portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rwat...@apache.org
Subject svn commit: r1466326 - in /portals/jetspeed-2/portal/trunk: ./ components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/impl/ components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/psml/ components/jetspeed-page-ma...
Date Wed, 10 Apr 2013 04:15:16 GMT
Author: rwatler
Date: Wed Apr 10 04:15:16 2013
New Revision: 1466326

URL: http://svn.apache.org/r1466326
Log:
Update apa-webcontent version to 1.4-SNAPSHOT

Modified:
    portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/impl/SecurityConstraintsImpl.java
    portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/psml/SecurityConstraintsImpl.java
    portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/document/psml/CastorFileSystemDocumentHandler.java
    portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/PageManagerTestShared.java
    portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestMappings.java
    portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestSecureCastorXmlPageManager.java
    portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestSecureDatabasePageManager.java
    portals/jetspeed-2/portal/trunk/pom.xml

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/impl/SecurityConstraintsImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/impl/SecurityConstraintsImpl.java?rev=1466326&r1=1466325&r2=1466326&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/impl/SecurityConstraintsImpl.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/impl/SecurityConstraintsImpl.java Wed Apr 10 04:15:16 2013
@@ -16,14 +16,18 @@
  */
 package org.apache.jetspeed.om.page.impl;
 
-import java.util.Iterator;
-import java.util.List;
-
 import org.apache.jetspeed.om.common.SecurityConstraints;
 import org.apache.jetspeed.om.page.PageSecurity;
 import org.apache.jetspeed.om.page.SecurityConstraintImpl;
-import org.apache.jetspeed.om.page.SecurityConstraintsDef;
+import org.apache.jetspeed.om.page.SecurityConstraintsRefExpression;
+import org.apache.jetspeed.om.page.SecurityConstraintsRefParser;
 import org.apache.jetspeed.page.impl.DatabasePageManagerUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
 
 /**
  * SecurityConstraintsImpl
@@ -33,6 +37,8 @@ import org.apache.jetspeed.page.impl.Dat
  */
 public class SecurityConstraintsImpl implements SecurityConstraints
 {
+    private final static Logger log = LoggerFactory.getLogger(SecurityConstraintsImpl.class);
+
     private String owner;
     private List constraints;
     private List constraintsRefs;
@@ -120,72 +126,100 @@ public class SecurityConstraintsImpl imp
             return;
         }
 
-        // skip missing or empty constraints: permit all access
-        List checkConstraints = getAllSecurityConstraints(pageSecurity);
-        if ((checkConstraints != null) && !checkConstraints.isEmpty())
-        {
-            // test each action, constraints check passes only
-            // if all actions are permitted for principals
-            Iterator actionsIter = actions.iterator();
-            while (actionsIter.hasNext())
+        try
+        {
+            // skip missing or empty constraints: permit all access
+            List checkConstraints = getAllSecurityConstraints(pageSecurity);
+            if ((checkConstraints != null) && !checkConstraints.isEmpty())
             {
-                // check each action:
-                // - if any actions explicity permitted, (including owner),
-                //   assume no permissions are permitted by default
-                // - if all constraints do not specify a permission, assume
-                //   access is permitted by default
-                String action = (String)actionsIter.next();
-                boolean actionPermitted = false;
-                boolean actionNotPermitted = false;
-                boolean anyActionsPermitted = (getOwner() != null);
-                
-                // check against constraints
-                Iterator checkConstraintsIter = checkConstraints.iterator();
-                while (checkConstraintsIter.hasNext())
+                // test each action, constraints check passes only
+                // if all actions are permitted for principals
+                Iterator actionsIter = actions.iterator();
+                while (actionsIter.hasNext())
                 {
-                    SecurityConstraintImpl constraint = (SecurityConstraintImpl)checkConstraintsIter.next();
-                    
-                    // if permissions specified, attempt to match constraint
-                    if (constraint.getPermissions() != null)
+                    // check each action:
+                    // - if any actions explicitly permitted, (including owner),
+                    //   assume no permissions are permitted by default
+                    // - if all constraints do not specify a permission or an
+                    //   expression, assume access is permitted by default
+                    String action = (String)actionsIter.next();
+                    boolean actionPermitted = false;
+                    boolean actionNotPermitted = false;
+                    boolean anyActionsPermitted = (getOwner() != null);
+
+                    // check against constraints and constraint ref expressions
+                    Iterator checkConstraintsIter = checkConstraints.iterator();
+                    while (checkConstraintsIter.hasNext())
                     {
-                        // explicit actions permitted
-                        anyActionsPermitted = true;
+                        Object constraintOrExpression = checkConstraintsIter.next();
+                        if (constraintOrExpression instanceof SecurityConstraintImpl)
+                        {
+                            // check constraint
+                            SecurityConstraintImpl constraint = (SecurityConstraintImpl)constraintOrExpression;
 
