Example 6 with ResourceResult
use of com.sun.identity.policy.ResourceResult in project OpenAM by OpenRock.
the class PolicyResponse method toXMLString.
/**
* Returns string representation of this object.
*
* @return string representation of this object.
*/
public String toXMLString() {
StringBuilder xmlsb = new StringBuilder(1000);
xmlsb.append("<").append(POLICY_RESPONSE).append(" ").append(REQUEST_ID).append("=\"").append(requestId).append("\" ");
if (issueInstant != 0) {
xmlsb.append(ISSUE_INSTANT).append("=\"").append(issueInstant).append("\" ");
}
xmlsb.append(">").append(CRLF);
if (methodID == POLICY_RESPONSE_RESOURCE_RESULT) {
Iterator itr = resourceResults.iterator();
while (itr.hasNext()) {
ResourceResult rRes = (ResourceResult) itr.next();
xmlsb.append(rRes.toXML());
}
} else if (methodID == POLICY_ADD_LISTENER_RESPONSE) {
xmlsb.append("<").append(ADD_LISTENER_RESPONSE).append("/>").append(CRLF);
} else if (methodID == POLICY_REMOVE_LISTENER_RESPONSE) {
xmlsb.append("<").append(REMOVE_LISTENER_RESPONSE).append("/>").append(CRLF);
} else if (methodID == POLICY_ADVICES_HANDLEABLE_BY_AM_RESPONSE) {
xmlsb.append(advicesHandleableByAMResponse.toXMLString());
} else if (methodID == POLICY_EXCEPTION) {
xmlsb.append("<").append(EXCEPTION_RESPONSE).append(">").append(CRLF);
xmlsb.append(exceptionMsg).append(CRLF);
xmlsb.append("</").append(EXCEPTION_RESPONSE).append(">").append(CRLF);
}
xmlsb.append("</").append(POLICY_RESPONSE).append(">").append(CRLF);
return xmlsb.toString();
}
Also used :
ResourceResult(com.sun.identity.policy.ResourceResult)
Iterator(java.util.Iterator)
Example 7 with ResourceResult
use of com.sun.identity.policy.ResourceResult in project OpenAM by OpenRock.
the class DecisionMergeTest method testOldAPI.
@Test
public void testOldAPI() throws SSOException, PolicyException {
PolicyEvaluator pe = new PolicyEvaluator("/", ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
Set<String> actions = new HashSet<String>();
actions.add("GET");
Set<ResourceResult> res = pe.getResourceResults(adminToken, "http://www.DecisionMergeTest.com", ResourceResult.SUBTREE_SCOPE, Collections.EMPTY_MAP);
for (ResourceResult r : res) {
PolicyDecision pd = r.getPolicyDecision();
pd.toString();
}
}
Also used :
PolicyDecision(com.sun.identity.policy.PolicyDecision)
ResourceResult(com.sun.identity.policy.ResourceResult)
PolicyEvaluator(com.sun.identity.policy.PolicyEvaluator)
HashSet(java.util.HashSet)
Test(org.testng.annotations.Test)
Example 8 with ResourceResult
use of com.sun.identity.policy.ResourceResult in project OpenAM by OpenRock.
the class Util method isGetPostAllowed.
/**
* Checks the user/url combination against existing Policy rules.
* @param userToken The user to use in the policy check.
* @param url The URL to use in the policy check.
* @param scope The scope of the policy check.
* @return True if the policy check was OK for the given user/url combination.
* @throws SSOException If there was a problem with the users token.
* @throws PolicyException if there was a problem checking the url.
* @throws NameNotFoundException If there was a problem looking up the policy service.
*/
public static boolean isGetPostAllowed(SSOToken userToken, String url, String scope) throws SSOException, PolicyException, NameNotFoundException {
PolicyEvaluator pe = new PolicyEvaluator(IPLANETAMWEBAGENTSERVICE);
Set<ResourceResult> resResults = pe.getResourceResults(userToken, url, scope, Collections.EMPTY_MAP);
ResourceResult resResult = resResults.iterator().next();
PolicyDecision pd = resResult.getPolicyDecision();
Map<String, ActionDecision> decisions = pd.getActionDecisions();
ActionDecision get = decisions.get(GET_ACTION);
ActionDecision post = decisions.get(POST_ACTION);
return (get != null && get.getValues().contains(ALLOW_DECISION)) && (post != null && post.getValues().contains(ALLOW_DECISION));
}
Also used :
PolicyDecision(com.sun.identity.policy.PolicyDecision)
ResourceResult(com.sun.identity.policy.ResourceResult)
PolicyEvaluator(com.sun.identity.policy.PolicyEvaluator)
ActionDecision(com.sun.identity.policy.ActionDecision)
Example 9 with ResourceResult
use of com.sun.identity.policy.ResourceResult in project OpenAM by OpenRock.
the class ResourceResultCache method jsonResourceContentToResourceResults.
