[jboss-cvs] JBossAS SVN: r92269 - in projects/security/security-xacml/tags: 2.0.4 and 33 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Aug 12 10:36:41 EDT 2009
Author: anil.saldhana at jboss.com
Date: 2009-08-12 10:36:37 -0400 (Wed, 12 Aug 2009)
New Revision: 92269
Added:
projects/security/security-xacml/tags/2.0.4/
projects/security/security-xacml/tags/2.0.4/assembly/pom.xml
projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/jbossxacml.xml
projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/modules/dependencies.xml
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/pom.xml
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/BasicEvaluationCtx.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/AnyURIAttribute.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/BaseAttributeFactory.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/TimeAttribute.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/attr/TimeAttributeUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request/
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request/RequestReadUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/policies/anyurl/
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/policies/anyurl/anyurl-policy.xml
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/requests/
projects/security/security-xacml/tags/2.0.4/jboss-xacml/pom.xml
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/JBossPolicyFinder.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/PolicySetFinderModule.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossPDP.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossXACMLPolicy.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/SecurityActions.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/PolicyFactory.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/RequestAttributeFactory.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/SecurityActions.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/PolicyLocator.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/jaxb/PDP.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/AbstractJBossPolicyLocator.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicyLocator.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicySetLocator.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/SecurityActions.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/util/JBossXACMLEntityResolver.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/util/SecurityActions.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/resources/schema/jbossxacml-2.0.xsd
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/resources/schema/xmlschema/
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/XACMLUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/config/JBossXACMLConfigUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JBossPDPUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JustLocatorUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/model/RequestContextAttributeFactoryUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/interop/himss09/
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/locators/TestPolicySetLocator.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/logging.properties
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/config/himss09-interop-config.xml
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/config/locator/
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/policies/interop/himss09/himss-policy-01.xml
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/requests/interop/himss09/
projects/security/security-xacml/tags/2.0.4/parent/pom.xml
projects/security/security-xacml/tags/2.0.4/pom.xml
Removed:
projects/security/security-xacml/tags/2.0.4/assembly/pom.xml
projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/jbossxacml.xml
projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/modules/dependencies.xml
projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/modules/soapsamlxacml.xml
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/pom.xml
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/BasicEvaluationCtx.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/AnyURIAttribute.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/BaseAttributeFactory.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/TimeAttribute.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request/RequestReadUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/policies/anyurl/anyurl-policy.xml
projects/security/security-xacml/tags/2.0.4/jboss-xacml/pom.xml
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/JBossPolicyFinder.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/PolicySetFinderModule.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossPDP.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossXACMLPolicy.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/SecurityActions.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/PolicyFactory.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/RequestAttributeFactory.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/PolicyLocator.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/jaxb/PDP.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/AbstractJBossPolicyLocator.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicyLocator.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicySetLocator.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/SecurityActions.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/resources/schema/jbossxacml-2.0.xsd
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/XACMLUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/config/JBossXACMLConfigUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JBossPDPUnitTestCase.java
projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/config/himss09-interop-config.xml
projects/security/security-xacml/tags/2.0.4/parent/pom.xml
projects/security/security-xacml/tags/2.0.4/pom.xml
Log:
[maven-release-plugin] copy for tag 2.0.4
Copied: projects/security/security-xacml/tags/2.0.4 (from rev 86468, projects/security/security-xacml/trunk)
Deleted: projects/security/security-xacml/tags/2.0.4/assembly/pom.xml
===================================================================
--- projects/security/security-xacml/trunk/assembly/pom.xml 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/assembly/pom.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,62 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <parent>
- <groupId>org.jboss.security</groupId>
- <artifactId>jboss-xacml-project</artifactId>
- <version>2.0.3.CR4-SNAPSHOT</version>
- <relativePath>../parent</relativePath>
- </parent>
- <modelVersion>4.0.0</modelVersion>
- <artifactId>jbossxacml</artifactId>
- <packaging>pom</packaging>
- <name>JBoss XACML- Assembly</name>
- <url>http://labs.jboss.org/portal/jbosssecurity/</url>
- <description>JBoss XACML</description>
- <licenses>
- <license>
- <name>lgpl</name>
- <url>http://repository.jboss.com/licenses/lgpl.txt</url>
- </license>
- </licenses>
- <organization>
- <name>JBoss Inc.</name>
- <url>http://www.jboss.org</url>
- </organization>
-
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-assembly-plugin</artifactId>
- <version>2.1</version>
- <executions>
- <execution>
- <phase>package</phase>
- <goals>
- <goal>attached</goal>
- </goals>
- </execution>
- </executions>
- <configuration>
- <archive>
- <manifestEntries>
- <Specification-Title>JBoss XACML</Specification-Title>
- <Specification-Version>${project.version}</Specification-Version>
- <Specification-Vendor>Red Hat Middleware LLC</Specification-Vendor>
- <Implementation-Title>JBoss XACML</Implementation-Title>
- <Implementation-Version>${project.version}</Implementation-Version>
- <Implementation-VendorId>org.jboss.security</Implementation-VendorId>
- <Implementation-Vendor>Red Hat Middleware LLC</Implementation-Vendor>
- <Implementation-URL>http://labs.jboss.org/portal/jbosssecurity/</Implementation-URL>
- </manifestEntries>
- </archive>
- <descriptors>
- <descriptor>bin.xml</descriptor>
- <descriptor>sources.xml</descriptor>
- </descriptors>
- </configuration>
- <inherited>false</inherited>
- </plugin>
- </plugins>
- </build>
-
-</project>
Copied: projects/security/security-xacml/tags/2.0.4/assembly/pom.xml (from rev 92268, projects/security/security-xacml/trunk/assembly/pom.xml)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/assembly/pom.xml (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/assembly/pom.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,62 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-xacml-project</artifactId>
+ <version>2.0.4</version>
+ <relativePath>../parent</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>jbossxacml</artifactId>
+ <packaging>pom</packaging>
+ <name>JBoss XACML- Assembly</name>
+ <url>http://labs.jboss.org/portal/jbosssecurity/</url>
+ <description>JBoss XACML</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <version>2.1</version>
+ <executions>
+ <execution>
+ <phase>package</phase>
+ <goals>
+ <goal>attached</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <archive>
+ <manifestEntries>
+ <Specification-Title>JBoss XACML</Specification-Title>
+ <Specification-Version>${project.version}</Specification-Version>
+ <Specification-Vendor>Red Hat Middleware LLC</Specification-Vendor>
+ <Implementation-Title>JBoss XACML</Implementation-Title>
+ <Implementation-Version>${project.version}</Implementation-Version>
+ <Implementation-VendorId>org.jboss.security</Implementation-VendorId>
+ <Implementation-Vendor>Red Hat Middleware LLC</Implementation-Vendor>
+ <Implementation-URL>http://labs.jboss.org/portal/jbosssecurity/</Implementation-URL>
+ </manifestEntries>
+ </archive>
+ <descriptors>
+ <descriptor>bin.xml</descriptor>
+ <descriptor>sources.xml</descriptor>
+ </descriptors>
+ </configuration>
+ <inherited>false</inherited>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
Deleted: projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/jbossxacml.xml
===================================================================
--- projects/security/security-xacml/trunk/docs/userguide/src/docbkx/en/jbossxacml.xml 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/jbossxacml.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,72 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
- "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
-<book lang="en">
- <bookinfo>
- <title>User Guide for JBoss XACML</title>
- <subtitle>A Guide for Developers</subtitle>
- <releaseinfo>2.0.2</releaseinfo>
- <authorgroup>
- <author>
- <firstname>Anil</firstname>
- <othername>J.</othername>
- <surname>Saldhana</surname>
- </author>
- </authorgroup>
- </bookinfo>
-
- <toc></toc>
-
- <preface id="target" revision="1">
- <title>Target Audience</title>
-
- <para>This guide is aimed at developers who want to use the JBoss XACML to implement complex Policy Infrastructure.
- </para>
- </preface>
-
- <preface id="preface" revision="1">
- <title>Preface</title>
-
- <para>Commercial development support, production support and training for
- the JBoss XACML is available through
- <ulink url="http://www.jboss.com">JBoss Inc.</ulink>
- The JBoss XACML is a project of JBoss Security in the JEMS product suite.
- </para>
-
- <para>Authors:
- <itemizedlist spacing="compact">
- <listitem>
- <para>Anil Saldhana - Leader, JBoss Security and Identity Management</para>
- </listitem>
- </itemizedlist>
- </para>
- </preface>
-
- <xi:include href="modules/introduction.xml"
- xml:base="./"
- xmlns:xi="http://www.w3.org/2001/XInclude"/>
- <xi:include href="modules/configuration.xml"
- xml:base="./"
- xmlns:xi="http://www.w3.org/2001/XInclude"/>
- <xi:include href="modules/pdp.xml"
- xml:base="./"
- xmlns:xi="http://www.w3.org/2001/XInclude"/>
- <xi:include href="modules/examples.xml"
- xml:base="./"
- xmlns:xi="http://www.w3.org/2001/XInclude"/>
- <xi:include href="modules/pep.xml"
- xml:base="./"
- xmlns:xi="http://www.w3.org/2001/XInclude"/>
- <xi:include href="modules/rsa2008interop.xml"
- xml:base="./"
- xmlns:xi="http://www.w3.org/2001/XInclude"/>
- <xi:include href="modules/soapsamlxacml.xml"
- xml:base="./"
- xmlns:xi="http://www.w3.org/2001/XInclude"/>
- <xi:include href="modules/dependencies.xml"
- xml:base="./"
- xmlns:xi="http://www.w3.org/2001/XInclude"/>
- <xi:include href="modules/acknowledgments.xml"
- xml:base="./"
- xmlns:xi="http://www.w3.org/2001/XInclude"/>
-</book>
Copied: projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/jbossxacml.xml (from rev 90265, projects/security/security-xacml/trunk/docs/userguide/src/docbkx/en/jbossxacml.xml)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/jbossxacml.xml (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/jbossxacml.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<book lang="en">
+ <bookinfo>
+ <title>User Guide for JBoss XACML</title>
+ <subtitle>A Guide for Developers</subtitle>
+ <releaseinfo>2.0.3.SP1</releaseinfo>
+ <authorgroup>
+ <author>
+ <firstname>Anil</firstname>
+ <othername>J.</othername>
+ <surname>Saldhana</surname>
+ </author>
+ </authorgroup>
+ </bookinfo>
+
+ <toc></toc>
+
+ <preface id="target" revision="1">
+ <title>Target Audience</title>
+
+ <para>This guide is aimed at developers who want to use the JBoss XACML to implement complex Policy Infrastructure.
+ </para>
+ </preface>
+
+ <preface id="preface" revision="1">
+ <title>Preface</title>
+
+ <para>Commercial development support, production support and training for
+ the JBoss XACML is available through
+ <ulink url="http://www.jboss.com">JBoss Inc.</ulink>
+ The JBoss XACML is a project of JBoss Security in the JEMS product suite.
+ </para>
+
+ <para>Authors:
+ <itemizedlist spacing="compact">
+ <listitem>
+ <para>Anil Saldhana - Lead Security Architect</para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </preface>
+
+ <xi:include href="modules/introduction.xml"
+ xml:base="./"
+ xmlns:xi="http://www.w3.org/2001/XInclude"/>
+ <xi:include href="modules/configuration.xml"
+ xml:base="./"
+ xmlns:xi="http://www.w3.org/2001/XInclude"/>
+ <xi:include href="modules/pdp.xml"
+ xml:base="./"
+ xmlns:xi="http://www.w3.org/2001/XInclude"/>
+ <xi:include href="modules/examples.xml"
+ xml:base="./"
+ xmlns:xi="http://www.w3.org/2001/XInclude"/>
+ <xi:include href="modules/pep.xml"
+ xml:base="./"
+ xmlns:xi="http://www.w3.org/2001/XInclude"/>
+ <xi:include href="modules/rsa2008interop.xml"
+ xml:base="./"
+ xmlns:xi="http://www.w3.org/2001/XInclude"/>
+ <xi:include href="modules/dependencies.xml"
+ xml:base="./"
+ xmlns:xi="http://www.w3.org/2001/XInclude"/>
+ <xi:include href="modules/acknowledgments.xml"
+ xml:base="./"
+ xmlns:xi="http://www.w3.org/2001/XInclude"/>
+</book>
Deleted: projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/modules/dependencies.xml
===================================================================
--- projects/security/security-xacml/trunk/docs/userguide/src/docbkx/en/modules/dependencies.xml 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/modules/dependencies.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
-"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
-<chapter id="dependencies">
- <title>Dependencies forJBoss XACML</title>
-
- <para>JBoss XACML needs the following as dependencies.</para>
-
- <para><orderedlist numeration="arabic">
- <listitem>
- <para>JDK 5.0 or above</para>
- </listitem>
-
- <listitem>
- <para>JBoss-JavaEE 5.0 (This basically provides javax.xml.stream
- support which exists in JDK6)</para>
- </listitem>
-
- <listitem>
- <para>JAXB2 libraries (JAXB-API, JAXB-IMPL)</para>
- </listitem>
-
- <listitem>
- <para>JBossSunXACML 2.0</para>
- </listitem>
- </orderedlist></para>
-</chapter>
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/modules/dependencies.xml (from rev 89976, projects/security/security-xacml/trunk/docs/userguide/src/docbkx/en/modules/dependencies.xml)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/modules/dependencies.xml (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/modules/dependencies.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<chapter id="dependencies">
+ <title>Dependencies forJBoss XACML</title>
+
+ <para>JBoss XACML needs the following as dependencies.</para>
+
+ <para><orderedlist numeration="arabic">
+ <listitem>
+ <para>JDK 5.0 or above</para>
+ </listitem>
+
+ <listitem>
+ <para>JBoss-JavaEE 5.0 (This basically provides javax.xml.stream
+ support which exists in JDK6)</para>
+ </listitem>
+
+ <listitem>
+ <para>JAXB2 libraries (JAXB-API, JAXB-IMPL) (Unnecessary if you are on JDK6 and above)</para>
+ </listitem>
+
+ </orderedlist></para>
+</chapter>
Deleted: projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/modules/soapsamlxacml.xml
===================================================================
--- projects/security/security-xacml/trunk/docs/userguide/src/docbkx/en/modules/soapsamlxacml.xml 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/docs/userguide/src/docbkx/en/modules/soapsamlxacml.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,54 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
-"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
-<chapter id="soapsamlxacml">
- <title>SOAP SAML XACML Integration</title>
-
- <para>JBossXACML project currently includes a OpenSAML v2.0 based
- integration code that provides servlets that can read in a SOAP 1.1 request
- containing a SAML v2.0 payload carrying a XACML v2.0 Access Decision
- request.</para>
-
- <para>The Servlets are listed below:</para>
-
- <sect1>
- <title>SOAP SAML XACML Servlet</title>
-
- <para>
- The web.xml configuration is shown below:
- </para>
-
- <programlisting>
- <![CDATA[
- <web-app>
- <context-param>
- <param-name>debug</param-name>
- <param-value>false</param-value>
- </context-param>
- <servlet>
- <servlet-name>SOAPServlet</servlet-name>
- <servlet-class>org.jboss.security.xacml.saml.
- integration.opensaml.servlets.
- SOAPSAMLXACMLServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>SOAPServlet</servlet-name>
- <url-pattern>/SOAPServlet</url-pattern>
- </servlet-mapping>
- </web-app>
-
- ]]>
-
- </programlisting>
- <para>
- Remember to place the policyConfig.xml which is the JBossXACML policy config file under WEB-INF/classes directory. You can place the policies under a policies directory in the classes directory.
- </para>
- </sect1>
-
- <sect1>
- <title>SOAP SAML XACML Servlet</title>
- <para>
- The web.xml configuration is as defined above except that the class name of the saml servlet is org.jboss.xacml.saml.integration.opensaml.servlets.SAMLXACMLServlet
- </para>
- </sect1>
-</chapter>
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/pom.xml
===================================================================
--- projects/security/security-xacml/trunk/jboss-sunxacml/pom.xml 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/pom.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,32 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <parent>
- <groupId>org.jboss.security</groupId>
- <artifactId>jboss-xacml-project</artifactId>
- <version>2.0.3.CR4-SNAPSHOT</version>
- <relativePath>../build/pom.xml</relativePath>
- </parent>
- <modelVersion>4.0.0</modelVersion>
- <artifactId>jboss-sunxacml</artifactId>
- <packaging>jar</packaging>
- <name>JBoss port of sunxacml</name>
- <url>http://www.jboss.org</url>
- <description>JBoss XACML Library</description>
- <dependencies>
- <dependency>
- <groupId>apache-xerces</groupId>
- <artifactId>xml-apis</artifactId>
- <version>2.7.1</version>
- </dependency>
- <dependency>
- <groupId>apache-xalan</groupId>
- <artifactId>xalan</artifactId>
- <version>j_2.7.0</version>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <version>3.8.1</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-</project>
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/pom.xml (from rev 92268, projects/security/security-xacml/trunk/jboss-sunxacml/pom.xml)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/pom.xml (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/pom.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,32 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-xacml-project</artifactId>
+ <version>2.0.4</version>
+ <relativePath>../build/pom.xml</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>jboss-sunxacml</artifactId>
+ <packaging>jar</packaging>
+ <name>JBoss port of sunxacml</name>
+ <url>http://www.jboss.org</url>
+ <description>JBoss XACML Library</description>
+ <dependencies>
+ <dependency>
+ <groupId>apache-xerces</groupId>
+ <artifactId>xml-apis</artifactId>
+ <version>2.7.1</version>
+ </dependency>
+ <dependency>
+ <groupId>apache-xalan</groupId>
+ <artifactId>xalan</artifactId>
+ <version>j_2.7.0</version>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>3.8.1</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+</project>
\ No newline at end of file
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/BasicEvaluationCtx.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/BasicEvaluationCtx.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/BasicEvaluationCtx.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,700 +0,0 @@
-
-/*
- * @(#)BasicEvaluationCtx.java
- *
- * Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistribution of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * 2. Redistribution in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * Neither the name of Sun Microsystems, Inc. or the names of contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * This software is provided "AS IS," without a warranty of any kind. ALL
- * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
- * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
- * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
- * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
- * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
- * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
- * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
- * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
- * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
- * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
- *
- * You acknowledge that this software is not designed or intended for use in
- * the design, construction, operation or maintenance of any nuclear facility.
- */
-
-package org.jboss.security.xacml.sunxacml;
-
-
-
-
-
-import java.net.URI;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import org.jboss.security.xacml.sunxacml.attr.AttributeDesignator;
-import org.jboss.security.xacml.sunxacml.attr.AttributeValue;
-import org.jboss.security.xacml.sunxacml.attr.BagAttribute;
-import org.jboss.security.xacml.sunxacml.attr.DateAttribute;
-import org.jboss.security.xacml.sunxacml.attr.DateTimeAttribute;
-import org.jboss.security.xacml.sunxacml.attr.StringAttribute;
-import org.jboss.security.xacml.sunxacml.attr.TimeAttribute;
-import org.jboss.security.xacml.sunxacml.cond.EvaluationResult;
-import org.jboss.security.xacml.sunxacml.ctx.Attribute;
-import org.jboss.security.xacml.sunxacml.ctx.RequestCtx;
-import org.jboss.security.xacml.sunxacml.ctx.Subject;
-import org.jboss.security.xacml.sunxacml.finder.AttributeFinder;
-import org.w3c.dom.Node;
-
-
-/**
- * A basic implementation of <code>EvaluationCtx</code> that is created from
- * an XACML Request and falls back on an AttributeFinder if a requested
- * value isn't available in the Request.
- * <p>
- * Note that this class can do some optional caching for current date, time,
- * and dateTime values (defined by a boolean flag to the constructors). The
- * XACML specification requires that these values always be available, but it
- * does not specify whether or not they must remain constant over the course
- * of an evaluation if the values are being generated by the PDP (if the
- * values are provided in the Request, then obviously they will remain
- * constant). The default behavior is for these environment values to be
- * cached, so that (for example) the current time remains constant over the
- * course of an evaluation.
- *
- * @since 1.2
- * @author Seth Proctor
- */
-public class BasicEvaluationCtx implements EvaluationCtx
-{
- // the finder to use if a value isn't in the request
- private AttributeFinder finder;
-
- // the DOM root the original RequestContext document
- private Node requestRoot;
-
- // the 4 maps that contain the attribute data
- private HashMap subjectMap;
- private HashMap resourceMap;
- private HashMap actionMap;
- private HashMap environmentMap;
-
- // the resource and its scope
- private AttributeValue resourceId;
- private int scope;
-
- // the cached current date, time, and datetime, which we may or may
- // not be using depending on how this object was constructed
- private DateAttribute currentDate;
- private TimeAttribute currentTime;
- private DateTimeAttribute currentDateTime;
- private boolean useCachedEnvValues;
-
- // the logger we'll use for all messages
- private static final Logger logger =
- Logger.getLogger(BasicEvaluationCtx.class.getName());
-
- /**
- * Constructs a new <code>BasicEvaluationCtx</code> based on the given
- * request. The resulting context will cache current date, time, and
- * dateTime values so they remain constant for this evaluation.
- *
- * @param request the request
- *
- * @throws ParsingException if a required attribute is missing, or if there
- * are any problems dealing with the request data
- */
- public BasicEvaluationCtx(RequestCtx request) throws ParsingException {
- this(request, null, true);
- }
-
- /**
- * Constructs a new <code>BasicEvaluationCtx</code> based on the given
- * request.
- *
- * @param request the request
- * @param cacheEnvValues whether or not to cache the current time, date,
- * and dateTime so they are constant for the scope
- * of this evaluation
- *
- * @throws ParsingException if a required attribute is missing, or if there
- * are any problems dealing with the request data
- */
- public BasicEvaluationCtx(RequestCtx request, boolean cacheEnvValues)
- throws ParsingException
- {
- this(request, null, cacheEnvValues);
- }
-
- /**
- * Constructs a new <code>BasicEvaluationCtx</code> based on the given
- * request, and supports looking outside the original request for attribute
- * values using the <code>AttributeFinder</code>. The resulting context
- * will cache current date, time, and dateTime values so they remain
- * constant for this evaluation.
- *
- * @param request the request
- * @param finder an <code>AttributeFinder</code> to use in looking for
- * attributes that aren't in the request
- *
- * @throws ParsingException if a required attribute is missing, or if there
- * are any problems dealing with the request data
- */
- public BasicEvaluationCtx(RequestCtx request, AttributeFinder finder)
- throws ParsingException
- {
- this(request, finder, true);
- }
-
- /**
- * Constructs a new <code>BasicEvaluationCtx</code> based on the given
- * request, and supports looking outside the original request for attribute
- * values using the <code>AttributeFinder</code>.
- *
- * @param request the request
- * @param finder an <code>AttributeFinder</code> to use in looking for
- * attributes that aren't in the request
- * @param cacheEnvValues whether or not to cache the current time, date,
- * and dateTime so they are constant for the scope
- * of this evaluation
- *
- * @throws ParsingException if a required attribute is missing, or if there
- * are any problems dealing with the request data
- */
- public BasicEvaluationCtx(RequestCtx request, AttributeFinder finder,
- boolean cacheEnvValues) throws ParsingException {
- // keep track of the finder
- this.finder = finder;
-
- // remember the root of the DOM tree for XPath queries
- requestRoot = request.getDocumentRoot();
-
- // initialize the cached date/time values so it's clear we haven't
- // retrieved them yet
- this.useCachedEnvValues = cacheEnvValues;
- currentDate = null;
- currentTime = null;
- currentDateTime = null;
-
- // get the subjects, make sure they're correct, and setup tables
- subjectMap = new HashMap();
- setupSubjects(request.getSubjects());
-
- // next look at the Resource data, which needs to be handled specially
- resourceMap = new HashMap();
- setupResource(request.getResource());
-
- // setup the action data, which is generic
- actionMap = new HashMap();
- mapAttributes(request.getAction(), actionMap);
-
- // finally, set up the environment data, which is also generic
- environmentMap = new HashMap();
- mapAttributes(request.getEnvironmentAttributes(), environmentMap);
- }
-
- /**
- * This is quick helper function to provide a little structure for the
- * subject attributes so we can search for them (somewhat) quickly. The
- * basic idea is to have a map indexed by SubjectCategory that keeps
- * Maps that in turn are indexed by id and keep the unique ctx.Attribute
- * objects.
- */
- private void setupSubjects(Set subjects) throws ParsingException {
- // make sure that there is at least one Subject
- if (subjects.size() == 0)
- throw new ParsingException("Request must a contain subject");
-
- // now go through the subject attributes
- Iterator it = subjects.iterator();
- while (it.hasNext()) {
- Subject subject = (Subject)(it.next());
-
- URI category = subject.getCategory();
- Map categoryMap = null;
-
- // see if we've already got a map for the category
- if (subjectMap.containsKey(category)) {
- categoryMap = (Map)(subjectMap.get(category));
- } else {
- categoryMap = new HashMap();
- subjectMap.put(category, categoryMap);
- }
-
- // iterate over the set of attributes
- Iterator attrIterator = subject.getAttributes().iterator();
-
- while (attrIterator.hasNext()) {
- Attribute attr = (Attribute)(attrIterator.next());
- String id = attr.getId().toString();
-
- if (categoryMap.containsKey(id)) {
- // add to the existing set of Attributes w/this id
- Set existingIds = (Set)(categoryMap.get(id));
- existingIds.add(attr);
- } else {
- // this is the first Attr w/this id
- HashSet newIds = new HashSet();
- newIds.add(attr);
- categoryMap.put(id, newIds);
- }
- }
- }
- }
-
- /**
- * This basically does the same thing that the other types need
- * to do, except that we also look for a resource-id attribute, not
- * because we're going to use, but only to make sure that it's actually
- * there, and for the optional scope attribute, to see what the scope
- * of the attribute is
- */
- private void setupResource(Set resource) throws ParsingException {
- mapAttributes(resource, resourceMap);
-
- // make sure there resource-id attribute was included
- if (! resourceMap.containsKey(RESOURCE_ID)) {
- System.err.println("Resource must contain resource-id attr");
- //throw new ParsingException("resource missing resource-id");
- } else {
- // make sure there's only one value for this
- Set set = (Set)(resourceMap.get(RESOURCE_ID));
- if (set.size() > 1) {
- System.err.println("Resource may contain only one " +
- "resource-id Attribute");
- throw new ParsingException("too many resource-id attrs");
- } else {
- // keep track of the resource-id attribute
- resourceId = ((Attribute)(set.iterator().next())).getValue();
- }
-
- }
-
- //SECURITY-162: Relax resource-id requirement
- if(this.resourceId == null)
- this.resourceId = new StringAttribute("");
-
- // see if a resource-scope attribute was included
- if (resourceMap.containsKey(RESOURCE_SCOPE)) {
- Set set = (Set)(resourceMap.get(RESOURCE_SCOPE));
-
- // make sure there's only one value for resource-scope
- if (set.size() > 1) {
- System.err.println("Resource may contain only one " +
- "resource-scope Attribute");
- throw new ParsingException("too many resource-scope attrs");
- }
-
- Attribute attr = (Attribute)(set.iterator().next());
- AttributeValue attrValue = attr.getValue();
-
- // scope must be a string, so throw an exception otherwise
- if (! attrValue.getType().toString().
- equals(StringAttribute.identifier))
- throw new ParsingException("scope attr must be a string");
-
- String value = ((StringAttribute)attrValue).getValue();
-
- if (value.equals("Immediate")) {
- scope = SCOPE_IMMEDIATE;
- } else if (value.equals("Children")) {
- scope = SCOPE_CHILDREN;
- } else if (value.equals("Descendants")) {
- scope = SCOPE_DESCENDANTS;
- } else {
- System.err.println("Unknown scope type: " + value);
- throw new ParsingException("invalid scope type: " + value);
- }
- } else {
- // by default, the scope is always Immediate
- scope = SCOPE_IMMEDIATE;
- }
- }
-
- /**
- * Generic routine for resource, attribute and environment attributes
- * to build the lookup map for each. The Form is a Map that is indexed
- * by the String form of the attribute ids, and that contains Sets at
- * each entry with all attributes that have that id
- */
- private void mapAttributes(Set input, Map output) {
- Iterator it = input.iterator();
- while (it.hasNext()) {
- Attribute attr = (Attribute)(it.next());
- String id = attr.getId().toString();
-
- if (output.containsKey(id)) {
- Set set = (Set)(output.get(id));
- set.add(attr);
- } else {
- Set set = new HashSet();
- set.add(attr);
- output.put(id, set);
- }
- }
- }
-
- /**
- * Returns the DOM root of the original RequestType XML document.
- *
- * @return the DOM root node
- */
- public Node getRequestRoot() {
- return requestRoot;
- }
-
- /**
- * Returns the resource scope of the request, which will be one of the
- * three fields denoting Immediate, Children, or Descendants.
- *
- * @return the scope of the resource in the request
- */
- public int getScope() {
- return scope;
- }
-
- /**
- * Returns the resource named in the request as resource-id.
- *
- * @return the resource
- */
- public AttributeValue getResourceId() {
- return resourceId;
- }
-
- /**
- * Changes the value of the resource-id attribute in this context. This
- * is useful when you have multiple resources (ie, a scope other than
- * IMMEDIATE), and you need to keep changing only the resource-id to
- * evaluate the different effective requests.
- *
- * @param resourceId the new resource-id value
- */
- public void setResourceId(AttributeValue resourceId) {
- this.resourceId = resourceId;
-
- // there will always be exactly one value for this attribute
- Set attrSet = (Set)(resourceMap.get(RESOURCE_ID));
- Attribute attr = (Attribute)(attrSet.iterator().next());
-
- // remove the old value...
- attrSet.remove(attr);
-
- // ...and insert the new value
- attrSet.add(new Attribute(attr.getId(), attr.getIssuer(),
- attr.getIssueInstant(), resourceId));
- }
-
- /**
- * Returns the value for the current time. The current time, current
- * date, and current dateTime are consistent, so that they all
- * represent the same moment. If this is the first time that one
- * of these three values has been requested, and caching is enabled,
- * then the three values will be resolved and stored.
- * <p>
- * Note that the value supplied here applies only to dynamically
- * resolved values, not those supplied in the Request. In other words,
- * this always returns a dynamically resolved value local to the PDP,
- * even if a different value was supplied in the Request. This is
- * handled correctly when the value is requested by its identifier.
- *
- * @return the current time
- */
- public synchronized TimeAttribute getCurrentTime() {
- long millis = dateTimeHelper();
-
- if (useCachedEnvValues)
- return currentTime;
- else
- return new TimeAttribute(new Date(millis));
- }
-
- /**
- * Returns the value for the current date. The current time, current
- * date, and current dateTime are consistent, so that they all
- * represent the same moment. If this is the first time that one
- * of these three values has been requested, and caching is enabled,
- * then the three values will be resolved and stored.
- * <p>
- * Note that the value supplied here applies only to dynamically
- * resolved values, not those supplied in the Request. In other words,
- * this always returns a dynamically resolved value local to the PDP,
- * even if a different value was supplied in the Request. This is
- * handled correctly when the value is requested by its identifier.
- *
- * @return the current date
- */
- public synchronized DateAttribute getCurrentDate() {
- long millis = dateTimeHelper();
-
- if (useCachedEnvValues)
- return currentDate;
- else
- return new DateAttribute(new Date(millis));
- }
-
- /**
- * Returns the value for the current dateTime. The current time, current
- * date, and current dateTime are consistent, so that they all
- * represent the same moment. If this is the first time that one
- * of these three values has been requested, and caching is enabled,
- * then the three values will be resolved and stored.
- * <p>
- * Note that the value supplied here applies only to dynamically
- * resolved values, not those supplied in the Request. In other words,
- * this always returns a dynamically resolved value local to the PDP,
- * even if a different value was supplied in the Request. This is
- * handled correctly when the value is requested by its identifier.
- *
- * @return the current dateTime
- */
- public synchronized DateTimeAttribute getCurrentDateTime() {
- long millis = dateTimeHelper();
-
- if (useCachedEnvValues)
- return currentDateTime;
- else
- return new DateTimeAttribute(new Date(millis));
- }
-
- /**
- * Private helper that figures out if we need to resolve new values,
- * and returns either the current moment (if we're not caching) or
- * -1 (if we are caching)
- */
- private long dateTimeHelper() {
- // if we already have current values, then we can stop (note this
- // always means that we're caching)
- if (currentTime != null)
- return -1;
-
- // get the current moment
- Date time = new Date();
- long millis = time.getTime();
-
- // if we're not caching then we just return the current moment
- if (! useCachedEnvValues) {
- return millis;
- } else {
- // we're caching, so resolve all three values, making sure
- // to use clean copies of the date object since it may be
- // modified when creating the attributes
- currentTime = new TimeAttribute(time);
- currentDate = new DateAttribute(new Date(millis));
- currentDateTime = new DateTimeAttribute(new Date(millis));
- }
-
- return -1;
- }
-
- /**
- * Returns attribute value(s) from the subject section of the request
- * that have no issuer.
- *
- * @param type the type of the attribute value(s) to find
- * @param id the id of the attribute value(s) to find
- * @param category the category the attribute value(s) must be in
- *
- * @return a result containing a bag either empty because no values were
- * found or containing at least one value, or status associated with an
- * Indeterminate result
- */
- public EvaluationResult getSubjectAttribute(URI type, URI id,
- URI category) {
- return getSubjectAttribute(type, id, null, category);
- }
-
- /**
- * Returns attribute value(s) from the subject section of the request.
- *
- * @param type the type of the attribute value(s) to find
- * @param id the id of the attribute value(s) to find
- * @param issuer the issuer of the attribute value(s) to find or null
- * @param category the category the attribute value(s) must be in
- *
- * @return a result containing a bag either empty because no values were
- * found or containing at least one value, or status associated with an
- * Indeterminate result
- */
- public EvaluationResult getSubjectAttribute(URI type, URI id, URI issuer,
- URI category) {
- // This is the same as the other three lookups except that this
- // has an extra level of indirection that needs to be handled first
- Map map = (Map)(subjectMap.get(category));
-
- if (map == null) {
- // the request didn't have that category, so we should try asking
- // the attribute finder
- return callHelper(type, id, issuer, category,
- AttributeDesignator.SUBJECT_TARGET);
- }
-
- return getGenericAttributes(type, id, issuer, map, category,
- AttributeDesignator.SUBJECT_TARGET);
- }
-
- /**
- * Returns attribute value(s) from the resource section of the request.