-                        // test action permission match and user/role/group principal match
-                        if (constraint.actionMatch(action) &&
-                            constraint.principalsMatch(userPrincipals, rolePrincipals, groupPrincipals, true))
+                            // if permissions specified, attempt to match constraint
+                            if (constraint.getPermissions() != null)
+                            {
+                                // explicit actions permitted
+                                anyActionsPermitted = true;
+
+                                // test action permission match and user/role/group principal match
+                                if (constraint.actionMatch(action) &&
+                                    constraint.principalsMatch(userPrincipals, rolePrincipals, groupPrincipals, true))
+                                {
+                                    actionPermitted = true;
+                                    break;
+                                }
+                            }
+                            else
+                            {
+                                // permissions not specified: not permitted if any principal matched
+                                if (constraint.principalsMatch(userPrincipals, rolePrincipals, groupPrincipals, false))
+                                {
+                                    actionNotPermitted = true;
+                                    break;
+                                }
+                            }
+                        }
+                        else if (constraintOrExpression instanceof SecurityConstraintsRefExpression)
                         {
-                            actionPermitted = true;
-                            break;
+                            // check expression
+                            SecurityConstraintsRefExpression expression = (SecurityConstraintsRefExpression)constraintOrExpression;
+
+                            // assume actions are permitted in expression
+                            anyActionsPermitted = true;
+
+                            // check expression with action permission and user/role/group principals
+                            if (expression.checkExpression(action, userPrincipals, rolePrincipals, groupPrincipals))
+                            {
+                                actionPermitted = true;
+                                break;
+                            }
                         }
                     }
-                    else
+                
+                    // fail if any action not permitted
+                    if ((!actionPermitted && anyActionsPermitted) || actionNotPermitted)
                     {
-                        // permissions not specified: not permitted if any principal matched
-                        if (constraint.principalsMatch(userPrincipals, rolePrincipals, groupPrincipals, false))
-                        {
-                            actionNotPermitted = true;
-                            break;
-                        }
+                        throw new SecurityException("SecurityConstraintsImpl.checkConstraints(): Access for " + action + " not permitted.");
                     }
                 }
-                
-                // fail if any action not permitted
-                if ((!actionPermitted && anyActionsPermitted) || actionNotPermitted)
+            }
+            else
+            {
+                // fail for any action if owner specified
+                // since no other constraints were found
+                if ((getOwner() != null) && !actions.isEmpty())
                 {
-                    throw new SecurityException("SecurityConstraintsImpl.checkConstraints(): Access for " + action + " not permitted.");
+                    String action = (String)actions.get(0);
+                    throw new SecurityException("SecurityConstraintsImpl.checkConstraints(): Access for " + action + " not permitted, (not owner).");
                 }
             }
         }
-        else
+        catch (Exception e)
         {
-            // fail for any action if owner specified
-            // since no other constraints were found
-            if ((getOwner() != null) && !actions.isEmpty())
-            {
-                String action = (String)actions.get(0);
-                throw new SecurityException("SecurityConstraintsImpl.checkConstraints(): Access for " + action + " not permitted, (not owner).");
-            }
+            log.error("Security constraints check exception: "+e);
+            throw new SecurityException("SecurityConstraintsImpl.checkConstraints(): Exception detected: "+e);
         }
     }
 
@@ -202,7 +236,8 @@ public class SecurityConstraintsImpl imp
      * getAllSecurityConstraints
      *
      * @param pageSecurity page security definitions
-     * @return all security constraints
+     * @return all security constraints and constraints ref expressions
+     * @throws RuntimeException if expression parsing error occurs
      */
     private synchronized List getAllSecurityConstraints(PageSecurity pageSecurity)
     {
@@ -213,12 +248,12 @@ public class SecurityConstraintsImpl imp
         }
 
         // construct new ordered security constraints list
-        allConstraints = DatabasePageManagerUtils.createList();
+        List newAllConstraints = new ArrayList();
 
         // add any defined security constraints
         if ((getSecurityConstraints() != null) && !getSecurityConstraints().isEmpty())
         {
-            allConstraints.addAll(securityConstraints);
+            newAllConstraints.addAll(securityConstraints);
         }
 
         // add any security constraints references
@@ -227,11 +262,11 @@ public class SecurityConstraintsImpl imp
             List referencedConstraints = dereferenceSecurityConstraintsRefs(getSecurityConstraintsRefs(), pageSecurity);
             if (referencedConstraints != null)
             {
-                allConstraints.addAll(referencedConstraints);
+                newAllConstraints.addAll(referencedConstraints);
             }
         }
         
-        // add any global decurity constraints references
+        // add any global security constraints references
         if (pageSecurity != null)
         {
             List globalConstraintsRefs = pageSecurity.getGlobalSecurityConstraintsRefs();
@@ -240,12 +275,12 @@ public class SecurityConstraintsImpl imp
                 List referencedConstraints = dereferenceSecurityConstraintsRefs(globalConstraintsRefs, pageSecurity);
                 if (referencedConstraints != null)
                 {
-                    allConstraints.addAll(referencedConstraints);
+                    newAllConstraints.addAll(referencedConstraints);
                 }
             }
         }
-        
-        return allConstraints;
+
+        return allConstraints = newAllConstraints;
     }
 
     /**
@@ -260,9 +295,10 @@ public class SecurityConstraintsImpl imp
     /**
      * dereferenceSecurityConstraintsRefs
      *
-     * @param constraintsRefs contstraints references to be dereferenced
+     * @param constraintsRefs constraints references to be dereferenced
      * @param pageSecurity page security definitions
-     * @return security constraints
+     * @return security constraints and constraints ref expressions
+     * @throws RuntimeException if expression parsing error occurs
      */
     private List dereferenceSecurityConstraintsRefs(List constraintsRefs, PageSecurity pageSecurity)
     {
@@ -274,17 +310,34 @@ public class SecurityConstraintsImpl imp
             while (constraintsRefsIter.hasNext())
             {
                 String constraintsRef = (String)constraintsRefsIter.next();
-                SecurityConstraintsDef securityConstraintsDef = pageSecurity.getSecurityConstraintsDef(constraintsRef);
-                if ((securityConstraintsDef != null) && (securityConstraintsDef.getSecurityConstraints() != null))
+                // parse constraints ref and return constraints/constraints ref expressions
+                Object constraintsOrExpression = SecurityConstraintsRefParser.parse(constraintsRef, pageSecurity);
+                if (constraintsOrExpression instanceof List)
                 {
                     if (constraints == null)
                     {
-                        constraints = DatabasePageManagerUtils.createList();
+                        constraints = new ArrayList();
                     }
-                    constraints.addAll(securityConstraintsDef.getSecurityConstraints());
+                    constraints.addAll((List)constraintsOrExpression);
+                }
+                else if (constraintsOrExpression instanceof SecurityConstraintsRefExpression)
+                {
+                    if (constraints == null)
+                    {
+                        constraints = new ArrayList();
+                    }
+                    constraints.add(constraintsOrExpression);
+                }
+                else if (constraintsOrExpression != null)
+                {
+                    throw new RuntimeException("Unexpected security constraints ref parser result");
                 }
             }
         }
+        else
+        {
+            throw new RuntimeException("Page security definitions not available");
+        }
         return constraints;
     }
 

