168.0.1", "192.168.0.2"); </del><ins>+ \
IPCondition ip = new IPCondition(); + ip.setStartIp("192.168.0.1");
+ ip.setEndIp("192.168.0.2");
</ins><span class="cx"> conditions.add(ip);
</span><span class="cx"> NotCondition myNotCondition = new NotCondition();
</span><span class="cx">
</span><span class="lines">@@ -97,7 +105,9 @@
</span><span class="cx"> @Test
</span><span class="cx"> public void testSingleSubjectEnforcedRetrieval() {
</span><span class="cx"> //given
</span><del>- IPCondition ip = new IPCondition("192.168.0.1", \
"192.168.0.2"); </del><ins>+ IPCondition ip = new IPCondition();
+ ip.setStartIp("192.168.0.1");
+ ip.setEndIp("192.168.0.2");
</ins><span class="cx"> NotCondition myNotCondition = new NotCondition(ip);
</span><span class="cx">
</span><span class="cx"> //when
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementNotSubjectTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/NotSubjectTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/NotSubjectTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/NotSubjectTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -38,24 +38,6 @@
</span><span class="cx">
</span><span class="cx"> public class NotSubjectTest {
</span><span class="cx">
</span><del>- @Test
- public void testConstruction() throws Exception {
- RoleSubject rs1 = new RoleSubject("role1");
- rs1.setPSubjectName("r1");
- NotSubject ns1 = new NotSubject(rs1);
- ns1.setPSubjectName("r1");
- NotSubject ns2 = new NotSubject();
- ns2.setState(ns1.getState());
-
- boolean result = ns1.equals(ns2);
- if (!result) {
- throw new Exception("NotSubjectTest.testConstruction():"
- + "NotSubject with setState="
- + "does not equal NotSubject with getState()");
-
- }
- }
-
</del><span class="cx"> @Test (expectedExceptions = \
IllegalArgumentException.class) </span><span class="cx"> public void \
testSingleSubject() { </span><span class="cx"> //given
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementOrConditionEvalTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrConditionEvalTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrConditionEvalTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrConditionEvalTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,11 +27,16 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="cx"> import com.sun.identity.entitlement.opensso.SubjectUtils;
</span><span class="cx"> import com.sun.identity.security.AdminTokenAction;
</span><ins>+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
</ins><span class="cx"> import java.security.AccessController;
</span><span class="cx"> import java.util.HashMap;
</span><span class="cx"> import java.util.HashSet;
</span><span class="lines">@@ -43,6 +48,8 @@
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="cx">
</span><ins>+import static \
org.forgerock.openam.entitlement.conditions.environment.ConditionConstants.REQUEST_IP;
+
</ins><span class="cx"> public class OrConditionEvalTest {
</span><span class="cx"> private static final String PRIVILEGE_NAME = \
"OrConditionEvalTest"; </span><span class="cx"> private static final \
String ROOT_RESOURCE_NAME = </span><span class="lines">@@ -68,8 +75,10 @@
</span><span class="cx"> OrCondition cond = new OrCondition();
</span><span class="cx"> Set<EntitlementCondition> conditions = new \
</span><span class="cx"> HashSet<EntitlementCondition>();
</span><del>- conditions.add(new DNSNameCondition(DNS_MASK));
- conditions.add(new IPCondition(START_IP, END_IP));
</del><ins>+ IPCondition ipc = new IPCondition();
+ ipc.setStartIp(START_IP);
+ ipc.setEndIp(END_IP);
+ conditions.add(ipc);
</ins><span class="cx"> cond.setEConditions(conditions);
</span><span class="cx">
</span><span class="cx"> Privilege privilege = \
Privilege.getNewInstance(); </span><span class="lines">@@ -160,23 +169,11 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> String adv = ipAdvice.iterator().next();
</span><del>- if (!adv.equals(IPCondition.REQUEST_IP + "=" + \
START_IP + "-" + END_IP) </del><ins>+ if (!adv.equals(REQUEST_IP + \
"=" + START_IP + "-" + END_IP) </ins><span class="cx"> ) \
{ </span><span class="cx"> throw new Exception(
</span><span class="cx"> "OrConditionEvalTest.negativeTest: \
incorrect decision for IPCondition"); </span><span class="cx"> }
</span><del>-
- Set<String> dsnAdvice = advices.get(DNSNameCondition.class.getName());
- if ((dsnAdvice == null) || dsnAdvice.isEmpty()) {
- throw new Exception(
- "OrConditionEvalTest.negativeTest: no advice for \
DNSNameCondition.");
- }
-
- String dnsAdv = dsnAdvice.iterator().next();
- if (!dnsAdv.equals(DNSNameCondition.REQUEST_DNS_NAME + "=" + \
DNS_MASK)){
- throw new Exception(
- "OrConditionEvalTest.negativeTest: incorrect decision for \
DNSNameCondition");
- }
</del><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> private Map<String, Set<String>> \
getEnvironment(String ipAddr, String dns) { </span><span class="lines">@@ -184,11 \
+181,11 @@ </span><span class="cx"> new HashMap<String, \
Set<String>>(); </span><span class="cx"> Set<String> dnsMask = \
new HashSet<String>(); </span><span class="cx"> dnsMask.add(dns);
</span><del>- environment.put(DNSNameCondition.REQUEST_DNS_NAME, dnsMask);
</del><ins>+ environment.put("requestDnsName", dnsMask);
</ins><span class="cx">
</span><span class="cx"> Set<String> ip = new HashSet<String>();
</span><span class="cx"> ip.add(ipAddr);
</span><del>- environment.put(IPCondition.REQUEST_IP, ip);
</del><ins>+ environment.put(REQUEST_IP, ip);
</ins><span class="cx">
</span><span class="cx"> return environment;
</span><span class="cx"> }
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementOrConditionTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrConditionTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrConditionTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrConditionTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,32 +24,40 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: OrConditionTest.java,v 1.2 2009/09/05 00:24:03 \
veiming Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.sun.identity.unittest.UnittestLog;
</span><span class="cx"> import java.util.HashSet;
</span><span class="cx"> import java.util.Set;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.environment.SimpleTimeCondition;
+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
</ins><span class="cx"> import org.testng.annotations.Test;
</span><span class="cx">
</span><span class="cx"> public class OrConditionTest {
</span><span class="cx">
</span><span class="cx"> @Test
</span><span class="cx"> public void testConstruction() throws Exception {
</span><del>- IPCondition ipc = new IPCondition("100.100.100.100", \
"200.200.200.200");
- ipc.setPConditionName("ip1");
- DNSNameCondition dnsc = new DNSNameCondition("*.sun.com");
- dnsc.setPConditionName("dns1");
</del><ins>+ IPCondition ipc = new IPCondition();
+ ipc.setStartIp("192.168.0.1");
+ ipc.setEndIp("192.168.0.2");
</ins><span class="cx">
</span><del>- TimeCondition tc = new TimeCondition("08:00", \
"16:00",
- "mon", "fri");
</del><ins>+ SimpleTimeCondition tc = new SimpleTimeCondition();
+ tc.setStartTime("08:00");
+ tc.setEndTime("16:00");
+ tc.setStartDay("mon");
+ tc.setEndDay("fri");
</ins><span class="cx"> tc.setStartDate("01/01/2001");
</span><span class="cx"> tc.setEndDate("02/02/2002");
</span><span class="cx"> tc.setEnforcementTimeZone("PST");
</span><del>- tc.setPConditionName("tc1");
</del><span class="cx">
</span><span class="cx"> Set<EntitlementCondition> conditions = new \
HashSet<EntitlementCondition>(); </span><span class="cx"> \
conditions.add(ipc); </span><del>- conditions.add(dnsc);
</del><span class="cx"> conditions.add(tc);
</span><span class="cx"> OrCondition oc = new OrCondition(conditions);
</span><span class="cx"> OrCondition oc1 = new OrCondition();
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementOrSubjectTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrSubjectTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrSubjectTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrSubjectTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,6 +24,11 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: OrSubjectTest.java,v 1.1 2009/08/19 05:41:00 veiming \
Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import java.util.HashSet;
</span><span class="lines">@@ -49,16 +54,11 @@
</span><span class="cx"> gs1.setPSubjectName("g1");
</span><span class="cx"> GroupSubject gs3 = new \
GroupSubject("group31"); </span><span class="cx"> \
gs1.setPSubjectName("g3"); </span><del>- RoleSubject rs1 = new \
RoleSubject("role1");
- rs1.setPSubjectName("r1");
- NotSubject ns1 = new NotSubject(rs1);
- ns1.setPSubjectName("r1");
</del><span class="cx"> Set<EntitlementSubject> subjects = new \
HashSet<EntitlementSubject>(); </span><span class="cx"> \
subjects.add(us1); </span><span class="cx"> subjects.add(us2);
</span><span class="cx"> subjects.add(gs1);
</span><span class="cx"> subjects.add(gs2);
</span><del>- subjects.add(ns1);
</del><span class="cx"> OrSubject os = new OrSubject(subjects);
</span><span class="cx"> OrSubject os1 = new OrSubject();
</span><span class="cx"> os1.setState(os.getState());
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementOrgAliasReferralTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrgAliasReferralTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrgAliasReferralTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/OrgAliasReferralTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,6 +27,10 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="lines">@@ -42,6 +46,8 @@
</span><span class="cx"> import java.util.Map;
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="lines">@@ -95,7 +101,7 @@
</span><span class="cx"> Entitlement e1 = new Entitlement(
</span><span class="cx"> \
"http://www.OrgAliasReferralTest.com:80/*.*", </span><span class="cx"> \
actionValues); </span><del>- EntitlementSubject sbj = new \
AuthenticatedESubject(); </del><ins>+ EntitlementSubject sbj = new \
AuthenticatedUsers(); </ins><span class="cx">
</span><span class="cx"> Privilege p1 = Privilege.getNewInstance();
</span><span class="cx"> p1.setName("OrgAliasReferralTest");
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementPrivilegeManagerTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/PrivilegeManagerTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/PrivilegeManagerTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/PrivilegeManagerTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -26,6 +26,11 @@
</span><span class="cx"> *
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOException;
</span><span class="lines">@@ -46,6 +51,9 @@
</span><span class="cx"> import java.util.Map;
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.environment.SimpleTimeCondition;
+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
</ins><span class="cx"> import org.json.JSONObject;
</span><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="lines">@@ -204,14 +212,15 @@
</span><span class="cx"> subjects.add(ua2);
</span><span class="cx"> OrSubject os = new OrSubject(subjects);
</span><span class="cx">
</span><del>- IPCondition ipc = new IPCondition(startIp, endIp);
- ipc.setPConditionName("ipc");
- DNSNameCondition dnsc = new DNSNameCondition("*.sun.com");
- dnsc.setPConditionName("dnsc");
- TimeCondition tc = new TimeCondition("08:00", "16:00", \
"mon", "fri");
- tc.setPConditionName("tc");
</del><ins>+ IPCondition ipc = new IPCondition();
+ ipc.setStartIp(startIp);
+ ipc.setEndIp(endIp);
+ SimpleTimeCondition tc = new SimpleTimeCondition();
+ tc.setStartTime("08:00");
+ tc.setEndTime("16:00");
+ tc.setStartDay("mon");
+ tc.setEndDay("fri");
</ins><span class="cx"> Set<EntitlementCondition> conditions = new \
HashSet<EntitlementCondition>(); </span><del>- conditions.add(dnsc);
</del><span class="cx"> conditions.add(tc);
</span><span class="cx">
</span><span class="cx"> StaticAttributes sa1 = new StaticAttributes();
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementRoleSubjectTestjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/RoleSubjectTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/RoleSubjectTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/RoleSubjectTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,46 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: RoleSubjectTest.java,v 1.1 2009/08/19 05:41:00 veiming Exp $
- */
-package com.sun.identity.entitlement;
-
-import org.testng.annotations.Test;
-
-public class RoleSubjectTest {
-
- @Test
- public void testConstruction() throws Exception {
- RoleSubject role = new RoleSubject("role1");
- role.setPSubjectName("r1");
-
- RoleSubject role1 = new RoleSubject();
- role1.setState(role.getState());
-
- if (!role1.equals(role)) {
- throw new Exception(
- "RoleSubjectTest.testConstruction: setState failed");
- }
- }