- *
- * @param type the type of the attribute value(s) to find
- * @param id the id of the attribute value(s) to find
- * @param issuer the issuer of the attribute value(s) to find or null
- *
- * @return a result containing a bag either empty because no values were
- * found or containing at least one value, or status associated with an
- * Indeterminate result
- */
- public EvaluationResult getResourceAttribute(URI type, URI id,
- URI issuer) {
- return getGenericAttributes(type, id, issuer, resourceMap, null,
- AttributeDesignator.RESOURCE_TARGET);
- }
-
- /**
- * Returns attribute value(s) from the action section of the request.
- *
- * @param type the type of the attribute value(s) to find
- * @param id the id of the attribute value(s) to find
- * @param issuer the issuer of the attribute value(s) to find or null
- *
- * @return a result containing a bag either empty because no values were
- * found or containing at least one value, or status associated with an
- * Indeterminate result
- */
- public EvaluationResult getActionAttribute(URI type, URI id, URI issuer) {
- return getGenericAttributes(type, id, issuer, actionMap, null,
- AttributeDesignator.ACTION_TARGET);
- }
-
- /**
- * Returns attribute value(s) from the environment section of the request.
- *
- * @param type the type of the attribute value(s) to find
- * @param id the id of the attribute value(s) to find
- * @param issuer the issuer of the attribute value(s) to find or null
- *
- * @return a result containing a bag either empty because no values were
- * found or containing at least one value, or status associated with an
- * Indeterminate result
- */
- public EvaluationResult getEnvironmentAttribute(URI type, URI id,
- URI issuer) {
- return getGenericAttributes(type, id, issuer, environmentMap, null,
- AttributeDesignator.ENVIRONMENT_TARGET);
- }
-
- /**
- * Helper function for the resource, action and environment methods
- * to get an attribute.
- */
- private EvaluationResult getGenericAttributes(URI type, URI id, URI issuer,
- Map map, URI category,
- int designatorType) {
- // try to find the id
- Set attrSet = (Set)(map.get(id.toString()));
- if (attrSet == null) {
- // the request didn't have an attribute with that id, so we should
- // try asking the attribute finder
- return callHelper(type, id, issuer, category, designatorType);
- }
-
- // now go through each, considering each Attribute object
- List attributes = new ArrayList();
- Iterator it = attrSet.iterator();
-
- while (it.hasNext()) {
- Attribute attr = (Attribute)(it.next());
-
- // make sure the type and issuer are correct
- if ((attr.getType().equals(type)) &&
- ((issuer == null) ||
- ((attr.getIssuer() != null) &&
- (attr.getIssuer().equals(issuer.toString()))))) {
-
- // if we got here, then we found a match, so we want to pull
- // out the values and put them in out list
- attributes.addAll(attr.getValues());
- }
- }
-
- // see if we found any acceptable attributes
- if (attributes.size() == 0) {
- // we failed to find any that matched the type/issuer, or all the
- // Attribute types were empty...so ask the finder
- if (logger.isLoggable(Level.FINE))
- logger.fine("Attribute not in request: " + id.toString() +
- " ... querying AttributeFinder");
-
- return callHelper(type, id, issuer, category, designatorType);
- }
-
- // if we got here, then we found at least one useful AttributeValue
- return new EvaluationResult(new BagAttribute(type, attributes));
- }
-
- /**
- * Private helper that calls the finder if it's non-null, or else returns
- * an empty bag
- */
- private EvaluationResult callHelper(URI type, URI id, URI issuer,
- URI category, int adType) {
- if (finder != null) {
- return finder.findAttribute(type, id, issuer, category,
- this, adType);
- } else {
- logger.warning("Context tried to invoke AttributeFinder but was " +
- "not configured with one");
-
- return new EvaluationResult(BagAttribute.createEmptyBag(type));
- }
- }
-
- /**
- * Returns the attribute value(s) retrieved using the given XPath
- * expression.
- *
- * @param contextPath the XPath expression to search
- * @param namespaceNode the DOM node defining namespace mappings to use,
- * or null if mappings come from the context root
- * @param type the type of the attribute value(s) to find
- * @param xpathVersion the version of XPath to use
- *
- * @return a result containing a bag either empty because no values were
- * found or containing at least one value, or status associated with an
- * Indeterminate result
- */
- public EvaluationResult getAttribute(String contextPath,
- Node namespaceNode, URI type,
- String xpathVersion) {
- if (finder != null) {
- return finder.findAttribute(contextPath, namespaceNode, type, this,
- xpathVersion);
- } else {
- logger.warning("Context tried to invoke AttributeFinder but was " +
- "not configured with one");
-
- return new EvaluationResult(BagAttribute.createEmptyBag(type));
- }
- }
-
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/BasicEvaluationCtx.java (from rev 86469, projects/security/security-xacml/trunk/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/BasicEvaluationCtx.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/BasicEvaluationCtx.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/BasicEvaluationCtx.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,700 @@
+
+/*
+ * @(#)BasicEvaluationCtx.java
+ *
+ * Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistribution of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistribution in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * Neither the name of Sun Microsystems, Inc. or the names of contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any kind. ALL
+ * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
+ * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
+ * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
+ * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
+ * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
+ * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
+ * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
+ * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
+ * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
+ * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that this software is not designed or intended for use in
+ * the design, construction, operation or maintenance of any nuclear facility.
+ */
+
+package org.jboss.security.xacml.sunxacml;
+
+
+
+
+
+import java.net.URI;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import org.jboss.security.xacml.sunxacml.attr.AttributeDesignator;
+import org.jboss.security.xacml.sunxacml.attr.AttributeValue;
+import org.jboss.security.xacml.sunxacml.attr.BagAttribute;
+import org.jboss.security.xacml.sunxacml.attr.DateAttribute;
+import org.jboss.security.xacml.sunxacml.attr.DateTimeAttribute;
+import org.jboss.security.xacml.sunxacml.attr.StringAttribute;
+import org.jboss.security.xacml.sunxacml.attr.TimeAttribute;
+import org.jboss.security.xacml.sunxacml.cond.EvaluationResult;
+import org.jboss.security.xacml.sunxacml.ctx.Attribute;
+import org.jboss.security.xacml.sunxacml.ctx.RequestCtx;
+import org.jboss.security.xacml.sunxacml.ctx.Subject;
+import org.jboss.security.xacml.sunxacml.finder.AttributeFinder;
+import org.w3c.dom.Node;
+
+
+/**
+ * A basic implementation of <code>EvaluationCtx</code> that is created from
+ * an XACML Request and falls back on an AttributeFinder if a requested
+ * value isn't available in the Request.
+ * <p>
+ * Note that this class can do some optional caching for current date, time,
+ * and dateTime values (defined by a boolean flag to the constructors). The
+ * XACML specification requires that these values always be available, but it
+ * does not specify whether or not they must remain constant over the course
+ * of an evaluation if the values are being generated by the PDP (if the
+ * values are provided in the Request, then obviously they will remain
+ * constant). The default behavior is for these environment values to be
+ * cached, so that (for example) the current time remains constant over the
+ * course of an evaluation.
+ *
+ * @since 1.2
+ * @author Seth Proctor
+ */
+public class BasicEvaluationCtx implements EvaluationCtx
+{
+ // the finder to use if a value isn't in the request
+ private AttributeFinder finder;
+
+ // the DOM root the original RequestContext document
+ private Node requestRoot;
+
+ // the 4 maps that contain the attribute data
+ private HashMap subjectMap;
+ private HashMap resourceMap;
+ private HashMap actionMap;
+ private HashMap environmentMap;
+
+ // the resource and its scope
+ private AttributeValue resourceId;
+ private int scope;
+
+ // the cached current date, time, and datetime, which we may or may
+ // not be using depending on how this object was constructed
+ private DateAttribute currentDate;
+ private TimeAttribute currentTime;
+ private DateTimeAttribute currentDateTime;
+ private boolean useCachedEnvValues;
+
+ // the logger we'll use for all messages
+ private static final Logger logger =
+ Logger.getLogger(BasicEvaluationCtx.class.getName());
+
+ /**
+ * Constructs a new <code>BasicEvaluationCtx</code> based on the given
+ * request. The resulting context will cache current date, time, and
+ * dateTime values so they remain constant for this evaluation.
+ *
+ * @param request the request
+ *
+ * @throws ParsingException if a required attribute is missing, or if there
+ * are any problems dealing with the request data
+ */
+ public BasicEvaluationCtx(RequestCtx request) throws ParsingException {
+ this(request, null, true);
+ }
+
+ /**
+ * Constructs a new <code>BasicEvaluationCtx</code> based on the given
+ * request.
+ *
+ * @param request the request
+ * @param cacheEnvValues whether or not to cache the current time, date,
+ * and dateTime so they are constant for the scope
+ * of this evaluation
+ *
+ * @throws ParsingException if a required attribute is missing, or if there
+ * are any problems dealing with the request data
+ */
+ public BasicEvaluationCtx(RequestCtx request, boolean cacheEnvValues)
+ throws ParsingException
+ {
+ this(request, null, cacheEnvValues);
+ }
+
+ /**
+ * Constructs a new <code>BasicEvaluationCtx</code> based on the given
+ * request, and supports looking outside the original request for attribute
+ * values using the <code>AttributeFinder</code>. The resulting context
+ * will cache current date, time, and dateTime values so they remain
+ * constant for this evaluation.
+ *
+ * @param request the request
+ * @param finder an <code>AttributeFinder</code> to use in looking for
+ * attributes that aren't in the request
+ *
+ * @throws ParsingException if a required attribute is missing, or if there
+ * are any problems dealing with the request data
+ */
+ public BasicEvaluationCtx(RequestCtx request, AttributeFinder finder)
+ throws ParsingException
+ {
+ this(request, finder, true);
+ }
+
+ /**
+ * Constructs a new <code>BasicEvaluationCtx</code> based on the given
+ * request, and supports looking outside the original request for attribute
+ * values using the <code>AttributeFinder</code>.
+ *
+ * @param request the request
+ * @param finder an <code>AttributeFinder</code> to use in looking for
+ * attributes that aren't in the request
+ * @param cacheEnvValues whether or not to cache the current time, date,
+ * and dateTime so they are constant for the scope
+ * of this evaluation
+ *
+ * @throws ParsingException if a required attribute is missing, or if there
+ * are any problems dealing with the request data
+ */
+ public BasicEvaluationCtx(RequestCtx request, AttributeFinder finder,
+ boolean cacheEnvValues) throws ParsingException {
+ // keep track of the finder
+ this.finder = finder;
+
+ // remember the root of the DOM tree for XPath queries
+ requestRoot = request.getDocumentRoot();
+
+ // initialize the cached date/time values so it's clear we haven't
+ // retrieved them yet
+ this.useCachedEnvValues = cacheEnvValues;
+ currentDate = null;
+ currentTime = null;
+ currentDateTime = null;
+
+ // get the subjects, make sure they're correct, and setup tables
+ subjectMap = new HashMap();
+ setupSubjects(request.getSubjects());
+
+ // next look at the Resource data, which needs to be handled specially
+ resourceMap = new HashMap();
+ setupResource(request.getResource());
+
+ // setup the action data, which is generic
+ actionMap = new HashMap();
+ mapAttributes(request.getAction(), actionMap);
+
+ // finally, set up the environment data, which is also generic
+ environmentMap = new HashMap();
+ mapAttributes(request.getEnvironmentAttributes(), environmentMap);
+ }
+
+ /**
+ * This is quick helper function to provide a little structure for the
+ * subject attributes so we can search for them (somewhat) quickly. The
+ * basic idea is to have a map indexed by SubjectCategory that keeps
+ * Maps that in turn are indexed by id and keep the unique ctx.Attribute
+ * objects.
+ */
+ private void setupSubjects(Set subjects) throws ParsingException {
+ // make sure that there is at least one Subject
+ if (subjects.size() == 0)
+ throw new ParsingException("Request must a contain subject");
+
+ // now go through the subject attributes
+ Iterator it = subjects.iterator();
+ while (it.hasNext()) {
+ Subject subject = (Subject)(it.next());
+
+ URI category = subject.getCategory();
+ Map categoryMap = null;
+
+ // see if we've already got a map for the category
+ if (subjectMap.containsKey(category)) {
+ categoryMap = (Map)(subjectMap.get(category));
+ } else {
+ categoryMap = new HashMap();
+ subjectMap.put(category, categoryMap);
+ }
+
+ // iterate over the set of attributes
+ Iterator attrIterator = subject.getAttributes().iterator();
+
+ while (attrIterator.hasNext()) {
+ Attribute attr = (Attribute)(attrIterator.next());
+ String id = attr.getId().toString();
+
+ if (categoryMap.containsKey(id)) {
+ // add to the existing set of Attributes w/this id
+ Set existingIds = (Set)(categoryMap.get(id));
+ existingIds.add(attr);
+ } else {
+ // this is the first Attr w/this id
+ HashSet newIds = new HashSet();
+ newIds.add(attr);
+ categoryMap.put(id, newIds);
+ }
+ }
+ }
+ }
+
+ /**
+ * This basically does the same thing that the other types need
+ * to do, except that we also look for a resource-id attribute, not
+ * because we're going to use, but only to make sure that it's actually
+ * there, and for the optional scope attribute, to see what the scope
+ * of the attribute is
+ */
+ private void setupResource(Set resource) throws ParsingException {
+ mapAttributes(resource, resourceMap);
+
+ // make sure there resource-id attribute was included
+ if (! resourceMap.containsKey(RESOURCE_ID)) {
+ System.err.println("Resource must contain resource-id attr");
+ //throw new ParsingException("resource missing resource-id");
+ } /*else {
+ // make sure there's only one value for this
+ Set set = (Set)(resourceMap.get(RESOURCE_ID));
+ if (set.size() > 1) {
+ System.err.println("Resource may contain only one " +
+ "resource-id Attribute");
+ throw new ParsingException("too many resource-id attrs");
+ } else {
+ // keep track of the resource-id attribute
+ resourceId = ((Attribute)(set.iterator().next())).getValue();
+ }
+
+ } */
+
+ //SECURITY-162: Relax resource-id requirement
+ if(this.resourceId == null)
+ this.resourceId = new StringAttribute("");
+
+ // see if a resource-scope attribute was included
+ if (resourceMap.containsKey(RESOURCE_SCOPE)) {
+ Set set = (Set)(resourceMap.get(RESOURCE_SCOPE));
+
+ // make sure there's only one value for resource-scope
+ if (set.size() > 1) {
+ System.err.println("Resource may contain only one " +
+ "resource-scope Attribute");
+ throw new ParsingException("too many resource-scope attrs");
+ }
+
+ Attribute attr = (Attribute)(set.iterator().next());
+ AttributeValue attrValue = attr.getValue();
+
+ // scope must be a string, so throw an exception otherwise
+ if (! attrValue.getType().toString().
+ equals(StringAttribute.identifier))
+ throw new ParsingException("scope attr must be a string");
+
+ String value = ((StringAttribute)attrValue).getValue();
+
+ if (value.equals("Immediate")) {
+ scope = SCOPE_IMMEDIATE;
+ } else if (value.equals("Children")) {
+ scope = SCOPE_CHILDREN;
+ } else if (value.equals("Descendants")) {
+ scope = SCOPE_DESCENDANTS;
+ } else {
+ System.err.println("Unknown scope type: " + value);
+ throw new ParsingException("invalid scope type: " + value);
+ }
+ } else {
+ // by default, the scope is always Immediate
+ scope = SCOPE_IMMEDIATE;
+ }
+ }
+
+ /**
+ * Generic routine for resource, attribute and environment attributes
+ * to build the lookup map for each. The Form is a Map that is indexed
+ * by the String form of the attribute ids, and that contains Sets at
+ * each entry with all attributes that have that id
+ */
+ private void mapAttributes(Set input, Map output) {
+ Iterator it = input.iterator();
+ while (it.hasNext()) {
+ Attribute attr = (Attribute)(it.next());
+ String id = attr.getId().toString();
+
+ if (output.containsKey(id)) {
+ Set set = (Set)(output.get(id));
+ set.add(attr);
+ } else {
+ Set set = new HashSet();
+ set.add(attr);
+ output.put(id, set);
+ }
+ }
+ }
+
+ /**
+ * Returns the DOM root of the original RequestType XML document.
+ *
+ * @return the DOM root node
+ */
+ public Node getRequestRoot() {
+ return requestRoot;
+ }
+
+ /**
+ * Returns the resource scope of the request, which will be one of the
+ * three fields denoting Immediate, Children, or Descendants.
+ *
+ * @return the scope of the resource in the request
+ */
+ public int getScope() {
+ return scope;
+ }
+
+ /**
+ * Returns the resource named in the request as resource-id.
+ *
+ * @return the resource
+ */
+ public AttributeValue getResourceId() {
+ return resourceId;
+ }
+
+ /**
+ * Changes the value of the resource-id attribute in this context. This
+ * is useful when you have multiple resources (ie, a scope other than
+ * IMMEDIATE), and you need to keep changing only the resource-id to
+ * evaluate the different effective requests.
+ *
+ * @param resourceId the new resource-id value
+ */
+ public void setResourceId(AttributeValue resourceId) {
+ this.resourceId = resourceId;
+
+ // there will always be exactly one value for this attribute
+ Set attrSet = (Set)(resourceMap.get(RESOURCE_ID));
+ Attribute attr = (Attribute)(attrSet.iterator().next());
+
+ // remove the old value...
+ attrSet.remove(attr);
+
+ // ...and insert the new value
+ attrSet.add(new Attribute(attr.getId(), attr.getIssuer(),
+ attr.getIssueInstant(), resourceId));
+ }
+
+ /**
+ * Returns the value for the current time. The current time, current
+ * date, and current dateTime are consistent, so that they all
+ * represent the same moment. If this is the first time that one
+ * of these three values has been requested, and caching is enabled,
+ * then the three values will be resolved and stored.
+ * <p>
+ * Note that the value supplied here applies only to dynamically
+ * resolved values, not those supplied in the Request. In other words,
+ * this always returns a dynamically resolved value local to the PDP,
+ * even if a different value was supplied in the Request. This is
+ * handled correctly when the value is requested by its identifier.
+ *
+ * @return the current time
+ */
+ public synchronized TimeAttribute getCurrentTime() {
+ long millis = dateTimeHelper();
+
+ if (useCachedEnvValues)
+ return currentTime;
+ else
+ return new TimeAttribute(new Date(millis));
+ }
+
+ /**
+ * Returns the value for the current date. The current time, current
+ * date, and current dateTime are consistent, so that they all
+ * represent the same moment. If this is the first time that one
+ * of these three values has been requested, and caching is enabled,
+ * then the three values will be resolved and stored.
+ * <p>
+ * Note that the value supplied here applies only to dynamically
+ * resolved values, not those supplied in the Request. In other words,
+ * this always returns a dynamically resolved value local to the PDP,
+ * even if a different value was supplied in the Request. This is
+ * handled correctly when the value is requested by its identifier.
+ *
+ * @return the current date
+ */
+ public synchronized DateAttribute getCurrentDate() {
+ long millis = dateTimeHelper();
+
+ if (useCachedEnvValues)
+ return currentDate;
+ else
+ return new DateAttribute(new Date(millis));
+ }
+
+ /**
+ * Returns the value for the current dateTime. The current time, current
+ * date, and current dateTime are consistent, so that they all
+ * represent the same moment. If this is the first time that one
+ * of these three values has been requested, and caching is enabled,
+ * then the three values will be resolved and stored.
+ * <p>
+ * Note that the value supplied here applies only to dynamically
+ * resolved values, not those supplied in the Request. In other words,
+ * this always returns a dynamically resolved value local to the PDP,
+ * even if a different value was supplied in the Request. This is
+ * handled correctly when the value is requested by its identifier.
+ *
+ * @return the current dateTime
+ */
+ public synchronized DateTimeAttribute getCurrentDateTime() {
+ long millis = dateTimeHelper();
+
+ if (useCachedEnvValues)
+ return currentDateTime;
+ else
+ return new DateTimeAttribute(new Date(millis));
+ }
+
+ /**
+ * Private helper that figures out if we need to resolve new values,
+ * and returns either the current moment (if we're not caching) or
+ * -1 (if we are caching)
+ */
+ private long dateTimeHelper() {
+ // if we already have current values, then we can stop (note this
+ // always means that we're caching)
+ if (currentTime != null)
+ return -1;
+
+ // get the current moment
+ Date time = new Date();
+ long millis = time.getTime();
+
+ // if we're not caching then we just return the current moment
+ if (! useCachedEnvValues) {
+ return millis;
+ } else {
+ // we're caching, so resolve all three values, making sure
+ // to use clean copies of the date object since it may be
+ // modified when creating the attributes
+ currentTime = new TimeAttribute(time);
+ currentDate = new DateAttribute(new Date(millis));
+ currentDateTime = new DateTimeAttribute(new Date(millis));
+ }
+
+ return -1;
+ }
+
+ /**
+ * Returns attribute value(s) from the subject section of the request
+ * that have no issuer.
+ *
+ * @param type the type of the attribute value(s) to find
+ * @param id the id of the attribute value(s) to find
+ * @param category the category the attribute value(s) must be in
+ *
+ * @return a result containing a bag either empty because no values were
+ * found or containing at least one value, or status associated with an
+ * Indeterminate result
+ */
+ public EvaluationResult getSubjectAttribute(URI type, URI id,
+ URI category) {
+ return getSubjectAttribute(type, id, null, category);
+ }
+
+ /**
+ * Returns attribute value(s) from the subject section of the request.
+ *
+ * @param type the type of the attribute value(s) to find
+ * @param id the id of the attribute value(s) to find
+ * @param issuer the issuer of the attribute value(s) to find or null
+ * @param category the category the attribute value(s) must be in
+ *
+ * @return a result containing a bag either empty because no values were
+ * found or containing at least one value, or status associated with an
+ * Indeterminate result
+ */
+ public EvaluationResult getSubjectAttribute(URI type, URI id, URI issuer,
+ URI category) {
+ // This is the same as the other three lookups except that this
+ // has an extra level of indirection that needs to be handled first
+ Map map = (Map)(subjectMap.get(category));
+
+ if (map == null) {
+ // the request didn't have that category, so we should try asking
+ // the attribute finder
+ return callHelper(type, id, issuer, category,
+ AttributeDesignator.SUBJECT_TARGET);
+ }
+
+ return getGenericAttributes(type, id, issuer, map, category,
+ AttributeDesignator.SUBJECT_TARGET);
+ }
+
+ /**
+ * Returns attribute value(s) from the resource section of the request.
+ *
+ * @param type the type of the attribute value(s) to find
+ * @param id the id of the attribute value(s) to find
+ * @param issuer the issuer of the attribute value(s) to find or null
+ *
+ * @return a result containing a bag either empty because no values were
+ * found or containing at least one value, or status associated with an
+ * Indeterminate result
+ */
+ public EvaluationResult getResourceAttribute(URI type, URI id,
+ URI issuer) {
+ return getGenericAttributes(type, id, issuer, resourceMap, null,
+ AttributeDesignator.RESOURCE_TARGET);
+ }
+
+ /**
+ * Returns attribute value(s) from the action section of the request.
+ *
+ * @param type the type of the attribute value(s) to find
+ * @param id the id of the attribute value(s) to find
+ * @param issuer the issuer of the attribute value(s) to find or null
+ *
+ * @return a result containing a bag either empty because no values were
+ * found or containing at least one value, or status associated with an
+ * Indeterminate result
+ */
+ public EvaluationResult getActionAttribute(URI type, URI id, URI issuer) {
+ return getGenericAttributes(type, id, issuer, actionMap, null,
+ AttributeDesignator.ACTION_TARGET);
+ }
+
+ /**
+ * Returns attribute value(s) from the environment section of the request.
+ *
+ * @param type the type of the attribute value(s) to find
+ * @param id the id of the attribute value(s) to find
+ * @param issuer the issuer of the attribute value(s) to find or null
+ *
+ * @return a result containing a bag either empty because no values were
+ * found or containing at least one value, or status associated with an
+ * Indeterminate result
+ */
+ public EvaluationResult getEnvironmentAttribute(URI type, URI id,
+ URI issuer) {
+ return getGenericAttributes(type, id, issuer, environmentMap, null,
+ AttributeDesignator.ENVIRONMENT_TARGET);
+ }
+
+ /**
+ * Helper function for the resource, action and environment methods
+ * to get an attribute.
+ */
+ private EvaluationResult getGenericAttributes(URI type, URI id, URI issuer,
+ Map map, URI category,
+ int designatorType) {
+ // try to find the id
+ Set attrSet = (Set)(map.get(id.toString()));
+ if (attrSet == null) {
+ // the request didn't have an attribute with that id, so we should
+ // try asking the attribute finder
+ return callHelper(type, id, issuer, category, designatorType);
+ }
+
+ // now go through each, considering each Attribute object
+ List attributes = new ArrayList();
+ Iterator it = attrSet.iterator();
+
+ while (it.hasNext()) {
+ Attribute attr = (Attribute)(it.next());
+
+ // make sure the type and issuer are correct
+ if ((attr.getType().equals(type)) &&
+ ((issuer == null) ||
+ ((attr.getIssuer() != null) &&
+ (attr.getIssuer().equals(issuer.toString()))))) {
+
+ // if we got here, then we found a match, so we want to pull
+ // out the values and put them in out list
+ attributes.addAll(attr.getValues());
+ }
+ }
+
+ // see if we found any acceptable attributes
+ if (attributes.size() == 0) {
+ // we failed to find any that matched the type/issuer, or all the
+ // Attribute types were empty...so ask the finder
+ if (logger.isLoggable(Level.FINE))
+ logger.fine("Attribute not in request: " + id.toString() +
+ " ... querying AttributeFinder");
+
+ return callHelper(type, id, issuer, category, designatorType);
+ }
+
+ // if we got here, then we found at least one useful AttributeValue
+ return new EvaluationResult(new BagAttribute(type, attributes));
+ }
+
+ /**
+ * Private helper that calls the finder if it's non-null, or else returns
+ * an empty bag
+ */
+ private EvaluationResult callHelper(URI type, URI id, URI issuer,
+ URI category, int adType) {
+ if (finder != null) {
+ return finder.findAttribute(type, id, issuer, category,
+ this, adType);
+ } else {
+ logger.warning("Context tried to invoke AttributeFinder but was " +
+ "not configured with one");
+
+ return new EvaluationResult(BagAttribute.createEmptyBag(type));
+ }
+ }
+
+ /**
+ * Returns the attribute value(s) retrieved using the given XPath
+ * expression.
+ *
+ * @param contextPath the XPath expression to search
+ * @param namespaceNode the DOM node defining namespace mappings to use,
+ * or null if mappings come from the context root
+ * @param type the type of the attribute value(s) to find
+ * @param xpathVersion the version of XPath to use
+ *
+ * @return a result containing a bag either empty because no values were
+ * found or containing at least one value, or status associated with an
+ * Indeterminate result
+ */
+ public EvaluationResult getAttribute(String contextPath,
+ Node namespaceNode, URI type,
+ String xpathVersion) {
+ if (finder != null) {
+ return finder.findAttribute(contextPath, namespaceNode, type, this,
+ xpathVersion);
+ } else {
+ logger.warning("Context tried to invoke AttributeFinder but was " +
+ "not configured with one");
+
+ return new EvaluationResult(BagAttribute.createEmptyBag(type));
+ }
+ }
+
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/AnyURIAttribute.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/AnyURIAttribute.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/AnyURIAttribute.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,162 +0,0 @@
-
-/*
- * @(#)AnyURIAttribute.java
- *
- * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistribution of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * 2. Redistribution in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * Neither the name of Sun Microsystems, Inc. or the names of contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * This software is provided "AS IS," without a warranty of any kind. ALL
- * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
- * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
- * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
- * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
- * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
- * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
- * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
- * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
- * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
- * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
- *
- * You acknowledge that this software is not designed or intended for use in
- * the design, construction, operation or maintenance of any nuclear facility.
- */
-
-package org.jboss.security.xacml.sunxacml.attr;
-
-import java.net.URI;
-import java.net.URISyntaxException;
-
-import org.w3c.dom.Node;
-
-
-/**
- * Representation of an xs:anyURI value. This class supports parsing
- * xs:anyURI values.
- *
- * @since 1.0
- * @author Seth Proctor
- */
-public class AnyURIAttribute extends AttributeValue
-{
-
- /**
- * Official name of this type
- */
- public static final String identifier =
- "http://www.w3.org/2001/XMLSchema#anyURI";
-
- //URI version of name for this type
- private static URI identifierURI = URI.create(identifier);
-
- // the URI value that this class represents
- private URI value;
-
- /**
- * Creates a new <code>AnyURIAttribute</code> that represents
- * the URI value supplied.
- *
- * @param value the <code>URI</code> value to be represented
- */
- public AnyURIAttribute(URI value) {
- super(identifierURI);
-
- this.value = value;
- }
-
- /**
- * Returns a new <code>AnyURIAttribute</code> that represents
- * the xs:anyURI at a particular DOM node.
- *
- * @param root the <code>Node</code> that contains the desired value
- *
- * @return a new <code>AnyURIAttribute</code> representing the
- * appropriate value (null if there is a parsing error)
- */
- public static AnyURIAttribute getInstance(Node root)
- throws URISyntaxException
- {
- return getInstance(root.getFirstChild().getNodeValue());
- }
-
- /**
- * Returns a new <code>AnyURIAttribute</code> that represents
- * the xs:anyURI value indicated by the <code>String</code> provided.
- *
- * @param value a string representing the desired value
- *
- * @return a new <code>AnyURIAttribute</code> representing the
- * appropriate value
- */
- public static AnyURIAttribute getInstance(String value)
- throws URISyntaxException
- {
- return new AnyURIAttribute(new URI(value));
- }
-
- /**
- * Returns the <code>URI</code> value represented by this object.
- *
- * @return the <code>URI</code> value
- */
- public URI getValue() {
- return value;
- }
-
- /**
- * Returns true if the input is an instance of this class and if its
- * value equals the value contained in this class.
- *
- * @param o the object to compare
- *
- * @return true if this object and the input represent the same value
- */
- public boolean equals(Object o) {
- if (! (o instanceof AnyURIAttribute))
- return false;
-
- AnyURIAttribute other = (AnyURIAttribute)o;
-
- return value.equals(other.value);
- }
-
- /**
- * Returns the hashcode value used to index and compare this object with
- * others of the same type. Typically this is the hashcode of the backing
- * data object.
- *
- * @return the object's hashcode value
- */
- public int hashCode() {
- return value.hashCode();
- }
-
- /**
- * Converts to a String representation.
- *
- * @return the String representation
- */
- public String toString() {
- return "AnyURIAttribute: \"" + value.toString() + "\"";
- }
-
- /**
- *
- */
- public String encode() {
- return value.toString();
- }
-
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/AnyURIAttribute.java (from rev 90264, projects/security/security-xacml/trunk/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/AnyURIAttribute.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/AnyURIAttribute.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/AnyURIAttribute.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,163 @@
+
+/*
+ * @(#)AnyURIAttribute.java
+ *
+ * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistribution of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistribution in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * Neither the name of Sun Microsystems, Inc. or the names of contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any kind. ALL
+ * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
+ * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
+ * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
+ * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
+ * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
+ * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
+ * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
+ * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
+ * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
+ * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that this software is not designed or intended for use in
+ * the design, construction, operation or maintenance of any nuclear facility.
+ */
+
+package org.jboss.security.xacml.sunxacml.attr;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import org.w3c.dom.Node;
+
+
+/**
+ * Representation of an xs:anyURI value. This class supports parsing
+ * xs:anyURI values.
+ *
+ * @since 1.0
+ * @author Seth Proctor
+ */
+public class AnyURIAttribute extends AttributeValue
+{
+
+ /**
+ * Official name of this type
+ */
+ public static final String identifier =
+ "http://www.w3.org/2001/XMLSchema#anyURI";
+
+ //URI version of name for this type
+ private static URI identifierURI = URI.create(identifier);
+
+ // the URI value that this class represents
+ private URI value;
+
+ /**
+ * Creates a new <code>AnyURIAttribute</code> that represents
+ * the URI value supplied.
+ *
+ * @param value the <code>URI</code> value to be represented
+ */
+ public AnyURIAttribute(URI value) {
+ super(identifierURI);
+
+ this.value = value;
+ }
+
+ /**
+ * Returns a new <code>AnyURIAttribute</code> that represents
+ * the xs:anyURI at a particular DOM node.
+ *
+ * @param root the <code>Node</code> that contains the desired value
+ *
+ * @return a new <code>AnyURIAttribute</code> representing the
+ * appropriate value (null if there is a parsing error)
+ */
+ public static AnyURIAttribute getInstance(Node root)
+ throws URISyntaxException
+ {
+ return getInstance(root.getFirstChild().getNodeValue());
+ }
+
+ /**
+ * Returns a new <code>AnyURIAttribute</code> that represents
+ * the xs:anyURI value indicated by the <code>String</code> provided.
+ *
+ * @param value a string representing the desired value
+ *
+ * @return a new <code>AnyURIAttribute</code> representing the
+ * appropriate value
+ */
+ public static AnyURIAttribute getInstance(String value)
+ throws URISyntaxException
+ {
+ value = value.trim();
+ return new AnyURIAttribute(new URI(value));
+ }
+
+ /**
+ * Returns the <code>URI</code> value represented by this object.
+ *
+ * @return the <code>URI</code> value
+ */
+ public URI getValue() {
+ return value;
+ }
+
+ /**
+ * Returns true if the input is an instance of this class and if its
+ * value equals the value contained in this class.