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/psml/SecurityConstraintsImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/psml/SecurityConstraintsImpl.java?rev=1466326&r1=1466325&r2=1466326&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/psml/SecurityConstraintsImpl.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/om/page/psml/SecurityConstraintsImpl.java Wed Apr 10 04:15:16 2013
@@ -16,18 +16,19 @@
  */
 package org.apache.jetspeed.om.page.psml;
 
+import org.apache.jetspeed.om.common.SecurityConstraints;
+import org.apache.jetspeed.om.page.PageSecurity;
+import org.apache.jetspeed.om.page.SecurityConstraintImpl;
+import org.apache.jetspeed.om.page.SecurityConstraintsRefExpression;
+import org.apache.jetspeed.om.page.SecurityConstraintsRefParser;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.apache.jetspeed.om.common.SecurityConstraints;
-import org.apache.jetspeed.om.page.PageSecurity;
-import org.apache.jetspeed.om.page.SecurityConstraintImpl;
-import org.apache.jetspeed.om.page.SecurityConstraintsDef;
-
 /**
  * <p>
  * SecurityConstraintsImpl
@@ -171,63 +172,101 @@ public class SecurityConstraintsImpl imp
             return;
         }
 
-        // skip missing or empty constraints: permit all access
-        List checkConstraints = getAllSecurityConstraints(pageSecurity);
-        if ((checkConstraints != null) && !checkConstraints.isEmpty())
+        try
         {
-            // test each action, constraints check passes only
-            // if all actions are permitted for principals
-            Iterator actionsIter = actions.iterator();
-            while (actionsIter.hasNext())
+            // skip missing or empty constraints: permit all access
+            List checkConstraints = getAllSecurityConstraints(pageSecurity);
+            if ((checkConstraints != null) && !checkConstraints.isEmpty())
             {
-                // check each action:
-                // - if any actions explicity permitted, assume no permissions
-                //   are permitted by default
-                // - if all constraints do not specify a permission, assume
-                //   access is permitted by default
-                String action = (String)actionsIter.next();
-                boolean actionPermitted = false;
-                boolean actionNotPermitted = false;
-                boolean anyActionsPermitted = false;
-                
-                // check against constraints
-                Iterator checkConstraintsIter = checkConstraints.iterator();
-                while (checkConstraintsIter.hasNext())
+                // test each action, constraints check passes only
+                // if all actions are permitted for principals
+                Iterator actionsIter = actions.iterator();
+                while (actionsIter.hasNext())
                 {
-                    SecurityConstraintImpl constraint = (SecurityConstraintImpl)checkConstraintsIter.next();
-                    
-                    // if permissions specified, attempt to match constraint
-                    if (constraint.getPermissions() != null)
+                    // check each action:
+                    // - if any actions explicitly permitted, (including owner),
+                    //   assume no permissions are permitted by default
+                    // - if all constraints do not specify a permission or an
+                    //   expression, assume access is permitted by default
+                    String action = (String)actionsIter.next();
+                    boolean actionPermitted = false;
+                    boolean actionNotPermitted = false;
+                    boolean anyActionsPermitted = (getOwner() != null);
+
+                    // check against constraints and constraint ref expressions
+                    Iterator checkConstraintsIter = checkConstraints.iterator();
+                    while (checkConstraintsIter.hasNext())
                     {
-                        // explicit actions permitted
-                        anyActionsPermitted = true;
+                        Object constraintOrExpression = checkConstraintsIter.next();
+                        if (constraintOrExpression instanceof SecurityConstraintImpl)
+                        {
+                            // check constraint
+                            SecurityConstraintImpl constraint = (SecurityConstraintImpl)constraintOrExpression;
 
-                        // test action permission match and user/role/group principal match
-                        if (constraint.actionMatch(action) &&
-                            constraint.principalsMatch(userPrincipals, rolePrincipals, groupPrincipals, true))
+                            // if permissions specified, attempt to match constraint
+                            if (constraint.getPermissions() != null)
+                            {
+                                // explicit actions permitted
+                                anyActionsPermitted = true;
+
+                                // test action permission match and user/role/group principal match
+                                if (constraint.actionMatch(action) &&
+                                    constraint.principalsMatch(userPrincipals, rolePrincipals, groupPrincipals, true))
+                                {
+                                    actionPermitted = true;
+                                    break;
+                                }
+                            }
+                            else
+                            {
+                                // permissions not specified: not permitted if any principal matched
+                                if (constraint.principalsMatch(userPrincipals, rolePrincipals, groupPrincipals, false))
+                                {
+                                    actionNotPermitted = true;
+                                    break;
+                                }
+                            }
+                        }
+                        else if (constraintOrExpression instanceof SecurityConstraintsRefExpression)
                         {
-                            actionPermitted = true;
-                            break;
+                            // check expression
+                            SecurityConstraintsRefExpression expression = (SecurityConstraintsRefExpression)constraintOrExpression;
+
+                            // assume actions are permitted in expression
+                            anyActionsPermitted = true;
+
+                            // check expression with action permission and user/role/group principals
+                            if (expression.checkExpression(action, userPrincipals, rolePrincipals, groupPrincipals))
+                            {
+                                actionPermitted = true;
+                                break;
+                            }
                         }
                     }
-                    else
+
+                    // fail if any action not permitted
+                    if ((!actionPermitted && anyActionsPermitted) || actionNotPermitted)
                     {
-                        // permissions not specified: not permitted if any principal matched
-                        if (constraint.principalsMatch(userPrincipals, rolePrincipals, groupPrincipals, false))
-                        {
-                            actionNotPermitted = true;
-                            break;
-                        }
+                        throw new SecurityException("SecurityConstraintsImpl.checkConstraints(): Access for " + action + " not permitted.");
                     }
                 }
-                
-                // fail if any action not permitted
-                if ((!actionPermitted && anyActionsPermitted) || actionNotPermitted)
+            }
+            else
+            {
+                // fail for any action if owner specified
+                // since no other constraints were found
+                if ((getOwner() != null) && !actions.isEmpty())
                 {
-                    throw new SecurityException("SecurityConstraintsImpl.checkConstraints(): Access for " + action + " not permitted.");
+                    String action = (String)actions.get(0);
+                    throw new SecurityException("SecurityConstraintsImpl.checkConstraints(): Access for " + action + " not permitted, (not owner).");
                 }
             }
         }
+        catch (Exception e)
+        {
+            log.error("Security constraints check exception: "+e);
+            throw new SecurityException("SecurityConstraintsImpl.checkConstraints(): Exception detected: "+e);
+        }
     }
 