Set<ResourceResult> jsonResourceContentToResourceResults(String jsonResourceContent, String serviceName) throws JSONException, PolicyException {
Set<ResourceResult> resourceResults = null;
JSONObject jsonObject = null;
try {
jsonObject = new JSONObject(jsonResourceContent);
} catch (JSONException e) {
debug.error("ResourceResultCache.jsonResourceContentToResourceResults():" + "json parsing error of response: " + jsonResourceContent);
throw new PolicyEvaluationException(ResBundleUtils.rbName, "error_rest_reponse", null, null);
}
int statusCode = jsonObject.optInt("statusCode");
if (statusCode != 200) {
debug.error("ResourceResultCache.jsonResourceContentToResourceResults():" + "statusCode=" + statusCode + ", error response");
throw new PolicyEvaluationException(ResBundleUtils.rbName, "error_rest_reponse", null, null);
}
jsonObject = jsonObject.optJSONObject("body");
if (jsonObject == null) {
debug.error("ResourceResultCache.jsonResourceContentToResourceResults():" + "does not have decisions object");
throw new PolicyEvaluationException(ResBundleUtils.rbName, "error_rest_reponse", null, null);
}
JSONArray jsonArray = jsonObject.optJSONArray("results");
if (jsonArray != null) {
ResourceName resourceComparator = (ResourceName) policyProperties.getResourceComparator(serviceName);
ResourceResult virtualResourceResult = new ResourceResult(ResourceResult.VIRTUAL_ROOT, new PolicyDecision());
int arrayLen = jsonArray.length();
for (int i = 0; i < arrayLen; i++) {
JSONObject jo = jsonArray.optJSONObject(i);
if (jo != null) {
ResourceResult rr = jsonEntitlementToResourceResult(jo, serviceName);
virtualResourceResult.addResourceResult(rr, resourceComparator);
}
}
resourceResults = virtualResourceResult.getResourceResults();
} else {
String resourceName = jsonObject.optString("resourceName");
if (resourceName != null) {
ResourceResult resourceResult = jsonEntitlementToResourceResult(jsonObject, serviceName);
resourceResults = new HashSet<ResourceResult>();
resourceResults.add(resourceResult);
} else {
debug.error("ResourceResultCache.jsonResourceContentToResourceResults():" + "does not have results or resourceName object");
throw new PolicyEvaluationException(ResBundleUtils.rbName, "error_rest_reponse", null, null);
}
}
return resourceResults;
}
Also used :
PolicyDecision(com.sun.identity.policy.PolicyDecision)
ResourceResult(com.sun.identity.policy.ResourceResult)
JSONObject(org.json.JSONObject)
ResourceName(com.sun.identity.policy.interfaces.ResourceName)
JSONArray(org.json.JSONArray)
JSONException(org.json.JSONException)
PolicyEvaluationException(com.sun.identity.policy.remote.PolicyEvaluationException)
Example 10 with ResourceResult
use of com.sun.identity.policy.ResourceResult in project OpenAM by OpenRock.
the class ResourceResultCache method getPolicyDecisionFromResourceResults.
/**
* Returns policy decision computed from a set of
* <code>ResourceResult</code> objects
*
* @param resourceResults resource results used to compute policy decision
* @param resourceName resource name for which to get policy decision
* @param resourceComparator <code>ResourceName</code>, resource
* comparison algorithm used to compare resources
*
* @return computed policy decision
*
* @throws PolicyException if can not get policy decision
*/
private PolicyDecision getPolicyDecisionFromResourceResults(Set resourceResults, String resourceName, ResourceName resourceComparator, String serviceName) throws PolicyException {
PolicyDecision pd = new PolicyDecision();
Iterator resultsIter = resourceResults.iterator();
boolean processed = false;
while (!processed && resultsIter.hasNext()) {
ResourceResult resourceResult = (ResourceResult) resultsIter.next();
processed = mergePolicyDecisions(pd, resourceResult, resourceName, resourceComparator, serviceName);
}
return pd;
}
Also used :
PolicyDecision(com.sun.identity.policy.PolicyDecision)
ResourceResult(com.sun.identity.policy.ResourceResult)
Iterator(java.util.Iterator)
Aggregations
ResourceResult (com.sun.identity.policy.ResourceResult)10
PolicyDecision (com.sun.identity.policy.PolicyDecision)6
HashSet (java.util.HashSet)5
Iterator (java.util.Iterator)4
Set (java.util.Set)4
PolicyEvaluator (com.sun.identity.policy.PolicyEvaluator)3
RequestSet (com.iplanet.services.comm.share.RequestSet)2
SSOException (com.iplanet.sso.SSOException)2
ActionDecision (com.sun.identity.policy.ActionDecision)2
PolicyException (com.sun.identity.policy.PolicyException)2
PolicyEvaluationException (com.sun.identity.policy.remote.PolicyEvaluationException)2
JSONException (org.json.JSONException)2
SessionException (com.iplanet.dpro.session.SessionException)1
AlreadyRegisteredException (com.iplanet.services.comm.client.AlreadyRegisteredException)1
SendRequestException (com.iplanet.services.comm.client.SendRequestException)1
ResponseSet (com.iplanet.services.comm.share.ResponseSet)1
URLNotFoundException (com.iplanet.services.naming.URLNotFoundException)1
SSOToken (com.iplanet.sso.SSOToken)1
EntitlementException (com.sun.identity.entitlement.EntitlementException)1
AMIdentity (com.sun.identity.idm.AMIdentity)1