+ *
+ * @param o the object to compare
+ *
+ * @return true if this object and the input represent the same value
+ */
+ public boolean equals(Object o) {
+ if (! (o instanceof AnyURIAttribute))
+ return false;
+
+ AnyURIAttribute other = (AnyURIAttribute)o;
+
+ return value.equals(other.value);
+ }
+
+ /**
+ * Returns the hashcode value used to index and compare this object with
+ * others of the same type. Typically this is the hashcode of the backing
+ * data object.
+ *
+ * @return the object's hashcode value
+ */
+ public int hashCode() {
+ return value.hashCode();
+ }
+
+ /**
+ * Converts to a String representation.
+ *
+ * @return the String representation
+ */
+ public String toString() {
+ return "AnyURIAttribute: \"" + value.toString() + "\"";
+ }
+
+ /**
+ *
+ */
+ public String encode() {
+ return value.toString();
+ }
+
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/BaseAttributeFactory.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/BaseAttributeFactory.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/BaseAttributeFactory.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,245 +0,0 @@
-
-/*
- * @(#)BaseAttributeFactory.java
- *
- * Copyright 2004 Sun Microsystems, Inc. All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistribution of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * 2. Redistribution in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * Neither the name of Sun Microsystems, Inc. or the names of contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * This software is provided "AS IS," without a warranty of any kind. ALL
- * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
- * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
- * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
- * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
- * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
- * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
- * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
- * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
- * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
- * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
- *
- * You acknowledge that this software is not designed or intended for use in
- * the design, construction, operation or maintenance of any nuclear facility.
- */
-
-package org.jboss.security.xacml.sunxacml.attr;
-
-
-import java.net.URI;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Set;
-
-import org.jboss.security.xacml.sunxacml.ParsingException;
-import org.jboss.security.xacml.sunxacml.UnknownIdentifierException;
-import org.w3c.dom.Node;
-
-
-/**
- * This is a basic implementation of <code>AttributeFactory</code>. It
- * implements the insertion and retrieval methods, but doesn't actually
- * setup the factory with any datatypes.
- * <p>
- * Note that while this class is thread-safe on all creation methods, it
- * is not safe to add support for a new datatype while creating an instance
- * of a value. This follows from the assumption that most people will
- * initialize these factories up-front, and then start processing without
- * ever modifying the factories. If you need these mutual operations to
- * be thread-safe, then you should write a wrapper class that implements
- * the right synchronization.
- *
- * @since 1.2
- * @author Seth Proctor
- */
-public class BaseAttributeFactory extends AttributeFactory
-{
-
- // the map of proxies
- private HashMap attributeMap;
-
- /**
- * Default constructor.
- */
- public BaseAttributeFactory() {
- attributeMap = new HashMap();
- }
-
- /**
- * Constructor that configures this factory with an initial set of
- * supported datatypes.
- *
- * @param attributes a <code>Map</code> of <code>String</code>s to
- * </code>AttributeProxy</code>s
- *
- * @throws IllegalArgumentException if any elements of the Map are not
- * </code>AttributeProxy</code>s
- */
- public BaseAttributeFactory(Map attributes) {
- attributeMap = new HashMap();
-
- Iterator it = attributes.keySet().iterator();
- while (it.hasNext()) {
- try {
- String id = (it.next()).toString();
- AttributeProxy proxy = (AttributeProxy)(attributes.get(id));
- attributeMap.put(id, proxy);
- } catch (ClassCastException cce) {
- throw new IllegalArgumentException("an element of the map " +
- "was not an instance of " +
- "AttributeProxy");
- }
- }
- }
-
- /**
- * Adds a proxy to the factory, which in turn will allow new attribute
- * types to be created using the factory. Typically the proxy is
- * provided as an anonymous class that simply calls the getInstance
- * methods (or something similar) of some <code>AttributeValue</code>
- * class.
- *
- * @param id the name of the attribute type
- * @param proxy the proxy used to create new attributes of the given type
- */
- public void addDatatype(String id, AttributeProxy proxy) {
- // make sure this doesn't already exist
- if (attributeMap.containsKey(id))
- throw new IllegalArgumentException("datatype already exists");
-
- attributeMap.put(id, proxy);
- }
-
- /**
- * Returns the datatype identifiers supported by this factory.
- *
- * @return a <code>Set</code> of <code>String</code>s
- */
- public Set getSupportedDatatypes() {
- return Collections.unmodifiableSet(attributeMap.keySet());
- }
-
- /**
- * Creates a value based on the given DOM root node. The type of the
- * attribute is assumed to be present in the node as an XACML attribute
- * named <code>DataType</code>, as is the case with the
- * AttributeValueType in the policy schema. The value is assumed to be
- * the first child of this node.
- *
- * @param root the DOM root of an attribute value
- *
- * @return a new <code>AttributeValue</code>
- *
- * @throws UnknownIdentifierException if the type in the node isn't
- * known to the factory
- * @throws ParsingException if the node is invalid or can't be parsed
- * by the appropriate proxy
- */
- public AttributeValue createValue(Node root)
- throws UnknownIdentifierException, ParsingException
- {
- Node node = root.getAttributes().getNamedItem("DataType");
-
- return createValue(root, node.getNodeValue());
- }
-
- /**
- * Creates a value based on the given DOM root node and data type.
- *
- * @param root the DOM root of an attribute value
- * @param dataType the type of the attribute
- *
- * @return a new <code>AttributeValue</code>
- *
- * @throws UnknownIdentifierException if the data type isn't known to
- * the factory
- * @throws ParsingException if the node is invalid or can't be parsed
- * by the appropriate proxy
- */
- public AttributeValue createValue(Node root, URI dataType)
- throws UnknownIdentifierException, ParsingException
- {
- return createValue(root, dataType.toString());
- }
-
- /**
- * Creates a value based on the given DOM root node and data type.
- *
- * @param root the DOM root of an attribute value
- * @param type the type of the attribute
- *
- * @return a new <code>AttributeValue</code>
- *
- * @throws UnknownIdentifierException if the type isn't known to
- * the factory
- * @throws ParsingException if the node is invalid or can't be parsed
- * by the appropriate proxy
- */
- public AttributeValue createValue(Node root, String type)
- throws UnknownIdentifierException, ParsingException
- {
- AttributeProxy proxy = (AttributeProxy)(attributeMap.get(type));
-
- if (proxy != null) {
- try {
- return proxy.getInstance(root);
- } catch (Exception e) {
- throw new ParsingException("couldn't create " + type +
- " attribute based on DOM node");
- }
- } else {
- throw new UnknownIdentifierException("Attributes of type " + type +
- " aren't supported.");
- }
- }
-
- /**
- * Creates a value based on the given data type and text-encoded value.
- * Used primarily by code that does an XPath query to get an
- * attribute value, and then needs to turn the resulting value into
- * an Attribute class.
- *
- * @param dataType the type of the attribute
- * @param value the text-encoded representation of an attribute's value
- *
- * @return a new <code>AttributeValue</code>
- *
- * @throws UnknownIdentifierException if the data type isn't known to
- * the factory
- * @throws ParsingException if the text is invalid or can't be parsed
- * by the appropriate proxy
- */
- public AttributeValue createValue(URI dataType, String value)
- throws UnknownIdentifierException, ParsingException
- {
- String type = dataType.toString();
- AttributeProxy proxy = (AttributeProxy)(attributeMap.get(type));
-
- if (proxy != null) {
- try {
- return proxy.getInstance(value);
- } catch (Exception e) {
- throw new ParsingException("couldn't create " + type +
- " attribute from input: " + value);
- }
- } else {
- throw new UnknownIdentifierException("Attributes of type " + type +
- " aren't supported.");
- }
- }
-
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/BaseAttributeFactory.java (from rev 89972, projects/security/security-xacml/trunk/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/BaseAttributeFactory.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/BaseAttributeFactory.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/BaseAttributeFactory.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,245 @@
+
+/*
+ * @(#)BaseAttributeFactory.java
+ *
+ * Copyright 2004 Sun Microsystems, Inc. All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistribution of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistribution in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * Neither the name of Sun Microsystems, Inc. or the names of contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any kind. ALL
+ * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
+ * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
+ * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
+ * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
+ * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
+ * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
+ * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
+ * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
+ * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
+ * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that this software is not designed or intended for use in
+ * the design, construction, operation or maintenance of any nuclear facility.
+ */
+
+package org.jboss.security.xacml.sunxacml.attr;
+
+
+import java.net.URI;
+
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
+
+import org.jboss.security.xacml.sunxacml.ParsingException;
+import org.jboss.security.xacml.sunxacml.UnknownIdentifierException;
+import org.w3c.dom.Node;
+
+
+/**
+ * This is a basic implementation of <code>AttributeFactory</code>. It
+ * implements the insertion and retrieval methods, but doesn't actually
+ * setup the factory with any datatypes.
+ * <p>
+ * Note that while this class is thread-safe on all creation methods, it
+ * is not safe to add support for a new datatype while creating an instance
+ * of a value. This follows from the assumption that most people will
+ * initialize these factories up-front, and then start processing without
+ * ever modifying the factories. If you need these mutual operations to
+ * be thread-safe, then you should write a wrapper class that implements
+ * the right synchronization.
+ *
+ * @since 1.2
+ * @author Seth Proctor
+ */
+public class BaseAttributeFactory extends AttributeFactory
+{
+
+ // the map of proxies
+ private HashMap attributeMap;
+
+ /**
+ * Default constructor.
+ */
+ public BaseAttributeFactory() {
+ attributeMap = new HashMap();
+ }
+
+ /**
+ * Constructor that configures this factory with an initial set of
+ * supported datatypes.
+ *
+ * @param attributes a <code>Map</code> of <code>String</code>s to
+ * </code>AttributeProxy</code>s
+ *
+ * @throws IllegalArgumentException if any elements of the Map are not
+ * </code>AttributeProxy</code>s
+ */
+ public BaseAttributeFactory(Map attributes) {
+ attributeMap = new HashMap();
+
+ Iterator it = attributes.keySet().iterator();
+ while (it.hasNext()) {
+ try {
+ String id = (it.next()).toString();
+ AttributeProxy proxy = (AttributeProxy)(attributes.get(id));
+ attributeMap.put(id, proxy);
+ } catch (ClassCastException cce) {
+ throw new IllegalArgumentException("an element of the map " +
+ "was not an instance of " +
+ "AttributeProxy");
+ }
+ }
+ }
+
+ /**
+ * Adds a proxy to the factory, which in turn will allow new attribute
+ * types to be created using the factory. Typically the proxy is
+ * provided as an anonymous class that simply calls the getInstance
+ * methods (or something similar) of some <code>AttributeValue</code>
+ * class.
+ *
+ * @param id the name of the attribute type
+ * @param proxy the proxy used to create new attributes of the given type
+ */
+ public void addDatatype(String id, AttributeProxy proxy) {
+ // make sure this doesn't already exist
+ if (attributeMap.containsKey(id))
+ throw new IllegalArgumentException("datatype already exists");
+
+ attributeMap.put(id, proxy);
+ }
+
+ /**
+ * Returns the datatype identifiers supported by this factory.
+ *
+ * @return a <code>Set</code> of <code>String</code>s
+ */
+ public Set getSupportedDatatypes() {
+ return Collections.unmodifiableSet(attributeMap.keySet());
+ }
+
+ /**
+ * Creates a value based on the given DOM root node. The type of the
+ * attribute is assumed to be present in the node as an XACML attribute
+ * named <code>DataType</code>, as is the case with the
+ * AttributeValueType in the policy schema. The value is assumed to be
+ * the first child of this node.
+ *
+ * @param root the DOM root of an attribute value
+ *
+ * @return a new <code>AttributeValue</code>
+ *
+ * @throws UnknownIdentifierException if the type in the node isn't
+ * known to the factory
+ * @throws ParsingException if the node is invalid or can't be parsed
+ * by the appropriate proxy
+ */
+ public AttributeValue createValue(Node root)
+ throws UnknownIdentifierException, ParsingException
+ {
+ Node node = root.getAttributes().getNamedItem("DataType");
+
+ return createValue(root, node.getNodeValue());
+ }
+
+ /**
+ * Creates a value based on the given DOM root node and data type.
+ *
+ * @param root the DOM root of an attribute value
+ * @param dataType the type of the attribute
+ *
+ * @return a new <code>AttributeValue</code>
+ *
+ * @throws UnknownIdentifierException if the data type isn't known to
+ * the factory
+ * @throws ParsingException if the node is invalid or can't be parsed
+ * by the appropriate proxy
+ */
+ public AttributeValue createValue(Node root, URI dataType)
+ throws UnknownIdentifierException, ParsingException
+ {
+ return createValue(root, dataType.toString());
+ }
+
+ /**
+ * Creates a value based on the given DOM root node and data type.
+ *
+ * @param root the DOM root of an attribute value
+ * @param type the type of the attribute
+ *
+ * @return a new <code>AttributeValue</code>
+ *
+ * @throws UnknownIdentifierException if the type isn't known to
+ * the factory
+ * @throws ParsingException if the node is invalid or can't be parsed
+ * by the appropriate proxy
+ */
+ public AttributeValue createValue(Node root, String type)
+ throws UnknownIdentifierException, ParsingException
+ {
+ AttributeProxy proxy = (AttributeProxy)(attributeMap.get(type));
+
+ if (proxy != null) {
+ try {
+ return proxy.getInstance(root);
+ } catch (Exception e) {
+ throw new ParsingException("couldn't create " + type +
+ " attribute based on DOM node",e);
+ }
+ } else {
+ throw new UnknownIdentifierException("Attributes of type " + type +
+ " aren't supported.");
+ }
+ }
+
+ /**
+ * Creates a value based on the given data type and text-encoded value.
+ * Used primarily by code that does an XPath query to get an
+ * attribute value, and then needs to turn the resulting value into
+ * an Attribute class.
+ *
+ * @param dataType the type of the attribute
+ * @param value the text-encoded representation of an attribute's value
+ *
+ * @return a new <code>AttributeValue</code>
+ *
+ * @throws UnknownIdentifierException if the data type isn't known to
+ * the factory
+ * @throws ParsingException if the text is invalid or can't be parsed
+ * by the appropriate proxy
+ */
+ public AttributeValue createValue(URI dataType, String value)
+ throws UnknownIdentifierException, ParsingException
+ {
+ String type = dataType.toString();
+ AttributeProxy proxy = (AttributeProxy)(attributeMap.get(type));
+
+ if (proxy != null) {
+ try {
+ return proxy.getInstance(value);
+ } catch (Exception e) {
+ throw new ParsingException("couldn't create " + type +
+ " attribute from input: " + value , e);
+ }
+ } else {
+ throw new UnknownIdentifierException("Attributes of type " + type +
+ " aren't supported.");
+ }
+ }
+
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/TimeAttribute.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/TimeAttribute.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/TimeAttribute.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,470 +0,0 @@
-
-/*
- * @(#)TimeAttribute.java
- *
- * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistribution of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * 2. Redistribution in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * Neither the name of Sun Microsystems, Inc. or the names of contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * This software is provided "AS IS," without a warranty of any kind. ALL
- * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
- * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
- * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
- * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
- * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
- * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
- * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
- * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
- * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
- * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
- *
- * You acknowledge that this software is not designed or intended for use in
- * the design, construction, operation or maintenance of any nuclear facility.
- */
-
-package org.jboss.security.xacml.sunxacml.attr;
-
-
-import java.net.URI;
-import java.text.ParseException;
-import java.util.Date;
-import java.util.TimeZone;
-
-import org.jboss.security.xacml.sunxacml.ParsingException;
-import org.jboss.security.xacml.sunxacml.ProcessingException;
-import org.w3c.dom.Node;
-
-
-/**
- * Representation of an xs:time value. This class supports parsing
- * xs:time values. All objects of this class are immutable and
- * thread-safe. The <code>Date</code> objects returned are not, but
- * these objects are cloned before being returned.
- *
- * @since 1.0
- * @author Steve Hanna
- * @author Seth Proctor
- */
-public class TimeAttribute extends AttributeValue
-{
- /**
- * Official name of this type
- */
- public static final String identifier =
- "http://www.w3.org/2001/XMLSchema#time";
-
- /**
- * URI version of name for this type
- * <p>
- * This object is used for synchronization whenever we need
- * protection across this whole class.
- */
- private static URI identifierURI = URI.create(identifier);
-
- /**
- * Time zone value that indicates that the time zone was not
- * specified.
- */
- public static final int TZ_UNSPECIFIED = -1000000;
-
- /**
- * The time that this object represents in second resolution, in
- * milliseconds GMT, with zero being midnight. If no time zone was
- * specified, the local time zone is used to convert to milliseconds
- * relative to GMT.
- */
- private long timeGMT;
-
- /**
- * The number of nanoseconds beyond the time given by the timeGMT
- * field. The XML Query document says that fractional seconds
- * must be supported down to at least 100 nanosecond resolution.
- * The Date class only supports milliseconds, so we include here
- * support for nanosecond resolution.
- */
- private int nanoseconds;
-
- // NOTE: now that we're not using a Date object, the above two variables
- // could be condensed, and the interface could be changed so we don't
- // need to worry about tracking the time values separately
-
- /**
- * The time zone specified for this object (or TZ_UNSPECIFIED if
- * unspecified). The offset to GMT, in minutes.
- */
- private int timeZone;
-
- /**
- * The time zone actually used for this object (if it was
- * originally unspecified, the default time zone used).
- * The offset to GMT, in minutes.
- */
- private int defaultedTimeZone;
-
- /**
- * Cached encoded value (null if not cached yet).
- */
- private String encodedValue = null;
-
- /**
- * Creates a new <code>TimeAttribute</code> that represents
- * the current time in the current time zone.
- */
- public TimeAttribute() {
- this(new Date());
- }
-
- /**
- * Creates a new <code>TimeAttribute</code> that represents
- * the given time but uses the default timezone and offset values.
- *
- * @param time a <code>Date</code> object representing the
- * specified time down to second resolution. This
- * date should have a date of 01/01/1970. If it does
- * not, such a date will be forced. If this object
- * has non-zero milliseconds, they are combined
- * with the nanoseconds parameter.
- */
- public TimeAttribute(Date time) {
- super(identifierURI);
-
- int currOffset = DateTimeAttribute.getDefaultTZOffset(time);
- init(time, 0, currOffset, currOffset);
- }
-
- /**
- * Creates a new <code>TimeAttribute</code> that represents
- * the time supplied.
- *
- * @param time a <code>Date</code> object representing the
- * specified time down to second resolution. This
- * date should have a date of 01/01/1970. If it does
- * not, such a date will be forced. If this object
- * has non-zero milliseconds, they are combined
- * with the nanoseconds parameter.
- * @param nanoseconds the number of nanoseconds beyond the
- * Date specified in the date parameter
- * @param timeZone the time zone specified for this object
- * (or TZ_UNSPECIFIED if unspecified). The
- * offset to GMT, in minutes.
- * @param defaultedTimeZone the time zone actually used for this
- * object, which must be specified.
- * The offset to GMT, in minutes.
- */
- public TimeAttribute(Date time, int nanoseconds, int timeZone,
- int defaultedTimeZone) {
- super(identifierURI);
-
- // if the timezone is unspecified, it's illegal for the defaulted
- // timezone to also be unspecified
- if ((timeZone == TZ_UNSPECIFIED) &&
- (defaultedTimeZone == TZ_UNSPECIFIED))
- throw new ProcessingException("default timezone must be specified"
- + "when a timezone is provided");
-
- init(time, nanoseconds, timeZone, defaultedTimeZone);
- }
-
- /**
- * Initialization code shared by constructors.
- *
- * @param date a <code>Date</code> object representing the
- * specified time down to second resolution. This
- * date should have a date of 01/01/1970. If it does
- * not, such a date will be forced. If this object
- * has non-zero milliseconds, they are combined
- * with the nanoseconds parameter.
- * @param nanoseconds the number of nanoseconds beyond the
- * Date specified in the date parameter
- * @param timeZone the time zone specified for this object
- * (or TZ_UNSPECIFIED if unspecified). The
- * offset to GMT, in minutes.
- * @param defaultedTimeZone the time zone actually used for this
- * object (if it was originally unspecified,
- * the default time zone used).
- * The offset to GMT, in minutes.
- */
- private void init(Date date, int nanoseconds, int timeZone,
- int defaultedTimeZone) {
-
- // get a temporary copy of the date
- Date tmpDate = (Date)(date.clone());
-
- // Combine the nanoseconds so they are between 0 and 999,999,999
- this.nanoseconds =
- DateTimeAttribute.combineNanos(tmpDate, nanoseconds);
-
- // now that the date has been (potentially) updated, store the time
- this.timeGMT = tmpDate.getTime();
-
- // keep track of the timezone values
- this.timeZone = timeZone;
- this.defaultedTimeZone = defaultedTimeZone;
-
- // Check that the date is normalized to 1/1/70
- if ((timeGMT >= DateAttribute.MILLIS_PER_DAY) || (timeGMT < 0)) {
- timeGMT = timeGMT % DateAttribute.MILLIS_PER_DAY;
-
- // if we had a negative value then we need to shift by a day
- if (timeGMT < 0)
- timeGMT += DateAttribute.MILLIS_PER_DAY;
- }
- }
-
- /**
- * Returns a new <code>TimeAttribute</code> that represents
- * the xs:time at a particular DOM node.
- *
- * @param root the <code>Node</code> that contains the desired value
- * @return a new <code>TimeAttribute</code> representing the
- * appropriate value (null if there is a parsing error)
- */
- public static TimeAttribute getInstance(Node root)
- throws ParsingException, NumberFormatException, ParseException
- {
- return getInstance(root.getFirstChild().getNodeValue());
- }
-
- /**
- * Returns a new <code>TimeAttribute</code> that represents
- * the xs:time value indicated by the string provided.
- *
- * @param value a string representing the desired value
- * @return a new <code>TimeAttribute</code> representing the
- * desired value (null if there is a parsing error)
- * @throws ParsingException if any problems occurred while parsing
- */
- public static TimeAttribute getInstance(String value)
- throws ParsingException, NumberFormatException, ParseException
- {
- // Prepend date string for Jan 1 1970 and use the
- // DateTimeAttribute parsing code.
-
- value = "1970-01-01T" + value;
-
- DateTimeAttribute dateTime = DateTimeAttribute.getInstance(value);
-
- // if there was no explicit TZ provided, then we want to make sure
- // the that the defaulting is done correctly, especially since 1/1/70
- // is always out of daylight savings time
-
- Date dateValue = dateTime.getValue();
- int defaultedTimeZone = dateTime.getDefaultedTimeZone();
- if (dateTime.getTimeZone() == TZ_UNSPECIFIED) {
- TimeZone localTZ = TimeZone.getDefault();
- int newDefTimeZone =
- DateTimeAttribute.getDefaultTZOffset(new Date());
- dateValue = new Date(dateValue.getTime() -
- (newDefTimeZone - defaultedTimeZone) *
- DateAttribute.MILLIS_PER_MINUTE);
- defaultedTimeZone = newDefTimeZone;
- }
-
- return new TimeAttribute(dateValue,
- dateTime.getNanoseconds(),
- dateTime.getTimeZone(),
- defaultedTimeZone);
- }
-
- /**
- * Gets the time represented by this object. The return
- * value is a <code>Date</code> object representing the
- * specified time down to second resolution with a date
- * of January 1, 1970. Subsecond values are handled by the
- * {@link #getNanoseconds getNanoseconds} method.
- *
- * @return a <code>Date</code> object representing the
- * time represented by this object
- */
- public Date getValue() {
- return new Date(timeGMT);
- }
-
- /**
- * Gets the number of milliseconds since midnight GMT that this attribute
- * value represents. This is the same time returned by
- * <code>getValue</code>, and likewise the milliseconds are provided
- * with second resolution.
- *
- * @return milliseconds since midnight GMT
- */
- public long getMilliseconds() {
- return timeGMT;
- }
-
- /**
- * Gets the nanoseconds of this object.
- *
- * @return the number of nanoseconds
- */
- public int getNanoseconds() {
- return nanoseconds;
- }
-
- /**
- * Gets the time zone of this object (or TZ_UNSPECIFIED if
- * unspecified).
- *
- * @return the offset to GMT in minutes (positive or negative)
- */
- public int getTimeZone() {
- return timeZone;
- }
-
- /**
- * Gets the time zone actually used for this object (if it was
- * originally unspecified, the default time zone used).
- *
- * @return the offset to GMT in minutes (positive or negative)
- */
- public int getDefaultedTimeZone() {
- return defaultedTimeZone;
- }
-
- /**
- * Returns true if the input is an instance of this class and if its
- * value equals the value contained in this class.
- *
- * @param o the object to compare
- *
- * @return true if this object and the input represent the same value
- */
- public boolean equals(Object o) {
- if (! (o instanceof TimeAttribute))
- return false;
-
- TimeAttribute other = (TimeAttribute)o;
-
- return (timeGMT == other.timeGMT &&
- (nanoseconds == other.nanoseconds));
- }
-
- /**
- * Returns the hashcode value used to index and compare this object with
- * others of the same type. Typically this is the hashcode of the backing
- * data object.
- *
- * @return the object's hashcode value
- */
- public int hashCode() {
- // the standard Date hashcode is used here...
- int hashCode = (int)(timeGMT ^ (timeGMT >>> 32));
-
- // ...but both the timeGMT and the nanoseconds fields are considered
- // by the equals method, so it's best if the hashCode is derived
- // from both of those fields.
- hashCode = (31 * hashCode) + nanoseconds;
-
- return hashCode;
- }
-
- /**
- * Converts to a String representation.
- *
- * @return the String representation
- */
- public String toString() {
- StringBuffer sb = new StringBuffer();
- sb.append("TimeAttribute: [\n");
-
- // calculate the GMT value of this time
- long secsGMT = timeGMT / 1000;
- long minsGMT = secsGMT / 60;
- secsGMT = secsGMT % 60;
- long hoursGMT = minsGMT / 60;
- minsGMT = minsGMT % 60;
-
- // put the right number of zeros in place
- String hoursStr = (hoursGMT < 10) ? "0" + hoursGMT : "" + hoursGMT;
- String minsStr = (minsGMT < 10) ? "0" + minsGMT : "" + minsGMT;
- String secsStr = (secsGMT < 10) ? "0" + secsGMT : "" + secsGMT;
-
- sb.append(" Time GMT: " + hoursStr + ":" + minsStr + ":" + secsStr);
- sb.append(" Nanoseconds: " + nanoseconds);
- sb.append(" TimeZone: " + timeZone);
- sb.append(" Defaulted TimeZone: " + defaultedTimeZone);
- sb.append("]");
-
- return sb.toString();
- }
-
- /**
- * Encodes the value in a form suitable for including in XML data like
- * a request or an obligation. This returns a time value that could in
- * turn be used by the factory to create a new instance with the same
- * value.
- *
- * @return a <code>String</code> form of the value
- */
- public String encode() {
- if (encodedValue != null)
- return encodedValue;
-
- // "hh:mm:ss.sssssssss+hh:mm".length() = 27
- StringBuffer buf = new StringBuffer(27);
-
- // get the correct time for the timezone being used
- int millis = (int)timeGMT;
- if (timeZone == TZ_UNSPECIFIED)
- millis += (defaultedTimeZone * DateAttribute.MILLIS_PER_MINUTE);
- else
- millis += (timeZone * DateAttribute.MILLIS_PER_MINUTE);
-
- if (millis < 0) {
- millis += DateAttribute.MILLIS_PER_DAY;
- } else if (millis >= DateAttribute.MILLIS_PER_DAY) {
- millis -= DateAttribute.MILLIS_PER_DAY;
- }
-
- // now generate the time string
- int hour = millis / DateAttribute.MILLIS_PER_HOUR;
- millis = millis % DateAttribute.MILLIS_PER_HOUR;
- buf.append(DateAttribute.zeroPadInt(hour, 2));
- buf.append(':');
- int minute = millis / DateAttribute.MILLIS_PER_MINUTE;
- millis = millis % DateAttribute.MILLIS_PER_MINUTE;
- buf.append(DateAttribute.zeroPadInt(minute, 2));
- buf.append(':');
- int second = millis / DateAttribute.MILLIS_PER_SECOND;
- buf.append(DateAttribute.zeroPadInt(second, 2));
-
- // add any nanoseconds
- if (nanoseconds != 0) {
- buf.append('.');
- buf.append(DateAttribute.zeroPadInt(nanoseconds, 9));
- }
-
- // if there is a specified timezone, then include that in the encoding
- if (timeZone != TZ_UNSPECIFIED) {
- int tzNoSign = timeZone;
- if (timeZone < 0) {
- tzNoSign = -tzNoSign;
- buf.append('-');
- } else
- buf.append('+');
- int tzHours = tzNoSign / 60;
- buf.append(DateAttribute.zeroPadInt(tzHours, 2));
- buf.append(':');
- int tzMinutes = tzNoSign % 60;
- buf.append(DateAttribute.zeroPadInt(tzMinutes, 2));
- }
-
- // remember the encoding for later
- encodedValue = buf.toString();
-
- return encodedValue;
- }
-
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/TimeAttribute.java (from rev 86555, projects/security/security-xacml/trunk/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/TimeAttribute.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/TimeAttribute.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/attr/TimeAttribute.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,475 @@
+
+/*
+ * @(#)TimeAttribute.java
+ *
+ * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistribution of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistribution in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * Neither the name of Sun Microsystems, Inc. or the names of contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any kind. ALL
+ * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
+ * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
+ * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
+ * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
+ * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
+ * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
+ * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
+ * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
+ * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
+ * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that this software is not designed or intended for use in
+ * the design, construction, operation or maintenance of any nuclear facility.
+ */
+
+package org.jboss.security.xacml.sunxacml.attr;
+
+
+import java.net.URI;
+import java.text.ParseException;
+import java.util.Date;
+import java.util.TimeZone;
+
+import org.jboss.security.xacml.sunxacml.ParsingException;
+import org.jboss.security.xacml.sunxacml.ProcessingException;
+import org.w3c.dom.Node;
+
+
+/**
+ * Representation of an xs:time value. This class supports parsing
+ * xs:time values. All objects of this class are immutable and
+ * thread-safe. The <code>Date</code> objects returned are not, but
+ * these objects are cloned before being returned.
+ *
+ * @since 1.0
+ * @author Steve Hanna
+ * @author Seth Proctor
+ */
+public class TimeAttribute extends AttributeValue
+{
+ /**
+ * Official name of this type
+ */
+ public static final String identifier =
+ "http://www.w3.org/2001/XMLSchema#time";
+
+ /**
+ * URI version of name for this type
+ * <p>
+ * This object is used for synchronization whenever we need
+ * protection across this whole class.
+ */
+ private static URI identifierURI = URI.create(identifier);
+
+ /**
+ * Time zone value that indicates that the time zone was not
+ * specified.
+ */
+ public static final int TZ_UNSPECIFIED = -1000000;
+
+ /**
+ * The time that this object represents in second resolution, in
+ * milliseconds GMT, with zero being midnight. If no time zone was
+ * specified, the local time zone is used to convert to milliseconds
+ * relative to GMT.
+ */
+ private long timeGMT;
+
+ /**
+ * The number of nanoseconds beyond the time given by the timeGMT
+ * field. The XML Query document says that fractional seconds
+ * must be supported down to at least 100 nanosecond resolution.
+ * The Date class only supports milliseconds, so we include here
+ * support for nanosecond resolution.
+ */
+ private int nanoseconds;
+
+ // NOTE: now that we're not using a Date object, the above two variables
+ // could be condensed, and the interface could be changed so we don't
+ // need to worry about tracking the time values separately
+
+ /**
+ * The time zone specified for this object (or TZ_UNSPECIFIED if
+ * unspecified). The offset to GMT, in minutes.
+ */
+ private int timeZone;
+
+ /**
+ * The time zone actually used for this object (if it was
+ * originally unspecified, the default time zone used).
+ * The offset to GMT, in minutes.
+ */
+ private int defaultedTimeZone;
+
+ /**
+ * Cached encoded value (null if not cached yet).
+ */
+ private String encodedValue = null;
+
+ /**
+ * Creates a new <code>TimeAttribute</code> that represents
+ * the current time in the current time zone.
+ */
+ public TimeAttribute() {
+ this(new Date());
+ }
+
+ /**
+ * Creates a new <code>TimeAttribute</code> that represents
+ * the given time but uses the default timezone and offset values.
+ *
+ * @param time a <code>Date</code> object representing the
+ * specified time down to second resolution. This
+ * date should have a date of 01/01/1970. If it does
+ * not, such a date will be forced. If this object
+ * has non-zero milliseconds, they are combined
+ * with the nanoseconds parameter.
+ */
+ public TimeAttribute(Date time) {
+ super(identifierURI);
+
+ int currOffset = DateTimeAttribute.getDefaultTZOffset(time);
+ init(time, 0, currOffset, currOffset);
+ }
+
+ /**
+ * Creates a new <code>TimeAttribute</code> that represents
+ * the time supplied.
+ *
+ * @param time a <code>Date</code> object representing the
+ * specified time down to second resolution. This
+ * date should have a date of 01/01/1970. If it does
+ * not, such a date will be forced. If this object
+ * has non-zero milliseconds, they are combined
+ * with the nanoseconds parameter.
+ * @param nanoseconds the number of nanoseconds beyond the
+ * Date specified in the date parameter
+ * @param timeZone the time zone specified for this object
+ * (or TZ_UNSPECIFIED if unspecified). The
+ * offset to GMT, in minutes.
+ * @param defaultedTimeZone the time zone actually used for this
+ * object, which must be specified.
+ * The offset to GMT, in minutes.
+ */
+ public TimeAttribute(Date time, int nanoseconds, int timeZone,
+ int defaultedTimeZone) {
+ super(identifierURI);
+
+ // if the timezone is unspecified, it's illegal for the defaulted
+ // timezone to also be unspecified
+ if ((timeZone == TZ_UNSPECIFIED) &&
+ (defaultedTimeZone == TZ_UNSPECIFIED))
+ throw new ProcessingException("default timezone must be specified"
+ + "when a timezone is provided");
+
+ init(time, nanoseconds, timeZone, defaultedTimeZone);
+ }
+
+ /**
+ * Initialization code shared by constructors.
