Example 6 with Attribute
use of com.sun.identity.xacml.context.Attribute in project OpenAM by OpenRock.
the class EnvironmentImpl method processElement.
private void processElement(Element element) throws XACMLException {
if (element == null) {
XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): invalid root element");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
}
String elemName = element.getLocalName();
if (elemName == null) {
XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): local name missing");
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("missing_local_name"));
}
if (!elemName.equals(XACMLConstants.ENVIRONMENT)) {
XACMLSDKUtils.debug.error("EnvironmentImpl.processElement(): invalid local name " + elemName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_local_name"));
}
// starts processing subelements
NodeList nodes = element.getChildNodes();
int numOfNodes = nodes.getLength();
if (numOfNodes >= 1) {
ContextFactory factory = ContextFactory.getInstance();
for (int nextElem = 0; nextElem < numOfNodes; nextElem++) {
Node child = (Node) nodes.item(nextElem);
if (child.getNodeType() == Node.ELEMENT_NODE) {
// The child nodes should be <Attribute>
String attrChildName = child.getLocalName();
if (attrChildName.equals(XACMLConstants.ATTRIBUTE)) {
if (this.attributes == null) {
this.attributes = new ArrayList();
}
Attribute attribute = factory.getInstance().createAttribute((Element) child);
attributes.add(attribute);
} else {
XACMLSDKUtils.debug.error("EnvironmentImpl." + "processElement(): Invalid element :" + attrChildName);
throw new XACMLException(XACMLSDKUtils.xacmlResourceBundle.getString("invalid_element"));
}
}
}
}
}
Also used :
ContextFactory(com.sun.identity.xacml.context.ContextFactory)
Attribute(com.sun.identity.xacml.context.Attribute)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
ArrayList(java.util.ArrayList)
XACMLException(com.sun.identity.xacml.common.XACMLException)
Example 7 with Attribute
use of com.sun.identity.xacml.context.Attribute in project OpenAM by OpenRock.
the class EnvironmentImpl method toXMLString.
/**
* Returns a <code>String</code> representation of this object
* @param includeNSPrefix Determines whether or not the namespace qualifier
* is prepended to the Element when converted
* @param declareNS Determines whether or not the namespace is declared
* within the Element.
* @return a string representation of this object
* @exception XACMLException if conversion fails for any reason
*/
public String toXMLString(boolean includeNSPrefix, boolean declareNS) throws XACMLException {
StringBuffer sb = new StringBuffer(2000);
StringBuffer namespaceBuffer = new StringBuffer(100);
String nsDeclaration = "";
if (declareNS) {
namespaceBuffer.append(XACMLConstants.CONTEXT_NS_DECLARATION).append(XACMLConstants.SPACE);
namespaceBuffer.append(XACMLConstants.XSI_NS_URI).append(XACMLConstants.SPACE).append(XACMLConstants.CONTEXT_SCHEMA_LOCATION);
}
if (includeNSPrefix) {
nsDeclaration = XACMLConstants.CONTEXT_NS_PREFIX + ":";
}
sb.append("<").append(nsDeclaration).append(XACMLConstants.ENVIRONMENT).append(namespaceBuffer);
sb.append(">");
int length = 0;
if (attributes != null) {
sb.append("\n");
length = attributes.size();
for (int i = 0; i < length; i++) {
Attribute attr = (Attribute) attributes.get(i);
sb.append(attr.toXMLString(includeNSPrefix, false));
}
}
sb.append("</").append(nsDeclaration).append(XACMLConstants.ENVIRONMENT);
sb.append(">\n");
return sb.toString();
}
Also used :
Attribute(com.sun.identity.xacml.context.Attribute)
Example 8 with Attribute
use of com.sun.identity.xacml.context.Attribute in project OpenAM by OpenRock.
the class XACMLRequestProcessorTest method createSampleXacmlRequest.
