Example 6 with AttributeDTO
use of org.wso2.carbon.identity.entitlement.dto.AttributeDTO in project carbon-identity-framework by wso2.
the class PolicyAttributeBuilder method getPolicyMetaDataFromRegistryProperties.
/**
* This creates the attributes from registry property values
*
* @param properties Properties object read from registry resource
* @return attributes as AttributeDTO[] object
*/
public AttributeDTO[] getPolicyMetaDataFromRegistryProperties(Properties properties) {
List<AttributeDTO> attributeDTOs = new ArrayList<AttributeDTO>();
if (properties != null && !properties.isEmpty()) {
for (int attributeElementNo = 0; attributeElementNo < properties.size(); ) {
List attributeList = (ArrayList) properties.get(PDPConstants.POLICY_META_DATA + attributeElementNo);
if (attributeList != null && attributeList.get(0) != null) {
String[] attributeData = attributeList.get(0).toString().split(PDPConstants.ATTRIBUTE_SEPARATOR);
if (attributeData.length == PDPConstants.POLICY_META_DATA_ARRAY_LENGTH) {
AttributeDTO attributeDTO = new AttributeDTO();
attributeDTO.setCategory(attributeData[0]);
attributeDTO.setAttributeValue(attributeData[1]);
attributeDTO.setAttributeId(attributeData[2]);
attributeDTO.setAttributeDataType(attributeData[3]);
attributeDTOs.add(attributeDTO);
}
}
attributeElementNo++;
}
}
return attributeDTOs.toArray(new AttributeDTO[attributeDTOs.size()]);
}
Also used :
AttributeDTO(org.wso2.carbon.identity.entitlement.dto.AttributeDTO)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 7 with AttributeDTO
use of org.wso2.carbon.identity.entitlement.dto.AttributeDTO in project carbon-identity-framework by wso2.
the class EntitlementUtil method getAttributes.
public static Attributes getAttributes(AttributeDTO attributeDataDTO) {
try {
AttributeValue value = Balana.getInstance().getAttributeFactory().createValue(new URI(attributeDataDTO.getAttributeDataType()), attributeDataDTO.getAttributeValue());
Attribute attribute = new Attribute(new URI(attributeDataDTO.getAttributeId()), null, null, value, XACMLConstants.XACML_VERSION_3_0);
Set<Attribute> set = new HashSet<Attribute>();
set.add(attribute);
String category = attributeDataDTO.getCategory();
// We are only creating XACML 3.0 requests Therefore covert order XACML categories to new uris
if (PDPConstants.SUBJECT_ELEMENT.equals(category)) {
category = PDPConstants.SUBJECT_CATEGORY_URI;
} else if (PDPConstants.RESOURCE_ELEMENT.equals(category)) {
category = PDPConstants.RESOURCE_CATEGORY_URI;
} else if (PDPConstants.ACTION_ELEMENT.equals(category)) {
category = PDPConstants.ACTION_CATEGORY_URI;
} else if (PDPConstants.ENVIRONMENT_ELEMENT.equals(category)) {
category = PDPConstants.ENVIRONMENT_CATEGORY_URI;
}
return new Attributes(new URI(category), set);
} catch (Exception e) {
log.debug(e);
// ignore and return null;
}
return null;
}
Also used :
AttributeValue(org.wso2.balana.attr.AttributeValue)
StringAttribute(org.wso2.balana.attr.StringAttribute)
DateAttribute(org.wso2.balana.attr.DateAttribute)
DoubleAttribute(org.wso2.balana.attr.DoubleAttribute)
IntegerAttribute(org.wso2.balana.attr.IntegerAttribute)
TimeAttribute(org.wso2.balana.attr.TimeAttribute)
HexBinaryAttribute(org.wso2.balana.attr.HexBinaryAttribute)
DateTimeAttribute(org.wso2.balana.attr.DateTimeAttribute)
Attribute(org.wso2.balana.ctx.Attribute)
BooleanAttribute(org.wso2.balana.attr.BooleanAttribute)
Attributes(org.wso2.balana.xacml3.Attributes)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
RegistryException(org.wso2.carbon.registry.core.exceptions.RegistryException)
ParseException(java.text.ParseException)
SAXException(org.xml.sax.SAXException)
ParsingException(org.wso2.balana.ParsingException)
IOException(java.io.IOException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
HashSet(java.util.HashSet)
Example 8 with AttributeDTO
use of org.wso2.carbon.identity.entitlement.dto.AttributeDTO in project carbon-identity-framework by wso2.