+ *
+ * @param date a <code>Date</code> object representing the
+ * specified time down to second resolution. This
+ * date should have a date of 01/01/1970. If it does
+ * not, such a date will be forced. If this object
+ * has non-zero milliseconds, they are combined
+ * with the nanoseconds parameter.
+ * @param nanoseconds the number of nanoseconds beyond the
+ * Date specified in the date parameter
+ * @param timeZone the time zone specified for this object
+ * (or TZ_UNSPECIFIED if unspecified). The
+ * offset to GMT, in minutes.
+ * @param defaultedTimeZone the time zone actually used for this
+ * object (if it was originally unspecified,
+ * the default time zone used).
+ * The offset to GMT, in minutes.
+ */
+ private void init(Date date, int nanoseconds, int timeZone,
+ int defaultedTimeZone) {
+
+ // get a temporary copy of the date
+ Date tmpDate = (Date)(date.clone());
+
+ // Combine the nanoseconds so they are between 0 and 999,999,999
+ this.nanoseconds =
+ DateTimeAttribute.combineNanos(tmpDate, nanoseconds);
+
+ // now that the date has been (potentially) updated, store the time
+ this.timeGMT = tmpDate.getTime();
+
+ // keep track of the timezone values
+ this.timeZone = timeZone;
+ this.defaultedTimeZone = defaultedTimeZone;
+
+ // Check that the date is normalized to 1/1/70
+ if ((timeGMT >= DateAttribute.MILLIS_PER_DAY) || (timeGMT < 0)) {
+ long div = timeGMT / DateAttribute.MILLIS_PER_DAY;
+ timeGMT = timeGMT % DateAttribute.MILLIS_PER_DAY;
+
+ //SECURITY-405
+ if(div == 1)
+ timeGMT += DateAttribute.MILLIS_PER_DAY;
+
+ // if we had a negative value then we need to shift by a day
+ if (timeGMT < 0)
+ timeGMT += DateAttribute.MILLIS_PER_DAY;
+ }
+ }
+
+ /**
+ * Returns a new <code>TimeAttribute</code> that represents
+ * the xs:time at a particular DOM node.
+ *
+ * @param root the <code>Node</code> that contains the desired value
+ * @return a new <code>TimeAttribute</code> representing the
+ * appropriate value (null if there is a parsing error)
+ */
+ public static TimeAttribute getInstance(Node root)
+ throws ParsingException, NumberFormatException, ParseException
+ {
+ return getInstance(root.getFirstChild().getNodeValue());
+ }
+
+ /**
+ * Returns a new <code>TimeAttribute</code> that represents
+ * the xs:time value indicated by the string provided.
+ *
+ * @param value a string representing the desired value
+ * @return a new <code>TimeAttribute</code> representing the
+ * desired value (null if there is a parsing error)
+ * @throws ParsingException if any problems occurred while parsing
+ */
+ public static TimeAttribute getInstance(String value)
+ throws ParsingException, NumberFormatException, ParseException
+ {
+ // Prepend date string for Jan 1 1970 and use the
+ // DateTimeAttribute parsing code.
+
+ value = "1970-01-01T" + value;
+
+ DateTimeAttribute dateTime = DateTimeAttribute.getInstance(value);
+
+ // if there was no explicit TZ provided, then we want to make sure
+ // the that the defaulting is done correctly, especially since 1/1/70
+ // is always out of daylight savings time
+
+ Date dateValue = dateTime.getValue();
+ int defaultedTimeZone = dateTime.getDefaultedTimeZone();
+ if (dateTime.getTimeZone() == TZ_UNSPECIFIED) {
+ TimeZone localTZ = TimeZone.getDefault();
+ int newDefTimeZone =
+ DateTimeAttribute.getDefaultTZOffset(new Date());
+ dateValue = new Date(dateValue.getTime() -
+ (newDefTimeZone - defaultedTimeZone) *
+ DateAttribute.MILLIS_PER_MINUTE);
+ defaultedTimeZone = newDefTimeZone;
+ }
+
+ return new TimeAttribute(dateValue,
+ dateTime.getNanoseconds(),
+ dateTime.getTimeZone(),
+ defaultedTimeZone);
+ }
+
+ /**
+ * Gets the time represented by this object. The return
+ * value is a <code>Date</code> object representing the
+ * specified time down to second resolution with a date
+ * of January 1, 1970. Subsecond values are handled by the
+ * {@link #getNanoseconds getNanoseconds} method.
+ *
+ * @return a <code>Date</code> object representing the
+ * time represented by this object
+ */
+ public Date getValue() {
+ return new Date(timeGMT);
+ }
+
+ /**
+ * Gets the number of milliseconds since midnight GMT that this attribute
+ * value represents. This is the same time returned by
+ * <code>getValue</code>, and likewise the milliseconds are provided
+ * with second resolution.
+ *
+ * @return milliseconds since midnight GMT
+ */
+ public long getMilliseconds() {
+ return timeGMT;
+ }
+
+ /**
+ * Gets the nanoseconds of this object.
+ *
+ * @return the number of nanoseconds
+ */
+ public int getNanoseconds() {
+ return nanoseconds;
+ }
+
+ /**
+ * Gets the time zone of this object (or TZ_UNSPECIFIED if
+ * unspecified).
+ *
+ * @return the offset to GMT in minutes (positive or negative)
+ */
+ public int getTimeZone() {
+ return timeZone;
+ }
+
+ /**
+ * Gets the time zone actually used for this object (if it was
+ * originally unspecified, the default time zone used).
+ *
+ * @return the offset to GMT in minutes (positive or negative)
+ */
+ public int getDefaultedTimeZone() {
+ return defaultedTimeZone;
+ }
+
+ /**
+ * Returns true if the input is an instance of this class and if its
+ * value equals the value contained in this class.
+ *
+ * @param o the object to compare
+ *
+ * @return true if this object and the input represent the same value
+ */
+ public boolean equals(Object o) {
+ if (! (o instanceof TimeAttribute))
+ return false;
+
+ TimeAttribute other = (TimeAttribute)o;
+
+ return (timeGMT == other.timeGMT &&
+ (nanoseconds == other.nanoseconds));
+ }
+
+ /**
+ * Returns the hashcode value used to index and compare this object with
+ * others of the same type. Typically this is the hashcode of the backing
+ * data object.
+ *
+ * @return the object's hashcode value
+ */
+ public int hashCode() {
+ // the standard Date hashcode is used here...
+ int hashCode = (int)(timeGMT ^ (timeGMT >>> 32));
+
+ // ...but both the timeGMT and the nanoseconds fields are considered
+ // by the equals method, so it's best if the hashCode is derived
+ // from both of those fields.
+ hashCode = (31 * hashCode) + nanoseconds;
+
+ return hashCode;
+ }
+
+ /**
+ * Converts to a String representation.
+ *
+ * @return the String representation
+ */
+ public String toString() {
+ StringBuffer sb = new StringBuffer();
+ sb.append("TimeAttribute: [\n");
+
+ // calculate the GMT value of this time
+ long secsGMT = timeGMT / 1000;
+ long minsGMT = secsGMT / 60;
+ secsGMT = secsGMT % 60;
+ long hoursGMT = minsGMT / 60;
+ minsGMT = minsGMT % 60;
+
+ // put the right number of zeros in place
+ String hoursStr = (hoursGMT < 10) ? "0" + hoursGMT : "" + hoursGMT;
+ String minsStr = (minsGMT < 10) ? "0" + minsGMT : "" + minsGMT;
+ String secsStr = (secsGMT < 10) ? "0" + secsGMT : "" + secsGMT;
+
+ sb.append(" Time GMT: " + hoursStr + ":" + minsStr + ":" + secsStr);
+ sb.append(" Nanoseconds: " + nanoseconds);
+ sb.append(" TimeZone: " + timeZone);
+ sb.append(" Defaulted TimeZone: " + defaultedTimeZone);
+ sb.append("]");
+
+ return sb.toString();
+ }
+
+ /**
+ * Encodes the value in a form suitable for including in XML data like
+ * a request or an obligation. This returns a time value that could in
+ * turn be used by the factory to create a new instance with the same
+ * value.
+ *
+ * @return a <code>String</code> form of the value
+ */
+ public String encode() {
+ if (encodedValue != null)
+ return encodedValue;
+
+ // "hh:mm:ss.sssssssss+hh:mm".length() = 27
+ StringBuffer buf = new StringBuffer(27);
+
+ // get the correct time for the timezone being used
+ int millis = (int)timeGMT;
+ if (timeZone == TZ_UNSPECIFIED)
+ millis += (defaultedTimeZone * DateAttribute.MILLIS_PER_MINUTE);
+ else
+ millis += (timeZone * DateAttribute.MILLIS_PER_MINUTE);
+
+ if (millis < 0) {
+ millis += DateAttribute.MILLIS_PER_DAY;
+ } else if (millis >= DateAttribute.MILLIS_PER_DAY) {
+ millis -= DateAttribute.MILLIS_PER_DAY;
+ }
+
+ // now generate the time string
+ int hour = millis / DateAttribute.MILLIS_PER_HOUR;
+ millis = millis % DateAttribute.MILLIS_PER_HOUR;
+ buf.append(DateAttribute.zeroPadInt(hour, 2));
+ buf.append(':');
+ int minute = millis / DateAttribute.MILLIS_PER_MINUTE;
+ millis = millis % DateAttribute.MILLIS_PER_MINUTE;
+ buf.append(DateAttribute.zeroPadInt(minute, 2));
+ buf.append(':');
+ int second = millis / DateAttribute.MILLIS_PER_SECOND;
+ buf.append(DateAttribute.zeroPadInt(second, 2));
+
+ // add any nanoseconds
+ if (nanoseconds != 0) {
+ buf.append('.');
+ buf.append(DateAttribute.zeroPadInt(nanoseconds, 9));
+ }
+
+ // if there is a specified timezone, then include that in the encoding
+ if (timeZone != TZ_UNSPECIFIED) {
+ int tzNoSign = timeZone;
+ if (timeZone < 0) {
+ tzNoSign = -tzNoSign;
+ buf.append('-');
+ } else
+ buf.append('+');
+ int tzHours = tzNoSign / 60;
+ buf.append(DateAttribute.zeroPadInt(tzHours, 2));
+ buf.append(':');
+ int tzMinutes = tzNoSign % 60;
+ buf.append(DateAttribute.zeroPadInt(tzMinutes, 2));
+ }
+
+ // remember the encoding for later
+ encodedValue = buf.toString();
+
+ return encodedValue;
+ }
+
+}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/attr/TimeAttributeUnitTestCase.java (from rev 86555, projects/security/security-xacml/trunk/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/attr/TimeAttributeUnitTestCase.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/attr/TimeAttributeUnitTestCase.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/attr/TimeAttributeUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,63 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.sunxacml.attr;
+
+import java.util.Date;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.xacml.sunxacml.attr.TimeAttribute;
+
+/**
+ * Unit tests for the Time Attribute
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 30, 2009
+ */
+public class TimeAttributeUnitTestCase extends TestCase
+{
+ public void testTime() throws Exception
+ {
+ TimeAttribute end = TimeAttribute.getInstance("23:59:00-08:00");
+ TimeAttribute now = TimeAttribute.getInstance("16:50:07.091000000-05:00");
+
+ Date nowDate = now.getValue();
+ Date endDate = end.getValue();
+
+ assertTrue("4:50 PM CDT is before 11:59 PDT", nowDate.before(endDate));
+
+ end = TimeAttribute.getInstance("01:59:00-08:00");
+ now = TimeAttribute.getInstance("03:59:00-06:00");
+
+ nowDate = now.getValue();
+ endDate = end.getValue();
+
+ assertFalse("03:59 central is not before 01:59 PDT", nowDate.before(endDate) );
+
+ end = TimeAttribute.getInstance("03:59:00-08:00");
+ now = TimeAttribute.getInstance("03:59:00-08:00");
+
+ nowDate = now.getValue();
+ endDate = end.getValue();
+
+ assertFalse("03:59 PDT is not before 03:59 PDT", nowDate.before(endDate) );
+ }
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,70 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.security.sunxacml.policy;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.xacml.sunxacml.support.SimplePDP;
-
-/**
- * Unit test for reading Policies for the Sunxacml PDP
- * @author Anil.Saldhana at redhat.com
- * @since Mar 21, 2009
- */
-public class PolicyReadUnitTestCase extends TestCase
-{
- /**
- * SECURITY-394: bag-size throws IllegalArgumentException in FunctionBase
- * @throws Exception
- */
- public void testBagSize() throws Exception
- {
- String fileName = "src/test/resources/policies/bag-size/bag-size-policy.xml";
- readPolicyIntoPDP(fileName);
- }
-
-
- public void testFunctionMatch_01() throws Exception
- {
- String fileName = "src/test/resources/policies/function-match/function-match-policy-01.xml";
- readPolicyIntoPDP(fileName);
- }
-
- public void testFunctionMatch_02() throws Exception
- {
- String fileName = "src/test/resources/policies/function-match/function-match-policy-02.xml";
- readPolicyIntoPDP(fileName);
- }
-
- public void testHimmss09_01() throws Exception
- {
- String fileName = "src/test/resources/policies/himss09/himss-policy-01.xml";
- readPolicyIntoPDP(fileName);
- }
-
- private void readPolicyIntoPDP(String fileName) throws Exception
- {
- String[] policies = new String[] {fileName};
- SimplePDP pdp = new SimplePDP(policies);
- assertNotNull(pdp);
- }
-}
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java (from rev 89972, projects/security/security-xacml/trunk/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/policy/PolicyReadUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,76 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.sunxacml.policy;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.xacml.sunxacml.support.SimplePDP;
+
+/**
+ * Unit test for reading Policies for the Sunxacml PDP
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 21, 2009
+ */
+public class PolicyReadUnitTestCase extends TestCase
+{
+ /**
+ * SECURITY-394: bag-size throws IllegalArgumentException in FunctionBase
+ * @throws Exception
+ */
+ public void testBagSize() throws Exception
+ {
+ String fileName = "src/test/resources/policies/bag-size/bag-size-policy.xml";
+ readPolicyIntoPDP(fileName);
+ }
+
+
+ public void testFunctionMatch_01() throws Exception
+ {
+ String fileName = "src/test/resources/policies/function-match/function-match-policy-01.xml";
+ readPolicyIntoPDP(fileName);
+ }
+
+ public void testFunctionMatch_02() throws Exception
+ {
+ String fileName = "src/test/resources/policies/function-match/function-match-policy-02.xml";
+ readPolicyIntoPDP(fileName);
+ }
+
+ public void testAnyURL() throws Exception
+ {
+ String fileName = "src/test/resources/policies/anyurl/anyurl-policy.xml";
+ readPolicyIntoPDP(fileName);
+ }
+
+ public void testHimmss09_01() throws Exception
+ {
+ String fileName = "src/test/resources/policies/himss09/himss-policy-01.xml";
+ readPolicyIntoPDP(fileName);
+ }
+
+ private void readPolicyIntoPDP(String fileName) throws Exception
+ {
+ String[] policies = new String[] {fileName};
+ SimplePDP pdp = new SimplePDP(policies);
+ assertNotNull(pdp);
+ }
+}
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request (from rev 86469, projects/security/security-xacml/trunk/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request)
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request/RequestReadUnitTestCase.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request/RequestReadUnitTestCase.java 2009-03-30 13:13:14 UTC (rev 86469)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request/RequestReadUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,49 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2008, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.security.sunxacml.request;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.util.Set;
-
-import org.jboss.security.xacml.sunxacml.ctx.RequestCtx;
-
-import junit.framework.TestCase;
-
-/**
- * Unit test to read xacml requests
- * @author Anil.Saldhana at redhat.com
- * @since Mar 30, 2009
- */
-public class RequestReadUnitTestCase extends TestCase
-{
-
- public void testMultipleResourceIds() throws Exception
- {
- String fileName = "src/test/resources/requests/multiple-resourceid.xml";
-
- RequestCtx req = RequestCtx.getInstance(new FileInputStream(new File(fileName)));
- assertNotNull("Request is not null", req);
- Set resources = req.getResource();
- assertTrue("Multiple resources", resources.size() > 1);
- }
-}
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request/RequestReadUnitTestCase.java (from rev 86470, projects/security/security-xacml/trunk/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request/RequestReadUnitTestCase.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request/RequestReadUnitTestCase.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/java/org/jboss/test/security/sunxacml/request/RequestReadUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,50 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.sunxacml.request;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.util.Set;
+
+import org.jboss.security.xacml.sunxacml.ctx.RequestCtx;
+
+import junit.framework.TestCase;
+
+/**
+ * Unit test to read xacml requests
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 30, 2009
+ */
+public class RequestReadUnitTestCase extends TestCase
+{
+
+ @SuppressWarnings("unchecked")
+ public void testMultipleResourceIds() throws Exception
+ {
+ String fileName = "src/test/resources/requests/multiple-resourceid.xml";
+
+ RequestCtx req = RequestCtx.getInstance(new FileInputStream(new File(fileName)));
+ assertNotNull("Request is not null", req);
+ Set resources = req.getResource();
+ assertTrue("Multiple resources", resources.size() > 1);
+ }
+}
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/policies/anyurl (from rev 89972, projects/security/security-xacml/trunk/jboss-sunxacml/src/test/resources/policies/anyurl)
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/policies/anyurl/anyurl-policy.xml
===================================================================
--- projects/security/security-xacml/trunk/jboss-sunxacml/src/test/resources/policies/anyurl/anyurl-policy.xml 2009-06-08 16:00:07 UTC (rev 89972)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/policies/anyurl/anyurl-policy.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,42 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
- RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides"
- Version="2.0" PolicyId="ExamplePolicy">
- <Target>
- <Resources>
- <Resource>
- <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://test/developer-guide.html</AttributeValue>
- <ResourceAttributeDesignator
- DataType="http://www.w3.org/2001/XMLSchema#anyURI"
- AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" />
- </ResourceMatch>
- </Resource>
- </Resources>
- </Target>
- <Rule Effect="Permit" RuleId="ReadRule">
- <Target>
- <Actions>
- <Action>
- <ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue>
- <ActionAttributeDesignator
- DataType="http://www.w3.org/2001/XMLSchema#string"
- AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" />
- </ActionMatch>
- </Action>
- </Actions>
- </Target>
- <Condition>
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">developer
- </AttributeValue>
- <SubjectAttributeDesignator
- DataType="http://www.w3.org/2001/XMLSchema#string"
- AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" />
- </Apply>
- </Condition>
- </Rule>
- <!-- If none of the rules apply, deny the request -->
- <Rule Effect="Deny" RuleId="DenyRule" />
-</Policy>
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/policies/anyurl/anyurl-policy.xml (from rev 90264, projects/security/security-xacml/trunk/jboss-sunxacml/src/test/resources/policies/anyurl/anyurl-policy.xml)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/policies/anyurl/anyurl-policy.xml (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/policies/anyurl/anyurl-policy.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides"
+ Version="2.0" PolicyId="ExamplePolicy">
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI"> http://test/developer-guide.html</AttributeValue>
+ <ResourceAttributeDesignator
+ DataType="http://www.w3.org/2001/XMLSchema#anyURI"
+ AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule Effect="Permit" RuleId="ReadRule">
+ <Target>
+ <Actions>
+ <Action>
+ <ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue>
+ <ActionAttributeDesignator
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" />
+ </ActionMatch>
+ </Action>
+ </Actions>
+ </Target>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">developer
+ </AttributeValue>
+ <SubjectAttributeDesignator
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" />
+ </Apply>
+ </Condition>
+ </Rule>
+ <!-- If none of the rules apply, deny the request -->
+ <Rule Effect="Deny" RuleId="DenyRule" />
+</Policy>
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-sunxacml/src/test/resources/requests (from rev 86469, projects/security/security-xacml/trunk/jboss-sunxacml/src/test/resources/requests)
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/pom.xml
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/pom.xml 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/pom.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,71 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <parent>
- <groupId>org.jboss.security</groupId>
- <artifactId>jboss-xacml-project</artifactId>
- <version>2.0.3.CR4-SNAPSHOT</version>
- <relativePath>../build/pom.xml</relativePath>
- </parent>
- <modelVersion>4.0.0</modelVersion>
- <artifactId>jboss-xacml</artifactId>
- <packaging>jar</packaging>
- <name>JBoss XACML</name>
- <url>http://www.jboss.org</url>
- <description>JBoss XACML Library</description>
- <dependencies>
- <dependency>
- <groupId>org.jboss.security</groupId>
- <artifactId>jboss-sunxacml</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>apache-xerces</groupId>
- <artifactId>xml-apis</artifactId>
- <version>2.7.1</version>
- </dependency>
- <dependency>
- <groupId>sun-jaxb</groupId>
- <artifactId>jaxb-api</artifactId>
- <version>2.1.4</version>
- </dependency>
- <dependency>
- <groupId>sun-jaxb</groupId>
- <artifactId>jaxb-impl</artifactId>
- <version>2.1.4</version>
- </dependency>
- <dependency>
- <groupId>sun-jaxb</groupId>
- <artifactId>jaxb-xjc</artifactId>
- <version>2.1.4</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>stax</groupId>
- <artifactId>stax-api</artifactId>
- <version>1.0</version>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <version>3.8.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>sun-jaf</groupId>
- <artifactId>activation</artifactId>
- <version>1.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>codehaus-stax</groupId>
- <artifactId>stax</artifactId>
- <version>1.1.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>servlet-api</artifactId>
- <version>2.5</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-</project>
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/pom.xml (from rev 92268, projects/security/security-xacml/trunk/jboss-xacml/pom.xml)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/pom.xml (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/pom.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,71 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-xacml-project</artifactId>
+ <version>2.0.4</version>
+ <relativePath>../build/pom.xml</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>jboss-xacml</artifactId>
+ <packaging>jar</packaging>
+ <name>JBoss XACML</name>
+ <url>http://www.jboss.org</url>
+ <description>JBoss XACML Library</description>
+ <dependencies>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-sunxacml</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>apache-xerces</groupId>
+ <artifactId>xml-apis</artifactId>
+ <version>2.7.1</version>
+ </dependency>
+ <dependency>
+ <groupId>sun-jaxb</groupId>
+ <artifactId>jaxb-api</artifactId>
+ <version>2.1.4</version>
+ </dependency>
+ <dependency>
+ <groupId>sun-jaxb</groupId>
+ <artifactId>jaxb-impl</artifactId>
+ <version>2.1.4</version>
+ </dependency>
+ <dependency>
+ <groupId>sun-jaxb</groupId>
+ <artifactId>jaxb-xjc</artifactId>
+ <version>2.1.4</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>stax</groupId>
+ <artifactId>stax-api</artifactId>
+ <version>1.0</version>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>3.8.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>sun-jaf</groupId>
+ <artifactId>activation</artifactId>
+ <version>1.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>codehaus-stax</groupId>
+ <artifactId>stax</artifactId>
+ <version>1.1.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ <version>2.5</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+</project>
\ No newline at end of file
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/JBossPolicyFinder.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/JBossPolicyFinder.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/JBossPolicyFinder.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,43 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.bridge;
-
-import org.jboss.security.xacml.sunxacml.finder.PolicyFinder;
-
-/**
- * Represents a consolidated PolicyFinder
- * that can contain all the PolicyFinderModules
- *
- * - Use this in the creation of the PolicySet
- * from the PolicyFactory
- *
- * @author Anil.Saldhana at redhat.com
- * @since Jul 19, 2007
- * @version $Revision$
- */
-public class JBossPolicyFinder extends PolicyFinder
-{
- public JBossPolicyFinder()
- {
- super();
- }
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/JBossPolicyFinder.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/JBossPolicyFinder.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/JBossPolicyFinder.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/JBossPolicyFinder.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,43 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.bridge;
+
+import org.jboss.security.xacml.sunxacml.finder.PolicyFinder;
+
+/**
+ * Represents a consolidated PolicyFinder
+ * that can contain all the PolicyFinderModules
+ *
+ * - Use this in the creation of the PolicySet
+ * from the PolicyFactory
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 19, 2007
+ * @version $Revision$
+ */
+public class JBossPolicyFinder extends PolicyFinder
+{
+ public JBossPolicyFinder()
+ {
+ super();
+ }
+}
\ No newline at end of file
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/PolicySetFinderModule.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/PolicySetFinderModule.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/PolicySetFinderModule.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,146 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.bridge;
-
-import java.net.URI;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.jboss.security.xacml.sunxacml.AbstractPolicy;
-import org.jboss.security.xacml.sunxacml.EvaluationCtx;
-import org.jboss.security.xacml.sunxacml.MatchResult;
-import org.jboss.security.xacml.sunxacml.PolicyMetaData;
-import org.jboss.security.xacml.sunxacml.PolicySet;
-import org.jboss.security.xacml.sunxacml.VersionConstraints;
-import org.jboss.security.xacml.sunxacml.ctx.Status;
-import org.jboss.security.xacml.sunxacml.finder.PolicyFinder;
-import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule;
-import org.jboss.security.xacml.sunxacml.finder.PolicyFinderResult;
-
-/**
-* PolicyFinderModule for PolicySet
-* @author Anil.Saldhana at redhat.com
-* @since Jul 6, 2007
-* @version $Revision$
-*/
-public class PolicySetFinderModule extends PolicyFinderModule
-{
- private PolicySet policySet;
-
- private List<AbstractPolicy> policies = new ArrayList<AbstractPolicy>();
-
- protected PolicyFinder policyFinder = null;
-
- public PolicySetFinderModule()
- {
- }
-
- public PolicySetFinderModule(PolicySet policySet)
- {
- this.policySet = policySet;
- }
-
- public PolicySetFinderModule(PolicySet policySet, List<AbstractPolicy> policies)
- {
- this.policySet = policySet;
- this.policies.addAll(policies);
- }
-
- @Override
- public void init(PolicyFinder finder)
- {
- this.policyFinder = finder;
- }
-
- /**
- * Finds the applicable policy (if there is one) for the given context.
- *
- * @param context the evaluation context
- *
- * @return an applicable policy, if one exists, or an error
- */
- @Override
- public PolicyFinderResult findPolicy(EvaluationCtx context)
- {
- AbstractPolicy selectedPolicy = null;
- MatchResult match = policySet.match(context);
- int result = match.getResult();
-
- // if target matching was indeterminate, then return the error
- if (result == MatchResult.INDETERMINATE)
- return new PolicyFinderResult(match.getStatus());
-
- // see if the target matched
- if (result == MatchResult.MATCH)
- {
- // see if we previously found another match
- if (selectedPolicy != null)
- {
- // we found a match before, so this is an error
- ArrayList<String> code = new ArrayList<String>();
- code.add(Status.STATUS_PROCESSING_ERROR);
- Status status = new Status(code, "too many applicable " + "top-level policies");
- return new PolicyFinderResult(status);
- }
-
- // this is the first match we've found, so remember it
- selectedPolicy = policySet;
- }
-
- // return the single applicable policy (if there was one)
- return new PolicyFinderResult(selectedPolicy);
- }
-
- @Override
- public PolicyFinderResult findPolicy(URI idReference, int type, VersionConstraints constraints,
- PolicyMetaData parentMetaData)
- {
- for (AbstractPolicy p : policies)
- {
- if (p.getId().compareTo(idReference) == 0)
- return new PolicyFinderResult(p);
- }
- return new PolicyFinderResult();
- }
-
- @Override
- public boolean isRequestSupported()
- {
- return true;
- }
-
- /**
- * Always returns true, since reference-based retrieval is supported.
- *
- * @return true
- */
- public boolean isIdReferenceSupported()
- {
- return true;
- }
-
- public void set(PolicySet ps, List<AbstractPolicy> policies)
- {
- this.policySet = ps;
- this.policies = policies;
- }
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/PolicySetFinderModule.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/PolicySetFinderModule.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/PolicySetFinderModule.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/PolicySetFinderModule.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,146 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.bridge;
+
+import java.net.URI;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.jboss.security.xacml.sunxacml.AbstractPolicy;
+import org.jboss.security.xacml.sunxacml.EvaluationCtx;
+import org.jboss.security.xacml.sunxacml.MatchResult;
+import org.jboss.security.xacml.sunxacml.PolicyMetaData;
+import org.jboss.security.xacml.sunxacml.PolicySet;
+import org.jboss.security.xacml.sunxacml.VersionConstraints;
+import org.jboss.security.xacml.sunxacml.ctx.Status;
+import org.jboss.security.xacml.sunxacml.finder.PolicyFinder;
+import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule;
+import org.jboss.security.xacml.sunxacml.finder.PolicyFinderResult;
+
+/**
+* PolicyFinderModule for PolicySet
+* @author Anil.Saldhana at redhat.com
+* @since Jul 6, 2007
+* @version $Revision$
+*/
+public class PolicySetFinderModule extends PolicyFinderModule
+{
+ private PolicySet policySet;
+
+ private List<AbstractPolicy> policies = new ArrayList<AbstractPolicy>();
+
+ protected PolicyFinder policyFinder = null;
+
+ public PolicySetFinderModule()
+ {
+ }
+
+ public PolicySetFinderModule(PolicySet policySet)
+ {
+ this.policySet = policySet;
+ }
+
+ public PolicySetFinderModule(PolicySet policySet, List<AbstractPolicy> policies)
+ {
+ this.policySet = policySet;
+ this.policies.addAll(policies);
+ }
+
+ @Override
+ public void init(PolicyFinder finder)
+ {
+ this.policyFinder = finder;
+ }
+
+ /**
+ * Finds the applicable policy (if there is one) for the given context.
+ *
+ * @param context the evaluation context
+ *
+ * @return an applicable policy, if one exists, or an error
+ */
+ @Override
+ public PolicyFinderResult findPolicy(EvaluationCtx context)
+ {
+ AbstractPolicy selectedPolicy = null;
+ MatchResult match = policySet.match(context);
+ int result = match.getResult();
+
+ // if target matching was indeterminate, then return the error
+ if (result == MatchResult.INDETERMINATE)
+ return new PolicyFinderResult(match.getStatus());
+
+ // see if the target matched
+ if (result == MatchResult.MATCH)
+ {
+ // see if we previously found another match
+ if (selectedPolicy != null)
+ {
+ // we found a match before, so this is an error
+ ArrayList<String> code = new ArrayList<String>();
+ code.add(Status.STATUS_PROCESSING_ERROR);
+ Status status = new Status(code, "too many applicable " + "top-level policies");
+ return new PolicyFinderResult(status);
+ }
+
+ // this is the first match we've found, so remember it
+ selectedPolicy = policySet;
+ }
+
+ // return the single applicable policy (if there was one)
+ return new PolicyFinderResult(selectedPolicy);
+ }
+
+ @Override
+ public PolicyFinderResult findPolicy(URI idReference, int type, VersionConstraints constraints,
+ PolicyMetaData parentMetaData)
+ {
+ for (AbstractPolicy p : policies)
+ {
+ if (p.getId().compareTo(idReference) == 0)
+ return new PolicyFinderResult(p);
+ }
+ return new PolicyFinderResult();
+ }
+
+ @Override
+ public boolean isRequestSupported()
+ {
+ return true;
+ }
+
+ /**
+ * Always returns true, since reference-based retrieval is supported.