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementSingleWildCardEvaluatorTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/SingleWildCardEvaluatorTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/SingleWildCardEvaluatorTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/SingleWildCardEvaluatorTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,6 +27,10 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="lines">@@ -39,6 +43,8 @@
</span><span class="cx"> import java.util.Map;
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="lines">@@ -76,7 +82,7 @@
</span><span class="cx"> Privilege privilege = Privilege.getNewInstance();
</span><span class="cx"> privilege.setName(PRIVILEGE_NAME);
</span><span class="cx"> privilege.setEntitlement(ent);
</span><del>- privilege.setSubject(new AuthenticatedESubject());
</del><ins>+ privilege.setSubject(new AuthenticatedUsers());
</ins><span class="cx"> pm.add(privilege);
</span><span class="cx">
</span><span class="cx"> Thread.sleep(1000);
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementTimeConditionEvaluationjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/TimeConditionEvaluation.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/TimeConditionEvaluation.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/TimeConditionEvaluation.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,216 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: TimeConditionEvaluation.java,v 1.3 2009/10/13 22:37:53 veiming Exp $
- *
- * Portions Copyrighted 2014 ForgeRock AS
- */
-
-package com.sun.identity.entitlement;
-
-import com.iplanet.sso.SSOToken;
-import com.sun.identity.entitlement.opensso.SubjectUtils;
-import com.sun.identity.security.AdminTokenAction;
-import java.security.AccessController;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-import org.testng.annotations.AfterClass;
-import org.testng.annotations.BeforeClass;
-import org.testng.annotations.Test;
-
-public class TimeConditionEvaluation {
- private static final String PRIVILEGE_NAME =
- "TimeConditionEvaluationPrivilege";
- private static final String URL = \
"http://www.timeconditionevaluation.com";
- private SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
- private Subject adminSubject = SubjectUtils.createSubject(adminToken);
- private boolean migrated = EntitlementConfiguration.getInstance(
- adminSubject, "/").migratedToEntitlementService();
-
- @BeforeClass
- public void setup() throws Exception {
- if (!migrated) {
- return;
- }
-
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- Map<String, Boolean> actions = new HashMap<String, Boolean>();
- actions.put("GET", Boolean.TRUE);
- Entitlement ent = new Entitlement(
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME, URL, actions);
-
- Privilege privilege = Privilege.getNewInstance();
- privilege.setName(PRIVILEGE_NAME);
- privilege.setEntitlement(ent);
- privilege.setSubject(new AnyUserSubject());
-
- TimeCondition tc = new TimeCondition();
- tc.setStartTime("15:00");
- tc.setEndTime("16:00");
-
- privilege.setCondition(tc);
- pm.add(privilege);
- }
-
- @AfterClass
- public void cleanup() throws Exception {
- if (!migrated) {
- return;
- }
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- pm.remove(PRIVILEGE_NAME);
- }
-
- private List<Entitlement> evaluate(String time) throws Exception {
- Evaluator evaluator = new Evaluator(
- SubjectUtils.createSubject(adminToken),
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
- return evaluator.evaluate("/", null, URL, envTime(time),
- false);
- }
-
- @Test
- public void positiveTest()
- throws Exception {
- List<Entitlement> entitlements = evaluate("1251847000000");
-
- if ((entitlements == null) || entitlements.isEmpty()) {
- throw new Exception("TimeConditionEvaluation.positiveTest: no \
entitlements");
- }
-
- Entitlement ent = entitlements.get(0);
- Boolean result = ent.getActionValue("GET");
- if ((result == null) || !result) {
- throw new Exception("TimeConditionEvaluation.positiveTest: \
incorrect result");
- }
-
- Map<String, Set<String>> advices = ent.getAdvices();
- if ((advices == null) || advices.isEmpty()) {
- throw new Exception("TimeConditionEvaluation.positiveTest: no \
advices");
- }
-
- Set<String> set = advices.get(ConditionDecision.MAX_TIME);
-
- if ((set == null) || set.isEmpty()) {
- throw new Exception("TimeConditionEvaluation.positiveTest: no \
advices for MAX_TIME");
- }
-
- if (!set.contains("1251849600000")) {
- throw new Exception("TimeConditionEvaluation.positiveTest: \
incorrect advices for MAX_TIME");
- }
- }
-
-
- @Test (dependsOnMethods={"positiveTest"})
- public void negativeLowerLimitTest()
- throws Exception {
- List<Entitlement> entitlements = evaluate("1248994000000");
-
- if ((entitlements == null) || entitlements.isEmpty()) {
- throw new \
Exception("TimeConditionEvaluation.negativeLowerLimitTest: no \
entitlements");
- }
-
- Entitlement ent = entitlements.get(0);
- Boolean result = ent.getActionValue("GET");
- if ((result != null) && result) {
- throw new \
Exception("TimeConditionEvaluation.negativeLowerLimitTest: incorrect \
result");
- }
-
- Map<String, Set<String>> advices = ent.getAdvices();
- if ((advices == null) || advices.isEmpty()) {
- throw new \
Exception("TimeConditionEvaluation.negativeLowerLimitTest: no \
advices");
- }
-
- Set<String> set = advices.get(ConditionDecision.MAX_TIME);
-
- if ((set == null) || set.isEmpty()) {
- throw new \
Exception("TimeConditionEvaluation.negativeLowerLimitTest: no advices for \
MAX_TIME");
- }
-
- if (!set.contains("1248994800000")) {
- throw new \
Exception("TimeConditionEvaluation.negativeLowerLimitTest: incorrect advices for \
MAX_TIME");
- }
- }
-
- @Test (dependsOnMethods={"negativeLowerLimitTest"})
- public void negativeUpperLimitTest()
- throws Exception {
- List<Entitlement> entitlements = evaluate("128999400000");
-
- if ((entitlements == null) || entitlements.isEmpty()) {
- throw new \
Exception("TimeConditionEvaluation.negativeUpperLimitTest: no \
entitlements");
- }
-
- Entitlement ent = entitlements.get(0);
- Boolean result = ent.getActionValue("GET");
- if ((result != null) && result) {
- throw new \
Exception("TimeConditionEvaluation.negativeUpperLimitTest: incorrect \
result");
- }
-
- Map<String, Set<String>> advices = ent.getAdvices();
- if ((advices != null) && !advices.isEmpty()) {
- throw new \
Exception("TimeConditionEvaluation.negativeUpperLimitTest: no \
advices");
- }
- }
-
- @Test (dependsOnMethods={"negativeUpperLimitTest"})
- public void indefiniteEndTimeTest() throws Exception {
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- Privilege p = pm.findByName(PRIVILEGE_NAME);
- TimeCondition tc = (TimeCondition)p.getCondition();
- tc.setEndTime(null);
- pm.modify(p);
-
- List<Entitlement> entitlements = evaluate("128999400000");
- if ((entitlements == null) || entitlements.isEmpty()) {
- throw new Exception(
- "TimeConditionEvaluation.indefiniteEndTimeTest: no \
entitlements");
- }
-
- Entitlement ent = entitlements.get(0);
- Boolean result = ent.getActionValue("GET");
- if ((result == null) || !result) {
- throw new Exception(
- "TimeConditionEvaluation.indefiniteEndTimeTest: incorrect \
result");
- }
- }
-
- private Map<String, Set<String>> envTime(String time) {
- Map<String, Set<String>> conditions = new
- HashMap<String, Set<String>>();
- Set<String> setTime = new HashSet<String>();
- setTime.add(time);
- conditions.put(TimeCondition.REQUEST_TIME, setTime);
- return conditions;
- }
-}
-
</del></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementTimeConditionTestjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/TimeConditionTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/TimeConditionTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/TimeConditionTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,61 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: TimeConditionTest.java,v 1.1 2009/08/19 05:41:01 veiming Exp $
- */
-package com.sun.identity.entitlement;
-
-import com.sun.identity.unittest.UnittestLog;
-
-import com.sun.identity.entitlement.IPCondition;
-import java.util.Date;
-
-import org.testng.annotations.AfterClass;
-import org.testng.annotations.Test;
-import org.testng.annotations.BeforeClass;
-
-/**
- *
- * @author dillidorai
- */
-public class TimeConditionTest {
-
- @Test
- public void testConstruction() throws Exception {
- TimeCondition tc = new TimeCondition("08:00", "16:00",
- "mon", "fri");
- tc.setStartDate("01/01/2001");
- tc.setEndDate("02/02/2002");
- tc.setEnforcementTimeZone("PST");
- tc.setPConditionName("tc1");
-
- TimeCondition tc1 = new TimeCondition();
- tc1.setState(tc.getState());
- }
-
- public static void main(String[] args) throws Exception {
- new TimeConditionTest().testConstruction();
- UnittestLog.flush(new Date().toString());
- }
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementTimeZoneConditionEvaluationjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/TimeZoneConditionEvaluation.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/TimeZoneConditionEvaluation.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/TimeZoneConditionEvaluation.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,112 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: TimeZoneConditionEvaluation.java,v 1.1 2009/08/19 05:41:01 veiming Exp $
- *
- * Portions Copyrighted 2014 ForgeRock AS
- */
-
-package com.sun.identity.entitlement;
-
-import com.iplanet.sso.SSOToken;
-import com.sun.identity.entitlement.opensso.SubjectUtils;
-import com.sun.identity.security.AdminTokenAction;
-import java.security.AccessController;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-import org.testng.annotations.AfterClass;
-import org.testng.annotations.BeforeClass;
-import org.testng.annotations.Test;
-
-public class TimeZoneConditionEvaluation {
- private static final String PRIVILEGE_NAME =
- "TimeZoneConditionEvaluationPrivilege";
- private static final String TIME_ZONE = "US/Pacific";
- private static final String URL =
- "http://www.timezoneconditionevaluation.com";
- private SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
- private Subject adminSubject = SubjectUtils.createSubject(adminToken);
- private boolean migrated = EntitlementConfiguration.getInstance(
- adminSubject, "/").migratedToEntitlementService();
-
- @BeforeClass
- public void setup() throws Exception {
- if (!migrated) {
- return;
- }
-
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- Map<String, Boolean> actions = new HashMap<String, Boolean>();
- actions.put("GET", Boolean.TRUE);
- Entitlement ent = new Entitlement(
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME, URL, actions);
-
- Privilege privilege = Privilege.getNewInstance();
- privilege.setName(PRIVILEGE_NAME);
- privilege.setEntitlement(ent);
- privilege.setSubject(new AnyUserSubject());
-
- TimeCondition tc = new TimeCondition();
- tc.setEnforcementTimeZone(TIME_ZONE);
- privilege.setCondition(tc);
- pm.add(privilege);
- Thread.sleep(1000);
- }
-
- @AfterClass
- public void cleanup() throws Exception {
- if (!migrated) {
- return;
- }
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- pm.remove(PRIVILEGE_NAME);
- }
-
- @Test
- public void evaluate()
- throws Exception {
- Set actions = new HashSet();
- actions.add("GET");
- Evaluator evaluator = new Evaluator(
- SubjectUtils.createSubject(adminToken),
- ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
- Map<String, Set<String>> conditions = new
- HashMap<String, Set<String>>();
- Set<String> setTimeZone = new HashSet<String>();
- setTimeZone.add(TIME_ZONE);
- conditions.put(TimeCondition.REQUEST_TIME_ZONE, setTimeZone);
- Boolean result = evaluator.hasEntitlement("/", null,
- new Entitlement(URL, actions), conditions);
- if (!result) {
- throw new Exception("TimeZoneConditionEvaluation.evaluate \
fails");
- }
- }
-}
-
</del></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementWebServiceApplicationTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/WebServiceApplicationTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/WebServiceApplicationTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/WebServiceApplicationTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,6 +27,10 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="lines">@@ -42,6 +46,8 @@
</span><span class="cx"> import java.util.Map;
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="cx"> import org.testng.annotations.Test;
</span><span class="lines">@@ -91,7 +97,7 @@
</span><span class="cx"> Entitlement entitlement = new Entitlement(APPL_NAME, \
URL + "index.html", </span><span class="cx"> actions);
</span><span class="cx"> privilege.setEntitlement(entitlement);
</span><del>- privilege.setSubject(new AuthenticatedESubject());
</del><ins>+ privilege.setSubject(new AuthenticatedUsers());
</ins><span class="cx"> pm.add(privilege);
</span><span class="cx">
</span><span class="cx"> Privilege p = pm.findByName(POLICY_NAME);