the class EntitlementUtil method addPolicyToPDP.
/**
* @param policyStoreDTO
* @return
*/
public static void addPolicyToPDP(PolicyStoreDTO policyStoreDTO) throws EntitlementException {
Registry registry;
String policyPath;
Collection policyCollection;
Resource resource;
Map.Entry<PolicyStoreManageModule, Properties> entry = EntitlementServiceComponent.getEntitlementConfig().getPolicyStore().entrySet().iterator().next();
String policyStorePath = entry.getValue().getProperty("policyStorePath");
if (policyStorePath == null) {
policyStorePath = "/repository/identity/entitlement/policy/pdp/";
}
if (policyStoreDTO == null || policyStoreDTO.getPolicy() == null || policyStoreDTO.getPolicy().trim().length() == 0 || policyStoreDTO.getPolicyId() == null || policyStoreDTO.getPolicyId().trim().length() == 0) {
return;
}
try {
registry = EntitlementServiceComponent.getRegistryService().getGovernanceSystemRegistry();
if (registry.resourceExists(policyStorePath)) {
policyCollection = (Collection) registry.get(policyStorePath);
} else {
policyCollection = registry.newCollection();
}
registry.put(policyStorePath, policyCollection);
policyPath = policyStorePath + policyStoreDTO.getPolicyId();
if (registry.resourceExists(policyPath)) {
resource = registry.get(policyPath);
} else {
resource = registry.newResource();
}
resource.setProperty("policyOrder", Integer.toString(policyStoreDTO.getPolicyOrder()));
resource.setContent(policyStoreDTO.getPolicy());
resource.setMediaType("application/xacml-policy+xml");
resource.setProperty("active", String.valueOf(policyStoreDTO.isActive()));
AttributeDTO[] attributeDTOs = policyStoreDTO.getAttributeDTOs();
if (attributeDTOs != null) {
setAttributesAsProperties(attributeDTOs, resource);
}
registry.put(policyPath, resource);
// Enable published policies in PDP
PAPPolicyStoreManager storeManager = EntitlementAdminEngine.getInstance().getPapPolicyStoreManager();
if (storeManager.isExistPolicy(policyStoreDTO.getPolicyId())) {
PolicyPublisher publisher = EntitlementAdminEngine.getInstance().getPolicyPublisher();
String[] subscribers = new String[] { EntitlementConstants.PDP_SUBSCRIBER_ID };
if (policyStoreDTO.isActive()) {
publisher.publishPolicy(new String[] { policyStoreDTO.getPolicyId() }, null, EntitlementConstants.PolicyPublish.ACTION_ENABLE, false, 0, subscribers, null);
} else {
publisher.publishPolicy(new String[] { policyStoreDTO.getPolicyId() }, null, EntitlementConstants.PolicyPublish.ACTION_DISABLE, false, 0, subscribers, null);
}
}
} catch (RegistryException e) {
log.error(e);
throw new EntitlementException("Error while adding policy to PDP", e);
}
}
Also used :
PAPPolicyStoreManager(org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStoreManager)
Resource(org.wso2.carbon.registry.core.Resource)
Registry(org.wso2.carbon.registry.core.Registry)
Properties(java.util.Properties)
RegistryException(org.wso2.carbon.registry.core.exceptions.RegistryException)
AttributeDTO(org.wso2.carbon.identity.entitlement.dto.AttributeDTO)
PolicyStoreManageModule(org.wso2.carbon.identity.entitlement.policy.store.PolicyStoreManageModule)
PolicyPublisher(org.wso2.carbon.identity.entitlement.policy.publisher.PolicyPublisher)
Collection(org.wso2.carbon.registry.core.Collection)
Map(java.util.Map)
Example 9 with AttributeDTO
use of org.wso2.carbon.identity.entitlement.dto.AttributeDTO in project carbon-identity-framework by wso2.
