Search in sources :

Example 1 with IdentityCacheKey

use of org.wso2.carbon.identity.entitlement.cache.IdentityCacheKey in project carbon-identity-framework by wso2.

the class AbstractPIPResourceFinder method findDescendantResources.

@Override
public Set<String> findDescendantResources(String parentResourceId, EvaluationCtx context) throws Exception {
    EvaluationResult environment;
    String environmentId = null;
    Set<String> resourceNames = null;
    NodeList children = context.getRequestRoot().getChildNodes();
    for (int i = 0; i < children.getLength(); i++) {
        Node child = children.item(i);
        if (child != null) {
            if (PDPConstants.ENVIRONMENT_ELEMENT.equals(child.getLocalName())) {
                if (child.getChildNodes() != null && child.getChildNodes().getLength() > 0) {
                    environment = context.getAttribute(new URI(StringAttribute.identifier), new URI(PDPConstants.ENVIRONMENT_ID_DEFAULT), null, new URI(XACMLConstants.ENT_CATEGORY));
                    if (environment != null && environment.getAttributeValue() != null && environment.getAttributeValue().isBag()) {
                        BagAttribute attr = (BagAttribute) environment.getAttributeValue();
                        environmentId = ((AttributeValue) attr.iterator().next()).encode();
                    }
                }
            }
        }
    }
    if (isAbstractResourceCacheEnabled) {
        IdentityCacheKey cacheKey;
        String key = PDPConstants.RESOURCE_DESCENDANTS + parentResourceId + (environmentId != null ? environmentId : "");
        tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
        cacheKey = new IdentityCacheKey(tenantId, key);
        IdentityCacheEntry cacheEntry = (IdentityCacheEntry) abstractResourceCache.getValueFromCache(cacheKey);
        if (cacheEntry != null) {
            String[] values = cacheEntry.getCacheEntryArray();
            resourceNames = new HashSet<String>(Arrays.asList(values));
            if (log.isDebugEnabled()) {
                log.debug("Carbon Resource Cache Hit");
            }
        }
        if (resourceNames != null) {
            resourceNames = findDescendantResources(parentResourceId, environmentId);
            if (log.isDebugEnabled()) {
                log.debug("Carbon Resource Cache Miss");
            }
            if (resourceNames != null && !resourceNames.isEmpty()) {
                cacheEntry = new IdentityCacheEntry(resourceNames.toArray(new String[resourceNames.size()]));
                abstractResourceCache.addToCache(cacheKey, cacheEntry);
            }
        }
    } else {
        resourceNames = findDescendantResources(parentResourceId, environmentId);
    }
    return resourceNames;
}
Also used : IdentityCacheKey(org.wso2.carbon.identity.entitlement.cache.IdentityCacheKey) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) IdentityCacheEntry(org.wso2.carbon.identity.entitlement.cache.IdentityCacheEntry) URI(java.net.URI) EvaluationResult(org.wso2.balana.cond.EvaluationResult) BagAttribute(org.wso2.balana.attr.BagAttribute)

Example 2 with IdentityCacheKey

use of org.wso2.carbon.identity.entitlement.cache.IdentityCacheKey in project carbon-identity-framework by wso2.

the class CarbonResourceFinder method findChildResources.