+ *
+ * @return true
+ */
+ public boolean isIdReferenceSupported()
+ {
+ return true;
+ }
+
+ public void set(PolicySet ps, List<AbstractPolicy> policies)
+ {
+ this.policySet = ps;
+ this.policies = policies;
+ }
+}
\ No newline at end of file
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossPDP.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossPDP.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossPDP.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,420 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.core;
-
-import java.io.InputStream;
-import java.net.URL;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import javax.xml.XMLConstants;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.stream.XMLStreamReader;
-import javax.xml.validation.Schema;
-import javax.xml.validation.SchemaFactory;
-
-import org.jboss.security.xacml.bridge.JBossPolicyFinder;
-import org.jboss.security.xacml.factories.PolicyFactory;
-import org.jboss.security.xacml.factories.RequestResponseContextFactory;
-import org.jboss.security.xacml.interfaces.AbstractLocator;
-import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
-import org.jboss.security.xacml.interfaces.PolicyLocator;
-import org.jboss.security.xacml.interfaces.RequestContext;
-import org.jboss.security.xacml.interfaces.ResponseContext;
-import org.jboss.security.xacml.interfaces.XACMLConstants;
-import org.jboss.security.xacml.interfaces.XACMLPolicy;
-import org.jboss.security.xacml.jaxb.LocatorType;
-import org.jboss.security.xacml.jaxb.LocatorsType;
-import org.jboss.security.xacml.jaxb.Option;
-import org.jboss.security.xacml.jaxb.PDP;
-import org.jboss.security.xacml.jaxb.PoliciesType;
-import org.jboss.security.xacml.jaxb.PolicySetType;
-import org.jboss.security.xacml.jaxb.PolicyType;
-import org.jboss.security.xacml.locators.AttributeLocator;
-import org.jboss.security.xacml.locators.ResourceLocator;
-import org.jboss.security.xacml.sunxacml.PDPConfig;
-import org.jboss.security.xacml.sunxacml.ctx.RequestCtx;
-import org.jboss.security.xacml.sunxacml.ctx.ResponseCtx;
-import org.jboss.security.xacml.sunxacml.finder.AttributeFinder;
-import org.jboss.security.xacml.sunxacml.finder.AttributeFinderModule;
-import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule;
-import org.jboss.security.xacml.sunxacml.finder.ResourceFinder;
-import org.jboss.security.xacml.sunxacml.finder.ResourceFinderModule;
-import org.jboss.security.xacml.sunxacml.finder.impl.CurrentEnvModule;
-import org.jboss.security.xacml.sunxacml.finder.impl.SelectorModule;
-import org.w3c.dom.Node;
-import org.xml.sax.InputSource;
-
-/**
- * PDP for JBoss XACML
- * @author Anil.Saldhana at redhat.com
- * @since Jul 6, 2007
- * @version $Revision$
- */
-public class JBossPDP implements PolicyDecisionPoint
-{
- private Unmarshaller unmarshaller = null;
-
- private Set<AttributeFinderModule> attributeLocators = new HashSet<AttributeFinderModule>();
-
- private Set<PolicyLocator> policyLocators = new HashSet<PolicyLocator>();
- private Set<ResourceLocator> resourceLocators = new HashSet<ResourceLocator>();
-
- private Set<XACMLPolicy> policies = new HashSet<XACMLPolicy>();
-
- private JBossPolicyFinder policyFinder = new JBossPolicyFinder();
-
- private org.jboss.security.xacml.sunxacml.PDP policyDecisionPoint = null;
-
- /**
- * CTR
- */
- public JBossPDP()
- {
- createValidatingUnMarshaller();
- }
-
- /**
- * Create a PDP
- * @param configFile Inputstream for the JBossXACML Config File
- */
- public JBossPDP(InputStream configFile)
- {
- this();
- try
- {
- JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFile);
- bootstrap((PDP) jxb.getValue());
- }
- catch (Exception e)
- {
- throw new RuntimeException(e);
- }
- }
-
- /**
- * Create a PDP
- * @param configFile InputSource for the JBossXACML Config File
- */
- public JBossPDP(InputSource configFile)
- {
- this();
- try
- {
- JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFile);
- bootstrap((PDP) jxb.getValue());
- }
- catch (Exception e)
- {
- throw new RuntimeException(e);
- }
- }
-
- /**
- * Create a PDP
- * @param configFile Parsed Node for the JBossXACML Config File
- */
- public JBossPDP(Node configFile)
- {
- this();
- try
- {
- JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFile);
- bootstrap((PDP) jxb.getValue());
- }
- catch (Exception e)
- {
- throw new RuntimeException(e);
- }
- }
-
- /**
- * Create a PDP
- * @param configFile XMLStreamReader for the JBossXACML Config File
- */
- public JBossPDP(XMLStreamReader configFile)
- {
- this();
- try
- {
- JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFile);
- bootstrap((PDP) jxb.getValue());
- }
- catch (Exception e)
- {
- throw new RuntimeException(e);
- }
- }
-
- /**
- * Create a PDP
- * @param configFileURL URL of the JBossXACML Config File
- */
- public JBossPDP(URL configFileURL)
- {
- this();
- try
- {
- JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFileURL.openStream());
- bootstrap((PDP) jxb.getValue());
- }
- catch (Exception e)
- {
- throw new RuntimeException(e);
- }
- }
-
- /**
- * Create a PDP
- * @param config JAXB model for configuration
- */
- public JBossPDP(JAXBElement<?> config)
- {
- Object object = config.getValue();
- if(object instanceof PDP == false)
- throw new IllegalArgumentException("Not PDP configuration");
- try
- {
- bootstrap((PDP) object);
- }
- catch (Exception e)
- {
- throw new RuntimeException(e);
- }
- }
-
- /**
- * @see PolicyDecisionPoint#setLocators(Set)
- */
- public void setLocators(Set<PolicyLocator> locators)
- {
- this.policyLocators = locators;
- }
-
- /**
- * @see PolicyDecisionPoint#setPolicies(Set)
- */
- public void setPolicies(Set<XACMLPolicy> policies)
- {
- this.policies = policies;
- }
-
- /**
- * @see PolicyDecisionPoint#evaluate(RequestContext)
- */
- public ResponseContext evaluate(RequestContext request)
- {
- RequestCtx req = (RequestCtx) request.get(XACMLConstants.REQUEST_CTX);
- if (req == null)
- throw new IllegalStateException("Request Context does not contain a request");
-
- //Check if PDP is null
- if(policyDecisionPoint == null)
- {
- this.bootstrapPDP();
- }
- ResponseCtx resp = policyDecisionPoint.evaluate(req);
-
- ResponseContext response = RequestResponseContextFactory.createResponseContext();
- response.set(XACMLConstants.RESPONSE_CTX, resp);
- return response;
- }
-
- private void bootstrap(PDP pdp) throws Exception
- {
- PoliciesType policiesType = pdp.getPolicies();
- List<PolicySetType> pset = policiesType.getPolicySet();
-
- this.addPolicySets(pset, true);
-
- //Take care of additional policies
- List<XACMLPolicy> policyList = this.addPolicies(policiesType.getPolicy());
- policies.addAll(policyList);
-
- //Take care of the locators
- LocatorsType locatorsType = pdp.getLocators();
- List<LocatorType> locs = locatorsType.getLocator();
- for (LocatorType lt : locs)
- {
- //Get the options
- List<Option> options = lt.getOption();
- AbstractLocator locator = (AbstractLocator) loadClass(lt.getName()).newInstance();
- locator.setOptions(options);
-
- if(locator instanceof PolicyLocator)
- {
- PolicyLocator pl = (PolicyLocator)locator;
- pl.setPolicies(policies);
- this.policyLocators.add(pl);
- }
- else
- if(locator instanceof AttributeLocator)
- {
- AttributeLocator attribLocator = (AttributeLocator) locator;
- this.attributeLocators.add(attribLocator);
- }
- else
- if(locator instanceof ResourceLocator)
- {
- ResourceLocator resourceLocator = (ResourceLocator) locator;
- this.resourceLocators.add(resourceLocator);
- }
- }
- this.bootstrapPDP();
- }
-
- private List<AttributeFinderModule> createAttributeFinderModules()
- {
- List<AttributeFinderModule> attributeModules = new ArrayList<AttributeFinderModule>();
- attributeModules.add(new CurrentEnvModule());
- attributeModules.add(new SelectorModule());
- attributeModules.addAll(attributeLocators);
- return attributeModules;
- }
-
- @SuppressWarnings("unchecked")
- private Set<PolicyFinderModule> createPolicyFinderModules()
- {
- HashSet<PolicyFinderModule> policyModules = new HashSet<PolicyFinderModule>();
- //Go through the Locators
- for (PolicyLocator locator : policyLocators)
- {
- List finderModulesList = (List) locator.get(XACMLConstants.POLICY_FINDER_MODULE);
- if (finderModulesList == null)
- throw new IllegalStateException("Locator " + locator.getClass().getName() + " has no policy finder modules");
- policyModules.addAll(finderModulesList);
- }
- return policyModules;
- }
-
- private List<ResourceFinderModule> createResourceFinderModules()
- {
- List<ResourceFinderModule> resourceFinderModules = new ArrayList<ResourceFinderModule>();
- for(ResourceLocator resourceLocator: resourceLocators)
- {
- resourceFinderModules.add(resourceLocator);
- }
- return resourceFinderModules;
- }
-
- private void bootstrapPDP()
- {
- AttributeFinder attributeFinder = new AttributeFinder();
- attributeFinder.setModules(this.createAttributeFinderModules());
-
- policyFinder.setModules(this.createPolicyFinderModules());
-
- ResourceFinder resourceFinder = new ResourceFinder();
- resourceFinder.setModules(this.createResourceFinderModules());
-
- PDPConfig pdpConfig = new PDPConfig(attributeFinder, policyFinder, resourceFinder);
- policyDecisionPoint = new org.jboss.security.xacml.sunxacml.PDP(pdpConfig);
- }
-
- private List<XACMLPolicy> addPolicySets(List<PolicySetType> policySets, boolean topLevel) throws Exception
- {
- List<XACMLPolicy> list = new ArrayList<XACMLPolicy>();
-
- for (PolicySetType pst : policySets)
- {
- String loc = pst.getLocation();
- XACMLPolicy policySet = PolicyFactory.createPolicySet(getInputStream(loc), policyFinder);
- list.add(policySet);
-
- List<XACMLPolicy> policyList = this.addPolicies(pst.getPolicy());
- policySet.setEnclosingPolicies(policyList);
-
- List<PolicySetType> pset = pst.getPolicySet();
- if (pset != null)
- policySet.getEnclosingPolicies().addAll(this.addPolicySets(pset, false));
-
- if (topLevel)
- policies.add(policySet);
- }
-
- return list;
- }
-
- private List<XACMLPolicy> addPolicies(List<PolicyType> policies) throws Exception
- {
- List<XACMLPolicy> policyList = new ArrayList<XACMLPolicy>();
- for (PolicyType pt : policies)
- {
- policyList.add(PolicyFactory.createPolicy(getInputStream(pt.getLocation())));
- }
-
- return policyList;
- }
-
- private void createValidatingUnMarshaller()
- {
- try
- {
- JAXBContext jc = JAXBContext.newInstance("org.jboss.security.xacml.jaxb");;
- unmarshaller = jc.createUnmarshaller();
- //Validate against schema
- ClassLoader tcl = SecurityActions.getContextClassLoader();
- URL schemaURL = tcl.getResource("schema/jbossxacml-2.0.xsd");
- if(schemaURL == null)
- throw new IllegalStateException("Schema URL is null:" + "schema/jbossxacml-2.0.xsd");
- SchemaFactory scFact = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
- Schema schema = scFact.newSchema(schemaURL);
- unmarshaller.setSchema(schema);
- }
- catch (Exception jxb)
- {
- throw new RuntimeException(jxb);
- }
- }
-
- private InputStream getInputStream(String loc)
- {
- InputStream is = null;
- //Try URL
- try
- {
- URL url = new URL(loc);
- is = url.openStream();
- }
- catch (Exception e)
- {
- }
- if (is == null)
- {
- ClassLoader tcl = SecurityActions.getContextClassLoader();
- is = tcl.getResourceAsStream(loc);
- }
- if (is == null)
- throw new RuntimeException("Null Inputstream for " + loc);
- return is;
- }
-
- private Class<?> loadClass(String fqn) throws Exception
- {
- ClassLoader tcl = SecurityActions.getContextClassLoader();
- return tcl.loadClass(fqn);
- }
-}
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossPDP.java (from rev 92263, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossPDP.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossPDP.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossPDP.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,549 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.core;
+
+import java.io.InputStream;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReentrantLock;
+import java.util.logging.Logger;
+
+import javax.xml.XMLConstants;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.validation.Schema;
+import javax.xml.validation.SchemaFactory;
+
+import org.jboss.security.xacml.bridge.JBossPolicyFinder;
+import org.jboss.security.xacml.factories.PolicyFactory;
+import org.jboss.security.xacml.factories.RequestResponseContextFactory;
+import org.jboss.security.xacml.interfaces.AbstractLocator;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.jboss.security.xacml.interfaces.PolicyLocator;
+import org.jboss.security.xacml.interfaces.RequestContext;
+import org.jboss.security.xacml.interfaces.ResponseContext;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XACMLPolicy;
+import org.jboss.security.xacml.jaxb.LocatorType;
+import org.jboss.security.xacml.jaxb.LocatorsType;
+import org.jboss.security.xacml.jaxb.Option;
+import org.jboss.security.xacml.jaxb.PDP;
+import org.jboss.security.xacml.jaxb.PoliciesType;
+import org.jboss.security.xacml.jaxb.PolicySetType;
+import org.jboss.security.xacml.jaxb.PolicyType;
+import org.jboss.security.xacml.locators.AttributeLocator;
+import org.jboss.security.xacml.locators.ResourceLocator;
+import org.jboss.security.xacml.sunxacml.PDPConfig;
+import org.jboss.security.xacml.sunxacml.ctx.RequestCtx;
+import org.jboss.security.xacml.sunxacml.ctx.ResponseCtx;
+import org.jboss.security.xacml.sunxacml.finder.AttributeFinder;
+import org.jboss.security.xacml.sunxacml.finder.AttributeFinderModule;
+import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule;
+import org.jboss.security.xacml.sunxacml.finder.ResourceFinder;
+import org.jboss.security.xacml.sunxacml.finder.ResourceFinderModule;
+import org.jboss.security.xacml.sunxacml.finder.impl.CurrentEnvModule;
+import org.jboss.security.xacml.sunxacml.finder.impl.SelectorModule;
+import org.jboss.security.xacml.util.JBossXACMLEntityResolver;
+import org.w3c.dom.Node;
+import org.xml.sax.ErrorHandler;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.SAXParseException;
+
+/**
+ * <p>PDP for JBoss XACML</p>
+ * <b>Thread-safe evaluate method</b>
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 6, 2007
+ * @version $Revision$
+ */
+public class JBossPDP implements PolicyDecisionPoint
+{
+ private static Logger log = Logger.getLogger(JBossPDP.class.getName());
+
+ private Unmarshaller unmarshaller = null;
+
+ private Set<AttributeFinderModule> attributeLocators = new HashSet<AttributeFinderModule>();
+
+ private Set<PolicyLocator> policyLocators = new HashSet<PolicyLocator>();
+ private Set<ResourceLocator> resourceLocators = new HashSet<ResourceLocator>();
+
+ private Set<XACMLPolicy> policies = new HashSet<XACMLPolicy>();
+
+ private JBossPolicyFinder policyFinder = new JBossPolicyFinder();
+
+ private org.jboss.security.xacml.sunxacml.PDP policyDecisionPoint = null;
+
+ private Lock lock = new ReentrantLock();
+
+ /**
+ * JAXBContext is thread safe and very expensive to create
+ */
+ private static JAXBContext jaxbContext;
+
+ static
+ {
+ try
+ {
+ jaxbContext = JAXBContext.newInstance("org.jboss.security.xacml.jaxb");
+ }
+ catch (JAXBException e)
+ {
+ throw new RuntimeException(e);
+ }
+
+ //Following is an optimization for Sun VMs which does affect other VMs
+ SecurityActions.setSystemProperty("com.sun.xml.bind.v2.runtime.JAXBContextImpl.fastBoot", "true");
+ }
+
+ /**
+ * CTR
+ */
+ public JBossPDP()
+ {
+ if(SecurityActions.getSystemProperty("org.jboss.security.xacml.schema.validation") == null)
+ this.createValidatingUnMarshaller();
+ else
+ this.createUnMarshaller();
+ }
+
+ /**
+ * Create a PDP
+ * @param configFile Inputstream for the JBossXACML Config File
+ */
+ public JBossPDP(InputStream configFile)
+ {
+ this();
+ try
+ {
+ JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFile);
+ bootstrap((PDP) jxb.getValue());
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * Create a PDP
+ * @param configFile InputSource for the JBossXACML Config File
+ */
+ public JBossPDP(InputSource configFile)
+ {
+ this();
+ try
+ {
+ JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFile);
+ bootstrap((PDP) jxb.getValue());
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * Create a PDP
+ * @param configFile Parsed Node for the JBossXACML Config File
+ */
+ public JBossPDP(Node configFile)
+ {
+ this();
+ try
+ {
+ JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFile);
+ bootstrap((PDP) jxb.getValue());
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * Create a PDP
+ * @param configFile XMLStreamReader for the JBossXACML Config File
+ */
+ public JBossPDP(XMLStreamReader configFile)
+ {
+ this();
+ try
+ {
+ JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFile);
+ bootstrap((PDP) jxb.getValue());
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * Create a PDP
+ * @param configFileURL URL of the JBossXACML Config File
+ */
+ public JBossPDP(URL configFileURL)
+ {
+ this();
+ try
+ {
+ JAXBElement<?> jxb = (JAXBElement<?>) unmarshaller.unmarshal(configFileURL.openStream());
+ bootstrap((PDP) jxb.getValue());
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * Create a PDP
+ * @param config JAXB model for configuration
+ */
+ public JBossPDP(JAXBElement<?> config)
+ {
+ Object object = config.getValue();
+ if(object instanceof PDP == false)
+ throw new IllegalArgumentException("Not PDP configuration");
+ try
+ {
+ bootstrap((PDP) object);
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * @see PolicyDecisionPoint#setLocators(Set)
+ */
+ public void setLocators(Set<PolicyLocator> locators)
+ {
+ this.policyLocators = locators;
+ }
+
+ /**
+ * @see PolicyDecisionPoint#setPolicies(Set)
+ */
+ public void setPolicies(Set<XACMLPolicy> policies)
+ {
+ this.policies = policies;
+ }
+
+ /**
+ * @see PolicyDecisionPoint#evaluate(RequestContext)
+ */
+ public ResponseContext evaluate(RequestContext request)
+ {
+ RequestCtx req = (RequestCtx) request.get(XACMLConstants.REQUEST_CTX);
+ if (req == null)
+ throw new IllegalStateException("Request Context does not contain a request");
+
+ //Check if PDP is null
+ if(policyDecisionPoint == null)
+ {
+ this.bootstrapPDP();
+ }
+
+ ResponseCtx resp = null;
+
+ lock.lock();
+ try
+ {
+ resp = policyDecisionPoint.evaluate(req);
+ }
+ finally
+ {
+ lock.unlock();
+ }
+
+ ResponseContext response = RequestResponseContextFactory.createResponseContext();
+ response.set(XACMLConstants.RESPONSE_CTX, resp);
+ return response;
+ }
+
+ private void bootstrap(PDP pdp) throws Exception
+ {
+ boolean justLocators = false;
+
+ PoliciesType policiesType = pdp.getPolicies();
+ //SECURITY-407: Just allow Locators
+ if(policiesType != null)
+ {
+ List<PolicySetType> pset = policiesType.getPolicySet();
+
+ this.addPolicySets(pset, true);
+
+ //Take care of additional policies
+ List<XACMLPolicy> policyList = this.addPolicies(policiesType.getPolicy());
+ policies.addAll(policyList);
+ }
+ else
+ {
+ justLocators = true;
+ }
+
+ //Take care of the locators
+ LocatorsType locatorsType = pdp.getLocators();
+
+ if(policiesType == null && locatorsType == null)
+ throw new IllegalStateException("Configuration should have either policies or locators");
+
+ List<LocatorType> locs = locatorsType.getLocator();
+ for (LocatorType lt : locs)
+ {
+ //Get the options
+ List<Option> options = lt.getOption();
+ AbstractLocator locator = (AbstractLocator) loadClass(lt.getName()).newInstance();
+ locator.setOptions(options);
+
+ if(locator instanceof PolicyLocator)
+ {
+ PolicyLocator pl = (PolicyLocator)locator;
+ if(justLocators == false)
+ pl.setPolicies(policies);
+ this.policyLocators.add(pl);
+ }
+ else
+ if(locator instanceof AttributeLocator)
+ {
+ AttributeLocator attribLocator = (AttributeLocator) locator;
+ this.attributeLocators.add(attribLocator);
+ }
+ else
+ if(locator instanceof ResourceLocator)
+ {
+ ResourceLocator resourceLocator = (ResourceLocator) locator;
+ this.resourceLocators.add(resourceLocator);
+ }
+ }
+
+ //Since we do not have any policies in the config file, we need to specify
+ //the policy finder
+ if(justLocators)
+ {
+ int len = this.policyLocators.size();
+ if(len > 0)
+ {
+ for(PolicyLocator pl: policyLocators)
+ {
+ pl.set(XACMLConstants.POLICY_FINDER, this.policyFinder);
+ }
+ }
+ }
+
+ this.bootstrapPDP();
+ }
+
+ private List<AttributeFinderModule> createAttributeFinderModules()
+ {
+ List<AttributeFinderModule> attributeModules = new ArrayList<AttributeFinderModule>();
+ attributeModules.add(new CurrentEnvModule());
+ attributeModules.add(new SelectorModule());
+ attributeModules.addAll(attributeLocators);
+ return attributeModules;
+ }
+
+ @SuppressWarnings("unchecked")
+ private Set<PolicyFinderModule> createPolicyFinderModules()
+ {
+ HashSet<PolicyFinderModule> policyModules = new HashSet<PolicyFinderModule>();
+ //Go through the Locators
+ for (PolicyLocator locator : policyLocators)
+ {
+ List finderModulesList = (List) locator.get(XACMLConstants.POLICY_FINDER_MODULE);
+ if (finderModulesList == null)
+ throw new IllegalStateException("Locator " + locator.getClass().getName() + " has no policy finder modules");
+ policyModules.addAll(finderModulesList);
+ }
+ return policyModules;
+ }
+
+ private List<ResourceFinderModule> createResourceFinderModules()
+ {
+ List<ResourceFinderModule> resourceFinderModules = new ArrayList<ResourceFinderModule>();
+ for(ResourceLocator resourceLocator: resourceLocators)
+ {
+ resourceFinderModules.add(resourceLocator);
+ }
+ return resourceFinderModules;
+ }
+
+ private void bootstrapPDP()
+ {
+ AttributeFinder attributeFinder = new AttributeFinder();
+ attributeFinder.setModules(this.createAttributeFinderModules());
+
+ policyFinder.setModules(this.createPolicyFinderModules());
+
+ ResourceFinder resourceFinder = new ResourceFinder();
+ resourceFinder.setModules(this.createResourceFinderModules());
+
+ PDPConfig pdpConfig = new PDPConfig(attributeFinder, policyFinder, resourceFinder);
+ policyDecisionPoint = new org.jboss.security.xacml.sunxacml.PDP(pdpConfig);
+ }
+
+ private List<XACMLPolicy> addPolicySets(List<PolicySetType> policySets, boolean topLevel) throws Exception
+ {
+ List<XACMLPolicy> list = new ArrayList<XACMLPolicy>();
+
+ for (PolicySetType pst : policySets)
+ {
+ String loc = pst.getLocation();
+ XACMLPolicy policySet = PolicyFactory.createPolicySet(getInputStream(loc), policyFinder);
+ list.add(policySet);
+
+ List<XACMLPolicy> policyList = this.addPolicies(pst.getPolicy());
+ policySet.setEnclosingPolicies(policyList);
+
+ List<PolicySetType> pset = pst.getPolicySet();
+ if (pset != null)
+ policySet.getEnclosingPolicies().addAll(this.addPolicySets(pset, false));
+
+ if (topLevel)
+ policies.add(policySet);
+ }
+
+ return list;
+ }
+
+ private List<XACMLPolicy> addPolicies(List<PolicyType> policies) throws Exception
+ {
+ List<XACMLPolicy> policyList = new ArrayList<XACMLPolicy>();
+ for (PolicyType pt : policies)
+ {
+ policyList.add(PolicyFactory.createPolicy(getInputStream(pt.getLocation())));
+ }
+
+ return policyList;
+ }
+
+ private void createUnMarshaller()
+ {
+ try
+ {
+ unmarshaller = jaxbContext.createUnmarshaller();
+ }catch(JAXBException je)
+ {
+ throw new RuntimeException(je);
+ }
+ }
+
+ private void createValidatingUnMarshaller()
+ {
+ try
+ {
+ createUnMarshaller();
+
+ //Validate against schema
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ URL schemaURL = tcl.getResource("schema/jbossxacml-2.0.xsd");
+ if(schemaURL == null)
+ throw new IllegalStateException("Schema URL is null:" + "schema/jbossxacml-2.0.xsd");
+
+ SchemaFactory scFact = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
+ scFact.setResourceResolver( new JBossXACMLEntityResolver());
+ scFact.setErrorHandler(new ErrorHandler()
+ {
+ public void error(SAXParseException exception) throws SAXException
+ {
+ StringBuilder builder = new StringBuilder();
+ builder.append("Line Number=").append(exception.getLineNumber());
+ builder.append(" Col Number=").append(exception.getColumnNumber());
+ builder.append(" Public ID=").append(exception.getPublicId());
+ builder.append(" System ID=").append(exception.getSystemId());
+ builder.append(" exc=").append(exception.getLocalizedMessage());
+
+ log.finest("SAX Error:" + builder.toString());
+ }
+
+ public void fatalError(SAXParseException exception) throws SAXException
+ {
+ StringBuilder builder = new StringBuilder();
+ builder.append("Line Number=").append(exception.getLineNumber());
+ builder.append(" Col Number=").append(exception.getColumnNumber());
+ builder.append(" Public ID=").append(exception.getPublicId());
+ builder.append(" System ID=").append(exception.getSystemId());
+ builder.append(" exc=").append(exception.getLocalizedMessage());
+
+ log.finest("SAX Fatal Error:" + builder.toString());
+ }
+
+ public void warning(SAXParseException exception) throws SAXException
+ {
+ StringBuilder builder = new StringBuilder();
+ builder.append("Line Number=").append(exception.getLineNumber());
+ builder.append(" Col Number=").append(exception.getColumnNumber());
+ builder.append(" Public ID=").append(exception.getPublicId());
+ builder.append(" System ID=").append(exception.getSystemId());
+ builder.append(" exc=").append(exception.getLocalizedMessage());
+
+ log.finest("SAX Warn:" + builder.toString());
+ }
+ });
+
+ Schema schema = scFact.newSchema(schemaURL);
+ unmarshaller.setSchema(schema);
+ }
+ catch (Exception jxb)
+ {
+ throw new RuntimeException(jxb);
+ }
+ }
+
+ private InputStream getInputStream(String loc)
+ {
+ InputStream is = null;
+ //Try URL
+ try
+ {
+ URL url = new URL(loc);
+ is = url.openStream();
+ }
+ catch (Exception e)
+ {
+ }
+ if (is == null)
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ is = tcl.getResourceAsStream(loc);
+ }
+ if (is == null)
+ throw new RuntimeException("Null Inputstream for " + loc);
+ return is;
+ }
+
+ private Class<?> loadClass(String fqn) throws Exception
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ return tcl.loadClass(fqn);
+ }
+}
\ No newline at end of file
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossXACMLPolicy.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossXACMLPolicy.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossXACMLPolicy.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,164 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.core;
-
-import java.io.InputStream;
-import java.net.URL;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.jboss.security.xacml.bridge.JBossPolicyFinder;
-import org.jboss.security.xacml.interfaces.ContextMapOp;
-import org.jboss.security.xacml.interfaces.XACMLConstants;
-import org.jboss.security.xacml.interfaces.XACMLPolicy;
-import org.jboss.security.xacml.sunxacml.AbstractPolicy;
-import org.jboss.security.xacml.util.XACMLPolicyUtil;
-
-/**
- * JBossXACML Policy
- * @author Anil.Saldhana at redhat.com
- * @since Jul 6, 2007
- * @version $Revision$
- */
-public class JBossXACMLPolicy implements XACMLPolicy, ContextMapOp
-{
- private JBossPolicyFinder finder = new JBossPolicyFinder();
-
- private List<XACMLPolicy> enclosingPolicies = new ArrayList<XACMLPolicy>();
-
- private int policyType = XACMLPolicy.POLICY;
-
- private Map<String, Object> map = new HashMap<String, Object>();
-
- /**
- * Construct a JBossXACMLPolicy
- * @param url url to the policy file
- * @param type type (Policy or PolicySet)
- * @throws Exception
- * @see XACMLConstants
- */
- public JBossXACMLPolicy(URL url, int type) throws Exception
- {
- this(url.openStream(), type);
- }
-
- /**
- * Construct a JBossXACMLPolicy
- * @param is Inputstream to the policy file
- * @param type type (Policy or PolicySet)
- * @throws Exception
- * @see XACMLConstants
- */
- public JBossXACMLPolicy(InputStream is, int type) throws Exception
- {
- AbstractPolicy policy = null;
- XACMLPolicyUtil xpu = new XACMLPolicyUtil();
- this.policyType = type;
- if (type == XACMLPolicy.POLICYSET)
- {
- policy = xpu.createPolicySet(is, finder);
- map.put(XACMLConstants.POLICY_FINDER, finder);
- }
- else if (type == XACMLPolicy.POLICY)
- {
- policy = xpu.createPolicy(is);
- }
- else
- throw new RuntimeException("Unknown type");
-
- map.put(XACMLConstants.UNDERLYING_POLICY, policy);
- }
-
- /**
- * Construct a JBossXACMLPolicy instance
- * @param is Inputstream to the policy/policyset file
- * @param type policy or policyset
- * @param theFinder PolicySet processing needs this
- * @throws Exception
- * @see XACMLConstants
- */
- public JBossXACMLPolicy(InputStream is, int type, JBossPolicyFinder theFinder) throws Exception
- {
- AbstractPolicy policy = null;
- XACMLPolicyUtil xpu = new XACMLPolicyUtil();
- this.policyType = type;
- if (type == XACMLPolicy.POLICYSET)
- {
- if (theFinder == null)
- throw new IllegalArgumentException("policy finder is null");
- policy = xpu.createPolicySet(is, theFinder);
- map.put(XACMLConstants.POLICY_FINDER, theFinder);
- }
- else if (type == XACMLPolicy.POLICY)
- {
- policy = xpu.createPolicy(is);
- }
- else
- throw new RuntimeException("Unknown type");
-
- map.put(XACMLConstants.UNDERLYING_POLICY, policy);
- }
-
- /**
- * @see XACMLPolicy#getType()
- * @see XACMLConstants
- */
- public int getType()
- {
- return this.policyType;
- }
-
- /**
- * @see XACMLPolicy#setEnclosingPolicies(List)
- */
- public void setEnclosingPolicies(List<XACMLPolicy> policies)
- {
- enclosingPolicies.addAll(policies);
- }
-
- /**
- * @see XACMLPolicy#getEnclosingPolicies()
- */
- public List<XACMLPolicy> getEnclosingPolicies()
- {
- return enclosingPolicies;
- }
-
- /**
- * @see ContextMapOp#get(String)
- */
- @SuppressWarnings("unchecked")
- public <T> T get(String key)
- {
- return (T) map.get(key);
- }
-
- /**
- * @see ContextMapOp#set(String, Object)
- */
- public <T> void set(String key, T obj)
- {
- map.put(key, obj);
- }
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossXACMLPolicy.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossXACMLPolicy.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossXACMLPolicy.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossXACMLPolicy.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,165 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.core;
+
+import java.io.InputStream;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.jboss.security.xacml.bridge.JBossPolicyFinder;
+import org.jboss.security.xacml.interfaces.ContextMapOp;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XACMLPolicy;
+import org.jboss.security.xacml.sunxacml.AbstractPolicy;
+import org.jboss.security.xacml.util.XACMLPolicyUtil;
+
+/**
+ * JBossXACML Policy
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 6, 2007
+ * @version $Revision$
+ */
+public class JBossXACMLPolicy implements XACMLPolicy, ContextMapOp
+{
+ private JBossPolicyFinder finder = new JBossPolicyFinder();
+
+ private List<XACMLPolicy> enclosingPolicies = new ArrayList<XACMLPolicy>();
+
+ private int policyType = XACMLPolicy.POLICY;
+
+ private Map<String, Object> map = new HashMap<String, Object>();
+
+ /**
+ * Construct a JBossXACMLPolicy
+ * @param url url to the policy file