private Request createSampleXacmlRequest(String subjectId, String subjectIdType, String subjectCategory, String resourceId, String resourceIdType, String serviceName, String serviceNameType, String actionId, String actionIdType) throws XACMLException, URISyntaxException {
Request request = ContextFactory.getInstance().createRequest();
//Subject1, access-subject
Subject subject1 = ContextFactory.getInstance().createSubject();
//supported category for id
//urn:oasis:names:tc:xacml:1.0:subject-category:access-subject
subject1.setSubjectCategory(new URI(subjectCategory));
Attribute attribute = ContextFactory.getInstance().createAttribute();
//key attribute id
//urn:oasis:names:tc:xacml:1.0:subject:subject-id
attribute.setAttributeId(new URI(XACMLConstants.SUBJECT_ID));
//supported data type for id
//urn:oasis:names:tc:xacml:1.0:data-type:x500Name
//urn:sun:names:xacml:2.0:data-type:opensso-session-id
//urn:sun:names:xacml:2.0:data-type:openfm-sp-nameid
attribute.setDataType(new URI(subjectIdType));
attribute.setIssuer("sampleIssuer1");
//set values
List<String> valueList = new ArrayList<String>();
valueList.add(subjectId);
attribute.setAttributeStringValues(valueList);
List<Attribute> attributeList = new ArrayList<Attribute>();
attributeList.add(attribute);
subject1.setAttributes(attributeList);
//Subject2, intermediary-subject
Subject subject2 = ContextFactory.getInstance().createSubject();
subject2.setSubjectCategory(new URI(XACMLConstants.INTERMEDIARY_SUBJECT));
attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.SUBJECT_ID));
//supported data type for id
//urn:oasis:names:tc:xacml:1.0:data-type:x500Name
//urn:sun:names:xacml:2.0:data-type:opensso-session-id
//urn:sun:names:xacml:2.0:data-type:openfm-sp-nameid
attribute.setDataType(new URI(subjectIdType));
attribute.setIssuer("sampleIssuer2");
//set values
valueList = new ArrayList<String>();
valueList.add(subjectId);
attribute.setAttributeStringValues(valueList);
attributeList = new ArrayList<Attribute>();
attributeList.add(attribute);
subject2.setAttributes(attributeList);
//set subjects in request
List<Subject> subjectList = new ArrayList<Subject>();
subjectList.add(subject1);
subjectList.add(subject2);
request.setSubjects(subjectList);
//Resource
Resource resource = ContextFactory.getInstance().createResource();
//resoruce-id attribute
attribute = ContextFactory.getInstance().createAttribute();
//key attribute id
//urn:oasis:names:tc:xacml:1.0:resource:resource-id
attribute.setAttributeId(new URI(XACMLConstants.RESOURCE_ID));
//supported data type
//http://www.w3.org/2001/XMLSchema#string
attribute.setDataType(new URI(resourceIdType));
attribute.setIssuer("sampleIssuer3");
//set values
valueList = new ArrayList<String>();
valueList.add(resourceId);
attribute.setAttributeStringValues(valueList);
attributeList = new ArrayList<Attribute>();
attributeList.add(attribute);
//serviceName attribute
attribute = ContextFactory.getInstance().createAttribute();
//additional attribute id
//urn:sun:names:xacml:2.0:resource:target-service
attribute.setAttributeId(new URI(XACMLConstants.TARGET_SERVICE));
//supported data type
//http://www.w3.org/2001/XMLSchema#string
attribute.setDataType(new URI(serviceNameType));
attribute.setIssuer("sampleIssuer3");
//set values
valueList = new ArrayList<String>();
valueList.add(serviceName);
attribute.setAttributeStringValues(valueList);
attributeList.add(attribute);
resource.setAttributes(attributeList);
List<Resource> resourceList = new ArrayList<Resource>();
resourceList.add(resource);
request.setResources(resourceList);
//Action
Action action = ContextFactory.getInstance().createAction();
attribute = ContextFactory.getInstance().createAttribute();
//key attribute id
//urn:oasis:names:tc:xacml:1.0:action:action-id
