Details

      Description

      First problem:
      There seems to be no detailed documentation for authorization modules in the AS7 documentation (only module names/classes are mentioned in the https://docs.jboss.org/author/display/AS71/Security+subsystem+configuration)

      Main problem:
      I've tried to implement XACML PEP test cases to cover JBQA-5146 and as a start point I've used the Anil's sample from the article http://server.dzone.com/articles/security-features-jboss-510-1
      But it seems, the XACMLAuthorizationModule is not initialized at all.

      Please, have a look at org.jboss.as.test.integration.security.xacml.XACMLAuthorizationModuleTestCase in the branch JBQA-5146-basicPEP in https://github.com/kwart/jboss-as/.

      Configuration:

      META-INF/jbossxacml-config.xml
      <ns:jbosspdp xmlns:ns="urn:jboss:xacml:2.0">
      	<ns:Policies>
      		<ns:Policy>
      			<ns:Location>META-INF/xacml-policy.xml</ns:Location>
      		</ns:Policy>
      	</ns:Policies>
      	<ns:Locators>
      		<ns:Locator Name="org.jboss.security.xacml.locators.JBossPolicySetLocator" />
      		<ns:Locator Name="org.jboss.security.xacml.locators.JBossPolicyLocator" />
      	</ns:Locators>
      </ns:jbosspdp>
      
      Security domain configuration
      <security-domain name="test-security-domain">
          <authentication>
              <login-module code="UsersRoles" flag="required"/>
          </authentication>
          <authorization>
              <policy-module code="XACML" flag="required"/>
          </authorization>
      </security-domain>
      

      Am I missing some configuration point?

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  anil.saldhana Anil Saldanha
                  Reporter:
                  jcacek Josef Cacek
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: