use of com.sun.identity.xacml.common.XACMLException in project OpenAM by OpenRock.
the class EnvironmentImpl method processElement.
private void processElement(Element element) throws XACMLException {
if (element == null) {
XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): invalid root element");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
}
String elemName = element.getLocalName();
if (elemName == null) {
XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): local name missing");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_local_name"));
}
if (!elemName.equals(XACMLConstants.ENVIRONMENT)) {
XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): invalid local name " + elemName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_local_name"));
}
// starts processing subelements
NodeList nodes = element.getChildNodes();
int numOfNodes = nodes.getLength();
if (numOfNodes >= 1) {
ContextFactory factory = ContextFactory.getInstance();
for (int nextElem = 0; nextElem < numOfNodes; nextElem++) {
Node child = (Node) nodes.item(nextElem);
if (child.getNodeType() == Node.ELEMENT_NODE) {
// The child nodes should be <Attribute>
String attrChildName = child.getLocalName();
if (attrChildName.equals(XACMLConstants.ATTRIBUTE)) {
if (this.attributes == null) {
this.attributes = new ArrayList();
}
Attribute attribute = factory.getInstance().createAttribute((Element) child);
attributes.add(attribute);
} else {
XACMLSDKUtils.debug.error("EnvironmentImpl." + "processElement(): Invalid element :" + attrChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
}
}
}
}
}
use of com.sun.identity.xacml.common.XACMLException in project OpenAM by OpenRock.
the class ResponseImpl method setResults.
/**
* Sets the <code>Result</code>s of this object
*
* @param values the <code>Result</code>s of this object.
* @throws XACMLException if the object is immutable.
*/
public void setResults(List values) throws XACMLException {
if (!mutable) {
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("objectImmutable"));
}
if (values != null) {
Iterator iter = values.iterator();
results = new ArrayList();
while (iter.hasNext()) {
Result value = (Result) iter.next();
results.add(value);
}
} else {
results = null;
}
}
use of com.sun.identity.xacml.common.XACMLException in project OpenAM by OpenRock.
the class ResultImpl method processElement.
private void processElement(Element element) throws XACMLException {
if (element == null) {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid root element");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
}
String elemName = element.getLocalName();
if (elemName == null) {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): local name missing");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_local_name"));
}
if (!elemName.equals(XACMLConstants.RESULT)) {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid local name " + elemName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_local_name"));
}
String resourceIdValue = element.getAttribute(XACMLConstants.RESOURCE_ID);
if ((resourceIdValue != null) || (resourceIdValue.length() != 0)) {
resourceId = resourceIdValue;
}
NodeList nodes = element.getChildNodes();
int numOfNodes = nodes.getLength();
List childElements = new ArrayList();
int i = 0;
while (i < numOfNodes) {
Node child = (Node) nodes.item(i);
if (child.getNodeType() == Node.ELEMENT_NODE) {
childElements.add(child);
}
i++;
}
int childCount = childElements.size();
if (childCount < 1) {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid child element count: " + childCount);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_child_count"));
} else if (childCount > 3) {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid child element count: " + childCount);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_child_count"));
}
//process decision element
Element firstChild = (Element) childElements.get(0);
String firstChildName = firstChild.getLocalName();
if (firstChildName.equals(XACMLConstants.DECISION)) {
decision = ContextFactory.getInstance().createDecision(firstChild);
} else {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid first child element: " + firstChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_first_child"));
}
//process status element
if (childCount > 1) {
Element secondChild = (Element) childElements.get(1);
String secondChildName = secondChild.getLocalName();
if (secondChildName.equals(XACMLConstants.STATUS)) {
status = ContextFactory.getInstance().createStatus(secondChild);
} else if (secondChildName.equals(XACMLConstants.OBLIGATIONS)) {
obligations = PolicyFactory.getInstance().createObligations(secondChild);
} else {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid second child element: " + secondChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_second_child"));
}
if (childCount > 2) {
Element thirdChild = (Element) childElements.get(2);
String thirdChildName = thirdChild.getLocalName();
if (thirdChildName.equals(XACMLConstants.OBLIGATIONS) && (obligations == null)) {
obligations = PolicyFactory.getInstance().createObligations(thirdChild);
} else {
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid third child element: " + thirdChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_third_child"));
}
}
if (childCount > 3) {
Element thirdChild = (Element) childElements.get(3);
String thirdChildName = thirdChild.getLocalName();
XACMLSDKUtils.debug.error("ResultImpl.processElement(): invalid third child element: " + thirdChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString(//FIXME: add i18n key
"invalid_third_child"));
}
}
}
use of com.sun.identity.xacml.common.XACMLException in project OpenAM by OpenRock.
the class XACMLQueryUtil method getPolicyDecisionForFedlet.
