use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.
the class XACMLReaderWriterTest method canReadAndWritePrivilegesAsXACML.
@Test
public void canReadAndWritePrivilegesAsXACML() throws Exception {
// Given
Privilege privilege = createArbitraryPrivilege("Privilege", now);
ReferralPrivilege referralPrivilege = createArbitraryReferralPrivilege("ReferralPrivilege", now);
XACMLReaderWriter xacmlReaderWriter = new XACMLReaderWriter();
PrivilegeSet inputPrivilegeSet = new PrivilegeSet(asList(referralPrivilege), asList(privilege));
// When
PolicySet policySet = xacmlReaderWriter.toXACML(ROOT_REALM, inputPrivilegeSet);
PrivilegeSet outputPrivilegeSet = xacmlReaderWriter.fromXACML(policySet);
// Then
assertThat(outputPrivilegeSet.getPrivileges()).hasSize(1);
assertPrivilegesEquivalent(outputPrivilegeSet.getPrivileges().get(0), privilege);
assertThat(outputPrivilegeSet.getReferralPrivileges()).hasSize(1);
assertReferralPrivilegesEquivalent(outputPrivilegeSet.getReferralPrivileges().get(0), referralPrivilege);
}
use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method policiesToPolicySetInternal.
private static PolicySet policiesToPolicySetInternal(String realm, Set<Policy> policies) throws JAXBException {
PolicySet policySet = new PolicySet();
SimpleDateFormat sdf = new SimpleDateFormat("yyyy.MM.dd.HH.mm.ss.SSS");
sdf.setTimeZone(TimeZone.getTimeZone("GMT"));
String currentTime = sdf.format(System.currentTimeMillis());
String policySetId = realm + ":" + currentTime;
policySet.setPolicySetId(policySetId);
Version version = new Version();
version.setValue(sdf.format(System.currentTimeMillis()));
policySet.setVersion(version);
// FIXME: is there a better choice?
// policySet could contain policies for different applications
policySet.setPolicyCombiningAlgId(XACMLConstants.XACML_RULE_DENY_OVERRIDES);
Target target = new Target();
policySet.setVersion(version);
policySet.setTarget(target);
JAXBContext jaxbContext = JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
List<JAXBElement<?>> pList = policySet.getPolicySetOrPolicyOrPolicySetIdReference();
if (policies != null) {
for (Policy policy : policies) {
JAXBElement<Policy> policyElement = objectFactory.createPolicy(policy);
pList.add(policyElement);
}
}
return policySet;
}
use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method newPolicySet.
public static PolicySet newPolicySet(String realm) throws JAXBException {
PolicySet policySet = new PolicySet();
SimpleDateFormat sdf = new SimpleDateFormat("yyyy.MM.dd.HH.mm.ss.SSS");
sdf.setTimeZone(TimeZone.getTimeZone("GMT"));
String currentTime = sdf.format(System.currentTimeMillis());
String policySetId = realm + ":" + currentTime;
policySet.setPolicySetId(policySetId);
Version version = new Version();
version.setValue(sdf.format(System.currentTimeMillis()));
policySet.setVersion(version);
// FIXME: is there a better choice?
// policySet could contain policies for different applications
policySet.setPolicyCombiningAlgId(XACMLConstants.XACML_RULE_DENY_OVERRIDES);
Target target = new Target();
policySet.setVersion(version);
policySet.setTarget(target);
return policySet;
}
use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method toXML.
public static String toXML(PolicySet policySet) throws EntitlementException {
if (policySet == null) {
return "";
}
StringWriter stringWriter = new StringWriter();
try {
JAXBContext jaxbContext = JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
JAXBElement<PolicySet> policySetElement = objectFactory.createPolicySet(policySet);
Marshaller marshaller = jaxbContext.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
marshaller.marshal(policySetElement, stringWriter);
} catch (JAXBException je) {
PrivilegeManager.debug.error("JAXBException while mapping privilege to policy:", je);
throw new EntitlementException(EntitlementException.UNABLE_TO_SERIALIZE_OBJECT, je);
}
return stringWriter.toString();
}
use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.
the class XACMLReaderWriter method toXACML.
/**
* Translate provided OpenAM Privilege and ReferralPrivilege objects into XACML PolicySet.
*
* @param realm The realm to which the provided privileges belong.,
* @param privilegeSet The Privileges and ReferralPrivileges to translate.
* @return XACML PolicySet
* @throws EntitlementException If there was any unexpected error.
*/
public PolicySet toXACML(String realm, PrivilegeSet privilegeSet) throws EntitlementException {
PolicySet policySet = XACMLPrivilegeUtils.privilegesToPolicySet(realm, privilegeSet.getPrivileges());
for (ReferralPrivilege referralPrivilege : privilegeSet.getReferralPrivileges()) {
try {
Policy policy = XACMLPrivilegeUtils.referralToPolicy(referralPrivilege);
XACMLPrivilegeUtils.addPolicyToPolicySet(policy, policySet);
} catch (JSONException e) {
throw new EntitlementException(JSON_PARSE_ERROR, e);
} catch (JAXBException e) {
throw new EntitlementException(JSON_PARSE_ERROR, e);
}
}
return policySet;
}
Aggregations