@Override
public ResourceFinderResult findChildResources(AttributeValue parentResourceId, EvaluationCtx context) {
    ResourceFinderResult resourceFinderResult = null;
    Set<AttributeValue> resources = null;
    String dataType = parentResourceId.getType().toString();
    for (PIPResourceFinder finder : resourceFinders) {
        try {
            Set<String> resourceNames = null;
            if (isResourceCachingEnabled && !finder.overrideDefaultCache()) {
                IdentityCacheKey cacheKey = null;
                String key = PDPConstants.RESOURCE_CHILDREN + parentResourceId.encode() + domToString(context.getRequestRoot());
                cacheKey = new IdentityCacheKey(tenantId, key);
                IdentityCacheEntry cacheEntry = (IdentityCacheEntry) resourceCache.getValueFromCache(cacheKey);
                if (cacheEntry != null) {
                    String cacheEntryString = cacheEntry.getCacheEntry();
                    String[] attributes = cacheEntryString.split(PDPConstants.ATTRIBUTE_SEPARATOR);
                    if (attributes != null && attributes.length > 0) {
                        List<String> list = Arrays.asList(attributes);
                        resourceNames = new HashSet<String>(list);
                    }
                    if (log.isDebugEnabled()) {
                        log.debug("Carbon Resource Cache Hit");
                    }
                } else {
                    resourceNames = finder.findChildResources(parentResourceId.encode(), context);
                    if (log.isDebugEnabled()) {
                        log.debug("Carbon Resource Cache Miss");
                    }
                    String cacheEntryString = "";
                    if (resourceNames != null && resourceNames.size() > 0) {
                        for (String attribute : resourceNames) {
                            if (cacheEntryString.equals("")) {
                                cacheEntryString = attribute;
                            } else {
                                cacheEntryString = cacheEntryString + PDPConstants.ATTRIBUTE_SEPARATOR + attribute;
                            }
                        }
                    }
                    cacheEntry = new IdentityCacheEntry(cacheEntryString);
                    resourceCache.addToCache(cacheKey, cacheEntry);
                }
            } else {
                resourceNames = finder.findChildResources(parentResourceId.encode(), context);
            }
            if (resourceNames != null && !resourceNames.isEmpty()) {
                resources = new HashSet<AttributeValue>();
                for (String resourceName : resourceNames) {
                    resources.add(EntitlementUtil.getAttributeValue(resourceName, dataType));
                }
            }
        } catch (EntitlementException e) {
            log.error("Error while finding child resources", e);
        } catch (TransformerException e) {
            log.error("Error while finding child resources", e);
        } catch (Exception e) {
            log.error("Error while finding child resources", e);
        }
    }
    if (resources != null) {
        resourceFinderResult = new ResourceFinderResult(resources);
    } else {
        resourceFinderResult = new ResourceFinderResult();
    }
    return resourceFinderResult;
}
Also used : AttributeValue(org.wso2.balana.attr.AttributeValue) TransformerException(javax.xml.transform.TransformerException) EntitlementException(org.wso2.carbon.identity.entitlement.EntitlementException) IdentityCacheKey(org.wso2.carbon.identity.entitlement.cache.IdentityCacheKey) EntitlementException(org.wso2.carbon.identity.entitlement.EntitlementException) IdentityCacheEntry(org.wso2.carbon.identity.entitlement.cache.IdentityCacheEntry) ResourceFinderResult(org.wso2.balana.finder.ResourceFinderResult) TransformerException(javax.xml.transform.TransformerException)

Example 3 with IdentityCacheKey

use of org.wso2.carbon.identity.entitlement.cache.IdentityCacheKey in project carbon-identity-framework by wso2.

the class CarbonResourceFinder method findDescendantResources.

@Override
public ResourceFinderResult findDescendantResources(AttributeValue parentResourceId, EvaluationCtx context) {
    ResourceFinderResult resourceFinderResult = null;
    Set<AttributeValue> resources = null;
    String dataType = parentResourceId.getType().toString();
    for (PIPResourceFinder finder : resourceFinders) {
        try {
            Set<String> resourceNames = null;
            if (isResourceCachingEnabled && !finder.overrideDefaultCache()) {
                IdentityCacheKey cacheKey = null;
                String key = PDPConstants.RESOURCE_DESCENDANTS + parentResourceId.encode() + domToString(context.getRequestRoot());
                cacheKey = new IdentityCacheKey(tenantId, key);
                IdentityCacheEntry cacheEntry = (IdentityCacheEntry) resourceCache.getValueFromCache(cacheKey);
                if (cacheEntry != null) {
                    String[] values = cacheEntry.getCacheEntryArray();
                    resourceNames = new HashSet<String>(Arrays.asList(values));
                    if (log.isDebugEnabled()) {
                        log.debug("Carbon Resource Cache Hit");
                    }
                }
                if (resourceNames != null) {
                    resourceNames = finder.findDescendantResources(parentResourceId.encode(), context);
                    if (log.isDebugEnabled()) {
                        log.debug("Carbon Resource Cache Miss");
                    }
                    cacheEntry = new IdentityCacheEntry(resourceNames.toArray(new String[resourceNames.size()]));
                    resourceCache.addToCache(cacheKey, cacheEntry);
                }
            } else {
                resourceNames = finder.findDescendantResources(parentResourceId.encode(), context);
            }
            if (resourceNames != null && !resourceNames.isEmpty()) {
                resources = new HashSet<AttributeValue>();
                for (String resourceName : resourceNames) {
                    resources.add(EntitlementUtil.getAttributeValue(resourceName, dataType));
                }
            }
        } catch (EntitlementException e) {
            log.error("Error while finding descendant resources", e);
        } catch (TransformerException e) {
            log.error("Error while finding descendant resources", e);
        } catch (Exception e) {
            log.error("Error while finding descendant resources", e);
        }
    }
    if (resources != null) {
        resourceFinderResult = new ResourceFinderResult(resources);
    } else {
        resourceFinderResult = new ResourceFinderResult();
    }
    return resourceFinderResult;
}
Also used : AttributeValue(org.wso2.balana.attr.AttributeValue) TransformerException(javax.xml.transform.TransformerException) EntitlementException(org.wso2.carbon.identity.entitlement.EntitlementException) IdentityCacheKey(org.wso2.carbon.identity.entitlement.cache.IdentityCacheKey) EntitlementException(org.wso2.carbon.identity.entitlement.EntitlementException) IdentityCacheEntry(org.wso2.carbon.identity.entitlement.cache.IdentityCacheEntry) ResourceFinderResult(org.wso2.balana.finder.ResourceFinderResult) TransformerException(javax.xml.transform.TransformerException)

Example 4 with IdentityCacheKey

use of org.wso2.carbon.identity.entitlement.cache.IdentityCacheKey in project carbon-identity-framework by wso2.

the class PolicyCache method invalidateCache.

