Search in sources :

Example 1 with ResponseType

use of org.opensaml.xacml.ctx.ResponseType in project cxf by apache.

the class DummyPDP method createResponse.

private ResponseType createResponse(DECISION decision) {
    XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
    @SuppressWarnings("unchecked") XACMLObjectBuilder<ResponseType> responseTypeBuilder = (XACMLObjectBuilder<ResponseType>) builderFactory.getBuilder(ResponseType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<ResultType> resultTypeBuilder = (XACMLObjectBuilder<ResultType>) builderFactory.getBuilder(ResultType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<DecisionType> decisionTypeBuilder = (XACMLObjectBuilder<DecisionType>) builderFactory.getBuilder(DecisionType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<StatusType> statusTypeBuilder = (XACMLObjectBuilder<StatusType>) builderFactory.getBuilder(StatusType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<StatusCodeType> statusCodeTypeBuilder = (XACMLObjectBuilder<StatusCodeType>) builderFactory.getBuilder(StatusCodeType.DEFAULT_ELEMENT_NAME);
    ResultType result = resultTypeBuilder.buildObject();
    DecisionType decisionType = decisionTypeBuilder.buildObject();
    decisionType.setDecision(decision);
    result.setDecision(decisionType);
    StatusType status = statusTypeBuilder.buildObject();
    StatusCodeType statusCode = statusCodeTypeBuilder.buildObject();
    statusCode.setValue("urn:oasis:names:tc:xacml:1.0:status:ok");
    status.setStatusCode(statusCode);
    result.setStatus(status);
    ResponseType response = responseTypeBuilder.buildObject();
    response.getResults().add(result);
    return response;
}
Also used : XACMLObjectBuilder(org.opensaml.xacml.XACMLObjectBuilder) ResultType(org.opensaml.xacml.ctx.ResultType) DecisionType(org.opensaml.xacml.ctx.DecisionType) ResponseType(org.opensaml.xacml.ctx.ResponseType) StatusType(org.opensaml.xacml.ctx.StatusType) XMLObjectBuilderFactory(org.opensaml.core.xml.XMLObjectBuilderFactory) StatusCodeType(org.opensaml.xacml.ctx.StatusCodeType)

Example 2 with ResponseType

use of org.opensaml.xacml.ctx.ResponseType in project cxf by apache.

the class PolicyDecisionPointMockImpl method evaluate.

@Override
public ResponseType evaluate(RequestType requestType) {
    XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
    @SuppressWarnings("unchecked") XACMLObjectBuilder<ResponseType> responseTypeBuilder = (XACMLObjectBuilder<ResponseType>) builderFactory.getBuilder(ResponseType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<ResultType> resultTypeBuilder = (XACMLObjectBuilder<ResultType>) builderFactory.getBuilder(ResultType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<DecisionType> decisionTypeBuilder = (XACMLObjectBuilder<DecisionType>) builderFactory.getBuilder(DecisionType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<StatusType> statusTypeBuilder = (XACMLObjectBuilder<StatusType>) builderFactory.getBuilder(StatusType.DEFAULT_ELEMENT_NAME);
    @SuppressWarnings("unchecked") XACMLObjectBuilder<StatusCodeType> statusCodeTypeBuilder = (XACMLObjectBuilder<StatusCodeType>) builderFactory.getBuilder(StatusCodeType.DEFAULT_ELEMENT_NAME);
    DecisionType decisionType = decisionTypeBuilder.buildObject();
    String role = getSubjectRole(requestType);
    if ("manager".equals(role)) {
        decisionType.setDecision(DecisionType.DECISION.Permit);
    } else {
        decisionType.setDecision(DecisionType.DECISION.Deny);
    }
    ResultType result = resultTypeBuilder.buildObject();
    result.setDecision(decisionType);
    StatusType status = statusTypeBuilder.buildObject();
    StatusCodeType statusCode = statusCodeTypeBuilder.buildObject();
    statusCode.setValue("urn:oasis:names:tc:xacml:1.0:status:ok");
    status.setStatusCode(statusCode);
    result.setStatus(status);
    ResponseType response = responseTypeBuilder.buildObject();
    response.getResults().add(result);
    return response;
}
Also used : XACMLObjectBuilder(org.opensaml.xacml.XACMLObjectBuilder) ResultType(org.opensaml.xacml.ctx.ResultType) DecisionType(org.opensaml.xacml.ctx.DecisionType) ResponseType(org.opensaml.xacml.ctx.ResponseType) StatusType(org.opensaml.xacml.ctx.StatusType) XMLObjectBuilderFactory(org.opensaml.core.xml.XMLObjectBuilderFactory) StatusCodeType(org.opensaml.xacml.ctx.StatusCodeType)

Example 3 with ResponseType

use of org.opensaml.xacml.ctx.ResponseType in project cxf by apache.

the class AbstractXACMLAuthorizingInterceptor method authorize.

/**
 * Perform a (remote) authorization decision and return a boolean depending on the result
 */
protected boolean authorize(Principal principal, List<String> roles, Message message) throws Exception {
    RequestType request = requestBuilder.createRequest(principal, roles, message);
    if (LOG.isLoggable(Level.FINE)) {
        Document doc = DOMUtils.createDocument();
        Element requestElement = OpenSAMLUtil.toDom(request, doc);
        LOG.log(Level.FINE, DOM2Writer.nodeToString(requestElement));
    }
    ResponseType response = performRequest(request, message);
    List<ResultType> results = response.getResults();
    if (results == null) {
        return false;
    }
    for (ResultType result : results) {
        // Handle any Obligations returned by the PDP
        handleObligations(request, principal, message, result);
        DECISION decision = result.getDecision() != null ? result.getDecision().getDecision() : DECISION.Deny;
        String code = "";
        String statusMessage = "";
        if (result.getStatus() != null) {
            StatusType status = result.getStatus();
            code = status.getStatusCode() != null ? status.getStatusCode().getValue() : "";
            statusMessage = status.getStatusMessage() != null ? status.getStatusMessage().getValue() : "";
        }
        if (LOG.isLoggable(Level.FINE)) {
            LOG.fine("XACML authorization result: " + decision + ", code: " + code + ", message: " + statusMessage);
        }
        return decision == DECISION.Permit;
    }
    return false;
}
Also used : DECISION(org.opensaml.xacml.ctx.DecisionType.DECISION) StatusType(org.opensaml.xacml.ctx.StatusType) Element(org.w3c.dom.Element) ResultType(org.opensaml.xacml.ctx.ResultType) Document(org.w3c.dom.Document) RequestType(org.opensaml.xacml.ctx.RequestType) ResponseType(org.opensaml.xacml.ctx.ResponseType)

Aggregations

ResponseType (org.opensaml.xacml.ctx.ResponseType)3 ResultType (org.opensaml.xacml.ctx.ResultType)3 StatusType (org.opensaml.xacml.ctx.StatusType)3 XMLObjectBuilderFactory (org.opensaml.core.xml.XMLObjectBuilderFactory)2 XACMLObjectBuilder (org.opensaml.xacml.XACMLObjectBuilder)2 DecisionType (org.opensaml.xacml.ctx.DecisionType)2 StatusCodeType (org.opensaml.xacml.ctx.StatusCodeType)2 DECISION (org.opensaml.xacml.ctx.DecisionType.DECISION)1 RequestType (org.opensaml.xacml.ctx.RequestType)1 Document (org.w3c.dom.Document)1 Element (org.w3c.dom.Element)1