     /**
@@ -236,7 +275,8 @@ public class SecurityConstraintsImpl imp
      * </p>
      *
      * @param pageSecurity
-     * @return all security constraints
+     * @return all security constraints and constraints ref expressions
+     * @throws RuntimeException if expression parsing error occurs
      */
     private synchronized List getAllSecurityConstraints(PageSecurity pageSecurity)
     {
@@ -248,12 +288,12 @@ public class SecurityConstraintsImpl imp
         }
 
         // construct new ordered security constraints list
-        allConstraints = Collections.synchronizedList(new ArrayList(8));
+        List newAllConstraints = new ArrayList();
 
         // add any defined security constraints
         if (constraints != null)
         {
-            allConstraints.addAll(constraints);
+            newAllConstraints.addAll(constraints);
         }
 
         // add any security constraints references
@@ -262,7 +302,7 @@ public class SecurityConstraintsImpl imp
             List referencedConstraints = dereferenceSecurityConstraintsRefs(constraintsRefs, pageSecurity);
             if (referencedConstraints != null)
             {
-                allConstraints.addAll(referencedConstraints);
+                newAllConstraints.addAll(referencedConstraints);
             }
         }
 
@@ -275,12 +315,12 @@ public class SecurityConstraintsImpl imp
                 List referencedConstraints = dereferenceSecurityConstraintsRefs(globalConstraintsRefs, pageSecurity);
                 if (referencedConstraints != null)
                 {
-                    allConstraints.addAll(referencedConstraints);
+                    newAllConstraints.addAll(referencedConstraints);
                 }
             }
         }   
 
-        return allConstraints;
+        return allConstraints = newAllConstraints;
     }
 
     /**
@@ -288,14 +328,15 @@ public class SecurityConstraintsImpl imp
      * dereferenceSecurityConstraintsRefs
      * </p>
      *
-     * @param constraintsRefs
-     * @param pageSecurity
-     * @return security constraints
+     * @param constraintsRefs constraints references to be dereferenced
+     * @param pageSecurity page security definitions
+     * @return security constraints and constraints ref expressions
+     * @throws RuntimeException if expression parsing error occurs
      */
     private List dereferenceSecurityConstraintsRefs(List constraintsRefs, PageSecurity pageSecurity)
     {
         // access security document to dereference security
-        // constriants definitions
+        // constraints definitions
         List constraints = null;
         if (pageSecurity != null)
         {   
@@ -304,26 +345,34 @@ public class SecurityConstraintsImpl imp
             while (constraintsRefsIter.hasNext())
             {
                 String constraintsRef = (String)constraintsRefsIter.next();
-                SecurityConstraintsDef securityConstraintsDef = pageSecurity.getSecurityConstraintsDef(constraintsRef);
-                if ((securityConstraintsDef != null) && (securityConstraintsDef.getSecurityConstraints() != null))
+                // parse constraints ref and return constraints/constraints ref expressions
+                Object constraintsOrExpression = SecurityConstraintsRefParser.parse(constraintsRef, pageSecurity);
+                if (constraintsOrExpression instanceof List)
+                {
+                    if (constraints == null)
+                    {
+                        constraints = new ArrayList();
+                    }
+                    constraints.addAll((List)constraintsOrExpression);
+                }
+                else if (constraintsOrExpression instanceof SecurityConstraintsRefExpression)
                 {
                     if (constraints == null)
                     {
-                        constraints = Collections.synchronizedList(new ArrayList(constraintsRefs.size()));
+                        constraints = new ArrayList();
                     }
-                    constraints.addAll(securityConstraintsDef.getSecurityConstraints());
+                    constraints.add(constraintsOrExpression);
                 }
-                else
+                else if (constraintsOrExpression != null)
                 {
-                    log.error("dereferenceSecurityConstraintsRefs(): Unable to dereference \"" + constraintsRef + "\" security constraints definition.");
+                    throw new RuntimeException("Unexpected security constraints ref parser result");
                 }
             }
         }
         else
         {
-            log.error("dereferenceSecurityConstraintsRefs(): Missing page security, unable to dereference security constraints definitions.");
+            throw new RuntimeException("Page security definitions not available");
         }
-        
         return constraints;
     }
 }

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/document/psml/CastorFileSystemDocumentHandler.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/document/psml/CastorFileSystemDocumentHandler.java?rev=1466326&r1=1466325&r2=1466326&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/document/psml/CastorFileSystemDocumentHandler.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/document/psml/CastorFileSystemDocumentHandler.java Wed Apr 10 04:15:16 2013
@@ -126,7 +126,13 @@ public class CastorFileSystemDocumentHan
         this.format = new OutputFormat("    ", true, PSML_DOCUMENT_ENCODING);
         this.format.setXHTML(true);
         this.format.setExpandEmptyElements(false);
-        
+
+        String javaVersion = System.getProperty("java.version");
+        if ((javaVersion.startsWith("1.3.") || javaVersion.startsWith("1.4.")) && (System.getProperty("org.xml.sax.driver") == null))
+        {
+            System.setProperty("org.xml.sax.driver", "org.apache.xerces.parsers.SAXParser");
+            log.info("SAX driver configured: "+System.getProperty("org.xml.sax.driver"));
+        }        
         SAXParserFactory factory = SAXParserFactory.newInstance();
         SAXParser parser = factory.newSAXParser();
         

