Example 6 with XACMLException
use of com.sun.identity.xacml.common.XACMLException in project OpenAM by OpenRock.
the class EnvironmentImpl method processElement.
private void processElement(Element element) throws XACMLException {
if (element == null) {
XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): invalid root element");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
}
String elemName = element.getLocalName();
if (elemName == null) {
XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): local name missing");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_local_name"));
}
if (!elemName.equals(XACMLConstants.ENVIRONMENT)) {
XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): invalid local name " + elemName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_local_name"));
}
// starts processing subelements
NodeList nodes = element.getChildNodes();
int numOfNodes = nodes.getLength();
if (numOfNodes >= 1) {
ContextFactory factory = ContextFactory.getInstance();
for (int nextElem = 0; nextElem < numOfNodes; nextElem++) {
Node child = (Node) nodes.item(nextElem);
if (child.getNodeType() == Node.ELEMENT_NODE) {
// The child nodes should be <Attribute>
String attrChildName = child.getLocalName();
if (attrChildName.equals(XACMLConstants.ATTRIBUTE)) {
if (this.attributes == null) {
this.attributes = new ArrayList();
}
Attribute attribute = factory.getInstance().createAttribute((Element) child);
attributes.add(attribute);
} else {
XACMLSDKUtils.debug.error("EnvironmentImpl." + "processElement(): Invalid element :" + attrChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
}
}
}
}
}
Also used :
ContextFactory(com.sun.identity.xacml.context.ContextFactory)
Attribute(com.sun.identity.xacml.context.Attribute)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
ArrayList(java.util.ArrayList)
XACMLException(com.sun.identity.xacml.common.XACMLException)
Example 7 with XACMLException
use of com.sun.identity.xacml.common.XACMLException in project OpenAM by OpenRock.
the class ResponseImpl method setResults.
/**
* Sets the <code>Result</code>s of this object
*
* @param values the <code>Result</code>s of this object.
* @throws XACMLException if the object is immutable.
*/
public void setResults(List values) throws XACMLException {
if (!mutable) {
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("objectImmutable"));
}
if (values != null) {
Iterator iter = values.iterator();
results = new ArrayList();
while (iter.hasNext()) {
Result value = (Result) iter.next();
results.add(value);
}
} else {
results = null;
}
}
Also used :
Iterator(java.util.Iterator)
ArrayList(java.util.ArrayList)
XACMLException(com.sun.identity.xacml.common.XACMLException)
Result(com.sun.identity.xacml.context.Result)
Example 8 with XACMLException
use of com.sun.identity.xacml.common.XACMLException in project OpenAM by OpenRock.
the class ResultImpl method processElement.
private void processElement(Element element) throws XACMLException {
if (element == null) {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid root element");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
}
String elemName = element.getLocalName();
if (elemName == null) {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): local name missing");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_local_name"));
}
if (!elemName.equals(XACMLConstants.RESULT)) {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid local name " + elemName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_local_name"));
}
String resourceIdValue = element.getAttribute(XACMLConstants.RESOURCE_ID);
if ((resourceIdValue != null) || (resourceIdValue.length() != 0)) {
resourceId = resourceIdValue;
}
NodeList nodes = element.getChildNodes();
int numOfNodes = nodes.getLength();
List childElements = new ArrayList();
int i = 0;
while (i < numOfNodes) {
Node child = (Node) nodes.item(i);
if (child.getNodeType() == Node.ELEMENT_NODE) {
childElements.add(child);
}
i++;
}
int childCount = childElements.size();
if (childCount < 1) {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid child element count: " + childCount);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_child_count"));
} else if (childCount > 3) {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid child element count: " + childCount);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_child_count"));
}
//process decision element
Element firstChild = (Element) childElements.get(0);
String firstChildName = firstChild.getLocalName();
if (firstChildName.equals(XACMLConstants.DECISION)) {
decision = ContextFactory.getInstance().createDecision(firstChild);
} else {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid first child element: " + firstChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_first_child"));
}
//process status element
if (childCount > 1) {
Element secondChild = (Element) childElements.get(1);
String secondChildName = secondChild.getLocalName();
if (secondChildName.equals(XACMLConstants.STATUS)) {
status = ContextFactory.getInstance().createStatus(secondChild);
} else if (secondChildName.equals(XACMLConstants.OBLIGATIONS)) {
obligations = PolicyFactory.getInstance().createObligations(secondChild);
} else {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid second child element: " + secondChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_second_child"));
}
if (childCount > 2) {
Element thirdChild = (Element) childElements.get(2);
String thirdChildName = thirdChild.getLocalName();
if (thirdChildName.equals(XACMLConstants.OBLIGATIONS) && (obligations == null)) {
obligations = PolicyFactory.getInstance().createObligations(thirdChild);
} else {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid third child element: " + thirdChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_third_child"));
}
}
if (childCount > 3) {
Element thirdChild = (Element) childElements.get(3);
String thirdChildName = thirdChild.getLocalName();
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid third child element: " + thirdChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_third_child"));
}
}
}Example 9 with XACMLException
use of com.sun.identity.xacml.common.XACMLException in project OpenAM by OpenRock.
the class XACMLQueryUtil method getPolicyDecisionForFedlet.
