sunxacml-commit Mailing List for Sun's XACML Implementation
Brought to you by:
farrukh_najmi,
sethp
You can subscribe to this list here.
2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
(3) |
Jul
(6) |
Aug
(37) |
Sep
(5) |
Oct
(6) |
Nov
(1) |
Dec
(3) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2004 |
Jan
(3) |
Feb
(11) |
Mar
(26) |
Apr
(5) |
May
(27) |
Jun
(13) |
Jul
(7) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(2) |
2005 |
Jan
(12) |
Feb
(5) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(8) |
2006 |
Jan
(10) |
Feb
(6) |
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(2) |
Dec
|
2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
|
Dec
(1) |
2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(6) |
Sep
|
Oct
|
Nov
|
Dec
|
From: <ri...@us...> - 2009-08-09 09:30:24
|
Revision: 137 http://sunxacml.svn.sourceforge.net/sunxacml/?rev=137&view=rev Author: rillig Date: 2009-08-09 09:30:17 +0000 (Sun, 09 Aug 2009) Log Message: ----------- Code cleanup: Removed unused imports. Modified Paths: -------------- trunk/sunxacml/com/sun/xacml/AbstractPolicy.java trunk/sunxacml/com/sun/xacml/BasicEvaluationCtx.java trunk/sunxacml/com/sun/xacml/EvaluationCtx.java trunk/sunxacml/com/sun/xacml/PDP.java trunk/sunxacml/com/sun/xacml/Policy.java trunk/sunxacml/com/sun/xacml/PolicyReference.java trunk/sunxacml/com/sun/xacml/PolicySet.java trunk/sunxacml/com/sun/xacml/Target.java trunk/sunxacml/com/sun/xacml/TargetMatch.java trunk/sunxacml/com/sun/xacml/TargetMatchGroup.java trunk/sunxacml/com/sun/xacml/attr/AttributeDesignator.java trunk/sunxacml/com/sun/xacml/attr/AttributeFactory.java trunk/sunxacml/com/sun/xacml/attr/Base64.java trunk/sunxacml/com/sun/xacml/attr/DateAttribute.java trunk/sunxacml/com/sun/xacml/attr/DateTimeAttribute.java trunk/sunxacml/com/sun/xacml/attr/StandardAttributeFactory.java trunk/sunxacml/com/sun/xacml/attr/StringAttribute.java trunk/sunxacml/com/sun/xacml/attr/TimeAttribute.java trunk/sunxacml/com/sun/xacml/combine/CombinerElement.java trunk/sunxacml/com/sun/xacml/combine/CombinerParameter.java trunk/sunxacml/com/sun/xacml/combine/CombiningAlgorithm.java trunk/sunxacml/com/sun/xacml/combine/DenyOverridesPolicyAlg.java trunk/sunxacml/com/sun/xacml/combine/DenyOverridesRuleAlg.java trunk/sunxacml/com/sun/xacml/combine/FirstApplicablePolicyAlg.java trunk/sunxacml/com/sun/xacml/combine/FirstApplicableRuleAlg.java trunk/sunxacml/com/sun/xacml/combine/OnlyOneApplicablePolicyAlg.java trunk/sunxacml/com/sun/xacml/combine/OrderedDenyOverridesPolicyAlg.java trunk/sunxacml/com/sun/xacml/combine/OrderedDenyOverridesRuleAlg.java trunk/sunxacml/com/sun/xacml/combine/OrderedPermitOverridesPolicyAlg.java trunk/sunxacml/com/sun/xacml/combine/OrderedPermitOverridesRuleAlg.java trunk/sunxacml/com/sun/xacml/combine/PermitOverridesPolicyAlg.java trunk/sunxacml/com/sun/xacml/combine/PermitOverridesRuleAlg.java trunk/sunxacml/com/sun/xacml/combine/StandardCombiningAlgFactory.java trunk/sunxacml/com/sun/xacml/cond/Apply.java trunk/sunxacml/com/sun/xacml/cond/ComparisonFunction.java trunk/sunxacml/com/sun/xacml/cond/ConditionBagFunction.java trunk/sunxacml/com/sun/xacml/cond/DateMathFunction.java trunk/sunxacml/com/sun/xacml/cond/EqualFunction.java trunk/sunxacml/com/sun/xacml/cond/Evaluatable.java trunk/sunxacml/com/sun/xacml/cond/FloorFunction.java trunk/sunxacml/com/sun/xacml/cond/Function.java trunk/sunxacml/com/sun/xacml/cond/FunctionBase.java trunk/sunxacml/com/sun/xacml/cond/HigherOrderFunction.java trunk/sunxacml/com/sun/xacml/cond/MapFunction.java trunk/sunxacml/com/sun/xacml/cond/NOfFunction.java trunk/sunxacml/com/sun/xacml/cond/RoundFunction.java trunk/sunxacml/com/sun/xacml/cond/SetFunction.java trunk/sunxacml/com/sun/xacml/cond/StandardFunctionFactory.java trunk/sunxacml/com/sun/xacml/cond/TimeInRangeFunction.java trunk/sunxacml/com/sun/xacml/cond/VariableManager.java trunk/sunxacml/com/sun/xacml/cond/VariableReference.java trunk/sunxacml/com/sun/xacml/cond/cluster/ConditionBagFunctionCluster.java trunk/sunxacml/com/sun/xacml/cond/cluster/ConditionSetFunctionCluster.java trunk/sunxacml/com/sun/xacml/cond/cluster/GeneralBagFunctionCluster.java trunk/sunxacml/com/sun/xacml/cond/cluster/GeneralSetFunctionCluster.java trunk/sunxacml/com/sun/xacml/ctx/Attribute.java trunk/sunxacml/com/sun/xacml/ctx/RequestCtx.java trunk/sunxacml/com/sun/xacml/ctx/ResponseCtx.java trunk/sunxacml/com/sun/xacml/ctx/Status.java trunk/sunxacml/com/sun/xacml/ctx/Subject.java trunk/sunxacml/com/sun/xacml/finder/impl/CurrentEnvModule.java trunk/support/src/com/sun/xacml/support/SimplePDP.java trunk/support/src/com/sun/xacml/support/finder/BasicPolicyFinderModule.java trunk/support/src/com/sun/xacml/support/finder/FilePolicyModule.java trunk/support/src/com/sun/xacml/support/finder/URLPolicyFinderModule.java This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <ri...@us...> - 2009-08-09 09:20:54
|
Revision: 136 http://sunxacml.svn.sourceforge.net/sunxacml/?rev=136&view=rev Author: rillig Date: 2009-08-09 09:20:46 +0000 (Sun, 09 Aug 2009) Log Message: ----------- Document how the encoding of attribute values shall be done. Modified Paths: -------------- trunk/sunxacml/com/sun/xacml/attr/AttributeValue.java This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <ri...@us...> - 2009-08-09 08:52:49
|
Revision: 135 http://sunxacml.svn.sourceforge.net/sunxacml/?rev=135&view=rev Author: rillig Date: 2009-08-09 08:52:42 +0000 (Sun, 09 Aug 2009) Log Message: ----------- An empty comment is worse than no comment at all. Modified Paths: -------------- trunk/sunxacml/com/sun/xacml/attr/X500NameAttribute.java This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <ri...@us...> - 2009-08-09 08:50:06
|
Revision: 134 http://sunxacml.svn.sourceforge.net/sunxacml/?rev=134&view=rev Author: rillig Date: 2009-08-09 08:50:00 +0000 (Sun, 09 Aug 2009) Log Message: ----------- Code cleanup. Added a hashCode() method that corresponds to equals(). Modified Paths: -------------- trunk/sunxacml/com/sun/xacml/attr/PortRange.java This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <ri...@us...> - 2009-08-09 08:32:51
|
Revision: 133 http://sunxacml.svn.sourceforge.net/sunxacml/?rev=133&view=rev Author: rillig Date: 2009-08-09 08:32:44 +0000 (Sun, 09 Aug 2009) Log Message: ----------- typo Modified Paths: -------------- trunk/sunxacml/com/sun/xacml/Target.java This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <ri...@us...> - 2009-08-09 08:24:23
|
Revision: 132 http://sunxacml.svn.sourceforge.net/sunxacml/?rev=132&view=rev Author: rillig Date: 2009-08-09 08:24:16 +0000 (Sun, 09 Aug 2009) Log Message: ----------- When "returning quickly" from makeString(), don't create an unnecessary object. Modified Paths: -------------- trunk/sunxacml/com/sun/xacml/Indenter.java This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <far...@us...> - 2008-12-22 20:14:01
|
Revision: 131 http://sunxacml.svn.sourceforge.net/sunxacml/?rev=131&view=rev Author: farrukh_najmi Date: 2008-12-22 20:13:57 +0000 (Mon, 22 Dec 2008) Log Message: ----------- Removed blank line just to check svn write access Modified Paths: -------------- trunk/sunxacml/build.xml This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <ri...@us...> - 2008-10-09 09:40:13
|
Revision: 130 http://sunxacml.svn.sourceforge.net/sunxacml/?rev=130&view=rev Author: rillig Date: 2008-10-09 09:39:11 +0000 (Thu, 09 Oct 2008) Log Message: ----------- Reduced the number of inline links, after reading "How to Write Doc Comments for the Javadoc Tool". Modified Paths: -------------- trunk/sunxacml/com/sun/xacml/finder/AttributeFinder.java This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <ri...@us...> - 2008-10-09 09:21:06
|
Revision: 129 http://sunxacml.svn.sourceforge.net/sunxacml/?rev=129&view=rev Author: rillig Date: 2008-10-09 09:16:42 +0000 (Thu, 09 Oct 2008) Log Message: ----------- Improved the javadoc. Got here because of a missing </code>, which made the generated HTML look weird. Modified Paths: -------------- trunk/sunxacml/com/sun/xacml/finder/AttributeFinder.java This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: Seth P. <se...@us...> - 2006-11-28 14:42:26
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml In directory sc8-pr-cvs8.sourceforge.net:/tmp/cvs-serv27141/com/sun/xacml Modified Files: AbstractPolicy.java Log Message: Small bug-fix commits: - com/sun/xacml/AbstractPolicy.java Updated to handle empty descriptions gracefully - com/sun/xacml/cond/HigherOrderFunction.java Updated to allow parameters of different types - com/sun/xacml/cond/StandardFunctionFactory.java Added support for TimeInRange function - com/sun/xacml/cond/URLStringCatFunction.java Renamed function to uri-string-concatenate Index: AbstractPolicy.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/AbstractPolicy.java,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** AbstractPolicy.java 5 Dec 2005 23:34:50 -0000 1.14 --- AbstractPolicy.java 28 Nov 2006 14:42:18 -0000 1.15 *************** *** 273,277 **** if (cname.equals("Description")) { ! description = child.getFirstChild().getNodeValue(); } else if (cname.equals("Target")) { target = Target.getInstance(child, metaData); --- 273,278 ---- if (cname.equals("Description")) { ! if (child.hasChildNodes()) ! description = child.getFirstChild().getNodeValue(); } else if (cname.equals("Target")) { target = Target.getInstance(child, metaData); |
From: Seth P. <se...@us...> - 2006-11-28 14:42:25
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond In directory sc8-pr-cvs8.sourceforge.net:/tmp/cvs-serv27141/com/sun/xacml/cond Modified Files: HigherOrderFunction.java StandardFunctionFactory.java URLStringCatFunction.java Log Message: Small bug-fix commits: - com/sun/xacml/AbstractPolicy.java Updated to handle empty descriptions gracefully - com/sun/xacml/cond/HigherOrderFunction.java Updated to allow parameters of different types - com/sun/xacml/cond/StandardFunctionFactory.java Added support for TimeInRange function - com/sun/xacml/cond/URLStringCatFunction.java Renamed function to uri-string-concatenate Index: StandardFunctionFactory.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/StandardFunctionFactory.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** StandardFunctionFactory.java 13 Jan 2006 22:32:51 -0000 1.7 --- StandardFunctionFactory.java 28 Nov 2006 14:42:19 -0000 1.8 *************** *** 182,185 **** --- 182,187 ---- conditionFunctions = new HashSet(targetFunctions); + // add condition function TimeInRange + conditionFunctions.add(new TimeInRangeFunction()); // add condition functions from BagFunction conditionFunctions.addAll((new ConditionBagFunctionCluster()). Index: HigherOrderFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/HigherOrderFunction.java,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** HigherOrderFunction.java 14 Feb 2006 22:44:44 -0000 1.11 --- HigherOrderFunction.java 28 Nov 2006 14:42:19 -0000 1.12 *************** *** 429,437 **** Evaluatable eval2 = (Evaluatable)(list[2]); - // make sure the two args are of the same type - if (! eval1.getType().equals(eval2.getType())) - throw new IllegalArgumentException("input types to the any/all " + - "functions must match"); - // the first arg might be a bag if (secondIsBag && (! eval1.returnsBag())) --- 429,432 ---- Index: URLStringCatFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/URLStringCatFunction.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** URLStringCatFunction.java 13 Jan 2006 22:32:51 -0000 1.1 --- URLStringCatFunction.java 28 Nov 2006 14:42:19 -0000 1.2 *************** *** 65,70 **** * Standard identifier for the url-string-concatenate function. */ ! public static final String NAME_URL_STRING_CONCATENATE = ! FUNCTION_NS_2 + "url-string-concatenate"; /** --- 65,70 ---- * Standard identifier for the url-string-concatenate function. */ ! public static final String NAME_URI_STRING_CONCATENATE = ! FUNCTION_NS_2 + "uri-string-concatenate"; /** *************** *** 72,76 **** */ public URLStringCatFunction() { ! super(NAME_URL_STRING_CONCATENATE, 0, AnyURIAttribute.identifier, false); } --- 72,76 ---- */ public URLStringCatFunction() { ! super(NAME_URI_STRING_CONCATENATE, 0, AnyURIAttribute.identifier, false); } *************** *** 88,92 **** while (it.hasNext()) { if (((Expression)(it.next())).returnsBag()) ! throw new IllegalArgumentException(NAME_URL_STRING_CONCATENATE + " doesn't accept bags"); } --- 88,92 ---- while (it.hasNext()) { if (((Expression)(it.next())).returnsBag()) ! throw new IllegalArgumentException(NAME_URI_STRING_CONCATENATE + " doesn't accept bags"); } *************** *** 107,111 **** if (inputs.size() < 2) throw new IllegalArgumentException("not enough args to " + ! NAME_URL_STRING_CONCATENATE); // check that the parameters are of the correct types... --- 107,111 ---- if (inputs.size() < 2) throw new IllegalArgumentException("not enough args to " + ! NAME_URI_STRING_CONCATENATE); // check that the parameters are of the correct types... *************** *** 156,160 **** List code = new ArrayList(); code.add(Status.STATUS_PROCESSING_ERROR); ! String message = NAME_URL_STRING_CONCATENATE + " didn't produce" + " a valid URI: " + str; --- 156,160 ---- List code = new ArrayList(); code.add(Status.STATUS_PROCESSING_ERROR); ! String message = NAME_URI_STRING_CONCATENATE + " didn't produce" + " a valid URI: " + str; |
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv19643/com/sun/xacml/combine Modified Files: Tag: branch_1_1 OrderedDenyOverridesPolicyAlg.java OrderedDenyOverridesRuleAlg.java OrderedPermitOverridesPolicyAlg.java OrderedPermitOverridesRuleAlg.java Log Message: fixed ordered algoirhtms to use the 1.1 not the 1.0 namepsace Index: OrderedPermitOverridesRuleAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedPermitOverridesRuleAlg.java,v retrieving revision 1.1 retrieving revision 1.1.2.1 diff -C2 -d -r1.1 -r1.1.2.1 *** OrderedPermitOverridesRuleAlg.java 25 Aug 2003 16:44:57 -0000 1.1 --- OrderedPermitOverridesRuleAlg.java 28 Apr 2006 17:02:03 -0000 1.1.2.1 *************** *** 56,60 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:" + "ordered-permit-overrides"; --- 56,60 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:rule-combining-algorithm:" + "ordered-permit-overrides"; Index: OrderedDenyOverridesRuleAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedDenyOverridesRuleAlg.java,v retrieving revision 1.1 retrieving revision 1.1.2.1 diff -C2 -d -r1.1 -r1.1.2.1 *** OrderedDenyOverridesRuleAlg.java 25 Aug 2003 16:44:57 -0000 1.1 --- OrderedDenyOverridesRuleAlg.java 28 Apr 2006 17:02:03 -0000 1.1.2.1 *************** *** 56,60 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:" + "ordered-deny-overrides"; --- 56,60 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:rule-combining-algorithm:" + "ordered-deny-overrides"; Index: OrderedDenyOverridesPolicyAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedDenyOverridesPolicyAlg.java,v retrieving revision 1.1 retrieving revision 1.1.2.1 diff -C2 -d -r1.1 -r1.1.2.1 *** OrderedDenyOverridesPolicyAlg.java 25 Aug 2003 16:44:57 -0000 1.1 --- OrderedDenyOverridesPolicyAlg.java 28 Apr 2006 17:02:02 -0000 1.1.2.1 *************** *** 56,60 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:" + "ordered-deny-overrides"; --- 56,60 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:policy-combining-algorithm:" + "ordered-deny-overrides"; Index: OrderedPermitOverridesPolicyAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedPermitOverridesPolicyAlg.java,v retrieving revision 1.1 retrieving revision 1.1.2.1 diff -C2 -d -r1.1 -r1.1.2.1 *** OrderedPermitOverridesPolicyAlg.java 25 Aug 2003 16:44:57 -0000 1.1 --- OrderedPermitOverridesPolicyAlg.java 28 Apr 2006 17:02:03 -0000 1.1.2.1 *************** *** 56,60 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:" + "ordered-permit-overrides"; --- 56,60 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:policy-combining-algorithm:" + "ordered-permit-overrides"; |
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30365/com/sun/xacml/combine Modified Files: OrderedDenyOverridesPolicyAlg.java OrderedDenyOverridesRuleAlg.java OrderedPermitOverridesPolicyAlg.java OrderedPermitOverridesRuleAlg.java Log Message: fixed the ordered algorithms so they use the 1.1 not the 1.0 namespace Index: OrderedPermitOverridesRuleAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedPermitOverridesRuleAlg.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** OrderedPermitOverridesRuleAlg.java 17 Mar 2004 18:03:38 -0000 1.2 --- OrderedPermitOverridesRuleAlg.java 28 Apr 2006 15:54:28 -0000 1.3 *************** *** 57,61 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:" + "ordered-permit-overrides"; --- 57,61 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:rule-combining-algorithm:" + "ordered-permit-overrides"; Index: OrderedDenyOverridesRuleAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedDenyOverridesRuleAlg.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** OrderedDenyOverridesRuleAlg.java 17 Mar 2004 18:03:38 -0000 1.2 --- OrderedDenyOverridesRuleAlg.java 28 Apr 2006 15:54:28 -0000 1.3 *************** *** 57,61 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:" + "ordered-deny-overrides"; --- 57,61 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:rule-combining-algorithm:" + "ordered-deny-overrides"; Index: OrderedDenyOverridesPolicyAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedDenyOverridesPolicyAlg.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** OrderedDenyOverridesPolicyAlg.java 17 Mar 2004 18:03:38 -0000 1.2 --- OrderedDenyOverridesPolicyAlg.java 28 Apr 2006 15:54:28 -0000 1.3 *************** *** 57,61 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:" + "ordered-deny-overrides"; --- 57,61 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:policy-combining-algorithm:" + "ordered-deny-overrides"; Index: OrderedPermitOverridesPolicyAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedPermitOverridesPolicyAlg.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** OrderedPermitOverridesPolicyAlg.java 17 Mar 2004 18:03:38 -0000 1.2 --- OrderedPermitOverridesPolicyAlg.java 28 Apr 2006 15:54:28 -0000 1.3 *************** *** 57,61 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:" + "ordered-permit-overrides"; --- 57,61 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:policy-combining-algorithm:" + "ordered-permit-overrides"; |
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv26804/com/sun/xacml/combine Modified Files: Tag: branch_1_2 OrderedDenyOverridesPolicyAlg.java OrderedDenyOverridesRuleAlg.java OrderedPermitOverridesPolicyAlg.java OrderedPermitOverridesRuleAlg.java Log Message: fixed ordered combining algorithm identifiers to use 1.1 namepsace Index: OrderedPermitOverridesRuleAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedPermitOverridesRuleAlg.java,v retrieving revision 1.2 retrieving revision 1.2.2.1 diff -C2 -d -r1.2 -r1.2.2.1 *** OrderedPermitOverridesRuleAlg.java 17 Mar 2004 18:03:38 -0000 1.2 --- OrderedPermitOverridesRuleAlg.java 28 Apr 2006 15:50:50 -0000 1.2.2.1 *************** *** 57,61 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:" + "ordered-permit-overrides"; --- 57,61 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:rule-combining-algorithm:" + "ordered-permit-overrides"; Index: OrderedDenyOverridesRuleAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedDenyOverridesRuleAlg.java,v retrieving revision 1.2 retrieving revision 1.2.2.1 diff -C2 -d -r1.2 -r1.2.2.1 *** OrderedDenyOverridesRuleAlg.java 17 Mar 2004 18:03:38 -0000 1.2 --- OrderedDenyOverridesRuleAlg.java 28 Apr 2006 15:50:50 -0000 1.2.2.1 *************** *** 57,61 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:" + "ordered-deny-overrides"; --- 57,61 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:rule-combining-algorithm:" + "ordered-deny-overrides"; Index: OrderedDenyOverridesPolicyAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedDenyOverridesPolicyAlg.java,v retrieving revision 1.2 retrieving revision 1.2.2.1 diff -C2 -d -r1.2 -r1.2.2.1 *** OrderedDenyOverridesPolicyAlg.java 17 Mar 2004 18:03:38 -0000 1.2 --- OrderedDenyOverridesPolicyAlg.java 28 Apr 2006 15:50:50 -0000 1.2.2.1 *************** *** 57,61 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:" + "ordered-deny-overrides"; --- 57,61 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:policy-combining-algorithm:" + "ordered-deny-overrides"; Index: OrderedPermitOverridesPolicyAlg.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/combine/OrderedPermitOverridesPolicyAlg.java,v retrieving revision 1.2 retrieving revision 1.2.2.1 diff -C2 -d -r1.2 -r1.2.2.1 *** OrderedPermitOverridesPolicyAlg.java 17 Mar 2004 18:03:38 -0000 1.2 --- OrderedPermitOverridesPolicyAlg.java 28 Apr 2006 15:50:50 -0000 1.2.2.1 *************** *** 57,61 **** */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:" + "ordered-permit-overrides"; --- 57,61 ---- */ public static final String algId = ! "urn:oasis:names:tc:xacml:1.1:policy-combining-algorithm:" + "ordered-permit-overrides"; |