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementXACMLExportTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/XACMLExportTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/XACMLExportTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/XACMLExportTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -26,6 +26,11 @@
</span><span class="cx"> *
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.sso.SSOException;
</span><span class="lines">@@ -35,6 +40,7 @@
</span><span class="cx"> import com.sun.identity.entitlement.opensso.SubjectUtils;
</span><span class="cx"> import \
com.sun.identity.entitlement.xacml3.XACMLPrivilegeUtils; </span><span class="cx"> \
import com.sun.identity.entitlement.xacml3.core.PolicySet; </span><ins>+import \
org.forgerock.openam.entitlement.conditions.environment.IPCondition; </ins><span \
class="cx"> </span><span class="cx"> import com.sun.identity.idm.IdRepoException;
</span><span class="cx"> import com.sun.identity.security.AdminTokenAction;
</span><span class="lines">@@ -115,8 +121,9 @@
</span><span class="cx"> Set<EntitlementCondition> conditions = new \
HashSet<EntitlementCondition>(); </span><span class="cx"> String \
startIp = "100.100.100.100"; </span><span class="cx"> String endIp \
= "200.200.200.200"; </span><del>- IPCondition ipc = new \
IPCondition(startIp, endIp);
- ipc.setPConditionName("ipc");
</del><ins>+ IPCondition ipc = new IPCondition();
+ ipc.setStartIp(startIp);
+ ipc.setEndIp(endIp);
</ins><span class="cx"> conditions.add(ipc);
</span><span class="cx"> OrCondition oc = new OrCondition(conditions);
</span><span class="cx">
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityentitlementxacml3PrivilegeUtilsTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/xacml3/PrivilegeUtilsTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/xacml3/PrivilegeUtilsTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/entitlement/xacml3/PrivilegeUtilsTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,13 +24,18 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: PrivilegeUtilsTest.java,v 1.1 2009/08/19 05:41:02 \
veiming Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.entitlement.xacml3;
</span><span class="cx">
</span><span class="cx"> import com.sun.identity.entitlement.AndCondition;
</span><span class="cx"> import com.sun.identity.entitlement.Entitlement;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementCondition;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementSubject;
</span><del>-import com.sun.identity.entitlement.IPCondition;
</del><ins>+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
</ins><span class="cx"> import com.sun.identity.entitlement.OrCondition;
</span><span class="cx"> import com.sun.identity.entitlement.OrSubject;
</span><span class="cx"> import com.sun.identity.entitlement.Privilege;
</span><span class="lines">@@ -95,8 +100,9 @@
</span><span class="cx"> Set<EntitlementCondition> conditions = new \
HashSet<EntitlementCondition>(); </span><span class="cx"> String \
startIp = "100.100.100.100"; </span><span class="cx"> String endIp \
= "200.200.200.200"; </span><del>- IPCondition ipc = new \
IPCondition(startIp, endIp);
- ipc.setPConditionName("ipc");
</del><ins>+ IPCondition ipc = new IPCondition();
+ ipc.setStartIp(startIp);
+ ipc.setEndIp(endIp);
</ins><span class="cx"> conditions.add(ipc);
</span><span class="cx"> OrCondition oc = new OrCondition(conditions);
</span><span class="cx"> AndCondition ac = new AndCondition(conditions);
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentitypolicyIPCEvaluatorTestjava"></a>
<div class="delfile"><h4>Deleted: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/policy/IPCEvaluatorTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/policy/IPCEvaluatorTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/policy/IPCEvaluatorTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -1,237 +0,0 @@
</span><del>-/**
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
- *
- * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
- *
- * The contents of this file are subject to the terms
- * of the Common Development and Distribution License
- * (the License). You may not use this file except in
- * compliance with the License.
- *
- * You can obtain a copy of the License at
- * https://opensso.dev.java.net/public/CDDLv1.0.html or
- * opensso/legal/CDDLv1.0.txt
- * See the License for the specific language governing
- * permission and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL
- * Header Notice in each file and include the License file
- * at opensso/legal/CDDLv1.0.txt.
- * If applicable, add the following below the CDDL Header,
- * with the fields enclosed by brackets [] replaced by
- * your own identifying information:
- * "Portions Copyrighted [year] [name of copyright owner]"
- *
- * $Id: IPCEvaluatorTest.java,v 1.1 2009/08/21 05:27:00 dillidorai Exp $
- *
- * Portions Copyrighted 2014 ForgeRock AS
- */
-package com.sun.identity.policy;
-
-import com.iplanet.sso.SSOException;
-import com.iplanet.sso.SSOToken;
-import com.sun.identity.authentication.AuthContext;
-
-import com.sun.identity.entitlement.Entitlement;
-import com.sun.identity.entitlement.EntitlementCondition;
-import com.sun.identity.entitlement.EntitlementConfiguration;
-import com.sun.identity.entitlement.EntitlementException;
-import com.sun.identity.entitlement.EntitlementSubject;
-import com.sun.identity.entitlement.IPCondition;
-import com.sun.identity.entitlement.Privilege;
-import com.sun.identity.entitlement.PrivilegeManager;
-
-import com.sun.identity.entitlement.opensso.SubjectUtils;
-import com.sun.identity.entitlement.opensso.OpenSSOUserSubject;
-
-import com.sun.identity.idm.AMIdentity;
-import com.sun.identity.idm.AMIdentityRepository;
-import com.sun.identity.idm.IdRepoException;
-import com.sun.identity.idm.IdType;
-import com.sun.identity.security.AdminTokenAction;
-import com.sun.identity.unittest.UnittestLog;
-
-import java.security.AccessController;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.Subject;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.NameCallback;
-import javax.security.auth.callback.PasswordCallback;
-import org.testng.annotations.AfterClass;
-import org.testng.annotations.Test;
-import org.testng.annotations.BeforeClass;
-
-/**
- *
- * @author dilli
- *
- * Unittest to verify the fix for issue 5440
- * IP Address condition is broken
- */
-public class IPCEvaluatorTest {
-
- private static String PRIVILEGE_NAME1 = "IPCEvaluatorTestP1";
- private static String URL_RESOURCE1
- = "http://www.sample.com:8080/ipc-evaluation.html";
- private static String TEST_USER_NAME = "policyTestUser";
- private static String APPL_NAME = "iPlanetAMWebAgentService";
- private AMIdentity testUser;
- private AuthContext lc;
- private SSOToken userSSOToken;
-
- @BeforeClass
- public void setup() throws Exception {
- try {
- SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
- Subject adminSubject = SubjectUtils.createSubject(adminToken);
- boolean migrated = EntitlementConfiguration.getInstance(
- adminSubject, "/").migratedToEntitlementService();
- if (!migrated) {
- UnittestLog.logError("IPCEvaluatorTest.setup():"
- + " not migrated to entitlement service");
- throw new Exception("IPCEvaluatorTest.setup():"
- + "not migrated to entitlement service");
- }
-
- testUser = createUser(adminToken);
- userSSOToken = login();
-
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
-
- Privilege privilege = Privilege.getNewInstance();
- privilege.setName(PRIVILEGE_NAME1);
-
- Map<String, Boolean> actionMap = new HashMap<String, \
Boolean>();
- actionMap.put("GET", Boolean.TRUE);
-
- Entitlement ent = new Entitlement(APPL_NAME, URL_RESOURCE1,
- actionMap);
- privilege.setEntitlement(ent);
-
- EntitlementSubject es = new OpenSSOUserSubject(
- testUser.getUniversalId());
- privilege.setSubject(es);
-
- EntitlementCondition ec = new IPCondition(
- "100.100.100.100", "200.200.200.200");
- privilege.setCondition(ec);
-
- pm.add(privilege);
- } catch (Exception e) {
- UnittestLog.logError("IPCEvaluatorTest.setup():hit \
exception");
- UnittestLog.logError("Exception STACKTRACE, message:"
- + e.getMessage());
- UnittestLog.logError("Exception Class:" + \
e.getClass().getName());
- StackTraceElement[] elems = e.getStackTrace();
- for (StackTraceElement elem : elems) {
- UnittestLog.logMessage(elem.toString());
- }
- UnittestLog.logMessage("END STACKTRACE");
- throw e;
- }
- }
-
- @AfterClass
- public void cleanup() throws PolicyException, SSOException,
- IdRepoException,
- EntitlementException {
- try {
- lc.logout();
- } catch (Exception e) {
- //ignore
- }
- SSOToken adminToken = (SSOToken) AccessController.doPrivileged(
- AdminTokenAction.getInstance());
-
- Subject adminSubject = SubjectUtils.createSubject(adminToken);
- PrivilegeManager pm = PrivilegeManager.getInstance("/",
- adminSubject);
- pm.remove(PRIVILEGE_NAME1);
-
- AMIdentityRepository amir = new AMIdentityRepository(
- adminToken, "/");
- Set<AMIdentity> identities = new HashSet<AMIdentity>();
- identities.add(testUser);
- amir.deleteIdentities(identities);
- }
-
- @Test
- public void testAllowedWithStringIp() throws Exception {
- PolicyEvaluator pe = new \
PolicyEvaluator("iPlanetAMWebAgentService");
- Map env = new HashMap();
- env.put("requestIp", "120.120.120.120");
- if (!pe.isAllowed(userSSOToken, URL_RESOURCE1, "GET", env)) {
- throw new Exception("testIsAllowedWithStringIp:" +
- URL_RESOURCE1 + ", failed");
- }
- }
-
- @Test
- public void testAllowedWithSetIp() throws Exception {
- PolicyEvaluator pe = new \
PolicyEvaluator("iPlanetAMWebAgentService");
- Map env = new HashMap();
- Set requestIpSet = new HashSet();
- requestIpSet.add("120.120.120.120");
- env.put("requestIp", requestIpSet);
- if (!pe.isAllowed(userSSOToken, URL_RESOURCE1, "GET", env)) {
- throw new Exception("testIsAllowedWithSetIp:" +
- URL_RESOURCE1 + ", failed");
- }
- }
-
- private AMIdentity createUser(SSOToken adminToken)
- throws IdRepoException, SSOException {
- AMIdentityRepository amir = new AMIdentityRepository(
- adminToken, "/");
- Map<String, Set<String>> attrValues = new HashMap<String,
- Set<String>>();
- Set<String> set = new HashSet<String>();
- set.add(TEST_USER_NAME);
- attrValues.put("givenname", set);
- attrValues.put("sn", set);
- attrValues.put("cn", set);
- attrValues.put("userpassword", set);
-
- testUser = amir.createIdentity(IdType.USER, TEST_USER_NAME,
- attrValues);
- return testUser;
- }
-
- private SSOToken login()
- throws Exception {
- lc = new AuthContext("/");
- AuthContext.IndexType indexType
- = AuthContext.IndexType.MODULE_INSTANCE;
- lc.login(indexType, "DataStore");
- Callback[] callbacks = null;
-
- // get information requested from module
- while (lc.hasMoreRequirements()) {
- callbacks = lc.getRequirements();
- if (callbacks != null) {
- addLoginCallbackMessage(callbacks);
- lc.submitRequirements(callbacks);
- }
- }
-
- return (lc.getStatus() == AuthContext.Status.SUCCESS)
- ? lc.getSSOToken() : null;
- }
-
- private void addLoginCallbackMessage(Callback[] callbacks) {
- for (int i = 0; i < callbacks.length; i++) {
- if (callbacks[i] instanceof NameCallback) {
- ((NameCallback) callbacks[i]).setName(TEST_USER_NAME);
- } else if (callbacks[i] instanceof PasswordCallback) {
- ((PasswordCallback) callbacks[i]).setPassword(
- TEST_USER_NAME.toCharArray());
- }
- }
- }
-}
</del></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentitypolicyPrivilegeUtilsTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/policy/PrivilegeUtilsTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/policy/PrivilegeUtilsTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/policy/PrivilegeUtilsTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -24,17 +24,21 @@
</span><span class="cx"> *
</span><span class="cx"> * $Id: PrivilegeUtilsTest.java,v 1.1 2009/08/19 05:41:03 \
veiming Exp $ </span><span class="cx"> */
</span><ins>+
+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.policy;
</span><span class="cx">
</span><span class="cx"> import com.sun.identity.entitlement.opensso.PrivilegeUtils;
</span><span class="cx"> import com.iplanet.sso.SSOException;
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="cx"> import com.sun.identity.entitlement.AndCondition;
</span><del>-import com.sun.identity.entitlement.DNSNameCondition;
</del><span class="cx"> import com.sun.identity.entitlement.Entitlement;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementCondition;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementSubject;
</span><del>-import com.sun.identity.entitlement.IPCondition;
</del><ins>+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
</ins><span class="cx"> import com.sun.identity.entitlement.IPrivilege;
</span><span class="cx"> import com.sun.identity.entitlement.OrSubject;
</span><span class="cx"> import com.sun.identity.entitlement.Privilege;
</span><span class="lines">@@ -83,12 +87,12 @@
</span><span class="cx"> subjects.add(us1);
</span><span class="cx"> subjects.add(us2);
