Package org.jboss.security.xacml.sunxacml.cond

Examples of org.jboss.security.xacml.sunxacml.cond.EvaluationResult

663
664
665
666
667
668
669
670
                                        this, adType);
        } else {
            logger.warning("Context tried to invoke AttributeFinder but was " +
                           "not configured with one");

            return new EvaluationResult(BagAttribute.createEmptyBag(type));
        }
    }
View Full Code Here
691
692
693
694
695
696
697
698
                                        xpathVersion);
        } else {
            logger.warning("Context tried to invoke AttributeFinder but was " +
                           "not configured with one");

            return new EvaluationResult(BagAttribute.createEmptyBag(type));
        }
    }
View Full Code Here
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
     * @return a result containing a bag either empty because no values were
     * found or containing at least one value, or status associated with an
     * Indeterminate result
     */
    public EvaluationResult evaluate(EvaluationCtx context) {
        EvaluationResult result = null;

        // look in the right section for some attribute values
        switch(target) {
        case SUBJECT_TARGET:
            result = context.getSubjectAttribute(type, id,
                                                 issuer, subjectCategory);
            break;
        case RESOURCE_TARGET:
            result = context.getResourceAttribute(type, id, issuer);
            break;
        case ACTION_TARGET:
            result = context.getActionAttribute(type, id, issuer);
            break;
        case ENVIRONMENT_TARGET:
            result = context.getEnvironmentAttribute(type, id, issuer);
            break;
        }

        // if the lookup was indeterminate, then we return immediately
        if (result.indeterminate())
            return result;

        BagAttribute bag = (BagAttribute)(result.getAttributeValue());

        if (bag.isEmpty()) {
            // if it's empty, this may be an error
            if (mustBePresent) {
                if (logger.isLoggable(Level.INFO))
                    logger.info("AttributeDesignator failed to resolve a " +
                                "value for a required attribute: " +
                                id.toString());

                ArrayList code = new ArrayList();
                code.add(Status.STATUS_MISSING_ATTRIBUTE);
               
                String message = "Couldn't find " + targetTypes[target] +
                    "AttributeDesignator attribute";

                // Note that there is a bug in the XACML spec. You can't
                // specify an identifier without specifying acceptable
                // values. Until this is fixed, this code will only
                // return the status code, and not any hints about what
                // was missing

                /*List attrs = new ArrayList();
                  attrs.add(new Attribute(id,
                  ((issuer == null) ? null :
                  issuer.toString()),
                  null, null));
                  StatusDetail detail = new StatusDetail(attrs);*/

                return new EvaluationResult(new Status(code, message));
            }
        }

        // if we got here the bag wasn't empty, or mustBePresent was false,
        // so we just return the result
View Full Code Here
104
105
106
107
108
109
110
     * Private helper to create a new processing error status result
     */
    private EvaluationResult createProcessingError(String msg) {
        ArrayList code = new ArrayList();
        code.add(Status.STATUS_PROCESSING_ERROR);
        return new EvaluationResult(new Status(code, msg));
    }
View Full Code Here
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
    public EvaluationResult findAttribute(String path, Node namespaceNode,
                                          URI type, EvaluationCtx context,
                                          String xpathVersion) {
        // we only support 1.0
        if (! xpathVersion.equals(PolicyMetaData.XPATH_1_0_IDENTIFIER))
            return new EvaluationResult(BagAttribute.createEmptyBag(type));

        // get the DOM root of the request document
        Node root = context.getRequestRoot();

        // if we were provided with a non-null namespace node, then use it
        // to resolve namespaces, otherwise use the context root node
        Node nsNode = (namespaceNode != null) ? namespaceNode : root;

        // setup the root path (pre-pended to the context path), which...
        String rootPath = "";

        // ...only has content if the context path is relative
        if (path.charAt(0) != '/') {
            String rootName = root.getLocalName();

            // see if the request root is in a namespace
            String namespace = root.getNamespaceURI();
           
            if (namespace == null) {
                // no namespacing, so we're done
                rootPath = "/" + rootName + "/";
            } else {
                // namespaces are used, so we need to lookup the correct
                // prefix to use in the search string
                NamedNodeMap nmap = namespaceNode.getAttributes();
                rootPath = null;

                for (int i = 0; i < nmap.getLength(); i++) {
                    Node n = nmap.item(i);
                    if (n.getNodeValue().equals(namespace)) {
                        // we found the matching namespace, so get the prefix
                        // and then break out
                        String name = SunxacmlUtil.getNodeName(n);
                        int pos = name.indexOf(':');

                        if (pos == -1) {
                            // the namespace was the default namespace
                            rootPath = "/";
                        } else {
                            // we found a prefixed namespace
                            rootPath = "/" + name.substring(pos + 1);
                        }

                        // finish off the string
                        rootPath += ":" + rootName + "/";

                        break;
                    }
                }

                // if the rootPath is still null, then we don't have any
                // definitions for the namespace
                if (rootPath == null)
                    return createProcessingError("Failed to map a namespace" +
                                                 " in an XPath expression");
            }
        }