From: Seth P. <se...@us...> - 2006-02-14 22:44:52
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23496/com/sun/xacml/cond Modified Files: HigherOrderFunction.java Log Message: fixed a bug in all-of-all noted by allenp1 Index: HigherOrderFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/HigherOrderFunction.java,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** HigherOrderFunction.java 5 Dec 2005 23:34:51 -0000 1.10 --- HigherOrderFunction.java 14 Feb 2006 22:44:44 -0000 1.11 *************** *** 3,7 **** * @(#)HigherOrderFunction.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)HigherOrderFunction.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 372,377 **** while (it.hasNext()) { AttributeValue value = (AttributeValue)(it.next()); ! result = all((AttributeValue)(it.next()), bag, function, ! context); if (result.indeterminate()) --- 372,376 ---- while (it.hasNext()) { AttributeValue value = (AttributeValue)(it.next()); ! result = all(value, bag, function, context); if (result.indeterminate()) |
From: Seth P. <se...@us...> - 2006-02-14 22:41:51
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22631/com/sun/xacml/cond Modified Files: Tag: branch_1_2 HigherOrderFunction.java Log Message: fixed a bug in all-of-all noted by allenp1 Index: HigherOrderFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/HigherOrderFunction.java,v retrieving revision 1.7.2.1 retrieving revision 1.7.2.2 diff -C2 -d -r1.7.2.1 -r1.7.2.2 *** HigherOrderFunction.java 16 Dec 2004 18:52:52 -0000 1.7.2.1 --- HigherOrderFunction.java 14 Feb 2006 22:41:43 -0000 1.7.2.2 *************** *** 3,7 **** * @(#)HigherOrderFunction.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)HigherOrderFunction.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 342,347 **** while (it.hasNext()) { AttributeValue value = (AttributeValue)(it.next()); ! result = all((AttributeValue)(it.next()), bag, function, ! context); if (result.indeterminate()) --- 342,346 ---- while (it.hasNext()) { AttributeValue value = (AttributeValue)(it.next()); ! result = all(value, bag, function, context); if (result.indeterminate()) |
From: Seth P. <se...@us...> - 2006-02-14 16:58:20
|
Update of /cvsroot/sunxacml/tests In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29828 Modified Files: build.xml Added Files: tests2.xml Log Message: updated to support the 2.0 tests (all tests pass) Index: build.xml =================================================================== RCS file: /cvsroot/sunxacml/tests/build.xml,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** build.xml 4 Jun 2004 17:53:11 -0000 1.2 --- build.xml 14 Feb 2006 16:58:12 -0000 1.3 *************** *** 1,5 **** <!-- ! Copyright 2004 Sun Microsystems, Inc. All Rights Reserved. Redistribution and use in source and binary forms, with or without --- 1,5 ---- <!-- ! Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved. Redistribution and use in source and binary forms, with or without *************** *** 46,51 **** <property name="srcDir" location="."/> <property name="sunxacml" location="../sunxacml/build/classes"/> ! <property name="confDir" location="FILL THIS IN"/> <!-- Builds the project into debug-enabled class files --> --- 46,56 ---- <property name="srcDir" location="."/> + <!-- these specify the location of the sunxacml code and the published --> + <!-- conformance test files --> <property name="sunxacml" location="../sunxacml/build/classes"/> ! <property name="confDir" location="FILL IN PATH TO CONF TESTS"/> ! ! <!-- use tests.xml for version 1 testing and tests2.xml for version 2 --> ! <property name="testFile" location="tests2.xml"/> <!-- Builds the project into debug-enabled class files --> *************** *** 63,67 **** <sysproperty key="java.util.logging.config.file" value="log.props"/> <sysproperty key="com.sun.xacml.PDPConfigFile" value="config.xml"/> ! <arg file="tests.xml"/> <arg path="${confDir}"/> </java> --- 68,72 ---- <sysproperty key="java.util.logging.config.file" value="log.props"/> <sysproperty key="com.sun.xacml.PDPConfigFile" value="config.xml"/> ! <arg file="${testFile}"/> <arg path="${confDir}"/> </java> --- NEW FILE: tests2.xml --- <!-- Copyright 2006 Sun Microsystems, Inc. All Rights Reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistribution of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistribution in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of Sun Microsystems, Inc. or the names of contributors may be used to endorse or promote products derived from this software without specific prior written permission. This software is provided "AS IS," without a warranty of any kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. You acknowledge that this software is not designed or intended for use in the design, construction, operation or maintenance of any nuclear facility. --> <tests> <!-- This file defines all of the 2.0 conformance tests defined by the TC --> <!-- This uses the tests from the October 10, 2005 release --> <group name="II"> <group name="A"> <test name="001"/> <test name="002"/> <test name="003"/> <test name="004" errorExpected="true"/> <test name="005" errorExpected="true"/> <test name="006"/> <test name="007"/> <test name="008"/> <test name="009"/> <test name="010"/> <test name="011"/> <test name="012"/> <test name="013"/> <test name="014"/> <test name="015"/> <test name="016"/> <test name="017"/> <test name="018"/> <test name="019"/> <test name="020"/> <test name="021"/> </group> <group name="B"> <test name="001"/> <test name="002"/> <test name="003"/> <test name="004"/> <test name="005"/> <test name="006"/> <test name="007"/> <test name="008"/> <test name="009"/> <test name="010"/> <test name="011"/> <test name="012"/> <test name="013"/> <test name="014"/> <test name="015"/> <test name="016"/> <test name="017"/> <test name="018"/> <test name="019"/> <test name="020"/> <test name="021"/> <test name="022"/> <test name="023"/> <test name="024"/> <test name="025"/> <test name="026"/> <test name="027"/> <test name="028"/> <test name="029"/> <test name="030"/> <test name="031"/> <test name="032"/> <test name="033"/> <test name="034"/> <test name="035"/> <test name="036"/> <test name="037"/> <test name="038"/> <test name="039"/> <test name="040"/> <test name="041"/> <test name="042"/> <test name="043"/> <test name="044"/> <test name="045"/> <test name="046"/> <test name="047"/> <test name="048"/> <test name="049"/> <test name="050"/> <test name="051"/> <test name="052"/> <test name="053"/> </group> <group name="C"> <test name="001"/> <test name="002"/> <test name="003" errorExpected="true"/> <test name="004"/> <test name="005"/> <test name="006"/> <test name="007"/> <test name="008"/> <test name="009"/> <test name="010"/> <test name="011"/> <test name="012" errorExpected="true"/> <test name="013"/> <test name="014" errorExpected="true"/> <test name="015"/> <test name="016"/> <test name="017"/> <test name="018"/> <test name="019"/> <test name="020"/> <test name="021"/> <test name="022"/> <test name="024"/> <test name="025"/> <test name="026"/> <test name="027"/> <test name="028"/> <test name="029"/> <test name="030"/> <test name="031"/> <test name="032"/> <test name="033"/> <test name="034"/> <test name="035"/> <test name="036"/> <test name="037"/> <test name="038"/> <test name="039"/> <test name="040"/> <test name="041"/> <test name="042"/> <test name="043"/> <test name="044"/> <test name="045"/> <test name="046"/> <test name="047"/> <test name="048"/> <test name="049"/> <test name="050"/> <test name="051"/> <test name="052"/> <test name="053"/> <test name="056"/> <test name="057"/> <test name="058"/> <test name="059"/> <test name="060"/> <test name="061"/> <test name="062"/> <test name="063"/> <test name="064"/> <test name="065"/> <test name="066"/> <test name="067"/> <test name="068"/> <test name="069"/> <test name="070"/> <test name="071"/> <test name="072"/> <test name="073"/> <test name="074"/> <test name="075"/> <test name="076"/> <test name="077"/> <test name="078"/> <test name="079"/> <test name="080"/> <test name="081"/> <test name="082"/> <test name="083"/> <test name="084"/> <test name="085"/> <test name="086"/> <test name="087"/> <test name="090"/> <test name="091"/> <test name="094"/> <test name="095"/> <test name="096"/> <test name="097"/> <test name="100"/> <test name="101"/> <test name="102"/> <test name="103"/> <test name="104"/> <test name="105"/> <test name="106"/> <test name="107"/> <test name="108"/> <test name="109"/> <test name="110"/> <test name="111"/> <test name="112"/> <test name="113"/> <test name="114"/> <test name="115"/> <test name="116"/> <test name="117"/> <test name="118"/> <test name="119"/> <test name="120"/> <test name="121"/> <test name="122"/> <test name="123"/> <test name="124"/> <test name="125"/> <test name="126"/> <test name="127"/> <test name="128"/> <test name="129"/> <test name="130"/> <test name="131"/> <test name="132"/> <test name="133"/> <test name="134"/> <test name="135"/> <test name="136"/> <test name="137"/> <test name="138"/> <test name="139"/> <test name="140"/> <test name="141"/> <test name="142"/> <test name="143"/> <test name="144"/> <test name="145"/> <test name="146"/> <test name="147"/> <test name="148"/> <test name="149"/> <test name="150"/> <test name="151"/> <test name="152"/> <test name="153"/> <test name="154"/> <test name="155"/> <test name="156"/> <test name="157"/> <test name="158"/> <test name="159"/> <test name="160"/> <test name="161"/> <test name="162"/> <test name="163"/> <test name="164"/> <test name="165"/> <test name="166"/> <test name="167"/> <test name="168"/> <test name="169"/> <test name="170"/> <test name="171"/> <test name="172"/> <test name="173"/> <test name="174"/> <test name="175"/> <test name="176"/> <test name="177"/> <test name="178"/> <test name="179"/> <test name="180"/> <test name="181"/> <test name="182"/> <test name="183"/> <test name="184"/> <test name="185"/> <test name="186"/> <test name="187"/> <test name="188"/> <test name="189"/> <test name="190"/> <test name="191"/> <test name="192"/> <test name="193"/> <test name="194"/> <test name="195"/> <test name="196"/> <test name="197"/> <test name="198"/> <test name="199"/> <test name="200"/> <test name="201"/> <test name="202"/> <test name="203"/> <test name="204"/> <test name="205"/> <test name="206"/> <test name="207"/> <test name="208"/> <test name="209"/> <test name="210"/> <test name="211"/> <test name="212"/> <test name="213"/> <test name="214"/> <test name="215"/> <test name="216"/> <test name="217"/> <test name="218"/> <test name="219"/> <test name="220"/> <test name="221"/> <test name="222"/> <test name="223"/> <test name="224"/> <test name="225"/> <test name="226"/> <test name="227"/> <test name="228"/> <test name="229"/> <test name="230"/> <test name="231" experimental="true"/> <test name="232" experimental="true"/> </group> <group name="D"> <test name="001"/> <test name="002"/> <test name="003"/> <test name="004"/> <test name="005"/> <test name="006"/> <test name="007"/> <test name="008"/> <test name="009"/> <test name="010"/> <test name="011"/> <test name="012"/> <test name="013"/> <test name="014"/> <test name="015"/> <test name="016"/> <test name="017"/> <test name="018"/> <test name="019"/> <test name="020"/> <test name="021"/> <test name="022"/> <test name="023"/> <test name="024"/> <test name="025"/> <test name="026"/> <test name="027"/> <test name="028"/> <test name="029"> <policy>029Policy1.xml</policy> <policy>029Policy2.xml</policy> </test> <test name="030"> <policy>030Policy1.xml</policy> <policy>030Policy2.xml</policy> </test> </group> <group name="E"> <test name="001"> <policyReference ref="urn:oasis:names:tc:xacml:2.0:conformance-test:IIE001:policy1">001PolicyId1.xml</policyReference> <policySetReference ref="urn:oasis:names:tc:xacml:2.0:conformance-test:IIE001:policyset1">001PolicySetId1.xml</policySetReference> </test> <test name="002"> <policyReference ref="urn:oasis:names:tc:xacml:2.0:conformance-test:IIE002:policy1">002PolicyId1.xml</policyReference> <policySetReference ref="urn:oasis:names:tc:xacml:2.0:conformance-test:IIE002:policyset1">002PolicySetId1.xml</policySetReference> </test> <test name="003" experimental="true"> <policyReference ref="urn:oasis:names:tc:xacml:2.0:conformance-test:IIE003:policy1">003PolicyId1.xml</policyReference> <policySetReference ref="urn:oasis:names:tc:xacml:2.0:conformance-test:IIE003:policy2">003PolicyId2.xml</policySetReference> </test> </group> </group> <group name="III" experimental="true"> <group name="A"> <test name="001"/> <test name="002"/> <test name="003"/> <test name="004"/> <test name="005"/> <test name="006"/> <test name="007"/> <test name="008"/> <test name="009"/> <test name="010"/> <test name="011"/> <test name="012"/> <test name="013"/> <test name="014"/> <test name="015"/> <test name="016"/> <test name="017"/> <test name="018"/> <test name="019"/> <test name="020"/> <test name="021"/> <test name="022"/> <test name="023"/> <test name="024"/> <test name="025"/> <test name="026"/> <test name="027"/> <test name="028"/> </group> <group name="C"> <test name="001"/> <test name="002"/> <test name="003"/> </group> <group name="F"> <test name="001"/> <test name="002"/> <test name="003"/> <test name="004"/> <test name="005"/> <test name="006"/> <test name="007"/> </group> <group name="G"> <!-- SunXACML doesn't currently support any of the optional XPATH --> <!-- functions, which is what this section tests --> <!--<test name="001"/>--> <!--<test name="002"/>--> <!--<test name="003"/>--> <!--<test name="004"/>--> <!--<test name="005"/>--> <!--<test name="006"/>--> </group> </group> </tests> |
From: Seth P. <se...@us...> - 2006-02-14 16:58:19
|
Update of /cvsroot/sunxacml/tests/com/sun/xacml/test In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29828/com/sun/xacml/test Modified Files: TestPolicyFinderModule.java Log Message: updated to support the 2.0 tests (all tests pass) Index: TestPolicyFinderModule.java =================================================================== RCS file: /cvsroot/sunxacml/tests/com/sun/xacml/test/TestPolicyFinderModule.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** TestPolicyFinderModule.java 7 Jan 2005 23:55:17 -0000 1.2 --- TestPolicyFinderModule.java 14 Feb 2006 16:58:12 -0000 1.3 *************** *** 3,7 **** * @(#)TestPolicyFinderModule.java * ! * Copyright 2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)TestPolicyFinderModule.java * ! * Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 41,44 **** --- 41,45 ---- import com.sun.xacml.MatchResult; import com.sun.xacml.Policy; + import com.sun.xacml.PolicyMetaData; import com.sun.xacml.PolicyReference; import com.sun.xacml.PolicySet; *************** *** 244,248 **** */ public PolicyFinderResult findPolicy(URI idReference, int type, ! VersionConstraints constraints) { String fileName = null; --- 245,250 ---- */ public PolicyFinderResult findPolicy(URI idReference, int type, ! VersionConstraints constraints, ! PolicyMetaData metaData) { String fileName = null; |
From: Seth P. <se...@us...> - 2006-02-13 23:23:18
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/impl In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9060/com/sun/xacml/finder/impl Removed Files: FilePolicyModule.java Log Message: removed from the core and moved to the new support packages --- FilePolicyModule.java DELETED --- |
From: Seth P. <se...@us...> - 2006-02-13 23:22:55
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8962/com/sun/xacml Modified Files: TargetSection.java Log Message: small documentation cleanup Index: TargetSection.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/TargetSection.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TargetSection.java 5 Dec 2005 23:34:51 -0000 1.1 --- TargetSection.java 13 Feb 2006 23:22:46 -0000 1.2 *************** *** 3,7 **** * @(#)TargetSection.java * ! * Copyright 2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)TargetSection.java * ! * Copyright 2005-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 72,82 **** /** ! * Constructor that takes a group and a version. The if the group is * null or empty, then this represents a section that matches any request. * * @param matchGroups a possibly null <code>List</code> of * <code>TargetMatchGroup</code>s * @param xacmlVersion the version XACML being used - * @param matchType */ public TargetSection(List matchGroups, int matchType, int xacmlVersion) { --- 72,82 ---- /** ! * Constructor that takes a group and a version. If the group is * null or empty, then this represents a section that matches any request. * * @param matchGroups a possibly null <code>List</code> of * <code>TargetMatchGroup</code>s + * @param matchType the type as defined in <code>TargetMatch</code> * @param xacmlVersion the version XACML being used */ public TargetSection(List matchGroups, int matchType, int xacmlVersion) { *************** *** 94,99 **** * * @param root the node to parse for the <code>Target</code> ! * @param matchType ! * @param metaData * * @return a new <code>Target</code> constructed by parsing --- 94,99 ---- * * @param root the node to parse for the <code>Target</code> ! * @param matchType the type as defined in <code>TargetMatch</code> ! * @param metaData the meta-data from the enclosing policy * * @return a new <code>Target</code> constructed by parsing |
From: Seth P. <se...@us...> - 2006-01-18 15:49:37