</span><span class="cx"> OrSubject os = new OrSubject(subjects);
</span><del>- EntitlementCondition dnsc = new \
DNSNameCondition("*.sun.com");
- EntitlementCondition ipc = new IPCondition("100.100.100.100",
- "200.200.200.200");
</del><ins>+ IPCondition ipc = new IPCondition();
+ ipc.setStartIp("100.100.100.100");
+ ipc.setEndIp("200.200.200.200");
+
</ins><span class="cx"> Set<EntitlementCondition> setConditions = new
</span><span class="cx"> HashSet<EntitlementCondition>();
</span><del>- setConditions.add(dnsc);
</del><span class="cx"> setConditions.add(ipc);
</span><span class="cx"> AndCondition andCondition = new AndCondition();
</span><span class="cx"> andCondition.setEConditions(setConditions);
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityrestListenerRestTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/ListenerRestTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/ListenerRestTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/ListenerRestTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,12 +27,15 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.rest;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.am.util.SystemProperties;
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="cx"> import com.sun.identity.entitlement.ApplicationTypeManager;
</span><del>-import com.sun.identity.entitlement.AuthenticatedESubject;
</del><span class="cx"> import com.sun.identity.entitlement.Entitlement;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementListener;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementSubject;
</span><span class="lines">@@ -62,6 +65,8 @@
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><span class="cx"> import javax.ws.rs.core.Cookie;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.json.JSONObject;
</span><span class="cx"> import org.owasp.esapi.ESAPI;
</span><span class="cx"> import org.owasp.esapi.errors.EncodingException;
</span><span class="lines">@@ -121,7 +126,7 @@
</span><span class="cx"> Entitlement entitlement = new \
Entitlement(RESOURCE_NAME + "/*", </span><span class="cx"> \
actions); </span><span class="cx"> privilege.setEntitlement(entitlement);
</span><del>- EntitlementSubject sbj = new AuthenticatedESubject();
</del><ins>+ EntitlementSubject sbj = new AuthenticatedUsers();
</ins><span class="cx"> privilege.setSubject(sbj);
</span><span class="cx"> pm.add(privilege);
</span><span class="cx">
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityrestMultipleResourceRestTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/MultipleResourceRestTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/MultipleResourceRestTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/MultipleResourceRestTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,11 +27,14 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.rest;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.am.util.SystemProperties;
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><del>-import com.sun.identity.entitlement.AuthenticatedESubject;
</del><span class="cx"> import com.sun.identity.entitlement.Entitlement;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementSubject;
</span><span class="cx"> import com.sun.identity.entitlement.JSONEntitlement;
</span><span class="lines">@@ -54,6 +57,8 @@
</span><span class="cx"> import javax.security.auth.Subject;
</span><span class="cx"> import javax.ws.rs.core.Cookie;
</span><span class="cx"> import javax.ws.rs.core.MultivaluedMap;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.json.JSONObject;
</span><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="lines">@@ -92,7 +97,7 @@
</span><span class="cx"> Entitlement entitlement = new \
Entitlement(RESOURCE_NAME + "/*", </span><span class="cx"> \
actions); </span><span class="cx"> privilege.setEntitlement(entitlement);
</span><del>- EntitlementSubject sbj = new AuthenticatedESubject();
</del><ins>+ EntitlementSubject sbj = new AuthenticatedUsers();
</ins><span class="cx"> privilege.setSubject(sbj);
</span><span class="cx"> pm.add(privilege);
</span><span class="cx"> }
</span><span class="lines">@@ -104,7 +109,7 @@
</span><span class="cx"> Entitlement entitlement = new \
Entitlement(RESOURCE_NAME + </span><span class="cx"> \
"/index.html", actions); </span><span class="cx"> \
privilege.setEntitlement(entitlement); </span><del>- EntitlementSubject \
sbj = new AuthenticatedESubject(); </del><ins>+ EntitlementSubject sbj = \
new AuthenticatedUsers(); </ins><span class="cx"> \
privilege.setSubject(sbj); </span><span class="cx"> pm.add(privilege);
</span><span class="cx"> }
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityrestPrivilegeRestTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/PrivilegeRestTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/PrivilegeRestTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/PrivilegeRestTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,11 +27,14 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.rest;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.am.util.SystemProperties;
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><del>-import com.sun.identity.entitlement.AuthenticatedESubject;
</del><span class="cx"> import com.sun.identity.entitlement.Entitlement;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementSubject;
</span><span class="cx"> import com.sun.identity.entitlement.Privilege;
</span><span class="lines">@@ -50,6 +53,8 @@
</span><span class="cx"> import java.util.Map;
</span><span class="cx"> import javax.security.auth.Subject;
</span><span class="cx"> import javax.ws.rs.core.Cookie;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.json.JSONArray;
</span><span class="cx"> import org.json.JSONObject;
</span><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="lines">@@ -85,7 +90,7 @@
</span><span class="cx"> Entitlement entitlement = new \
Entitlement(RESOURCE_NAME + "/*", </span><span class="cx"> \
actions); </span><span class="cx"> privilege.setEntitlement(entitlement);
</span><del>- EntitlementSubject sbj = new AuthenticatedESubject();
</del><ins>+ EntitlementSubject sbj = new AuthenticatedUsers();
</ins><span class="cx"> privilege.setSubject(sbj);
</span><span class="cx"> pm.add(privilege);
</span><span class="cx">
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityrestRestPermissionTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/RestPermissionTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/RestPermissionTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/RestPermissionTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,13 +27,16 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.rest;
</span><span class="cx">
</span><span class="cx"> import com.iplanet.am.util.SystemProperties;
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><span class="cx"> import com.sun.identity.delegation.DelegationManager;
</span><span class="cx"> import com.sun.identity.delegation.DelegationPrivilege;
</span><del>-import com.sun.identity.entitlement.AuthenticatedESubject;
</del><span class="cx"> import com.sun.identity.entitlement.Entitlement;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementException;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementSubject;
</span><span class="lines">@@ -58,6 +61,8 @@
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><span class="cx"> import javax.ws.rs.core.Cookie;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.json.JSONObject;
</span><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="lines">@@ -112,7 +117,7 @@
</span><span class="cx"> Entitlement entitlement = new \
Entitlement(RESOURCE_NAME + "/*", </span><span class="cx"> \
actions); </span><span class="cx"> privilege.setEntitlement(entitlement);
</span><del>- EntitlementSubject sbj = new AuthenticatedESubject();
</del><ins>+ EntitlementSubject sbj = new AuthenticatedUsers();
</ins><span class="cx"> privilege.setSubject(sbj);
</span><span class="cx"> pm.add(privilege);
</span><span class="cx"> }
</span></span></pre></div>
<a id="branchesAME4616openamopenamfederationOpenFMsrctestjavacomsunidentityrestRestTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/RestTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/RestTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-federation/OpenFM/src/test/java/com/sun/identity/rest/RestTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -27,12 +27,15 @@
</span><span class="cx"> * Portions Copyrighted 2014 ForgeRock AS
</span><span class="cx"> */
</span><span class="cx">
</span><ins>+/**
+ * Portions copyright 2014 ForgeRock AS.
+ */
+
</ins><span class="cx"> package com.sun.identity.rest;
</span><span class="cx">
</span><span class="cx"> import com.sun.identity.entitlement.util.AuthUtils;
</span><span class="cx"> import com.iplanet.am.util.SystemProperties;
</span><span class="cx"> import com.iplanet.sso.SSOToken;
</span><del>-import com.sun.identity.entitlement.AuthenticatedESubject;
</del><span class="cx"> import com.sun.identity.entitlement.Entitlement;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementSubject;
</span><span class="cx"> import com.sun.identity.entitlement.JSONEntitlement;
</span><span class="lines">@@ -55,6 +58,8 @@
</span><span class="cx"> import java.util.Set;
</span><span class="cx"> import javax.security.auth.Subject;
</span><span class="cx"> import javax.ws.rs.core.Cookie;
</span><ins>+
+import org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers;
</ins><span class="cx"> import org.json.JSONArray;
</span><span class="cx"> import org.json.JSONObject;
</span><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="lines">@@ -96,7 +101,7 @@
</span><span class="cx"> Entitlement entitlement = new \
Entitlement(RESOURCE_NAME + "/*", </span><span class="cx"> \
actions); </span><span class="cx"> privilege.setEntitlement(entitlement);
</span><del>- EntitlementSubject sbj = new AuthenticatedESubject();
</del><ins>+ EntitlementSubject sbj = new AuthenticatedUsers();
</ins><span class="cx"> privilege.setSubject(sbj);
</span><span class="cx">
</span><span class="cx"> NumericAttributeCondition cond = new \
NumericAttributeCondition(); </span></span></pre></div>
<a id="branchesAME4616openamopenamoauth2"></a>
<div class="propset"><h4>Property changes: \
branches/AME-4616/openam/openam-oauth2</h4> <pre class="diff"><span>
</span></pre></div>
<a id="svnmergeinfo"></a>
<div class="modfile"><h4>Modified: svn:mergeinfo</h4></div>
<span class="cx">/branches/AME-2629/openam/openam-oauth2:7585-7632
</span><span class="cx">/branches/AME-3405-session-read-from-cts/openam/openam-oauth2:8749-8823
</span><span class="cx">/branches/AME-3423/openam/openam-oauth2:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/openam/openam-oauth2:9534-9723
</span><span class="cx">/branches/AME-3719/openam/openam-oauth2:9517-9879
</span><span class="cx">/branches/AME-3726-script-sandboxing/openam/openam-oauth2:9663-9819
</span><span class="cx">/branches/AME-4378/openam/openam-oauth2:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/openam/openam-oauth2:10437-10535
</span><span class="cx">/branches/CTS-Async/openam/openam-oauth2:8847-9739
</span><span class="cx">/branches/IIS7PostData/openam/openam-oauth2:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/openam/openam-oauth2:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/openam/openam-oauth2:6910-6946
</span><span class="cx">/branches/OPENAM-3130-session-quota/openam/openam-oauth2:6958-6972
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/openam/openam-oauth2:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/openam/openam-oauth2:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/openam/openam-oauth2:8747-8835
</span><span class="cx">/branches/OPENAM-4028-connection-pool/openam/openam-oauth2:9750-10171
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/openam/openam-oauth2:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/openam/openam-oauth2:7834-7844
</span><span class="cx">/branches/ame4272/openam/openam-oauth2:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/openam/openam-oauth2:7508-7697
</span><span class="cx">/branches/andyAme3102/openam/openam-oauth2:8312-8413
</span><span class="cx">/branches/maven_merge/openam/openam-oauth2:2556-2558,2756-3124
</span><span class="cx">/branches/oidc_authn/openam-oauth2:8507,8540,8557-8559,8565-8566
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/openam/openam-oauth2:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/openam/openam-oauth2:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/openam/openam-oauth2:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/openam/openam-oauth2:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/openam/openam-oauth2:6767-6804
</span><span class="cx">/branches/openam_10.1.0_SAML2_FIXES/openam-oauth2:3725-3740
</span><span class="cx">/branches/openam_10.1.0_jeff/openam-oauth2:3128-3527
</span><span class="cx">/branches/openam_10.1.0_xacml3_JAS/openam/openam-oauth2:4039-4140
