Search in sources :

Example 6 with Attribute

use of com.sun.identity.xacml.context.Attribute in project OpenAM by OpenRock.

the class EnvironmentImpl method processElement.

private void processElement(Element element) throws XACMLException {
    if (element == null) {
        XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): invalid root element");
        throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
    }
    String elemName = element.getLocalName();
    if (elemName == null) {
        XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): local name missing");
        throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_local_name"));
    }
    if (!elemName.equals(XACMLConstants.ENVIRONMENT)) {
        XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): invalid local name " + elemName);
        throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_local_name"));
    }
    // starts processing subelements
    NodeList nodes = element.getChildNodes();
    int numOfNodes = nodes.getLength();
    if (numOfNodes >= 1) {
        ContextFactory factory = ContextFactory.getInstance();
        for (int nextElem = 0; nextElem < numOfNodes; nextElem++) {
            Node child = (Node) nodes.item(nextElem);
            if (child.getNodeType() == Node.ELEMENT_NODE) {
                // The child nodes should be <Attribute> 
                String attrChildName = child.getLocalName();
                if (attrChildName.equals(XACMLConstants.ATTRIBUTE)) {
                    if (this.attributes == null) {
                        this.attributes = new ArrayList();
                    }
                    Attribute attribute = factory.getInstance().createAttribute((Element) child);
                    attributes.add(attribute);
                } else {
                    XACMLSDKUtils.debug.error("EnvironmentImpl." + "processElement(): Invalid element :" + attrChildName);
                    throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
                }
            }
        }
    }
}
Also used : ContextFactory(com.sun.identity.xacml.context.ContextFactory) Attribute(com.sun.identity.xacml.context.Attribute) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) ArrayList(java.util.ArrayList) XACMLException(com.sun.identity.xacml.common.XACMLException)

Example 7 with Attribute

use of com.sun.identity.xacml.context.Attribute in project OpenAM by OpenRock.

the class EnvironmentImpl method toXMLString.

/**
    * Returns a <code>String</code> representation of this object
    * @param includeNSPrefix Determines whether or not the namespace qualifier
    *        is prepended to the Element when converted
    * @param declareNS Determines whether or not the namespace is declared
    *        within the Element.
    * @return a string representation of this object
    * @exception XACMLException if conversion fails for any reason
     */
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws XACMLException {
    StringBuffer sb = new StringBuffer(2000);
    StringBuffer namespaceBuffer = new StringBuffer(100);
    String nsDeclaration = "";
    if (declareNS) {
        namespaceBuffer.append(XACMLConstants.CONTEXT_NS_DECLARATION).append(XACMLConstants.SPACE);
        namespaceBuffer.append(XACMLConstants.XSI_NS_URI).append(XACMLConstants.SPACE).append(XACMLConstants.CONTEXT_SCHEMA_LOCATION);
    }
    if (includeNSPrefix) {
        nsDeclaration = XACMLConstants.CONTEXT_NS_PREFIX + ":";
    }
    sb.append("<").append(nsDeclaration).append(XACMLConstants.ENVIRONMENT).append(namespaceBuffer);
    sb.append(">");
    int length = 0;
    if (attributes != null) {
        sb.append("\n");
        length = attributes.size();
        for (int i = 0; i < length; i++) {
            Attribute attr = (Attribute) attributes.get(i);
            sb.append(attr.toXMLString(includeNSPrefix, false));
        }
    }
    sb.append("</").append(nsDeclaration).append(XACMLConstants.ENVIRONMENT);
    sb.append(">\n");
    return sb.toString();
}
Also used : Attribute(com.sun.identity.xacml.context.Attribute)

Example 8 with Attribute

use of com.sun.identity.xacml.context.Attribute in project OpenAM by OpenRock.

the class XACMLRequestProcessorTest method createSampleXacmlRequest.