attribute.setAttributeId(new URI(XACMLConstants.ACTION_ID));
//supported data type
//http://www.w3.org/2001/XMLSchema#string
attribute.setDataType(new URI(actionIdType));
attribute.setIssuer("sampleIssuer5");
valueList = new ArrayList<String>();
valueList.add(actionId);
attribute.setAttributeStringValues(valueList);
attributeList = new ArrayList<Attribute>();
attributeList.add(attribute);
action.setAttributes(attributeList);
request.setAction(action);
//Enviornment
Environment environment = ContextFactory.getInstance().createEnvironment();
request.setEnvironment(environment);
return request;
}
Also used :
Action(com.sun.identity.xacml.context.Action)
Attribute(com.sun.identity.xacml.context.Attribute)
Request(com.sun.identity.xacml.context.Request)
ArrayList(java.util.ArrayList)
Resource(com.sun.identity.xacml.context.Resource)
URI(java.net.URI)
Subject(com.sun.identity.xacml.context.Subject)
Environment(com.sun.identity.xacml.context.Environment)
Example 9 with Attribute
use of com.sun.identity.xacml.context.Attribute in project OpenAM by OpenRock.
the class FMActionMapper method mapToNativeAction.
/**
* Returns native action name
* @param xacmlContextAction XACML context Action
* @param serviceName native service name the requested resource belongs to
* @return native action name
* @exception XACMLException if can not map to native action name
*/
public String mapToNativeAction(Action xacmlContextAction, String serviceName) throws XACMLException {
String nativeAction = null;
List attributes = xacmlContextAction.getAttributes();
if (attributes != null && !attributes.isEmpty()) {
Attribute attr = (Attribute) attributes.get(0);
if (attr != null) {
URI tmpURI = attr.getAttributeId();
if (tmpURI.toString().equals(XACMLConstants.ACTION_ID)) {
tmpURI = attr.getDataType();
if (tmpURI.toString().equals(XACMLConstants.XS_STRING)) {
Element element = (Element) attr.getAttributeValues().get(0);
nativeAction = XMLUtils.getElementValue(element);
}
}
}
}
return nativeAction;
}Example 10 with Attribute
use of com.sun.identity.xacml.context.Attribute in project OpenAM by OpenRock.
the class XACMLQueryUtil method getPolicyDecisionForFedlet.
/**
* Sends the XACML query to specifiied PDP, gets the policy decision
* and sends it back to the Fedlet
*
* @param request HTTP Servlet Request
* @param pepEntityID PEP entity ID
* @param pdpEntityID PDP entity ID
* @param nameIDValue NameID value
* @param serviceName Service Name
* @param resource Resource URL
* @param action Action
*
* @return the <code>String</code> object
* @exception SAML2Exception if the operation is not successful
*
* @supported.api
*/
public static String getPolicyDecisionForFedlet(HttpServletRequest request, String pepEntityID, String pdpEntityID, String nameIDValue, String serviceName, String resource, String action) throws SAML2Exception {
Request Xrequest = ContextFactory.getInstance().createRequest();
Response xacmlResponse = null;
try {
//Subject
Subject subject = ContextFactory.getInstance().createSubject();
subject.setSubjectCategory(new URI(XACMLConstants.ACCESS_SUBJECT));
//set subject id
Attribute attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.SUBJECT_ID));
attribute.setDataType(new URI(XACMLConstants.SAML2_NAMEID));
List valueList = new ArrayList();
valueList.add(nameIDValue);
attribute.setAttributeStringValues(valueList);
List attributeList = new ArrayList();
attributeList.add(attribute);
subject.setAttributes(attributeList);
// Set Subject in Request
List subjectList = new ArrayList();
subjectList.add(subject);
Xrequest.setSubjects(subjectList);
// Resource
Resource xacml_resource = ContextFactory.getInstance().createResource();
// Set resource id
attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.RESOURCE_ID));
attribute.setDataType(new URI(XACMLConstants.XS_STRING));
valueList = new ArrayList();
valueList.add(resource);
attribute.setAttributeStringValues(valueList);
attributeList = new ArrayList();
attributeList.add(attribute);
// Set serviceName
attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.TARGET_SERVICE));
attribute.setDataType(new URI(XACMLConstants.XS_STRING));
valueList = new ArrayList();
valueList.add(serviceName);
attribute.setAttributeStringValues(valueList);
attributeList.add(attribute);
xacml_resource.setAttributes(attributeList);
// Set Resource in Request
List resourceList = new ArrayList();
resourceList.add(xacml_resource);
Xrequest.setResources(resourceList);
// Action
Action xacml_action = ContextFactory.getInstance().createAction();
attribute = ContextFactory.getInstance().createAttribute();
attribute.setAttributeId(new URI(XACMLConstants.ACTION_ID));
attribute.setDataType(new URI(XACMLConstants.XS_STRING));
// Set actionID
valueList = new ArrayList();
valueList.add(action);
attribute.setAttributeStringValues(valueList);
attributeList = new ArrayList();
attributeList.add(attribute);
xacml_action.setAttributes(attributeList);
// Set Action in Request
Xrequest.setAction(xacml_action);
Environment environment = ContextFactory.getInstance().createEnvironment();
Xrequest.setEnvironment(environment);
xacmlResponse = XACMLRequestProcessor.getInstance().processRequest(Xrequest, pdpEntityID, pepEntityID);
if (xacmlResponse != null) {
List results = xacmlResponse.getResults();
if (results.size() > 0) {
Result policy_result = (Result) results.get(0);
if (policy_result != null) {
Decision decision = (Decision) policy_result.getDecision();
if (decision != null) {
String policy_decision = decision.getValue();
if (policy_decision != null) {
return policy_decision;
}
}
}
}
}
} catch (URISyntaxException uriexp) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("XACMLQueryUtil." + "getPolicyDecisionForFedlet: " + "URI Exception while sending the XACML Request");
}
} catch (XACMLException xacmlexp) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("XACMLQueryUtil." + "getPolicyDecisionForFedlet: " + "Error while processing the XACML Response");
}
}
return null;
}
Also used :
Action(com.sun.identity.xacml.context.Action)
Attribute(com.sun.identity.xacml.context.Attribute)
Request(com.sun.identity.xacml.context.Request)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ArrayList(java.util.ArrayList)
Resource(com.sun.identity.xacml.context.Resource)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
Subject(com.sun.identity.xacml.context.Subject)
Decision(com.sun.identity.xacml.context.Decision)
Result(com.sun.identity.xacml.context.Result)
XACMLException(com.sun.identity.xacml.common.XACMLException)
Response(com.sun.identity.xacml.context.Response)
Environment(com.sun.identity.xacml.context.Environment)
ArrayList(java.util.ArrayList)
List(java.util.List)
Aggregations
Attribute (com.sun.identity.xacml.context.Attribute)17
URI (java.net.URI)9
ArrayList (java.util.ArrayList)9
XACMLException (com.sun.identity.xacml.common.XACMLException)7
List (java.util.List)6
ContextFactory (com.sun.identity.xacml.context.ContextFactory)5
Subject (com.sun.identity.xacml.context.Subject)5
Element (org.w3c.dom.Element)5
Request (com.sun.identity.xacml.context.Request)4
Resource (com.sun.identity.xacml.context.Resource)4
Node (org.w3c.dom.Node)4
NodeList (org.w3c.dom.NodeList)4
SSOException (com.iplanet.sso.SSOException)3
SSOToken (com.iplanet.sso.SSOToken)3
Action (com.sun.identity.xacml.context.Action)3
Environment (com.sun.identity.xacml.context.Environment)3
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)2
Decision (com.sun.identity.xacml.context.Decision)2
Response (com.sun.identity.xacml.context.Response)2
Result (com.sun.identity.xacml.context.Result)2