</span><span class="cx">/branches/openam_10.2.0_xacml3_JAS/openam/openam-oauth2:4141-4379
</span><span class="cx">/branches/openid_connect_implementation/openam-oauth2:4140-5165
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/openam/openam-oauth2:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/openam/openam-oauth2:8476-8577
</span><span class="cx">/branches/pcunnington-oauth2/openam/openam-oauth2:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/openam/openam-oauth2:8314-8341
</span><span class="cx">/branches/rest_sts_view_bean/openam-oauth2:9690-9965
</span><span class="cx">/branches/rwapshott-AME-1739/openam/openam-oauth2:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/openam/openam-oauth2:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/openam/openam-oauth2:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/openam/openam-oauth2:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2027-cts-oids-should-follow-fr-oid-scheme/openam/openam-oauth2:5609-5614
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/openam/openam-oauth2:6086-6319
</span><span class="cx">/branches/rwapshott-ame-2311-index-names/openam/openam-oauth2:6058-6069
</span><span class="cx">/branches/rwapshott-ame-258-cts-replication/openam/openam-oauth2:5548-6055
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/openam/openam-oauth2:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/openam/openam-oauth2:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/openam/openam-oauth2:6170-6194
</span><span class="cx">/branches/rwapshott-openam-2729-saml2-error/openam/openam-oauth2:6247-6257
</span><span class="cx">/branches/sts_oidc_saml_redux/openam-oauth2:8417-8422,8424,8440,8445-8446,8460,8490,8498
</span><span class="cx">/branches/sts_restart_persistence/openam-oauth2:9003-9005,9009-9414
</span><span class="cx">/branches/sts_saml2_encrypt/openam-oauth2:10424-10472,10474-10550
</span><span class="cx">/branches/sts_service_listeners/openam-oauth2:9968-10031,10047-10048,10053
</span><span class="cx">/branches/sts_token_gen_service/openam-oauth2:8706,8717-8720, \
8723-8725,8727-8728,8731,8737,8740-8742,8759-8760,8774-8776,8796-8797,8800-8801,8818-8819,8821
</span><span class="cx">/branches/sts_token_gen_service2/openam-oauth2:8844-8887,8894-9000
</span><span class="cx">/branches/sts_x509/openam-oauth2:10206-10398
</span><span class="cx">/trunk/openam/openam-oauth2:3127-3577,10686-10687,10694-10696,10701,10713,10716,10719,10721,10723,10725,10728,10735
</span><span class="cx"> + \
/branches/AME-2526-SFO-between-sites/openam/openam-oauth2:7510-8258 </span><span \
class="cx">/branches/AME-2629/openam/openam-oauth2:7585-7632 </span><span \
class="cx">/branches/AME-3405-session-read-from-cts/openam/openam-oauth2:8749-8823 \
</span><span class="cx">/branches/AME-3423/openam/openam-oauth2:10105-10414 \
</span><span class="cx">/branches/AME-3612-pcunnington/openam/openam-oauth2:9534-9723 \
</span><span class="cx">/branches/AME-3719/openam/openam-oauth2:9517-9879 \
</span><span class="cx">/branches/AME-3726-script-sandboxing/openam/openam-oauth2:9663-9819
</span><span class="cx">/branches/AME-4378/openam/openam-oauth2:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/openam/openam-oauth2:10437-10535
</span><span class="cx">/branches/AME-4547/openam/openam-oauth2:10585-10783
</span><span class="cx">/branches/AME-4595/openam/openam-oauth2:10581-10789
</span><span class="cx">/branches/CTS-Async/openam/openam-oauth2:8847-9739
</span><span class="cx">/branches/IIS7PostData/openam/openam-oauth2:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/openam/openam-oauth2:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/openam/openam-oauth2:6910-6946
</span><span class="cx">/branches/OPENAM-3130-session-quota/openam/openam-oauth2:6958-6972
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/openam/openam-oauth2:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/openam/openam-oauth2:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/openam/openam-oauth2:8747-8835
</span><span class="cx">/branches/OPENAM-4028-connection-pool/openam/openam-oauth2:9750-10171
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/openam/openam-oauth2:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/openam/openam-oauth2:7834-7844
</span><span class="cx">/branches/ame4272/openam/openam-oauth2:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/openam/openam-oauth2:7508-7697
</span><span class="cx">/branches/andyAme3102/openam/openam-oauth2:8312-8413
</span><span class="cx">/branches/maven_merge/openam/openam-oauth2:2556-2558,2756-3124
</span><span class="cx">/branches/oidc_authn/openam-oauth2:8507,8540,8557-8559,8565-8566
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/openam/openam-oauth2:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/openam/openam-oauth2:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/openam/openam-oauth2:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/openam/openam-oauth2:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/openam/openam-oauth2:6767-6804
</span><span class="cx">/branches/openam_10.1.0_SAML2_FIXES/openam-oauth2:3725-3740
</span><span class="cx">/branches/openam_10.1.0_jeff/openam-oauth2:3128-3527
</span><span class="cx">/branches/openam_10.1.0_xacml3_JAS/openam/openam-oauth2:4039-4140
</span><span class="cx">/branches/openam_10.2.0_xacml3_JAS/openam/openam-oauth2:4141-4379
</span><span class="cx">/branches/openid_connect_implementation/openam-oauth2:4140-5165
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/openam/openam-oauth2:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/openam/openam-oauth2:8476-8577
</span><span class="cx">/branches/pcunnington-oauth2/openam/openam-oauth2:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/openam/openam-oauth2:8314-8341
</span><span class="cx">/branches/rest_sts_view_bean/openam-oauth2:9690-9965
</span><span class="cx">/branches/rwapshott-AME-1739/openam/openam-oauth2:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/openam/openam-oauth2:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/openam/openam-oauth2:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/openam/openam-oauth2:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2027-cts-oids-should-follow-fr-oid-scheme/openam/openam-oauth2:5609-5614
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/openam/openam-oauth2:6086-6319
</span><span class="cx">/branches/rwapshott-ame-2311-index-names/openam/openam-oauth2:6058-6069
</span><span class="cx">/branches/rwapshott-ame-258-cts-replication/openam/openam-oauth2:5548-6055
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/openam/openam-oauth2:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/openam/openam-oauth2:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/openam/openam-oauth2:6170-6194
</span><span class="cx">/branches/rwapshott-openam-2729-saml2-error/openam/openam-oauth2:6247-6257
</span><span class="cx">/branches/sts_oidc_saml_redux/openam-oauth2:8417-8422,8424,8440,8445-8446,8460,8490,8498
</span><span class="cx">/branches/sts_restart_persistence/openam-oauth2:9003-9005,9009-9414
</span><span class="cx">/branches/sts_saml2_encrypt/openam-oauth2:10424-10472,10474-10550
</span><span class="cx">/branches/sts_service_listeners/openam-oauth2:9968-10031,10047-10048,10053
</span><span class="cx">/branches/sts_token_gen_service/openam-oauth2:8706,8717-8720, \
8723-8725,8727-8728,8731,8737,8740-8742,8759-8760,8774-8776,8796-8797,8800-8801,8818-8819,8821
</span><span class="cx">/branches/sts_token_gen_service2/openam-oauth2:8844-8887,8894-9000
</span><span class="cx">/branches/sts_x509/openam-oauth2:10206-10398
</span><span class="cx">/trunk/openam/openam-oauth2:3127-3577,10652-10812
</span><a id="branchesAME4616openamopenamrestsrcmainjavaorgforgerockopenamforgerockrestIdentityResourceV1java"></a>
<div class="propset"><h4>Property changes: \
branches/AME-4616/openam/openam-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResourceV1.java</h4>
<pre class="diff"><span>
</span></pre></div>
<a id="svnmergeinfo"></a>
<div class="modfile"><h4>Modified: svn:mergeinfo</h4></div>
<span class="cx">/branches/AME-4460_AME-4459/openam/openam-forgerock-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResourceV1.java:10437-10535
</span><span class="cx">/branches/maven_merge/openam/openam-forgerock-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResource.java:3122-3124
</span><span class="cx">/trunk/openam/openam-forgerock-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResource.java:3125-10502
</span><span class="cx">/trunk/openam/openam-rest/src/main/java/org/forgerock/openam/ \
forgerockrest/IdentityResourceV1.java:10443-10567,10686-10687,10694-10696,10701,10713,10716,10719,10721,10723,10725,10728,10735
</span><span class="cx"> + \
/branches/AME-4378/openam/openam-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResourceV1.java:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/openam/openam-forgerock-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResourceV1.java:10437-10535
</span><span class="cx">/branches/AME-4547/openam/openam-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResourceV1.java:10585-10783
</span><span class="cx">/branches/AME-4595/openam/openam-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResourceV1.java:10581-10789
</span><span class="cx">/branches/maven_merge/openam/openam-forgerock-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResource.java:3122-3124
</span><span class="cx">/trunk/openam/openam-forgerock-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResource.java:3125-10502
</span><span class="cx">/trunk/openam/openam-rest/src/main/java/org/forgerock/openam/forgerockrest/IdentityResourceV1.java:10443-10567,10652-10812
</span><a id="branchesAME4616openamopenamrestsrcmainjavaorgforgerockopenamforgerockrestentitlementsmodeljsonJsonEntitlementSubjectMixinjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-rest/src/main/java/org/forgerock/openam/forgerockrest/entitlements/model/json/JsonEntitlementSubjectMixin.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-rest/src/main/java/org/forgerock/openam/forgerockrest/entitlements/model/json/JsonEntitlementSubjectMixin.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-rest/src/main/java/org/forgerock/openam/forgerockrest/entitlements/model/json/JsonEntitlementSubjectMixin.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -17,7 +17,6 @@
</span><span class="cx"> package \
org.forgerock.openam.forgerockrest.entitlements.model.json; </span><span class="cx">
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementSubject;
</span><del>-import com.sun.identity.entitlement.VirtualSubject;
</del><span class="cx"> import org.codehaus.jackson.annotate.JsonIgnore;
</span><span class="cx"> import org.codehaus.jackson.annotate.JsonProperty;
</span><span class="cx"> import org.codehaus.jackson.annotate.JsonTypeInfo;
</span><span class="lines">@@ -40,9 +39,6 @@
</span><span class="cx"> public abstract String getState();
</span><span class="cx">
</span><span class="cx"> @JsonIgnore
</span><del>- public abstract VirtualSubject.VirtualId getVirtualId();
-
- @JsonIgnore
</del><span class="cx"> public abstract Map<String, Set<String>> \
getSearchIndexAttributes(); </span><span class="cx">
</span><span class="cx"> @JsonIgnore
</span></span></pre></div>
<a id="branchesAME4616openamopenamrestsrctestjavaorgforgerockopenamforgerockrestentitlementsJsonPolicyParserTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-rest/src/test/java/org/forgerock/openam/forgerockrest/entitlements/JsonPolicyParserTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-rest/src/test/java/org/forgerock/openam/forgerockrest/entitlements/JsonPolicyParserTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-rest/src/test/java/org/forgerock/openam/forgerockrest/entitlements/JsonPolicyParserTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -22,7 +22,6 @@
</span><span class="cx"> import com.sun.identity.entitlement.Entitlement;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementCondition;
</span><span class="cx"> import com.sun.identity.entitlement.EntitlementException;
</span><del>-import com.sun.identity.entitlement.IPCondition;
</del><span class="cx"> import com.sun.identity.entitlement.NotCondition;
</span><span class="cx"> import com.sun.identity.entitlement.OrCondition;
</span><span class="cx"> import com.sun.identity.entitlement.Privilege;
</span><span class="lines">@@ -35,6 +34,8 @@
</span><span class="cx"> import com.sun.identity.shared.DateUtils;
</span><span class="cx"> import org.forgerock.json.fluent.JsonPointer;
</span><span class="cx"> import org.forgerock.json.fluent.JsonValue;
</span><ins>+import org.forgerock.openam.entitlement.conditions.environment.IPCondition;
+import org.forgerock.openam.entitlement.conditions.environment.OAuth2ScopeCondition;
</ins><span class="cx"> import org.forgerock.openam.utils.CollectionUtils;
