use of org.wso2.balana.ctx.xacml3.RequestCtx in project carbon-identity-framework by wso2.
the class EntitlementEngine method evaluateReturnResponseCtx.
/**
* Evaluates the given XACML request and returns the ResponseCtx Response that the EntitlementEngine will
* hand back to the PEP. PEP needs construct the XACML request before sending it to the
* EntitlementEngine
*
* @param xacmlRequest XACML request as String
* @return ResponseCtx response
* @throws org.wso2.balana.ParsingException throws
* @throws org.wso2.carbon.identity.entitlement.EntitlementException throws
* @throws javax.xml.parsers.ParserConfigurationException throws
* @throws org.xml.sax.SAXException throws
* @throws java.io.IOException throws
*/
public ResponseCtx evaluateReturnResponseCtx(String xacmlRequest) throws EntitlementException, ParsingException, ParserConfigurationException, SAXException, IOException {
if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_REQUEST)) {
log.debug("XACML Request : " + xacmlRequest);
}
String xacmlResponse;
ResponseCtx responseCtx;
if ((xacmlResponse = (String) getFromCache(xacmlRequest, false)) != null) {
if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_RESPONSE)) {
log.debug("XACML Response : " + xacmlResponse);
}
DocumentBuilderFactory documentBuilderFactory = IdentityUtil.getSecuredDocumentBuilderFactory();
Element node = documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(xacmlResponse.getBytes())).getDocumentElement();
return (ResponseCtx.getInstance(node));
}
Map<PIPExtension, Properties> extensions = EntitlementServiceComponent.getEntitlementConfig().getExtensions();
if (extensions != null && !extensions.isEmpty()) {
PolicyRequestBuilder policyRequestBuilder = new PolicyRequestBuilder();
Element xacmlRequestElement = policyRequestBuilder.getXacmlRequest(xacmlRequest);
AbstractRequestCtx requestCtx = RequestCtxFactory.getFactory().getRequestCtx(xacmlRequestElement);
Set<PIPExtension> pipExtensions = extensions.keySet();
for (PIPExtension pipExtension : pipExtensions) {
pipExtension.update(requestCtx);
}
responseCtx = pdp.evaluate(requestCtx);
} else {
responseCtx = pdp.evaluateReturnResponseCtx(xacmlRequest);
}
xacmlResponse = responseCtx.encode();
addToCache(xacmlRequest, xacmlResponse, false);
if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_RESPONSE)) {
log.debug("XACML Response : " + xacmlResponse);
}
return responseCtx;
}
use of org.wso2.balana.ctx.xacml3.RequestCtx in project carbon-identity-framework by wso2.
the class EntitlementEngine method evaluate.
/**
* Evaluates the given XACML request and returns the Response
*
* @param requestCtx Balana Object model for request
* @param xacmlRequest Balana Object model for request
* @return ResponseCtx Balana Object model for response
*/
public ResponseCtx evaluate(AbstractRequestCtx requestCtx, String xacmlRequest) {
if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_REQUEST)) {
log.debug("XACML Request : " + xacmlRequest);
}
ResponseCtx xacmlResponse;
if ((xacmlResponse = (ResponseCtx) getFromCache(xacmlRequest, false)) != null) {
if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_RESPONSE)) {
log.debug("XACML Response : " + xacmlResponse);
}
return xacmlResponse;
}
xacmlResponse = pdp.evaluate(requestCtx);
addToCache(xacmlRequest, xacmlResponse, false);
if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_RESPONSE)) {
log.debug("XACML Response : " + xacmlResponse);
}
return xacmlResponse;
}
Aggregations