/**
* Sends the XACML query to specifiied PDP, gets the policy decision
* and sends it back to the Fedlet
*
* @param request HTTP Servlet Request
* @param pepEntityID PEP entity ID
* @param pdpEntityID PDP entity ID
* @param nameIDValue NameID value
* @param serviceName Service Name
* @param resource Resource URL
* @param action Action
*
* @return the <code>String</code> object
* @exception SAML2Exception if the operation is not successful
*
* @supported.api
*/
public static String getPolicyDecisionForFedlet(HttpServletRequest request, String pepEntityID, String pdpEntityID, String nameIDValue, String serviceName, String resource, String action) throws SAML2Exception {
Request Xrequest = ContextFactory.getInstance().createRequest();
Response xacmlResponse = null;
try {
//Subject
Subject subject = ContextFactory.getInstance().createSubject();
subject.setSubjectCategory(new URI(XACMLConstants.ACCESS_SUBJECT));
//set subject id
Attribute attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.SUBJECT_ID));
attribute.setDataType(new URI(XACMLConstants.SAML2_NAMEID));
List valueList = new ArrayList();
valueList.add(nameIDValue);
attribute.setAttributeStringValues(valueList);
List attributeList = new ArrayList();
attributeList.add(attribute);
subject.setAttributes(attributeList);
// Set Subject in Request
List subjectList = new ArrayList();
subjectList.add(subject);
Xrequest.setSubjects(subjectList);
// Resource
Resource xacml_resource = ContextFactory.getInstance().createResource();
// Set resource id
attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.RESOURCE_ID));
attribute.setDataType(new URI(XACMLConstants.XS_STRING));
valueList = new ArrayList();
valueList.add(resource);
attribute.setAttributeStringValues(valueList);
attributeList = new ArrayList();
attributeList.add(attribute);
// Set serviceName
attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.TARGET_SERVICE));
attribute.setDataType(new URI(XACMLConstants.XS_STRING));
valueList = new ArrayList();
valueList.add(serviceName);
attribute.setAttributeStringValues(valueList);
attributeList.add(attribute);
xacml_resource.setAttributes(attributeList);
// Set Resource in Request
List resourceList = new ArrayList();
resourceList.add(xacml_resource);
Xrequest.setResources(resourceList);
// Action
Action xacml_action = ContextFactory.getInstance().createAction();
attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.ACTION_ID));
attribute.setDataType(new URI(XACMLConstants.XS_STRING));
// Set actionID
valueList = new ArrayList();
valueList.add(action);
attribute.setAttributeStringValues(valueList);
attributeList = new ArrayList();
attributeList.add(attribute);
xacml_action.setAttributes(attributeList);
// Set Action in Request
Xrequest.setAction(xacml_action);
Environment environment = ContextFactory.getInstance().createEnvironment();
Xrequest.setEnvironment(environment);
xacmlResponse = XACMLRequestProcessor.getInstance().processRequest(Xrequest, pdpEntityID, pepEntityID);
if (xacmlResponse != null) {
List results = xacmlResponse.getResults();
if (results.size() > 0) {
Result policy_result = (Result) results.get(0);
if (policy_result != null) {
Decision decision = (Decision) policy_result.getDecision();
if (decision != null) {
String policy_decision = decision.getValue();
if (policy_decision != null) {
return policy_decision;
}
}
}
}
}
} catch (URISyntaxException uriexp) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("XACMLQueryUtil." + "getPolicyDecisionForFedlet: " + "URI Exception while sending the XACML Request");
}
} catch (XACMLException xacmlexp) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("XACMLQueryUtil." + "getPolicyDecisionForFedlet: " + "Error while processing the XACML Response");
}
}
return null;
}
Also used :
Action(com.sun.identity.xacml.context.Action)
Attribute(com.sun.identity.xacml.context.Attribute)
Request(com.sun.identity.xacml.context.Request)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ArrayList(java.util.ArrayList)
Resource(com.sun.identity.xacml.context.Resource)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
Subject(com.sun.identity.xacml.context.Subject)
Decision(com.sun.identity.xacml.context.Decision)
Result(com.sun.identity.xacml.context.Result)
XACMLException(com.sun.identity.xacml.common.XACMLException)
Response(com.sun.identity.xacml.context.Response)
Environment(com.sun.identity.xacml.context.Environment)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 10 with XACMLException
use of com.sun.identity.xacml.common.XACMLException in project OpenAM by OpenRock.
the class FMSubjectMapperTest method testMapToNativeSubject.