</span><span class="cx"> import org.testng.annotations.AfterClass;
</span><span class="cx"> import org.testng.annotations.BeforeClass;
</span><span class="lines">@@ -294,20 +295,18 @@
</span><span class="cx"> @Test
</span><span class="cx"> public void shouldCorrectlyParseConditionTypes() throws \
Exception { </span><span class="cx"> // Given
</span><del>- String startIp = "127.0.0.1";
- String endIp = "127.0.0.255";
</del><ins>+ String scope = "cn givenName";
</ins><span class="cx"> JsonValue content = \
json(object(field("condition", </span><del>- \
object(field("type", "IP"),
- field("startIp", startIp),
- field("endIp", endIp)))));
</del><ins>+ object(field("type", "OAuth2Scope"),
+ field("requiredScopes", array(scope))))));
</ins><span class="cx">
</span><span class="cx"> // When
</span><span class="cx"> Privilege result = parser.parsePolicy(POLICY_NAME, \
content); </span><span class="cx">
</span><span class="cx"> // Then
</span><del>- \
assertThat(result.getCondition()).isInstanceOf(IPCondition.class);
- assertThat(((IPCondition) \
result.getCondition()).getStartIp()).isEqualTo(startIp);
- assertThat(((IPCondition) \
result.getCondition()).getEndIp()).isEqualTo(endIp); </del><ins>+ \
assertThat(result.getCondition()).isInstanceOf(OAuth2ScopeCondition.class); + \
assertThat(((OAuth2ScopeCondition) result.getCondition()).getRequiredScopes()) + \
.isEqualTo(Collections.singleton(scope)); </ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> @Test(expectedExceptions = EntitlementException.class)
</span><span class="lines">@@ -330,15 +329,13 @@
</span><span class="cx"> @Test
</span><span class="cx"> public void shouldParseNestedAndConditions() throws \
Exception { </span><span class="cx"> // Given
</span><del>- // An AND condition containing a single IP condition
- String startIp = "127.0.0.1";
- String endIp = "127.0.0.255";
</del><ins>+ // An AND condition containing a single OAuth2Scope condition
+ String scope = "cn givenName";
</ins><span class="cx"> JsonValue content = \
json(object(field("condition", </span><span class="cx"> \
object(field("type", "AND"), </span><span class="cx"> \
field("conditions", </span><del>- \
Collections.singletonList(object(field("type", \
"IP"),
- field("startIp", startIp),
- field("endIp", endIp))))))));
</del><ins>+ \
Collections.singletonList(object(field("type", "OAuth2Scope"), + \
field("requiredScopes", array(scope))))))))); </ins><span class="cx">
</span><span class="cx"> // When
</span><span class="cx"> Privilege result = parser.parsePolicy(POLICY_NAME, \
content); </span><span class="lines">@@ -347,24 +344,21 @@
</span><span class="cx"> \
assertThat(result.getCondition()).isInstanceOf(AndCondition.class); </span><span \
class="cx"> AndCondition and = (AndCondition) result.getCondition(); \
</span><span class="cx"> assertThat(and.getEConditions()).hasSize(1); \
</span><del>- \
assertThat(and.getEConditions().iterator().next()).isInstanceOf(IPCondition.class);
- IPCondition ip = (IPCondition) and.getEConditions().iterator().next();
- assertThat(ip.getStartIp()).isEqualTo(startIp);
- assertThat(ip.getEndIp()).isEqualTo(endIp);
</del><ins>+ assertThat(and.getEConditions().iterator().next()).isInstanceOf(OAuth2ScopeCondition.class);
+ OAuth2ScopeCondition oauth2Scope = (OAuth2ScopeCondition) \
and.getEConditions().iterator().next(); + \
assertThat(oauth2Scope.getRequiredScopes()).isEqualTo(Collections.singleton(scope)); \
</ins><span class="cx"> } </span><span class="cx">
</span><span class="cx"> @Test
</span><span class="cx"> public void shouldParseNestedOrConditions() throws \
Exception { </span><span class="cx"> // Given
</span><del>- // An OR condition containing a single IP condition
- String startIp = "127.0.0.1";
- String endIp = "127.0.0.255";
</del><ins>+ // An OR condition containing a single OAuth2Scope condition
+ String scope = "cn givenName";
</ins><span class="cx"> JsonValue content = \
json(object(field("condition", </span><span class="cx"> \
object(field("type", "OR"), </span><span class="cx"> \
field("conditions", </span><del>- \
Collections.singletonList(object(field("type", \
"IP"),
- field("startIp", startIp),
- field("endIp", endIp))))))));
</del><ins>+ \
Collections.singletonList(object(field("type", "OAuth2Scope"), + \
field("requiredScopes", array(scope))))))))); </ins><span class="cx">
</span><span class="cx"> // When
</span><span class="cx"> Privilege result = parser.parsePolicy(POLICY_NAME, \
content); </span><span class="lines">@@ -373,23 +367,20 @@
</span><span class="cx"> \
assertThat(result.getCondition()).isInstanceOf(OrCondition.class); </span><span \
class="cx"> OrCondition or = (OrCondition) result.getCondition(); \
</span><span class="cx"> assertThat(or.getEConditions()).hasSize(1); \
</span><del>- \
assertThat(or.getEConditions().iterator().next()).isInstanceOf(IPCondition.class);
- IPCondition ip = (IPCondition) or.getEConditions().iterator().next();
- assertThat(ip.getStartIp()).isEqualTo(startIp);
- assertThat(ip.getEndIp()).isEqualTo(endIp);
</del><ins>+ assertThat(or.getEConditions().iterator().next()).isInstanceOf(OAuth2ScopeCondition.class);
+ OAuth2ScopeCondition oauth2Scope = (OAuth2ScopeCondition) \
or.getEConditions().iterator().next(); + \
assertThat(oauth2Scope.getRequiredScopes()).isEqualTo(Collections.singleton(scope)); \
</ins><span class="cx"> } </span><span class="cx">
</span><span class="cx"> @Test
</span><span class="cx"> public void shouldParseNotConditions() throws Exception \
{ </span><span class="cx"> // Given
</span><del>- // A NOT condition containing an IP condition
- String startIp = "127.0.0.1";
- String endIp = "127.0.0.255";
</del><ins>+ // A NOT condition containing an OAuth2Scope condition
+ String scope = "cn givenName";
</ins><span class="cx"> JsonValue content = \
json(object(field("condition", </span><span class="cx"> \
object(field("type", "NOT"), </span><del>- \
field("condition", object(field("type", \
"IP"),
- field("startIp", startIp),
- field("endIp", endIp)))))));
</del><ins>+ field("condition", \
object(field("type", "OAuth2Scope"), + \
field("requiredScopes", array(scope)))))))); </ins><span class="cx">
</span><span class="cx"> // When
</span><span class="cx"> Privilege result = parser.parsePolicy(POLICY_NAME, \
content); </span><span class="lines">@@ -397,10 +388,9 @@
</span><span class="cx"> // Then
</span><span class="cx"> \
assertThat(result.getCondition()).isInstanceOf(NotCondition.class); </span><span \
class="cx"> NotCondition not = (NotCondition) result.getCondition(); \
</span><del>- \
assertThat(not.getECondition()).isInstanceOf(IPCondition.class);
- IPCondition ip = (IPCondition) not.getECondition();
- assertThat(ip.getStartIp()).isEqualTo(startIp);
- assertThat(ip.getEndIp()).isEqualTo(endIp);
</del><ins>+ assertThat(not.getECondition()).isInstanceOf(OAuth2ScopeCondition.class);
+ OAuth2ScopeCondition ip = (OAuth2ScopeCondition) not.getECondition();
+ assertThat(ip.getRequiredScopes()).isEqualTo(Collections.singleton(scope));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> @Test
</span></span></pre></div>
<a id="branchesAME4616openamopenamtoolsopenaminstalltoolspomxml"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-tools/openam-installtools/pom.xml (10813 => \
10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-tools/openam-installtools/pom.xml 2014-09-30 13:48:08 \
UTC (rev 10813)
+++ branches/AME-4616/openam/openam-tools/openam-installtools/pom.xml 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -46,9 +46,6 @@
</span><span class="cx"> \
<artifactId>maven-surefire-plugin</artifactId> </span><span class="cx"> \
<configuration> </span><span class="cx"> \
<systemPropertyVariables> </span><del>- <!-- Used by \
the OSChecker Test Case -->
- <os.name>Linux</os.name>
- <os.arch>x86</os.arch>
</del><span class="cx"> \
<com.sun.identity.product.logs.dir>${project.build.testOutputDirectory}</com.sun.identity.product.logs.dir>
</span><span class="cx"> </systemPropertyVariables>
</span><span class="cx"> </configuration>
</span></span></pre></div>
<a id="branchesAME4616openamopenamtoolsopenaminstalltoolssrctestjavacomsunidentityinstalltoolsutilOSCheckerTestjava"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/openam/openam-tools/openam-installtools/src/test/java/com/sun/identity/install/tools/util/OSCheckerTest.java \
(10813 => 10814)</h4> <pre class="diff"><span>
<span class="info">--- \
branches/AME-4616/openam/openam-tools/openam-installtools/src/test/java/com/sun/identity/install/tools/util/OSCheckerTest.java 2014-09-30 \
13:48:08 UTC (rev 10813)
+++ branches/AME-4616/openam/openam-tools/openam-installtools/src/test/java/com/sun/identity/install/tools/util/OSCheckerTest.java 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -16,55 +16,58 @@
</span><span class="cx">
</span><span class="cx"> package com.sun.identity.install.tools.util;
</span><span class="cx">
</span><del>-import org.testng.Assert;
</del><span class="cx"> import org.testng.annotations.Test;
</span><span class="cx">
</span><ins>+import java.util.Arrays;
+import java.util.List;
+
+import static org.testng.Assert.*;
+import static com.sun.identity.install.tools.util.OSChecker.*;
+
</ins><span class="cx"> public class OSCheckerTest {
</span><span class="cx">
</span><ins>+ private static final String OS_NAME = \
System.getProperty("os.name"); + private static final List<String> \
ARCHITECTURES = Arrays.asList( + "i386", "i686", \
"x86", "x86_64", "PowerPC", "ppc", \
"ppc64", "sparc"); +
</ins><span class="cx"> @Test
</span><span class="cx"> public void testIsUnixOrWindows() {
</span><del>-
- Assert.assertTrue(OSChecker.isUnix() || OSChecker.isWindows());
</del><ins>+ assertTrue(isUnix() || isWindows());
+ assertFalse(isUnix() && isWindows());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> @Test
</span><span class="cx"> public void testLinuxVersionStringParsing() {
</span><span class="cx">
</span><span class="cx"> String linuxVersionString = \
"2.6.32-279.14.1.el6.x86_64"; </span><del>- \
OSChecker.parseVersion(linuxVersionString);
- Assert.assertEquals(OSChecker.getOsMajorVersion(), 2);
- Assert.assertEquals(OSChecker.getOsMinorVersion(), 6);
- // These are hard-coded in the POM
- Assert.assertTrue(OSChecker.atleast("Linux", 2, 6));
- Assert.assertTrue(OSChecker.matchArch("x86"));
</del><ins>+ parseVersion(linuxVersionString);
+ assertEquals(getOsMajorVersion(), 2);
+ assertEquals(getOsMinorVersion(), 6);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> @Test
</span><span class="cx"> public void testOSXVersionStringParsing() {
</span><del>-
</del><span class="cx"> String osXVersionString = "10.9.5";
</span><del>- OSChecker.parseVersion(osXVersionString);
- Assert.assertEquals(OSChecker.getOsMajorVersion(), 10);
- Assert.assertEquals(OSChecker.getOsMinorVersion(), 9);
-
</del><ins>+ parseVersion(osXVersionString);
+ assertEquals(getOsMajorVersion(), 10);
+ assertEquals(getOsMinorVersion(), 9);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> @Test
</span><span class="cx"> public void testWindowsVersionStringParsing() {
</span><del>-
</del><span class="cx"> String windowsVersionString = "5.1";
</span><del>- OSChecker.parseVersion(windowsVersionString);
- Assert.assertEquals(OSChecker.getOsMajorVersion(), 5);
- Assert.assertEquals(OSChecker.getOsMinorVersion(), 1);
</del><ins>+ parseVersion(windowsVersionString);
+ assertEquals(getOsMajorVersion(), 5);
+ assertEquals(getOsMinorVersion(), 1);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> @Test
</span><span class="cx"> public void testNoMinorVersionStringParsing() {
</span><span class="cx">
</span><span class="cx"> String noMinorString = "100";
</span><del>- OSChecker.parseVersion(noMinorString);
- Assert.assertEquals(OSChecker.getOsMajorVersion(), 100);
- Assert.assertEquals(OSChecker.getOsMinorVersion(), 0);
</del><ins>+ parseVersion(noMinorString);
+ assertEquals(getOsMajorVersion(), 100);
+ assertEquals(getOsMinorVersion(), 0);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> @Test
</span><span class="lines">@@ -73,8 +76,32 @@
</span><span class="cx"> // The exception output will end up in the TestCase \
debug log under the </span><span class="cx"> // target/test-cases directory \
as set in the POM. </span><span class="cx"> String exceptionString = \
"abc.10"; </span><del>- OSChecker.parseVersion(exceptionString);
- Assert.assertEquals(OSChecker.getOsMajorVersion(), 0);
- Assert.assertEquals(OSChecker.getOsMinorVersion(), 0);
</del><ins>+ parseVersion(exceptionString);
+ assertEquals(getOsMajorVersion(), 0);
+ assertEquals(getOsMinorVersion(), 0);
</ins><span class="cx"> }
</span><ins>+
+ @Test
+ public void testAtLeast() {
+ parseVersion("1.2.3");
+ assertTrue(atleast(OS_NAME, 1, 0));
+ assertTrue(atleast(OS_NAME, 1, 2));
+ assertFalse(atleast(OS_NAME, 1, 3));
+ assertFalse(atleast(OS_NAME, 2, 1));
+ assertFalse(atleast("iOS", 1, 0));
+ }
+
+ @Test
+ public void testArchitecture() {
+ int foundArch = 0;
+