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21703/com/sun/xacml/finder Modified Files: AttributeFinder.java PolicyFinder.java ResourceFinder.java Log Message: updated javadoc to make get/set module parameters clearer Index: ResourceFinder.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/ResourceFinder.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** ResourceFinder.java 4 Jun 2004 17:50:40 -0000 1.5 --- ResourceFinder.java 18 Jan 2006 15:49:26 -0000 1.6 *************** *** 3,7 **** * @(#)ResourceFinder.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)ResourceFinder.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 104,111 **** /** ! * Returns the ordered <code>List</code> of modules used by this class ! * to find resources. * ! * @return the list of modules used by this class */ public List getModules() { --- 104,111 ---- /** ! * Returns the ordered <code>List</code> of ! * <code>ResourceFinderModule</code>s used by this class to find resources. * ! * @return a <code>List</code> of <code>ResourceFinderModule</code>s */ public List getModules() { *************** *** 114,121 **** /** ! * Sets the ordered <code>List</code> of modules used by this class ! * to find resources. The ordering will be maintained. * ! * @param modules the modules this class will use */ public void setModules(List modules) { --- 114,121 ---- /** ! * Sets the ordered <code>List</code> of <code>ResourceFinderModule</code>s ! * used by this class to find resources. The ordering will be maintained. * ! * @param modules a code>List</code> of <code>ResourceFinderModule</code>s */ public void setModules(List modules) { Index: AttributeFinder.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/AttributeFinder.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** AttributeFinder.java 4 Jun 2004 17:50:40 -0000 1.5 --- AttributeFinder.java 18 Jan 2006 15:49:26 -0000 1.6 *************** *** 3,7 **** * @(#)AttributeFinder.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)AttributeFinder.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 100,107 **** /** ! * Returns the ordered <code>List</code> of modules used by this class ! * to find attribute values. * ! * @return the list of modules used by this class */ public List getModules() { --- 100,108 ---- /** ! * Returns the ordered <code>List</code> of ! * <code>AttributeFinderModule</code>s used by this class to find ! * attribute values. * ! * @return a <code>List</code> of <code>AttributeFinderModule</code>s */ public List getModules() { *************** *** 110,117 **** /** ! * Sets the ordered <code>List</code> of modules used by this class ! * to find attribute values. The ordering will be maintained. * ! * @param modules the modules this class will use */ public void setModules(List modules) { --- 111,120 ---- /** ! * Sets the ordered <code>List</code> of ! * <code>AttributeFinderModule</code>s used by this class to find ! * attribute values. The ordering will be maintained. * ! * @param modules a <code>List</code> of ! * <code>AttributeFinderModule</code>s */ public void setModules(List modules) { Index: PolicyFinder.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/PolicyFinder.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** PolicyFinder.java 13 Jan 2006 22:32:52 -0000 1.6 --- PolicyFinder.java 18 Jan 2006 15:49:26 -0000 1.7 *************** *** 3,7 **** * @(#)PolicyFinder.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)PolicyFinder.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 98,105 **** /** ! * Returns the unordered <code>Set</code> of modules used by this class ! * to find policies. * ! * @return the set of modules used by this class */ public Set getModules() { --- 98,105 ---- /** ! * Returns the unordered <code>Set</code> of ! * <code>PolicyFinderModule</code>s used by this class to find policies. * ! * @return a <code>Set</code> of <code>PolicyFinderModule</code>s */ public Set getModules() { *************** *** 108,115 **** /** ! * Sets the unordered <code>Set</code> of modules used by this class ! * to find policies. * ! * @param modules the modules this class will use */ public void setModules(Set modules) { --- 108,115 ---- /** ! * Sets the unordered <code>Set</code> of <code>PolicyFinderModule</code>s ! * used by this class to find policies. * ! * @param modules a <code>Set</code> of <code>PolicyFinderModule</code>s */ public void setModules(Set modules) { |
From: Seth P. <se...@us...> - 2006-01-13 22:33:17
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30273/com/sun/xacml/cond Modified Files: BagFunction.java ConditionBagFunction.java ConditionSetFunction.java EqualFunction.java FunctionFactory.java GeneralBagFunction.java GeneralSetFunction.java MatchFunction.java SetFunction.java StandardFunctionFactory.java Added Files: StringFunction.java URLStringCatFunction.java Log Message: Added support for the XACML 2.0 functions, cleaned up current env handling and date/time construction, and made most of the factory-related changes to support the promised 2.0 features Index: GeneralBagFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/GeneralBagFunction.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** GeneralBagFunction.java 24 May 2004 21:39:22 -0000 1.4 --- GeneralBagFunction.java 13 Jan 2006 22:32:51 -0000 1.5 *************** *** 3,7 **** * @(#)GeneralBagFunction.java * ! * Copyright 2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)GeneralBagFunction.java * ! * Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 95,98 **** --- 95,116 ---- baseType, true)); } + + for (int i = 0; i < baseTypes2.length; i++) { + String baseType = baseTypes2[i]; + String functionBaseName = FUNCTION_NS_2 + simpleTypes2[i]; + + paramMap.put(functionBaseName + NAME_BASE_ONE_AND_ONLY, + new BagParameters(ID_BASE_ONE_AND_ONLY, baseType, + true, 1, baseType, false)); + + paramMap.put(functionBaseName + NAME_BASE_BAG_SIZE, + new BagParameters(ID_BASE_BAG_SIZE, baseType, true, + 1, IntegerAttribute.identifier, + false)); + + paramMap.put(functionBaseName + NAME_BASE_BAG, + new BagParameters(ID_BASE_BAG, baseType, false, -1, + baseType, true)); + } supportedIds = Collections. Index: ConditionSetFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/ConditionSetFunction.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** ConditionSetFunction.java 24 May 2004 21:39:22 -0000 1.4 --- ConditionSetFunction.java 13 Jan 2006 22:32:51 -0000 1.5 *************** *** 3,7 **** * @(#)ConditionSetFunction.java * ! * Copyright 2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)ConditionSetFunction.java * ! * Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 98,101 **** --- 98,117 ---- } + for (int i = 0; i < baseTypes2.length; i++) { + String baseName = FUNCTION_NS_2 + simpleTypes2[i]; + String baseType = baseTypes2[i]; + + idMap.put(baseName + NAME_BASE_AT_LEAST_ONE_MEMBER_OF, + new Integer(ID_BASE_AT_LEAST_ONE_MEMBER_OF)); + idMap.put(baseName + NAME_BASE_SUBSET, + new Integer(ID_BASE_SUBSET)); + idMap.put(baseName + NAME_BASE_SET_EQUALS, + new Integer(ID_BASE_SET_EQUALS)); + + typeMap.put(baseName + NAME_BASE_AT_LEAST_ONE_MEMBER_OF, baseType); + typeMap.put(baseName + NAME_BASE_SUBSET, baseType); + typeMap.put(baseName + NAME_BASE_SET_EQUALS, baseType); + } + supportedIds = Collections. unmodifiableSet(new HashSet(idMap.keySet())); Index: SetFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/SetFunction.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** SetFunction.java 18 Mar 2004 21:13:09 -0000 1.4 --- SetFunction.java 13 Jan 2006 22:32:51 -0000 1.5 *************** *** 3,7 **** * @(#)SetFunction.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)SetFunction.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 47,53 **** --- 47,55 ---- import com.sun.xacml.attr.DateTimeAttribute; import com.sun.xacml.attr.DayTimeDurationAttribute; + import com.sun.xacml.attr.DNSNameAttribute; import com.sun.xacml.attr.DoubleAttribute; import com.sun.xacml.attr.HexBinaryAttribute; import com.sun.xacml.attr.IntegerAttribute; + import com.sun.xacml.attr.IPAddressAttribute; import com.sun.xacml.attr.RFC822NameAttribute; import com.sun.xacml.attr.StringAttribute; *************** *** 119,123 **** /** * A complete list of all the XACML datatypes supported by the Set ! * functions */ protected static String baseTypes [] = { --- 121,125 ---- /** * A complete list of all the XACML datatypes supported by the Set ! * functions in XACML 1.x */ protected static String baseTypes [] = { *************** *** 139,145 **** /** * A complete list of all the XACML datatypes supported by the Set ! * functions, using the "simple" form of the names (eg, string ! * instead of http://www.w3.org/2001/XMLSchema#string) */ protected static String simpleTypes [] = { --- 141,156 ---- /** + * A complete list of all the XACML datatypes newly supported by the Set + * functions in XACML 2.0 + */ + protected static String baseTypes2 [] = { + IPAddressAttribute.identifier, + DNSNameAttribute.identifier + }; + + /** * A complete list of all the XACML datatypes supported by the Set ! * functions in XACML 1.x, using the "simple" form of the names (eg, ! * string instead of http://www.w3.org/2001/XMLSchema#string) */ protected static String simpleTypes [] = { *************** *** 150,153 **** --- 161,173 ---- /** + * A complete list of all the XACML datatypes newly supported by the Set + * functions in XACML 2.0, using the "simple" form of the names (eg, + * string instead of http://www.w3.org/2001/XMLSchema#string) + */ + protected static String simpleTypes2 [] = { + "ipAddress", "dnsName" + }; + + /** * Creates a new instance of the intersection set function. * This should be used to create support for any new attribute types --- NEW FILE: StringFunction.java --- /* * @(#)StringFunction.java * * Copyright 2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistribution of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistribution in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of Sun Microsystems, Inc. or the names of contributors may * be used to endorse or promote products derived from this software without * specific prior written permission. * * This software is provided "AS IS," without a warranty of any kind. ALL * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. * * You acknowledge that this software is not designed or intended for use in * the design, construction, operation or maintenance of any nuclear facility. */ package com.sun.xacml.cond; import com.sun.xacml.EvaluationCtx; import com.sun.xacml.attr.AttributeValue; import com.sun.xacml.attr.StringAttribute; import java.util.HashSet; import java.util.List; import java.util.Set; /** * This class implements the string-concatenate function from XACML 2.0. * * @since 2.0 * @author Seth Proctor */ public class StringFunction extends FunctionBase { /** * Standard identifier for the string-concatenate function. */ public static final String NAME_STRING_CONCATENATE = FUNCTION_NS_2 + "string-concatenate"; // private identifiers for the supported functions private static final int ID_STRING_CONCATENATE = 0; /** * Creates a new <code>StringFunction</code> object. * * @param functionName the standard XACML name of the function to be * handled by this object, including the full namespace * * @throws IllegalArgumentException if the function is unknown */ public StringFunction(String functionName) { super(functionName, ID_STRING_CONCATENATE, StringAttribute.identifier, false, -1, 2, StringAttribute.identifier, false); } /** * Returns a <code>Set</code> containing all the function identifiers * supported by this class. * * @return a <code>Set</code> of <code>String</code>s */ public static Set getSupportedIdentifiers() { Set set = new HashSet(); set.add(NAME_STRING_CONCATENATE); return set; } /** * Evaluate the function, using the specified parameters. * * @param inputs a <code>List</code> of <code>Evaluatable</code> * objects representing the arguments passed to the function * @param context an <code>EvaluationCtx</code> so that the * <code>Evaluatable</code> objects can be evaluated * @return an <code>EvaluationResult</code> representing the * function's result */ public EvaluationResult evaluate(List inputs, EvaluationCtx context) { // Evaluate the arguments AttributeValue [] argValues = new AttributeValue[inputs.size()]; EvaluationResult result = evalArgs(inputs, context, argValues); if (result != null) return result; switch (getFunctionId()) { case ID_STRING_CONCATENATE: String str = ((StringAttribute)argValues[0]).getValue(); for (int i = 1; i < argValues.length; i++) str += ((StringAttribute)(argValues[i])).getValue(); result = new EvaluationResult(new StringAttribute(str)); break; } return result; } } Index: GeneralSetFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/GeneralSetFunction.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** GeneralSetFunction.java 24 May 2004 21:39:22 -0000 1.4 --- GeneralSetFunction.java 13 Jan 2006 22:32:51 -0000 1.5 *************** *** 3,7 **** * @(#)GeneralSetFunction.java * ! * Copyright 2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)GeneralSetFunction.java * ! * Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 91,94 **** --- 91,107 ---- typeMap.put(baseName + NAME_BASE_UNION, baseType); } + + for (int i = 0; i < baseTypes2.length; i++) { + String baseName = FUNCTION_NS_2 + simpleTypes2[i]; + String baseType = baseTypes2[i]; + + idMap.put(baseName + NAME_BASE_INTERSECTION, + new Integer(ID_BASE_INTERSECTION)); + idMap.put(baseName + NAME_BASE_UNION, + new Integer(ID_BASE_UNION)); + + typeMap.put(baseName + NAME_BASE_INTERSECTION, baseType); + typeMap.put(baseName + NAME_BASE_UNION, baseType); + } }; Index: FunctionFactory.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/FunctionFactory.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** FunctionFactory.java 17 May 2004 20:33:45 -0000 1.7 --- FunctionFactory.java 13 Jan 2006 22:32:51 -0000 1.8 *************** *** 3,7 **** * @(#)FunctionFactory.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)FunctionFactory.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 38,45 **** --- 38,47 ---- import com.sun.xacml.ParsingException; + import com.sun.xacml.PolicyMetaData; import com.sun.xacml.UnknownIdentifierException; import java.net.URI; + import java.util.HashMap; import java.util.Set; *************** *** 68,77 **** private static FunctionFactoryProxy defaultFactoryProxy; /** ! * static intialiazer that sets up the default factory proxies ! * NOTE: this will change when the right setup mechanism is in place */ static { ! defaultFactoryProxy = new FunctionFactoryProxy() { public FunctionFactory getTargetFactory() { return StandardFunctionFactory.getTargetFactory(); --- 70,82 ---- private static FunctionFactoryProxy defaultFactoryProxy; + // the map of registered factories + private static HashMap registeredFactories; + /** ! * static intialiazer that sets up the default factory proxies and ! * registers the standard namespaces */ static { ! FunctionFactoryProxy proxy = new FunctionFactoryProxy() { public FunctionFactory getTargetFactory() { return StandardFunctionFactory.getTargetFactory(); *************** *** 84,87 **** --- 89,98 ---- } }; + + registeredFactories = new HashMap(); + registeredFactories.put(PolicyMetaData.XACML_1_0_IDENTIFIER, proxy); + registeredFactories.put(PolicyMetaData.XACML_2_0_IDENTIFIER, proxy); + + defaultFactoryProxy = proxy; }; *************** *** 104,107 **** --- 115,138 ---- /** + * Returns a factory based on the given identifier. You may register + * as many factories as you like, and then retrieve them through this + * interface, but a factory may only be registered once using a given + * identifier. By default, the standard XACML 1.0 and 2.0 identifiers + * are regsietered to provide the standard factory. + * + * @param identifier the identifier for a factory + * + * @return a <code>FunctionFactory</code> that supports Target functions + * + * @throws UnknownIdentifierException if the given identifier isn't + * registered + */ + public static final FunctionFactory getTargetInstance(String identifier) + throws UnknownIdentifierException + { + return getRegisteredProxy(identifier).getTargetFactory(); + } + + /** * Returns the default FuntionFactory that will only provide those * functions that are usable in the root of the Condition. These Functions *************** *** 115,118 **** --- 146,169 ---- /** + * Returns a factory based on the given identifier. You may register + * as many factories as you like, and then retrieve them through this + * interface, but a factory may only be registered once using a given + * identifier. By default, the standard XACML 1.0 and 2.0 identifiers + * are regsietered to provide the standard factory. + * + * @param identifier the identifier for a factory + * + * @return a <code>FunctionFactory</code> that supports Condition functions + * + * @throws UnknownIdentifierException if the given identifier isn't + * registered + */ + public static final FunctionFactory getConditionInstance(String identifier) + throws UnknownIdentifierException + { + return getRegisteredProxy(identifier).getConditionFactory(); + } + + /** * Returns the default FunctionFactory that provides access to all the * functions. These Functions are a superset of the Condition functions. *************** *** 125,130 **** /** ! * Sets the default factory. Note that this is just a placeholder for ! * now, and will be replaced with a more useful mechanism soon. */ public static final void setDefaultFactory(FunctionFactoryProxy proxy) { --- 176,251 ---- /** ! * Returns a factory based on the given identifier. You may register ! * as many factories as you like, and then retrieve them through this ! * interface, but a factory may only be registered once using a given ! * identifier. By default, the standard XACML 1.0 and 2.0 identifiers ! * are regsietered to provide the standard factory. ! * ! * @param identifier the identifier for a factory ! * ! * @return a <code>FunctionFactory</code> that supports General functions ! * ! * @throws UnknownIdentifierException if the given identifier isn't ! * registered ! */ ! public static final FunctionFactory getGeneralInstance(String identifier) ! throws UnknownIdentifierException ! { ! return getRegisteredProxy(identifier).getGeneralFactory(); ! } ! ! /** ! * Returns the default FunctionFactoryProxy that provides access to all ! * the functions. ! * ! * @return a <code>FunctionFactoryProxy</code> for all functions ! */ ! public static final FunctionFactoryProxy getInstance() { ! return defaultFactoryProxy; ! } ! ! /** ! * Returns a factory based on the given identifier. You may register ! * as many factories as you like, and then retrieve them through this ! * interface, but a factory may only be registered once using a given ! * identifier. By default, the standard XACML 1.0 and 2.0 identifiers ! * are regsietered to provide the standard factory. ! * ! * @param identifier the identifier for a factory ! * ! * @return a <code>FunctionFactoryProxy</code> ! * ! * @throws UnknownIdentifierException if the given identifier isn't ! * registered ! */ ! public static final FunctionFactoryProxy getInstance(String identifier) ! throws UnknownIdentifierException ! { ! return getRegisteredProxy(identifier); ! } ! ! /** ! * Private helper that resolves the proxy for the given identifier, or ! * throws an exception if no proxy is registered for that identifier. ! */ ! private static FunctionFactoryProxy getRegisteredProxy(String identifier) ! throws UnknownIdentifierException ! { ! FunctionFactoryProxy proxy = ! (FunctionFactoryProxy)(registeredFactories.get(identifier)); ! ! if (proxy == null) ! throw new UnknownIdentifierException("Uknown FunctionFactory " + ! "identifier: " + identifier); ! ! return proxy; ! } ! ! /** ! * Sets the default factory. This does not register the factory proxy as ! * an identifiable factory. ! * ! * @param proxy the <code>FunctionFactoryProxy</code> to set as the new ! * default factory proxy */ public static final void setDefaultFactory(FunctionFactoryProxy proxy) { *************** *** 133,136 **** --- 254,284 ---- /** + * Registers the given factory proxy with the given identifier. If the + * identifier is already used, then this throws an exception. If the + * identifier is not already used, then it will always be bound to the + * given proxy. + * + * @param identifier the identifier for the proxy + * @param proxy the <code>FunctionFactoryProxy</code> to register with + * the given identifier + * + * @throws IllegalArgumentException if the identifier is already used + */ + public static final void registerFactory(String identifier, + FunctionFactoryProxy proxy) + throws IllegalArgumentException + { + synchronized (registeredFactories) { + if (registeredFactories.containsKey(identifier)) + throw new IllegalArgumentException("Identifier is already " + + "registered as " + + "FunctionFactory: " + + identifier); + + registeredFactories.put(identifier, proxy); + } + } + + /** * Adds the function to the factory. Most functions have no state, so * the singleton model used here is typically desireable. The factory will --- NEW FILE: URLStringCatFunction.java --- /* * @(#)URLStringCatFunction.java * * Copyright 2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistribution of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistribution in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of Sun Microsystems, Inc. or the names of contributors may * be used to endorse or promote products derived from this software without * specific prior written permission. * * This software is provided "AS IS," without a warranty of any kind. ALL * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. * * You acknowledge that this software is not designed or intended for use in * the design, construction, operation or maintenance of any nuclear facility. */ package com.sun.xacml.cond; import com.sun.xacml.EvaluationCtx; import com.sun.xacml.attr.AnyURIAttribute; import com.sun.xacml.attr.AttributeValue; import com.sun.xacml.attr.StringAttribute; import com.sun.xacml.ctx.Status; import java.net.URI; import java.net.URISyntaxException; import java.util.ArrayList; import java.util.Iterator; import java.util.List; /** * Represents the XACML 2.0 url-string-concatenate function. * * @since 2.0 * @author Seth Proctor */ public class URLStringCatFunction extends FunctionBase { /** * Standard identifier for the url-string-concatenate function. */ public static final String NAME_URL_STRING_CONCATENATE = FUNCTION_NS_2 + "url-string-concatenate"; /** * Creates an instance of this function. */ public URLStringCatFunction() { super(NAME_URL_STRING_CONCATENATE, 0, AnyURIAttribute.identifier, false); } /** * Checks the inputs of this function. * * @param inputs a <code>List></code> of <code>Evaluatable</code>s * * @throws IllegalArgumentException if the inputs won't work */ public void checkInputs(List inputs) throws IllegalArgumentException { // scan the list to make sure nothing returns a bag Iterator it = inputs.iterator(); while (it.hasNext()) { if (((Expression)(it.next())).returnsBag()) throw new IllegalArgumentException(NAME_URL_STRING_CONCATENATE + " doesn't accept bags"); } // nothing is a bag, so check using the no-bag method checkInputsNoBag(inputs); } /** * Checks the inputs of this function assuming no parameters are bags. * * @param inputs a <code>List></code> of <code>Evaluatable</code>s * * @throws IllegalArgumentException if the inputs won't work */ public void checkInputsNoBag(List inputs) throws IllegalArgumentException { // make sure it's long enough if (inputs.size() < 2) throw new IllegalArgumentException("not enough args to " + NAME_URL_STRING_CONCATENATE); // check that the parameters are of the correct types... Iterator it = inputs.iterator(); // ...the first argument must be a URI... if (! ((Expression)(it.next())).getType().toString(). equals(AnyURIAttribute.identifier)) throw new IllegalArgumentException("illegal parameter"); // ...and all following arguments must be strings while (it.hasNext()) { if (! ((Expression)(it.next())).getType().toString(). equals(StringAttribute.identifier)) throw new IllegalArgumentException("illegal parameter"); } } /** * Evaluates the function given the input data. This function expects * an <code>AnyURIAttribute</code> followed by one or more * <code>StringAttribute</code>s, and returns an * <code>AnyURIAttribute</code>. * * @param inputs the input agrument list * @param context the representation of the request * * @return the result of evaluation */ public EvaluationResult evaluate(List inputs, EvaluationCtx context) { // Evaluate the arguments AttributeValue [] argValues = new AttributeValue[inputs.size()]; EvaluationResult result = evalArgs(inputs, context, argValues); if (result != null) return result; // the first argument is always a URI String str = ((AnyURIAttribute)(argValues[0])).getValue().toString(); // the remaining arguments are strings for (int i = 1; i < argValues.length; i++) str += ((StringAttribute)(argValues[i])).getValue(); // finally, try to convert the string back to a URI try { return new EvaluationResult(new AnyURIAttribute(new URI(str))); } catch (URISyntaxException use) { List code = new ArrayList(); code.add(Status.STATUS_PROCESSING_ERROR); String message = NAME_URL_STRING_CONCATENATE + " didn't produce" + " a valid URI: " + str; return new EvaluationResult(new Status(code, message)); } } } Index: BagFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/BagFunction.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** BagFunction.java 13 Jun 2004 23:20:18 -0000 1.5 --- BagFunction.java 13 Jan 2006 22:32:51 -0000 1.6 *************** *** 3,7 **** * @(#)BagFunction.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)BagFunction.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 43,49 **** --- 43,51 ---- import com.sun.xacml.attr.DateTimeAttribute; import com.sun.xacml.attr.DayTimeDurationAttribute; + import com.sun.xacml.attr.DNSNameAttribute; import com.sun.xacml.attr.DoubleAttribute; import com.sun.xacml.attr.HexBinaryAttribute; import com.sun.xacml.attr.IntegerAttribute; + import com.sun.xacml.attr.IPAddressAttribute; import com.sun.xacml.attr.RFC822NameAttribute; import com.sun.xacml.attr.StringAttribute; *************** *** 107,111 **** /** ! * A complete list of all the XACML datatypes supported by the Bag * functions */ --- 109,113 ---- /** ! * A complete list of all the XACML 1.x datatypes supported by the Bag * functions */ *************** *** 128,133 **** /** ! * A complete list of all the XACML datatypes supported by the Bag ! * functions, using the "simple" form of the names (eg, string * instead of http://www.w3.org/2001/XMLSchema#string) */ --- 130,144 ---- /** ! * A complete list of all the XACML 2.0 datatypes newly supported by the ! * Bag functions ! */ ! protected static String baseTypes2 [] = { ! IPAddressAttribute.identifier, ! DNSNameAttribute.identifier ! }; ! ! /** ! * A complete list of all the 1.x XACML datatypes supported by the ! * Bag functions, using the "simple" form of the names (eg, string * instead of http://www.w3.org/2001/XMLSchema#string) */ *************** *** 139,142 **** --- 150,162 ---- /** + * A complete list of all the 2.0 XACML datatypes newly supported by the + * Bag functions, using the "simple" form of the names (eg, string + * instead of http://www.w3.org/2001/XMLSchema#string) + */ + protected static String simpleTypes2 [] = { + "ipAddress", "dnsName" + }; + + /** * Returns a new <code>BagFunction</code> that provides the * type-one-and-only functionality over the given attribute type. Index: MatchFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/MatchFunction.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** MatchFunction.java 18 Mar 2004 21:13:09 -0000 1.5 --- MatchFunction.java 13 Jan 2006 22:32:51 -0000 1.6 *************** *** 3,7 **** * @(#)MatchFunction.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)MatchFunction.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 39,44 **** --- 39,47 ---- import com.sun.xacml.EvaluationCtx; + import com.sun.xacml.attr.AnyURIAttribute; import com.sun.xacml.attr.AttributeValue; import com.sun.xacml.attr.BooleanAttribute; + import com.sun.xacml.attr.DNSNameAttribute; + import com.sun.xacml.attr.IPAddressAttribute; import com.sun.xacml.attr.RFC822NameAttribute; import com.sun.xacml.attr.StringAttribute; *************** *** 55,59 **** /** ! * Implements the three standard matching functions. * * @since 1.0 --- 58,62 ---- /** ! * Implements the standard matching and regular expression functions. * * @since 1.0 *************** *** 81,89 **** --- 84,137 ---- public static final String NAME_RFC822NAME_MATCH = FUNCTION_NS + "rfc822Name-match"; + + /** + * Standard identifier for the string-regexp-match function. NOTE: this + * in the 1.0 namespace right now because of a bug in the XACML 2.0 + * specification, but this will be changed to the 2.0 namespace as soon + * as the errata is recognized. + */ + public static final String NAME_STRING_REGEXP_MATCH = + FUNCTION_NS + "string-regexp-match"; + /** + * Standard identifier for the anyURI-regexp-match function. + */ + public static final String NAME_ANYURI_REGEXP_MATCH = + FUNCTION_NS_2 + "anyURI-regexp-match"; + + /** + * Standard identifier for the ipAddress-regexp-match function. + */ + public static final String NAME_IPADDRESS_REGEXP_MATCH = + FUNCTION_NS_2 + "ipAddress-regexp-match"; + + /** + * Standard identifier for the dnsName-regexp-match function. + */ + public static final String NAME_DNSNAME_REGEXP_MATCH = + FUNCTION_NS_2 + "dnsName-regexp-match"; + + /** + * Standard identifier for the rfc822Name-regexp-match function. + */ + public static final String NAME_RFC822NAME_REGEXP_MATCH = + FUNCTION_NS_2 + "rfc822Name-regexp-match"; + + /** + * Standard identifier for the x500Name-regexp-match function. + */ + public static final String NAME_X500NAME_REGEXP_MATCH = + FUNCTION_NS_2 + "x500Name-regexp-match"; + // private identifiers for the supported functions private static final int ID_REGEXP_STRING_MATCH = 0; private static final int ID_X500NAME_MATCH = 1; private static final int ID_RFC822NAME_MATCH = 2; + private static final int ID_STRING_REGEXP_MATCH = 3; + private static final int ID_ANYURI_REGEXP_MATCH = 4; + private static final int ID_IPADDRESS_REGEXP_MATCH = 5; + private static final int ID_DNSNAME_REGEXP_MATCH = 6; + private static final int ID_RFC822NAME_REGEXP_MATCH = 7; + private static final int ID_X500NAME_REGEXP_MATCH = 8; // private mappings for the input arguments *************** *** 97,100 **** --- 145,166 ---- StringAttribute.identifier, RFC822NameAttribute.identifier}; + private static final String stringRegexpParams [] = { + StringAttribute.identifier, + StringAttribute.identifier}; + private static final String anyURIRegexpParams [] = { + StringAttribute.identifier, + AnyURIAttribute.identifier}; + private static final String ipAddressRegexpParams [] = { + StringAttribute.identifier, + IPAddressAttribute.identifier}; + private static final String dnsNameRegexpParams [] = { + StringAttribute.identifier, + DNSNameAttribute.identifier}; + private static final String rfc822NameRegexpParams [] = { + StringAttribute.identifier, + RFC822NameAttribute.identifier}; + private static final String x500NameRegexpParams [] = { + StringAttribute.identifier, + X500NameAttribute.identifier}; // private mapping for bag input options *************** *** 126,129 **** --- 192,207 ---- else if (functionName.equals(NAME_RFC822NAME_MATCH)) return ID_RFC822NAME_MATCH; + else if (functionName.equals(NAME_STRING_REGEXP_MATCH)) + return ID_STRING_REGEXP_MATCH; + else if (functionName.equals(NAME_ANYURI_REGEXP_MATCH)) + return ID_ANYURI_REGEXP_MATCH; + else if (functionName.equals(NAME_IPADDRESS_REGEXP_MATCH)) + return ID_IPADDRESS_REGEXP_MATCH; + else if (functionName.equals(NAME_DNSNAME_REGEXP_MATCH)) + return ID_DNSNAME_REGEXP_MATCH; + else if (functionName.equals(NAME_RFC822NAME_REGEXP_MATCH)) + return ID_RFC822NAME_REGEXP_MATCH; + else if (functionName.equals(NAME_X500NAME_REGEXP_MATCH)) + return ID_X500NAME_REGEXP_MATCH; throw new IllegalArgumentException("unknown match function: " + *************** *** 142,147 **** else if (functionName.equals(NAME_X500NAME_MATCH)) return x500Params; ! else return rfc822Params; } --- 220,239 ---- else if (functionName.equals(NAME_X500NAME_MATCH)) return x500Params; ! else if (functionName.equals(NAME_RFC822NAME_MATCH)) return rfc822Params; + else if (functionName.equals(NAME_STRING_REGEXP_MATCH)) + return stringRegexpParams; + else if (functionName.equals(NAME_ANYURI_REGEXP_MATCH)) + return anyURIRegexpParams; + else if (functionName.equals(NAME_IPADDRESS_REGEXP_MATCH)) + return ipAddressRegexpParams; + else if (functionName.equals(NAME_DNSNAME_REGEXP_MATCH)) + return dnsNameRegexpParams; + else if (functionName.equals(NAME_RFC822NAME_REGEXP_MATCH)) + return rfc822NameRegexpParams; + else if (functionName.equals(NAME_X500NAME_REGEXP_MATCH)) + return x500NameRegexpParams; + + return null; } *************** *** 158,161 **** --- 250,259 ---- set.add(NAME_X500NAME_MATCH); set.add(NAME_RFC822NAME_MATCH); + set.add(NAME_STRING_REGEXP_MATCH); + set.add(NAME_ANYURI_REGEXP_MATCH); + set.add(NAME_IPADDRESS_REGEXP_MATCH); + set.add(NAME_DNSNAME_REGEXP_MATCH); + set.add(NAME_RFC822NAME_MATCH); + set.add(NAME_X500NAME_MATCH); return set; *************** *** 188,246 **** switch (getFunctionId()) { ! case ID_REGEXP_STRING_MATCH: { // arg0 is a regular expression; arg1 is a general string String arg0 = ((StringAttribute)(argValues[0])).getValue(); String arg1 = ((StringAttribute)(argValues[1])).getValue(); ! // the regular expression syntax required by XACML differs ! // from the syntax supported by java.util.regex.Pattern ! // in several ways; the next several code blocks transform ! // the XACML syntax into a semantically equivalent Pattern syntax ! ! StringBuffer buf = new StringBuffer(arg0); ! ! // in order to handle the requirement that the string is ! // considered to match the pattern if any substring matches ! // the pattern, we prepend ".*" and append ".*" to the reg exp, ! // but only if there isn't an anchor (^ or $) in place ! ! if (arg0.charAt(0) != '^') ! buf = buf.insert(0, ".*"); ! ! if (arg0.charAt(arg0.length() - 1) != '$') ! buf = buf.insert(buf.length(), ".*"); ! ! // in order to handle Unicode blocks, we replace all ! // instances of "\p{Is" with "\p{In" in the reg exp ! ! int idx = -1; ! idx = buf.indexOf("\\p{Is", 0); ! while (idx != -1){ ! buf = buf.replace(idx, idx+5, "\\p{In"); ! idx = buf.indexOf("\\p{Is", idx); ! } ! ! // in order to handle Unicode blocks, we replace all instances ! // of "\P{Is" with "\P{In" in the reg exp ! ! idx = -1; ! idx = buf.indexOf("\\P{Is", 0); ! while (idx != -1){ ! buf = buf.replace(idx, idx+5, "\\P{In"); ! idx = buf.indexOf("\\P{Is", idx); ! } ! ! // in order to handle character class subtraction, we ! // replace all instances of "-[" with "&&[^" in the reg exp ! ! idx = -1; ! idx = buf.indexOf("-[", 0); ! while (idx != -1){ ! buf = buf.replace(idx, idx+2, "&&[^"); ! idx = buf.indexOf("-[", idx); ! } ! arg0 = buf.toString(); ! ! boolResult = Pattern.matches(arg0, arg1); break; --- 286,296 ---- switch (getFunctionId()) { ! case ID_REGEXP_STRING_MATCH: ! case ID_STRING_REGEXP_MATCH: { // arg0 is a regular expression; arg1 is a general string String arg0 = ((StringAttribute)(argValues[0])).getValue(); String arg1 = ((StringAttribute)(argValues[1])).getValue(); ! boolResult = regexpHelper(arg0, arg1); break; *************** *** 279,282 **** --- 329,382 ---- } + case ID_ANYURI_REGEXP_MATCH: { + // arg0 is a regular expression; arg1 is a general string + String arg0 = ((StringAttribute)(argValues[0])).getValue(); + String arg1 = ((AnyURIAttribute)(argValues[1])).encode(); + + boolResult = regexpHelper(arg0, arg1); + + break; + } + + case ID_IPADDRESS_REGEXP_MATCH: { + // arg0 is a regular expression; arg1 is a general string + String arg0 = ((StringAttribute)(argValues[0])).getValue(); + String arg1 = ((IPAddressAttribute)(argValues[1])).encode(); + + boolResult = regexpHelper(arg0, arg1); + + break; + } + + case ID_DNSNAME_REGEXP_MATCH: { + // arg0 is a regular expression; arg1 is a general string + String arg0 = ((StringAttribute)(argValues[0])).getValue(); + String arg1 = ((DNSNameAttribute)(argValues[1])).encode(); + + boolResult = regexpHelper(arg0, arg1); + + break; + } + + case ID_RFC822NAME_REGEXP_MATCH: { + // arg0 is a regular expression; arg1 is a general string + String arg0 = ((StringAttribute)(argValues[0])).getValue(); + String arg1 = ((RFC822NameAttribute)(argValues[1])).encode(); + + boolResult = regexpHelper(arg0, arg1); + + break; + } + + case ID_X500NAME_REGEXP_MATCH: { + // arg0 is a regular expression; arg1 is a general string + String arg0 = ((StringAttribute)(argValues[0])).getValue(); + String arg1 = ((X500NameAttribute)(argValues[1])).encode(); + + boolResult = regexpHelper(arg0, arg1); + + break; + } + } *************** *** 284,286 **** --- 384,442 ---- return EvaluationResult.getInstance(boolResult); } + + /** + * + */ + private boolean regexpHelper(String xpr, String str) { + // the regular expression syntax required by XACML differs + // from the syntax supported by java.util.regex.Pattern + // in several ways; the next several code blocks transform + // the XACML syntax into a semantically equivalent Pattern syntax + + StringBuffer buf = new StringBuffer(xpr); + + // in order to handle the requirement that the string is + // considered to match the pattern if any substring matches + // the pattern, we prepend ".*" and append ".*" to the reg exp, + // but only if there isn't an anchor (^ or $) in place + + if (xpr.charAt(0) != '^') + buf = buf.insert(0, ".*"); + + if (xpr.charAt(xpr.length() - 1) != '$') + buf = buf.insert(buf.length(), ".*"); + + // in order to handle Unicode blocks, we replace all + // instances of "\p{Is" with "\p{In" in the reg exp + + int idx = -1; + idx = buf.indexOf("\\p{Is", 0); + while (idx != -1){ + buf = buf.replace(idx, idx+5, "\\p{In"); + idx = buf.indexOf("\\p{Is", idx); + } + + // in order to handle Unicode blocks, we replace all instances + // of "\P{Is" with "\P{In" in the reg exp + + idx = -1; + idx = buf.indexOf("\\P{Is", 0); + while (idx != -1){ + buf = buf.replace(idx, idx+5, "\\P{In"); + idx = buf.indexOf("\\P{Is", idx); + } + + // in order to handle character class subtraction, we + // replace all instances of "-[" with "&&[^" in the reg exp + + idx = -1; + idx = buf.indexOf("-[", 0); + while (idx != -1){ + buf = buf.replace(idx, idx+2, "&&[^"); + idx = buf.indexOf("-[", idx); + } + + return Pattern.matches(buf.toString(), str); + } + } Index: StandardFunctionFactory.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/StandardFunctionFactory.