+ * @param type type (Policy or PolicySet)
+ * @throws Exception
+ * @see XACMLConstants
+ */
+ public JBossXACMLPolicy(URL url, int type) throws Exception
+ {
+ this(url.openStream(), type);
+ }
+
+ /**
+ * Construct a JBossXACMLPolicy
+ * @param is Inputstream to the policy file
+ * @param type type (Policy or PolicySet)
+ * @throws Exception
+ * @see XACMLConstants
+ */
+ public JBossXACMLPolicy(InputStream is, int type) throws Exception
+ {
+ AbstractPolicy policy = null;
+ XACMLPolicyUtil xpu = new XACMLPolicyUtil();
+ this.policyType = type;
+ if (type == XACMLPolicy.POLICYSET)
+ {
+ policy = xpu.createPolicySet(is, finder);
+ map.put(XACMLConstants.POLICY_FINDER, finder);
+ }
+ else if (type == XACMLPolicy.POLICY)
+ {
+ policy = xpu.createPolicy(is);
+ }
+ else
+ throw new RuntimeException("Unknown type");
+
+ map.put(XACMLConstants.UNDERLYING_POLICY, policy);
+ }
+
+ /**
+ * Construct a JBossXACMLPolicy instance
+ * @param is Inputstream to the policy/policyset file
+ * @param type policy or policyset
+ * @param theFinder PolicySet processing needs this
+ * @throws Exception
+ * @see XACMLConstants
+ */
+ public JBossXACMLPolicy(InputStream is, int type, JBossPolicyFinder theFinder) throws Exception
+ {
+ AbstractPolicy policy = null;
+ XACMLPolicyUtil xpu = new XACMLPolicyUtil();
+ this.policyType = type;
+ if (type == XACMLPolicy.POLICYSET)
+ {
+ if (theFinder == null)
+ throw new IllegalArgumentException("policy finder is null");
+ this.finder = theFinder;
+ policy = xpu.createPolicySet(is, theFinder);
+ map.put(XACMLConstants.POLICY_FINDER, theFinder);
+ }
+ else if (type == XACMLPolicy.POLICY)
+ {
+ policy = xpu.createPolicy(is);
+ }
+ else
+ throw new RuntimeException("Unknown type");
+
+ map.put(XACMLConstants.UNDERLYING_POLICY, policy);
+ }
+
+ /**
+ * @see XACMLPolicy#getType()
+ * @see XACMLConstants
+ */
+ public int getType()
+ {
+ return this.policyType;
+ }
+
+ /**
+ * @see XACMLPolicy#setEnclosingPolicies(List)
+ */
+ public void setEnclosingPolicies(List<XACMLPolicy> policies)
+ {
+ enclosingPolicies.addAll(policies);
+ }
+
+ /**
+ * @see XACMLPolicy#getEnclosingPolicies()
+ */
+ public List<XACMLPolicy> getEnclosingPolicies()
+ {
+ return enclosingPolicies;
+ }
+
+ /**
+ * @see ContextMapOp#get(String)
+ */
+ @SuppressWarnings("unchecked")
+ public <T> T get(String key)
+ {
+ return (T) map.get(key);
+ }
+
+ /**
+ * @see ContextMapOp#set(String, Object)
+ */
+ public <T> void set(String key, T obj)
+ {
+ map.put(key, obj);
+ }
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/SecurityActions.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/core/SecurityActions.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/SecurityActions.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,51 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.core;
-
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-
-
-/**
- * Privileged Blocks
- * @author Anil.Saldhana at redhat.com
- * @since Jul 10, 2007
- * @version $Revision$
- */
-public class SecurityActions
-{
- /**
- * Obtain the Thread Context ClassLoader
- * @return
- */
- public static ClassLoader getContextClassLoader()
- {
- return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
- {
- public ClassLoader run()
- {
- return Thread.currentThread().getContextClassLoader();
- }
- });
- }
-
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/SecurityActions.java (from rev 92263, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/core/SecurityActions.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/SecurityActions.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/core/SecurityActions.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,73 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.core;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 10, 2007
+ * @version $Revision$
+ */
+class SecurityActions
+{
+ /**
+ * Obtain the Thread Context ClassLoader
+ * @return
+ */
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ static String getSystemProperty(final String key)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty(key);
+ }
+ });
+ }
+
+ static void setSystemProperty(final String key, final String value)
+ {
+ AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ public Object run()
+ {
+ System.setProperty(key, value);
+ return null;
+ }
+ });
+ }
+}
\ No newline at end of file
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/PolicyFactory.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/PolicyFactory.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/PolicyFactory.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,112 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.factories;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-import java.lang.reflect.Constructor;
-
-import javax.xml.bind.JAXB;
-import javax.xml.bind.JAXBElement;
-
-import org.jboss.security.xacml.bridge.JBossPolicyFinder;
-import org.jboss.security.xacml.core.JBossXACMLPolicy;
-import org.jboss.security.xacml.core.SecurityActions;
-import org.jboss.security.xacml.core.model.policy.ObjectFactory;
-import org.jboss.security.xacml.core.model.policy.PolicyType;
-import org.jboss.security.xacml.interfaces.XACMLPolicy;
-
-
-/**
- * A Policy Factory that creates XACML Policy
- * or Policy Sets
- * @author Anil.Saldhana at redhat.com
- * @since Jul 5, 2007
- * @version $Revision$
- */
-public class PolicyFactory
-{
- public static Class<?> constructingClass = JBossXACMLPolicy.class;
-
- public static void setConstructingClass(Class<?> clazz)
- {
- if (XACMLPolicy.class.isAssignableFrom(clazz) == false)
- throw new RuntimeException("clazz is not of type XACMLPolicy");
- constructingClass = clazz;
- }
-
- public static void setConstructingClass(String fqn)
- {
- ClassLoader tcl = SecurityActions.getContextClassLoader();
- try
- {
- setConstructingClass(tcl.loadClass(fqn));
- }
- catch (Exception e)
- {
- throw new RuntimeException(e);
- }
- }
-
- public static XACMLPolicy createPolicySet(InputStream policySetFile) throws Exception
- {
- return (XACMLPolicy) getCtr().newInstance(new Object[]
- {policySetFile, XACMLPolicy.POLICYSET});
- }
-
- public static XACMLPolicy createPolicySet(InputStream policySetFile, JBossPolicyFinder theFinder) throws Exception
- {
- return (XACMLPolicy) getCtrWithFinder().newInstance(new Object[]
- {policySetFile, XACMLPolicy.POLICYSET, theFinder});
- }
-
- public static XACMLPolicy createPolicy(InputStream policyFile) throws Exception
- {
- return (XACMLPolicy) getCtr().newInstance(new Object[]
- {policyFile, XACMLPolicy.POLICY});
- }
-
- public static XACMLPolicy createPolicy(PolicyType policyFile) throws Exception
- {
- JAXBElement<PolicyType> jaxbPolicy = new ObjectFactory().createPolicy(policyFile);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- JAXB.marshal(jaxbPolicy, baos);
- ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
- return (XACMLPolicy) getCtr().newInstance(new Object[]
- {bis, XACMLPolicy.POLICY});
- }
-
- @SuppressWarnings("unchecked")
- private static Constructor<XACMLPolicy> getCtr() throws Exception
- {
- return (Constructor<XACMLPolicy>) constructingClass.getConstructor(new Class[]
- {InputStream.class, Integer.TYPE});
- }
-
- @SuppressWarnings("unchecked")
- private static Constructor<XACMLPolicy> getCtrWithFinder() throws Exception
- {
- return (Constructor<XACMLPolicy>) constructingClass.getConstructor(new Class[]
- {InputStream.class, Integer.TYPE, JBossPolicyFinder.class});
- }
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/PolicyFactory.java (from rev 91892, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/PolicyFactory.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/PolicyFactory.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/PolicyFactory.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,111 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.factories;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+import java.lang.reflect.Constructor;
+
+import javax.xml.bind.JAXB;
+import javax.xml.bind.JAXBElement;
+
+import org.jboss.security.xacml.bridge.JBossPolicyFinder;
+import org.jboss.security.xacml.core.JBossXACMLPolicy;
+import org.jboss.security.xacml.core.model.policy.ObjectFactory;
+import org.jboss.security.xacml.core.model.policy.PolicyType;
+import org.jboss.security.xacml.interfaces.XACMLPolicy;
+
+
+/**
+ * A Policy Factory that creates XACML Policy
+ * or Policy Sets
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 5, 2007
+ * @version $Revision$
+ */
+public class PolicyFactory
+{
+ public static Class<?> constructingClass = JBossXACMLPolicy.class;
+
+ public static void setConstructingClass(Class<?> clazz)
+ {
+ if (XACMLPolicy.class.isAssignableFrom(clazz) == false)
+ throw new RuntimeException("clazz is not of type XACMLPolicy");
+ constructingClass = clazz;
+ }
+
+ public static void setConstructingClass(String fqn)
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ try
+ {
+ setConstructingClass(tcl.loadClass(fqn));
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public static XACMLPolicy createPolicySet(InputStream policySetFile) throws Exception
+ {
+ return (XACMLPolicy) getCtr().newInstance(new Object[]
+ {policySetFile, XACMLPolicy.POLICYSET});
+ }
+
+ public static XACMLPolicy createPolicySet(InputStream policySetFile, JBossPolicyFinder theFinder) throws Exception
+ {
+ return (XACMLPolicy) getCtrWithFinder().newInstance(new Object[]
+ {policySetFile, XACMLPolicy.POLICYSET, theFinder});
+ }
+
+ public static XACMLPolicy createPolicy(InputStream policyFile) throws Exception
+ {
+ return (XACMLPolicy) getCtr().newInstance(new Object[]
+ {policyFile, XACMLPolicy.POLICY});
+ }
+
+ public static XACMLPolicy createPolicy(PolicyType policyFile) throws Exception
+ {
+ JAXBElement<PolicyType> jaxbPolicy = new ObjectFactory().createPolicy(policyFile);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ JAXB.marshal(jaxbPolicy, baos);
+ ByteArrayInputStream bis = new ByteArrayInputStream(baos.toByteArray());
+ return (XACMLPolicy) getCtr().newInstance(new Object[]
+ {bis, XACMLPolicy.POLICY});
+ }
+
+ @SuppressWarnings("unchecked")
+ private static Constructor<XACMLPolicy> getCtr() throws Exception
+ {
+ return (Constructor<XACMLPolicy>) constructingClass.getConstructor(new Class[]
+ {InputStream.class, Integer.TYPE});
+ }
+
+ @SuppressWarnings("unchecked")
+ private static Constructor<XACMLPolicy> getCtrWithFinder() throws Exception
+ {
+ return (Constructor<XACMLPolicy>) constructingClass.getConstructor(new Class[]
+ {InputStream.class, Integer.TYPE, JBossPolicyFinder.class});
+ }
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/RequestAttributeFactory.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/RequestAttributeFactory.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/RequestAttributeFactory.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,172 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.factories;
-
-import java.net.InetAddress;
-import java.net.URI;
-import java.util.Calendar;
-import java.util.GregorianCalendar;
-
-import javax.security.auth.x500.X500Principal;
-import javax.xml.datatype.DatatypeConfigurationException;
-import javax.xml.datatype.DatatypeFactory;
-import javax.xml.datatype.Duration;
-import javax.xml.datatype.XMLGregorianCalendar;
-
-import org.jboss.security.xacml.core.model.context.AttributeType;
-import org.jboss.security.xacml.core.model.context.AttributeValueType;
-import org.jboss.security.xacml.interfaces.XMLSchemaConstants;
-
-
-/**
- * Construct Commonly Used Attributes in Request Subject/Resource/Action
- * and Environment sections
- * @author Anil.Saldhana at redhat.com
- * @since Jul 20, 2007
- * @version $Revision$
- */
-public class RequestAttributeFactory
-{
-
- public static AttributeType createAnyURIAttributeType(String attrID, String issuer, URI value)
- {
- return getBareAttributeType(attrID, issuer, "" + value, XMLSchemaConstants.DATATYPE_ANYURI);
- }
-
- public static AttributeType createBase64BinaryAttributeType(String attrID, String issuer, byte[] value)
- {
- return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_BASE64BINARY);
- }
-
- public static AttributeType createBooleanAttributeType(String attrID, String issuer, boolean value)
- {
- return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_BOOLEAN);
- }
-
- public static AttributeType createDateAttributeType(String attrID, String issuer)
- {
- return getBareAttributeType(attrID, issuer, getXMLDate(), XMLSchemaConstants.DATATYPE_DATE);
- }
-
- public static AttributeType createDateAttributeType(String attrID, String issuer, XMLGregorianCalendar value)
- {
- return getBareAttributeType(attrID, issuer, value.toXMLFormat(), XMLSchemaConstants.DATATYPE_DATE);
- }
-
- public static AttributeType createDateTimeAttributeType(String attrID, String issuer)
- {
- return getBareAttributeType(attrID, issuer, getXMLDate(), XMLSchemaConstants.DATATYPE_DATE_TIME);
- }
-
- public static AttributeType createDateTimeAttributeType(String attrID, String issuer, XMLGregorianCalendar value)
- {
- return getBareAttributeType(attrID, issuer, value.toXMLFormat(), XMLSchemaConstants.DATATYPE_DATE_TIME);
- }
-
- public static AttributeType createDNSNameAttributeType(String attrID, String issuer, String hostname)
- {
- return getBareAttributeType(attrID, issuer, hostname, XMLSchemaConstants.DATATYPE_DNSNAME);
- }
-
- public static AttributeType createDoubleAttributeType(String attrID, String issuer, double value)
- {
- return getBareAttributeType(attrID, issuer, "" + value, XMLSchemaConstants.DATATYPE_DOUBLE);
- }
-
- public static AttributeType createEmailAttributeType(String attrID, String issuer, String value)
- {
- return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_RFC822NAME);
- }
-
- public static AttributeType createHexBinaryAttributeType(String attrID, String issuer, byte[] value)
- {
- return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_HEXBINARY);
- }
-
- public static AttributeType createIntegerAttributeType(String attrID, String issuer, int value)
- {
- return getBareAttributeType(attrID, issuer, "" + value, XMLSchemaConstants.DATATYPE_INTEGER);
- }
-
- public static AttributeType createIPAddressAttributeType(String attrID, String issuer, InetAddress address)
- {
- return getBareAttributeType(attrID, issuer, address, XMLSchemaConstants.DATATYPE_IPADDRESS);
- }
-
- public static AttributeType createStringAttributeType(String attrID, String issuer, String value)
- {
- return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_STRING);
- }
-
- public static AttributeType createTimeAttributeType(String attrID, String issuer)
- {
- return getBareAttributeType(attrID, issuer, getXMLDate(), XMLSchemaConstants.DATATYPE_TIME);
- }
-
- public static AttributeType createTimeAttributeType(String attrID, String issuer, XMLGregorianCalendar value)
- {
- return getBareAttributeType(attrID, issuer, value.toXMLFormat(), XMLSchemaConstants.DATATYPE_TIME);
- }
-
- public static AttributeType createX509NameAttributeType(String attrID, String issuer, X500Principal value)
- {
- return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_X500NAME);
- }
-
- public static AttributeType createDayTimeDurationAttributeType(String attrID, String issuer, Duration value)
- {
- return getBareAttributeType(attrID, issuer, value.toString(), XMLSchemaConstants.DATATYPE_DAYTIMEDURATION);
- }
-
- public static AttributeType createYearMonthDurationAttributeType(String attrID, String issuer, Duration value)
- {
- return getBareAttributeType(attrID, issuer, value.toString(), XMLSchemaConstants.DATATYPE_YEARMONTHDURATION);
- }
-
- private static AttributeType getBareAttributeType(String attrID, String issuer, Object value, String dataType)
- {
- AttributeType attributeType = new AttributeType();
- attributeType.setAttributeId(attrID);
- attributeType.setDataType(dataType);
- if (issuer != null)
- attributeType.setIssuer(issuer);
- AttributeValueType avt = new AttributeValueType();
- avt.getContent().add(value);
- attributeType.getAttributeValue().add(avt);
- return attributeType;
- }
-
- private static String getXMLDate()
- {
- DatatypeFactory dtf;
- try
- {
- dtf = DatatypeFactory.newInstance();
- }
- catch (DatatypeConfigurationException e)
- {
- throw new RuntimeException(e);
- }
- XMLGregorianCalendar value = dtf.newXMLGregorianCalendar((GregorianCalendar) Calendar.getInstance());
- return value.toXMLFormat();
- }
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/RequestAttributeFactory.java (from rev 91887, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/RequestAttributeFactory.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/RequestAttributeFactory.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/RequestAttributeFactory.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,326 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.factories;
+
+import java.net.InetAddress;
+import java.net.URI;
+import java.util.Arrays;
+import java.util.Calendar;
+import java.util.GregorianCalendar;
+import java.util.List;
+
+import javax.security.auth.x500.X500Principal;
+import javax.xml.datatype.DatatypeConfigurationException;
+import javax.xml.datatype.DatatypeFactory;
+import javax.xml.datatype.Duration;
+import javax.xml.datatype.XMLGregorianCalendar;
+
+import org.jboss.security.xacml.core.model.context.AttributeType;
+import org.jboss.security.xacml.core.model.context.AttributeValueType;
+import org.jboss.security.xacml.interfaces.XMLSchemaConstants;
+
+
+/**
+ * Construct Commonly Used Attributes in Request Subject/Resource/Action
+ * and Environment sections
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 20, 2007
+ * @version $Revision$
+ */
+public class RequestAttributeFactory
+{
+ /**
+ * Create an attribute that is of URI type
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createAnyURIAttributeType(String attrID, String issuer, URI value)
+ {
+ return getBareAttributeType(attrID, issuer, "" + value, XMLSchemaConstants.DATATYPE_ANYURI);
+ }
+
+ /**
+ * Create Base64 attribute
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createBase64BinaryAttributeType(String attrID, String issuer, byte[] value)
+ {
+ return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_BASE64BINARY);
+ }
+
+ /**
+ * Create Boolean attribute
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createBooleanAttributeType(String attrID, String issuer, boolean value)
+ {
+ return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_BOOLEAN);
+ }
+
+ /**
+ * Create Date attribute
+ * @param attrID
+ * @param issuer
+ * @return
+ */
+ public static AttributeType createDateAttributeType(String attrID, String issuer)
+ {
+ return getBareAttributeType(attrID, issuer, getXMLDate(), XMLSchemaConstants.DATATYPE_DATE);
+ }
+
+ /**
+ * Create Date attribute with the passed {@link XMLGregorianCalendar}
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createDateAttributeType(String attrID, String issuer, XMLGregorianCalendar value)
+ {
+ return getBareAttributeType(attrID, issuer, value.toXMLFormat(), XMLSchemaConstants.DATATYPE_DATE);
+ }
+
+ /**
+ * Create Date Time Attribute
+ * @param attrID
+ * @param issuer
+ * @return
+ */
+ public static AttributeType createDateTimeAttributeType(String attrID, String issuer)
+ {
+ return getBareAttributeType(attrID, issuer, getXMLDate(), XMLSchemaConstants.DATATYPE_DATE_TIME);
+ }
+ /**
+ * Create Date Time attribute with the passed {@link XMLGregorianCalendar}
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createDateTimeAttributeType(String attrID, String issuer, XMLGregorianCalendar value)
+ {
+ return getBareAttributeType(attrID, issuer, value.toXMLFormat(), XMLSchemaConstants.DATATYPE_DATE_TIME);
+ }
+
+ /**
+ * Create DNS Name Attribute
+ * @param attrID
+ * @param issuer
+ * @param hostname
+ * @return
+ */
+ public static AttributeType createDNSNameAttributeType(String attrID, String issuer, String hostname)
+ {
+ return getBareAttributeType(attrID, issuer, hostname, XMLSchemaConstants.DATATYPE_DNSNAME);
+ }
+
+ /**
+ * Create Double Attribute
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createDoubleAttributeType(String attrID, String issuer, double value)
+ {
+ return getBareAttributeType(attrID, issuer, "" + value, XMLSchemaConstants.DATATYPE_DOUBLE);
+ }
+
+ /**
+ * Create Email Attribute
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createEmailAttributeType(String attrID, String issuer, String value)
+ {
+ return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_RFC822NAME);
+ }
+
+ /**
+ * Create Hex Binary attribute
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createHexBinaryAttributeType(String attrID, String issuer, byte[] value)
+ {
+ return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_HEXBINARY);
+ }
+
+ /**
+ * Create Integer Attribute
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createIntegerAttributeType(String attrID, String issuer, int value)
+ {
+ return getBareAttributeType(attrID, issuer, "" + value, XMLSchemaConstants.DATATYPE_INTEGER);
+ }
+
+ /**
+ * Create IP Address attribute
+ * @param attrID
+ * @param issuer
+ * @param address
+ * @return
+ */
+ public static AttributeType createIPAddressAttributeType(String attrID, String issuer, InetAddress address)
+ {
+ return getBareAttributeType(attrID, issuer, address, XMLSchemaConstants.DATATYPE_IPADDRESS);
+ }
+
+ /**
+ * Create String attribute
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createStringAttributeType(String attrID, String issuer, String value)
+ {
+ return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_STRING);
+ }
+
+ /**
+ * Create Time attribute
+ * @param attrID
+ * @param issuer
+ * @return
+ */
+ public static AttributeType createTimeAttributeType(String attrID, String issuer)
+ {
+ return getBareAttributeType(attrID, issuer, getXMLDate(), XMLSchemaConstants.DATATYPE_TIME);
+ }
+
+ /**
+ * Create Time Attribute with the passed {@link XMLGregorianCalendar}
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createTimeAttributeType(String attrID, String issuer, XMLGregorianCalendar value)
+ {
+ return getBareAttributeType(attrID, issuer, value.toXMLFormat(), XMLSchemaConstants.DATATYPE_TIME);
+ }
+
+ /**
+ * Create X509 attribute
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createX509NameAttributeType(String attrID, String issuer, X500Principal value)
+ {
+ return getBareAttributeType(attrID, issuer, value, XMLSchemaConstants.DATATYPE_X500NAME);
+ }
+
+ /**
+ * Create DayTimeDuration attribute
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createDayTimeDurationAttributeType(String attrID, String issuer, Duration value)
+ {
+ return getBareAttributeType(attrID, issuer, value.toString(), XMLSchemaConstants.DATATYPE_DAYTIMEDURATION);
+ }
+
+ /**
+ * Create year month duration attribute
+ * @param attrID
+ * @param issuer
+ * @param value
+ * @return
+ */
+ public static AttributeType createYearMonthDurationAttributeType(String attrID, String issuer, Duration value)
+ {
+ return getBareAttributeType(attrID, issuer, value.toString(), XMLSchemaConstants.DATATYPE_YEARMONTHDURATION);
+ }
+
+ /**
+ * Create multi valued attribute
+ * @param attrID
+ * @param issuer
+ * @param dataType
+ * @param values
+ * @return
+ */
+ public static AttributeType createMultiValuedAttributeType(String attrID, String issuer, String dataType, String[] values)
+ {
+ AttributeType attributeType = new AttributeType();
+ attributeType.setAttributeId(attrID);
+ attributeType.setDataType(dataType);
+ if (issuer != null)
+ attributeType.setIssuer(issuer);
+
+ List<String> valueList = Arrays.asList(values);
+
+ AttributeValueType avt = new AttributeValueType();
+ avt.getContent().addAll(valueList);
+ attributeType.getAttributeValue().add(avt);
+ return attributeType;
+ }
+
+ private static AttributeType getBareAttributeType(String attrID, String issuer, Object value, String dataType)
+ {
+ AttributeType attributeType = new AttributeType();
+ attributeType.setAttributeId(attrID);
+ attributeType.setDataType(dataType);
+ if (issuer != null)
+ attributeType.setIssuer(issuer);
+ AttributeValueType avt = new AttributeValueType();
+ avt.getContent().add(value);
+ attributeType.getAttributeValue().add(avt);
+ return attributeType;
+ }
+
+ private static String getXMLDate()
+ {
+ DatatypeFactory dtf;
+ try
+ {
+ dtf = DatatypeFactory.newInstance();
+ }
+ catch (DatatypeConfigurationException e)
+ {
+ throw new RuntimeException(e);
+ }
+ XMLGregorianCalendar value = dtf.newXMLGregorianCalendar((GregorianCalendar) Calendar.getInstance());
+ return value.toXMLFormat();
+ }
+}
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/SecurityActions.java (from rev 91895, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/SecurityActions.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/SecurityActions.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/factories/SecurityActions.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,51 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.factories;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 10, 2007
+ * @version $Revision$
+ */
+class SecurityActions
+{
+ /**
+ * Obtain the Thread Context ClassLoader
+ * @return
+ */
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/PolicyLocator.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/PolicyLocator.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/PolicyLocator.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,40 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.interfaces;
-
-import java.util.Set;
-
-
-/**
- * Interface representing a locator for a XACML Policy
- * @author Anil.Saldhana at redhat.com
- * @since Jul 5, 2007
- * @version $Revision$
- */
-public interface PolicyLocator extends AbstractLocator
-{
- /**
- * Set of policies that this locator is able to return
- * @param policies
- */
- void setPolicies(Set<XACMLPolicy> policies);
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/PolicyLocator.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/PolicyLocator.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/PolicyLocator.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/PolicyLocator.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,46 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.interfaces;
+
+import java.util.Set;
+
+
+/**
+ * Interface representing a locator for a XACML Policy
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 5, 2007
+ * @version $Revision$
+ */
+public interface PolicyLocator extends AbstractLocator
+{
+ /**
+ * Set of policies that this locator is able to return
+ * @param policies
+ */
+ void setPolicies(Set<XACMLPolicy> policies);
+
+ /**
+ * Get the set of policies that the locator can return
+ * @return
+ */
+ Set<XACMLPolicy> getPolicies();
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/jaxb/PDP.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/jaxb/PDP.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/jaxb/PDP.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,99 +0,0 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.1-b02-fcs
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
-// Any modifications to this file will be lost upon recompilation of the source schema.
-// Generated on: 2007.07.06 at 03:19:27 PM CDT
-//
-
-package org.jboss.security.xacml.jaxb;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlType;
-
-/**
- * <p>Java class for PDP complex type.
- *
- * <p>The following schema fragment specifies the expected content contained within this class.
- *
- * <pre>
- * <complexType name="PDP">
- * <complexContent>
- * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- * <sequence>
- * <element ref="{urn:jboss:xacml:2.0}Policies"/>
- * <element ref="{urn:jboss:xacml:2.0}Locators"/>
- * </sequence>
- * </restriction>
- * </complexContent>
- * </complexType>
- * </pre>
- *
- *
- */
- at XmlAccessorType(XmlAccessType.FIELD)
- at XmlType(name = "PDP", propOrder =
-{"policies", "locators"})
-public class PDP
-{
-
- @XmlElement(name = "Policies", required = true)
- protected PoliciesType policies;
-
- @XmlElement(name = "Locators", required = true)
- protected LocatorsType locators;
-
- /**
- * Gets the value of the policies property.
- *
- * @return
- * possible object is
- * {@link PoliciesType }
- *
- */
- public PoliciesType getPolicies()
- {
- return policies;
- }
-
- /**
- * Sets the value of the policies property.
- *
- * @param value
- * allowed object is
- * {@link PoliciesType }
- *
- */
- public void setPolicies(PoliciesType value)
- {
- this.policies = value;
- }
-
- /**
- * Gets the value of the locators property.
- *
- * @return
- * possible object is
- * {@link LocatorsType }
- *
- */
- public LocatorsType getLocators()
- {
- return locators;
- }
-
- /**
- * Sets the value of the locators property.
- *
- * @param value
- * allowed object is
- * {@link LocatorsType }
- *
- */
- public void setLocators(LocatorsType value)
- {
- this.locators = value;
- }
-
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/jaxb/PDP.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/jaxb/PDP.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/jaxb/PDP.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/jaxb/PDP.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,99 @@
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.1-b02-fcs
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2007.07.06 at 03:19:27 PM CDT
+//
+
+package org.jboss.security.xacml.jaxb;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * <p>Java class for PDP complex type.
+ *
+ * <p>The following schema fragment specifies the expected content contained within this class.
+ *
+ * <pre>
+ * <complexType name="PDP">
+ * <complexContent>
+ * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ * <sequence>
+ * <element ref="{urn:jboss:xacml:2.0}Policies"/>
+ * <element ref="{urn:jboss:xacml:2.0}Locators"/>
+ * </sequence>
+ * </restriction>
+ * </complexContent>
+ * </complexType>
+ * </pre>
+ *
+ *
+ */
+ at XmlAccessorType(XmlAccessType.FIELD)
+ at XmlType(name = "PDP", propOrder =
+{"policies", "locators"})
+public class PDP
+{
+
+ @XmlElement(name = "Policies", required = false)
+ protected PoliciesType policies;
+
+ @XmlElement(name = "Locators", required = true)
+ protected LocatorsType locators;
+
+ /**
+ * Gets the value of the policies property.
+ *
+ * @return
+ * possible object is
+ * {@link PoliciesType }
+ *
+ */
+ public PoliciesType getPolicies()
+ {
+ return policies;
+ }
+
+ /**
+ * Sets the value of the policies property.
+ *
+ * @param value
+ * allowed object is
+ * {@link PoliciesType }
+ *
+ */
+ public void setPolicies(PoliciesType value)
+ {
+ this.policies = value;
+ }
+
+ /**
+ * Gets the value of the locators property.
+ *
+ * @return
+ * possible object is
+ * {@link LocatorsType }
+ *
+ */
+ public LocatorsType getLocators()
+ {
+ return locators;
+ }
+
+ /**
+ * Sets the value of the locators property.
