Search in sources :

Example 11 with PolicySet

use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.

the class XACMLReaderWriterTest method canReadAndWritePrivilegesAsXACML.

@Test
public void canReadAndWritePrivilegesAsXACML() throws Exception {
    // Given
    Privilege privilege = createArbitraryPrivilege("Privilege", now);
    ReferralPrivilege referralPrivilege = createArbitraryReferralPrivilege("ReferralPrivilege", now);
    XACMLReaderWriter xacmlReaderWriter = new XACMLReaderWriter();
    PrivilegeSet inputPrivilegeSet = new PrivilegeSet(asList(referralPrivilege), asList(privilege));
    // When
    PolicySet policySet = xacmlReaderWriter.toXACML(ROOT_REALM, inputPrivilegeSet);
    PrivilegeSet outputPrivilegeSet = xacmlReaderWriter.fromXACML(policySet);
    // Then
    assertThat(outputPrivilegeSet.getPrivileges()).hasSize(1);
    assertPrivilegesEquivalent(outputPrivilegeSet.getPrivileges().get(0), privilege);
    assertThat(outputPrivilegeSet.getReferralPrivileges()).hasSize(1);
    assertReferralPrivilegesEquivalent(outputPrivilegeSet.getReferralPrivileges().get(0), referralPrivilege);
}
Also used : ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege) ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege) Privilege(com.sun.identity.entitlement.Privilege) PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet) Test(org.testng.annotations.Test)

Example 12 with PolicySet

use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method policiesToPolicySetInternal.

private static PolicySet policiesToPolicySetInternal(String realm, Set<Policy> policies) throws JAXBException {
    PolicySet policySet = new PolicySet();
    SimpleDateFormat sdf = new SimpleDateFormat("yyyy.MM.dd.HH.mm.ss.SSS");
    sdf.setTimeZone(TimeZone.getTimeZone("GMT"));
    String currentTime = sdf.format(System.currentTimeMillis());
    String policySetId = realm + ":" + currentTime;
    policySet.setPolicySetId(policySetId);
    Version version = new Version();
    version.setValue(sdf.format(System.currentTimeMillis()));
    policySet.setVersion(version);
    // FIXME: is there a better choice?
    // policySet could contain policies for different applications
    policySet.setPolicyCombiningAlgId(XACMLConstants.XACML_RULE_DENY_OVERRIDES);
    Target target = new Target();
    policySet.setVersion(version);
    policySet.setTarget(target);
    JAXBContext jaxbContext = JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
    List<JAXBElement<?>> pList = policySet.getPolicySetOrPolicyOrPolicySetIdReference();
    if (policies != null) {
        for (Policy policy : policies) {
            JAXBElement<Policy> policyElement = objectFactory.createPolicy(policy);
            pList.add(policyElement);
        }
    }
    return policySet;
}
Also used : Policy(com.sun.identity.entitlement.xacml3.core.Policy) Target(com.sun.identity.entitlement.xacml3.core.Target) Version(com.sun.identity.entitlement.xacml3.core.Version) JAXBContext(javax.xml.bind.JAXBContext) JAXBElement(javax.xml.bind.JAXBElement) SimpleDateFormat(java.text.SimpleDateFormat) PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)

Example 13 with PolicySet

use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method newPolicySet.

public static PolicySet newPolicySet(String realm) throws JAXBException {
    PolicySet policySet = new PolicySet();
    SimpleDateFormat sdf = new SimpleDateFormat("yyyy.MM.dd.HH.mm.ss.SSS");
    sdf.setTimeZone(TimeZone.getTimeZone("GMT"));
    String currentTime = sdf.format(System.currentTimeMillis());
    String policySetId = realm + ":" + currentTime;
    policySet.setPolicySetId(policySetId);
    Version version = new Version();
    version.setValue(sdf.format(System.currentTimeMillis()));
    policySet.setVersion(version);
    // FIXME: is there a better choice?
    // policySet could contain policies for different applications
    policySet.setPolicyCombiningAlgId(XACMLConstants.XACML_RULE_DENY_OVERRIDES);
    Target target = new Target();
    policySet.setVersion(version);
    policySet.setTarget(target);
    return policySet;
}
Also used : Target(com.sun.identity.entitlement.xacml3.core.Target) Version(com.sun.identity.entitlement.xacml3.core.Version) SimpleDateFormat(java.text.SimpleDateFormat) PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)