+ // non-exhaustive list, covers conceivable architectures that might be \
running unit tests + for (String arch : ARCHITECTURES) {
+ if (matchArch(arch)) {
+ foundArch++;
+ }
+ }
+
+ assertEquals(foundArch, 1, "Expected " + \
System.getProperty("os.arch") + " to be one of " + \
ARCHITECTURES); + }
</ins><span class="cx"> }
</span></span></pre></div>
<a id="branchesAME4616openamagents"></a>
<div class="propset"><h4>Property changes: branches/AME-4616/openam-agents</h4>
<pre class="diff"><span>
</span></pre></div>
<a id="svnmergeinfo"></a>
<div class="modfile"><h4>Modified: svn:mergeinfo</h4></div>
<span class="cx">/branches/AME-2526-SFO-between-sites/openam-agents:7510-8258
</span><span class="cx">/branches/AME-3423/openam-agents:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/openam-agents:9534-9723
</span><span class="cx">/branches/AME-3719/openam-agents:9517-9879
</span><span class="cx">/branches/AME-4378/openam-agents:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/openam-agents:10437-10535
</span><span class="cx">/branches/IIS7PostData/openam-agents:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/openam-agents:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/openam-agents:6910-6946
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/openam-agents:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/openam-agents:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/openam-agents:8747-8835
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/openam-agents:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/openam-agents:7834-7844
</span><span class="cx">/branches/ame4272/openam-agents:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/openam-agents:7508-7697
</span><span class="cx">/branches/andy-ame1316-connectionfactory/openam-agents:5311-5328
</span><span class="cx">/branches/andyOpenam1708/openam-agents:5576-5592
</span><span class="cx">/branches/andyOpenam2373/openam-agents:5600-5706
</span><span class="cx">/branches/apforrest-ame1316/openam-agents:4881-5305
</span><span class="cx">/branches/maven_merge/openam-agents:2556-3124
</span><span class="cx">/branches/mdr_javaagents_mvn/openam-agents:5293-5729
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/openam-agents:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/openam-agents:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/openam-agents:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/openam-agents:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/openam-agents:6767-6804
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/openam-agents:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/openam-agents:8476-8577
</span><span class="cx">/branches/pcunnington-AME-350/openam-agents:4165-4344
</span><span class="cx">/branches/pcunnington-ame-344/openam-agents:4651-5199
</span><span class="cx">/branches/pcunnington-oauth2/openam-agents:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/openam-agents:8314-8341
</span><span class="cx">/branches/policyimprovements/openam-agents:5513-5515
</span><span class="cx">/branches/rwapshott-AME-1739/openam-agents:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/openam-agents:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/openam-agents:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/openam-agents:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/openam-agents:6086-6319
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/openam-agents:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/openam-agents:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/openam-agents:6170-6194
</span><span class="cx">/trunk/openam-agents:10686-10687,10694-10696,10701,10713,10716,10719,10721,10723,10725,10728,10735
</span><span class="cx"> + /branches/10.1.0-Xpress/openam-agents:3888-3892
</span><span class="cx">/branches/AME-2526-SFO-between-sites/openam-agents:7510-8258
</span><span class="cx">/branches/AME-3423/openam-agents:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/openam-agents:9534-9723
</span><span class="cx">/branches/AME-3719/openam-agents:9517-9879
</span><span class="cx">/branches/AME-4378/openam-agents:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/openam-agents:10437-10535
</span><span class="cx">/branches/AME-4547/openam-agents:10585-10783
</span><span class="cx">/branches/AME-4595/openam-agents:10581-10789
</span><span class="cx">/branches/IIS7PostData/openam-agents:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/openam-agents:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/openam-agents:6910-6946
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/openam-agents:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/openam-agents:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/openam-agents:8747-8835
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/openam-agents:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/openam-agents:7834-7844
</span><span class="cx">/branches/ame4272/openam-agents:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/openam-agents:7508-7697
</span><span class="cx">/branches/andy-ame1316-connectionfactory/openam-agents:5311-5328
</span><span class="cx">/branches/andyOpenam1708/openam-agents:5576-5592
</span><span class="cx">/branches/andyOpenam2373/openam-agents:5600-5706
</span><span class="cx">/branches/apforrest-ame1316/openam-agents:4881-5305
</span><span class="cx">/branches/maven_merge/openam-agents:2556-3124
</span><span class="cx">/branches/mdr_javaagents_mvn/openam-agents:5293-5729
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/openam-agents:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/openam-agents:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/openam-agents:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/openam-agents:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/openam-agents:6767-6804
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/openam-agents:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/openam-agents:8476-8577
</span><span class="cx">/branches/pcunnington-AME-350/openam-agents:4165-4344
</span><span class="cx">/branches/pcunnington-ame-344/openam-agents:4651-5199
</span><span class="cx">/branches/pcunnington-oauth2/openam-agents:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/openam-agents:8314-8341
</span><span class="cx">/branches/policyimprovements/openam-agents:5513-5515
</span><span class="cx">/branches/rwapshott-AME-1739/openam-agents:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/openam-agents:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/openam-agents:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/openam-agents:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/openam-agents:6086-6319
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/openam-agents:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/openam-agents:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/openam-agents:6170-6194
</span><span class="cx">/trunk/openam-agents:10652-10812
</span><a id="branchesAME4616opensso"></a>
<div class="propset"><h4>Property changes: branches/AME-4616/opensso</h4>
<pre class="diff"><span>
</span></pre></div>
<a id="svnmergeinfo"></a>
<div class="modfile"><h4>Modified: svn:mergeinfo</h4></div>
<span class="cx">/branches/AME-3423/opensso:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/opensso:9534-9723
</span><span class="cx">/branches/AME-3719/opensso:9517-9879
</span><span class="cx">/branches/AME-4378/opensso:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/opensso:10437-10535
</span><span class="cx">/branches/IIS7PostData/opensso:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/opensso:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/opensso:6910-6946
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/opensso:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/opensso:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/opensso:8747-8835
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/opensso:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/opensso:7834-7844
</span><span class="cx">/branches/allanCSDK:64-163
</span><span class="cx">/branches/ame4272/opensso:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/opensso:7508-7697
</span><span class="cx">/branches/maven_merge/opensso:2556-3124
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/opensso:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/opensso:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/opensso:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/opensso:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/opensso:6767-6804
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/opensso:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/opensso:8476-8577
</span><span class="cx">/branches/pcunnington-oauth2/opensso:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/opensso:8314-8341
</span><span class="cx">/branches/rwapshott-AME-1739/opensso:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/opensso:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/opensso:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/opensso:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/opensso:6086-6319
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/opensso:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/opensso:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/opensso:6170-6194
</span><span class="cx">/trunk/opensso:10652-10678,10686-10687,10694-10696,10701,10713,10716,10719,10721,10723,10725,10728,10735
</span><span class="cx"> + /branches/AME-2526-SFO-between-sites/opensso:7510-8258
</span><span class="cx">/branches/AME-3423/opensso:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/opensso:9534-9723
</span><span class="cx">/branches/AME-3719/opensso:9517-9879
</span><span class="cx">/branches/AME-4378/opensso:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/opensso:10437-10535
</span><span class="cx">/branches/AME-4547/opensso:10585-10783
</span><span class="cx">/branches/AME-4595/opensso:10581-10789
</span><span class="cx">/branches/IIS7PostData/opensso:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/opensso:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/opensso:6910-6946
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/opensso:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/opensso:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/opensso:8747-8835
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/opensso:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/opensso:7834-7844
</span><span class="cx">/branches/allanCSDK:64-163
</span><span class="cx">/branches/ame4272/opensso:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/opensso:7508-7697
</span><span class="cx">/branches/maven_merge/opensso:2556-3124
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/opensso:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/opensso:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/opensso:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/opensso:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/opensso:6767-6804
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/opensso:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/opensso:8476-8577
</span><span class="cx">/branches/pcunnington-oauth2/opensso:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/opensso:8314-8341
</span><span class="cx">/branches/rwapshott-AME-1739/opensso:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/opensso:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/opensso:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/opensso:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/opensso:6086-6319
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/opensso:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/opensso:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/opensso:6170-6194
</span><span class="cx">/trunk/opensso:10652-10812
</span><a id="branchesAME4616openssoproducts"></a>
<div class="propset"><h4>Property changes: branches/AME-4616/opensso/products</h4>
<pre class="diff"><span>
</span></pre></div>
<a id="svnmergeinfo"></a>
<div class="modfile"><h4>Modified: svn:mergeinfo</h4></div>
<span class="cx">/branches/AME-3423/opensso/products:10105-10414
</span><span class="cx">/branches/AME-3612-pcunnington/opensso/products:9534-9723
</span><span class="cx">/branches/AME-3719/opensso/products:9517-9879
</span><span class="cx">/branches/AME-4378/opensso/products:10443-10621
</span><span class="cx">/branches/AME-4460_AME-4459/opensso/products:10437-10535
</span><span class="cx">/branches/IIS7PostData/opensso/products:224-261
</span><span class="cx">/branches/OPENAM-2961-forgot-password-404/opensso/products:8322-8362
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/opensso/products:6910-6946
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/opensso/products:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/opensso/products:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/opensso/products:8747-8835