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** StandardFunctionFactory.java 4 Jun 2004 17:50:40 -0000 1.6 --- StandardFunctionFactory.java 13 Jan 2006 22:32:51 -0000 1.7 *************** *** 3,7 **** * @(#)StandardFunctionFactory.java * ! * Copyright 2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)StandardFunctionFactory.java * ! * Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 37,40 **** --- 37,43 ---- package com.sun.xacml.cond; + import com.sun.xacml.PolicyMetaData; + import com.sun.xacml.UnknownIdentifierException; + import com.sun.xacml.cond.cluster.AbsFunctionCluster; import com.sun.xacml.cond.cluster.AddFunctionCluster; *************** *** 57,60 **** --- 60,64 ---- import com.sun.xacml.cond.cluster.NumericConvertFunctionCluster; import com.sun.xacml.cond.cluster.RoundFunctionCluster; + import com.sun.xacml.cond.cluster.StringFunctionCluster; import com.sun.xacml.cond.cluster.StringNormalizeFunctionCluster; import com.sun.xacml.cond.cluster.SubtractFunctionCluster; *************** *** 75,79 **** /** * This factory supports the standard set of functions specified in XACML ! * 1.0 and 1.1. It is the default factory used by the system, and imposes * a singleton pattern insuring that there is only ever one instance of * this class. --- 79,83 ---- /** * This factory supports the standard set of functions specified in XACML ! * 1.x and 2.0. It is the default factory used by the system, and imposes * a singleton pattern insuring that there is only ever one instance of * this class. *************** *** 109,112 **** --- 113,120 ---- private static Map generalAbstractFunctions = null; + // the static sets of supported identifiers for each XACML version + private static Set supportedV1Functions; + private static Set supportedV2Functions; + // the set/map used by each singleton factory instance private Set supportedFunctions = null; *************** *** 238,242 **** generalFunctions.addAll((new GeneralSetFunctionCluster()). getSupportedFunctions()); ! generalAbstractFunctions = new HashMap(conditionAbstractFunctions); --- 246,254 ---- generalFunctions.addAll((new GeneralSetFunctionCluster()). getSupportedFunctions()); ! // add the XACML 2.0 string functions ! generalFunctions.addAll((new StringFunctionCluster()). ! getSupportedFunctions()); ! ! generalAbstractFunctions = new HashMap(conditionAbstractFunctions); *************** *** 328,337 **** /** ! * Returns the set of functions that this standard factory supports. * ! * @return a <code>Set</code> of <code>Function</code>s */ ! public Set getStandardFunctions() { ! return Collections.unmodifiableSet(supportedFunctions); } --- 340,358 ---- /** ! * Returns the identifiers supported for the given version of XACML. ! * Because this factory supports identifiers from all versions of the ! * XACML specifications, this method is useful for getting a list of ! * which specific identifiers are supported by a given version of XACML. * ! * @param xacmlVersion a standard XACML identifier string, as provided ! * in <code>PolicyMetaData</code> ! * ! * @return a <code>Set</code> of identifiers ! * ! * @throws UnknownIdentifierException if the version string is unknown */ ! public static Set getStandardFunctions(String xacmlVersion) { ! // FIXME: collecting the identifiers needs to be implemented.. ! throw new RuntimeException("This method isn't implemented yet."); } *************** *** 343,348 **** * <code>FunctionProxy</code>s */ ! public Map getStandardAbstractFunctions() { ! return Collections.unmodifiableMap(supportedAbstractFunctions); } --- 364,370 ---- * <code>FunctionProxy</code>s */ ! public static Map getStandardAbstractFunctions(String xacmlVersion) { ! // FIXME: collecting the identifiers needs to be implemented.. ! throw new RuntimeException("This method isn't implemented yet."); } *************** *** 357,379 **** */ public static FunctionFactoryProxy getNewFactoryProxy() { ! StandardFunctionFactory general = ! StandardFunctionFactory.getGeneralFactory(); FunctionFactory newGeneral = ! new BaseFunctionFactory(general.getStandardFunctions(), ! general.getStandardAbstractFunctions()); - StandardFunctionFactory condition = - StandardFunctionFactory.getConditionFactory(); FunctionFactory newCondition = ! new BaseFunctionFactory(newGeneral, ! condition.getStandardFunctions(), ! condition.getStandardAbstractFunctions()); - StandardFunctionFactory target = - StandardFunctionFactory.getTargetFactory(); FunctionFactory newTarget = ! new BaseFunctionFactory(newCondition, ! target.getStandardFunctions(), ! target.getStandardAbstractFunctions()); return new BasicFunctionFactoryProxy(newTarget, newCondition, --- 379,397 ---- */ public static FunctionFactoryProxy getNewFactoryProxy() { ! // first off, make sure everything's been initialized ! getGeneralFactory(); ! ! // now create the new instances FunctionFactory newGeneral = ! new BaseFunctionFactory(generalFunctions, ! generalAbstractFunctions); FunctionFactory newCondition = ! new BaseFunctionFactory(newGeneral, conditionFunctions, ! conditionAbstractFunctions); FunctionFactory newTarget = ! new BaseFunctionFactory(newCondition, targetFunctions, ! targetAbstractFunctions); return new BasicFunctionFactoryProxy(newTarget, newCondition, Index: ConditionBagFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/ConditionBagFunction.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** ConditionBagFunction.java 24 May 2004 21:39:22 -0000 1.4 --- ConditionBagFunction.java 13 Jan 2006 22:32:51 -0000 1.5 *************** *** 3,7 **** * @(#)ConditionBagFunction.java * ! * Copyright 2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)ConditionBagFunction.java * ! * Copyright 2004-206 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 75,78 **** --- 75,85 ---- argMap.put(FUNCTION_NS + simpleTypes[i] + NAME_BASE_IS_IN, args); } + + for (int i = 0; i < baseTypes2.length; i++) { + String [] args = { baseTypes2[i], baseTypes2[i] }; + + argMap.put(FUNCTION_NS_2 + simpleTypes2[i] + NAME_BASE_IS_IN, + args); + } } Index: EqualFunction.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/cond/EqualFunction.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** EqualFunction.java 24 May 2004 21:39:22 -0000 1.6 --- EqualFunction.java 13 Jan 2006 22:32:51 -0000 1.7 *************** *** 3,7 **** * @(#)EqualFunction.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)EqualFunction.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 46,52 **** --- 46,54 ---- import com.sun.xacml.attr.DateTimeAttribute; import com.sun.xacml.attr.DayTimeDurationAttribute; + import com.sun.xacml.attr.DNSNameAttribute; import com.sun.xacml.attr.DoubleAttribute; import com.sun.xacml.attr.HexBinaryAttribute; import com.sun.xacml.attr.IntegerAttribute; + import com.sun.xacml.attr.IPAddressAttribute; import com.sun.xacml.attr.RFC822NameAttribute; import com.sun.xacml.attr.StringAttribute; *************** *** 159,162 **** --- 161,176 ---- FUNCTION_NS + "base64Binary-equal"; + /** + * Standard identifier for the ipAddress-equal function. + */ + public static final String NAME_IPADDRESS_EQUAL = + FUNCTION_NS_2 + "ipAddress-equal"; + + /** + * Standard identifier for the dnsName-equal function. + */ + public static final String NAME_DNSNAME_EQUAL = + FUNCTION_NS_2 + "dnsName-equal"; + // private mapping of standard functions to their argument types private static HashMap typeMap; *************** *** 185,188 **** --- 199,204 ---- typeMap.put(NAME_HEXBINARY_EQUAL, HexBinaryAttribute.identifier); typeMap.put(NAME_BASE64BINARY_EQUAL, Base64BinaryAttribute.identifier); + typeMap.put(NAME_IPADDRESS_EQUAL, IPAddressAttribute.identifier); + typeMap.put(NAME_DNSNAME_EQUAL, DNSNameAttribute.identifier); } |
From: Seth P. <se...@us...> - 2006-01-13 22:33:16
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30273/com/sun/xacml Modified Files: BasicEvaluationCtx.java ConfigurationStore.java EvaluationCtx.java PolicyMetaData.java PolicyReference.java Log Message: Added support for the XACML 2.0 functions, cleaned up current env handling and date/time construction, and made most of the factory-related changes to support the promised 2.0 features Index: BasicEvaluationCtx.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/BasicEvaluationCtx.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** BasicEvaluationCtx.java 4 Jun 2004 17:50:39 -0000 1.3 --- BasicEvaluationCtx.java 13 Jan 2006 22:32:50 -0000 1.4 *************** *** 3,7 **** * @(#)BasicEvaluationCtx.java * ! * Copyright 2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)BasicEvaluationCtx.java * ! * Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 58,61 **** --- 58,62 ---- import java.util.ArrayList; + import java.util.Date; import java.util.HashMap; import java.util.HashSet; *************** *** 75,78 **** --- 76,89 ---- * an XACML Request and falls back on an AttributeFinder if a requested * value isn't available in the Request. + * <p> + * Note that this class can do some optional caching for current date, time, + * and dateTime values (defined by a boolean flag to the constructors). The + * XACML specification requires that these values always be available, but it + * does not specify whether or not they must remain constant over the course + * of an evaluation if the values are being generated by the PDP (if the + * values are provided in the Request, then obviously they will remain + * constant). The default behavior is for these environment values to be + * cached, so that (for example) the current time remains constant over the + * course of an evaluation. * * @since 1.2 *************** *** 344,358 **** /** - * Returns the <code>AttributeFinder</code> used by this context. Note - * that this is a deprecated method and will be removed in the next - * major release. - * - * @return the <code>AttributeFinder</code> - */ - public AttributeFinder getAttributeFinder() { - return finder; - } - - /** * Returns the DOM root of the original RequestType XML document. * --- 355,358 ---- *************** *** 364,376 **** /** - * Returns the resource named in the request as resource-id. - * - * @return the resource - */ - public AttributeValue getResourceId() { - return resourceId; - } - - /** * Returns the resource scope of the request, which will be one of the * three fields denoting Immediate, Children, or Descendants. --- 364,367 ---- *************** *** 383,386 **** --- 374,386 ---- /** + * Returns the resource named in the request as resource-id. + * + * @return the resource + */ + public AttributeValue getResourceId() { + return resourceId; + } + + /** * Changes the value of the resource-id attribute in this context. This * is useful when you have multiple resources (ie, a scope other than *************** *** 406,478 **** /** ! * Returns the cached value for the current time. If The value has never ! * been set by a call to <code>setCurrentTime</code>, or if caching is ! * not enabled in this instance, then this will return null. Note that this ! * only applies to dynamically resolved values, not those supplied in the ! * Request. * ! * @return the current time or null */ ! public TimeAttribute getCurrentTime() { ! return currentTime; ! } - /** - * Sets the current time for this evaluation. If caching is not enabled - * for this instance then the value is ignored. - * - * @param currentTime the dynamically resolved current time - */ - public void setCurrentTime(TimeAttribute currentTime) { if (useCachedEnvValues) ! this.currentTime = currentTime; } /** ! * Returns the cached value for the current date. If The value has never ! * been set by a call to <code>setCurrentDate</code>, or if caching is ! * not enabled in this instance, then this will return null. Note that this ! * only applies to dynamically resolved values, not those supplied in the ! * Request. * ! * @return the current date or null */ ! public DateAttribute getCurrentDate() { ! return currentDate; ! } - /** - * Sets the current date for this evaluation. If caching is not enabled - * for this instance then the value is ignored. - * - * @param currentDate the dynamically resolved current date - */ - public void setCurrentDate(DateAttribute currentDate) { if (useCachedEnvValues) ! this.currentDate = currentDate; } /** ! * Returns the cached value for the current dateTime. If The value has ! * never been set by a call to <code>setCurrentDateTime</code>, or if ! * caching is not enabled in this instance, then this will return null. ! * Note that this only applies to dynamically resolved values, not those ! * supplied in the Request. * ! * @return the current date or null */ ! public DateTimeAttribute getCurrentDateTime() { ! return currentDateTime; } /** ! * Sets the current dateTime for this evaluation. If caching is not enabled ! * for this instance then the value is ignored. ! * ! * @param currentDateTime the dynamically resolved current dateTime */ ! public void setCurrentDateTime(DateTimeAttribute currentDateTime) { ! if (useCachedEnvValues) ! this.currentDateTime = currentDateTime; } --- 406,508 ---- /** ! * Returns the value for the current time. The current time, current ! * date, and current dateTime are consistent, so that they all ! * represent the same moment. If this is the first time that one ! * of these three values has been requested, and caching is enabled, ! * then the three values will be resolved and stored. ! * <p> ! * Note that the value supplied here applies only to dynamically ! * resolved values, not those supplied in the Request. In other words, ! * this always returns a dynamically resolved value local to the PDP, ! * even if a different value was supplied in the Request. This is ! * handled correctly when the value is requested by its identifier. * ! * @return the current time */ ! public synchronized TimeAttribute getCurrentTime() { ! long millis = dateTimeHelper(); if (useCachedEnvValues) ! return currentTime; ! else ! return new TimeAttribute(new Date(millis)); } /** ! * Returns the value for the current date. The current time, current ! * date, and current dateTime are consistent, so that they all ! * represent the same moment. If this is the first time that one ! * of these three values has been requested, and caching is enabled, ! * then the three values will be resolved and stored. ! * <p> ! * Note that the value supplied here applies only to dynamically ! * resolved values, not those supplied in the Request. In other words, ! * this always returns a dynamically resolved value local to the PDP, ! * even if a different value was supplied in the Request. This is ! * handled correctly when the value is requested by its identifier. * ! * @return the current date */ ! public synchronized DateAttribute getCurrentDate() { ! long millis = dateTimeHelper(); if (useCachedEnvValues) ! return currentDate; ! else ! return new DateAttribute(new Date(millis)); } /** ! * Returns the value for the current dateTime. The current time, current ! * date, and current dateTime are consistent, so that they all ! * represent the same moment. If this is the first time that one ! * of these three values has been requested, and caching is enabled, ! * then the three values will be resolved and stored. ! * <p> ! * Note that the value supplied here applies only to dynamically ! * resolved values, not those supplied in the Request. In other words, ! * this always returns a dynamically resolved value local to the PDP, ! * even if a different value was supplied in the Request. This is ! * handled correctly when the value is requested by its identifier. * ! * @return the current dateTime */ ! public synchronized DateTimeAttribute getCurrentDateTime() { ! long millis = dateTimeHelper(); ! ! if (useCachedEnvValues) ! return currentDateTime; ! else ! return new DateTimeAttribute(new Date(millis)); } /** ! * Private helper that figures out if we need to resolve new values, ! * and returns either the current moment (if we're not caching) or ! * -1 (if we are caching) */ ! private long dateTimeHelper() { ! // if we already have current values, then we can stop (note this ! // always means that we're caching) ! if (currentTime != null) ! return -1; ! ! // get the current moment ! Date time = new Date(); ! long millis = time.getTime(); ! ! // if we're not caching then we just return the current moment ! if (! useCachedEnvValues) { ! return millis; ! } else { ! // we're caching, so resolve all three values, making sure ! // to use clean copies of the date object since it may be ! // modified when creating the attributes ! currentTime = new TimeAttribute(time); ! currentDate = new DateAttribute(new Date(millis)); ! currentDateTime = new DateTimeAttribute(new Date(millis)); ! } ! ! return -1; } Index: PolicyMetaData.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/PolicyMetaData.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** PolicyMetaData.java 5 Dec 2005 23:34:51 -0000 1.1 --- PolicyMetaData.java 13 Jan 2006 22:32:50 -0000 1.2 *************** *** 3,7 **** * @(#)PolicyMetaData.java * ! * Copyright 2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)PolicyMetaData.java * ! * Copyright 2005-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 37,40 **** --- 37,49 ---- package com.sun.xacml; + import com.sun.xacml.attr.AttributeFactory; + import com.sun.xacml.attr.AttributeFactoryProxy; + + import com.sun.xacml.combine.CombiningAlgFactory; + import com.sun.xacml.combine.CombiningAlgFactoryProxy; + + import com.sun.xacml.cond.FunctionFactory; + import com.sun.xacml.cond.FunctionFactoryProxy; + /** *************** *** 115,121 **** private int xpathVersion; /** * Creates a <code>PolicyMetaData</code> instance with the given ! * parameters. * * @param xacmlVersion the version of XACML used in a policy --- 124,143 ---- private int xpathVersion; + // the factories used with this policy + private AttributeFactoryProxy afProxy; + private CombiningAlgFactoryProxy cafProxy; + private FunctionFactoryProxy ffProxy; + + /** + * Creates a <code>PolicyMetaData</code> instance with all the parameters + * set to their default values. + */ + public PolicyMetaData() { + this(XACML_DEFAULT_VERSION, XPATH_VERSION_UNSPECIFIED); + } + /** * Creates a <code>PolicyMetaData</code> instance with the given ! * parameters. The default factories are assumed. * * @param xacmlVersion the version of XACML used in a policy *************** *** 123,128 **** --- 145,185 ---- */ public PolicyMetaData(int xacmlVersion, int xpathVersion) { + this(xacmlVersion, xpathVersion, null, null, null); + } + + /** + * Creates a <code>PolicyMetaData</code> instance with the given + * parameters. The default factories are assumed. + * + * @param xacmlVersion the version of XACML used in a policy + * @param xpathVersion the XPath version to use in any selectors, or + * null if this is unspecified (ie, not supplied in + * the defaults section of the policy) + * + * @throws IllegalArgumentException if the identifier strings are unknown + */ + public PolicyMetaData(String xacmlVersion, String xpathVersion) { + this(xacmlVersion, xpathVersion, null, null, null); + } + + /** + * Creates a <code>PolicyMetaData</code> instance with the given + * parameters. A proxy value of null implies the default factory. + * + * @param xacmlVersion the version of XACML used in a policy + * @param xpathVersion the XPath version to use in any selectors + * @param attributeFactoryProxy + * @param combiningAlgFactoryProxy + * @param functionFactoryProxy + */ + public PolicyMetaData(int xacmlVersion, int xpathVersion, + AttributeFactoryProxy attributeFactoryProxy, + CombiningAlgFactoryProxy combiningAlgFactoryProxy, + FunctionFactoryProxy functionFactoryProxy) { this.xacmlVersion = xacmlVersion; this.xpathVersion = xpathVersion; + + proxySetup(attributeFactoryProxy, combiningAlgFactoryProxy, + functionFactoryProxy); } *************** *** 135,142 **** * null if this is unspecified (ie, not supplied in * the defaults section of the policy) * * @throws IllegalArgumentException if the identifier strings are unknown */ ! public PolicyMetaData(String xacmlVersion, String xpathVersion) { if (xacmlVersion == null) this.xacmlVersion = XACML_DEFAULT_VERSION; --- 192,203 ---- * null if this is unspecified (ie, not supplied in * the defaults section of the policy) + * @param * * @throws IllegalArgumentException if the identifier strings are unknown */ ! public PolicyMetaData(String xacmlVersion, String xpathVersion, ! AttributeFactoryProxy attributeFactoryProxy, ! CombiningAlgFactoryProxy combiningAlgFactoryProxy, ! FunctionFactoryProxy functionFactoryProxy) { if (xacmlVersion == null) this.xacmlVersion = XACML_DEFAULT_VERSION; *************** *** 158,161 **** --- 219,255 ---- this.xpathVersion = XPATH_VERSION_UNSPECIFIED; } + + proxySetup(attributeFactoryProxy, combiningAlgFactoryProxy, + functionFactoryProxy); + } + + /** + * + */ + private void proxySetup(AttributeFactoryProxy attributeFactoryProxy, + CombiningAlgFactoryProxy combiningAlgFactoryProxy, + FunctionFactoryProxy functionFactoryProxy) { + if (attributeFactoryProxy == null) + this.afProxy = new AttributeFactoryProxy() { + public AttributeFactory getFactory() { + return AttributeFactory.getInstance(); + } + }; + else + this.afProxy = attributeFactoryProxy; + + if (combiningAlgFactoryProxy == null) + this.cafProxy = new CombiningAlgFactoryProxy() { + public CombiningAlgFactory getFactory() { + return CombiningAlgFactory.getInstance(); + } + }; + else + this.cafProxy = combiningAlgFactoryProxy; + + if (functionFactoryProxy == null) + this.ffProxy = FunctionFactory.getInstance(); + else + this.ffProxy = functionFactoryProxy; } *************** *** 197,199 **** --- 291,343 ---- } + /** + * Returns the <code>AttributeFactory</code> used by the associated + * policy. + * + * @return a <code>AttributeFactory</code> + */ + public AttributeFactory getAttributeFactory() { + return afProxy.getFactory(); + } + + /** + * Returns the <code>CombiningAlgFactory</code> used by the associated + * policy. + * + * @return a <code>CombiningAlgFactory</code> + */ + public CombiningAlgFactory getCombiningAlgFactory() { + return cafProxy.getFactory(); + } + + /** + * Returns the Target <code>FunctionFactory</code> used by the associated + * policy. + * + * @return a <code>FunctionFactory</code> + */ + public FunctionFactory getTargetFunctionFactory() { + return ffProxy.getTargetFactory(); + } + + /** + * Returns the Condition <code>FunctionFactory</code> used by the + * associated policy. + * + * @return a <code>FunctionFactory</code> + */ + public FunctionFactory getConditionFunctionFactory() { + return ffProxy.getConditionFactory(); + } + + /** + * Returns the General <code>FunctionFactory</code> used by the associated + * policy. + * + * @return a <code>FunctionFactory</code> + */ + public FunctionFactory getGeneralFunctionFactory() { + return ffProxy.getGeneralFactory(); + } + } Index: EvaluationCtx.