private Request createSampleXacmlRequest(String subjectId, String subjectIdType, String subjectCategory, String resourceId, String resourceIdType, String serviceName, String serviceNameType, String actionId, String actionIdType) throws XACMLException, URISyntaxException {
    Request request = ContextFactory.getInstance().createRequest();
    //Subject1, access-subject
    Subject subject1 = ContextFactory.getInstance().createSubject();
    //supported category for id
    //urn:oasis:names:tc:xacml:1.0:subject-category:access-subject
    subject1.setSubjectCategory(new URI(subjectCategory));
    Attribute attribute = ContextFactory.getInstance().createAttribute();
    //key attribute id
    //urn:oasis:names:tc:xacml:1.0:subject:subject-id
    attribute.setAttributeId(new URI(XACMLConstants.SUBJECT_ID));
    //supported data type for id
    //urn:oasis:names:tc:xacml:1.0:data-type:x500Name
    //urn:sun:names:xacml:2.0:data-type:opensso-session-id
    //urn:sun:names:xacml:2.0:data-type:openfm-sp-nameid
    attribute.setDataType(new URI(subjectIdType));
    attribute.setIssuer("sampleIssuer1");
    //set values
    List<String> valueList = new ArrayList<String>();
    valueList.add(subjectId);
    attribute.setAttributeStringValues(valueList);
    List<Attribute> attributeList = new ArrayList<Attribute>();
    attributeList.add(attribute);
    subject1.setAttributes(attributeList);
    //Subject2, intermediary-subject
    Subject subject2 = ContextFactory.getInstance().createSubject();
    subject2.setSubjectCategory(new URI(XACMLConstants.INTERMEDIARY_SUBJECT));
    attribute = ContextFactory.getInstance().createAttribute();
    attribute.setAttributeId(new URI(XACMLConstants.SUBJECT_ID));
    //supported data type for id
    //urn:oasis:names:tc:xacml:1.0:data-type:x500Name
    //urn:sun:names:xacml:2.0:data-type:opensso-session-id
    //urn:sun:names:xacml:2.0:data-type:openfm-sp-nameid
    attribute.setDataType(new URI(subjectIdType));
    attribute.setIssuer("sampleIssuer2");
    //set values
    valueList = new ArrayList<String>();
    valueList.add(subjectId);
    attribute.setAttributeStringValues(valueList);
    attributeList = new ArrayList<Attribute>();
    attributeList.add(attribute);
    subject2.setAttributes(attributeList);
    //set subjects in request
    List<Subject> subjectList = new ArrayList<Subject>();
    subjectList.add(subject1);
    subjectList.add(subject2);
    request.setSubjects(subjectList);
    //Resource
    Resource resource = ContextFactory.getInstance().createResource();
    //resoruce-id attribute
    attribute = ContextFactory.getInstance().createAttribute();
    //key attribute id
    //urn:oasis:names:tc:xacml:1.0:resource:resource-id
    attribute.setAttributeId(new URI(XACMLConstants.RESOURCE_ID));
    //supported data type
    //http://www.w3.org/2001/XMLSchema#string
    attribute.setDataType(new URI(resourceIdType));
    attribute.setIssuer("sampleIssuer3");
    //set values
    valueList = new ArrayList<String>();
    valueList.add(resourceId);
    attribute.setAttributeStringValues(valueList);
    attributeList = new ArrayList<Attribute>();
    attributeList.add(attribute);
    //serviceName attribute
    attribute = ContextFactory.getInstance().createAttribute();
    //additional attribute id
    //urn:sun:names:xacml:2.0:resource:target-service
    attribute.setAttributeId(new URI(XACMLConstants.TARGET_SERVICE));
    //supported data type
    //http://www.w3.org/2001/XMLSchema#string
    attribute.setDataType(new URI(serviceNameType));
    attribute.setIssuer("sampleIssuer3");
    //set values
    valueList = new ArrayList<String>();
    valueList.add(serviceName);
    attribute.setAttributeStringValues(valueList);
    attributeList.add(attribute);
    resource.setAttributes(attributeList);
    List<Resource> resourceList = new ArrayList<Resource>();
    resourceList.add(resource);
    request.setResources(resourceList);
    //Action
    Action action = ContextFactory.getInstance().createAction();
    attribute = ContextFactory.getInstance().createAttribute();
    //key attribute id
    //urn:oasis:names:tc:xacml:1.0:action:action-id
    attribute.setAttributeId(new URI(XACMLConstants.ACTION_ID));
    //supported data type
    //http://www.w3.org/2001/XMLSchema#string
    attribute.setDataType(new URI(actionIdType));
    attribute.setIssuer("sampleIssuer5");
    valueList = new ArrayList<String>();
    valueList.add(actionId);
    attribute.setAttributeStringValues(valueList);
    attributeList = new ArrayList<Attribute>();
    attributeList.add(attribute);
    action.setAttributes(attributeList);
    request.setAction(action);
    //Enviornment
    Environment environment = ContextFactory.getInstance().createEnvironment();
    request.setEnvironment(environment);
    return request;
}
Also used : Action(com.sun.identity.xacml.context.Action) Attribute(com.sun.identity.xacml.context.Attribute) Request(com.sun.identity.xacml.context.Request) ArrayList(java.util.ArrayList) Resource(com.sun.identity.xacml.context.Resource) URI(java.net.URI) Subject(com.sun.identity.xacml.context.Subject) Environment(com.sun.identity.xacml.context.Environment)