        // now do the query, pre-pending the root path to the context path
        NodeList matches = null;
        try {
            // NOTE: see comments in XALAN docs about why this is slow
            XPath xpath = XPathFactory.newInstance().newXPath();
            matches = (NodeList)xpath.evaluate(rootPath + path, root, XPathConstants.NODESET);

        } catch (Exception e) {
            // in the case of any exception, we need to return an error
            return createProcessingError("error in XPath: " + e.getMessage());
        }

        if (matches.getLength() == 0) {
            // we didn't find anything, so we return an empty bag
            return new EvaluationResult(BagAttribute.createEmptyBag(type));
        }

        // there was at least one match, so try to generate the values
        try {
            ArrayList list = new ArrayList();
            AttributeFactory attrFactory = AttributeFactory.getInstance();
           
            for (int i = 0; i < matches.getLength(); i++) {
                String text = null;
                Node node = matches.item(i);
                short nodeType = node.getNodeType();

                // see if this is straight text, or a node with data under
                // it and then get the values accordingly
                if ((nodeType == Node.CDATA_SECTION_NODE) ||
                    (nodeType == Node.COMMENT_NODE) ||
                    (nodeType == Node.TEXT_NODE) ||
                    (nodeType == Node.ATTRIBUTE_NODE)) {
                    // there is no child to this node
                    text = node.getNodeValue();
                } else {
                    // the data is in a child node
                    text = node.getFirstChild().getNodeValue();
                }

                list.add(attrFactory.createValue(type, text));
            }
           
            return new EvaluationResult(new BagAttribute(type, list));
        } catch (ParsingException pe) {
            return createProcessingError(pe.getMessage());
        } catch (UnknownIdentifierException uie) {
            return createProcessingError("unknown attribute type: " + type);
        }
View Full Code Here
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
                                          URI issuer, URI subjectCategory,
                                          EvaluationCtx context,
                                          int designatorType) {
        // we only know about environment attributes
        if (designatorType != AttributeDesignator.ENVIRONMENT_TARGET)
            return new EvaluationResult(BagAttribute.
                                        createEmptyBag(attributeType));

        // figure out which attribute we're looking for
        String attrName = attributeId.toString();

        if (attrName.equals(ENVIRONMENT_CURRENT_TIME)) {
            return handleTime(attributeType, issuer, context);
        } else if (attrName.equals(ENVIRONMENT_CURRENT_DATE)) {
            return handleDate(attributeType, issuer, context);
        } else if (attrName.equals(ENVIRONMENT_CURRENT_DATETIME)) {
            return handleDateTime(attributeType, issuer, context);
        }

        // if we got here, then it's an attribute that we don't know
        return new EvaluationResult(BagAttribute.
                                    createEmptyBag(attributeType));
    }
View Full Code Here
170
171
172
173
174
175
176
177
178
179
180
     */
    private EvaluationResult handleTime(URI type, URI issuer,
                                        EvaluationCtx context) {
        // make sure they're asking for a time attribute
        if (! type.toString().equals(TimeAttribute.identifier))
            return new EvaluationResult(BagAttribute.
                                        createEmptyBag(type));

        // get the value from the context
        return makeBag(context.getCurrentTime());
    }
View Full Code Here
184
185
186
187
188
189
190
191
192
193
194
     */
    private EvaluationResult handleDate(URI type, URI issuer,
                                        EvaluationCtx context) {
        // make sure they're asking for a date attribute
        if (! type.toString().equals(DateAttribute.identifier))
            return new EvaluationResult(BagAttribute.
                                        createEmptyBag(type));

        // get the value from the context
        return makeBag(context.getCurrentDate());
    }
View Full Code Here
198
199
200
201
202
203
204
205
206
207
208
     */
    private EvaluationResult handleDateTime(URI type, URI issuer,
                                            EvaluationCtx context) {
        // make sure they're asking for a dateTime attribute
        if (! type.toString().equals(DateTimeAttribute.identifier))
            return new EvaluationResult(BagAttribute.
                                        createEmptyBag(type));

        // get the value from the context
        return makeBag(context.getCurrentDateTime());
    }
View Full Code Here
212
213
214
215
216
217
218
     * includes the given string.
     */
    private EvaluationResult makeProcessingError(String message) {
        ArrayList code = new ArrayList();
        code.add(Status.STATUS_PROCESSING_ERROR);
        return new EvaluationResult(new Status(code, message));
    }
View Full Code Here
TOP

Related Classes of org.jboss.security.xacml.sunxacml.cond.EvaluationResult

  • org.jboss.security.xacml.sunxacml.attr.AttributeDesignator
  • org.jboss.security.xacml.sunxacml.attr.AttributeSelector
  • org.jboss.security.xacml.sunxacml.attr.AttributeValue
  • org.jboss.security.xacml.sunxacml.BasicEvaluationCtx
  • org.jboss.security.xacml.sunxacml.finder.AttributeFinder
  • org.jboss.security.xacml.sunxacml.finder.AttributeFinderModule
  • org.jboss.security.xacml.sunxacml.finder.impl.CurrentEnvModule
  • org.jboss.security.xacml.sunxacml.finder.impl.SelectorModule
  • org.jboss.security.xacml.sunxacml.Rule
  • org.jboss.security.xacml.sunxacml.TargetMatch
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.