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/EvaluationCtx.java,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** EvaluationCtx.java 13 Jun 2004 23:20:17 -0000 1.9 --- EvaluationCtx.java 13 Jan 2006 22:32:50 -0000 1.10 *************** *** 3,7 **** * @(#)EvaluationCtx.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)EvaluationCtx.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 54,68 **** * Manages the context of a single policy evaluation. Typically, an instance * is instantiated whenever the PDP gets a request and needs to perform an ! * evaluation as a result. ! * <p> ! * Note that this class does some optional caching for current date, time, ! * and dateTime values (defined by a boolean flag to the constructors). The ! * XACML specification requires that these values always be available, but it ! * does not specify whether or not they must remain constant over the course ! * of an evaluation if the values are being generated by the PDP (if the ! * values are provided in the Request, then obviously they will remain ! * constant). The default behavior is for these environment values to be ! * cached, so that (for example) the current time remains constant over the ! * course of an evaluation. * * @since 1.0 --- 54,59 ---- * Manages the context of a single policy evaluation. Typically, an instance * is instantiated whenever the PDP gets a request and needs to perform an ! * evaluation as a result. The <code>BasicEvaluationCtx</code> class ! * provides a basic implementation that is used by default. * * @since 1.0 *************** *** 102,116 **** /** - * Returns the <code>AttributeFinder</code> used by this context. - * - * @deprecated As of version 1.2, this method should not be used, as it - * provides access to a mutable interface. This method will - * be removed in the next major release. - * - * @return the <code>AttributeFinder</code> - */ - public AttributeFinder getAttributeFinder(); - - /** * Returns the DOM root of the original RequestType XML document, if * this context is backed by an XACML Request. If this context is not --- 93,96 ---- *************** *** 125,135 **** /** - * Returns the identifier for the resource being requested. - * - * @return the resource - */ - public AttributeValue getResourceId(); - - /** * Returns the resource scope, which will be one of the three fields * denoting Immediate, Children, or Descendants. --- 105,108 ---- *************** *** 140,143 **** --- 113,123 ---- /** + * Returns the identifier for the resource being requested. + * + * @return the resource + */ + public AttributeValue getResourceId(); + + /** * Changes the value of the resource-id attribute in this context. This * is useful when you have multiple resources (ie, a scope other than *************** *** 150,204 **** /** ! * Returns the cached value for the current time. If the value has never ! * been set by a call to <code>setCurrentTime</code>, or if caching is ! * not enabled in this instance, then this will return null. * ! * @return the current time or null */ public TimeAttribute getCurrentTime(); /** ! * Sets the current time for this evaluation. If caching is not enabled ! * for this instance then the value is ignored. ! * ! * @param currentTime the dynamically resolved current time ! */ ! public void setCurrentTime(TimeAttribute currentTime); ! ! /** ! * Returns the cached value for the current date. If the value has never ! * been set by a call to <code>setCurrentDate</code>, or if caching is ! * not enabled in this instance, then this will return null. * ! * @return the current date or null */ public DateAttribute getCurrentDate(); /** ! * Sets the current date for this evaluation. If caching is not enabled ! * for this instance then the value is ignored. ! * ! * @param currentDate the dynamically resolved current date ! */ ! public void setCurrentDate(DateAttribute currentDate); ! ! /** ! * Returns the cached value for the current dateTime. If the value has ! * never been set by a call to <code>setCurrentDateTime</code>, or if ! * caching is not enabled in this instance, then this will return null. * ! * @return the current date or null */ public DateTimeAttribute getCurrentDateTime(); /** - * Sets the current dateTime for this evaluation. If caching is not enabled - * for this instance then the value is ignored. - * - * @param currentDateTime the dynamically resolved current dateTime - */ - public void setCurrentDateTime(DateTimeAttribute currentDateTime); - - /** * Returns available subject attribute value(s) ignoring the issuer. * --- 130,163 ---- /** ! * Returns the value for the current time as known by the PDP (if this ! * value was also supplied in the Request, this will generally be a ! * different value). Details of caching or location-based resolution ! * are left to the underlying implementation. * ! * @return the current time */ public TimeAttribute getCurrentTime(); /** ! * Returns the value for the current date as known by the PDP (if this ! * value was also supplied in the Request, this will generally be a ! * different value). Details of caching or location-based resolution ! * are left to the underlying implementation. * ! * @return the current date */ public DateAttribute getCurrentDate(); /** ! * Returns the value for the current dateTime as known by the PDP (if this ! * value was also supplied in the Request, this will generally be a ! * different value). Details of caching or location-based resolution ! * are left to the underlying implementation. * ! * @return the current date */ public DateTimeAttribute getCurrentDateTime(); /** * Returns available subject attribute value(s) ignoring the issuer. * *************** *** 258,261 **** --- 217,224 ---- /** * Returns available environment attribute value(s). + * <p> + * Note that if you want to resolve the correct current date, time, or + * dateTime as seen from an evaluation point of view, you should use + * this method and supply the corresponding identifier. * * @param type the type of the attribute value(s) to find Index: ConfigurationStore.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/ConfigurationStore.java,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** ConfigurationStore.java 17 Feb 2005 16:01:25 -0000 1.10 --- ConfigurationStore.java 13 Jan 2006 22:32:50 -0000 1.11 *************** *** 3,7 **** * @(#)ConfigurationStore.java * ! * Copyright 2004-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)ConfigurationStore.java * ! * Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 105,109 **** * This way, the programmer still has full control over their security model, * but also has the convenience of re-using a common configuration ! * mechanism. See http://sunxacml.sourceforge.net/schema/config-0.3.xsd for * the valid schema. * <p> --- 105,109 ---- * This way, the programmer still has full control over their security model, * but also has the convenience of re-using a common configuration ! * mechanism. See http://sunxacml.sourceforge.net/schema/config-0.4.xsd for * the valid schema. * <p> *************** *** 112,119 **** * is simply provided as a convenience, and so that all programmers can start * from a common point. - * <p> - * NOTE: The name of this class, its interfaces, and they way it interacts - * with the rest of the code is currently unstable, so expect some changes - * between now and the next release. * * @since 1.2 --- 112,115 ---- *************** *** 229,238 **** NamedNodeMap attrs = root.getAttributes(); String defaultPDP = attrs.getNamedItem("defaultPDP").getNodeValue(); ! String defaultAF = attrs.getNamedItem("defaultAttributeFactory"). ! getNodeValue(); ! String defaultCAF = attrs.getNamedItem("defaultCombiningAlgFactory"). ! getNodeValue(); ! String defaultFF = attrs.getNamedItem("defaultFunctionFactory"). ! getNodeValue(); // loop through all the root-level elements, for each one getting its --- 225,232 ---- NamedNodeMap attrs = root.getAttributes(); String defaultPDP = attrs.getNamedItem("defaultPDP").getNodeValue(); ! String defaultAF = getDefaultFactory(attrs, "defaultAttributeFactory"); ! String defaultCAF = getDefaultFactory(attrs, ! "defaultCombiningAlgFactory"); ! String defaultFF = getDefaultFactory(attrs, "defaultFunctionFactory"); // loop through all the root-level elements, for each one getting its *************** *** 289,298 **** --- 283,331 ---- // finally, extract the default elements defaultPDPConfig = (PDPConfig)(pdpConfigMap.get(defaultPDP)); + defaultAttributeFactory = (AttributeFactory) (attributeMap.get(defaultAF)); + if (defaultAttributeFactory == null) { + try { + defaultAttributeFactory = + AttributeFactory.getInstance(defaultAF); + } catch (Exception e) { + throw new ParsingException("Unknown AttributeFactory", e); + } + } + defaultCombiningFactory = (CombiningAlgFactory) (combiningMap.get(defaultCAF)); + if (defaultCombiningFactory == null) { + try { + defaultCombiningFactory = + CombiningAlgFactory.getInstance(defaultCAF); + } catch (Exception e) { + throw new ParsingException("Unknown CombininAlgFactory", e); + } + } + defaultFunctionFactoryProxy = (FunctionFactoryProxy) (functionMap.get(defaultFF)); + if (defaultFunctionFactoryProxy == null) { + try { + defaultFunctionFactoryProxy = + FunctionFactory.getInstance(defaultFF); + } catch (Exception e) { + throw new ParsingException("Unknown FunctionFactory", e); + } + } + } + + /** + * Private helper that gets a default factory identifier, or fills in + * the default value if no identifier is provided. + */ + private String getDefaultFactory(NamedNodeMap attrs, String factoryName) { + Node node = attrs.getNamedItem(factoryName); + if (node != null) + return node.getNodeValue(); + else + return PolicyMetaData.XACML_1_0_IDENTIFIER; } *************** *** 385,391 **** logger.config("Starting with standard Datatypes"); ! StandardAttributeFactory sf = ! StandardAttributeFactory.getFactory(); ! factory = new BaseAttributeFactory(sf.getStandardDatatypes()); } else { factory = new BaseAttributeFactory(); --- 418,422 ---- logger.config("Starting with standard Datatypes"); ! factory = StandardAttributeFactory.getNewFactory(); } else { factory = new BaseAttributeFactory(); *************** *** 429,435 **** logger.config("Starting with standard Combining Algorithms"); ! StandardCombiningAlgFactory sf = ! StandardCombiningAlgFactory.getFactory(); ! factory = new BaseCombiningAlgFactory(sf.getStandardAlgorithms()); } else { factory = new BaseCombiningAlgFactory(); --- 460,464 ---- logger.config("Starting with standard Combining Algorithms"); ! factory = StandardCombiningAlgFactory.getNewFactory(); } else { factory = new BaseCombiningAlgFactory(); *************** *** 771,787 **** /** ! * Returns the default attribute factory. If no default was specified ! * then this throws an exception. * * @return the default attribute factory - * - * @throws UnknownIdentifierException if there is no default factory */ ! public AttributeFactory getDefaultAttributeFactory() ! throws UnknownIdentifierException ! { ! if (defaultAttributeFactory == null) ! throw new UnknownIdentifierException("no default available"); ! return defaultAttributeFactory; } --- 800,808 ---- /** ! * Returns the default attribute factory. * * @return the default attribute factory */ ! public AttributeFactory getDefaultAttributeFactory() { return defaultAttributeFactory; } *************** *** 817,833 **** /** ! * Returns the default combiningAlg factory. If no default was specified ! * then this throws an exception. * * @return the default combiningAlg factory - * - * @throws UnknownIdentifierException if there is no default factory */ ! public CombiningAlgFactory getDefaultCombiningAlgFactory() ! throws UnknownIdentifierException ! { ! if (defaultCombiningFactory == null) ! throw new UnknownIdentifierException("no default available"); ! return defaultCombiningFactory; } --- 838,869 ---- /** ! * Registers all the supported factories with the given identifiers. If ! * a given identifier is already in use, then that factory is not ! * registered. This method is provided only as a convenience, and ! * any registration that may involve identifier clashes should be done ! * by registering each factory individually. ! */ ! public void registerAttributeFactories() { ! Iterator it = attributeMap.keySet().iterator(); ! ! while (it.hasNext()) { ! String id = (String)(it.next()); ! AttributeFactory af = (AttributeFactory)(attributeMap.get(id)); ! ! try { ! AttributeFactory.registerFactory(id, new AFProxy(af)); ! } catch (IllegalArgumentException iae) { ! logger.log(Level.WARNING, "Couldn't register AttributeFactory:" ! + id + " (already in use)", iae); ! } ! } ! } ! ! /** ! * Returns the default combiningAlg factory. * * @return the default combiningAlg factory */ ! public CombiningAlgFactory getDefaultCombiningAlgFactory() { return defaultCombiningFactory; } *************** *** 863,879 **** /** ! * Returns the default function factory proxy. If no default was specified ! * then this throws an exception. * * @return the default function factory proxy - * - * @throws UnknownIdentifierException if there is no default factory */ ! public FunctionFactoryProxy getDefaultFunctionFactoryProxy() ! throws UnknownIdentifierException ! { ! if (defaultFunctionFactoryProxy == null) ! throw new UnknownIdentifierException("no default available"); ! return defaultFunctionFactoryProxy; } --- 899,932 ---- /** ! * Registers all the supported factories with the given identifiers. If ! * a given identifier is already in use, then that factory is not ! * registered. This method is provided only as a convenience, and ! * any registration that may involve identifier clashes should be done ! * by registering each factory individually. ! */ ! public void registerCombiningAlgFactories() { ! Iterator it = combiningMap.keySet().iterator(); ! ! while (it.hasNext()) { ! String id = (String)(it.next()); ! CombiningAlgFactory cf = ! (CombiningAlgFactory)(combiningMap.get(id)); ! ! try { ! CombiningAlgFactory.registerFactory(id, new CAFProxy(cf)); ! } catch (IllegalArgumentException iae) { ! logger.log(Level.WARNING, "Couldn't register " + ! "CombiningAlgFactory: " + id + " (already in use)", ! iae); ! } ! } ! } ! ! /** ! * Returns the default function factory proxy. * * @return the default function factory proxy */ ! public FunctionFactoryProxy getDefaultFunctionFactoryProxy() { return defaultFunctionFactoryProxy; } *************** *** 909,912 **** --- 962,989 ---- /** + * Registers all the supported factories with the given identifiers. If + * a given identifier is already in use, then that factory is not + * registered. This method is provided only as a convenience, and + * any registration that may involve identifier clashes should be done + * by registering each factory individually. + */ + public void registerFunctionFactories() { + Iterator it = functionMap.keySet().iterator(); + + while (it.hasNext()) { + String id = (String)(it.next()); + FunctionFactoryProxy ffp = + (FunctionFactoryProxy)(functionMap.get(id)); + + try { + FunctionFactory.registerFactory(id, ffp); + } catch (IllegalArgumentException iae) { + logger.log(Level.WARNING, "Couldn't register FunctionFactory: " + + id + " (already in use)", iae); + } + } + } + + /** * Uses the default configuration to re-set the default factories used * by the system (attribute, combining algorithm, and function). If *************** *** 919,927 **** // set the default attribute factory, if it exists here if (defaultAttributeFactory != null) { ! AttributeFactory.setDefaultFactory(new AttributeFactoryProxy() { ! public AttributeFactory getFactory() { ! return defaultAttributeFactory; ! } ! }); } --- 996,1001 ---- // set the default attribute factory, if it exists here if (defaultAttributeFactory != null) { ! AttributeFactory. ! setDefaultFactory(new AFProxy(defaultAttributeFactory)); } *************** *** 929,937 **** if (defaultCombiningFactory != null) { CombiningAlgFactory. ! setDefaultFactory(new CombiningAlgFactoryProxy() { ! public CombiningAlgFactory getFactory() { ! return defaultCombiningFactory; ! } ! }); } --- 1003,1007 ---- if (defaultCombiningFactory != null) { CombiningAlgFactory. ! setDefaultFactory(new CAFProxy(defaultCombiningFactory)); } *************** *** 941,943 **** --- 1011,1041 ---- } + /** + * + */ + class AFProxy implements AttributeFactoryProxy { + private AttributeFactory factory; + + public AFProxy(AttributeFactory factory) { + this.factory = factory; + } + public AttributeFactory getFactory() { + return factory; + } + } + + /** + * + */ + class CAFProxy implements CombiningAlgFactoryProxy { + private CombiningAlgFactory factory; + + public CAFProxy(CombiningAlgFactory factory) { + this.factory = factory; + } + public CombiningAlgFactory getFactory() { + return factory; + } + } + } Index: PolicyReference.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/PolicyReference.java,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** PolicyReference.java 5 Dec 2005 23:34:51 -0000 1.9 --- PolicyReference.java 13 Jan 2006 22:32:50 -0000 1.10 *************** *** 104,107 **** --- 104,110 ---- private PolicyFinder finder; + // the meta-data for the parent policy + private PolicyMetaData parentMetaData; + // the logger we'll use for all messages private static final Logger logger = *************** *** 116,127 **** * @param policyType one of the two fields in this class * @param finder the <code>PolicyFinder</code> used to handle the reference * * @throws IllegalArgumentException if the input policyType isn't valid */ ! public PolicyReference(URI reference, int policyType, PolicyFinder finder) throws IllegalArgumentException { this(reference, policyType, new VersionConstraints(null, null, null), ! finder); } --- 119,133 ---- * @param policyType one of the two fields in this class * @param finder the <code>PolicyFinder</code> used to handle the reference + * @param parentMetaData the meta-data associated with the containing + * (parent) policy * * @throws IllegalArgumentException if the input policyType isn't valid */ ! public PolicyReference(URI reference, int policyType, PolicyFinder finder, ! PolicyMetaData parentMetaData) throws IllegalArgumentException { this(reference, policyType, new VersionConstraints(null, null, null), ! finder, parentMetaData); } *************** *** 139,147 **** * XACML policy) * @param finder the <code>PolicyFinder</code> used to handle the reference * * @throws IllegalArgumentException if the input policyType isn't valid */ public PolicyReference(URI reference, int policyType, ! VersionConstraints constraints, PolicyFinder finder) throws IllegalArgumentException { --- 145,156 ---- * XACML policy) * @param finder the <code>PolicyFinder</code> used to handle the reference + * @param parentMetaData the meta-data associated with the containing + * (parent) policy * * @throws IllegalArgumentException if the input policyType isn't valid */ public PolicyReference(URI reference, int policyType, ! VersionConstraints constraints, PolicyFinder finder, ! PolicyMetaData parentMetaData) throws IllegalArgumentException { *************** *** 156,159 **** --- 165,169 ---- this.constraints = constraints; this.finder = finder; + this.parentMetaData = parentMetaData; } *************** *** 176,183 **** throws ParsingException { ! return getInstance(root, finder, ! new PolicyMetaData( ! PolicyMetaData.XACML_VERSION_1_0, ! PolicyMetaData.XPATH_VERSION_UNSPECIFIED)); } --- 186,190 ---- throws ParsingException { ! return getInstance(root, finder, new PolicyMetaData()); } *************** *** 240,244 **** // finally, create the reference ! return new PolicyReference(reference, policyType, constraints, finder); } --- 247,252 ---- // finally, create the reference ! return new PolicyReference(reference, policyType, constraints, finder, ! metaData); } *************** *** 387,390 **** --- 395,401 ---- * Returns the meta-data associated with this policy. If the policy is * invalid or can't be retrieved, then a runtime exception is thrown. + * Note that this is the meta-data for the referenced policy, not the + * meta-data for the parent policy (which is what gets provided to the + * constructors of this class). * * @return the policy's meta-data *************** *** 435,440 **** } ! PolicyFinderResult pfr = finder.findPolicy(reference, policyType, ! constraints); if (pfr.notApplicable()) --- 446,452 ---- } ! PolicyFinderResult pfr = ! finder.findPolicy(reference, policyType, constraints, ! parentMetaData); if (pfr.notApplicable()) *************** *** 464,468 **** PolicyFinderResult pfr = finder.findPolicy(reference, policyType, ! constraints); // if we found nothing, then we return NotApplicable --- 476,481 ---- PolicyFinderResult pfr = finder.findPolicy(reference, policyType, ! constraints, ! parentMetaData); // if we found nothing, then we return NotApplicable |