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/PageManagerTestShared.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/PageManagerTestShared.java?rev=1466326&r1=1466325&r2=1466326&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/PageManagerTestShared.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/PageManagerTestShared.java Wed Apr 10 04:15:16 2013
@@ -16,34 +16,11 @@
  */
 package org.apache.jetspeed.page;
 
-import java.io.File;
-import java.io.FileFilter;
-import java.security.CodeSource;
-import java.security.Permission;
-import java.security.PermissionCollection;
-import java.security.Permissions;
-import java.security.Policy;
-import java.security.Principal;
-import java.security.PrivilegedAction;
-import java.security.ProtectionDomain;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.StringTokenizer;
-
-import javax.security.auth.Subject;
-
 import junit.framework.TestCase;
-
 import net.sf.ehcache.CacheManager;
-
 import org.apache.jetspeed.JetspeedActions;
 import org.apache.jetspeed.cache.file.FileCache;
+import org.apache.jetspeed.cache.impl.EhCacheImpl;
 import org.apache.jetspeed.idgenerator.IdGenerator;
 import org.apache.jetspeed.idgenerator.JetspeedIdGenerator;
 import org.apache.jetspeed.om.common.SecurityConstraint;
@@ -73,11 +50,11 @@ import org.apache.jetspeed.page.document
 import org.apache.jetspeed.page.document.psml.DocumentHandlerFactoryImpl;
 import org.apache.jetspeed.page.document.psml.FileSystemFolderHandler;
 import org.apache.jetspeed.page.psml.CastorXmlPageManager;
+import org.apache.jetspeed.security.Group;
 import org.apache.jetspeed.security.JSSubject;
 import org.apache.jetspeed.security.JetspeedPermission;
 import org.apache.jetspeed.security.JetspeedPrincipal;
 import org.apache.jetspeed.security.JetspeedPrincipalType;
-import org.apache.jetspeed.security.Group;
 import org.apache.jetspeed.security.PermissionFactory;
 import org.apache.jetspeed.security.PrincipalsSet;
 import org.apache.jetspeed.security.Role;
@@ -89,7 +66,27 @@ import org.apache.jetspeed.security.spi.
 import org.apache.jetspeed.security.spi.impl.FragmentPermission;
 import org.apache.jetspeed.security.spi.impl.JetspeedPermissionFactory;
 import org.apache.jetspeed.security.spi.impl.PagePermission;
-import org.apache.jetspeed.cache.impl.EhCacheImpl;
+
+import javax.security.auth.Subject;
+import java.io.File;
+import java.io.FileFilter;
+import java.security.CodeSource;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Permissions;
+import java.security.Policy;
+import java.security.Principal;
+import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.StringTokenizer;
 