+ *
+ * @param value
+ * allowed object is
+ * {@link LocatorsType }
+ *
+ */
+ public void setLocators(LocatorsType value)
+ {
+ this.locators = value;
+ }
+
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/AbstractJBossPolicyLocator.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/AbstractJBossPolicyLocator.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/AbstractJBossPolicyLocator.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,78 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.locators;
-
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.jboss.security.xacml.interfaces.ContextMapOp;
-import org.jboss.security.xacml.interfaces.PolicyLocator;
-import org.jboss.security.xacml.interfaces.XACMLPolicy;
-import org.jboss.security.xacml.jaxb.Option;
-
-
-/**
- * Base Class for Policy Locators
- * @author Anil.Saldhana at redhat.com
- * @since Jul 6, 2007
- * @version $Revision$
- */
-public abstract class AbstractJBossPolicyLocator implements PolicyLocator
-{
- protected List<Option> options = null;
-
- protected Map<String, Object> map = new HashMap<String, Object>();
-
- protected Set<XACMLPolicy> policies;
-
- /**
- * @see PolicyLocator#setOptions(List)
- */
- public void setOptions(List<Option> theoptions)
- {
- this.options = theoptions;
- }
-
- /**
- * @see ContextMapOp#get(String)
- */
- @SuppressWarnings("unchecked")
- public <T> T get(String key)
- {
- return (T) map.get(key);
- }
-
- /**
- * @see ContextMapOp#set(String, Object)
- */
- public <T> void set(String key, T obj)
- {
- map.put(key, obj);
- }
-
- /**
- * @see PolicyLocator#setPolicies(Set)
- */
- public abstract void setPolicies(Set<XACMLPolicy> policies);
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/AbstractJBossPolicyLocator.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/AbstractJBossPolicyLocator.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/AbstractJBossPolicyLocator.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/AbstractJBossPolicyLocator.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,90 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.locators;
+
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.jboss.security.xacml.interfaces.ContextMapOp;
+import org.jboss.security.xacml.interfaces.PolicyLocator;
+import org.jboss.security.xacml.interfaces.XACMLPolicy;
+import org.jboss.security.xacml.jaxb.Option;
+
+
+/**
+ * Base Class for Policy Locators
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 6, 2007
+ * @version $Revision$
+ */
+public abstract class AbstractJBossPolicyLocator implements PolicyLocator
+{
+ protected List<Option> options = null;
+
+ protected Map<String, Object> map = new HashMap<String, Object>();
+
+ protected Set<XACMLPolicy> policies;
+
+ /**
+ * @see PolicyLocator#setOptions(List)
+ */
+ public void setOptions(List<Option> theoptions)
+ {
+ this.options = theoptions;
+ }
+
+ /**
+ * @see ContextMapOp#get(String)
+ */
+ @SuppressWarnings("unchecked")
+ public <T> T get(String key)
+ {
+ return (T) map.get(key);
+ }
+
+ /**
+ * @see ContextMapOp#set(String, Object)
+ */
+ public <T> void set(String key, T obj)
+ {
+ map.put(key, obj);
+ }
+
+ /**
+ * @see PolicyLocator#setPolicies(Set)
+ */
+ public abstract void setPolicies(Set<XACMLPolicy> policies);
+
+ /**
+ * @see PolicyLocator#getPolicies()
+ */
+ public Set<XACMLPolicy> getPolicies()
+ {
+ if(policies == null)
+ return Collections.emptySet();
+ else
+ return Collections.unmodifiableSet(policies);
+ }
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicyLocator.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicyLocator.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicyLocator.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,67 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.locators;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Set;
-
-import org.jboss.security.xacml.bridge.WrapperPolicyFinderModule;
-import org.jboss.security.xacml.interfaces.XACMLConstants;
-import org.jboss.security.xacml.interfaces.XACMLPolicy;
-import org.jboss.security.xacml.sunxacml.Policy;
-import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule;
-
-/**
- * Policy Locator for plain XACML Policy instances
- * @author Anil.Saldhana at redhat.com
- * @since Jul 6, 2007
- * @version $Revision$
- */
-public class JBossPolicyLocator extends AbstractJBossPolicyLocator
-{
- private List<PolicyFinderModule> pfml = new ArrayList<PolicyFinderModule>();
-
- public JBossPolicyLocator()
- {
- }
-
- public JBossPolicyLocator(Set<XACMLPolicy> policies)
- {
- setPolicies(policies);
- }
-
- @Override
- public void setPolicies(Set<XACMLPolicy> policies)
- {
- for (XACMLPolicy xp : policies)
- {
- if (xp.getType() == XACMLPolicy.POLICY)
- {
- Policy p = xp.get(XACMLConstants.UNDERLYING_POLICY);
- WrapperPolicyFinderModule wpfm = new WrapperPolicyFinderModule(p);
- pfml.add(wpfm);
- }
- }
- this.map.put(XACMLConstants.POLICY_FINDER_MODULE, pfml);
- }
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicyLocator.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicyLocator.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicyLocator.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicyLocator.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,69 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.locators;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+
+import org.jboss.security.xacml.bridge.WrapperPolicyFinderModule;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XACMLPolicy;
+import org.jboss.security.xacml.sunxacml.Policy;
+import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule;
+
+/**
+ * Policy Locator for plain XACML Policy instances
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 6, 2007
+ * @version $Revision$
+ */
+public class JBossPolicyLocator extends AbstractJBossPolicyLocator
+{
+ private List<PolicyFinderModule> pfml = new ArrayList<PolicyFinderModule>();
+
+ public JBossPolicyLocator()
+ {
+ }
+
+ public JBossPolicyLocator(Set<XACMLPolicy> policies)
+ {
+ setPolicies(policies);
+ }
+
+ @Override
+ public void setPolicies(Set<XACMLPolicy> policies)
+ {
+ this.policies = policies;
+
+ for (XACMLPolicy xp : policies)
+ {
+ if (xp.getType() == XACMLPolicy.POLICY)
+ {
+ Policy p = xp.get(XACMLConstants.UNDERLYING_POLICY);
+ WrapperPolicyFinderModule wpfm = new WrapperPolicyFinderModule(p);
+ pfml.add(wpfm);
+ }
+ }
+ this.map.put(XACMLConstants.POLICY_FINDER_MODULE, pfml);
+ }
+}
\ No newline at end of file
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicySetLocator.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicySetLocator.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicySetLocator.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,92 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.locators;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Set;
-
-import org.jboss.security.xacml.bridge.PolicySetFinderModule;
-import org.jboss.security.xacml.interfaces.XACMLConstants;
-import org.jboss.security.xacml.interfaces.XACMLPolicy;
-import org.jboss.security.xacml.sunxacml.AbstractPolicy;
-import org.jboss.security.xacml.sunxacml.PolicySet;
-
-/**
- * Locator for a PolicySet
- * @author Anil.Saldhana at redhat.com
- * @since Jul 6, 2007
- * @version $Revision$
- */
-public class JBossPolicySetLocator extends AbstractJBossPolicyLocator
-{
- private List<PolicySetFinderModule> pfml = new ArrayList<PolicySetFinderModule>();
-
- public JBossPolicySetLocator()
- {
- }
-
- public JBossPolicySetLocator(Set<XACMLPolicy> policies)
- {
- setPolicies(policies);
- }
-
- @Override
- public void setPolicies(Set<XACMLPolicy> policies)
- {
- for (XACMLPolicy xp : policies)
- {
- if (xp.getType() == XACMLPolicy.POLICYSET)
- {
- pfml.add(getPopulatedPolicySetFinderModule(xp));
- }
- }
- this.map.put(XACMLConstants.POLICY_FINDER_MODULE, pfml);
- }
-
- private PolicySetFinderModule getPopulatedPolicySetFinderModule(XACMLPolicy xpolicy)
- {
- PolicySetFinderModule psfm = new PolicySetFinderModule();
- //Check for enclosed policies
- List<AbstractPolicy> sunxacmlPolicies = new ArrayList<AbstractPolicy>();
- this.recursivePopulate(xpolicy, sunxacmlPolicies, psfm);
-
- psfm.set((PolicySet) xpolicy.get(XACMLConstants.UNDERLYING_POLICY), sunxacmlPolicies);
-
- //Make this PolicySetFinderModule the module for this policy set
- xpolicy.set(XACMLConstants.POLICY_FINDER_MODULE, psfm);
- return psfm;
- }
-
- private void recursivePopulate(XACMLPolicy policy, List<AbstractPolicy> policies, PolicySetFinderModule psfm)
- {
- List<XACMLPolicy> policyList = policy.getEnclosingPolicies();
- for (XACMLPolicy xp : policyList)
- {
- AbstractPolicy p = xp.get(XACMLConstants.UNDERLYING_POLICY);
- policies.add(p);
- if (p instanceof PolicySet)
- this.recursivePopulate(xp, policies, psfm);
- }
-
- }
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicySetLocator.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicySetLocator.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicySetLocator.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/JBossPolicySetLocator.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,93 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.locators;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+
+import org.jboss.security.xacml.bridge.PolicySetFinderModule;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XACMLPolicy;
+import org.jboss.security.xacml.sunxacml.AbstractPolicy;
+import org.jboss.security.xacml.sunxacml.PolicySet;
+
+/**
+ * Locator for a PolicySet
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 6, 2007
+ * @version $Revision$
+ */
+public class JBossPolicySetLocator extends AbstractJBossPolicyLocator
+{
+ private List<PolicySetFinderModule> pfml = new ArrayList<PolicySetFinderModule>();
+
+ public JBossPolicySetLocator()
+ {
+ }
+
+ public JBossPolicySetLocator(Set<XACMLPolicy> policies)
+ {
+ setPolicies(policies);
+ }
+
+ @Override
+ public void setPolicies(Set<XACMLPolicy> policies)
+ {
+ this.policies = policies;
+ for (XACMLPolicy xp : policies)
+ {
+ if (xp.getType() == XACMLPolicy.POLICYSET)
+ {
+ pfml.add(getPopulatedPolicySetFinderModule(xp));
+ }
+ }
+ this.map.put(XACMLConstants.POLICY_FINDER_MODULE, pfml);
+ }
+
+ private PolicySetFinderModule getPopulatedPolicySetFinderModule(XACMLPolicy xpolicy)
+ {
+ PolicySetFinderModule psfm = new PolicySetFinderModule();
+ //Check for enclosed policies
+ List<AbstractPolicy> sunxacmlPolicies = new ArrayList<AbstractPolicy>();
+ this.recursivePopulate(xpolicy, sunxacmlPolicies, psfm);
+
+ psfm.set((PolicySet) xpolicy.get(XACMLConstants.UNDERLYING_POLICY), sunxacmlPolicies);
+
+ //Make this PolicySetFinderModule the module for this policy set
+ xpolicy.set(XACMLConstants.POLICY_FINDER_MODULE, psfm);
+ return psfm;
+ }
+
+ private void recursivePopulate(XACMLPolicy policy, List<AbstractPolicy> policies, PolicySetFinderModule psfm)
+ {
+ List<XACMLPolicy> policyList = policy.getEnclosingPolicies();
+ for (XACMLPolicy xp : policyList)
+ {
+ AbstractPolicy p = xp.get(XACMLConstants.UNDERLYING_POLICY);
+ policies.add(p);
+ if (p instanceof PolicySet)
+ this.recursivePopulate(xp, policies, psfm);
+ }
+
+ }
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/SecurityActions.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/SecurityActions.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/SecurityActions.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,51 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.xacml.locators;
-
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-
-
-/**
- * Privileged Blocks
- * @author Anil.Saldhana at redhat.com
- * @since Jul 10, 2007
- * @version $Revision$
- */
-public class SecurityActions
-{
- /**
- * Obtain the Thread Context ClassLoader
- * @return
- */
- public static ClassLoader getContextClassLoader()
- {
- return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
- {
- public ClassLoader run()
- {
- return Thread.currentThread().getContextClassLoader();
- }
- });
- }
-
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/SecurityActions.java (from rev 91895, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/SecurityActions.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/SecurityActions.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/SecurityActions.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,51 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.locators;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 10, 2007
+ * @version $Revision$
+ */
+class SecurityActions
+{
+ /**
+ * Obtain the Thread Context ClassLoader
+ * @return
+ */
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/util/JBossXACMLEntityResolver.java (from rev 91894, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/util/JBossXACMLEntityResolver.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/util/JBossXACMLEntityResolver.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/util/JBossXACMLEntityResolver.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,153 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.util;
+
+import java.io.InputStream;
+import java.io.Reader;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.w3c.dom.ls.LSInput;
+import org.w3c.dom.ls.LSResourceResolver;
+
+/**
+ * An LSResource Resolver for schema validation
+ * @author Anil.Saldhana at redhat.com
+ * @since July 31, 2009
+ */
+public class JBossXACMLEntityResolver implements LSResourceResolver
+{
+ private static Map<String, LSInput> lsmap = new HashMap<String,LSInput>();
+
+ private static Map<String, String> schemaLocationMap = new HashMap<String,String>();
+
+ static
+ {
+ schemaLocationMap.put("urn:oasis:names:tc:xacml:2.0:policy:schema:os",
+ "schema/access_control-xacml-2.0-policy-schema-os.xsd");
+ schemaLocationMap.put("urn:oasis:names:tc:xacml:2.0:context:schema:os",
+ "schema/access_control-xacml-2.0-context-schema-os.xsd");
+
+ schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd",
+ "schema/w3c/xmlenc/xenc-schema.xsd");
+ schemaLocationMap.put("datatypes.dtd",
+ "schema/w3c/xmlschema/datatypes.dtd");
+ schemaLocationMap.put("http://www.w3.org/2001/XMLSchema.dtd",
+ "schema/w3c/xmlschema/XMLSchema.dtd");
+ }
+
+ public LSInput resolveResource(String type,
+ String namespaceURI, final String publicId,
+ final String systemId, final String baseURI)
+ {
+ LSInput lsi = lsmap.get(systemId);
+ if(lsi == null)
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ String loc = schemaLocationMap.get(systemId);
+ if(loc == null)
+ return null;
+
+ final InputStream is = tcl.getResourceAsStream(loc);
+ if(is == null)
+ System.out.println("inputstream is null for "+ loc);
+ lsi = new LSInput()
+ {
+ public String getBaseURI()
+ {
+ return baseURI;
+ }
+
+ public InputStream getByteStream()
+ {
+ return is;
+ }
+
+ public boolean getCertifiedText()
+ {
+ return false;
+ }
+
+ public Reader getCharacterStream()
+ {
+ return null;
+ }
+
+ public String getEncoding()
+ {
+ return null;
+ }
+
+ public String getPublicId()
+ {
+ return publicId;
+ }
+
+ public String getStringData()
+ {
+ return null;
+ }
+
+ public String getSystemId()
+ {
+ return systemId;
+ }
+
+ public void setBaseURI(String baseURI)
+ {
+ }
+
+ public void setByteStream(InputStream byteStream)
+ {
+ }
+
+ public void setCertifiedText(boolean certifiedText)
+ {
+ }
+
+ public void setCharacterStream(Reader characterStream)
+ {
+ }
+
+ public void setEncoding(String encoding)
+ {
+ }
+
+ public void setPublicId(String publicId)
+ {
+ }
+
+ public void setStringData(String stringData)
+ {
+ }
+
+ public void setSystemId(String systemId)
+ {
+ }
+ };
+
+ lsmap.put(systemId, lsi);
+ }
+ return lsi;
+ }
+
+}
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/util/SecurityActions.java (from rev 91895, projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/util/SecurityActions.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/util/SecurityActions.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/java/org/jboss/security/xacml/util/SecurityActions.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,51 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.xacml.util;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 10, 2007
+ * @version $Revision$
+ */
+class SecurityActions
+{
+ /**
+ * Obtain the Thread Context ClassLoader
+ * @return
+ */
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/resources/schema/jbossxacml-2.0.xsd
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/resources/schema/jbossxacml-2.0.xsd 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/resources/schema/jbossxacml-2.0.xsd 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,58 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns:ns="urn:jboss:xacml:2.0"
- targetNamespace="urn:jboss:xacml:2.0"
- elementFormDefault="qualified" attributeFormDefault="unqualified">
- <xs:element name="jbosspdp" type="ns:PDP">
- <xs:annotation>
- <xs:documentation>Root Element for JBoss XACML</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:complexType name="PDP">
- <xs:sequence>
- <xs:element ref="ns:Policies" minOccurs="1"/>
- <xs:element ref="ns:Locators" minOccurs="1"/>
- </xs:sequence>
- </xs:complexType>
- <xs:element name="Policies" type="ns:PoliciesType"/>
- <xs:complexType name="PoliciesType">
- <xs:sequence>
- <xs:element name="PolicySet" type="ns:PolicySetType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="Policy" type="ns:PolicyType" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- <xs:complexType name="PolicySetType">
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI" minOccurs="0"/>
- <xs:element name="Policy" type="ns:PolicyType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="PolicySet" type="ns:PolicySetType" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- <xs:complexType name="PolicyType">
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
- <xs:element name="Locators" type="ns:LocatorsType"/>
- <xs:complexType name="LocatorsType">
- <xs:sequence>
- <xs:element name="Locator" type="ns:LocatorType" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:element name="Option">
- <xs:complexType mixed="true">
- <xs:sequence>
- <xs:any namespace="##other" minOccurs="0"/>
- </xs:sequence>
- <xs:attribute name="Name" type="xs:string"/>
- </xs:complexType>
- </xs:element>
-
- <xs:complexType name="LocatorType">
- <xs:sequence>
- <xs:element ref="ns:Option" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="Name" type="xs:string"/>
- </xs:complexType>
-</xs:schema>
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/resources/schema/jbossxacml-2.0.xsd (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/main/resources/schema/jbossxacml-2.0.xsd)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/resources/schema/jbossxacml-2.0.xsd (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/resources/schema/jbossxacml-2.0.xsd 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:ns="urn:jboss:xacml:2.0"
+ targetNamespace="urn:jboss:xacml:2.0"
+ elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xs:element name="jbosspdp" type="ns:PDP">
+ <xs:annotation>
+ <xs:documentation>Root Element for JBoss XACML</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:complexType name="PDP">
+ <xs:sequence>
+ <xs:element ref="ns:Policies" minOccurs="0"/>
+ <xs:element ref="ns:Locators" minOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="Policies" type="ns:PoliciesType"/>
+ <xs:complexType name="PoliciesType">
+ <xs:sequence>
+ <xs:element name="PolicySet" type="ns:PolicySetType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="Policy" type="ns:PolicyType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="PolicySetType">
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI" minOccurs="0"/>
+ <xs:element name="Policy" type="ns:PolicyType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="PolicySet" type="ns:PolicySetType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="PolicyType">
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI"/>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="Locators" type="ns:LocatorsType"/>
+ <xs:complexType name="LocatorsType">
+ <xs:sequence>
+ <xs:element name="Locator" type="ns:LocatorType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:element name="Option">
+ <xs:complexType mixed="true">
+ <xs:sequence>
+ <xs:any namespace="##other" minOccurs="0"/>
+ </xs:sequence>
+ <xs:attribute name="Name" type="xs:string"/>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:complexType name="LocatorType">
+ <xs:sequence>
+ <xs:element ref="ns:Option" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="Name" type="xs:string"/>
+ </xs:complexType>
+</xs:schema>
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/main/resources/schema/xmlschema (from rev 91894, projects/security/security-xacml/trunk/jboss-xacml/src/main/resources/schema/xmlschema)
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/XACMLUnitTestCase.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/XACMLUnitTestCase.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/XACMLUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,194 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.security.test.xacml;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.net.URL;
-import java.util.ArrayList;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.xacml.sunxacml.ConfigurationStore;
-import org.jboss.security.xacml.sunxacml.PDP;
-import org.jboss.security.xacml.sunxacml.PDPConfig;
-import org.jboss.security.xacml.sunxacml.ParsingException;
-import org.jboss.security.xacml.sunxacml.ctx.RequestCtx;
-import org.jboss.security.xacml.sunxacml.ctx.ResponseCtx;
-import org.jboss.security.xacml.sunxacml.ctx.Result;
-import org.jboss.security.xacml.sunxacml.ctx.Status;
-
-//$Id: XACMLUnitTestCase.java 45725 2006-06-21 17:19:15Z asaldhana $
-
-/**
- * Unit Tests for the XACML Integration
- * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
- * @since May 26, 2006
- * @version $Revision: 45725 $
- */
-public class XACMLUnitTestCase extends TestCase
-{
- /**
- * There are basic xacml conformance tests in the resources folder(security/xacml)
- * with the format testX where X is an integer in (firstTest,numberOfTests}.
- * If you need to run a particular test - make both these variables to be
- * the number of the test. So to run test6, both firstTest=6 and
- * numberOfTests=6
- */
- private int firstTest = 1;
-
- private int numberOfTests = 17;
-
- //True: Response will be dumped to System.out
- private boolean debug = false;
-
- public XACMLUnitTestCase(String name)
- {
- super(name);
- }
-
- public void testPDPConstruction() throws Exception
- {
- assertNotNull("PDP != null", getBasicPDP());
- }
-
- public void testPDPResponse() throws Exception
- {
- for (int i = firstTest; i <= numberOfTests; i++)
- {
- String[] policyFiles = new String[]
- {getPolicyFile(i)};
- PDP pdp = new PDP(new PDPConfig(XACMLUtil.getAttributeFinder(), XACMLUtil.getPolicyFinder(policyFiles), null));
- assertNotNull("PDP != null", pdp);
- ResponseCtx first = processRequest(pdp, getRequestFile(i));
- assertNotNull("Response != null", first);
- if(debug)
- System.out.println("Test:"+i);
- //Print out the response to the System.Out
- XACMLUtil.logResponseCtxToSystemOut(first, debug);
- ResponseCtx second = ResponseCtx.getInstance(new FileInputStream(getResponseFile(i)));
- try
- {
- XACMLUtil.assertEquals(first, second);
- }
- catch (Exception e)
- {
- Exception enew = new Exception("Test#" + i + "::" + e.getMessage());
- enew.initCause(e);
- throw enew;
- }
- }
- }
-
- /**
- * Obtain a very basic PDP
- * @return
- * @throws Exception
- */
- private PDP getBasicPDP() throws Exception
- {
- String p = "security/xacml/basicConfig.xml";
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL url = tcl.getResource(p);
- File file = new File(url.getPath());
- ConfigurationStore store = new ConfigurationStore(file);
- store.useDefaultFactories();
- return new PDP(store.getDefaultPDPConfig());
- }
-
- /**
- * Ask the PDP to evaluate the input request file
- * @param pdp
- * @param requestFile
- * @return
- * @throws Exception
- */
- private ResponseCtx processRequest(PDP pdp, String requestFile) throws Exception
- {
- ResponseCtx response = null;
-
- try
- {
- response = pdp.evaluate(RequestCtx.getInstance(new FileInputStream(requestFile)));
- }
- catch (ParsingException pse)
- {
- response = getSyntaxErrorResponseCtx();
- }
- return response;
- }
-
- /**
- * Get the String that represents the temp file
- * for the Policy 1
- * @return
- */
- private String getPolicyFile(int num) throws Exception
- {
- String p1 = "security/xacml/test" + num + "/policy.xml";
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL url = tcl.getResource(p1);
- assertNotNull("policy file " + p1 + " null", url);
- return url.getPath();
- }
-
- /**
- * Get the String that represents the file
- * for the Request File
- * @return
- */
- private String getRequestFile(int num) throws Exception
- {
- String p1 = "security/xacml/test" + num + "/request.xml";
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL url = tcl.getResource(p1);
- assertNotNull("request file " + p1 + " null", url);
- return url.getPath();
- }
-
- /**
- * Get the String that represents the file
- * for the Request File
- * @return
- */
- private String getResponseFile(int num) throws Exception
- {
- String p1 = "security/xacml/test" + num + "/response.xml";
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL url = tcl.getResource(p1);
- assertNotNull("response file " + p1 + " != null", url);
- return url.getPath();
- }
-
- /**
- * Get the ResponseCtx that represents a Syntax Error
- * @return
- */
- private ResponseCtx getSyntaxErrorResponseCtx()
- {
- ArrayList code = new ArrayList();
- code.add(Status.STATUS_SYNTAX_ERROR);
- Status status = new Status(code);
-
- return new ResponseCtx(new Result(Result.DECISION_INDETERMINATE, status));
- }
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/XACMLUnitTestCase.java (from rev 90341, projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/XACMLUnitTestCase.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/XACMLUnitTestCase.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/test/xacml/XACMLUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,195 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.test.xacml;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.net.URL;
+import java.util.ArrayList;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.xacml.sunxacml.ConfigurationStore;
+import org.jboss.security.xacml.sunxacml.PDP;
+import org.jboss.security.xacml.sunxacml.PDPConfig;
+import org.jboss.security.xacml.sunxacml.ParsingException;
+import org.jboss.security.xacml.sunxacml.ctx.RequestCtx;
+import org.jboss.security.xacml.sunxacml.ctx.ResponseCtx;
+import org.jboss.security.xacml.sunxacml.ctx.Result;
+import org.jboss.security.xacml.sunxacml.ctx.Status;
+
+//$Id: XACMLUnitTestCase.java 45725 2006-06-21 17:19:15Z asaldhana $
+
+/**
+ * Unit Tests for the XACML Integration
+ * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @since May 26, 2006
+ * @version $Revision: 45725 $
+ */
+public class XACMLUnitTestCase extends TestCase
+{
+ /**
+ * There are basic xacml conformance tests in the resources folder(security/xacml)
+ * with the format testX where X is an integer in (firstTest,numberOfTests}.
+ * If you need to run a particular test - make both these variables to be
+ * the number of the test. So to run test6, both firstTest=6 and
+ * numberOfTests=6
+ */
+ private int firstTest = 1;
+
+ private int numberOfTests = 17;
+
+ //True: Response will be dumped to System.out
+ private boolean debug = false;
+
+ public XACMLUnitTestCase(String name)
+ {
+ super(name);
+ }
+
+ public void testPDPConstruction() throws Exception
+ {
+ assertNotNull("PDP != null", getBasicPDP());
+ }
+
+ public void testPDPResponse() throws Exception
+ {
+ for (int i = firstTest; i <= numberOfTests; i++)
+ {
+ String[] policyFiles = new String[]
+ {getPolicyFile(i)};
+ PDP pdp = new PDP(new PDPConfig(XACMLUtil.getAttributeFinder(), XACMLUtil.getPolicyFinder(policyFiles), null));
+ assertNotNull("PDP != null", pdp);
+ ResponseCtx first = processRequest(pdp, getRequestFile(i));
+ assertNotNull("Response != null", first);
+ if(debug)
+ System.out.println("Test:"+i);
+ //Print out the response to the System.Out
+ XACMLUtil.logResponseCtxToSystemOut(first, debug);
+ ResponseCtx second = ResponseCtx.getInstance(new FileInputStream(getResponseFile(i)));
+ try
+ {
+ XACMLUtil.assertEquals(first, second);
+ }
+ catch (Exception e)
+ {
+ Exception enew = new Exception("Test#" + i + "::" + e.getMessage());
+ enew.initCause(e);
+ throw enew;
+ }
+ }
+ }
+
+ /**
+ * Obtain a very basic PDP
+ * @return
+ * @throws Exception
+ */
+ private PDP getBasicPDP() throws Exception
+ {
+ String p = "security/xacml/basicConfig.xml";
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL url = tcl.getResource(p);
+ File file = new File(url.getPath());
+ ConfigurationStore store = new ConfigurationStore(file);
+ store.useDefaultFactories();
+ return new PDP(store.getDefaultPDPConfig());
+ }
+
+ /**
+ * Ask the PDP to evaluate the input request file
+ * @param pdp
+ * @param requestFile
+ * @return
+ * @throws Exception
+ */
+ private ResponseCtx processRequest(PDP pdp, String requestFile) throws Exception
+ {
+ ResponseCtx response = null;
+
+ try
+ {
+ response = pdp.evaluate(RequestCtx.getInstance(new FileInputStream(requestFile)));
+ }
+ catch (ParsingException pse)
+ {
+ response = getSyntaxErrorResponseCtx();
+ }
+ return response;
+ }
+
+ /**
+ * Get the String that represents the temp file
+ * for the Policy 1
+ * @return
+ */
+ private String getPolicyFile(int num) throws Exception
+ {
+ String p1 = "security/xacml/test" + num + "/policy.xml";
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL url = tcl.getResource(p1);
+ assertNotNull("policy file " + p1 + " null", url);
+ return url.getPath();
+ }
+
+ /**
+ * Get the String that represents the file
+ * for the Request File
+ * @return
+ */
+ private String getRequestFile(int num) throws Exception
+ {
+ String p1 = "security/xacml/test" + num + "/request.xml";
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL url = tcl.getResource(p1);
+ assertNotNull("request file " + p1 + " null", url);
+ return url.getPath();
+ }
+
+ /**
+ * Get the String that represents the file
+ * for the Request File
+ * @return
+ */
+ private String getResponseFile(int num) throws Exception
+ {
+ String p1 = "security/xacml/test" + num + "/response.xml";
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL url = tcl.getResource(p1);
+ assertNotNull("response file " + p1 + " != null", url);
+ return url.getPath();
+ }
+
+ /**
+ * Get the ResponseCtx that represents a Syntax Error
+ * @return
+ */
+ @SuppressWarnings("unchecked")
+ private ResponseCtx getSyntaxErrorResponseCtx()
+ {
+ ArrayList code = new ArrayList();
+ code.add(Status.STATUS_SYNTAX_ERROR);
+ Status status = new Status(code);
+
+ return new ResponseCtx(new Result(Result.DECISION_INDETERMINATE, status));
+ }
+}
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/config/JBossXACMLConfigUnitTestCase.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/xacml/config/JBossXACMLConfigUnitTestCase.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/config/JBossXACMLConfigUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,151 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.security.xacml.config;
-
-import java.net.URL;
-import java.util.List;
-
-import javax.xml.XMLConstants;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.validation.Schema;
-import javax.xml.validation.SchemaFactory;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.xacml.core.JBossPDP;
-import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
-import org.jboss.security.xacml.interfaces.XACMLConstants;
-import org.jboss.security.xacml.jaxb.LocatorType;
-import org.jboss.security.xacml.jaxb.LocatorsType;
-import org.jboss.security.xacml.jaxb.PDP;
-import org.jboss.security.xacml.jaxb.PoliciesType;
-import org.jboss.security.xacml.jaxb.PolicySetType;
-import org.jboss.test.security.xacml.factories.util.XACMLTestUtil;
-
-
-/**
- * Test the import of the config file driving JBossXACML
- * @author Anil.Saldhana at redhat.com
- * @since Jul 5, 2007
- * @version $Revision$
- */
-public class JBossXACMLConfigUnitTestCase extends TestCase
-{
- public void testBasicPolicySetConfig() throws Exception
- {
- JAXBContext jc = JAXBContext.newInstance("org.jboss.security.xacml.jaxb");
- assertNotNull("JAXBContext is !null", jc);
- Unmarshaller u = jc.createUnmarshaller();
- //Validate against schema
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL schemaURL = tcl.getResource("schema/jbossxacml-2.0.xsd");
- assertNotNull("Schema URL != null", schemaURL);
- SchemaFactory scFact = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
- Schema schema = scFact.newSchema(schemaURL);
- u.setSchema(schema);
-
- URL configFile = tcl.getResource("test/config/basicPolicySetConfig.xml");
- JAXBElement<?> j = (JAXBElement<?>) u.unmarshal(configFile);
- assertNotNull("JAXBElement is !null", j);
- PDP pdp = (PDP) j.getValue();
- assertNotNull("PDP is not null", pdp);
-
- //Validate Policies
- PoliciesType pts = pdp.getPolicies();
- assertNotNull("PoliciesType is not null", pts);
- List<PolicySetType> pst = pts.getPolicySet();
- assertNotNull("PolicySetType is not null", pst);
- assertEquals("1 PolicySet", 1, pst.size());
- PolicySetType psetType = pst.get(0);
- String loc = psetType.getLocation();
- assertTrue("Location of PolicySet is >0", loc.length() > 0);
- assertEquals("PolicyType is null", 0, pts.getPolicy().size());
-
- //Validate Locators
- LocatorsType lts = pdp.getLocators();
- assertNotNull("LocatorsType != null", lts);
- List<LocatorType> lt = lts.getLocator();
- assertNotNull("LocatorType != null", lt);
- assertEquals("LocatorType != null", 1, lt.size());
- }
-
- public void testPDPForHimss09()
- {
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL configFile = tcl.getResource("test/config/himss09-interop-config.xml");
- assertNotNull("configFile != null", configFile);
- PolicyDecisionPoint pdp = new JBossPDP(configFile);
- assertNotNull(pdp);
- }
-
- /**
- * Test the URL version of the PDP construction
- * @throws Exception
- */
- public void testPDPConfig() throws Exception
- {
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL configFile = tcl.getResource("test/config/interopPolicySetConfig.xml");
- assertNotNull("configFile != null", configFile);
- PolicyDecisionPoint pdp = new JBossPDP(configFile);
- XACMLTestUtil.validateInteropCases(pdp);
- }
-
- /**
- * SECURITY-382: JBossPDP to take in configuration metadata
- * @throws Exception
- */
- public void testPDPConfigPassingJAXBConfig() throws Exception
- {
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL configFile = tcl.getResource("test/config/interopPolicySetConfig.xml");
- JAXBContext jc = JAXBContext.newInstance("org.jboss.security.xacml.jaxb");
- assertNotNull("JAXBContext is !null", jc);
- Unmarshaller u = jc.createUnmarshaller();
- JAXBElement<?> j = (JAXBElement<?>) u.unmarshal(configFile);
- assertNotNull("JAXBElement is !null", j);
-
- assertNotNull("configFile != null", configFile);
- PolicyDecisionPoint pdp = new JBossPDP(j);
- XACMLTestUtil.validateInteropCases(pdp);
- }
-
- public void testPDPConfigJAXBConfigWithAdditionalTestLocators() throws Exception
- {
- String fileName = "test/config/interopPolicySetConfig_additional_testlocators.xml";
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- URL configFile = tcl.getResource(fileName);
- JAXBContext jc = JAXBContext.newInstance("org.jboss.security.xacml.jaxb");
- assertNotNull("JAXBContext is !null", jc);
- Unmarshaller u = jc.createUnmarshaller();
- JAXBElement<?> j = (JAXBElement<?>) u.unmarshal(configFile);
- assertNotNull("JAXBElement is !null", j);
-
- assertNotNull("configFile != null", configFile);
- PolicyDecisionPoint pdp = new JBossPDP(j);
- TestCase.assertEquals("Case 1 should be deny",
- XACMLConstants.DECISION_DENY, XACMLTestUtil.getDecision(pdp,
- "test/policies/custom/custom-request.xml"));
- }
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/config/JBossXACMLConfigUnitTestCase.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/xacml/config/JBossXACMLConfigUnitTestCase.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/config/JBossXACMLConfigUnitTestCase.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/config/JBossXACMLConfigUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,176 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.xacml.config;
+
+import java.net.URL;
+import java.util.List;
+
+import javax.xml.XMLConstants;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.validation.Schema;
+import javax.xml.validation.SchemaFactory;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.xacml.core.JBossPDP;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.jaxb.LocatorType;
+import org.jboss.security.xacml.jaxb.LocatorsType;
+import org.jboss.security.xacml.jaxb.PDP;
+import org.jboss.security.xacml.jaxb.PoliciesType;
+import org.jboss.security.xacml.jaxb.PolicySetType;
+import org.jboss.test.security.xacml.factories.util.XACMLTestUtil;
+
+
+/**
+ * Test the import of the config file driving JBossXACML
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 5, 2007
+ * @version $Revision$
+ */
+public class JBossXACMLConfigUnitTestCase extends TestCase
+{
+ public void testBasicPolicySetConfig() throws Exception
+ {
+ JAXBContext jc = JAXBContext.newInstance("org.jboss.security.xacml.jaxb");
+ assertNotNull("JAXBContext is !null", jc);
+ Unmarshaller u = jc.createUnmarshaller();
+ //Validate against schema
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL schemaURL = tcl.getResource("schema/jbossxacml-2.0.xsd");
+ assertNotNull("Schema URL != null", schemaURL);
+ SchemaFactory scFact = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
+ Schema schema = scFact.newSchema(schemaURL);
+ u.setSchema(schema);
+
+ URL configFile = tcl.getResource("test/config/basicPolicySetConfig.xml");
+ JAXBElement<?> j = (JAXBElement<?>) u.unmarshal(configFile);
+ assertNotNull("JAXBElement is !null", j);
+ PDP pdp = (PDP) j.getValue();
+ assertNotNull("PDP is not null", pdp);
+
+ //Validate Policies
+ PoliciesType pts = pdp.getPolicies();
+ assertNotNull("PoliciesType is not null", pts);
+ List<PolicySetType> pst = pts.getPolicySet();
+ assertNotNull("PolicySetType is not null", pst);
+ assertEquals("1 PolicySet", 1, pst.size());
+ PolicySetType psetType = pst.get(0);
+ String loc = psetType.getLocation();
+ assertTrue("Location of PolicySet is >0", loc.length() > 0);
+ assertEquals("PolicyType is null", 0, pts.getPolicy().size());
+
+ //Validate Locators
+ LocatorsType lts = pdp.getLocators();
+ assertNotNull("LocatorsType != null", lts);
+ List<LocatorType> lt = lts.getLocator();
+ assertNotNull("LocatorType != null", lt);
+ assertEquals("LocatorType != null", 1, lt.size());
+ }
+
+ public void testPDPForHimss09()
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL configFile = tcl.getResource("test/config/himss09-interop-config.xml");
+ assertNotNull("configFile != null", configFile);
+ PolicyDecisionPoint pdp = new JBossPDP(configFile);
+ assertNotNull(pdp);
+ }
+
+ /**
+ * Test the URL version of the PDP construction
+ * @throws Exception
+ */
+ public void testPDPConfig() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL configFile = tcl.getResource("test/config/interopPolicySetConfig.xml");
+ assertNotNull("configFile != null", configFile);
+ PolicyDecisionPoint pdp = new JBossPDP(configFile);
+ XACMLTestUtil.validateInteropCases(pdp);
+ }
+
+ /**
+ * SECURITY-382: JBossPDP to take in configuration metadata
+ * @throws Exception
+ */
+ public void testPDPConfigPassingJAXBConfig() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL configFile = tcl.getResource("test/config/interopPolicySetConfig.xml");
+ JAXBContext jc = JAXBContext.newInstance("org.jboss.security.xacml.jaxb");
+ assertNotNull("JAXBContext is !null", jc);
+ Unmarshaller u = jc.createUnmarshaller();
+ JAXBElement<?> j = (JAXBElement<?>) u.unmarshal(configFile);
+ assertNotNull("JAXBElement is !null", j);
+
+ assertNotNull("configFile != null", configFile);
+ PolicyDecisionPoint pdp = new JBossPDP(j);
+ XACMLTestUtil.validateInteropCases(pdp);
+ }
+
+ /**
+ * SECURITY-388: Attribute Locators
+ * SECURITY-390: Resource Locators
+ * @throws Exception
+ */
+ public void testPDPConfigJAXBConfigWithAdditionalTestLocators() throws Exception
+ {
+ String fileName = "test/config/interopPolicySetConfig_additional_testlocators.xml";
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL configFile = tcl.getResource(fileName);
+ JAXBContext jc = JAXBContext.newInstance("org.jboss.security.xacml.jaxb");
+ assertNotNull("JAXBContext is !null", jc);
+ Unmarshaller u = jc.createUnmarshaller();
+ JAXBElement<?> j = (JAXBElement<?>) u.unmarshal(configFile);
+ assertNotNull("JAXBElement is !null", j);
+
+ assertNotNull("configFile != null", configFile);
+ PolicyDecisionPoint pdp = new JBossPDP(j);
+ TestCase.assertEquals("Case 1 should be deny",
+ XACMLConstants.DECISION_DENY, XACMLTestUtil.getDecision(pdp,
+ "test/policies/custom/custom-request.xml"));
+ }
+
+ /**
+ * SECURITY-407: Add just Locators in the config file
+ * @throws Exception
+ */
+ public void testPDPJustLocators() throws Exception
+ {
+ String fileName = "test/config/locator/justLocatorConfig.xml";
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ URL configFile = tcl.getResource(fileName);
+ JAXBContext jc = JAXBContext.newInstance("org.jboss.security.xacml.jaxb");