Example 14 with PolicySet

use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method toXML.

public static String toXML(PolicySet policySet) throws EntitlementException {
    if (policySet == null) {
        return "";
    }
    StringWriter stringWriter = new StringWriter();
    try {
        JAXBContext jaxbContext = JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
        JAXBElement<PolicySet> policySetElement = objectFactory.createPolicySet(policySet);
        Marshaller marshaller = jaxbContext.createMarshaller();
        marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
        marshaller.marshal(policySetElement, stringWriter);
    } catch (JAXBException je) {
        PrivilegeManager.debug.error("JAXBException while mapping privilege to policy:", je);
        throw new EntitlementException(EntitlementException.UNABLE_TO_SERIALIZE_OBJECT, je);
    }
    return stringWriter.toString();
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) Marshaller(javax.xml.bind.Marshaller) StringWriter(java.io.StringWriter) JAXBException(javax.xml.bind.JAXBException) JAXBContext(javax.xml.bind.JAXBContext) PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)

Example 15 with PolicySet

use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.

the class XACMLReaderWriter method toXACML.

/**
     * Translate provided OpenAM Privilege and ReferralPrivilege objects into XACML PolicySet.
     *
     * @param realm The realm to which the provided privileges belong.,
     * @param privilegeSet The Privileges and ReferralPrivileges to translate.
     * @return XACML PolicySet
     * @throws EntitlementException If there was any unexpected error.
     */
public PolicySet toXACML(String realm, PrivilegeSet privilegeSet) throws EntitlementException {
    PolicySet policySet = XACMLPrivilegeUtils.privilegesToPolicySet(realm, privilegeSet.getPrivileges());
    for (ReferralPrivilege referralPrivilege : privilegeSet.getReferralPrivileges()) {
        try {
            Policy policy = XACMLPrivilegeUtils.referralToPolicy(referralPrivilege);
            XACMLPrivilegeUtils.addPolicyToPolicySet(policy, policySet);
        } catch (JSONException e) {
            throw new EntitlementException(JSON_PARSE_ERROR, e);
        } catch (JAXBException e) {
            throw new EntitlementException(JSON_PARSE_ERROR, e);
        }
    }
    return policySet;
}
Also used : Policy(com.sun.identity.entitlement.xacml3.core.Policy) EntitlementException(com.sun.identity.entitlement.EntitlementException) ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege) JAXBException(javax.xml.bind.JAXBException) JSONException(org.json.JSONException) PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)

Aggregations

PolicySet (com.sun.identity.entitlement.xacml3.core.PolicySet)23 Policy (com.sun.identity.entitlement.xacml3.core.Policy)12 Test (org.testng.annotations.Test)12 Privilege (com.sun.identity.entitlement.Privilege)9 ReferralPrivilege (com.sun.identity.entitlement.ReferralPrivilege)9 EntitlementException (com.sun.identity.entitlement.EntitlementException)5 HashSet (java.util.HashSet)5 JAXBContext (javax.xml.bind.JAXBContext)5 JAXBElement (javax.xml.bind.JAXBElement)5 JacksonRepresentation (org.restlet.ext.jackson.JacksonRepresentation)5 Representation (org.restlet.representation.Representation)5 ArrayList (java.util.ArrayList)4 List (java.util.List)4 Subject (javax.security.auth.Subject)4 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)4 Disposition (org.restlet.data.Disposition)4 JAXBException (javax.xml.bind.JAXBException)3 XACMLOpenSSOPrivilege (com.sun.identity.entitlement.opensso.XACMLOpenSSOPrivilege)2 Target (com.sun.identity.entitlement.xacml3.core.Target)2 Version (com.sun.identity.entitlement.xacml3.core.Version)2