 /**
  * PageManagerTestShared
@@ -243,8 +240,8 @@ public interface PageManagerTestShared
         /**
          * testSecurePageManager
          *
-         * @param test case
-         * @param page manager
+         * @param test test case
+         * @param pageManager page manager
          */
         static void testSecurePageManager(final TestCase test, final PageManager pageManager) throws Exception
         {
@@ -719,6 +716,449 @@ public interface PageManagerTestShared
                 throw cleanup;
             }
         }
+
+        /**
+         * testSecurityConstraintsRefExpressions
+         *
+         * @param test test case
+         * @param pageManager page manager
+         */
+        static void testSecurityConstraintsRefExpressions(final TestCase test, final PageManager pageManager) throws Exception
+        {
+            // reset page manager cache
+            pageManager.reset();
+
+            // setup test subjects
+            Set principals = new PrincipalsSet();
+            principals.add(new TestUser("admin"));
+            Subject adminSubject = new Subject(true, principals, new HashSet(), new HashSet());
+
+            principals = new PrincipalsSet();
+            principals.add(new TestUser("user-with-admin"));
+            principals.add(new TestRole("admin"));
+            Subject userWithAdminSubject = new Subject(true, principals, new HashSet(), new HashSet());
+
+            principals = new PrincipalsSet();
+            principals.add(new TestUser("user"));
+            Subject userSubject = new Subject(true, principals, new HashSet(), new HashSet());
+
+            principals = new PrincipalsSet();
+            principals.add(new TestUser("test-group-user"));
+            principals.add(new TestGroup("test-group"));
+            Subject testGroupUserSubject = new Subject(true, principals, new HashSet(), new HashSet());
+
+            principals = new PrincipalsSet();
+            principals.add(new TestUser("test-role-user"));
+            principals.add(new TestRole("test-role"));
+            Subject testRoleUserSubject = new Subject(true, principals, new HashSet(), new HashSet());
+
+            principals = new PrincipalsSet();
+            principals.add(new TestUser("test-group-role-user"));
+            principals.add(new TestGroup("test-group"));
+            principals.add(new TestRole("test-role"));
+            Subject testGroupRoleUserSubject = new Subject(true, principals, new HashSet(), new HashSet());
+
+            // setup test as admin
+            Exception setup = (Exception) JSSubject.doAsPrivileged(adminSubject, new PrivilegedAction()
+            {
+                public Object run()
+                {
+                    try
+                    {
+                        // reset page manager to initial state
+                        try
+                        {
+                            Folder removeRootFolder = pageManager.getFolder("/");
+                            pageManager.removeFolder(removeRootFolder);
+                            pageManager.reset();
+                        }
+                        catch (FolderNotFoundException e)
+                        {
+                        }
+
+                        // create test documents and folders
+                        Folder folder = pageManager.newFolder("/");
+                        SecurityConstraints constraints = pageManager.newSecurityConstraints();
+                        constraints.setOwner("admin");
+                        List constraintsRefs = new ArrayList(1);
+                        constraintsRefs.add("public-view");
+                        constraints.setSecurityConstraintsRefs(constraintsRefs);
+                        folder.setSecurityConstraints(constraints);
+                        pageManager.updateFolder(folder);
+
+                        PageSecurity pageSecurity = pageManager.newPageSecurity();
+                        List constraintsDefs = new ArrayList(5);
+                        SecurityConstraintsDef constraintsDef = pageManager.newSecurityConstraintsDef();
+                        constraintsDef.setName("public-view");
+                        List defConstraints = new ArrayList(1);
+                        SecurityConstraint defConstraint = pageManager.newPageSecuritySecurityConstraint();
+                        defConstraint.setUsers(Shared.makeListFromCSV("*"));
+                        defConstraint.setPermissions(Shared.makeListFromCSV("view"));
+                        defConstraints.add(defConstraint);
+                        constraintsDef.setSecurityConstraints(defConstraints);
+                        constraintsDefs.add(constraintsDef);
+                        constraintsDef = pageManager.newSecurityConstraintsDef();
+                        constraintsDef.setName("test-group");
+                        defConstraints = new ArrayList(1);
+                        defConstraint = pageManager.newPageSecuritySecurityConstraint();
+                        defConstraint.setGroups(Shared.makeListFromCSV("test-group"));
+                        defConstraint.setPermissions(Shared.makeListFromCSV("view"));
+                        defConstraints.add(defConstraint);
+                        constraintsDef.setSecurityConstraints(defConstraints);
+                        constraintsDefs.add(constraintsDef);
+                        constraintsDef = pageManager.newSecurityConstraintsDef();
+                        constraintsDef.setName("test-role");
+                        defConstraints = new ArrayList(1);
+                        defConstraint = pageManager.newPageSecuritySecurityConstraint();
+                        defConstraint.setRoles(Shared.makeListFromCSV("test-role"));
+                        defConstraint.setPermissions(Shared.makeListFromCSV("view"));
+                        defConstraints.add(defConstraint);
+                        constraintsDef.setSecurityConstraints(defConstraints);
+                        constraintsDefs.add(constraintsDef);
+                        constraintsDef = pageManager.newSecurityConstraintsDef();
+                        constraintsDef.setName("admin-role");
+                        defConstraints = new ArrayList(1);
+                        defConstraint = pageManager.newPageSecuritySecurityConstraint();
+                        defConstraint.setRoles(Shared.makeListFromCSV("admin"));
+                        defConstraint.setPermissions(Shared.makeListFromCSV("view,edit"));
+                        defConstraints.add(defConstraint);
+                        constraintsDef.setSecurityConstraints(defConstraints);
+                        constraintsDefs.add(constraintsDef);
+                        constraintsDef = pageManager.newSecurityConstraintsDef();
+                        constraintsDef.setName("admin-user");
+                        defConstraints = new ArrayList(1);
+                        defConstraint = pageManager.newPageSecuritySecurityConstraint();
+                        defConstraint.setUsers(Shared.makeListFromCSV("admin"));
+                        defConstraint.setPermissions(Shared.makeListFromCSV("view,edit"));
+                        defConstraints.add(defConstraint);
+                        constraintsDef.setSecurityConstraints(defConstraints);
+                        constraintsDefs.add(constraintsDef);
+                        pageSecurity.setSecurityConstraintsDefs(constraintsDefs);
+                        List globalConstraintsRefs = new ArrayList(1);
+                        globalConstraintsRefs.add("admin-role or admin-user");
+                        pageSecurity.setGlobalSecurityConstraintsRefs(globalConstraintsRefs);
+                        pageManager.updatePageSecurity(pageSecurity);
+
+                        Page page = pageManager.newPage("/default-page.psml");
+                        constraints = pageManager.newSecurityConstraints();
+                        constraints.setOwner("admin");
+                        constraintsRefs = new ArrayList(1);
+                        constraintsRefs.add("public-view");
+                        constraints.setSecurityConstraintsRefs(constraintsRefs);
+                        page.setSecurityConstraints(constraints);
+                        pageManager.updatePage(page);
+
+                        page = pageManager.newPage("/or-page.psml");
+                        constraints = pageManager.newSecurityConstraints();
+                        constraints.setOwner("admin");
+                        List inlineConstraints = new ArrayList(1);
+                        SecurityConstraint constraint = pageManager.newPageSecurityConstraint();
+                        constraint.setUsers(Shared.makeListFromCSV("user"));
+                        constraint.setPermissions(Shared.makeListFromCSV("view"));
+                        inlineConstraints.add(constraint);
+                        constraints.setSecurityConstraints(inlineConstraints);
+                        constraintsRefs = new ArrayList(1);
+                        constraintsRefs.add("test-group || test-role");
+                        constraints.setSecurityConstraintsRefs(constraintsRefs);
+                        page.setSecurityConstraints(constraints);
+                        pageManager.updatePage(page);
+
+                        page = pageManager.newPage("/and-page.psml");
+                        constraints = pageManager.newSecurityConstraints();
+                        constraints.setOwner("admin");
+                        constraintsRefs = new ArrayList(1);
+                        constraintsRefs.add("test-group and test-role");
+                        constraints.setSecurityConstraintsRefs(constraintsRefs);
+                        page.setSecurityConstraints(constraints);
+                        pageManager.updatePage(page);
+
+                        page = pageManager.newPage("/not-page.psml");
+                        constraints = pageManager.newSecurityConstraints();
+                        constraints.setOwner("admin");
+                        constraintsRefs = new ArrayList(1);
+                        constraintsRefs.add("not test-role");
+                        constraints.setSecurityConstraintsRefs(constraintsRefs);
+                        page.setSecurityConstraints(constraints);
+                        pageManager.updatePage(page);
+
+                        page = pageManager.newPage("/and-not-page.psml");
+                        constraints = pageManager.newSecurityConstraints();
+                        constraints.setOwner("admin");
+                        constraintsRefs = new ArrayList(1);