the class PolicySearch method getResponse.
/**
* Helper method to get XACML decision
*
* @param requestAttributes XACML request attributes
* @return whether permit or deny
*/
private boolean getResponse(List<AttributeDTO> requestAttributes) {
ResponseCtx responseCtx;
AbstractRequestCtx requestCtx = EntitlementUtil.createRequestContext(requestAttributes);
responseCtx = EntitlementEngine.getInstance().evaluateByContext(requestCtx);
if (responseCtx != null) {
Set<AbstractResult> results = responseCtx.getResults();
for (AbstractResult result : results) {
if (result.getDecision() == AbstractResult.DECISION_PERMIT) {
return true;
}
}
}
return false;
}
Also used :
AbstractRequestCtx(org.wso2.balana.ctx.AbstractRequestCtx)
AbstractResult(org.wso2.balana.ctx.AbstractResult)
ResponseCtx(org.wso2.balana.ctx.ResponseCtx)
Example 10 with AttributeDTO
use of org.wso2.carbon.identity.entitlement.dto.AttributeDTO in project carbon-identity-framework by wso2.
the class RegistryPolicyStoreManageModule method setAttributesAsProperties.
/**
* This helper method creates properties object which contains the policy meta data.
*
* @param attributeDTOs List of AttributeDTO
* @param resource registry resource
*/
private void setAttributesAsProperties(AttributeDTO[] attributeDTOs, Resource resource) {
int attributeElementNo = 0;
if (attributeDTOs != null) {
for (AttributeDTO attributeDTO : attributeDTOs) {
resource.setProperty(KEY_VALUE_POLICY_META_DATA + attributeElementNo, attributeDTO.getCategory() + "," + attributeDTO.getAttributeValue() + "," + attributeDTO.getAttributeId() + "," + attributeDTO.getAttributeDataType());
attributeElementNo++;
}
}
}
Also used :
AttributeDTO(org.wso2.carbon.identity.entitlement.dto.AttributeDTO)
Aggregations
AttributeDTO (org.wso2.carbon.identity.entitlement.dto.AttributeDTO)21
ArrayList (java.util.ArrayList)10
Iterator (java.util.Iterator)9
OMElement (org.apache.axiom.om.OMElement)8
HashSet (java.util.HashSet)6
QName (javax.xml.namespace.QName)5
EntitlementException (org.wso2.carbon.identity.entitlement.EntitlementException)5
List (java.util.List)4
RegistryException (org.wso2.carbon.registry.core.exceptions.RegistryException)4
Set (java.util.Set)3
Map (java.util.Map)2
Properties (java.util.Properties)2
EntitledAttributesDTO (org.wso2.carbon.identity.entitlement.dto.EntitledAttributesDTO)2
EntitledResultSetDTO (org.wso2.carbon.identity.entitlement.dto.EntitledResultSetDTO)2
PolicyDTO (org.wso2.carbon.identity.entitlement.dto.PolicyDTO)2
PolicyFinderModule (org.wso2.carbon.identity.entitlement.policy.finder.PolicyFinderModule)2
Collection (org.wso2.carbon.registry.core.Collection)2
Registry (org.wso2.carbon.registry.core.Registry)2
Resource (org.wso2.carbon.registry.core.Resource)2
IOException (java.io.IOException)1