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/opensso/products:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/opensso/products:7834-7844
</span><span class="cx">/branches/ame4272/opensso/products:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/opensso/products:7508-7697
</span><span class="cx">/branches/j2eePostData/opensso/products:482-520
</span><span class="cx">/branches/maven_merge/opensso/products:2556-3124
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/opensso/products:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/opensso/products:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/opensso/products:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/opensso/products:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/opensso/products:6767-6804
</span><span class="cx">/branches/opends23_build002/products:132-181
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/opensso/products:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/opensso/products:8476-8577
</span><span class="cx">/branches/pcunnington-oauth2/opensso/products:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/opensso/products:8314-8341
</span><span class="cx">/branches/rwapshott-AME-1739/opensso/products:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/opensso/products:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/opensso/products:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/opensso/products:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/opensso/products:6086-6319
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/opensso/products:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/opensso/products:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/opensso/products:6170-6194
</span><span class="cx">/trunk/opensso/products:10652-10678,10686-10687,10694-10696,10701,10713,10716,10719,10721,10723,10725,10728,10735
</span><span class="cx"> + \
/branches/AME-2526-SFO-between-sites/opensso/products:7510-8258 </span><span \
class="cx">/branches/AME-3423/opensso/products:10105-10414 </span><span \
class="cx">/branches/AME-3612-pcunnington/opensso/products:9534-9723 </span><span \
class="cx">/branches/AME-3719/opensso/products:9517-9879 </span><span \
class="cx">/branches/AME-4378/opensso/products:10443-10621 </span><span \
class="cx">/branches/AME-4460_AME-4459/opensso/products:10437-10535 </span><span \
class="cx">/branches/AME-4547/opensso/products:10585-10783 </span><span \
class="cx">/branches/AME-4595/opensso/products:10581-10789 </span><span \
class="cx">/branches/IIS7PostData/opensso/products:224-261 </span><span \
class="cx">/branches/OPENAM-2961-forgot-password-404/opensso/products:8322-8362 \
</span><span class="cx">/branches/OPENAM-3097-sessions-not-deleted/opensso/products:6910-6946
</span><span class="cx">/branches/OPENAM-3283-CTS-thread-exceptions/opensso/products:7270-7369
</span><span class="cx">/branches/OPENAM-3425-class-cast-exception/opensso/products:8333-8359
</span><span class="cx">/branches/OPENAM-3782-forgotten-password-changes/opensso/products:8747-8835
</span><span class="cx">/branches/OPENAM-4384-ssoadm-classpath/opensso/products:10263-10264
</span><span class="cx">/branches/OPENAM-OPENAM-3528-client-side-session-validation/opensso/products:7834-7844
</span><span class="cx">/branches/ame4272/opensso/products:10073-10101
</span><span class="cx">/branches/andy-ame-2227-v2/opensso/products:7508-7697
</span><span class="cx">/branches/j2eePostData/opensso/products:482-520
</span><span class="cx">/branches/maven_merge/opensso/products:2556-3124
</span><span class="cx">/branches/openam-3049-cts-reaper-connection-usage/opensso/products:6658-6745
</span><span class="cx">/branches/openam-3053-cts-tab-exception/opensso/products:6672-6721
</span><span class="cx">/branches/openam-3072-cts-configuration/opensso/products:6691-6714
</span><span class="cx">/branches/openam-3092-store-mode-error/opensso/products:6729-6733
</span><span class="cx">/branches/openam-3110-create-or-update-bug/opensso/products:6767-6804
</span><span class="cx">/branches/opends23_build002/products:132-181
</span><span class="cx">/branches/pcunnington-AME-3115-refactor/opensso/products:8348-8473
</span><span class="cx">/branches/pcunnington-AME-3158/opensso/products:8476-8577
</span><span class="cx">/branches/pcunnington-oauth2/opensso/products:8710-8793
</span><span class="cx">/branches/phcunnington-AME-3114/opensso/products:8314-8341
</span><span class="cx">/branches/rwapshott-AME-1739/opensso/products:5331-5353
</span><span class="cx">/branches/rwapshott-AME-215/opensso/products:4091-4155
</span><span class="cx">/branches/rwapshott-AME-257/opensso/products:4047-4126
</span><span class="cx">/branches/rwapshott-AME-804/opensso/products:4267-5404
</span><span class="cx">/branches/rwapshott-ame-2160-session-size/opensso/products:6086-6319
</span><span class="cx">/branches/rwapshott-openam-2198-session-resource-protection/opensso/products:5628-5824
</span><span class="cx">/branches/rwapshott-openam-2526/opensso/products:5442-5484
</span><span class="cx">/branches/rwapshott-openam-2716-cts-invalid-chars/opensso/products:6170-6194
</span><span class="cx">/trunk/opensso/products:10652-10812
</span><a id="branchesAME4616openssoproductswebagentsMakefilelinuxmk"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/opensso/products/webagents/Makefile.linux.mk (10813 => 10814)</h4> \
<pre class="diff"><span> <span class="info">--- \
branches/AME-4616/opensso/products/webagents/Makefile.linux.mk 2014-09-30 13:48:08 \
UTC (rev 10813)
+++ branches/AME-4616/opensso/products/webagents/Makefile.linux.mk 2014-09-30 \
13:49:13 UTC (rev 10814) </span><span class="lines">@@ -64,10 +64,12 @@
</span><span class="cx">
</span><span class="cx"> varnishi: $(VRNSHOBJS)
</span><span class="cx"> @echo "[*** Creating "$@" shared library \
***]" </span><ins>+ $(MAKE) -C install/varnish/
</ins><span class="cx"> ${CC} -shared -Wl,-export-dynamic -fPIC \
-Wl,-soname,libvmod_am.so $(LDFLAGS) -Wl,-rpath,'$$ORIGIN/../lib' \
-Wl,-rpath,'$$ORIGIN' -z origin $(VRNSHOBJS) -o agents/source/varnish/libvmod_am.so \
am/source/libamsdk.a -lstdc++ $(EXT_LIBS) </span><span class="cx">
</span><span class="cx"> varnish302i: varnish_agent_302.o vcc_if_302.o
</span><span class="cx"> @echo "[*** Creating "$@" shared library \
***]" </span><ins>+ $(MAKE) -C install/varnish/
</ins><span class="cx"> ${CC} -shared -Wl,-export-dynamic -fPIC \
-Wl,-soname,libvmod_am.so $(LDFLAGS) -Wl,-rpath,'$$ORIGIN/../lib' \
-Wl,-rpath,'$$ORIGIN' -z origin agents/source/varnish/varnish_agent_302.o \
agents/source/varnish/vcc_if_302.o -o agents/source/varnish/libvmod_am.so \
am/source/libamsdk.a -lstdc++ $(EXT_LIBS) </span><span class="cx">
</span><span class="cx"> oiwsi: $(OIWSOBJS)
</span></span></pre></div>
<a id="branchesAME4616openssoproductswebagentsbuildxml"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/opensso/products/webagents/build.xml (10813 => 10814)</h4> <pre \
class="diff"><span> <span class="info">--- \
branches/AME-4616/opensso/products/webagents/build.xml 2014-09-30 13:48:08 UTC (rev \
10813)
+++ branches/AME-4616/opensso/products/webagents/build.xml 2014-09-30 13:49:13 UTC \
(rev 10814) </span><span class="lines">@@ -135,6 +135,8 @@
</span><span class="cx">
</span><span class="cx"> <target name="clean">
</span><span class="cx"> <echo message="Dispatch to clean"/>
</span><ins>+ <ant antfile="${webagents.basedir}/build_agent.xml" \
+ target="clean" inheritRefs="true"/>
</ins><span class="cx"> <exec executable="gmake" \
failonerror="true"> </span><span class="cx"> <arg \
value="clean" /> </span><span class="cx"> </exec>
</span></span></pre></div>
<a id="branchesAME4616openssoproductswebagentsbuild_agentxml"></a>
<div class="modfile"><h4>Modified: \
branches/AME-4616/opensso/products/webagents/build_agent.xml (10813 => 10814)</h4> \
<pre class="diff"><span> <span class="info">--- \
branches/AME-4616/opensso/products/webagents/build_agent.xml 2014-09-30 13:48:08 UTC \
(rev 10813)
+++ branches/AME-4616/opensso/products/webagents/build_agent.xml 2014-09-30 13:49:13 \
UTC (rev 10814) </span><span class="lines">@@ -178,6 +178,11 @@
</span><span class="cx"> <delete \
dir="${webagents.container.lib.dir}"/> </span><span class="cx"> \
<delete dir="${webagents.container.classes.dir}"/> </span><span \
class="cx"> <delete dir="${webagents.container.built.dir}"/> \
</span><ins>+ <delete> + <fileset \
dir="${webagents.basedir}/install/varnish/source/" \
includes="**/*.o"/> + <fileset \
dir="${webagents.basedir}/install/varnish/include/" \
includes="version.h"/> + <fileset \
dir="${webagents.basedir}/install/varnish/" \
includes="agentadmin"/> + </delete>
</ins><span class="cx"> </target>
</span><span class="cx">
</span><span class="cx"> <target name="all" \
depends="preparebuild, scratch"> </span><span class="lines">@@ -187,11 \
+192,13 @@ </span><span class="cx">
</span><span class="cx"> <target name="varnish" \
depends="preparebuild, scratch"> </span><span class="cx"> \
<zip file="${webagents.dist.dir}/${containername}_v30_${build.os}${build.type.suffix}_agent_${agentversion}.zip" \
whenempty="create"> </span><del>- <zipfileset \
filemode="755" prefix="web_agents/varnish/bin" \
dir="${webagents.basedir}/extlib/${build.os.ext}/varnish${build.type.suffix}/bin/" \
includes="agentadmin"/> </del><ins>+ <zipfileset \
filemode="755" prefix="web_agents/varnish/bin" \
dir="${webagents.basedir}/install/varnish/" \
includes="agentadmin"/> </ins><span class="cx"> \
<zipfileset prefix="web_agents/varnish/instances" \
includes="**" dir="${container.web_agent.logs.dir}"/> \
</span><span class="cx"> <zipfileset \
prefix="web_agents/varnish/logs" includes="**" \
dir="${container.web_agent.logs.dir}" /> </span><span class="cx"> \
<zipfileset filemode="755" prefix="web_agents/varnish/lib" \
dir="${webagents.basedir}/agents/source/varnish/" \
includes="libvmod_am.so"/> </span><span class="cx"> \
<zipfileset dir="${webagents.basedir}/extlib/${build.os.ext}/legal-notices/" \
includes="license.txt" \
fullpath="web_agents/varnish/legal-notices/license.txt"/> </span><ins>+ \
<zipfileset dir="${container.web_agent.config.dir}/" \
includes="OpenSSOAgentBootstrap.template" \
fullpath="web_agents/varnish/conf/OpenSSOAgentBootstrap.template"/> + \
<zipfileset dir="${container.web_agent.config.dir}/" \
includes="OpenSSOAgentConfiguration.template" \
fullpath="web_agents/varnish/conf/OpenSSOAgentConfiguration.template"/> \
</ins><span class="cx"> </zip> </span><span class="cx"> \
<checksum file="${webagents.dist.dir}/${containername}_v30_${build.os}${build.type.suffix}_agent_${agentversion}.zip"
</span><span class="cx"> algorithm="SHA" \
fileext=".sha" /> </span><span class="lines">@@ -199,11 +206,13 @@
</span><span class="cx">
</span><span class="cx"> <target name="varnish302" \
depends="preparebuild, scratch"> </span><span class="cx"> \
<zip file="${webagents.dist.dir}/${containername}_${build.os}${build.type.suffix}_agent_${agentversion}.zip" \
whenempty="create"> </span><del>- <zipfileset \
filemode="755" prefix="web_agents/varnish/bin" \
dir="${webagents.basedir}/extlib/Linux/varnish302_64/bin/" \
includes="agentadmin"/> </del><ins>+ <zipfileset \
filemode="755" prefix="web_agents/varnish/bin" \
dir="${webagents.basedir}/install/varnish/" \
includes="agentadmin"/> </ins><span class="cx"> \
<zipfileset prefix="web_agents/varnish/instances" \
includes="**" dir="${container.web_agent.logs.dir}"/> \
</span><span class="cx"> <zipfileset \
prefix="web_agents/varnish/logs" includes="**" \
dir="${container.web_agent.logs.dir}" /> </span><span class="cx"> \
<zipfileset filemode="755" prefix="web_agents/varnish/lib" \
dir="${webagents.basedir}/agents/source/varnish/" \
includes="libvmod_am.so"/> </span><span class="cx"> \
<zipfileset dir="${webagents.basedir}/extlib/${build.os.ext}/legal-notices/" \
includes="license.txt" \
fullpath="web_agents/varnish/legal-notices/license.txt"/> </span><ins>+ \
<zipfileset dir="${container.web_agent.config.dir}/" \
includes="OpenSSOAgentBootstrap.template" \
fullpath="web_agents/varnish/conf/OpenSSOAgentBootstrap.template"/> + \
<zipfileset dir="${container.web_agent.config.dir}/" \
includes="OpenSSOAgentConfiguration.template" \
fullpath="web_agents/varnish/conf/OpenSSOAgentConfiguration.template"/> \
</ins><span class="cx"> </zip> </span><span class="cx"> \
<checksum file="${webagents.dist.dir}/${containername}_${build.os}${build.type.suffix}_agent_${agentversion}.zip"
</span><span class="cx"> algorithm="SHA" \
fileext=".sha" /> </span></span></pre>
</div>
</div>
<div id="footer">Copyright (c) by ForgeRock. All rights reserved.</div>
</body>
</html>
_______________________________________________
CommitOpenAM mailing list
CommitOpenAM@forgerock.org
https://lists.forgerock.org/mailman/listinfo/commitopenam
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic