Example 1 with Policy
use of com.sun.identity.entitlement.xacml3.core.Policy in project OpenAM by OpenRock.
the class ListXACML method getPolicies.
/**
* Uses the Realm and Search Filters to identify all Privileges in the Entitlement
* framework to export.
*
* @throws CLIException If there was an unexpected error.
*/
private void getPolicies() throws CLIException {
FileOutputStream fout = null;
PrintWriter pwout = null;
if (outfile != null) {
try {
fout = new FileOutputStream(outfile, true);
pwout = new PrintWriter(fout, true);
} catch (FileNotFoundException e) {
debugError("ListXACML.handleXACMLPolicyRequest", e);
try {
if (fout != null) {
fout.close();
}
} catch (IOException ex) {
//do nothing
}
throw new CLIException(e, ExitCodes.IO_EXCEPTION);
} catch (SecurityException e) {
debugError("ListXACML.handleXACMLPolicyRequest", e);
try {
if (fout != null) {
fout.close();
}
} catch (IOException ex) {
//do nothing
}
throw new CLIException(e, ExitCodes.IO_EXCEPTION);
}
}
PolicySet policySet = null;
try {
PrivilegeValidator privilegeValidator = new PrivilegeValidator(new RealmValidator(new OrganizationConfigManager(adminSSOToken, "/")));
XACMLExportImport importExport = new XACMLExportImport(new XACMLExportImport.PrivilegeManagerFactory(), new XACMLReaderWriter(), privilegeValidator, new SearchFilterFactory(), PrivilegeManager.debug);
policySet = importExport.exportXACML(realm, adminSubject, filters);
} catch (EntitlementException e) {
String[] args = { realm, e.getMessage() };
debugError("ListXACML.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SMSException e) {
String[] args = { realm, e.getMessage() };
debugError("ListXACML.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
if (policySet == null || policySet.getPolicySetOrPolicyOrPolicySetIdReference().isEmpty()) {
String[] arg = { realm };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-in-realm-no-policies"), (Object[]) arg));
} else {
try {
if (pwout != null) {
pwout.write(XACMLPrivilegeUtils.toXML(policySet));
} else {
outputWriter.printlnMessage(XACMLPrivilegeUtils.toXML(policySet));
}
} catch (EntitlementException e) {
throw new CLIException(e, ExitCodes.IO_EXCEPTION);
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_GET_POLICY_IN_REALM", new String[] { realm });
String[] arg = { realm };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-in-realm-succeed"), (Object[]) arg));
if (pwout != null) {
try {
pwout.close();
fout.close();
} catch (IOException e) {
//do nothing
}
}
}
}
Also used :
SearchFilterFactory(com.sun.identity.entitlement.xacml3.SearchFilterFactory)
SMSException(com.sun.identity.sm.SMSException)
FileNotFoundException(java.io.FileNotFoundException)
XACMLExportImport(com.sun.identity.entitlement.xacml3.XACMLExportImport)
IOException(java.io.IOException)
PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)
PrivilegeValidator(com.sun.identity.entitlement.xacml3.validation.PrivilegeValidator)
EntitlementException(com.sun.identity.entitlement.EntitlementException)
FileOutputStream(java.io.FileOutputStream)
OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager)
CLIException(com.sun.identity.cli.CLIException)
RealmValidator(com.sun.identity.entitlement.xacml3.validation.RealmValidator)
XACMLReaderWriter(com.sun.identity.entitlement.xacml3.XACMLReaderWriter)
PrintWriter(java.io.PrintWriter)
Example 2 with Policy
use of com.sun.identity.entitlement.xacml3.core.Policy in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method policyToReferral.
public static ReferralPrivilege policyToReferral(Policy policy) throws EntitlementException, JSONException {
String policyId = policy.getPolicyId();
String privilegeName = policyIdToPrivilegeName(policyId);
String description = policy.getDescription();
String createdBy = getVariableById(policy, XACMLConstants.PRIVILEGE_CREATED_BY);
long createdAt = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_CREATION_DATE));
String lastModifiedBy = getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_BY);
long lastModifiedAt = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_DATE));
List<Match> policyMatches = getAllMatchesFromTarget(policy.getTarget());
JSONObject jo = getRealmsAppsResources(policyMatches);
Set<String> realms = JSONUtils.getSet(jo, "realms");
Map<String, Set<String>> appsResources = JSONUtils.getMapStringSetString(jo, "appsResources");
ReferralPrivilege referral = new ReferralPrivilege(privilegeName, appsResources, realms);
referral.setDescription(description);
referral.setCreatedBy(createdBy);
referral.setCreationDate(createdAt);
referral.setLastModifiedBy(lastModifiedBy);
referral.setLastModifiedDate(lastModifiedAt);
return referral;
}
Also used :
Set(java.util.Set)
PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)
HashSet(java.util.HashSet)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
JSONObject(org.json.JSONObject)
Match(com.sun.identity.entitlement.xacml3.core.Match)
Example 3 with Policy
use of com.sun.identity.entitlement.xacml3.core.Policy in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method getRules.
static List<Rule> getRules(Policy policy) {
if (policy == null) {
return null;
}
List<Rule> ruleList = new ArrayList<Rule>();
List<Object> obList = policy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition();
for (Object ob : obList) {
if (ob instanceof Rule) {
ruleList.add((Rule) ob);
}
}
return ruleList;
}
Also used :
ArrayList(java.util.ArrayList)
JSONObject(org.json.JSONObject)
Rule(com.sun.identity.entitlement.xacml3.core.Rule)
Example 4 with Policy
use of com.sun.identity.entitlement.xacml3.core.Policy in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method privilegesToPolicySetInternal.
private static PolicySet privilegesToPolicySetInternal(String realm, Collection<Privilege> privileges) throws JAXBException {
if (privileges == null) {
return null;
}
Set<Policy> policies = new HashSet<Policy>();
for (Privilege privilege : privileges) {
Policy policy = privilegeToPolicy(privilege);
policies.add(policy);
}
PolicySet policySet = policiesToPolicySetInternal(realm, policies);
return policySet;
}
Also used :
Policy(com.sun.identity.entitlement.xacml3.core.Policy)
XACMLOpenSSOPrivilege(com.sun.identity.entitlement.opensso.XACMLOpenSSOPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)
HashSet(java.util.HashSet)
Example 5 with Policy
use of com.sun.identity.entitlement.xacml3.core.Policy in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method policySetToPrivileges.
public static Set<Privilege> policySetToPrivileges(PolicySet policySet) throws EntitlementException {
if (policySet == null) {
return null;
}
Set<Privilege> privileges = new HashSet<Privilege>();
Set<Policy> policies = getPoliciesFromPolicySet(policySet);
if (policies != null) {
for (Policy policy : policies) {
Privilege p = policyToPrivilege(policy);
privileges.add(p);
}
}
return privileges;
}
Also used :
Policy(com.sun.identity.entitlement.xacml3.core.Policy)
XACMLOpenSSOPrivilege(com.sun.identity.entitlement.opensso.XACMLOpenSSOPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
HashSet(java.util.HashSet)
Aggregations
Policy (com.sun.identity.entitlement.xacml3.core.Policy)20
PolicySet (com.sun.identity.entitlement.xacml3.core.PolicySet)12
ReferralPrivilege (com.sun.identity.entitlement.ReferralPrivilege)11
Test (org.testng.annotations.Test)8
JAXBContext (javax.xml.bind.JAXBContext)7
JAXBElement (javax.xml.bind.JAXBElement)7
JSONObject (org.json.JSONObject)7
Privilege (com.sun.identity.entitlement.Privilege)6
AttributeValue (com.sun.identity.entitlement.xacml3.core.AttributeValue)6
Rule (com.sun.identity.entitlement.xacml3.core.Rule)6
EntitlementException (com.sun.identity.entitlement.EntitlementException)5
HashSet (java.util.HashSet)5
EntitlementCondition (com.sun.identity.entitlement.EntitlementCondition)4
Target (com.sun.identity.entitlement.xacml3.core.Target)4
EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)3
XACMLOpenSSOPrivilege (com.sun.identity.entitlement.opensso.XACMLOpenSSOPrivilege)3
Condition (com.sun.identity.entitlement.xacml3.core.Condition)3
Match (com.sun.identity.entitlement.xacml3.core.Match)3
VariableDefinition (com.sun.identity.entitlement.xacml3.core.VariableDefinition)3
Version (com.sun.identity.entitlement.xacml3.core.Version)3