Example 9 with Attribute

use of com.sun.identity.xacml.context.Attribute in project OpenAM by OpenRock.

the class FMActionMapper method mapToNativeAction.

/**
     * Returns native action name
     * @param xacmlContextAction XACML  context Action
     * @param serviceName native service name the requested resource belongs to
     * @return native action name
     * @exception XACMLException if can not map to native action name
     */
public String mapToNativeAction(Action xacmlContextAction, String serviceName) throws XACMLException {
    String nativeAction = null;
    List attributes = xacmlContextAction.getAttributes();
    if (attributes != null && !attributes.isEmpty()) {
        Attribute attr = (Attribute) attributes.get(0);
        if (attr != null) {
            URI tmpURI = attr.getAttributeId();
            if (tmpURI.toString().equals(XACMLConstants.ACTION_ID)) {
                tmpURI = attr.getDataType();
                if (tmpURI.toString().equals(XACMLConstants.XS_STRING)) {
                    Element element = (Element) attr.getAttributeValues().get(0);
                    nativeAction = XMLUtils.getElementValue(element);
                }
            }
        }
    }
    return nativeAction;
}
Also used : Attribute(com.sun.identity.xacml.context.Attribute) Element(org.w3c.dom.Element) List(java.util.List) URI(java.net.URI)

Example 10 with Attribute

use of com.sun.identity.xacml.context.Attribute in project OpenAM by OpenRock.

the class XACMLQueryUtil method getPolicyDecisionForFedlet.