/**
 * Do invalidate all policy cache
 */
public void invalidateCache() {
    int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
    if (log.isDebugEnabled()) {
        log.debug("Trigger invalidateCache to tenant :  " + tenantId + " and all policy ");
    }
    IdentityCacheKey cacheKey = new IdentityCacheKey(tenantId, "");
    // update local cache map of this node.
    updateLocalPolicyCacheMap(cacheKey, new PolicyStatus());
    // send out a cluster message to notify other nodes
    if (isClusteringEnabled()) {
        sendClusterMessage(new PolicyStatusClusterMessage(cacheKey, new PolicyStatus()), true);
    } else {
        if (log.isDebugEnabled()) {
            log.debug("Clustering not enabled. Not sending cluster message to other nodes.");
        }
    }
}
Also used : PolicyStatusClusterMessage(org.wso2.carbon.identity.entitlement.PolicyStatusClusterMessage)

Example 5 with IdentityCacheKey

use of org.wso2.carbon.identity.entitlement.cache.IdentityCacheKey in project carbon-identity-framework by wso2.

the class PolicyCache method invalidateCache.

/**
 * Invalidate any policy with action. It will send the cluster message to clean this policy in all the nodes.
 *
 * @param policyId
 * @param action
 */
public void invalidateCache(String policyId, String action) {
    int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
    if (log.isDebugEnabled()) {
        log.debug("Trigger invalidateCache to tenant :  " + tenantId + " and policy " + policyId + " for  action " + ": " + action);
    }
    IdentityCacheKey cacheKey = new IdentityCacheKey(tenantId, policyId);
    PolicyStatus policyStatus = (PolicyStatus) getValueFromCache(cacheKey);
    if (policyStatus == null) {
        policyStatus = new PolicyStatus(policyId, 0, action);
    } else {
        policyStatus.setStatusCount(policyStatus.getStatusCount() + 1);
        policyStatus.setPolicyAction(action);
    }
    // update local cache map of this node.
    updateLocalPolicyCacheMap(cacheKey, policyStatus);
    // send out a cluster message to notify other nodes.
    if (isClusteringEnabled()) {
        sendClusterMessage(new PolicyStatusClusterMessage(cacheKey, policyStatus), true);
    } else {
        if (log.isDebugEnabled()) {
            log.debug("Clustering not enabled. Not sending cluster message to other nodes.");
        }
    }
    synchronized (localPolicyCacheMap) {
        if (localPolicyCacheMap.get(cacheKey.getTenantId()) != null) {
            if (localPolicyCacheMap.get(cacheKey.getTenantId()).get(cacheKey.getKey()) != null) {
                PolicyStatus status = localPolicyCacheMap.get(cacheKey.getTenantId()).get(cacheKey.getKey());
                status.setPolicyAction(getPriorityAction(status.getPolicyAction(), action));
            }
        } else {
            Map<String, PolicyStatus> map = new HashMap<String, PolicyStatus>();
            map.put(policyId, policyStatus);
            localPolicyCacheMap.put(cacheKey.getTenantId(), map);
        }
    }
}
Also used : PolicyStatusClusterMessage(org.wso2.carbon.identity.entitlement.PolicyStatusClusterMessage) HashMap(java.util.HashMap)

Aggregations

IdentityCacheEntry (org.wso2.carbon.identity.entitlement.cache.IdentityCacheEntry)3 IdentityCacheKey (org.wso2.carbon.identity.entitlement.cache.IdentityCacheKey)3 TransformerException (javax.xml.transform.TransformerException)2 AttributeValue (org.wso2.balana.attr.AttributeValue)2 ResourceFinderResult (org.wso2.balana.finder.ResourceFinderResult)2 EntitlementException (org.wso2.carbon.identity.entitlement.EntitlementException)2 PolicyStatusClusterMessage (org.wso2.carbon.identity.entitlement.PolicyStatusClusterMessage)2 URI (java.net.URI)1 HashMap (java.util.HashMap)1 Node (org.w3c.dom.Node)1 NodeList (org.w3c.dom.NodeList)1 BagAttribute (org.wso2.balana.attr.BagAttribute)1 EvaluationResult (org.wso2.balana.cond.EvaluationResult)1 SearchResult (org.wso2.carbon.identity.entitlement.policy.search.SearchResult)1