+                        constraintsRefs.add("public-view and not test-group");
+                        constraints.setSecurityConstraintsRefs(constraintsRefs);
+                        page.setSecurityConstraints(constraints);
+                        pageManager.updatePage(page);
+
+                        page = pageManager.newPage("/paren-page.psml");
+                        constraints = pageManager.newSecurityConstraints();
+                        constraints.setOwner("admin");
+                        constraintsRefs = new ArrayList(1);
+                        constraintsRefs.add("((test-group||test-role)&&!admin-role)");
+                        constraints.setSecurityConstraintsRefs(constraintsRefs);
+                        page.setSecurityConstraints(constraints);
+                        pageManager.updatePage(page);
+
+                        return null;
+                    }
+                    catch (Exception e)
+                    {
+                        return e;
+                    }
+                    finally
+                    {
+                        JSSubject.clearSubject();
+                    }
+                }
+            }, null);
+            if (setup != null)
+            {
+                throw setup;
+            }
+
+            // reset page manager
+            pageManager.reset();
+
+            // test as admin
+            Exception adminAccess = (Exception) JSSubject.doAsPrivileged(adminSubject, new PrivilegedAction()
+            {
+                public Object run()
+                {
+                    try
+                    {
+                        assertPageAccessGranted(pageManager, "/default-page.psml");
+                        assertPageAccessGranted(pageManager, "/or-page.psml");
+                        assertPageAccessGranted(pageManager, "/and-page.psml");
+                        assertPageAccessGranted(pageManager, "/not-page.psml");
+                        assertPageAccessGranted(pageManager, "/and-not-page.psml");
+                        assertPageAccessGranted(pageManager, "/paren-page.psml");
+                        return null;
+                    }
+                    catch (Exception e)
+                    {
+                        return e;
+                    }
+                    finally
+                    {
+                        JSSubject.clearSubject();
+                    }
+                }
+            }, null);
+            if (adminAccess != null)
+            {
+                throw adminAccess;
+            }
+
+            // test as user with admin
+            Exception userWithAdminAccess = (Exception) JSSubject.doAsPrivileged(userWithAdminSubject, new PrivilegedAction()
+            {
+                public Object run()
+                {
+                    try
+                    {
+                        assertPageAccessGranted(pageManager, "/default-page.psml");
+                        assertPageAccessGranted(pageManager, "/or-page.psml");
+                        assertPageAccessGranted(pageManager, "/and-page.psml");
+                        assertPageAccessGranted(pageManager, "/not-page.psml");
+                        assertPageAccessGranted(pageManager, "/and-not-page.psml");
+                        assertPageAccessGranted(pageManager, "/paren-page.psml");
+                        return null;
+                    }
+                    catch (Exception e)
+                    {
+                        return e;
+                    }
+                    finally
+                    {
+                        JSSubject.clearSubject();
+                    }
+                }
+            }, null);
+            if (userWithAdminAccess != null)
+            {
+                throw userWithAdminAccess;
+            }
+
+            // test as user
+            Exception userAccess = (Exception) JSSubject.doAsPrivileged(userSubject, new PrivilegedAction()
+            {
+                public Object run()
+                {
+                    try
+                    {
+                        assertPageAccessGranted(pageManager, "/default-page.psml");
+                        assertPageAccessGranted(pageManager, "/or-page.psml");
+                        assertPageAccessDenied(pageManager, "/and-page.psml");
+                        assertPageAccessGranted(pageManager, "/not-page.psml");
+                        assertPageAccessGranted(pageManager, "/and-not-page.psml");
+                        assertPageAccessDenied(pageManager, "/paren-page.psml");
+                        return null;
+                    }
+                    catch (Exception e)
+                    {
+                        return e;
+                    }
+                    finally
+                    {
+                        JSSubject.clearSubject();
+                    }
+                }
+            }, null);
+            if (userAccess != null)
+            {
+                throw userAccess;
+            }
+
+            // test as test group user
+            Exception testGroupUserAccess = (Exception) JSSubject.doAsPrivileged(testGroupUserSubject, new PrivilegedAction()
+            {
+                public Object run()
+                {
+                    try
+                    {
+                        assertPageAccessGranted(pageManager, "/default-page.psml");
+                        assertPageAccessGranted(pageManager, "/or-page.psml");
+                        assertPageAccessDenied(pageManager, "/and-page.psml");
+                        assertPageAccessGranted(pageManager, "/not-page.psml");
+                        assertPageAccessDenied(pageManager, "/and-not-page.psml");
+                        assertPageAccessGranted(pageManager, "/paren-page.psml");
+                        return null;
+                    }
+                    catch (Exception e)
+                    {
+                        return e;
+                    }
+                    finally
+                    {
+                        JSSubject.clearSubject();
+                    }
+                }
+            }, null);
+            if (testGroupUserAccess != null)
+            {
+                throw testGroupUserAccess;
+            }
+
+            // test as test role user
+            Exception testRoleUserAccess = (Exception) JSSubject.doAsPrivileged(testRoleUserSubject, new PrivilegedAction()
+            {
+                public Object run()
+                {
+                    try
+                    {
+                        assertPageAccessGranted(pageManager, "/default-page.psml");
+                        assertPageAccessGranted(pageManager, "/or-page.psml");
+                        assertPageAccessDenied(pageManager, "/and-page.psml");
+                        assertPageAccessDenied(pageManager, "/not-page.psml");
+                        assertPageAccessGranted(pageManager, "/and-not-page.psml");
+                        assertPageAccessGranted(pageManager, "/paren-page.psml");
+                        return null;
+                    }
+                    catch (Exception e)
+                    {
+                        return e;
+                    }
+                    finally
+                    {
+                        JSSubject.clearSubject();
+                    }
+                }
+            }, null);
+            if (testRoleUserAccess != null)
+            {
+                throw testRoleUserAccess;
+            }
+
+            // test as test group role user
+            Exception testGroupRoleUserAccess = (Exception) JSSubject.doAsPrivileged(testGroupRoleUserSubject, new PrivilegedAction()
+            {
+                public Object run()
+                {
+                    try
+                    {
+                        assertPageAccessGranted(pageManager, "/default-page.psml");
+                        assertPageAccessGranted(pageManager, "/or-page.psml");
+                        assertPageAccessGranted(pageManager, "/and-page.psml");
+                        assertPageAccessDenied(pageManager, "/not-page.psml");
+                        assertPageAccessDenied(pageManager, "/and-not-page.psml");
+                        assertPageAccessGranted(pageManager, "/paren-page.psml");
+                        return null;
+                    }
+                    catch (Exception e)
+                    {
+                        return e;
+                    }
+                    finally
+                    {
+                        JSSubject.clearSubject();
+                    }
+                }
+            }, null);
+            if (testGroupRoleUserAccess != null)
+            {
+                throw testGroupRoleUserAccess;
+            }
+
+            // cleanup test as admin user
+            Exception cleanup = (Exception)JSSubject.doAsPrivileged(adminSubject, new PrivilegedAction()
+            {
+                public Object run()
+                {
+                    try
+                    {
+                        // cleanup by removing root folder
+                        try
+                        {
+                            Folder remove = pageManager.getFolder("/");
+                            TestCase.assertEquals("/", remove.getPath());
+                            pageManager.removeFolder(remove);
+                        }
+                        catch (FolderNotFoundException e)
+                        {
+                            TestCase.assertTrue("Folder / NOT FOUND", false);
+                        }
+
+                        return null;
+                    }
+                    catch (Exception e)
+                    {
+                        return e;
+                    }
+                    finally
+                    {
+                        JSSubject.clearSubject();
+                    }
+                }
+            }, null);
+            if (cleanup != null)
+            {
+                throw cleanup;
+            }
+        }
+
+        static void assertPageAccessGranted(PageManager pageManager, String path) throws Exception
+        {
+            try
+            {
+                pageManager.getPage(path);
+            }
+            catch (SecurityException se)
+            {
+                TestCase.fail("Page "+path+" access denied");
+            }
+        }
+
+        static void assertPageAccessDenied(PageManager pageManager, String path) throws Exception
+        {
+            try
+            {
+                pageManager.getPage(path);
+                TestCase.fail("Page "+path+" access granted");
+            }
+            catch (SecurityException se)
+            {
+            }
+        }
     }
 