/**
     * Sends the XACML query to specifiied PDP, gets the policy decision
     * and sends it back to the Fedlet
     *
     * @param request HTTP Servlet Request
     * @param pepEntityID PEP entity ID
     * @param pdpEntityID PDP entity ID
     * @param nameIDValue  NameID value 
     * @param serviceName  Service Name
     * @param resource  Resource URL
     * @param action  Action
     *
     * @return the <code>String</code> object
     * @exception SAML2Exception if the operation is not successful
     *
     * @supported.api
     */
public static String getPolicyDecisionForFedlet(HttpServletRequest request, String pepEntityID, String pdpEntityID, String nameIDValue, String serviceName, String resource, String action) throws SAML2Exception {
    Request Xrequest = ContextFactory.getInstance().createRequest();
    Response xacmlResponse = null;
    try {
        //Subject
        Subject subject = ContextFactory.getInstance().createSubject();
        subject.setSubjectCategory(new URI(XACMLConstants.ACCESS_SUBJECT));
        //set subject id
        Attribute attribute = ContextFactory.getInstance().createAttribute();
        attribute.setAttributeId(new URI(XACMLConstants.SUBJECT_ID));
        attribute.setDataType(new URI(XACMLConstants.SAML2_NAMEID));
        List valueList = new ArrayList();
        valueList.add(nameIDValue);
        attribute.setAttributeStringValues(valueList);
        List attributeList = new ArrayList();
        attributeList.add(attribute);
        subject.setAttributes(attributeList);
        // Set Subject in Request
        List subjectList = new ArrayList();
        subjectList.add(subject);
        Xrequest.setSubjects(subjectList);
        // Resource
        Resource xacml_resource = ContextFactory.getInstance().createResource();
        // Set resource id
        attribute = ContextFactory.getInstance().createAttribute();
        attribute.setAttributeId(new URI(XACMLConstants.RESOURCE_ID));
        attribute.setDataType(new URI(XACMLConstants.XS_STRING));
        valueList = new ArrayList();
        valueList.add(resource);
        attribute.setAttributeStringValues(valueList);
        attributeList = new ArrayList();
        attributeList.add(attribute);
        // Set serviceName
        attribute = ContextFactory.getInstance().createAttribute();
        attribute.setAttributeId(new URI(XACMLConstants.TARGET_SERVICE));
        attribute.setDataType(new URI(XACMLConstants.XS_STRING));
        valueList = new ArrayList();
        valueList.add(serviceName);
        attribute.setAttributeStringValues(valueList);
        attributeList.add(attribute);
        xacml_resource.setAttributes(attributeList);
        // Set Resource in Request
        List resourceList = new ArrayList();
        resourceList.add(xacml_resource);
        Xrequest.setResources(resourceList);
        // Action
        Action xacml_action = ContextFactory.getInstance().createAction();
        attribute = ContextFactory.getInstance().createAttribute();
        attribute.setAttributeId(new URI(XACMLConstants.ACTION_ID));
        attribute.setDataType(new URI(XACMLConstants.XS_STRING));
        // Set actionID
        valueList = new ArrayList();
        valueList.add(action);
        attribute.setAttributeStringValues(valueList);
        attributeList = new ArrayList();
        attributeList.add(attribute);
        xacml_action.setAttributes(attributeList);
        // Set Action in Request
        Xrequest.setAction(xacml_action);
        Environment environment = ContextFactory.getInstance().createEnvironment();
        Xrequest.setEnvironment(environment);
        xacmlResponse = XACMLRequestProcessor.getInstance().processRequest(Xrequest, pdpEntityID, pepEntityID);
        if (xacmlResponse != null) {
            List results = xacmlResponse.getResults();
            if (results.size() > 0) {
                Result policy_result = (Result) results.get(0);
                if (policy_result != null) {
                    Decision decision = (Decision) policy_result.getDecision();
                    if (decision != null) {
                        String policy_decision = decision.getValue();
                        if (policy_decision != null) {
                            return policy_decision;
                        }
                    }
                }
            }
        }
    } catch (URISyntaxException uriexp) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("XACMLQueryUtil." + "getPolicyDecisionForFedlet: " + "URI Exception while sending the XACML Request");
        }
    } catch (XACMLException xacmlexp) {
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("XACMLQueryUtil." + "getPolicyDecisionForFedlet: " + "Error while processing the XACML Response");
        }
    }
    return null;
}
Also used : Action(com.sun.identity.xacml.context.Action) Attribute(com.sun.identity.xacml.context.Attribute) Request(com.sun.identity.xacml.context.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest) ArrayList(java.util.ArrayList) Resource(com.sun.identity.xacml.context.Resource) URISyntaxException(java.net.URISyntaxException) URI(java.net.URI) Subject(com.sun.identity.xacml.context.Subject) Decision(com.sun.identity.xacml.context.Decision) Result(com.sun.identity.xacml.context.Result) XACMLException(com.sun.identity.xacml.common.XACMLException) Response(com.sun.identity.xacml.context.Response) Environment(com.sun.identity.xacml.context.Environment) ArrayList(java.util.ArrayList) List(java.util.List)

Aggregations

Attribute (com.sun.identity.xacml.context.Attribute)17 URI (java.net.URI)9 ArrayList (java.util.ArrayList)9 XACMLException (com.sun.identity.xacml.common.XACMLException)7 List (java.util.List)6 ContextFactory (com.sun.identity.xacml.context.ContextFactory)5 Subject (com.sun.identity.xacml.context.Subject)5 Element (org.w3c.dom.Element)5 Request (com.sun.identity.xacml.context.Request)4 Resource (com.sun.identity.xacml.context.Resource)4 Node (org.w3c.dom.Node)4 NodeList (org.w3c.dom.NodeList)4 SSOException (com.iplanet.sso.SSOException)3 SSOToken (com.iplanet.sso.SSOToken)3 Action (com.sun.identity.xacml.context.Action)3 Environment (com.sun.identity.xacml.context.Environment)3 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)2 Decision (com.sun.identity.xacml.context.Decision)2 Response (com.sun.identity.xacml.context.Response)2 Result (com.sun.identity.xacml.context.Result)2