/**
* Sends the XACML query to specifiied PDP, gets the policy decision
* and sends it back to the Fedlet
*
* @param request HTTP Servlet Request
* @param pepEntityID PEP entity ID
* @param pdpEntityID PDP entity ID
* @param nameIDValue NameID value
* @param serviceName Service Name
* @param resource Resource URL
* @param action Action
*
* @return the <code>String</code> object
* @exception SAML2Exception if the operation is not successful
*
* @supported.api
*/
public static String getPolicyDecisionForFedlet(HttpServletRequest request, String pepEntityID, String pdpEntityID, String nameIDValue, String serviceName, String resource, String action) throws SAML2Exception {
Request Xrequest = ContextFactory.getInstance().createRequest();
Response xacmlResponse = null;
try {
//Subject
Subject subject = ContextFactory.getInstance().createSubject();
subject.setSubjectCategory(new URI(XACMLConstants.ACCESS_SUBJECT));
//set subject id
Attribute attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.SUBJECT_ID));
attribute.setDataType(new URI(XACMLConstants.SAML2_NAMEID));
List valueList = new ArrayList();
valueList.add(nameIDValue);
attribute.setAttributeStringValues(valueList);
List attributeList = new ArrayList();
attributeList.add(attribute);
subject.setAttributes(attributeList);
// Set Subject in Request
List subjectList = new ArrayList();
subjectList.add(subject);
Xrequest.setSubjects(subjectList);
// Resource
Resource xacml_resource = ContextFactory.getInstance().createResource();
// Set resource id
attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.RESOURCE_ID));
attribute.setDataType(new URI(XACMLConstants.XS_STRING));
valueList = new ArrayList();
valueList.add(resource);
attribute.setAttributeStringValues(valueList);
attributeList = new ArrayList();
attributeList.add(attribute);
// Set serviceName
attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.TARGET_SERVICE));
attribute.setDataType(new URI(XACMLConstants.XS_STRING));
valueList = new ArrayList();
valueList.add(serviceName);
attribute.setAttributeStringValues(valueList);
attributeList.add(attribute);
xacml_resource.setAttributes(attributeList);
// Set Resource in Request
List resourceList = new ArrayList();
resourceList.add(xacml_resource);
Xrequest.setResources(resourceList);
// Action
Action xacml_action = ContextFactory.getInstance().createAction();
attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.ACTION_ID));
attribute.setDataType(new URI(XACMLConstants.XS_STRING));
// Set actionID
valueList = new ArrayList();
valueList.add(action);
attribute.setAttributeStringValues(valueList);
attributeList = new ArrayList();
attributeList.add(attribute);
xacml_action.setAttributes(attributeList);
// Set Action in Request
Xrequest.setAction(xacml_action);
Environment environment = ContextFactory.getInstance().createEnvironment();
Xrequest.setEnvironment(environment);
xacmlResponse = XACMLRequestProcessor.getInstance().processRequest(Xrequest, pdpEntityID, pepEntityID);
if (xacmlResponse != null) {
List results = xacmlResponse.getResults();
if (results.size() > 0) {
Result policy_result = (Result) results.get(0);
if (policy_result != null) {
Decision decision = (Decision) policy_result.getDecision();
if (decision != null) {
String policy_decision = decision.getValue();
if (policy_decision != null) {
return policy_decision;
}
}
}
}
}
} catch (URISyntaxException uriexp) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("XACMLQueryUtil." + "getPolicyDecisionForFedlet: " + "URI Exception while sending the XACML Request");
}
} catch (XACMLException xacmlexp) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("XACMLQueryUtil." + "getPolicyDecisionForFedlet: " + "Error while processing the XACML Response");
}
}
return null;
}
use of com.sun.identity.xacml.common.XACMLException in project OpenAM by OpenRock.
the class FMSubjectMapperTest method testMapToNativeSubject.
@Test(groups = { "xacml" })
public void testMapToNativeSubject() throws XACMLException, URISyntaxException {
FMSubjectMapper subjectMapper = new FMSubjectMapper();
Subject subject1 = ContextFactory.getInstance().createSubject();
//supported category for id
//urn:oasis:names:tc:xacml:1.0:subject-category:access-subject
subject1.setSubjectCategory(new URI("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"));
Attribute attribute = ContextFactory.getInstance().createAttribute();
attribute.setIssuer("sampleIssuer1");
//key attribute id
//urn:oasis:names:tc:xacml:1.0:subject:subject-id
attribute.setAttributeId(new URI("urn:oasis:names:tc:xacml:1.0:subject:subject-id"));
//supported data type for id
//urn:oasis:names:tc:xacml:1.0:data-type:x500Name
//urn:sun:names:xacml:2.0:data-type:opensso-session-id
//urn:sun:names:xacml:2.0:data-type:openfm-sp-nameid
attribute.setDataType(new URI("urn:sun:names:xacml:2.0:data-type:opensso-session-id"));
List<String> valueList = new ArrayList<String>();
AuthContext lc = null;
String[] callbacks = { "amadmin", "admin123" };
SSOToken ssot = null;
try {
lc = new AuthContext("/");
AuthContext.IndexType indexType = AuthContext.IndexType.MODULE_INSTANCE;
String indexName = "DataStore";
log(Level.INFO, "testMapToNativeSubject():\n", " LDAPLogin: Obtained login context");
lc.login(indexType, indexName, callbacks);
if (lc.getStatus() == AuthContext.Status.SUCCESS) {
log(Level.INFO, "testMapToNativeSubject():\n", " Login success!!");
}
ssot = lc.getSSOToken();
} catch (Exception le) {
le.printStackTrace();
log(Level.INFO, "testMapToNativeSubject():\n", " Login failed!!");
}
String sid = ssot.getTokenID().toString();
log(Level.INFO, "testMapToNativeSubject():\n", " sid = " + sid);
valueList.add(sid);
attribute.setAttributeStringValues(valueList);
List<Attribute> attributeList = new ArrayList<Attribute>();
attributeList.add(attribute);
subject1.setAttributes(attributeList);
Subject[] subjects = { subject1 };
List<Subject> subjectsList = new ArrayList<Subject>();
subjectsList.add(subject1);
SSOToken retSSOToken = (SSOToken) subjectMapper.mapToNativeSubject(subjectsList);
String retSid = retSSOToken.getTokenID().toString();
log(Level.INFO, "testMapToNativeSubject():\n", " return sid = " + retSid);
}
Aggregations