@Test(groups = { "xacml" })
public void testMapToNativeSubject() throws XACMLException, URISyntaxException {
FMSubjectMapper subjectMapper = new FMSubjectMapper();
Subject subject1 = ContextFactory.getInstance().createSubject();
//supported category for id
//urn:oasis:names:tc:xacml:1.0:subject-category:access-subject
subject1.setSubjectCategory(new URI("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"));
Attribute attribute = ContextFactory.getInstance().createAttribute();
attribute.setIssuer("sampleIssuer1");
//key attribute id
//urn:oasis:names:tc:xacml:1.0:subject:subject-id
attribute.setAttributeId(new URI("urn:oasis:names:tc:xacml:1.0:subject:subject-id"));
//supported data type for id
//urn:oasis:names:tc:xacml:1.0:data-type:x500Name
//urn:sun:names:xacml:2.0:data-type:opensso-session-id
//urn:sun:names:xacml:2.0:data-type:openfm-sp-nameid
attribute.setDataType(new URI("urn:sun:names:xacml:2.0:data-type:opensso-session-id"));
List<String> valueList = new ArrayList<String>();
AuthContext lc = null;
String[] callbacks = { "amadmin", "admin123" };
SSOToken ssot = null;
try {
lc = new AuthContext("/");
AuthContext.IndexType indexType = AuthContext.IndexType.MODULE_INSTANCE;
String indexName = "DataStore";
log(Level.INFO, "testMapToNativeSubject():\n", " LDAPLogin: Obtained login context");
lc.login(indexType, indexName, callbacks);
if (lc.getStatus() == AuthContext.Status.SUCCESS) {
log(Level.INFO, "testMapToNativeSubject():\n", " Login success!!");
}
ssot = lc.getSSOToken();
} catch (Exception le) {
le.printStackTrace();
log(Level.INFO, "testMapToNativeSubject():\n", " Login failed!!");
}
String sid = ssot.getTokenID().toString();
log(Level.INFO, "testMapToNativeSubject():\n", " sid = " + sid);
valueList.add(sid);
attribute.setAttributeStringValues(valueList);
List<Attribute> attributeList = new ArrayList<Attribute>();
attributeList.add(attribute);
subject1.setAttributes(attributeList);
Subject[] subjects = { subject1 };
List<Subject> subjectsList = new ArrayList<Subject>();
subjectsList.add(subject1);
SSOToken retSSOToken = (SSOToken) subjectMapper.mapToNativeSubject(subjectsList);
String retSid = retSSOToken.getTokenID().toString();
log(Level.INFO, "testMapToNativeSubject():\n", " return sid = " + retSid);
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
Attribute(com.sun.identity.xacml.context.Attribute)
ArrayList(java.util.ArrayList)
AuthContext(com.sun.identity.authentication.AuthContext)
URI(java.net.URI)
Subject(com.sun.identity.xacml.context.Subject)
URISyntaxException(java.net.URISyntaxException)
XACMLException(com.sun.identity.xacml.common.XACMLException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
Test(org.testng.annotations.Test)
Aggregations
XACMLException (com.sun.identity.xacml.common.XACMLException)22
ArrayList (java.util.ArrayList)18
Element (org.w3c.dom.Element)14
Node (org.w3c.dom.Node)14
NodeList (org.w3c.dom.NodeList)14
Attribute (com.sun.identity.xacml.context.Attribute)7
List (java.util.List)7
ContextFactory (com.sun.identity.xacml.context.ContextFactory)6
URI (java.net.URI)6
Resource (com.sun.identity.xacml.context.Resource)3
Result (com.sun.identity.xacml.context.Result)3
Subject (com.sun.identity.xacml.context.Subject)3
Iterator (java.util.Iterator)3
NamedNodeMap (org.w3c.dom.NamedNodeMap)3
SSOException (com.iplanet.sso.SSOException)2
SSOToken (com.iplanet.sso.SSOToken)2
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)2
Decision (com.sun.identity.xacml.context.Decision)2
Request (com.sun.identity.xacml.context.Request)2
Response (com.sun.identity.xacml.context.Response)2