     /**

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestMappings.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestMappings.java?rev=1466326&r1=1466325&r2=1466326&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestMappings.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestMappings.java Wed Apr 10 04:15:16 2013
@@ -38,6 +38,7 @@ public class TestMappings extends TestCa
                 "JETSPEED-INF/castor/page-mapping.xml")));
 
         // 2. Unmarshal the data
+        System.setProperty("org.xml.sax.driver", "org.apache.xerces.parsers.SAXParser");
         Unmarshaller unmar = new Unmarshaller(mapping);
         Fragment fragment = (Fragment) unmar.unmarshal(new InputSource(getClass().getClassLoader().getResourceAsStream(
                 "fragment-test.xml")));

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestSecureCastorXmlPageManager.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestSecureCastorXmlPageManager.java?rev=1466326&r1=1466325&r2=1466326&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestSecureCastorXmlPageManager.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestSecureCastorXmlPageManager.java Wed Apr 10 04:15:16 2013
@@ -93,4 +93,13 @@ public class TestSecureCastorXmlPageMana
         // utilize standard secure page manager test
         Shared.testSecurePageManager(this, pageManager);
     }
+
+    public void testSecurityConstraintsRefExpressions() throws Exception
+    {
+        if (pageManager.getConstraintsEnabled())
+        {
+            // utilize standard secure page manager test
+            Shared.testSecurityConstraintsRefExpressions(this, pageManager);
+        }
+    }
 }

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestSecureDatabasePageManager.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestSecureDatabasePageManager.java?rev=1466326&r1=1466325&r2=1466326&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestSecureDatabasePageManager.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-page-manager/src/test/java/org/apache/jetspeed/page/TestSecureDatabasePageManager.java Wed Apr 10 04:15:16 2013
@@ -49,6 +49,17 @@ public class TestSecureDatabasePageManag
     public void testSecurePageManager() throws Exception
     {
         // utilize standard secure page manager test
-        Shared.testSecurePageManager(this, (PageManager)scm.getComponent("pageManager"));
+        PageManager pageManager = (PageManager)scm.getComponent("pageManager");
+        Shared.testSecurePageManager(this, pageManager);
+    }
+
+    public void testSecurityConstraintsRefExpressions() throws Exception
+    {
+        PageManager pageManager = (PageManager)scm.getComponent("pageManager");
+        if (pageManager.getConstraintsEnabled())
+        {
+            // utilize standard secure page manager test
+            Shared.testSecurityConstraintsRefExpressions(this, pageManager);
+        }
     }
 }

Modified: portals/jetspeed-2/portal/trunk/pom.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/pom.xml?rev=1466326&r1=1466325&r2=1466326&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/pom.xml (original)
+++ portals/jetspeed-2/portal/trunk/pom.xml Wed Apr 10 04:15:16 2013
@@ -280,7 +280,7 @@
     <org.apache.portals.applications.apa-gems.version>1.1</org.apache.portals.applications.apa-gems.version>
     <org.apache.portals.applications.apa-logging.version>1.0</org.apache.portals.applications.apa-logging.version>
     <org.apache.portals.applications.apa-rss.version>1.2</org.apache.portals.applications.apa-rss.version>
-    <org.apache.portals.applications.apa-webcontent.version>1.3-SNAPSHOT</org.apache.portals.applications.apa-webcontent.version>
+    <org.apache.portals.applications.apa-webcontent.version>1.4-SNAPSHOT</org.apache.portals.applications.apa-webcontent.version>
     <org.apache.portals.applications.apa-dbbrowser.version>1.2</org.apache.portals.applications.apa-dbbrowser.version>
     <org.openid4java.version>0.9.5</org.openid4java.version>
     <oro.version>2.0.8</oro.version>



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message