From: Seth P. <se...@us...> - 2006-01-13 22:33:16
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30273/com/sun/xacml/attr Modified Files: AttributeDesignator.java AttributeFactory.java DateAttribute.java DateTimeAttribute.java IPAddressAttribute.java PortRange.java StandardAttributeFactory.java TimeAttribute.java Added Files: IPv4AddressAttribute.java IPv6AddressAttribute.java Log Message: Added support for the XACML 2.0 functions, cleaned up current env handling and date/time construction, and made most of the factory-related changes to support the promised 2.0 features Index: DateAttribute.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/DateAttribute.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** DateAttribute.java 17 Mar 2004 18:03:38 -0000 1.2 --- DateAttribute.java 13 Jan 2006 22:32:50 -0000 1.3 *************** *** 235,244 **** */ public DateAttribute() { super(identifierURI); // Get the current time and GMT offset ! Date currDate = new Date(); ! int currOffset = DateTimeAttribute.getDefaultTZOffset(currDate); ! long millis = currDate.getTime(); // Now find out the last time it was midnight local time --- 235,256 ---- */ public DateAttribute() { + this(new Date()); + } + + /** + * Creates a new <code>TimeAttribute</code> that represents + * the given date with default timezone values. + * + * @param date a <code>Date</code> object representing the + * instant at which the specified date began (midnight) + * in the specified time zone (the actual time value + * will be forced to midnight) + */ + public DateAttribute(Date date) { super(identifierURI); // Get the current time and GMT offset ! int currOffset = DateTimeAttribute.getDefaultTZOffset(date); ! long millis = date.getTime(); // Now find out the last time it was midnight local time *************** *** 252,257 **** // Skip forward by time zone offset. millis -= currOffset * MILLIS_PER_MINUTE; ! currDate.setTime(millis); ! init(currDate, currOffset, currOffset); } --- 264,269 ---- // Skip forward by time zone offset. millis -= currOffset * MILLIS_PER_MINUTE; ! date.setTime(millis); ! init(date, currOffset, currOffset); } Index: AttributeFactory.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/AttributeFactory.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** AttributeFactory.java 17 May 2004 20:33:45 -0000 1.7 --- AttributeFactory.java 13 Jan 2006 22:32:50 -0000 1.8 *************** *** 3,7 **** * @(#)AttributeFactory.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)AttributeFactory.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 38,45 **** --- 38,47 ---- import com.sun.xacml.ParsingException; + import com.sun.xacml.PolicyMetaData; import com.sun.xacml.UnknownIdentifierException; import java.net.URI; + import java.util.HashMap; import java.util.Set; *************** *** 63,76 **** private static AttributeFactoryProxy defaultFactoryProxy; /** ! * static intialiazer that sets up the default factory proxy ! * NOTE: this will change when the right setup mechanism is in place */ static { ! defaultFactoryProxy = new AttributeFactoryProxy() { public AttributeFactory getFactory() { return StandardAttributeFactory.getFactory(); } }; }; --- 65,87 ---- private static AttributeFactoryProxy defaultFactoryProxy; + // the map of registered factories + private static HashMap registeredFactories; + /** ! * static intialiazer that sets up the default factory proxy and ! * registers the standard namespaces */ static { ! AttributeFactoryProxy proxy = new AttributeFactoryProxy() { public AttributeFactory getFactory() { return StandardAttributeFactory.getFactory(); } }; + + registeredFactories = new HashMap(); + registeredFactories.put(PolicyMetaData.XACML_1_0_IDENTIFIER, proxy); + registeredFactories.put(PolicyMetaData.XACML_2_0_IDENTIFIER, proxy); + + defaultFactoryProxy = proxy; }; *************** *** 94,99 **** /** ! * Sets the default factory. Note that this is just a placeholder for ! * now, and will be replaced with a more useful mechanism soon. */ public static final void setDefaultFactory(AttributeFactoryProxy proxy) { --- 105,140 ---- /** ! * Returns a factory based on the given identifier. You may register ! * as many factories as you like, and then retrieve them through this ! * interface, but a factory may only be registered once using a given ! * identifier. By default, the standard XACML 1.0 and 2.0 identifiers ! * are regsietered to provide the standard factory. ! * ! * @param identifier the identifier for a factory ! * ! * @return an <code>AttributeFactory</code> ! * ! * @throws UnknownIdentifierException if the given identifier isn't ! * registered ! */ ! public static final AttributeFactory getInstance(String identifier) ! throws UnknownIdentifierException ! { ! AttributeFactoryProxy proxy = ! (AttributeFactoryProxy)(registeredFactories.get(identifier)); ! ! if (proxy == null) ! throw new UnknownIdentifierException("Uknown AttributeFactory " + ! "identifier: " + identifier); ! ! return proxy.getFactory(); ! } ! ! /** ! * Sets the default factory. This does not register the factory proxy as ! * an identifiable factory. ! * ! * @param proxy the <code>AttributeFactoryProxy</code> to set as the new ! * default factory proxy */ public static final void setDefaultFactory(AttributeFactoryProxy proxy) { *************** *** 102,105 **** --- 143,173 ---- /** + * Registers the given factory proxy with the given identifier. If the + * identifier is already used, then this throws an exception. If the + * identifier is not already used, then it will always be bound to the + * given proxy. + * + * @param identifier the identifier for the proxy + * @param proxy the <code>AttributeFactoryProxy</code> to register with + * the given identifier + * + * @throws IllegalArgumentException if the identifier is already used + */ + public static final void registerFactory(String identifier, + AttributeFactoryProxy proxy) + throws IllegalArgumentException + { + synchronized (registeredFactories) { + if (registeredFactories.containsKey(identifier)) + throw new IllegalArgumentException("Identifier is already " + + "registered as " + + "AttributeFactory: " + + identifier); + + registeredFactories.put(identifier, proxy); + } + } + + /** * Adds a proxy to the factory, which in turn will allow new attribute * types to be created using the factory. Typically the proxy is *************** *** 128,132 **** * factory. The static versions of these methods have been * left in for now, but are slower and will be removed in ! * a future version. * * @param id the name of the attribute type --- 196,201 ---- * factory. The static versions of these methods have been * left in for now, but are slower and will be removed in ! * a future version. Note that this operates only on the ! * default factory. * * @param id the name of the attribute type Index: AttributeDesignator.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/AttributeDesignator.java,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** AttributeDesignator.java 5 Dec 2005 23:34:51 -0000 1.9 --- AttributeDesignator.java 13 Jan 2006 22:32:50 -0000 1.10 *************** *** 3,7 **** * @(#)AttributeDesignator.java * ! * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)AttributeDesignator.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 207,214 **** throws ParsingException { ! return getInstance(root, target, ! new PolicyMetaData( ! PolicyMetaData.XACML_VERSION_1_0, ! PolicyMetaData.XPATH_VERSION_UNSPECIFIED)); } --- 207,211 ---- throws ParsingException { ! return getInstance(root, target, new PolicyMetaData()); } --- NEW FILE: IPv4AddressAttribute.java --- /* * @(#)IPv4AddressAttribute.java * * Copyright 2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistribution of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistribution in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of Sun Microsystems, Inc. or the names of contributors may * be used to endorse or promote products derived from this software without * specific prior written permission. * * This software is provided "AS IS," without a warranty of any kind. ALL * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. * * You acknowledge that this software is not designed or intended for use in * the design, construction, operation or maintenance of any nuclear facility. */ package com.sun.xacml.attr; import java.net.InetAddress; import java.net.UnknownHostException; /** * Subclass of <code>IPAddressAttribute</code> that handles the specifics * of IPv4. In general, you shouldn't need to interact with this class * except to create an instance directly. * * @since 2.0 * @author Seth Proctor */ public class IPv4AddressAttribute extends IPAddressAttribute { /** * Creates the new <code>IPv4AddressAttribute</code> with just the required * address component. * * @param address a non-null <code>InetAddress</code> */ public IPv4AddressAttribute(InetAddress address) { this(address, null, new PortRange()); } /** * Creates the new <code>IPv4AddressAttribute</code> with the optional * address mask. * * @param address a non-null <code>InetAddress</code> * @param mask an <code>InetAddress</code> or null if there is no mask */ public IPv4AddressAttribute(InetAddress address, InetAddress mask) { this(address, mask, new PortRange()); } /** * Creates the new <code>IPv4AddressAttribute</code> with the optional * port range. * * @param address a non-null <code>InetAddress</code> * @param portRange a non-null <code>PortRange</code> */ public IPv4AddressAttribute(InetAddress address, PortRange range) { this(address, null, range); } /** * Creates the new <code>IPv4AddressAttribute</code> with all the optional * components. * * @param address a non-null <code>InetAddress</code> * @param mask an <code>InetAddress</code> or null if there is no mask * @param portRange a non-null <code>PortRange</code> */ public IPv4AddressAttribute(InetAddress address, InetAddress mask, PortRange range) { super(address, mask, range); } /** * Returns a new <code>IPv4AddressAttribute</code> that represents * the name indicated by the <code>String</code> provided. This is a * protected method because you should never call it directly. * Instead, you should call <code>getInstance</code> on * <code>IPAddressAttribute</code> which provides versions that * take both a <code>String</code> and a <code>Node</code> and * will determine the protocol version correctly. * * @param value a string representing the address * * @return a new <code>IPAddressAttribute</code> * * @throws UnknownHostException if the address components is invalid * @throws ParsingException if any of the address components is invalid */ protected static IPAddressAttribute getV4Instance(String value) throws UnknownHostException { InetAddress address = null; InetAddress mask = null; PortRange range = null; // start out by seeing where the delimiters are int maskPos = value.indexOf("/"); int rangePos = value.indexOf(":"); // now check to see which components we have if (maskPos == rangePos) { // the sting is just an address address = InetAddress.getByName(value); } else if (maskPos != -1) { // there is also a mask (and maybe a range) address = InetAddress.getByName(value.substring(0, maskPos)); if (rangePos != -1) { // there's a range too, so get it and the mask mask = InetAddress.getByName(value.substring(maskPos + 1, rangePos)); range = PortRange.getInstance(value.substring(rangePos + 1, value.length())); } else { // there's no range, so just get the mask mask = InetAddress.getByName(value.substring(maskPos + 1, value.length())); } } else { // there is a range, but no mask address = InetAddress.getByName(value.substring(0, rangePos)); range = PortRange.getInstance(value.substring(rangePos + 1, value.length())); } // if the range is null, then create it as unbound range = new PortRange(); return new IPv4AddressAttribute(address, mask, range); } /** * */ public String encode() { String str = getAddress().getHostAddress(); if (getMask() != null) str += getMask().getHostAddress(); if (! getRange().isUnbound()) str += ":" + getRange().encode(); return str; } } Index: PortRange.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/PortRange.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** PortRange.java 16 Dec 2005 22:42:37 -0000 1.1 --- PortRange.java 13 Jan 2006 22:32:51 -0000 1.2 *************** *** 203,207 **** */ public boolean equals(Object o) { ! if (! (o instanceof IPAddressAttribute)) return false; --- 203,207 ---- */ public boolean equals(Object o) { ! if (! (o instanceof PortRange)) return false; --- NEW FILE: IPv6AddressAttribute.java --- /* * @(#)IPv6AddressAttribute.java * * Copyright 2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistribution of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistribution in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of Sun Microsystems, Inc. or the names of contributors may * be used to endorse or promote products derived from this software without * specific prior written permission. * * This software is provided "AS IS," without a warranty of any kind. ALL * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. * * You acknowledge that this software is not designed or intended for use in * the design, construction, operation or maintenance of any nuclear facility. */ package com.sun.xacml.attr; import java.net.InetAddress; import java.net.UnknownHostException; /** * Subclass of <code>IPAddressAttribute</code> that handles the specifics * of IPv6. In general, you shouldn't need to interact with this class * except to create an instance directly. * * @since 2.0 * @author Seth Proctor */ public class IPv6AddressAttribute extends IPAddressAttribute { /** * Creates the new <code>IPv6AddressAttribute</code> with just the required * address component. * * @param address a non-null <code>InetAddress</code> */ public IPv6AddressAttribute(InetAddress address) { this(address, null, new PortRange()); } /** * Creates the new <code>IPv6AddressAttribute</code> with the optional * address mask. * * @param address a non-null <code>InetAddress</code> * @param mask an <code>InetAddress</code> or null if there is no mask */ public IPv6AddressAttribute(InetAddress address, InetAddress mask) { this(address, mask, new PortRange()); } /** * Creates the new <code>IPv6AddressAttribute</code> with the optional * port range. * * @param address a non-null <code>InetAddress</code> * @param portRange a non-null <code>PortRange</code> */ public IPv6AddressAttribute(InetAddress address, PortRange range) { this(address, null, range); } /** * Creates the new <code>IPv6AddressAttribute</code> with all the optional * components. * * @param address a non-null <code>InetAddress</code> * @param mask an <code>InetAddress</code> or null if there is no mask * @param portRange a non-null <code>PortRange</code> */ public IPv6AddressAttribute(InetAddress address, InetAddress mask, PortRange range) { super(address, mask, range); } /** * Returns a new <code>IPv6AddressAttribute</code> that represents * the name indicated by the <code>String</code> provided. This is a * protected method because you should never call it directly. * Instead, you should call <code>getInstance</code> on * <code>IPAddressAttribute</code> which provides versions that * take both a <code>String</code> and a <code>Node</code> and * will determine the protocol version correctly. * * @param value a string representing the address * * @return a new <code>IPAddressAttribute</code> * * @throws UnknownHostException if the address components is invalid * @throws ParsingException if any of the address components is invalid */ protected static IPAddressAttribute getV6Instance(String value) throws UnknownHostException { InetAddress address = null; InetAddress mask = null; PortRange range = null; int len = value.length(); // get the required address component int endIndex = value.indexOf(']'); address = InetAddress.getByName(value.substring(1, endIndex)); // see if there's anything left in the string if (endIndex != (len - 1)) { // if there's a mask, it's also an IPv6 address if (value.charAt(endIndex + 1) == '/') { int startIndex = endIndex + 3; endIndex = value.indexOf(']', startIndex); mask = InetAddress.getByName(value.substring(startIndex, endIndex)); } // finally, see if there's a port range, if we're not finished if ((endIndex != (len - 1)) && (value.charAt(endIndex + 1) == ':')) range = PortRange.getInstance(value.substring(endIndex + 2, len)); } // if the range is null, then create it as unbound range = new PortRange(); return new IPv6AddressAttribute(address, mask, range); } /** * */ public String encode() { String str = "[" + getAddress().getHostAddress() + "]"; if (getMask() != null) str += "/[" + getMask().getHostAddress() + "]"; if (! getRange().isUnbound()) str += ":" + getRange().encode(); return str; } } Index: IPAddressAttribute.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/IPAddressAttribute.