+ assertNotNull("JAXBContext is !null", jc);
+ Unmarshaller u = jc.createUnmarshaller();
+ JAXBElement<?> j = (JAXBElement<?>) u.unmarshal(configFile);
+ assertNotNull("JAXBElement is !null", j);
+
+ assertNotNull("configFile != null", configFile);
+ PolicyDecisionPoint pdp = new JBossPDP(j);
+ assertNotNull(pdp);
+ }
+}
\ No newline at end of file
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JBossPDPUnitTestCase.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JBossPDPUnitTestCase.java 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JBossPDPUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,192 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.security.xacml.core;
-
-import java.io.InputStream;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.xacml.core.JBossPDP;
-import org.jboss.security.xacml.core.model.context.ActionType;
-import org.jboss.security.xacml.core.model.context.AttributeType;
-import org.jboss.security.xacml.core.model.context.EnvironmentType;
-import org.jboss.security.xacml.core.model.context.RequestType;
-import org.jboss.security.xacml.core.model.context.ResourceType;
-import org.jboss.security.xacml.core.model.context.SubjectType;
-import org.jboss.security.xacml.factories.RequestAttributeFactory;
-import org.jboss.security.xacml.factories.RequestResponseContextFactory;
-import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
-import org.jboss.security.xacml.interfaces.RequestContext;
-import org.jboss.security.xacml.interfaces.XACMLConstants;
-import org.jboss.test.security.xacml.factories.util.XACMLTestUtil;
-
-
-/**
- * Unit tests for the JBossPDP
- * @author Anil.Saldhana at redhat.com
- * @since Jul 6, 2007
- * @version $Revision$
- */
-public class JBossPDPUnitTestCase extends TestCase
-{
- /**Enable to see the xacml request in system out for the objects case**/
- //Enable for request trace
- private boolean debug = "true".equals(System.getProperty("debug", "false"));
-
- public void testInteropTestWithXMLRequests() throws Exception
- {
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream is = tcl.getResourceAsStream("test/config/interopPolicySetConfig.xml");
- assertNotNull("InputStream != null", is);
- PolicyDecisionPoint pdp = new JBossPDP(is);
- assertNotNull("JBossPDP is != null", pdp);
- //http://www.oasis-open.org/committees/download.php/24475/xacml-2.0-core-interop-draft-12-04.doc
- /*
- Test (Trade-limit)(Cred-line)(Curr-cred)(Req-tr-appr) (Req-cr-appr) (Num-shrs)(Buy-price)(Expected Decision
- 1 10000 15000 10000 False False 1000 10 Deny
- 2 10000 15000 10000 False False 1000 1 Permit
- 3 10000 15000 10000 True False 1000 5 Permit
- 4 10000 15000 10000 True False 1000 9 Deny
- 5 10000 15000 10000 True False 1000 10 Deny
- 6 10000 15000 10000 True False 1000 15 Deny
- 7 10000 15000 10000 True True 1000 10 Permit
- */
-
- XACMLTestUtil.validateInteropCases(pdp);
- }
-
- public void testInteropTestWithObjects() throws Exception
- {
- ClassLoader tcl = Thread.currentThread().getContextClassLoader();
- InputStream is = tcl.getResourceAsStream("test/config/interopPolicySetConfig.xml");
- assertNotNull("InputStream != null", is);
- PolicyDecisionPoint pdp = new JBossPDP(is);
- assertNotNull("JBossPDP is != null", pdp);
-
- assertEquals("Case 1 should be deny", XACMLConstants.DECISION_DENY, XACMLTestUtil.getDecision(pdp,
- getRequestContext("false", "false", 10)));
- assertEquals("Case 2 should be deny", XACMLConstants.DECISION_PERMIT, XACMLTestUtil.getDecision(pdp,
- getRequestContext("false", "false", 1)));
- assertEquals("Case 3 should be deny", XACMLConstants.DECISION_PERMIT, XACMLTestUtil.getDecision(pdp,
- getRequestContext("true", "false", 5)));
- assertEquals("Case 4 should be deny", XACMLConstants.DECISION_DENY, XACMLTestUtil.getDecision(pdp,
- getRequestContext("false", "false", 9)));
- assertEquals("Case 5 should be deny", XACMLConstants.DECISION_DENY, XACMLTestUtil.getDecision(pdp,
- getRequestContext("true", "false", 10)));
- assertEquals("Case 6 should be deny", XACMLConstants.DECISION_DENY, XACMLTestUtil.getDecision(pdp,
- getRequestContext("true", "false", 15)));
- assertEquals("Case 7 should be deny", XACMLConstants.DECISION_PERMIT, XACMLTestUtil.getDecision(pdp,
- getRequestContext("true", "true", 10)));
- }
-
- private RequestContext getRequestContext(String reqTradeAppr, String reqCreditAppr, int buyPrice) throws Exception
- {
- RequestType request = new RequestType();
- request.getSubject().add(createSubject(reqTradeAppr, reqCreditAppr, buyPrice));
- request.getResource().add(createResource());
- request.setAction(createAction());
- request.setEnvironment(new EnvironmentType());
-
- RequestContext requestCtx = RequestResponseContextFactory.createRequestCtx();
- requestCtx.setRequest(request);
- if (debug)
- requestCtx.marshall(System.out);
-
- return requestCtx;
- }
-
- private SubjectType createSubject(String reqTradeAppr, String reqCreditAppr, int buyPrice)
- {
- //Create a subject type
- SubjectType subject = new SubjectType();
- subject.setSubjectCategory("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject");
- //create the subject attributes
- AttributeType attSubjectID = RequestAttributeFactory.createStringAttributeType(
- "urn:oasis:names:tc:xacml:1.0:subject:subject-id", "xacml20.interop.com", "123456");
- subject.getAttribute().add(attSubjectID);
-
- AttributeType attUserName = RequestAttributeFactory.createStringAttributeType(
- "urn:xacml:2.0:interop:example:subject:user-name", "xacml20.interop.com", "John Smith");
- subject.getAttribute().add(attUserName);
-
- AttributeType attBuyNumShares = RequestAttributeFactory.createIntegerAttributeType(
- "urn:xacml:2.0:interop:example:subject:buy-num-shares", "xacml20.interop.com", 1000);
- subject.getAttribute().add(attBuyNumShares);
-
- AttributeType attBuyOfferShare = RequestAttributeFactory.createIntegerAttributeType(
- "urn:xacml:2.0:interop:example:subject:buy-offer-price", "xacml20.interop.com", buyPrice);
- subject.getAttribute().add(attBuyOfferShare);
-
- AttributeType attRequestExtCred = RequestAttributeFactory.createStringAttributeType(
- "urn:xacml:2.0:interop:example:subject:req-credit-ext-approval", "xacml20.interop.com", reqCreditAppr);
- subject.getAttribute().add(attRequestExtCred);
-
- AttributeType attRequestTradeApproval = RequestAttributeFactory.createStringAttributeType(
- "urn:xacml:2.0:interop:example:subject:req-trade-approval", "xacml20.interop.com", reqTradeAppr);
- subject.getAttribute().add(attRequestTradeApproval);
-
- return subject;
- }
-
- public ResourceType createResource()
- {
- ResourceType resourceType = new ResourceType();
-
- AttributeType attResourceID = RequestAttributeFactory.createStringAttributeType(
- "urn:oasis:names:tc:xacml:1.0:resource:resource-id", "xacml20.interop.com", "CustomerAccount");
- resourceType.getAttribute().add(attResourceID);
-
- AttributeType attOwnerID = RequestAttributeFactory.createStringAttributeType(
- "urn:xacml:2.0:interop:example:resource:owner-id", "xacml20.interop.com", "123456");
- resourceType.getAttribute().add(attOwnerID);
-
- AttributeType attOwnerName = RequestAttributeFactory.createStringAttributeType(
- "urn:xacml:2.0:interop:example:resource:owner-name", "xacml20.interop.com", "John Smith");
- resourceType.getAttribute().add(attOwnerName);
-
- AttributeType attAccountStatus = RequestAttributeFactory.createStringAttributeType(
- "urn:xacml:2.0:interop:example:resource:account-status", "xacml20.interop.com", "Active");
- resourceType.getAttribute().add(attAccountStatus);
-
- AttributeType attCreditLine = RequestAttributeFactory.createIntegerAttributeType(
- "urn:xacml:2.0:interop:example:resource:credit-line", "xacml20.interop.com", 15000);
- resourceType.getAttribute().add(attCreditLine);
-
- AttributeType attCurrentCredit = RequestAttributeFactory.createIntegerAttributeType(
- "urn:xacml:2.0:interop:example:resource:current-credit", "xacml20.interop.com", 10000);
- resourceType.getAttribute().add(attCurrentCredit);
-
- AttributeType attTradeLimit = RequestAttributeFactory.createIntegerAttributeType(
- "urn:xacml:2.0:interop:example:resource:trade-limit", "xacml20.interop.com", 10000);
- resourceType.getAttribute().add(attTradeLimit);
- return resourceType;
- }
-
- private ActionType createAction()
- {
- ActionType actionType = new ActionType();
- AttributeType attActionID = RequestAttributeFactory.createStringAttributeType(
- "urn:oasis:names:tc:xacml:1.0:action:action-id", "xacml20.interop.com", "Buy");
- actionType.getAttribute().add(attActionID);
- return actionType;
- }
-}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JBossPDPUnitTestCase.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JBossPDPUnitTestCase.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JBossPDPUnitTestCase.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JBossPDPUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,198 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.xacml.core;
+
+import java.io.InputStream;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.xacml.core.JBossPDP;
+import org.jboss.security.xacml.core.model.context.ActionType;
+import org.jboss.security.xacml.core.model.context.AttributeType;
+import org.jboss.security.xacml.core.model.context.EnvironmentType;
+import org.jboss.security.xacml.core.model.context.RequestType;
+import org.jboss.security.xacml.core.model.context.ResourceType;
+import org.jboss.security.xacml.core.model.context.SubjectType;
+import org.jboss.security.xacml.factories.RequestAttributeFactory;
+import org.jboss.security.xacml.factories.RequestResponseContextFactory;
+import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
+import org.jboss.security.xacml.interfaces.RequestContext;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.test.security.xacml.factories.util.XACMLTestUtil;
+
+
+/**
+ * Unit tests for the JBossPDP
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 6, 2007
+ * @version $Revision$
+ */
+public class JBossPDPUnitTestCase extends TestCase
+{
+ /**Enable to see the xacml request in system out for the objects case**/
+ //Enable for request trace
+ private boolean debug = "true".equals(System.getProperty("debug", "false"));
+
+
+ public String getConfigFileName()
+ {
+ return "test/config/interopPolicySetConfig.xml";
+ }
+
+ public void testInteropTestWithXMLRequests() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream is = tcl.getResourceAsStream(getConfigFileName());
+ assertNotNull("InputStream != null", is);
+ PolicyDecisionPoint pdp = new JBossPDP(is);
+ assertNotNull("JBossPDP is != null", pdp);
+ //http://www.oasis-open.org/committees/download.php/24475/xacml-2.0-core-interop-draft-12-04.doc
+ /*
+ Test (Trade-limit)(Cred-line)(Curr-cred)(Req-tr-appr) (Req-cr-appr) (Num-shrs)(Buy-price)(Expected Decision
+ 1 10000 15000 10000 False False 1000 10 Deny
+ 2 10000 15000 10000 False False 1000 1 Permit
+ 3 10000 15000 10000 True False 1000 5 Permit
+ 4 10000 15000 10000 True False 1000 9 Deny
+ 5 10000 15000 10000 True False 1000 10 Deny
+ 6 10000 15000 10000 True False 1000 15 Deny
+ 7 10000 15000 10000 True True 1000 10 Permit
+ */
+
+ XACMLTestUtil.validateInteropCases(pdp);
+ }
+
+ public void testInteropTestWithObjects() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream is = tcl.getResourceAsStream(getConfigFileName());
+ assertNotNull("InputStream != null", is);
+ PolicyDecisionPoint pdp = new JBossPDP(is);
+ assertNotNull("JBossPDP is != null", pdp);
+
+ assertEquals("Case 1 should be deny", XACMLConstants.DECISION_DENY, XACMLTestUtil.getDecision(pdp,
+ getRequestContext("false", "false", 10)));
+ assertEquals("Case 2 should be deny", XACMLConstants.DECISION_PERMIT, XACMLTestUtil.getDecision(pdp,
+ getRequestContext("false", "false", 1)));
+ assertEquals("Case 3 should be deny", XACMLConstants.DECISION_PERMIT, XACMLTestUtil.getDecision(pdp,
+ getRequestContext("true", "false", 5)));
+ assertEquals("Case 4 should be deny", XACMLConstants.DECISION_DENY, XACMLTestUtil.getDecision(pdp,
+ getRequestContext("false", "false", 9)));
+ assertEquals("Case 5 should be deny", XACMLConstants.DECISION_DENY, XACMLTestUtil.getDecision(pdp,
+ getRequestContext("true", "false", 10)));
+ assertEquals("Case 6 should be deny", XACMLConstants.DECISION_DENY, XACMLTestUtil.getDecision(pdp,
+ getRequestContext("true", "false", 15)));
+ assertEquals("Case 7 should be deny", XACMLConstants.DECISION_PERMIT, XACMLTestUtil.getDecision(pdp,
+ getRequestContext("true", "true", 10)));
+ }
+
+ private RequestContext getRequestContext(String reqTradeAppr, String reqCreditAppr, int buyPrice) throws Exception
+ {
+ RequestType request = new RequestType();
+ request.getSubject().add(createSubject(reqTradeAppr, reqCreditAppr, buyPrice));
+ request.getResource().add(createResource());
+ request.setAction(createAction());
+ request.setEnvironment(new EnvironmentType());
+
+ RequestContext requestCtx = RequestResponseContextFactory.createRequestCtx();
+ requestCtx.setRequest(request);
+ if (debug)
+ requestCtx.marshall(System.out);
+
+ return requestCtx;
+ }
+
+ private SubjectType createSubject(String reqTradeAppr, String reqCreditAppr, int buyPrice)
+ {
+ //Create a subject type
+ SubjectType subject = new SubjectType();
+ subject.setSubjectCategory("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject");
+ //create the subject attributes
+ AttributeType attSubjectID = RequestAttributeFactory.createStringAttributeType(
+ "urn:oasis:names:tc:xacml:1.0:subject:subject-id", "xacml20.interop.com", "123456");
+ subject.getAttribute().add(attSubjectID);
+
+ AttributeType attUserName = RequestAttributeFactory.createStringAttributeType(
+ "urn:xacml:2.0:interop:example:subject:user-name", "xacml20.interop.com", "John Smith");
+ subject.getAttribute().add(attUserName);
+
+ AttributeType attBuyNumShares = RequestAttributeFactory.createIntegerAttributeType(
+ "urn:xacml:2.0:interop:example:subject:buy-num-shares", "xacml20.interop.com", 1000);
+ subject.getAttribute().add(attBuyNumShares);
+
+ AttributeType attBuyOfferShare = RequestAttributeFactory.createIntegerAttributeType(
+ "urn:xacml:2.0:interop:example:subject:buy-offer-price", "xacml20.interop.com", buyPrice);
+ subject.getAttribute().add(attBuyOfferShare);
+
+ AttributeType attRequestExtCred = RequestAttributeFactory.createStringAttributeType(
+ "urn:xacml:2.0:interop:example:subject:req-credit-ext-approval", "xacml20.interop.com", reqCreditAppr);
+ subject.getAttribute().add(attRequestExtCred);
+
+ AttributeType attRequestTradeApproval = RequestAttributeFactory.createStringAttributeType(
+ "urn:xacml:2.0:interop:example:subject:req-trade-approval", "xacml20.interop.com", reqTradeAppr);
+ subject.getAttribute().add(attRequestTradeApproval);
+
+ return subject;
+ }
+
+ public ResourceType createResource()
+ {
+ ResourceType resourceType = new ResourceType();
+
+ AttributeType attResourceID = RequestAttributeFactory.createStringAttributeType(
+ "urn:oasis:names:tc:xacml:1.0:resource:resource-id", "xacml20.interop.com", "CustomerAccount");
+ resourceType.getAttribute().add(attResourceID);
+
+ AttributeType attOwnerID = RequestAttributeFactory.createStringAttributeType(
+ "urn:xacml:2.0:interop:example:resource:owner-id", "xacml20.interop.com", "123456");
+ resourceType.getAttribute().add(attOwnerID);
+
+ AttributeType attOwnerName = RequestAttributeFactory.createStringAttributeType(
+ "urn:xacml:2.0:interop:example:resource:owner-name", "xacml20.interop.com", "John Smith");
+ resourceType.getAttribute().add(attOwnerName);
+
+ AttributeType attAccountStatus = RequestAttributeFactory.createStringAttributeType(
+ "urn:xacml:2.0:interop:example:resource:account-status", "xacml20.interop.com", "Active");
+ resourceType.getAttribute().add(attAccountStatus);
+
+ AttributeType attCreditLine = RequestAttributeFactory.createIntegerAttributeType(
+ "urn:xacml:2.0:interop:example:resource:credit-line", "xacml20.interop.com", 15000);
+ resourceType.getAttribute().add(attCreditLine);
+
+ AttributeType attCurrentCredit = RequestAttributeFactory.createIntegerAttributeType(
+ "urn:xacml:2.0:interop:example:resource:current-credit", "xacml20.interop.com", 10000);
+ resourceType.getAttribute().add(attCurrentCredit);
+
+ AttributeType attTradeLimit = RequestAttributeFactory.createIntegerAttributeType(
+ "urn:xacml:2.0:interop:example:resource:trade-limit", "xacml20.interop.com", 10000);
+ resourceType.getAttribute().add(attTradeLimit);
+ return resourceType;
+ }
+
+ private ActionType createAction()
+ {
+ ActionType actionType = new ActionType();
+ AttributeType attActionID = RequestAttributeFactory.createStringAttributeType(
+ "urn:oasis:names:tc:xacml:1.0:action:action-id", "xacml20.interop.com", "Buy");
+ actionType.getAttribute().add(attActionID);
+ return actionType;
+ }
+}
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JustLocatorUnitTestCase.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JustLocatorUnitTestCase.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JustLocatorUnitTestCase.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/JustLocatorUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,39 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.xacml.core;
+
+
+/**
+ * SECURITY-407: Configuration should allow just a locator
+ * This unit test ensures that we can have a locator
+ * that can provide the policies
+ *
+ * @author Anil.Saldhana at redhat.com
+ * @since Apr 8, 2009
+ */
+public class JustLocatorUnitTestCase extends JBossPDPUnitTestCase
+{
+ public String getConfigFileName()
+ {
+ return "test/config/locator/justLocatorConfig.xml";
+ }
+}
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/model/RequestContextAttributeFactoryUnitTestCase.java (from rev 91887, projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/model/RequestContextAttributeFactoryUnitTestCase.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/model/RequestContextAttributeFactoryUnitTestCase.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/core/model/RequestContextAttributeFactoryUnitTestCase.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,58 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.xacml.core.model;
+
+import org.jboss.security.xacml.core.model.context.AttributeType;
+import org.jboss.security.xacml.core.model.context.AttributeValueType;
+import org.jboss.security.xacml.factories.RequestAttributeFactory;
+
+import junit.framework.TestCase;
+
+/**
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 31, 2009
+ */
+public class RequestContextAttributeFactoryUnitTestCase extends TestCase
+{
+ public void testMultiValuedAttribute()
+ {
+ String attributeId = "urn:va:xacml:2.0:interop:rsa8:subject:hl7:permission";
+ String dataType = "http://www.w3.org/2001/XMLSchema#string";
+ String issuer = "testissuer";
+
+ //Create a multi-valued attribute - hl7 permissions
+ String[] values = new String[] {"urn:va:xacml:2.0:interop:rsa8:hl7:prd-010",
+ "urn:va:xacml:2.0:interop:rsa8:hl7:prd-012",
+ "urn:va:xacml:2.0:interop:rsa8:hl7:prd-017",
+ "urn:va:xacml:2.0:interop:rsa8:hl7:prd-005",
+ "urn:va:xacml:2.0:interop:rsa8:hl7:prd-003",
+ "urn:va:xacml:2.0:interop:rsa8:hl7:prd-009",
+ "urn:va:xacml:2.0:interop:rsa8:hl7:prd-006"};
+
+ AttributeType multi = RequestAttributeFactory.createMultiValuedAttributeType(attributeId,
+ issuer, dataType, values);
+ assertNotNull("Attribute is not null", multi);
+ AttributeValueType avt = multi.getAttributeValue().get(0);
+ assertEquals(7 ,avt.getContent().size());
+ }
+
+}
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/interop/himss09 (from rev 86556, projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/xacml/interop/himss09)
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/locators/TestPolicySetLocator.java (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/test/java/org/jboss/test/security/xacml/locators/TestPolicySetLocator.java)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/locators/TestPolicySetLocator.java (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/java/org/jboss/test/security/xacml/locators/TestPolicySetLocator.java 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,97 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.xacml.locators;
+
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.jboss.security.xacml.bridge.JBossPolicyFinder;
+import org.jboss.security.xacml.factories.PolicyFactory;
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XACMLPolicy;
+import org.jboss.security.xacml.locators.JBossPolicySetLocator;
+
+/**
+ * Test Policy Set Locator for the Interop test case(JustLocatorUnitTestCase)
+ * @author Anil.Saldhana at redhat.com
+ * @since Apr 8, 2009
+ */
+public class TestPolicySetLocator extends JBossPolicySetLocator
+{
+ public TestPolicySetLocator()
+ {
+
+ }
+
+ @Override
+ public <T> void set(String key, T obj)
+ {
+ if(XACMLConstants.POLICY_FINDER.equals(key))
+ {
+ JBossPolicyFinder jbf = (JBossPolicyFinder) obj;
+ String policySetLocation = "test/policies/interop/xacml-policySet.xml";
+ String[] arr = new String[] {
+ "test/policies/interop/xacml-policy2.xml",
+ "test/policies/interop/xacml-policy3.xml",
+ "test/policies/interop/xacml-policy4.xml",
+ "test/policies/interop/xacml-policy5.xml"};
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+
+ XACMLPolicy policySet = null;
+ try
+ {
+ policySet = PolicyFactory.createPolicySet(tcl.getResourceAsStream(policySetLocation),jbf);
+ }
+ catch (Exception e1)
+ {
+ throw new RuntimeException(e1);
+ }
+
+ List<XACMLPolicy> policyList = new ArrayList<XACMLPolicy>();
+ for (String str:arr)
+ {
+ InputStream is = tcl.getResourceAsStream(str);
+ if(is == null)
+ throw new IllegalStateException("Inputstream is null");
+
+ try
+ {
+ policyList.add(PolicyFactory.createPolicy(is));
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ policySet.setEnclosingPolicies(policyList);
+
+ Set<XACMLPolicy> set = new HashSet<XACMLPolicy>();
+ set.add(policySet);
+ this.setPolicies(set);
+ }
+ super.set(key, obj);
+ }
+}
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/logging.properties (from rev 86556, projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/logging.properties)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/logging.properties (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/logging.properties 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,21 @@
+# Specify the handlers to create in the root logger
+# (all loggers are children of the root logger)
+# The following creates two handlers
+handlers = java.util.logging.ConsoleHandler, java.util.logging.FileHandler
+
+# Set the default logging level for the root logger
+.level = ALL
+
+# Set the default logging level for new ConsoleHandler instances
+java.util.logging.ConsoleHandler.level = ALL
+
+# Set the default logging level for new FileHandler instances
+java.util.logging.FileHandler.level = ALL
+
+# Set the default formatter for new ConsoleHandler instances
+java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
+java.util.logging.FileHandler.formatter=java.util.logging.SimpleFormatter
+
+# Set the default logging level for the logger named org.jboss
+org.jboss.security.xacml.sunxacml.level = FINEST
+com.sun.xml.bind.level = OFF
Deleted: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/config/himss09-interop-config.xml
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/test/config/himss09-interop-config.xml 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/config/himss09-interop-config.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,11 +0,0 @@
-<ns:jbosspdp xmlns:ns="urn:jboss:xacml:2.0">
- <ns:Policies>
- <ns:PolicySet>
- <ns:Location>test/policies/interop/himss09/himss-policy.xml</ns:Location>
- </ns:PolicySet>
- </ns:Policies>
- <ns:Locators>
- <ns:Locator Name="org.jboss.security.xacml.locators.JBossPolicyLocator">
- </ns:Locator>
- </ns:Locators>
-</ns:jbosspdp>
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/config/himss09-interop-config.xml (from rev 86555, projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/test/config/himss09-interop-config.xml)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/config/himss09-interop-config.xml (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/config/himss09-interop-config.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,11 @@
+<ns:jbosspdp xmlns:ns="urn:jboss:xacml:2.0">
+ <ns:Policies>
+ <ns:PolicySet>
+ <ns:Location>test/policies/interop/himss09/himss-policy-01.xml</ns:Location>
+ </ns:PolicySet>
+ </ns:Policies>
+ <ns:Locators>
+ <ns:Locator Name="org.jboss.security.xacml.locators.JBossPolicySetLocator">
+ </ns:Locator>
+ </ns:Locators>
+</ns:jbosspdp>
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/config/locator (from rev 87008, projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/test/config/locator)
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/policies/interop/himss09/himss-policy-01.xml (from rev 86556, projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/test/policies/interop/himss09/himss-policy-01.xml)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/policies/interop/himss09/himss-policy-01.xml (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/policies/interop/himss09/himss-policy-01.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,601 @@
+<?xml version="1.0" encoding="utf-8"?>
+<PolicySet xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-os.xsd"
+ PolicySetId="urn:oasis:names:tc:xspa:1.0"
+ PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Target />
+ <PolicySet PolicySetId="urn:oasis:names:tc:xspa:1.0:org" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>Contains all organizational policies which are evaluated on all requests.</Description>
+ <Target />
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org:allowed:organizations" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject is attempting to access
+ a resource and is not a member of the allowed organizations.
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:allowed:organizations:deny" Effect="Deny">
+ <Description>Evaluates the allowed-organizations (if available) against the subject's locality.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:allowed-organizations" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:locality" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:allowed-organizations" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org:hoursofoperations" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject is attempting to access
+ the resource outside of the alloted time.
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:hoursofoperation:deny" Effect="Deny">
+ <Description>Evaluates the environment time against the hours of operation start and end.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:or">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-greater-than-or-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hoursofoperation:start" DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-less-than-or-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hoursofoperation:end" DataType="http://www.w3.org/2001/XMLSchema#time" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.STRUCTURED-ROLE NOT IN ORG.REQUIRED-ROLES -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org:required:roles" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject is attempting to access
+ a resource and they are not a member of the required role(s).
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:required:roles:deny" Effect="Deny">
+ <Description>Evaluates the organization roles (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <!-- MAY NEED TO SWITCH ~~ Is this a one to many relationship? Are all roles required or does the subject just need to be included? -->
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.PERMISSIONS NOT IN ORG.RESOURCE.PERMISSIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org.resource.permissions" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ The organization denies the request if the subject does not have adequate
+ permissions to access the resource.
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:org:resource.permissions:deny" Effect="Deny">
+ <Description>Evaluates the required permissions (if available) against the subject's permissions.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hl7:permission" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:org:hl7:permission" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:hl7:permission" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:org.catch-all" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
+ <Description></Description>
+ <Target />
+ <Rule RuleId="" Effect="Permit"></Rule>
+ </Policy>
+ </PolicySet>
+
+ <PolicySet PolicySetId="urn:oasis:names:tc:xspa:1.0:patient" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides">
+ <Description>These policies are patient consent directives and are invoked on medical-record requests.</Description>
+ <Target />
+
+ <!-- (RESOURCE.RESOURCETYPE IN PATIENT.MASKEDOBJECT) AND (SUBJECT.ROLE IN PATIENT.MA.DISSENTING-ROLES) -->
+ <!-- PROBLEMS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-roles" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for problems from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-roles:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-roles for problems (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-role" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- MEDICATIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-roles" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for medications from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-roles:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-roles for medications (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-role" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- ALERTS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-roles" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request alerts from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-roles:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-roles for alerts (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-role" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+
+ <!-- IMMUNIZATIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-roles" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for immunizations from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-roles:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-roles for immunizations (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-role" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+
+ <!-- (RESOURCE.RESOURCETYPE IN PATIENT.MASKEDOBJECT) AND (SUBJECT.ROLE IN PATIENT.MA.DISSENTING-ROLES) -->
+ <!-- PROBLEMS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-subject-ids" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for problems from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-subject-ids:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for problems (if available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Problems:dissenting-subject-id" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- MEDICATIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-subject-ids" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for medications from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:medications:dissenting-subject-ids:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for medications (if available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Medications:dissenting-subject-id" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- ALERTS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-subject-ids" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for alerts from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:alerts:dissenting-subject-ids:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for alerts (if available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Alerts:dissenting-subject-id" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+ <!-- IMMUNIZATIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-subject-ids" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request for immunizations from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:immunizations:dissenting-subject-ids:permit" Effect="Permit">
+ <Description>Evaluates the dissenting-subject-id's for immunizations (if available) against the subject's NPI.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Obligations>
+ <Obligation ObligationId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:Immunizations:dissenting-subject-id" FulfillOn="Permit"></Obligation>
+ </Obligations>
+ </Policy>
+
+ <!-- SUBJECT.LOCALITY NOT IN PATIENT.ALLOWED-ORGANIZATIONS -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:patient:allowed:organizations" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if their locality is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:patient:allowed:organizations:deny" Effect="Deny">
+ <Description>Evaluates the allowed-organizations (if available) against the subject's locality.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:allowed-organizations" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:locality" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:allowed-organizations" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.ROLE IN PATIENT.DISSENTING-ROLES -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting:role" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if their role is not permitted by the patient.
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:patient:dissenting:roles:deny" Effect="Deny">
+ <Description>Evaluates the dissenting-role (if available) against the subject's role.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-role" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- SUBJECT.ID IN PATIENT.DISSENTING-ID -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-subject-ids" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if the NPI is not permitted by the patient.
+ </Description>
+ <Target />
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0:resource:patient:masked:problems:dissenting-subject-ids:deny" Effect="Deny">
+ <Description>Evaluates the dissenting-subject-id (if available) against the subject's NPI.</Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag-size">
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">0</AttributeValue>
+ </Apply>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
+ <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:subject:npi" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:patient:dissenting-subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+
+ <!-- CONFIDENTIALITY -->
+ <Policy PolicyId="urn:oasis:names:tc:xspa:1.0.resource:patient:hl7:confidentiality-codes" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+ <Description>
+ Denies the request from the subject if the confidentiality code is set to "Sensitive". This policy
+ is acting as the "Catch-All".
+ </Description>
+ <Target>
+ <Resources>
+ <Resource>
+ <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:oasis:names:tc:xspa:1.0:resource:hl7:type:medical-record</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0:resource:hl7:type" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </ResourceMatch>
+ </Resource>
+ </Resources>
+ </Target>
+ <Rule RuleId="urn:oasis:names:tc:xspa:1.0.resource:patient:hl7:confidentiality-code:deny" Effect="Deny">
+ <Description>Evaluates the HL7 confidentiality-code.</Description>
+ <Target />
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">S</AttributeValue>
+ <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xspa:1.0.resource:patient:hl7:confidentiality-code" DataType="http://www.w3.org/2001/XMLSchema#string" />
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ </Policy>
+ </PolicySet>
+</PolicySet>
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/jboss-xacml/src/test/resources/test/requests/interop/himss09 (from rev 86556, projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/test/requests/interop/himss09)
Deleted: projects/security/security-xacml/tags/2.0.4/parent/pom.xml
===================================================================
--- projects/security/security-xacml/trunk/parent/pom.xml 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/parent/pom.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,42 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <parent>
- <groupId>org.jboss</groupId>
- <artifactId>jboss-parent</artifactId>
- <version>4</version>
- </parent>
- <modelVersion>4.0.0</modelVersion>
- <groupId>org.jboss.security</groupId>
- <artifactId>jboss-xacml-project</artifactId>
- <version>2.0.3.CR4-SNAPSHOT</version>
- <packaging>pom</packaging>
- <name>JBoss XACML Build</name>
- <url>http://www.jboss.com</url>
- <description>
- The JBoss XACML Project
- </description>
- <scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml/trunk</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossas/projects/security/security-xacml/trunk</developerConnection>
- </scm>
- <build>
- <plugins>
- <plugin>
- <artifactId>maven-release-plugin</artifactId>
- <configuration>
- <tagBase>https://svn.jboss.org/repos/jbossas/projects/security/security-xacml/tags</tagBase>
- </configuration>
- </plugin>
- </plugins>
- </build>
- <repositories>
- <repository>
- <id>jboss</id>
- <name>JBoss Repository</name>
- <layout>default</layout>
- <url>http://anonsvn.jboss.org/repos/repository.jboss.org/maven2</url>
- <snapshots>
- <enabled>true</enabled>
- </snapshots>
- </repository>
- </repositories>
-</project>
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/parent/pom.xml (from rev 92268, projects/security/security-xacml/trunk/parent/pom.xml)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/parent/pom.xml (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/parent/pom.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,42 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss</groupId>
+ <artifactId>jboss-parent</artifactId>
+ <version>4</version>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-xacml-project</artifactId>
+ <version>2.0.4</version>
+ <packaging>pom</packaging>
+ <name>JBoss XACML Build</name>
+ <url>http://www.jboss.com</url>
+ <description>
+ The JBoss XACML Project
+ </description>
+ <scm>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml/tags/2.0.4</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossas/projects/security/security-xacml/tags/2.0.4</developerConnection>
+ </scm>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-release-plugin</artifactId>
+ <configuration>
+ <tagBase>https://svn.jboss.org/repos/jbossas/projects/security/security-xacml/tags</tagBase>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <repositories>
+ <repository>
+ <id>jboss</id>
+ <name>JBoss Repository</name>
+ <layout>default</layout>
+ <url>http://anonsvn.jboss.org/repos/repository.jboss.org/maven2</url>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
+ </repository>
+ </repositories>
+</project>
\ No newline at end of file
Deleted: projects/security/security-xacml/tags/2.0.4/pom.xml
===================================================================
--- projects/security/security-xacml/trunk/pom.xml 2009-03-30 11:02:19 UTC (rev 86468)
+++ projects/security/security-xacml/tags/2.0.4/pom.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -1,25 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <parent>
- <groupId>org.jboss.security</groupId>
- <artifactId>jboss-xacml-project</artifactId>
- <version>2.0.3.CR4-SNAPSHOT</version>
- <relativePath>parent</relativePath>
- </parent>
- <modelVersion>4.0.0</modelVersion>
- <groupId>org.jboss.security</groupId>
- <artifactId>jboss-xacml-main</artifactId>
- <packaging>pom</packaging>
- <name>JBoss XACML - Aggregator</name>
- <url>http://labs.jboss.org/portal/jbosssecurity/</url>
- <description>JBoss Security is a cross cutting project that handles security for the JEMS projects</description>
- <modules>
- <module>parent</module>
- <module>jboss-sunxacml</module>
- <module>jboss-xacml</module>
- <module>assembly</module>
- </modules>
- <scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml/trunk</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossas/projects/security/security-xacml/trunk</developerConnection>
- </scm>
-</project>
\ No newline at end of file
Copied: projects/security/security-xacml/tags/2.0.4/pom.xml (from rev 92268, projects/security/security-xacml/trunk/pom.xml)
===================================================================
--- projects/security/security-xacml/tags/2.0.4/pom.xml (rev 0)
+++ projects/security/security-xacml/tags/2.0.4/pom.xml 2009-08-12 14:36:37 UTC (rev 92269)
@@ -0,0 +1,25 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-xacml-project</artifactId>
+ <version>2.0.4</version>
+ <relativePath>parent</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-xacml-main</artifactId>
+ <packaging>pom</packaging>
+ <name>JBoss XACML - Aggregator</name>
+ <url>http://labs.jboss.org/portal/jbosssecurity/</url>
+ <description>JBoss Security is a cross cutting project that handles security for the JEMS projects</description>
+ <modules>
+ <module>parent</module>
+ <module>jboss-sunxacml</module>
+ <module>jboss-xacml</module>
+ <module>assembly</module>
+ </modules>
+ <scm>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml/tags/2.0.4</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossas/projects/security/security-xacml/tags/2.0.4</developerConnection>
+ </scm>
+</project>
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list