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** IPAddressAttribute.java 16 Dec 2005 22:42:37 -0000 1.1 --- IPAddressAttribute.java 13 Jan 2006 22:32:50 -0000 1.2 *************** *** 49,57 **** * Represents the IPAddress datatype introduced in XACML 2.0. All objects of * this class are immutable and all methods of the class are thread-safe. * * @since 2.0 * @author Seth Proctor */ ! public class IPAddressAttribute extends AttributeValue { --- 49,65 ---- * Represents the IPAddress datatype introduced in XACML 2.0. All objects of * this class are immutable and all methods of the class are thread-safe. + * <p> + * To create an instance of an ipAddress from an encoded String or a DOM + * Node you should use the <code>getInstance</code> methods provided by + * this class. To construct an ipAddress instance directly, you must use + * the constructors provided by <code>IPv4AddressAttribute</code> and + * <code>IPv6AddressAttribute</code>. These will both create an attribute + * of XACML type ipAddress, but will handle the differences in these + * two representations correctly. * * @since 2.0 * @author Seth Proctor */ ! public abstract class IPAddressAttribute extends AttributeValue { *************** *** 104,139 **** /** - * Creates the new <code>IPAddressAttribute</code> with just the required - * address component. - * - * @param address a non-null <code>InetAddress</code> - */ - public IPAddressAttribute(InetAddress address) { - this(address, null, new PortRange()); - } - - /** - * Creates the new <code>IPAddressAttribute</code> with the optional - * address mask. - * - * @param address a non-null <code>InetAddress</code> - * @param mask an <code>InetAddress</code> or null if there is no mask - */ - public IPAddressAttribute(InetAddress address, InetAddress mask) { - this(address, mask, new PortRange()); - } - - /** - * Creates the new <code>IPAddressAttribute</code> with the optional - * port range. - * - * @param address a non-null <code>InetAddress</code> - * @param portRange a <code>PortRange</code> - */ - public IPAddressAttribute(InetAddress address, PortRange range) { - this(address, null, range); - } - - /** * Creates the new <code>IPAddressAttribute</code> with all the optional * components. --- 112,115 ---- *************** *** 141,148 **** * @param address a non-null <code>InetAddress</code> * @param mask an <code>InetAddress</code> or null if there is no mask ! * @param portRange a <code>PortRange</code> */ ! public IPAddressAttribute(InetAddress address, InetAddress mask, ! PortRange range) { super(identifierURI); --- 117,124 ---- * @param address a non-null <code>InetAddress</code> * @param mask an <code>InetAddress</code> or null if there is no mask ! * @param portRange a non-null <code>PortRange</code> */ ! protected IPAddressAttribute(InetAddress address, InetAddress mask, ! PortRange range) { super(identifierURI); *************** *** 189,195 **** // an IPv6 address starts with a '[' if (value.indexOf('[') == 0) ! return getIPv6Address(value); else ! return getIPv4Address(value); } catch (UnknownHostException uhe) { throw new ParsingException("Failed to parse an IPAddress", uhe); --- 165,171 ---- // an IPv6 address starts with a '[' if (value.indexOf('[') == 0) ! return IPv6AddressAttribute.getV6Instance(value); else ! return IPv4AddressAttribute.getV4Instance(value); } catch (UnknownHostException uhe) { throw new ParsingException("Failed to parse an IPAddress", uhe); *************** *** 198,286 **** /** - * Handle parsing an IPv4 address - */ - private static IPAddressAttribute getIPv4Address(String value) - throws UnknownHostException - { - InetAddress address = null; - InetAddress mask = null; - PortRange range = null; - - // start out by seeing where the delimiters are - int maskPos = value.indexOf("/"); - int rangePos = value.indexOf(":"); - - // now check to see which components we have - if (maskPos == rangePos) { - // the sting is just an address - address = InetAddress.getByName(value); - } else if (maskPos != -1) { - // there is also a mask (and maybe a range) - address = InetAddress.getByName(value.substring(0, maskPos)); - if (rangePos != -1) { - // there's a range too, so get it and the mask - mask = - InetAddress.getByName(value.substring(maskPos + 1, - rangePos)); - range = - PortRange.getInstance(value.substring(rangePos + 1, - value.length())); - } else { - // there's no range, so just get the mask - mask = InetAddress.getByName(value.substring(maskPos + 1, - value.length())); - } - } else { - // there is a range, but no mask - address = InetAddress.getByName(value.substring(0, rangePos)); - range = PortRange.getInstance(value.substring(rangePos + 1, - value.length())); - } - - // if the range is null, then create it as unbound - range = new PortRange(); - - return new IPAddressAttribute(address, mask, range); - } - - - /** - * Handle parsing an IPv6 address - */ - private static IPAddressAttribute getIPv6Address(String value) - throws UnknownHostException - { - InetAddress address = null; - InetAddress mask = null; - PortRange range = null; - int len = value.length(); - - // get the required address component - int endIndex = value.indexOf(']'); - address = InetAddress.getByName(value.substring(1, endIndex)); - - // see if there's anything left in the string - if (endIndex != (len - 1)) { - // if there's a mask, it's also an IPv6 address - if (value.charAt(endIndex + 1) == '/') { - int startIndex = endIndex + 3; - endIndex = value.indexOf(']', startIndex); - mask = InetAddress.getByName(value.substring(startIndex, - endIndex)); - } - - // finally, see if there's a port range, if we're not finished - if ((endIndex != (len - 1)) && (value.charAt(endIndex + 1) == ':')) - range = PortRange.getInstance(value.substring(endIndex + 2, - len)); - } - - // if the range is null, then create it as unbound - range = new PortRange(); - - return new IPAddressAttribute(address, mask, range); - } - - /** * Returns the address represented by this object. * --- 174,177 ---- *************** *** 367,384 **** } - /** - * - */ - public String encode() { - String str = "[" + address.getHostAddress() + "]"; - - if (mask != null) - str += "/[" + mask.getHostAddress() + "]"; - - if (! range.isUnbound()) - str += ":" + range.encode(); - - return str; - } - } --- 258,260 ---- Index: StandardAttributeFactory.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/StandardAttributeFactory.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** StandardAttributeFactory.java 13 Jul 2004 22:39:58 -0000 1.6 --- StandardAttributeFactory.java 13 Jan 2006 22:32:51 -0000 1.7 *************** *** 3,7 **** * @(#)StandardAttributeFactory * ! * Copyright 2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)StandardAttributeFactory * ! * Copyright 2004-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 37,40 **** --- 37,43 ---- package com.sun.xacml.attr; + import com.sun.xacml.PolicyMetaData; + import com.sun.xacml.UnknownIdentifierException; + import com.sun.xacml.attr.proxy.AnyURIAttributeProxy; import com.sun.xacml.attr.proxy.Base64BinaryAttributeProxy; *************** *** 43,49 **** --- 46,54 ---- import com.sun.xacml.attr.proxy.DateTimeAttributeProxy; import com.sun.xacml.attr.proxy.DayTimeDurationAttributeProxy; + import com.sun.xacml.attr.proxy.DNSNameAttributeProxy; import com.sun.xacml.attr.proxy.DoubleAttributeProxy; import com.sun.xacml.attr.proxy.HexBinaryAttributeProxy; import com.sun.xacml.attr.proxy.IntegerAttributeProxy; + import com.sun.xacml.attr.proxy.IPAddressAttributeProxy; import com.sun.xacml.attr.proxy.RFC822NameAttributeProxy; import com.sun.xacml.attr.proxy.StringAttributeProxy; *************** *** 54,59 **** import java.util.Collections; import java.util.HashMap; import java.util.Iterator; ! import java.util.Map; import java.util.logging.Logger; --- 59,65 ---- import java.util.Collections; import java.util.HashMap; + import java.util.HashSet; import java.util.Iterator; ! import java.util.Set; import java.util.logging.Logger; *************** *** 64,68 **** /** * This factory supports the standard set of datatypes specified in XACML ! * 1.0 and 1.1. It is the default factory used by the system, and imposes * a singleton pattern insuring that there is only ever one instance of * this class. --- 70,74 ---- /** * This factory supports the standard set of datatypes specified in XACML ! * 1.x and 2.0. It is the default factory used by the system, and imposes * a singleton pattern insuring that there is only ever one instance of * this class. *************** *** 88,92 **** // the datatypes supported by this factory ! private static Map supportedDatatypes = null; // the logger we'll use for all messages --- 94,102 ---- // the datatypes supported by this factory ! private static HashMap supportedDatatypes = null; ! ! // the supported identifiers for each version of XACML ! private static Set supportedV1Identifiers; ! private static Set supportedV2Identifiers; // the logger we'll use for all messages *************** *** 111,114 **** --- 121,125 ---- supportedDatatypes = new HashMap(); + // the 1.x datatypes supportedDatatypes.put(BooleanAttribute.identifier, new BooleanAttributeProxy()); *************** *** 139,142 **** --- 150,165 ---- supportedDatatypes.put(RFC822NameAttribute.identifier, new RFC822NameAttributeProxy()); + + supportedV1Identifiers = + Collections.unmodifiableSet(supportedDatatypes.keySet()); + + // the 2.0 datatypes + supportedDatatypes.put(DNSNameAttribute.identifier, + new DNSNameAttributeProxy()); + supportedDatatypes.put(IPAddressAttribute.identifier, + new IPAddressAttributeProxy()); + + supportedV2Identifiers = + Collections.unmodifiableSet(supportedDatatypes.keySet()); } *************** *** 164,174 **** /** ! * Returns the set of datatypes that this standard factory supports. * ! * @return a <code>Map</code> of <code>String</code> to ! * <code>AttributeProxy</code>s */ ! public Map getStandardDatatypes() { ! return Collections.unmodifiableMap(supportedDatatypes); } --- 187,233 ---- /** ! * A convenience method that returns a new instance of an ! * <codeAttributeFactory</code> that supports all of the standard ! * datatypes. The new factory allows adding support for new datatypes. ! * This method should only be used when you need a new, mutable instance ! * (eg, when you want to create a new factory that extends the set of ! * supported datatypes). In general, you should use ! * <code>getFactory</code> which is more efficient and enforces a ! * singleton pattern. * ! * @return a new factory supporting the standard datatypes */ ! public static AttributeFactory getNewFactory() { ! // first we make sure that everything has been initialized... ! getFactory(); ! ! // ...then we create the new instance ! return new BaseAttributeFactory(supportedDatatypes); ! } ! ! /** ! * Returns the identifiers supported for the given version of XACML. ! * Because this factory supports identifiers from all versions of the ! * XACML specifications, this method is useful for getting a list of ! * which specific identifiers are supported by a given version of XACML. ! * ! * @param xacmlVersion a standard XACML identifier string, as provided ! * in <code>PolicyMetaData</code> ! * ! * @return a <code>Set</code> of identifiers ! * ! * @throws UnknownIdentifierException if the version string is unknown ! */ ! public static Set getStandardDatatypes(String xacmlVersion) ! throws UnknownIdentifierException ! { ! if (xacmlVersion.equals(PolicyMetaData.XACML_1_0_IDENTIFIER)) { ! return supportedV1Identifiers; ! } else if (xacmlVersion.equals(PolicyMetaData.XACML_2_0_IDENTIFIER)) { ! return supportedV2Identifiers; ! } ! ! throw new UnknownIdentifierException("Unknown XACML version: " + ! xacmlVersion); } Index: DateTimeAttribute.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/DateTimeAttribute.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** DateTimeAttribute.java 17 Mar 2004 18:03:38 -0000 1.3 --- DateTimeAttribute.java 13 Jan 2006 22:32:50 -0000 1.4 *************** *** 3,7 **** * @(#)DateTimeAttribute.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)DateTimeAttribute.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 195,203 **** */ public DateTimeAttribute() { super(identifierURI); ! Date currDate = new Date(); ! int currOffset = getDefaultTZOffset(currDate); ! init(currDate, 0, currOffset, currOffset); } --- 195,216 ---- */ public DateTimeAttribute() { + this(new Date()); + } + + /** + * Creates a new <code>DateTimeAttribute</code> that represents + * the supplied date but uses default timezone and offset values. + * + * @param dateTime a <code>Date</code> object representing the + * specified date and time down to second + * resolution. If this object has non-zero + * milliseconds, they are combined + * with the nanoseconds parameter. + */ + public DateTimeAttribute(Date dateTime) { super(identifierURI); ! int currOffset = getDefaultTZOffset(dateTime); ! init(dateTime, 0, currOffset, currOffset); } *************** *** 206,214 **** * the date supplied. * ! * @param date a <code>Date</code> object representing the ! * specified date and time down to second ! * resolution. If this object has non-zero ! * milliseconds, they are combined ! * with the nanoseconds parameter. * @param nanoseconds the number of nanoseconds beyond the * Date specified in the date parameter --- 219,227 ---- * the date supplied. * ! * @param dateTime a <code>Date</code> object representing the ! * specified date and time down to second ! * resolution. If this object has non-zero ! * milliseconds, they are combined ! * with the nanoseconds parameter. * @param nanoseconds the number of nanoseconds beyond the * Date specified in the date parameter *************** *** 221,229 **** * The offset to GMT, in minutes. */ ! public DateTimeAttribute(Date date, int nanoseconds, int timeZone, int defaultedTimeZone) { super(identifierURI); ! init(date, nanoseconds, timeZone, defaultedTimeZone); } --- 234,242 ---- * The offset to GMT, in minutes. */ ! public DateTimeAttribute(Date dateTime, int nanoseconds, int timeZone, int defaultedTimeZone) { super(identifierURI); ! init(dateTime, nanoseconds, timeZone, defaultedTimeZone); } Index: TimeAttribute.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/attr/TimeAttribute.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** TimeAttribute.java 17 Mar 2004 18:03:38 -0000 1.5 --- TimeAttribute.java 13 Jan 2006 22:32:51 -0000 1.6 *************** *** 3,7 **** * @(#)TimeAttribute.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)TimeAttribute.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 156,164 **** */ public TimeAttribute() { super(identifierURI); ! Date currDate = new Date(); ! int currOffset = DateTimeAttribute.getDefaultTZOffset(currDate); ! init(currDate, 0, currOffset, currOffset); } --- 156,178 ---- */ public TimeAttribute() { + this(new Date()); + } + + /** + * Creates a new <code>TimeAttribute</code> that represents + * the given time but uses the default timezone and offset values. + * + * @param time a <code>Date</code> object representing the + * specified time down to second resolution. This + * date should have a date of 01/01/1970. If it does + * not, such a date will be forced. If this object + * has non-zero milliseconds, they are combined + * with the nanoseconds parameter. + */ + public TimeAttribute(Date time) { super(identifierURI); ! int currOffset = DateTimeAttribute.getDefaultTZOffset(time); ! init(time, 0, currOffset, currOffset); } *************** *** 167,171 **** * the time supplied. * ! * @param date a <code>Date</code> object representing the * specified time down to second resolution. This * date should have a date of 01/01/1970. If it does --- 181,185 ---- * the time supplied. * ! * @param time a <code>Date</code> object representing the * specified time down to second resolution. This * date should have a date of 01/01/1970. If it does *************** *** 182,186 **** * The offset to GMT, in minutes. */ ! public TimeAttribute(Date date, int nanoseconds, int timeZone, int defaultedTimeZone) { super(identifierURI); --- 196,200 ---- * The offset to GMT, in minutes. */ ! public TimeAttribute(Date time, int nanoseconds, int timeZone, int defaultedTimeZone) { super(identifierURI); *************** *** 190,196 **** if ((timeZone == TZ_UNSPECIFIED) && (defaultedTimeZone == TZ_UNSPECIFIED)) ! throw new ProcessingException("default timezone must be specified"); ! init(date, nanoseconds, timeZone, defaultedTimeZone); } --- 204,211 ---- if ((timeZone == TZ_UNSPECIFIED) && (defaultedTimeZone == TZ_UNSPECIFIED)) ! throw new ProcessingException("default timezone must be specified" ! + "when a timezone is provided"); ! init(time, nanoseconds, timeZone, defaultedTimeZone); } |
From: Seth P. <se...@us...> - 2006-01-13 22:33:02
|
Update of /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/impl In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30273/com/sun/xacml/finder/impl Modified Files: CurrentEnvModule.java Log Message: Added support for the XACML 2.0 functions, cleaned up current env handling and date/time construction, and made most of the factory-related changes to support the promised 2.0 features Index: CurrentEnvModule.java =================================================================== RCS file: /cvsroot/sunxacml/sunxacml/com/sun/xacml/finder/impl/CurrentEnvModule.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** CurrentEnvModule.java 17 Mar 2004 18:03:39 -0000 1.3 --- CurrentEnvModule.java 13 Jan 2006 22:32:52 -0000 1.4 *************** *** 3,7 **** * @(#)CurrentEnvModule.java * ! * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without --- 3,7 ---- * @(#)CurrentEnvModule.java * ! * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without *************** *** 64,74 **** * specification states that these three values must always be available to * a PDP. They may be included in the request, but if they're not, a PDP ! * must be able to recognize the attribute and generate the correct value. ! * The module provides support for this feature by generating real-time ! * values as known at the host where this module is running. * <p> ! * This class uses the caching functions of <code>EvaluationCtx</code> to ! * make sure that values are constant within an evaluation, if that is the ! * desired behavior. * * @since 1.0 --- 64,74 ---- * specification states that these three values must always be available to * a PDP. They may be included in the request, but if they're not, a PDP ! * must be able to recognize the attribute and generate a correct value. * <p> ! * The XACML specification doesn't require that values be cached (ie, ! * remain consistent within an evaluation), but does allow it. Any caching, ! * as well as details of which time to use (time at the PEP, PDP, etc.) is ! * taken care of by the <code>EvaluationCtx</code> which is used to supply ! * the current values. * * @since 1.0 *************** *** 176,189 **** createEmptyBag(type)); ! // see if there's a value already cached that we should use ! TimeAttribute attr = context.getCurrentTime(); ! ! if (attr == null) { ! // create the current time data ! attr = new TimeAttribute(); ! context.setCurrentTime(attr); ! } ! ! return makeBag(attr); } --- 176,181 ---- createEmptyBag(type)); ! // get the value from the context ! return makeBag(context.getCurrentTime()); } *************** *** 198,211 **** createEmptyBag(type)); ! // see if there's a value already cached that we should use ! DateAttribute attr = context.getCurrentDate(); ! ! if (attr == null) { ! // create the current date data ! attr = new DateAttribute(); ! context.setCurrentDate(attr); ! } ! ! return makeBag(attr); } --- 190,195 ---- createEmptyBag(type)); ! // get the value from the context ! return makeBag(context.getCurrentDate()); } *************** *** 219,233 **** return new EvaluationResult(BagAttribute. createEmptyBag(type)); - - // see if there's a value already cached that we should use - DateTimeAttribute attr = context.getCurrentDateTime(); - - if (attr == null) { - // create the current dateTime data - attr = new DateTimeAttribute(); - context.setCurrentDateTime(attr); - } ! return makeBag(attr); } --- 203,209 ---- return new EvaluationResult(BagAttribute. createEmptyBag(type)); ! // get the value from the context ! return makeBag(context.getCurrentDateTime()); } |